Category: Uncategorized

A recent report by the U.S. Marine Corps indicates an unintended data disclosure, the result of a single accidental keystroke. Never backing down from a fight, learn from Jarheads how to best defend yourself from a data breach and strengthen your position!

Have you ever thought twice about clicking “send” after drafting an email? We’re sure you have; everyone has. The most common reasons involve editing the text for clarity, context, or tone. Sometimes you verify the email addresses for the “to” field. These are all great measures that everyone can — and should — take before sending an email, especially one with sensitive data enclosed.

Yet, accidents happen. A recent accidental keystroke shared an email to an incorrect distribution list, which included the unencrypted personal data of more than 20,000 U.S. Marines, their families, and civilians. Social security numbers, bank details, credit card information, home and mailing addresses, and emergency contact information were all disclosed. Does this fall under the label of “data breach” if the disclosure was part of an “oops” and not a cyber attack?

Marine Forces Reserve spokesperson Andrew Aranda has said the Marines’ IT staff is reviewing cybersecurity and information assurance processes to update their overall guidelines and to better train team members at every level. More importantly, this was an accident without malicious intent, and a cybersecurity vulnerability was not the cause. Additionally, the United States Armed Forces branches fully understand the great responsibility to protect highly-confidential personally identifiable information (PII) stored in their records and a lengthy history of excellence in this arena.

More than 20,000 individuals will now need to diligently check their credit report on a regular basis to ensure this disclosure doesn’t leave them open to identity theft. Add to this number the family members potentially impacted, and the full amount affected could double or triple. This is a story too well-known by millions of Americans in recent years. Customers of Anthem, Target, eBay, and The Home Depot are just a few examples of organizations whose customers have been impacted by data breaches. Cybercriminals and cyberterrorists — hackers — are just waiting for a weakness to exploit. This introduces two key questions:

• How effective are an organization’s cybersecurity protocols and training?
• What can consumers do to protect themselves if they’ve been impacted by a data breach?

How aware are the individuals behind this incident of security protocols and risks? The basic information assurance training from as recent as a year ago isn’t current for today’s needs as a means of self-awareness and protection.

• What is information assurance? When information is processed, stored, or transmitted (data) involving systems, there are risks. Information assurance is the effort a group takes to protect this data and these systems to ensure the security of the data and minimize risks involved.

The focus of information assurance is on the security of data. While “protection of data” may not be the first concept that comes to mind when you think of the United States armed forces, the protection of its people is an inherent byproduct of its very nature. The military does not operate in the same ways as Corporate America, with many factors contributing to the differences. One thing is certain: the military takes its duty to serve and protect American citizens very seriously and is dedicated to assisting those impacted.

How can consumers protect themselves?

Credit Reports

As we already mentioned, check credit reports regularly. Once a cybercriminal has a name, address, and a few pieces of personal information, this data can be used to misrepresent an identity online.

• Consumers are entitled to one free credit report each year, at https://www.annualcreditreport.com/
• Anyone can add a fraud alert to their credit report with each credit reporting agency for added protection. This will prompt a two-step verification process for any attempt to open a new account in someone’s name, and is a very helpful feature to protect someone’s identity from being used by other parties.

Passwords

Aside from checking credit reports, we strongly suggest changing all passwords. Most importantly, start with changing passwords for online banking, credit cards, email, and social media accounts. After these, move on to seemingly innocuous accounts like the United States Post Office and those for magazines or local newspapers, with active subscriptions.

• It’s worth it to keep a list of all locations with usernames and passwords. Imagine how helpful this list might be in this situation, cutting response time drastically and potentially reducing the overall impact. Just don’t store the list somewhere online, like email. If that is the first thing a hacker can access, they have access to everything after discovering this data goldmine!
• Make sure new passwords created are complex, using a combination of capital and lowercase letters, numbers, and symbols like ?!@#$%.
• Change passwords on desktop systems to prevent a sophisticated hacker from accessing further personal data, or giving them the smallest access point to plant a virus or ransomware, or even mine cryptocurrency.
  • Running the most recent updates and install these packages immediately will help close any security gaps discovered by operating system manufacturers and application developers.

Credit Cards

In this case, credit card numbers were included in the disclosed data. It’s a huge pain, but it’s worth it in the long run for protection to report the accounts as compromised and have new card numbers issued.

Every day brings a story of new ways hackers use to access PII of consumers and how this information is used to their advantage – and to the detriment of the consumers affected. Consumers need to regularly assess their risk and do their best to eliminate the unknown, where possible by taking these measures to protect themselves. Maintaining a realistic perspective on this risk will be instrumental as “an ounce of prevention” here.

In modern days of digital communication, we can never be too careful as hackers are becoming far more sophisticated and staying one step ahead of consumers. Imagine if cybercriminals used their power for good!

Don’t let one mistake cause years of hassles and headaches – talk to an expert if you think you’ve been compromised in this or any other data breach, and protect yourself.

Like many others, I was curious about the cryptocurrency craze. I wanted to know more about Bitcoin and how to invest in it, but I didn’t know where to turn.

Last year, one of my family members made over USD 200K off a Bitcoin investment. Plus, a friend of his made over USD 900K in the same time frame trading Bitcoin and new cryptocurrencies. When I asked them what their secret was, they said, “dumb luck”. Bitcoin took its largest jump just a few weeks after they bought it, and they were both smart enough to grab their money and get out.

Unfortunately, investing in any cryptocurrency is just like gambling. Be wary of investing money you can’t afford to lose. And this is especially true if you buy it with credit cards. Many banks in Canada and the US won’t honour cryptocurrency credit card purchases. Canadians who want to use their TD Bank credit cards to purchase cryptocurrency are out of luck. Toronto Dominion Bank just announced that they would no longer allow this. In the US, Capitol One blocked their customers from using their credit cards to buy Bitcoin. Citigroup and Bank of America still allow purchases, but they are revisiting their policies, so this might not last.

If you want to buy cryptocurrencies like Bitcoin, Ethereum, Litecoin, and others, do your homework. If the bank that issued your credit card won’t verify your purchase, the transaction won’t go through.

Why Are Banks Prohibiting Cryptocurrency Credit Card Purchases?

According to the Wall Street Journal, 18% of Bitcoin purchases are made with credit cards. Of these, 22% don’t pay off their statements. They often wait until the price of the cryptocurrency rises and say they’ll use this profit to pay off their debt. Banks worry that people will purchase more than they can pay back and that if the value of the cryptocurrency drops, they won’t have enough money to cover their credit card debt.

Credit Cards and Exchanges That You Can Try

If you decide to make a purchase, Coinbase, a widely used currency exchange accepts Visa and MasterCard for a 3.99% fee. Bitstamp and CEX IO do as well. If you want to use an American Express card, try going to Coinmama (however they charge a 5% transaction fee). You should also know that American Express limits cryptocurrency purchases to $200 a day, and $1,000 a month.

Investing Is Like a Ride on a Rollercoaster

Bitcoin’s value has increased over 300 percent since the start of 2017. In the middle of December 2017, it was valued at over USD 19K per coin. However, just a few days after it peaked, it dropped below USD 14K. Today (3 months later) it’s down to USD 10,670. If you bought at the top, you’re hurting today. Welcome to the world of crypto volatility.

Purchasing any cryptocurrency comes with risks. Many have made a lot of money, and many have lost a lot of money. When considering a purchase, only invest money you can afford to lose.

I must admit that after my relative made so much money on Bitcoin that I decided to invest a small amount myself. My husband advised against it (he trains executive bankers in negotiation strategies and is on the faculty of two renown US banking schools). But, I didn’t listen, and as it turns out, I wasn’t as lucky as my family member. To this day, I’m still waiting to recoup my losses. Who knows how long I’ll need to wait, or if I’ll ever get this money back. Don’t get burned like I did.

The “Wild West” of Cryptocurrency Investing

Bill Gates gives us his “two cents” on cryptocurrency investing:

The main feature of cryptocurrencies is their anonymity. I don’t think this is a good thing. The Government’s ability to find money laundering and tax evasion and terrorist funding is a good thing. Right now, cryptocurrencies are used for buying fentanyl and other drugs, so it is a rare technology that has caused deaths in a fairly direct way. I think the speculative wave around ICOs and cryptocurrencies is super risky for those who go long.

He believes that these markets will eventually be shut down. However, he did reveal that his daughter invested in Bitcoin.

Now, entire governments like China and South Korea are prohibiting cryptocurrency trading. South Korea bans foreigners and minors from trading. According to Kang Young-soo of the Financial Services Commission cryptocurrency response team:

The government is concerned about manipulation of market conditions and injection of illegal funds while market funds are leaked into speculative investments. We view that foreigners’ and minors’ investments contribute to our areas of concern.

Much of South Korean’s concern stems from the fact that Chinese investors have flooded their cryptocurrency market since China banned cryptocurrency trading. The digital coins from China enter Korean exchanges where they are illegally changed into foreign currencies and sent back to China.

This hasn’t stopped Chinese investors from trading in cryptocurrencies. Hundreds of millions of dollars were raised in the banned Initial Coin Offering (ICO) market. It seems Chinese investors are buying cryptocurrencies in offshore accounts and investing them in start-ups. They do this to bypass the rigorously regulated capital-raising process required by venture capitalists or banks. Over USD 3.2 billion was raised via ICOs in 2017.

The good news is that the ICO industry is working to develop standards for a compliant framework for their projects like the SAFT (Simple Agreement for Future Tokens) to help navigate US laws.

Canadians Mining Bitcoin?

Even though the Canadian banks are trying to shut down bitcoin trading (at least via credit cards), Canada is quickly becoming a powerhouse for Bitcoin mining. Several regions across the country such as Quebec, Manitoba, and British Columbia have all seen an increase in attention from Bitcoin mining firms. This is the infrastructure of Bitcoin. Miners use computing power to identify a sequence of data called a “block.” But it’s relatively useless until they use a Bitcoin hash algorithm (a converter) to match a block, where they then receive a particular number of bitcoins. The Bitcoin hash that’s created is stored with the block at the end of the blockchain where it validates the block and the transaction.

Cryptocurrency Funds

According to an article in Forbes Magazine, ICOs may be cooling down, but cryptocurrencies are here to stay. Worries about China’s banning of trading has put a damper on the ICO market. But this isn’t keeping the blockchain and crypto community at bay. There are other ways to make money on cryptocurrencies – funds for example. Coinbase recently launched an index fund for digital currencies. Ameritrade and other trading sites offer cryptocurrency funds like GBTC (Bitcoin Investment Trust).

Be Smart. Be Wary.

The cryptocurrency and ICO markets have grown rapidly and are constantly changing. They comprise local, national and international products and participants. Before you invest, the U.S. Securities and Exchange Commission suggests you ask these questions:

• Is the product legal? Is it subject to regulation, including rules designed to protect investors? Does the product comply with those rules?
• Is the offering legal? Are those offering the product licensed to do so?
• Are the trading markets fair? Can prices on those markets be manipulated? Can I sell when I want to?
• Are there substantial risks of theft or loss, including from hacking?

In Conclusion

Don’t be like me and get burned by the Crypto Craze. Do your research first and take a deep breath before “jumping into the trading pool”. As you can see, it “ebbs and flows” from many underlying currents.

The recent surge in cyber theft and hacking has everyone worried. With each new cyber breach, consumers realize just how vulnerable we all are. After the Equifax hack of September 2017, state legislatures began proposing new laws that would tighten data security.

For those working with an MSP, the burden often falls on them to increase security so that breaches simply don’t take place. Though this concept is good in theory, MSP’s sometimes struggle to find the right balance between convenience and stronger security for cyberspace.

New Proposed Legislation

The American Bankers Association believes that during 2018, at least half of all states will develop tougher data breach laws for the financial services industry. One of these bills receiving more attention originates in New York, the home of many prominent financial institutions. Experts believe the new bills being developed for New York could become a model for other financial providers. These bills could even affect federal laws.

The new legislation will be designed to stop the onslaught of huge, expensive data breaches, such as JP Morgan Chase, Sony Pictures, and Equifax. Many believe this type of legislation is way overdue.

The bill being developed by legislatures in New York is called the “Stop Hacks and Improve Data Security Act” (SHIELD Act). It will require that any organization that handles financial or sensitive information produce clear examples of their safeguards. It would also require all banks, credit reporting agencies, brokerages and insurance providers to develop better security measures. In addition, the new laws will apply to anyone who deals with the personal financial information of consumers.

The bill will contain phrases like “clear examples of safeguards” that force organizations to provide proof of their security measures. Many experts believe these “safeguards” might include all administrative, technical and physical security measures taken by any company that deals with the private information of New Yorkers.

Though MSPs are already gearing up to offer higher levels of data security to their customers, the problem of data security falls back on each financial services company. Consumers are outraged when corporations the size of JP Morgan Chase and Equifax don’t take data security seriously enough. This outrage can spawn expensive lawsuits.

Keys to Success

Though MSPs will begin offering more robust data security plans, it’s important to remember that the burden falls back on each business. In this day and age, you simply can’t rely on a third-party vendor; the stakes are too high. Your company could be sued by anyone who loses their personal and banking info to hackers. For this reason, most businesses have a small team of IT pros on premises that communicate regularly with their MSP.

Your own IT department should be fully engaged with your MSP. They should understand exactly what security measures have been put in place and how this system is protecting your data. They should be involved in program upgrades. They can also work inside your business to organize monthly security briefings for employees.

Consider Hiring Security Experts

Though most MSP’s offer a comprehensive group of security services to help protect your data from intrusion, many top banking, and financial institutions are going one step further. They are hiring security experts whose only job is to ensure that all data is safe and secure from hackers. Companies that specialize in providing data security plans follow a strict regimen of protocols. They conduct regular security risk assessments. Their team will come out to your company on a regular basis to train employees. And this is so important to your overall security plan working.

Risky employee behavior is responsible for over half the data breaches. Every day in companies all over the world, employees make mistakes that could spell disaster. They commonly share passwords, ignore prompts to install patches, click on suspicious links in emails, and use weak passwords. Employees need better training in order to know and remember to utilize all company data breach policies.

Are You Doing Enough to Stop Hackers?

Though many MSP’s are fully up to date on the policies and procedures for greater cybersecurity protection, it’s important to decide for yourself whether their security measures are strong enough. If your company handles the financial information or healthcare information of others, basic data security programs may not be enough.

Ransomware attacks are on the rise. Cyber thieves break into your system and hold your data hostage until you pay the ransom. Many company owners are not sure whether their data is safe from these attacks. The days when anti-virus programs and firewalls were adequate to protect data are over. Your company will require the highest level of protection in order to remain safe. Remember that cybercriminals never rest. They’re always on the lookout for new ways to steal names, addresses, and banking information.

The Revolution in Technology

Today’s cloud technology allows everyone to take their work with them wherever they go. In addition, consumers can access that information on a laptop, phone, or iPad. Though all these new advancements in technology are fun and convenient, they do present a unique challenge for security experts. Regular security risk assessments can determine whether your employees are leaving important data right out in the open for criminals to find.

HIPAA guidelines require that a normal SRA include a basic inventory of where and how sensitive data is being used. These assessments are available for financial institutions as well. They are a great way to get the big picture about how sensitive data is transmitted, stored and accessed, whether using email, text messages or mobile devices. Most security experts believe that a comprehensive Security Risk Assessment is a great place to start.

Better Documentation

Lastly, good solid documentation of all security policies is required. All employees should know and understand the security policies and procedures used by their employer. Each software upgrade should be documented.  Any events that might affect your organization’s data security should be documented as well. Any time an employee is terminated, your company should have a very specific procedure that it follows to avoid an angry employee from stealing data.

Changing the Way We Do Business

The new cybersecurity laws may change the way we all do business each day. Though some of these laws will be cumbersome and inconvenient, the alternative is much worse. It’s important to remember that the new cybersecurity legislation is meant to protect us from hackers and data loss. Consumers want to go back to feeling safe again when they do business online. And that’s the goal of these new laws.

Whether you decide to select security experts who have the skills and tools to address all types of data breaches or continue on with your MSP, the game has to change in order to stop hacking and cyber crimes. Each employee should feel personally responsible for doing their best to protect data. Your MSP and IT department must work together to build the strongest fortress possible for your sensitive information.

Are you certain that your healthcare workers understand the risks to your PHI and other confidential information? A clinic in Baltimore thought theirs did, but they were proven wrong when they discovered their patient records were up for sale on the Dark Web.  

In 2016, a Baltimore substance abuse treatment facility was hacked. Their patient records ended up on the Dark Web, according to DataBreaches.net. Information such as dates of admission, what patients were taking methadone, and what their dosing requirements were, along with the names of doctors and counselors were exposed to cybercriminals.

The prominent Washington University School of Medicine learned about a phishing incident on January 24, 2017, when an employee responded to a phishing attack on December 2, 2016. The Office of Civil Rights (OCR) said that 80,270 individuals might have been affected.

“This phishing scam allowed some of Washington University School of Medicine’s patient data to potentially be accessed, the school reported on its website. The accessed employee email accounts may have included names, birth dates, medical record numbers, diagnosis and treatment information, other clinical information, and Social Security numbers in some cases.”

Texas-based Urology Austin, PLLC revealed that they experienced a ransomware attack on January 22, 2017. Within minutes of the attack, they shut down their computer network. However, OCR reported that 279,663 individuals’ private data might have been affected.

They immediately took steps to restore the affected data and their operations. A Urology Austin representative told local news that they didn’t pay the ransom and that they were able to restore the patient information from a backup. 

The odds that a data breach can happen to your healthcare organization have greatly increased.

Why? Because healthcare workers generally lack cybersecurity awareness. The following are some alarming statistics:

• 24% of healthcare workers lack awareness about phishing emails as compared to 8% in non-healthcare sectors
• Only 18% of healthcare employees were able to recognize phishing emails. Physicians were 3 times worse at it.
• 88% of healthcare workers opened phishing emails.
• 50% of doctors were in the “risk” category, making them likely to commit a serious data breach.
• Healthcare employees exhibited less knowledge about cybersecurity than the larger population.
• 24% of physicians couldn’t identify the common signs of malware.
• 30% of healthcare workers took risks that put the safety of patient records at risk.
• 23% failed to recognize forms of malware.
• 18% chose the wrong actions when they were given scenarios to respond to. Many thought it was okay to share patient data via their personal email accounts or over insecure cloud platforms.

The high costs of a lack of cybersecurity awareness

The Identity Theft Resource Center revealed that there were 1,091 breaches in 2016 that affected 15 million records from hospitals, dental clinics, senior care facilities, and others. This is a 40 percent increase from the previous year. As a result, the Dark Web is flooded with “fullz” (full packages of personally identifiable information) as well as patient insurance information.

Healthcare hacking and IT incidents accounted for the majority of large-scale incidents in 2017.

According to the 2017 Cost of a Data Breach Study: Global Overview, healthcare data breach costs are the highest for the seventh straight year. Data breaches from healthcare organizations cost $380 per record. This is greater than 2.5 times the global average in other industries.

The Answer

It’s obvious from this data that healthcare entities are not properly educated and prepared to defend themselves against sophisticated hacking attempts today. From these statistics, you can see that these organizations are at risk of HIPAA noncompliance.

Your first layer of defense is your employees. They require professional security awareness training that includes both privacy awareness and demonstrations on how to recognize phishing attempts and what to do if they receive one.

It’s only through ongoing security awareness training that you can keep your healthcare employees apprised of the latest sophisticated threats, how to mitigate them and what to do protect your organization from severe, negative consequences.

Beyond ensuring that your PHI and other confidential data is secure and protected at all times, you must provide security awareness training that’s conducted by a professional who understands PHI and what healthcare employees need to know.

According to the US Department of Health and Human Services, employee cybersecurity awareness training should meet the following four objectives:

1. Develop and demonstrate foundational-level knowledge of cybersecurity.
2. Employ best practices to protect privacy and safeguard Controlled Unclassified Information (CUI).
3. Recognize cyber threats to information systems.
4. Identify and report potential cybersecurity and privacy incidents promptly.

Don’t Become Another Statistic.

5 More Tips to Keep in Mind:

Regular and Recurring Security Training Is Essential.

Hackers are constantly developing new, sophisticated methods to trick your employees into clicking on malicious links and downloading dangerous software. For this reason, it’s critical that your employees stay up to date on the very latest security threats and how to avoid them. Additionally, refresher training will keep them on their toes and save you a lot of worries.

KISS (Keep It Simple and Secure)

If the security measures you teach are complicated and difficult to follow, your employees won’t remember them. Instruction should be clear and concise with ways for employees to easily remember your policies and rules. This is another reason why it’s always best to defer to IT professionals to train your staff.

Your Employees Need to Know How to Respond to Security Incidents.

Along with teaching your staff how to avoid security incidents, they should be aware of how to appropriately respond to them. What should they do if they come across a malicious attachment or link? What should they do if they accidentally click on one? Make sure they know what to do and who to contact.

Teach Your Employees about Cybersecurity for Their Personal Use.

It’s also important to teach your healthcare staff about network security for their personal purposes, such as when purchasing items online or what to do if they receive phishing emails on their personal accounts. They should also know how to protect their personal information on your organization’s network.

Make Sure Security Support is Easily Accessible.

Ensure your staff knows where to go if they have security questions or concerns. Your IT Managed Services Provider (MSP) will have a 24/7 Help Desk for support and assistance with these concerns or anything regarding technology. Plus, if an employee does come across a ransomware attempt, your MSP can intervene remotely to remove any malware and ensure your PHI and confidential data remains secure.

Bring your healthcare practice into the future with cloud computing technology.

As the demand for better healthcare rises in the U.S., more healthcare organizations are utilizing cloud computing. There’s been an increase in demand for healthcare services due to aging populations and the growing prevalence of chronic diseases. Healthcare providers are experiencing cost pressures from the need to do more along with expectations for better outcomes that deliver increased value. This demand has driven healthcare providers to depend on cloud computing because it provides a cost-effective, on-demand resource for them to access the information they need to make important decisions.

Healthcare providers have quickly realized the potential benefits of cloud computing to automate management and provide for:

• Security and Disaster Protection,
• Real-time business intelligence,
• IoT augmented patient care,
• Big data analytics,
• Cognitive assistance,
• Economies of scale, and
• Flexible payment models.

Cloud computing plays an important role for both providers and patients.

It has replaced traditional healthcare operations with digital alternatives that help to lower costs and allow for data integration and analysis, resulting in higher efficiency and effectiveness. Cloud services provide computing solutions at a lower cost than buying or licensing them and facilitates the information sharing and collaboration physicians and patients rely on today.

With cloud computing, IT resources can be accessed on demand and paid for as an operating expense. Healthcare organizations are benefitting from:

• Software as a Service (SaaS) solutions,
• Infrastructure as a Service (IaaS) virtualized computing resources, and
• Platform as a Service (PaaS) that allows them to develop, run, and manage applications without the complexity of constructing and maintaining an infrastructure in-house.

With SaaS specifically designed for the healthcare industry, barriers to entry have disappeared. Cloud Solution Providers (CSPs) deliver higher levels of service for applications, along with disaster recovery for a lower cost when compared to using on-premises solutions. They also provide improved responsiveness with decreased administrative overhead.

Cloud solutions offer scalability and the ability to adjust as demand for healthcare services increase or decrease – and they provide web access to data without the need to store information on computer devices.

Cloud services allow clinicians to search vast amounts of data to produce the best treatment plans. Patients can also access these services to learn about their medical issues and collaborate with their doctors.

Regarding patient privacy and HIPAA regulations, cloud services use data centers that are typically more secure than in-house solutions. They protect against threats with both physical and technical methods and are maintained by expert IT staff. Additionally, they employ sophisticated security controls and data encryption. CSPs now offer HIPAA-enabled offerings in accordance with the HITECH Act.  

With traditional IT, the healthcare organization is responsible for security. With cloud services, the responsibility is shared between the cloud provider and the healthcare organization.

There’s no need to hire IT employees because cloud services come with all the needed IT skills required. The costs for these experts is spread across many customers.

Many CSPs offer services with an upfront financial commitment for a multi-year term, or on a subscription basis. This flexibility enables organizations to optimize financial treatment of cloud services to meet their unique needs.

Cloud-based healthcare IT systems allow for broad interoperability and integration of other systems and applications like EHR/EMR solutions. They offer the ability to share information easily and securely.

Cloud services provide secure remote access to applications and data, and they support access from mobile devices via the Internet. They offer access to a much larger ecosystem of information and a wide range of services.

Cloud security is a priority for CSPs. Security systems and tools are integrated with the cloud-based services they provide. They come with controls for access and authentication, firewalls, encryption services, monitoring and intrusion detection. Plus, CSPs offer government-certified services through initiatives like FedRAMP, FISMA, and FIPS.

Backup as a Service (BaaS): Healthcare organizations outsource their backup and recovery services to an online data backup cloud service provider. This allows for complete data backup sets that are always available and useable.

Disaster Recovery as a Service (DRaaS) is available via the cloud in the face of IT failure or data loss. With DRaaS, healthcare organizations don’t have to invest in or maintain their own disaster recovery environments. The DRaaS provider can implement the plan and ensure timely availability of IT systems with minimal loss of data.

Sophisticated analytic capabilities can be used with business intelligence solutions to improve both patient-specific assessment and management. Intelligent business process management suites (iBPMSs) and case management frameworks (CMFs) provide healthcare staff the capabilities they need to mitigate medical mistakes and minimize patient adverse events (PAEs).

Cloud services facilitate personal health maintenance, improve diagnoses, obtain better case outcomes, and optimize healthcare delivery. Hospitals and healthcare practices are increasingly relying on cloud-based practice management, medical records and medical image archiving solutions. They offer cost-effective benefits and the ability to offload tasks from hospital IT departments so that they can support other operational and clinical support systems.

Cloud services allow healthcare organizations to take advantage of storage services at a fraction of the cost of housing them internally. This results in reduced capital expenses and reduced staffing needs as well.

Cloud computing promotes patient compliance. Patients are now sharing vital information with their providers to help them when making decisions and dealing with differential diagnoses. The increase in cloud computing has led to the replacement of health IT systems with new capabilities that allow patients to play a greater role in their healthcare. Cloud computing is at the center of this change – it supports the collaboration and information sharing that consumers demand today.

Patients are using the cloud to take a more active role in maintaining their health via their computers, smartphones and wearable devices that track their activity, exercise, diets and vital signs. Cloud computing also helps patients find the best, most appropriate health services in their area.

Cloud computing provides the connectivity channels required for telemedicine and eliminates the need to install complex technologies.

It allows for a connected model where healthcare can seamlessly be delivered from multiple providers. Furthermore, it offers the opportunity for patients to communicate and collaborate with medical staff and be part of the management of their care.

Cloud computing leverages emerging technologies to enable care outside of the physical hospital or doctor’s office, through the use of wearable devices that connect to cloud-based smart healthcare systems. The Internet of Things (IoT) devices provide near-real-time data and convey vital signs from anywhere in the world. It allows providers to monitor a patient’s health while giving them the flexibility to live their life.

Mobile computer applications, the IoT and wearable devices that are supported by cloud applications are becoming more commonplace. This has helped to change the doctor-patient culture from a “fix-it” mentality to one that is prevention-based. Cloud systems also make it easy for patients and providers to benefit from registration to support of IoT communication protocols and the management of IoT device data.

Due to the benefits it provides, adoption of cloud computing solutions in healthcare is anticipated to accelerate in the coming years.  It’s important to identify which applications and services should be migrated to the cloud. Migration isn’t always easy and should be managed by an IT professional that is experienced in cloud migration services. Furthermore, to fully benefit from cloud computing, healthcare organizations should develop a strategy that complements its business goals. Cloud solutions for healthcare organizations will continue to provide new and improved patient care capabilities as more advances are accomplished.

With the 2016 version of Excel, Microsoft has really upped the game for people who aren’t great with numbers. You can now easily use one-click access that can be customized to provide the functionality you need.

This is the first of a three-part series about using Microsoft Excel 2016 to help you identify trends, construct helpful charts, and organize information to maximize the value of your data.

You can use Excel Worksheets and Workbooks in conjunction with programs like Microsoft Access and PowerPoint. Excel 2016 possesses many capabilities that aren’t readily apparent. That’s why we’re providing this three-part series for you.

What is Excel and how is it organized?

Excel is an electronic spreadsheet program that’s used to store, organize and manipulate data. You enter data into Workbooks that are made up of individual Worksheets. In the Worksheets, you enter data into cells that are organized into rows and columns. Excel data can consist of text, numbers, dates, times and formulas.

Why would you want to use Excel?

If you or your employees work with financial data, it’s a great tool to use for:

• Basic mathematical operations like adding, dividing, and multiplying.
• Finding values like profits or losses.
• Calculations like averages, percentages and number counts.

Performing calculations in Excel is only the tip of the iceberg. There’s much more you can do like creating charts and graphical layouts to make it easier to recognize trends and more easily analyze data.

Navigation

What’s great about Excel is that it has the same set up as other Microsoft products you’re familiar with. You have tabs across the top, where each tab has a corresponding ribbon with many functionalities to choose from.

The Quick Access Toolbar

The Quick Access Toolbar is a drop-down menu where you’ll find functions that you commonly use like Print and Save. You can also customize the Quick Access menu with other functions you use on a regular basis.

The Formula Bar

This is located underneath the ribbon next to the Name Box that shows you where your cursor is located on your Worksheet. The Formula Bar is important because it’s what calculates the math for you. Excel does the calculation and displays the answer in the cell you choose. The Formula Bar also shows you the contents of the particular cell you’re in.

Adding Data

There are three ways you can add data to your Excel Worksheet. You can:

1. Type in the data,
2. Copy and Paste data, or
3. Import data from other sources.

This is great if you have a large amount of data. For example, if you have customer lists in a database, you can even pull this into Excel.

You can enter data into only one cell, into several cells at the same time, or even on more than one Worksheet at once. And, as mentioned, the data can be numbers text, formulas, dates, or times.

On your Worksheet, simply click a cell and type in the information that you want to enter. Then hit ENTER or TAB. If you typed in a date, Excel will recognize this and format it the way you’ve specified in your default settings.

Formulas

Excel computes the correct answer when you enter a formula into a cell. Once you’ve done this, it recalculates whenever you change any of the values. The way Excel knows that you’re entering a formula is by starting with an equal sign. Then you follow the equal sign with a SUM or AVERAGE.

For example, C2: =A2+B2 means that the number in C2 is what occurs when you add the numbers in A2 and B2.

You can type this in manually, but now Excel has great functionalities to help you do this. The simple way is to put your cursor in cell C2, hit = and type in A2+B2. The numbers in A2 and B2 will be added, and the SUM will be entered in cell C2.

Note: You always want to calculate using the actual cells rather than typing in numbers like 1 + 2, etc. The reason for this is so you can go back at any time and change the values in cells and the formula will calculate with the new numbers.

Let’s say you want to add a bunch of numbers together in your Worksheet. You can type = sum (a1:a5) in the cell where you want the answer to appear. Or you can do this and drag your mouse across the cells you want to add. Type =sum ( and drag your mouse across the cells and hit ENTER. The sum will appear in the cell without you having to typing in all the numbers! When you put your cursor on the cell, you will see the actual formula you just created.

There are many ways to do the same thing in Excel. It’s like this across all Microsoft products. You can go to the Ribbon at the top to “Auto Sum” to do the same calculation. Select a cell next to the numbers you want to add, click AutoSum on the Home tab and press Enter. Do what works best for you.

Once you create a formula, you can copy and paste it into another cell. You can also copy and paste formulas into different Worksheets as well. This can save you a lot of time.

Formatting Worksheets

With Excel 2016, you can format your Worksheets much more easily than you could before. You can use document themes throughout the Worksheets in your Workbook to present a professional and consistent appearance. You can also apply predesigned formats as well.

Let’s say you have a Worksheet with many rows that are hard to read. You can go in and create fill colors and more to differentiate the rows, columns, and headers to make reading much easier.

You have options to create borders around cells, rows or columns from the drop-down menu. You can also shade cells with a solid background. Don’t forget that you can change the style and types of fonts. Right-click the text, and a drop-down menu will appear where you can make these and other selections easily.

Creating Charts

If the data isn’t complex, you can easily read it, but if you have a lot of data, creating a chart will help you better analyze it. You can select specific cells, rows, and columns for your chart. One way to do this is to highlight the data and go to the top ribbon to select the type of chart you want to create.

With Excel 2016, you have a “recommended charts” option. Excel will help you choose the chart that best suits your data.

You can then go in and further customize your chart in the “Chart Tools”. You can change the color scheme, 3D effects, shading and more. If you change the data in the cells in your Worksheet, your chart will reflect the changes.

Some of the new charts in 2016 include:

• Waterfall
• Tree Map
• Box and Whiskers
• Sunburst

Creating Tables

You may be used to creating tables in Word or PowerPoint. Some people think the format in Excel is already in a table, but it’s not; at least until you tell it to do so. If you want to do this, select your data, go to “Insert” and select “Table.”

Similar to other Microsoft products, tabs will appear to help you format your table.

Viewing Worksheets

When dealing with lots of information, it can get unruly trying to work around various rows and columns. This is where Viewing Worksheets can be helpful. You can freeze a portion of your worksheet with “Freeze Panes” to more easily view it.

You also have the ability to “split” the data to view different parts of your Worksheet. You can compare two Worksheets in the same Workbook or even in different Workbooks by viewing them side by side.

Saving and Printing

If you have Worksheets that are so large they won’t fit on one page, go to “Save As” and decide on the name, where it gets saved, and go to “Print” where you can save the file to a pdf that you can send.

You can select options for printing the entire sheet, part of it, resizing it, and more to suit your needs. Going to “Page Setup” will allow you to shrink the entire Worksheet down to a size that’s more manageable for printing.

Sharing & Security

In Excel 2016 you can share Workbooks and Worksheets with others and password-protect them. The people you send them to need to know your password to open them, whether you send them via email, share them on your network, or via the cloud. From within Excel, you can designate who can access your Worksheets and Workbooks, and also whether they can edit them or not. There are a variety of parameters you can set within a Worksheet.

For example, if you want to hide employees’ salaries, you can hide this section when you share it. Or, you can let people see your data but lock it down, so they can’t change it. You can also protect your Worksheets and Workbooks to keep them secure from non-authorized users.

The Quick Analysis Tool

When highlighting data, click on the Quick Analysis button to create a chart, highlight specific cells, and much more. It doesn’t give you the functionality you’ll find in the Ribbon, but you can get things done quickly and easily with this tool.

3D Power Maps

This is another new tool in Excel 2016 that lets you look at information in ways you might not have seen in the two-dimensional format. This helps you strategically create your data on a 3D map. You need latitude and longitude data to do this. You can also import your own maps into 3D Power Maps.

PivotTables

PivotTables help you analyze your Worksheet data. You can summarize, analyze, explore and present your data in just a few clicks. They are very flexible and can be adjusted to your unique needs. Note: Your data should be organized without blank rows or columns for this to work properly.

The good news is that Excel 2016 will also help you pick the best format for your PivotTables!

PivotCharts

PivotCharts are another great way to add visualizations to your data. You will first need a PivotTable to create a chart. Now, your PivotTable will behave like a PivotChart. When you change the information in your PivotTable, the PivotChart will also reflect this change. The PivotTable is connected to the PivotChart.

That’s it for now! For more information on using Excel 2016 like a Pro, feel free to contact the Microsoft Experts at {company}! {phone} {email}

Are you an expert at using Microsoft products? Microsoft wants to hear from you — and wants to make your feedback part of an update — but first, they need to know what you think. How can they find out?

How often do you use a Microsoft product? Are you a daily Microsoft Word user? Is your primary email client Microsoft Outlook? What about SharePoint? The list goes on (Teams, Flow, you get the idea). And those are just the software products! Maybe you have a Surface Book, too? Or a Surface Book 2?!

One of the great things about Microsoft is they love user feedback. Software updates are often based entirely on suggestions from users on what features they’d like to see, what improvements can be made, and how to make daily use easier for users in general. The main goal is to increase efficiency with the Microsoft product while increasing productivity at the end user perspective. This is a win-win-(win). That last “win” was in parentheses because it’s silent – Microsoft sees increased dependence and therefore long-term customer loyalty, which translates into an ongoing revenue stream. That’s understandable.

What’s often less clear is how Microsoft tries to collect user feedback. No, they don’t really call users at home. Well, actually, they might – but in this case, the most effective way to communicate a suggested feature is through the Microsoft Excel Community, a forum of over 16,000 members in which to communicate about all things Microsoft Excel. If you’re in search of a feature, this is the place to peruse. Formula got you flummoxed? Need help with a pesky pivot table? Is a macro making you crazy? You’re most likely to find your answers here. The best part is that this community has super users, and we don’t mean users who wear capes. One such super user has over 400 posts, and these users can be found under “Experts” – a clear indicator they know what they’re talking about in Microsoft Excel!

There is also an active Blog, where Microsoft posts content about Excel. Content ranges from posts aimed at beginners, like how to use general features for newbies, to content focusing on new features released to satisfy the needs of super users (“experts”). These Blog posts are great for deeper insights and step-by-step instructional processes, but the forums are the better space for finding tips and suggestions for specific needs.

Microsoft loves to hear from users about what’s working and what can be improved and encourages engagement through a custom portal on their Community page. Roughly halfway down this page, on the right-hand side, users will see a vivid green box — the green will be instantly recognizable as “Excel” green — with “Submit your ideas”. Clicking on this will open a dialogue menu for users to submit as a digital version of a suggestion box.

Trust us when we say, Microsoft listens. This is their way around getting you on the phone for a personal interview. Recent updates have been made that actually result from feedback in this manner. Users can submit ideas, and other users can “vote up” suggestions. The recent features that have been added to Microsoft Excel have gotten anywhere between 200 to over 1,000 votes from users supporting the suggestion. This is one of the most effective ways to communicate directly with Microsoft – because they’re watching this forum closely.

Stalker Level: Microsoft

Based on user feedback, Microsoft recently updated Excel to include features expanding the use of foreign languages. Before the update, users would attempt to import a CSV file that included text strips that did not contain traditional Latin characters, like Arabic. Users would then get an error message that this information would be lost in the text encoding process upon opening the file. Users affected by situations like this need no longer worry as CSV UTF-8 file formatting is now permitted.

• This error dialogue used to pop up all the time in situations like this, no matter how many times a user followed the same process. Excel now allows you to select “Don’t Show Again” to disable this warning for the same user. But even if a user only accidentally clicks the “Don’t Show Again” option, this can be toggled on again. Microsoft is trying to allow users to cater their Excel experience to their custom preferences, and it’s starting to show.

Another feature that came into existence through user feedback via the Community is the improved pivot table experience. Users can now alter pivot table settings and then establish these as the default settings for pivot tables at the user level. No more re-formatting pivot tables with each file! Users can even create a pivot table in a new worksheet and import the settings from the existing table data, to save time. Microsoft realized how big of a time saver this would be, and jumped at the opportunity to satisfy a huge community user base with this update.

A cool feature Microsoft just released for Excel Online is an improved search experience. Remember when you would open the “Find” dialogue box, enter your search parameter, and then Excel would show you the next location? And then to find the next location, you had to repeat the process? Well – good news! The search window no longer disappears with each search query. BONUS: users can search within the pivot experience, as well! These filters work on Excel Online just like in the desktop version.

When Microsoft makes an update to any of their products, the goal is to improve efficiency and productivity, as already stated. That’s why they began including the Quick Access icons in the toolbar at the top of the application window several versions of Microsoft Office ago.

• Did you know the Quick Access toolbar is customizable? Users can change the icons that live in this section, at the very top of the document window. This is where your magical “undo” button is, by default. If you select the drop-down arrow just to the right of the last icon, there is a short list of actions you can include, and an option for “More” under these. Imagine the possibilities!

Microsoft also likes to share lesser-known features with users to make sure they are getting the most out of their Microsoft products. One of their recently-highlighted features was the Document Location Information, where users can toggle on the ability to see the full address for the location of a file, should the user need to access the file, perhaps for sharing.

• One cool workaround for file sharing is that you can click on the icon next to the file name at the very top of the window on the desktop version and use a drag-and-drop feature this way to attach a file to an email or to cloud storage platforms.

Visit the Community to check out all the top features that are packed into Microsoft Excel to see how to simplify your day-to-day tasks, automate reporting processes, and improve overall efficiency. And remember – if you think of something else, tell Microsoft. You never know, the next Microsoft Excel feature that gets announced may be your suggestion!

With cybersecurity efforts increasing and becoming more sophisticated in approach, cybercriminals are resorting to extreme tactics. What measures can you take to protect yourself and your identity?

Healthcare is a hot topic these days. Costs are skyrocketing, and fewer skilled workers are entering the medical profession. There are often more questions than answers to any health situation. Time can be critical and limited to successfully diagnose a patient and begin treatment, and the care process is expedited with increased risks from this hurrying.

To get a clear picture of the patient as a whole, medical professionals ask for a full patient history before treatment, including vaccinations, surgeries, allergies, and other pertinent details for the current situation. This is all incredibly helpful for both the patient and the provider. Doctors rely on transparency and communication to diagnose and treat.

All of this information is stored in a patient “chart”. The word “chart” is not as applicable today as it was 20 years ago, when folders or binders with prongs and dividers, etc., held paper copies of test results, physician notes, reports, and anything related to a patient’s health, as well as medical history forms and basic information forms filled out by the patient with personal information like full name, address, and contact details.

A recent trend, begun in the last decade, is the conversion of this data to electronic records. The brilliance of this transition is the ability for a provider to access a patient’s medical records and information from any location – especially in case of an emergency. Gone are the days when a doctor will need to request a patient’s chart from another provider to aid in making a diagnosis and care action plan, possibly delaying treatment for a week or more. The ability to access electronic health records gives care providers a wealth of patient records at their fingertips for more accurate diagnoses and treatment plans and expediting care.

As with anything digitally maintained and transmitted, security is a concern. The healthcare industry seems always to be playing catch-up since its very nature is reactive. Preventive medicine is the ultimate goal, but predicting illnesses like sinus infections or the flu is a near-insurmountable challenge. Patients can minimize the likelihood of symptoms and risks with daily multivitamins, a balanced diet, moderate exercise, and maintaining optimal conditions, like taking an antihistamine for allergies in the case of preventing a sinus infection. Preventing the flu comes down to environmental factors, like ample hand washing and clean surroundings – and, of course, getting your vaccination (the “flu shot”) each year.

Healthcare technology has focused on advancements in diagnosis and treatment rather than recordkeeping and billing, and as such the industry lags behind others, like banking, retail, and entertainment. Unfortunately, the combination of struggling technology and personally identifiable information (PII) speaks to a weakness in cybersecurity. It’s vulnerabilities like these that cybercriminals — hackers — seek to exploit for personal gain.

Why would hackers target medical offices or hospitals for health records? For the same reasons, hackers target any cybersecurity vulnerability: to exploit a weakness for personal gain. Stop and think for just a moment what your health records contain. Aside from your home address, forms likely include your employer, your social security number, the names and details of your family members, and very personal information that someone else could use to completely duplicate your life for illicit purposes.

Have you ever had your credit card used for a fraudulent transaction? Have you ever had your bank account compromised? Have you ever been notified that your personal information was affected by a security breach? These are all fundamental elements of identity theft, but in each situation, there is a credible party whose responsibility it was to protect you and your information with a security guarantee. Think back to what we said about healthcare technology. If security breaches can happen to financial institutions, where maximum cybersecurity protocols are deemed essential for day-to-day operations, it’s scary to think of healthcare data being electronically stored. You can change your bank, and a credit card company can re-issue you a card with a new number to protect your account, but you can’t exactly just change your medical records. It’s a scary thought.

One major issue causing the healthcare industry to lag when it comes to cybersecurity is that professionals in the medical field are focused on technology primarily as it relates to healthcare. Those in charge of records and billing tend to have representation in smaller numbers than doctors, nurses, and others that provide patient care – since the purpose of their profession is patient-centric. The industry has yet to fully carve out a niche for top IT talent, much less define their role. The added complication is that healthcare professionals by their very nature must share information with each other about patients to serve in the patients’ best interest. Comparing this to financial institutions isn’t an apples-to-apples comparison since banks keep information securely buttoned up, leaving healthcare IT professionals to explore completely new territory and make up the rules as they go along.

So, what is your life worth to hackers? Did you know your health information can be used to fraudulently obtain prescriptions that are then sold on the black market at a significant profit? The inherent value of this type of information is much higher than the value of a single credit card number with accompanying information. Some reports say that the value of a patient’s health record is exponentially higher than the value of an active and usable credit card number, and this number can’t be truly measured financially until we know more about how the information is used – and isn’t something we hope to be able to determine.

The cost impact of cybersecurity breaches grows each year, and new players are targets due to their lack of experience. The newness of electronic health records compared to the established processes of other tech players translates into confusion and communication challenges and a resistance to change – a “deadly” combination for the life of a patient. Medical professionals are open to change when it comes to the medical field, but much of the processes for patient data and payments haven’t changed in decades. Dated networks and systems are one hurdle; economic considerations and budget allocations are another. The financial impact of simultaneous updates for staffing and systems, and the confusion by the many changes potentially occurring together only add to the complications. Are you picturing a medical office with all the nurses and staff bumping into each other, running into walls, dropping instruments, and just chaos in general? That is a bit extreme – but you get the idea. Now imagine if a hacker suddenly blocks access to all of these medical records until a fee is paid to release the records – a cyber attack with ransomware. Not a huge deal if someone needs treatment for that sinus infection or a flu shot, but imagine if this impacts a dialysis treatment for failing kidneys, or chemotherapy treatment for cancer, or worse.

All of this reinforces the need for the healthcare industry to get up to speed – now. What can you do to bring your practice up to speed? Take the first step today!

We noticed that some people are having problems using Microsoft Office 365 with two-factor authentication (2FA) (also known as multi-factor authentication).

 

We have a few tips for you here.

First: It’s important to know that when your admin sets up 2FA for your Office 365 users, they must enable Modern Authentication (MA) for Exchange Online if users are accessing Exchange using Outlook 2016. (The versions of Microsoft Outlook before 2013 don’t support Modern Authentication.)  For details on how to enable MA for Exchange Online tenants, see Enable Modern Authentication in Exchange Online.

Second: You shouldn’t have any problem using 2FA with Microsoft’s mobile Office apps, Outlook Groups, Office 2016 desktop apps, and OneDrive for Business in Windows 10. However, other applications may be incompatible, so make sure you test all the apps in your organization before enabling 2FA.

How to Connect to Office 365 Security & Compliance Center PowerShell Using 2FA.

If you set up 2FA for tenant administrator accounts, they can’t sign in to Office 365 using PowerShell. Instead, you must set up a specialized account for administrators. To do this, you must install the Exchange Online Remote PowerShell Module and use the Connect-IPPSSession cmdlet to connect to Security & Compliance Center PowerShell.

Important note from Microsoft: You can’t use the Exchange Online Remote PowerShell Module to connect to Exchange Online PowerShell and Security & Compliance Center PowerShell in the same session (window). You need to use separate sessions of the Exchange Online Remote PowerShell Module.

This is what Microsoft recommends you do:

1. Open the Exchange admin center (EAC) for your Exchange Online. See Exchange admin center in Exchange Online.
2. In the EAC, go to Hybrid> Setup and click the appropriate Configure button to download the Exchange Online Remote PowerShell Module for multi-factor authentication.
3. In the Application Install window that opens, click Install.

Windows Remote Management (WinRM) on your computer should allow authentication by default. If basic authentication is disabled, you’ll get an error message. Now you should be able to sign into the Security & Compliance Center PowerShell by using 2FA.

After you sign in, the Security & Compliance Center cmdlets will be imported into your Exchange Online Remote PowerShell Module session and tracked by a progress bar. If you don’t receive any errors, you’ve done this successfully.

If not, and you receive errors, check the following requirements:

• Limit your open remote PowerShell connections to three. This prevents denial-of-service (DoS) attacks.
• Make sure the account you connect to the Security & Compliance Center is enabled for remote PowerShell. For more information, see Enable or disable access to Exchange Online PowerShell.
• The TCP port 80 traffic must be open between your local computer and Office 365. It may not be if your organization has a restrictive Internet access policy.

How to Enable 2FA in the Office 365 Admin Portal

Two-factor authentication (multi-factor authentication) can be enabled for individual users or in bulk. Before continuing, be sure to install Microsoft Authenticator on your user’s mobile devices, (not Authenticator, a similar app from Microsoft but without support for push notifications).  Here’s what Microsoft says to do to enable 2FA one user at a time:

• Log in to the Office 365 admin portal using an administrator account.
• In the menu on the left of the portal, expand Users and Active users.
• In the list of users, click the user for which you want to enable 2FA. Note that only licensed users can use 2FA.
• In the user’s pane, click Manage multi-factor authentication under More settings.
• On the multi-factor authentication screen, select the user account to enable, and then click Enable under quick steps on the right.
• In the About enabling multi-factor auth dialog box, click enable multi-factor auth.

The MULTI-FACTOR AUTH STATUS should change to Enabled. Close the browser window and sign out of the admin portal.  

How to Enroll an Account for 2FA

Once the feature is enabled, the user must now enroll for 2FA, and sign into Office 365 with their username and password, and then click Set it up now on the sign in screen and follow Microsoft’s instructions below:

• On the Additional security verification screen, select Mobile app
• Select Receive notifications for verification
• Click Set up
• Open the Microsoft Authenticator app on your phone and click Scan Barcode.
• Use the camera on your phone to scan the barcode in the Configure mobile app You’ll then need to wait a couple of seconds while the app activates the new account.
• Click Finished in the browser window.
• Back on the Additional security verification screen, click Contact me.

The user will receive a notification on their phone. They should open it, and they’ll be taken to the Microsoft Authenticator app.

• Click Verify to complete the sign-in process.
• Click Close in the Microsoft Authentication app.
• In the browser window, they must enter a number to receive verification codes in case they lose access to the Microsoft Authenticator app and click Next.

Web-based and mobile apps can use Microsoft Authenticator app verifications for 2FA logins, but Office desktop apps require an app password.

This final step provides the user with an app password for these apps.

• They should copy the app password by clicking the copy icon to the right of the password and paste it somewhere safe. Click Finished.
• They’ll be prompted to sign in again, this time by verifying the login using the Microsoft Authenticator app.

Important note from Microsoft:  If you want to use only Multi-Factor Authentication for Office 365, don’t create a Multi-Factor Authentication provider in the Azure Management Portal and link it to a directory. Doing so will take you from Multi-Factor Authentication for Office 365 to the paid version of Multi-Factor Authentication.

We hope this helps. It can be complicated to implement the proper settings for two-factor authentication in Microsoft Office 365.  If you have any problems doing this, feel free to contact our Microsoft Experts.

Make no mistake – if you show the slightest bit of weakness around a bully, they will pounce. The Internet is no different, with hackers just waiting for a cybersecurity vulnerability to seize their opportunity.

 The latest form of cyberterrorism to take root and have explosive growth is incredibly dangerous. Forget about Trojan horse viruses and identity theft — well, not really, those are still a threat — but the hot topic today is cryptocurrency mining. This phrase is used in reports and articles all over the Internet, but what it means can vary.

• Cryptocurrency is an alternative currency in a digital format that is uncontrolled by a financial authority where the authority determines the supply and value. The most widely-known type of cryptocurrency is bitcoin. The decentralized nature of cryptocurrencies is what makes them so appealing to cybercriminals, but also what makes the industry minimally regulated.

Have you ever had a virus on your computer or smartphone? We know that pain. They range from annoying to debilitating and are time-consuming to eradicate. What’s worse is when we connect our smartphones via charging cable to a computer, and we allow access to our smartphone, we run the risk of inadvertently allowing the virus to transfer. Can we ever win?

• In 2017, a version of malware for cryptocurrency mining targeting Android devices was discovered and proved its effectiveness of physically damage a mobile device.

Why are we talking about cryptocurrencies and viruses at the same time? Because you’d be amazed at what lengths cybercriminals — hackers — will go to accomplish their goal. Have you ever heard of ransomware? It’s a type of malicious software, “malware”, and sometimes more advanced malware is involved where the victim’s files are encrypted using code deployed by the hacker, called cryptoviral extortion. These all function the same as a basic virus, where an executable program is planted on a user’s computer with the intention of restricting user access in some way. With ransomware, to remove this restriction and regain access, the user is prompted to pay whatever fee the hacker demands — their “ransom” — otherwise the user’s data is blocked entirely and permanently. This type of extortion is being used more commonly in cryptocurrency mining.

• Cryptocurrency mining uses specialized software programs to automate the process of solving complex math problems in exchange for a small amount of cryptocurrency.

How is this possible? We mentioned that the beauty of cryptocurrency mining is in automation. A cybercriminal gains access to a computer — without the knowledge or permission of the computer’s owner — and installs the software that runs the mining file(s). Has this ever happened to you? But…would you even realize it?

How do cybercriminals access a computer to fulfill their devious plan? Through dark and devious means in a dimly-lit basement at a desk filled with candy wrappers and empty cans of energy drinks? This isn’t a Hollywood film – it’s much more likely the cybercriminal is at a coffee shop or somewhere benign. They could be next door, across town, or around the globe from the computer that they’re hacking. While proximity isn’t meaningless, it’s far less necessary than it once was. The Internet has made consumers that much more vulnerable, and that much more valuable to a hacker. The sad reality is that the devices most consumers use to access the Internet — either wireless routers or networks lacking sophisticated means of protection — are the most common culprit. Most consumers don’t realize how important it is to established layered levels of cybersecurity protection at their home, nor do they understand how to go about protecting themselves adequately. This is something best left to the experts – especially if you need to establish this protection in your office, and it’s your business!

Still wondering why a hacker targets a personal computer for cryptocurrency mining? The answer is money. We can look at this from a few different perspectives.

• Using someone else’s computer, a hacker doesn’t need to worry about overhead, like:
  • Reliable power and resulting power bill.
  • The purchase and maintenance of the expensive hardware needed to process the thousands of complex problems that generate the cryptocurrency, though fractional portions with each solution.
• Hacking into many computers offers the chance to increase the amount of cryptocurrency generated in the same time frame from multiple sources.
  • When one option is eliminated, another option replaces it quickly, so a hacker avoids “downtime”.
• The goal of any hacker varies, but when it comes to cryptocurrency mining, the goal is to make money. The next step in a natural progressing — one born of greed — is to hold the hacked device hostage for ransom.

The terms “cyberterrorism” and “cyberespionage” are just fancy ways of redefining a hacking situation that is getting uglier each year. The more sophisticated any cybersecurity network is, personal or professional, the more sophisticated hackers need to become in response. Adversely, the more vulnerable a network is, the more attractive the victim is to a hacker, and the more expensive the situation the victim is likely to find themselves in – repeatedly.

The value of cryptocurrencies keeps increasing, as well. Bitcoin is valued around $9,000, meaning that the cost to buy one Bitcoin is $9,000. A newer cryptocurrency, Monero, has increased exponentially in its first year. The value of Monero is lower than that of Bitcoin, closer to $250, but its newness also makes it more discreet. There is also value in mining early. Consider the price of an ounce of gold; the weight does not change, but the value of an ounce does, so buying one ounce for $500 and keeping that ounce until the value of an ounce reaches $1,000 gives a greater return on investment It’s ironic to be reading about legal investments in the same spot as cryptoviral extortion – but it helps law-abiding citizens understand the mindset of the cybercriminal. More importantly, the process to mine these isn’t the point: where there is money to be made by little effort, those with a serious lack of ethics seize the moment. Cybercriminals are evolving with cryptocurrency paradigm shifts, including fileless miners.

• Fileless cryptocurrency-mining malware is a newer mining method and involves deploying code into the victim’s system memory. This code is what activates the computer’s mining processes.

Yes, cybercriminals can now use wireless networks to access your computer and use your computer to mine cryptocurrencies without files. If a hacker can take over your computer entirely and require you to pay them real money to get your computer — and everything on that computer — back, how can you protect yourself?

Cybersecurity and protecting yourself isn’t just a case of setting a “really strong” password anymore. Some programs and platforms encourage — or even require — two-step verification processes for each login. The greatest advantage you can give yourself is teaming with the best cybersecurity partner and making all staff members aware of the risks. Let your trusted partner do what they do best — cybersecurity — and you can focus on what you do best: running your day-to-day operations.