Posts

Posted on

Microsoft’s “Your Phone” App For Android Phones

Microsoft Your Phone

Microsoft just made your mobile life and computer life a whole lot easier and fun. If you love your phone, well so does your computer. Finally, you no longer need to dig around for your phone to send a text message while sitting at your Windows desktop. Plus, that extra step of emailing photos from your phone to your computer has ended. Thanks to Microsoft’s new “Your Phone” app for Android phones, 7.0 or later, you can now send text messages right from your PC.

Microsoft Your Phone

What Should You Know To Get The New Your Phone App?

To get the Your Phone app, you must sign into your Microsoft account. Also, under your account, you can install the app on a maximum of ten Windows 10 devices. And as for installation, the Your Phone app must be installed on your internal hard drive. The size of the app is approximately 13.74 MB.

The Your Phone app does support Android 7.0 phones or later and Google’s newer versions of their mobile operating system. The Your Phone feature became available to every Windows user in October. By early to mid-November, Microsoft will extend support for the function to Apple/Mac devices that use Microsoft’s Edge browser.

Once the software gets installed, you’ll need to accept a connection request from your PC on your phone. That needs repeating for every Windows 10 computer you want to connect to your Android phone. Once you’re connected, there will be a grid of photos on your PC. One thing to note: what you will view will be a square image. To see the whole image, open your choice of photo viewer app or drag the picture onto your PC.

What Can You Do With The Your Phone App?

Microsoft’s new Your Phone app shows you the most recent texts and photos, which came from your Android phone, onto your desktop. From your desktop, you can drag, drop, copy or paste those items to your computer or other compatible applications.

Here’s how it works: with the Your Phone app, go ahead and snap a picture from your Android phone. Then check out your desktop. You’ll see that photo, you just took, right on your computer. The app gives you instant access to your Android phone’s photos, right on your computer. Now that daunting task of emailing yourself pictures can finally stop.

Does your presentation need a photo? What about sprucing up that embarrassing selfie you’ve been hiding from your friends? Then drag and drop it. Texting from your computer is not only possible, but it’s gotten a whole lot easier. The Your Phone app allows you to view and send Android text messages from your computer. You can use your computer’s keyboard to text friends and any group messaging. Now you can save your texting thumbs for online gaming battles.

Just remember you have to link your Android phone to your computer. You can do this by going into your Windows Settings or through Your Phone app. Once that is complete you will receive an app from Microsoft. You are required to download the app on your mobile phone also and follow the setup instructions. At this time the Your Phone app does need Android 7.0 or later to work correctly.

Does The Your Phone App Have Any Enhancements, Limitations or Warnings?

Enhancements – Besides supporting 70 languages, Microsoft also announced some related improvements, which launched in April 2018, to its Windows Timeline, which displays sites and accessible files you’ve recently gone to or used. The Your Phone feature rolled out to all Windows users in October 2018. Currently, emails, websites, and documents you’ve recently viewed on your Android phone will also get included in the Windows Timeline. As for other Windows timelines, Microsoft will notify you through your account.

Limitations – Microsoft’s Your Phone is a UWP app that links to software running on Android 7.0 or later devices to share only the latest 25 pictures on your phone with your PC. At first, the Your Phone app will support Android phones running 7.0 or later. It will also run on newest versions of Google’s mobile operating system. As for iOS users, Microsoft has not stated whether or when it would make the app’s feature available to those users.

Warnings – There is a photosensitive seizure, warning notice, you need to be aware of, especially if certain visual images, flashing lights or patterns trigger an epileptic seizure with you or anyone you know or work with. The photosensitive epileptic seizures have a variety of symptoms.

  • altered vision
  • confusion
  • disorientation
  • eye or face twitching
  • jerking
  • lightheadedness
  • momentary loss of awareness
  • shaking of arms or legs

Please be aware; some seizures may cause convulsions and loss of consciousness. That could lead to a head injury from falling or landing on nearby objects.

Did you find this article informative? If you liked this one, check out our other content we think you’ll find interesting.

Posted on

What Are the Best Ways to Improve Law Office Cybersecurity?

Law Firm Cybersecurity

As technology continues to evolve, those people threatening it adapt as well. This is also true in the legal sector where a breach in security can be devastating. Clients are demanding more from law firms by way of protection. Firms are scurrying to respond.

Law Firm Cybersecurity

Unfortunately, those offices with even the most advanced IT teams are often deficient. They have weaknesses that they are unaware of. In a few months when cybercrime has made further advances, those vulnerabilities will have multiplied.

Individual law firms generally realize that the plight is not theirs alone. Cybersecurity works better when networks cooperate. Since it is about sharing information, it is essential that offices band together for their common good.

By taking a few small steps, law offices can enhance their organization, and utilize the more affordable security resources available. In this way, they can fight the problem together.

How Will Appointing a Security Leader Benefit a Law Firm?

Appointing a dedicated security leader and the team helps identify cybersecurity goals. It also encourages the development of actionable strategies. This is especially important in a law firm. The consequences of a breach in security here are not only dire and embarrassing, but they could result in charges of noncompliance.

A delegated Chief Information Security Officer (CISO) would run the security team. In addition, he or she would also have the following duties:

  • Set precise cybersecurity objectives
  • Assess how data is being used, as well as stored
  • Identify federal and state compliance requirements
  • Develop cybersecurity strategies

The CISO and security team are different than the IT department. They are security experts. Their responsibilities will have surpassed the IT department’s general abilities and purpose.

Why Should Law Offices Develop Cooperative Partnerships?

There is safety in numbers. By building strong communication security information-sharing communities, firms are able to divide the challenge of keeping up with potential threats. In this way, they are able to identify and eliminate weaknesses in their systems.

Cybercriminals sniff out vulnerabilities and strike. It is nearly impossible for any single office to remain on top of all of the conceivable problems. This is why it is advisable that they band with organizations that can help.

An important step would be to join the Legal Services Information Sharing and Analysis Organization (LS-ISAO). It is affiliated with the U.S. Department of Homeland Security. It acts as a vehicle for announcements, updates, and threat alerts from the U.S. Computer Emergency Response Team, as well as other pertinent agencies.

Joining a strong information-sharing, cooperative partnership better allows firms to identify issues in their systems before it’s too late. Then, they can fortify their security when it needs it most.

How Will Partnering with Outside App Developers Improve Security?

Outside software-as-a-service (SaaS) applications enable law firms to beef up security without depending solely on their internal defenses. This allows them to improve their protection and adapt to ever-evolving technology.

Additionally, working with outside sources increases access to the latest developments. This is something that is difficult to do for even the most technically savvy CISO in a law firm. By working together, they may develop technology that is specific to the needs of the firm and its clients.

What Does a Layered Set of Security Technologies Include?

No longer is a one-layer system sufficient for securing a law office. Cyberspace has gotten complex. Hackers and other cybercriminals have become very sophisticated in their skills and knowledge. This means their approaches are also advanced.

Rather than just having anti-virus software, today, firms require a multi-faceted approach. There are several features that should be included. A comprehensive security plan should, at a minimum, provide the following elements:

  • Encryption technology
  • A firewall that includes phishing protection
  • Intrusion detection systems
  • Multi-factor authentication

Lastly, offices should invest in measures to improve resiliency, such as micro-segmentation. Even if intruders are able to initially access one or more servers, micro-segmentation puts a stop to it. It increases application visibility so unusual behavior is more quickly detected. This prevents intruders from being able to move laterally through a cloud environment across data centers to access all servers. It helps minimize the impact of a breach.

In Conclusion

Taking proactive measures to prevent clients’ data loss or disclosure is a vital aspect in the field of law. Failure to adequately do so is not only an ethics issue that could adversely affect a firm’s reputation, it could also result in noncompliance.

Unfortunately, the changing landscape of cybersecurity has left many offices vulnerable to attack. By following these small, but important steps, firms are able to fight to defend the data they have been tasked with protecting. Although the criminals might seem to be a few steps ahead of everyone else, by working together with the LS-ISAO and other agencies, the legal profession will prevail.

Posted on

What Are We Most Frightened Of This Halloween?

cybersecurity

7 Cyberattack Facts

This Halloween we’re celebrating by sharing some scary cyberattack facts. Why? Because, unfortunately, cyber attacks are increasing. The cyber threat landscape is rapidly becoming more of a concern. Not only are businesses seeing an increase in the number of attacks, but these cyber attacks are continuing to evolve.

 

Here are the scary facts:

  1. Cyberattacks are the third largest global threat this year behind only extreme weather events and natural disasters!
  2. Around the globe, a hacker attacks someone every 39 seconds.
  3. There are nearly 6,000 new viruses released every month.
  4. There are more than 4,000 ransomware attacks a day.
  5. Nearly 1 out of every 100 emails is a phishing attempt.
  6. 43 percent of cyber attacks are aimed at small businesses.
  7. The cost of all this cybercrime last year? 600 billion dollars!

Read the details below:

Fact 1. Cyber attacks are the third largest global threat this year behind only extreme weather events and natural disasters.

According to the WEF’s Global Risks Report 2018, in terms of events that are likely to cause disruption in the next five years – cyberattacks rank behind only extreme weather events and natural disasters.

The Report reveals that:

  • The top five risks to global stability over the next five years are natural disasters, extreme weather, cyber attacks, data fraud, and failure to address climate change.
  • Cyber attacks are growing in risk as the potential fallout from an attack on connected industrial systems, or critical infrastructure becomes a serious threat.
  • Cybersecurity risks have grown both in their prevalence and in their disruptive potential.

The good news is that many of these cyber attacks aren’t succeeding. However, increases in their growth and sophistication are troubling. Plus, because nation states are performing cyber attacks, cyberwarfare becomes a real threat.

Fact 2. Around the globe, a hacker attacks someone every 39 seconds.

A study by Clark School study at the University of Maryland quantified the near-constant rate of hacking of computers with internet access to every 39 seconds on average. And for those who use non-secure usernames and passwords, there’s a greater chance that the hackers will succeed.

Michel Cukier of Clark School’s Center for Risk and Reliability and Institute for Systems Research identified these as brute force attacks where hackers use simple software-aided techniques to randomly attack a large number of computers.

The study revealed that once hackers gain access to a computer, they:

  • quickly determine if it will be of use to them,
  • check the software configuration,
  • change the password,
  • check the hardware and/or software configuration again,
  • download a file,
  • install the downloaded program and run it.

Fact 3. There are nearly 6,000 new viruses released every month.

A computer virus is a program or software(malware) that once in your computer multiplies in number and affects areas of the computer according to the codes it’s based on. Computer viruses are growing. With the rise in technology, we’re at increased risk of hackers using viruses to infect our networks. They continue to be a growing threat to organizations of all sizes, across all industries. And today’s free antivirus solutions (and some paid ones) are no match against sophisticated malware. Hackers are now using machine learning technology to circumvent security and infect computers with viruses. They also use AI (artificial intelligence) to launch attacks and infect computers to steal data.

Fact 4. There are more than 4,000 ransomware attacks a day.

The FBI has reported that since January 1, 2016, more than 4,000 ransomware attacks have occurred on a daily basis (on average). This is a 300% increase from 2015 when 1,000 attacks occurred daily. Ransomware is the fastest growing malware threat, and it can result in the temporary or permanent loss of your sensitive or proprietary data. It not only disrupts your operations, but you’ll also likely incur a financial loss to recover your data. Ransomware has the potential to ruin your business’s reputation.

Fact 5. Nearly 1 out of every 100 emails is a phishing attempt.

Researchers (from FireEye) reviewed over half-a-billion emails sent between January and June 2018. They found that one in 101 emails are malicious and sent with the goal of compromising a user or network.

When spam is discounted, only one-third of emails are considered “clean.” Highlights of the report showed that:

  • There was an increase in phishing attempts during tax season (January – April).
  • Impersonation attacks are commonly used for CEO fraud.
  • Hackers rely more on friendly name impersonation today.

The WEF’s Global Risks Report 2018 also revealed that 64 percent of all phishing emails sent during 2017 contained file-encrypting malware.

Fact 6. 43 percent of cyber attacks are aimed at small businesses.

This was reported in Symantec Corporation’s Internet Security Threat Report. They also revealed that 1 in 40 small businesses are at risk of being the victim of a cybercrime. Hackers don’t discriminate when choosing businesses. They are targeting their money. Small businesses are big targets for phishing attacks. Phishers target employees who are responsible for the company’s finances. When the phishing emails are opened, it can result in sensitive financial information being exposed. This is how the cybercriminal gains access to a company’s money.

Fact 7. The cost of all this cybercrime last year? 600 billion dollars! That’s three times the amount spent on Halloween candy.

In the February 2018 report “Economic Impact of Cybercrime – No Slowing Down” it says that cybercrime may now cost the world almost $600 billion, or 0.8% of global GDP. The reasons for this growth are as follows:

  • Quick adoption of new technologies by cybercriminals
  • The increased number of new users online (these tend to be from low-income countries with weak cybersecurity)
  • The increased ease of committing cybercrime with the growth of Cybercrime-as-a-Service
  • An expanding number of cybercrime “centers” that now include Brazil, India, North Korea, and Vietnam
  • A growing financial sophistication among top-tier cybercriminals that, among other things, makes monetization easier

Cyber Security Awareness

Do these facts scare you too? Are you worried about the cybersecurity of your business? If so, contact us, and we’ll help you determine if you are adequately protected.

Posted on

REMOTE DESKTOP ACCESS: YOU MAY HAVE JUST OPENED YOUR NETWORK TO HACKERS

Remote Desktop

What’s The Remote Access Protocol And Why Should I Worry About It?

The Remote Desktop Protocol (RDP) is a means that Microsoft provides for Windows (and Mac) users to access another computer remotely. Remote computer access is often used by IT people to diagnose and repair a problem with a computer. If you’ve ever worked with a company’s Help Desk, then the technician may have asked for remote access to check out your computer. The help desk tech has all the powers and abilities that the user has.

Remote Desktop

If that user is an administrator (if only one user is authorized on the computer, that user is set up as an administrator by default), they have total control over the remote computer. They may well have total control over the network as well, depending on how the network administrator’s permissions are set up.

So How Does RDP Work?

RDP works by connecting the computer remotely, then controlling it over a local network or the internet. The internet port used for this is 3389. If that port is open in the remote computer’s settings, anyone can potentially connect to it and control it.

The FBI recently warned that hackers are constantly scanning the internet for open RDP ports and selling the access information that they find on the Dark Web. Several types of ransomware and other exploit tools rely on finding open 3389 ports. One security company, Rapid7, found 11 million open 3389 ports on the internet in 2017. There are over 1,000 attempts to find open RDP ports per day.

Obviously, if you don’t know your ports are open, you are not going to be able to protect them. The first step is to make sure that only machines that need remote access are set up for it. Your system administrators can use several methods to make sure that only computers that need remote access have it.

But We’re Covered…Or Are We?

Ah, you say, but we are protected against this kind of attack because we have all our RDP-enabled computers protected by a password. Guess again. If you look, you may well find RDP servers (and servers in general) that are not password protected. Sloppy system administrators (sysadmins) all too often leave the machines they manage unprotected, so they don’t have to remember the passwords to them.

Even if both the servers and the remote machines are protected by usernames with strong passwords, there are two ways that hackers can still access them. One, called a brute-force attack, keeps trying usernames and passwords until it scores a hit. This is known as a dictionary attack.

The other way is to use lists of username/password combinations that are automatically created, bought on the Dark Web, stolen, or some combination of this. The only defenses against this are two-factor authentication or the use of security keys (dongles).

In two-factor authentication, users have to enter a second password, sent by SMS to a smartphone or by email, to log on. When dongles are used, a physical device, such as Google’s Titan security key is used.

Use of biometric identifiers (fingerprints, face scans, retinal scans) is another way of either single-or two-factor authentication (i.e., the user is required to use a password and scan a fingerprint.)

How Bad Is This Problem Really?

Remember, once a hacker gets into your system via RDP, you are probably vulnerable if you do not have two-factor authentication and/or biometric identifiers enabled on all your machines, both Mac and Windows. In any other condition, you are vulnerable. The lists of RDP endpoints being sold on the Dark Web include those stolen from airports, hospitals, nursing homes, and government agencies.

How Bad Could This Get?

So far, the use of RDP as a means of network penetration has been limited to attempts to install ransomware or steal banking, credit card information, and online shopping information.

There is little evidence (remember, we don’t find it unless we look for it or the hackers make a mistake) of any state actors or terrorists using it. But RDP access is really low-hanging fruit for them.

Practically everything runs on computers today, and the vast majority of them communicate over the internet with unencrypted data. Imagine terrorist hackers shutting down first-responder communications systems. They also have the potential to shut down hospital EHR systems or disrupt air traffic control at the airport.

Once we begin to think of the vulnerabilities in our systems, this problem of open RDP ports gets worrisome very quickly. Small wonder that the FBI is warning everyone about it.

In 2017, just one Dark Web site had 85,000 RDP endpoints for sale. It has dozens or hundreds of imitators. We just do not know until the FBI or some other agency finds the Dark Web site and tries to take it down. If you work with a managed IT services company, then it can be worth your while to ask them to check your computers and networks to see whether you have RDP ports open and susceptible.

Posted on

How To Protect Your Child From Identity Theft

Depending on the age(s) of your child (ren), your response to this topic may be, “She’s too young – she doesn’t even have an identity yet.”

Alas, not so. In our electronic society, kids exist in databases even before they’re born. And they are an attractive target for several kinds of bad actors on the dark web – those who want to exploit their names and other data for identity theft, such as opening credit card accounts, child pornographers looking for images that can be photoshopped, school bullies, and so on. Although this post focuses on identity theft, taking the steps described herein will also protect your children from other bad actors.

Children Identity Theft

What’s So Bad About Social Security Numbers?

As they were originally intended, nothing. The original intent was to use them to associate a specific individual with a specific record of earnings. But over the years, they morphed into the closest thing we have to a national identifier. Many organizations ask for it as a kind of reflex, with no intention of either using it or controlling its use. They have the notion that having an SSN makes your child a “real boy” (as opposed to a wooden one like Pinocchio?).

This leads to the first set of steps.

Get your child a Social Security Number. You will need it for some legitimate things about your child’s identity, including passports. (Try taking the child abroad without one.)

Once you have it, put it in a safe place, like a bank safety deposit box. The same goes for birth certificates and other papers that identify your child. And of course, their passports

Never give anyone an SSN, or a copy of identifying documents, without knowing why they want it, and what the intended use is. If it is just a bureaucratic reflex, ask what you can do instead of handing it over.

Make sure the organization has a policy of destroying documents that are no longer needed. (This will guarantee a lot of comical blank stares.) The only acceptable responses are “we return them” or “we destroy them with a cross-cut shredder.”

Monitoring Your Child’s Financial Existence On The Web

Your child, from the moment of birth, is a thing that businesses highly value – a customer, even if it’s you-by-proxy until your kid starts watching TV or using a computer or tablet. This means that your child will have an online existence from the moment of birth, and perhaps before. Those who exist can be exploited. So, you need to monitor your child’s financial identity. This means:

Check your child’s Social Security Earnings Record every year. You can get this by calling 800-772-1213 or submitting SSA-7050 Form. If you know the child has never worked and you see any earnings, that is a sign of possible identity theft. Contact Social Security immediately. A list of Social Security local offices can be found here.

The same goes for earnings in excess of what you know a child who is working earned. A non-certified copy of the earnings record is free; a certified report is $34.00. There is no reason to get a certified copy just to monitor your child.

Check all three of your child’s credit reports every year. Reports are free once per year. The three large credit bureaus that control most of the records are Equifax, Experian, and Transunion. Their online sites are Equifax, Experian, and Transunion.

Check any packages sent to your child. If you permit them to place orders online, make sure that what they got is what you or they ordered.

All these steps are relatively easy. The hardest part is teaching your child to be cautious (and safe) online. Social media are havens for identity thieves, and worse, predators. Teach your child to reveal private information only to trusted parties you have indicated that you approve of. For anything else, teach the child to respond with something like, “My parents don’t want me telling that.”

And, of course, it is obvious that you should keep your operating system, anti-virus, and anti-malware software updated. If you check every day, you will find that there is almost always an operating system patch, virus and malware definitions updates, or driver updates waiting to be installed.

Check to see if you can configure your OS and virus/malware software to update automatically. This exposes you to potential bugs, of course, but it will give you some peace of mind in the long run. Unless you are a true geek, consider it.

There are lots of other ways to keep your children safe online and this is an important topic you should discuss with them at the earliest time. You just can’t wait until your kids are teenagers anymore to talk about cybersecurity and online predators.

Posted on

Canada Now Has It’s Own Version Of Required Breach Disclosure

As data breaches echo around the world, Canada now has its own law, paralleling Europe’s General Data Protection Regulation (GDPR) and the USA’s Health Insurance Privacy and Portability Act (HIPAA). These regulations govern disclosure of data breaches to people whose data has been lost, stolen or somehow leaked to the public.

Canada Data Breach Law

Responsible leaders in U.S. companies should note that there is no exemption here for foreign-owned or operated companies. If your data breach involved Canadians, even those residing outside Canada, you have to comply.

Types of Organizations Included

Note that the law applies to organizations, which of course includes businesses. But the range of the law covers other entities as well. If you can be considered an organization of any kind, you may need to comply with these regulations.

What happens if the breach occurs in Canada, but for some strange reason, no residents of Canada were involved? You’re still required to comply with the law. (As always, legal questions are best answered by lawyers.)

The law was passed in 2015 and becomes effective November 1, 2018. Penalties for any violation can be up to $100,000. (This is a pittance when compared to penalties under the GDPR and HIPAA.)

What Do I Have To Do If There’s A Breach?

You must disclose it to affected Canadians, including the following information:

  • The data and nature of the breach and what specific data are at risk
  • What your organization has done to reduce risk and harm
  • How the affected Canadians can reduce their risk after the breach
  • Information about the organization’s contact information
  • The procedure for filing complaints

Is There More To This Than Meets The Eye?

Yes. It’s important to be aware that the law governing data breaches is not a stand-alone act. It is an amendment to PIPEDA, the Canadian Personal Information and Electronic Documents Act. A summary of Canada’s privacy laws, and links to more specifics can be found here. A discussion of the specific laws related to digital information is here. You need to understand and comply with both.

The wording in PIPEDA leaves room for the judgment of executives. It covers situations where “…it is reasonable in the circumstances to believe that the breach creates a real risk of significant harm to the individual.”

Whether intentional or not, the wording is somewhat vague and ambiguous. Certain words should be interpreted in the light of precedents set in the Canadian courts. There is no way to determine the true meaning of many of these terms when applied to a specific data breach, including:

  • Reasonable
  • In the circumstances
  • Real risk
  • Significant harm

What Really Happens After November 1, 2018?

Although the law takes effect on November 1, 2018, it will not actually take effect until the Office of the Privacy Commissioner of Canada has written and published its implementing regulations after consultation with stakeholders.

If you are concerned about the impact on your Canadian operations, it is important to track what is going on in the process of writing and implementing these regulations.

There is, for example, no guarantee at this point that the regulations, when written, will not be retroactive. You should comply now.

Should All Data Breaches Be Reported?

The answer to this question can be found by looking at the experiences of other companies – Facebook, Uber, Google, and Experian – that suffered data breaches and did not report them.

Every single one received a great deal of bad publicity. Many of their executives were fired for the way they mishandled the breach.

The applicable rule here that all should remember is: “It’s not the crime; it’s the cover-up.”

A data breach is bad enough. It exposes the personal information of millions of people to hackers and thieves. Any organization that has a data breach also has a duty to report it promptly. The guidelines for reporting it and notifying affected parties are clearly spelled out in the law. Your best assumption is that either you will have to report the breach, or someone will report if for you.

Fines and penalties can be much more severe for those organizations that wait too long before reporting a breach or do not follow the guidelines.

Wrap Up

Despite all the efforts devoted to cybersecurity, the public is still extremely vulnerable. In years to come, security experts may find ways to stop the onslaught of data breaches around the world, but today, the best course of action is to follow the data breach laws.

Posted on

Should You Ban Laptops From Meetings?

No Laptops In Meetings

Efficiency in the workplace is paramount to success. This concept is widely held across office environments everywhere. But while technology plays an increasingly valuable role in the way the world does business, that’s not to say it doesn’t come with its own unique set of drawbacks. Laptops and mobile devices are presenting problems within the workplace, particularly in regard to productivity.

No Laptops In Meetings

In the workplace, screens often serve as barriers, and today’s businesses are tasked with coming up with new ways to minimize these technological distractions. One effective method? Banning laptops from meetings.

The research is clear: laptops and mobile devices are no good for productivity, especially when it comes to meetings. Banning laptops and mobile devices from meetings can boost both productivity and efficiency. From reducing the amount of time it takes to conduct a meeting, to encouraging employees to be more present and engaged, banning laptops may be the next big trend in business.

The Dangers Of Multi-Tasking

Technology that’s been designed to improve our productivity can actually serve as culprits. They can interfere with our point of focus, whether that be our boss or colleague during an important meeting or a lecturer in the midst of a seminar. Laptops distract from learning, both for users and for those around them.

Research shows that multi-tasking is a killer of productivity. This doesn’t apply to just individual productivity, either. It can also have negative effects on the organizational level, which is causing problems for businesses everywhere, regardless of industry. One report concluded that multitasking within organizations is even impacting the global economy, resulting in a loss of $450 billion.

The human brain simply does not retain information as well when there is a distraction like a laptop or mobile device competing for attention. There are numerous studies that back up these claims. In fact, when employees use their laptops or mobile phones during a meeting, they’re known to do a number of things that hinder productivity, including asking questions that have already been answered. It may seem like nothing but a minor inconvenience to some, but gather enough instances like this, and you’ll see how much time (and money) is at stake.

Not only is multi-tasking thought to hinder productivity, but it also makes employees more prone to distractions. Other negative effects include poor critical-decision-making and underperformance.

Benefits Of The Ban

There are several benefits to banning laptops from meetings. From boosting creativity to cutting down on meeting time and even encouraging engagement, banishing laptops from the meeting room may be doing your company more good than you initially realize. This is why a growing number of managers are making the call.

Here are some of the benefits associated with banishing laptops from meetings.

Time Management

Commanding complete attention during company meetings can lead to more valuable, engaging discussion. A meeting in which all participants can easily understand and contribute input concisely is an effective one.

More Engagement

One of the most important aspects of a meeting is being present in the moment. Staring at your screen makes this impossible. Employees fixated on their laptops won’t be able to make eye contact, and their body language may be off-putting during a meeting. Banning laptops during meetings is just one way to promote engagement and the sharing of ideas.

Better Comprehension

Writing notes by hand has been scientifically proven to help in information absorption. While taking notes during a meeting may at times be necessary, using a laptop to do it is not. Encourage teammates to use pen and paper to increase comprehension.

Tips To Take Control

Business owners and managers can do a number of things to further promote engagement during meetings. Once you’ve made the decision to ban laptops, you may want to put a solid system into place. Establishing a firm “no laptop” rule during meetings will help things remain consistent across the board. You may even consider a check-your-laptop-at-the-door rule that will help drive the point on home with your colleagues. If you are hosting a remote meeting where laptops are necessary, implement a rule that states all other apps and windows must be closed. This small step alone can help increase comprehension and cut down on distractions.

Banning laptops may seem futile if you are wasting time in other ways. A good rule of thumb is to let employees know how long the meeting will be, as well as whether or not there will be breaks. Not only is this common courtesy, but it can also help minimize the anxiety that may come with not having instant access to emails and texts.

If you know that your meeting will consist of need-to-know information, encourage fellow employees to use pen and paper. By providing these tools ahead of time, you’ll make it that much easier for your team to follow through.

These small steps can do wonders for promoting productivity and helping your employees make the most of their time in the office. While laptops are commonplace in today’s office setting, and often vital for productivity, leaving them off the table for a while (literally) can act as the first step toward more meaningful meetings.

Posted on

Do You Have Good Computer Habits?

Woman working on computer in Google Docs

We know it’s important to have good habits in many parts of our lives, from our work to our daily hygiene. However, quite a few of us forget that we need to have good computer habits, too. Developing wise practices in connection with our computers and smartphones can make our lives much easier and help us to stay much safer on the internet.

Computer User

Back Up Your Files

One thing that many people fail to do is back up their files. All it takes is one catastrophic computer crash and days or even months of work can be lost. Priceless family photos, fun videos with friends, key work files, and important school assignments that were a work in progress can be lost. Backing up your files isn’t that hard nor is it expensive. And, to make things even better and easier, you have many different options from cloud-based backups (such as GoogleDrive, OneDrive, or DropBox), convenient USB thumb drives, portable hard drives, and even specialized backup drives. A good practice is to make sure your files are backed up daily, or at least weekly.

Keep Your Software Updated

Software updates can be a pain, but they are vital to ensuring that your computer and software runs smoothly. In fact, one of the major reasons that updates are released is to fix bugs and issues that could make your computer vulnerable to cyber threats. Hackers know about these bugs and vulnerabilities. If you don’t allow your system to install the patches and fixes, then you are making yourself a prime target for a cyber attack.

Keep in mind that you don’t have to perform updates in the middle of your work anymore. Most software (and smartphones) will give you options for when the update should take place, so you can choose times when you aren’t busy on your computer.

Be Smart When Using Public Wi-Fi

Public Wi-Fi in places like fast food restaurants and coffee shops can be tempting to use when you need an internet connection, but they can also be dangerous. These public Wi-Fi networks are a common target of hackers, and even hackers with minimal skill can quickly figure out things like your social media credentials and more.

If you do have to use public Wi-Fi, take safety precautions such as turning off network discovery, file sharing, and printer sharing and make sure your firewall is turned on. Don’t be an easy target for hackers.

Make Use of Antivirus Software and Passwords

Would you leave your front door unlocked if you lived in a high-crime neighborhood? Well, the internet is a high-crime neighborhood. Failure to use updated anti-virus software and good passwords is the same as leaving your door unlocked. You can’t afford to make it easy for the wrong people to access your personal and financial information.

Your first line of defense lies in the passwords you choose. Don’t use easy to guess passwords, and don’t use the same passwords for everything. Include letters and symbols with your passwords to make them harder to crack, and add some numbers for good measure.

Your second line of defense, much like a deadbolt for your front door, is anti-virus and firewall software. They don’t have to be expensive in order to do a good job of protecting your computer. It is also vital that you keep your anti-virus and firewall software updated and don’t ignore alerts they provide.

Be Careful with Email

Going back to our analogy of living in a high crime area: if your doorbell rang in the middle of the night, would you fling the door open and invite whoever it was inside? You would probably want to make sure who it was, and even check their ID if they claimed to be some kind of official demanding access to your home. Strangely enough, far too often we inadvertently provide access to individuals with malicious intentions when we click on links in emails without making sure where those emails are really from.

In short, don’t open an email unless you have a good idea of who it is from, and beware of clicking links in emails even if they seem to be from friends. Be cautious about opening attachments, too. In short, be as careful with your email as you are with your front door.

Conclusion

You work hard to keep yourself safe from physical dangers such as criminals and disease. It makes sense that you should work just as hard to keep your electronic devices safe, too. Backing up files (including documents, photos, and videos), keeping your software updated, and being smart when on public Wi-Fi is a good start. Add to that antivirus and firewall software, robust passwords, and the careful use of email and you are on the road to developing excellent computer habits that will keep your files, data, and personal information safe.

Posted on

Google My Business Reviews: The 3 Critical Things You Need to Know

Google Reviews

Google My Business is an excellent tool for establishing and tracking your company’s online presence. Included in Google My Business are tools to help you manage customer reviews. However, in order to get the most out of the review tools, you need to know (1) how to find your reviews, (2) how to encourage customers to share reviews, and (3) how to be alerted when you do receive reviews.

1. How to Find Your Reviews

In order to both see and manage your Google My Business reviews, you need to pay a visit to this site: business.google.com. Login, and once you are in, you can see your own My Business page. This allows you to, among other things, see and respond to the feedback your clients have provided through Google reviews.

You’ll find a link to Reviews on the left-hand side of the dashboard (it has a star icon beside it). This will open up a dedicated review page that allows you to write and edit constructive responses. Note that this also allows you to select one of three basic views: All, Replied (that would be, of course, reviews you have already replied to), and Haven’t Replied (which would be the reviews that you haven’t posted a reply to yet).

If you are still new to Google My Business or just don’t have very many reviews yet, you will want to start requesting reviews from your customers. With more and more people depending on the internet for reviews of everything from cell phone plans to home repair services, it is important that your company have reviews from real customers posted on Google.

2. How to Encourage Customers to Share Reviews

Trying to get great reviews can be tricky. Google My Business web pages do not offer a way to directly request a review from a customer. There is a workaround, however. To get a URL to promote to your clients, start by searching for your company from within Google maps (maps.google.com).

This reason you need to go to Google maps is simple: at the bottom of your company listing in Google maps, there is a link to post a review of your company. Once you are on your company’s map page, copy that URL. Then open up a URL shortening service such as bitly so that you can shorten that URL. With bitly, just paste in your URL and click on Shorten. You will receive a very short URL that you can copy and paste to your company’s website, emails, invoices, email signatures, business cards, and other materials. This makes it much easier for your customers to respond with feedback without having to search for your business on Google. The easier you make it for people to provide reviews, the more reviews that will begin to come in.

3. How to Be Alerted When You Do Receive Reviews

Once you are actively promoting reviews, you need to know when reviews are posted so that you can respond to them. It is important to quickly acknowledge reviews, both the good ones and the bad ones. Poor reviews especially need attention, and your company should try to make contact with the disgruntled customer and, if possible, take the discussion offline. However, you want others looking through your reviews to see that when a customer is dissatisfied, your business will reach out to fix the situation – even when the review is unfair. It is very important that a negative review does not sit out on the internet with no response.

Fortunately, there is a way to receive an alert as soon as a review is posted. To receive alerts about reviews, start by returning to the Google My Business homepage where you should still be logged in. Look toward the bottom of the right-hand side where it says Settings (there will be a gear icon next to it). Click on Settings, which will open the Email Notifications page. About halfway down, you will see an option that says Customer reviews. If you click the checkbox on the right-hand side of this option, you will receive email alerts when a customer posts a review. That is all you need to do to be alerted when a customer posts a review.

Google Reviews

Conclusion

Your company’s reputation online is very important, and it is critical that you receive feedback in the way of reviews. Google My Business has the tools you need to manage those reviews, including tracking them, responding to them, and being alerted when they are posted online. There isn’t a direct way to request reviews from your customers, but smart use of a link in the Google Maps listing of your business, combined with a URL shortening service, can help you gather those reviews you need.

Posted on

What Is HIPAA, And Why Should I Worry About It?

HIPAA

The Health Insurance Portability and Accountability Act (HIPAA) is a Federal statute, and associated regulations, that, among other things, control what healthcare providers and other “covered entities” do with “protected health information” (PHI). The HIPAA regulations are fairly straightforward, but there are a lot of them. There is a good summary here, with links to the relevant portions of the Code of Federal Regulations (CFR). This article covers only the basics.

HIPAA

Who Does HIPAA Apply To?

“Covered entities” are health care providers, health plans, and health information clearinghouses. The latter are usually aggregators of health information from hospitals, doctors, and the like. “Protected health information” is any information that relates to an individual’s past or present health status, treatment, and payments for any treatment an individual receives. Past, present, and future healthcare records are covered.

Data falls under HIPAA protection for 50 years after the death of the patient. The form in which the information exists does not matter – it can be written, oral, or electronic. If the information is in electronic form, additional requirements for protecting it apply.

Why Should I Worry About All This?

People are concerned about following HIPPA guidelines and they should be. It’s important to protect the personal and healthcare information of all patients. In addition, the Office of Civil Rights (OCR) within the Department of Health and Human Services (HHS) can impose large fines and other penalties for HIPAA violations. Hospitals and health systems have been fined in the millions of dollars for HIPAA violations. And HIPAA violations, if they make it into the news media, always create bad publicity.

What Can I Do To Remain Compliant?

Training of staff on HIPAA rules and practices is by far the most important step. The second is making sure that PHI stored in electronic form is protected. That involves things like:

  • Using encryption when data is stored or transmitted
  • Making sure that staff have only the access needed to do their jobs
  • Making sure that access to systems is, at a minimum, protected by strong passwords
  • Protecting records with the latest technology such as swipe cards or biometric identifiers

What Do I Have To Do To Conform To HIPAA?

You need to:

  • Formulate your privacy practices
  • Notify patients of privacy practices
  • Obtain consent or authorization when required
  • Make sure that your arrangements with business partners meet HIPAA requirements
  • Make sure you distinguish your normal health care operations, where consent is not required, from disclosures, where consent or authorization is required
  • Make sure you follow the HIPAA “security rule,” which covers PHI in electronic form

It goes without saying that your legal department needs to be involved in all of this. The Notice of Privacy form should inform patients and staff of what your practices and guidelines are. The notice should be given in written form to patients when they are first encountered.

“Arrangements with business partners” concerns companies that may have access to PHI in the course of providing services to a health care provider. These include companies that provide storage of documents, destruction of documents, or electronic handling of documents. You are required to make sure that they understand the HIPAA requirements and conform to them. You can think of it as the HIPAA requirements “flowing downhill” from you to your business associates.

What’s The Difference Between Consent And Authorization?

In many cases, no consent is required. This includes disclosure of PHI for treatment, payment, and health care operations. A covered entity may, but is not required to, seek consent from a patient for these purposes, but it is common to do so.

On the other hand, an authorization is required for any use of PHI other than the ones listed above. An authorization is more formal than a consent, must be written, and must contain several elements, which are covered here.

Authorization is required when the disclosure is for any purpose other than treatment, payment, or health care operations. This includes disclosure to a third party, such as a life insurance company, an employer, or a provider not affiliated with your healthcare organization.

Please note that electronic transmission of PHI is covered by the authorization requirement as well. If authorization to send the information on paper is needed, authorization to send it electronically is needed as well.

What Are The Takeaways?

  • HIPAA compliance is not optional.
  • Penalties for violating it can be very costly.
  • HIPAA applies to PHI in any form – paper or electronic.
  • Obtaining consent is generally a good idea; authorizations are required.
  • Depending on the services your business partners provide to you, they may be required to conform to HIPAA as well.
  • It is always better to err on the side of caution when dealing with HIPAA.

If you still have questions, be sure to visit the HIPAA website. Today, there are many organizations that can help you learn about and comply with HIPAA guidelines. For instance, many managed IT services providers have tools to help with compliance.