by Felicien | Sep 20, 2018 | Education
First, let’s get something straight: CIPA compliance is a prerequisite for receiving E-Rate funding discounts to pay for communications services like internet connections and (for now) Voice Services. If you are not asking for E-Rate, then CIPA does not apply to you. Period.
The reason for this is that it is a violation of First Amendment rights to mandate filtering of online materials across the board wherever a minor under the age of 17 may be using the internet at a public institution. Proponents of CIPA had tried and failed to pass similar legislation due to the potential restrictions on free speech. Linking the Children’s Internet Protection Act to funding eligibility frees the Act to set requirements that are otherwise unconstitutional.
CIPA Doesn’t Apply To These Situations And Institutions Either
Telecommunications for Schools and Libraries do not have to be compliant. In this case, the definition of a “minor” is a person under the age of 17. Additionally, as of 2012, public libraries do not need to follow CIPA guidelines, as doing so poses a threat to the free exercise of First Amendment rights by majority age internet users.
E-Rate
E-Rate discounts can be between 20-90% off of services and products related to using and maintaining internet services. The Universal Services Agency Company (USAC) processes all E-Rate requests and submissions. Their website outlines how and when to apply, as well as providing a training schedule for applicants and service providers.
Every year the FCC’s Eligible Services List is updated and available before the Form 471 filing window opens.
Keep checking the USAC.org website or sign up for updates in order to stay in the loop!
USAC
The Universal Service Administrative Company has been contracted by the FCC to manage all E-Rate Applications. School or library Administrative Authorities certify their institution’s enforcement of an internet safety policy that includes mechanisms that block or filter internet access to objectionable materials.
Administrative Authority Responsibilities:
1) Ensure compliance with the requirements of CIPA;
2) Certify actions undertaken in order to bring the school or library into compliance. For example, any necessary procurement procedures to comply with the requirements of CIPA; or
3) Waive CIPA requirements as the authority has determined that CIPA does not apply because the school is receiving discounts for telecommunications services only.
CIPA Requirements (excerpted from the application section of usac.org)
1. Internet Safety Policy
Schools and libraries are required to adopt and enforce an internet safety policy that includes a technology protection measure that protects against access by adults and minors to visual depictions that are obscene, child pornography, or – with respect to use of computers with internet access by minors – harmful to minors. “Minor” is defined as any individual who is under the age of 17.
2. Technology Protection Measure
A technology protection measure is a specific technology that blocks or filters internet access.
The school or library must enforce the operation of the technology protection measure during the use of its computers with Internet access, although an administrator, supervisor, or other person authorized by the authority with responsibility for administration of the school or library may disable the technology protection measure during use by an adult to enable access for bona fide research or other lawful purposes. For example, a library that uses internet filtering software can set up a process for disabling that software upon request of an adult user through use of a sign-in page where an adult user can affirm that he or she intends to use the computer for bona fide research or other lawful purposes.
CIPA uses the federal criminal definitions for obscenity and child pornography.
Decisions about what matter is inappropriate for minors are made by the local community. E-rate Program rules specify that “[a] determination regarding matter inappropriate for minors shall be made by the school board, local educational agency, library, or other authority responsible for making the determination.”
3. Public Notice and Hearing or Meeting
The authority with responsibility for administration of the school or library must provide reasonable public notice and hold at least one public hearing or meeting to address a proposed technology protection measure and Internet safety policy. For private schools, public notice means notice to their appropriate constituent group.
Additional meetings are not necessary – even if the policy is amended – unless those meetings are required by state or local rules or the policy itself.
Definitions
Harmful to minors: Defined as “any picture, image, graphic image file, or other visual depiction that – (i) taken as a whole and with respect to minors, appeals to a prurient interest in nudity, sex, or excretion; (ii) depicts, describes, or represents, in a patently offensive way with respect to what is suitable for minors, an actual or simulated sexual act or sexual contact, actual or simulated normal or perverted sexual acts, or a lewd exhibition of the genitals; and (iii) taken as a whole, lacks serious literary, artistic, political, or scientific value as to minors.”
Administrative Authority: The entity that must make the relevant certification for the purposes of CIPA.
Potential School Administrative Authorities
school board
school district
local educational agency
other authority responsible for athe dministration of a school
Potential Library Administrative Authorities
library
library board
other authority with responsibility for administration of the library
New For 2019
As of FY2019, Voice Services will no longer be eligible. That means any voice service, including VoIP, voicemail, and hard lines.
While the CIPA requirements make intuitive sense, the E-Rate process requires attention to detail. Applicants and service providers must wade hip-deep in bureaucratic alphabet soup. The reading is dull while at times being confusing. Consider hiring a temporary worker or contractor, or temporarily re-assigning a staff-person to the task in that first funding year at least. While the potential to get 90% off of services is clearly worth it, the amount of time and effort requires planning.
by Felicien | Sep 20, 2018 | Education
A compromised endpoint gives hackers everything they need to get a foothold in your security network. Once there, they can steal data and potentially hold it for ransom. That’s why it’s so important for business owners to secure their critical endpoints (including desktops, servers, and laptops). Otherwise, you could be leaving the front door wide open to hackers.
Today’s attackers have learned how to bypass traditional antivirus software by using file-less attacks. These types of attacks can hide within sanctioned applications or even within the operating system. Even if you’re vigilant about installing antivirus updates and patching, your organization may still be at risk.
What Are Endpoints?
Endpoints in networks are computer hardware items within the TCP/IP connections, which may include desktops, laptops, smartphones, tablet devices, printers, meters, terminals, smartphones and mobile devices, clients, and other forms of hardware.
Endpoint protection (EPP) has evolved to encompass code-based hacking, but the approach is often not adopted as organizations chose to use a legacy solution due to convenience or a lack of sufficient familiarity. Online sources including MSSP report this is common, but improvements in EPP will lead to more mainstream adoption. Meanwhile, current users may find that their existing network and operational variables demand some kind of improvement.
What Should I Know About Current Endpoint Security Risks?
One sign of a demand for improvement is continuing to use an antivirus program operating on a signature base. This form of technology is considered to be too slow to keep up with so-called ‘zero day attacks,’ or malware programs that are integrated with other coding. Users should expect potential vulnerability with such programming, and devices that are not updated daily are considered vulnerable to ongoing malware threats. Additionally, signature sets (lists of operational protocol) can become so large that they run into the limit issue, leading legacy vendors to drop them, which creates a demand for new solutions that do not use signatures.
Another potential reason you may need to address your EPP is the increase in ‘ransomware’ attacks. Ransomware, hacks designed to block user access until funds are provided to the hacker, has become increasingly destructive in the past few years. All it takes is one careless user who clicks on a link in an email, and your entire database could be locked until the ransom is paid.
Demands for improved management of antivirus software and continuing to use on-site antivirus management servers may also be grounds for improving EPP. You should be able to manage your entire antivirus system from your cloud, and if you cannot, you should consider updating and improving your system. Meanwhile, however, you should take care to ensure that any increased internet connectivity involved with a system improvement does not involve increased vulnerability. If you are able to manage your antivirus system from your cloud, but it does not seem to be sufficiently organized or efficient, you may benefit from substantial restructuring.
Other practical reasons for investment in End Point Protection integrations or improvements include a developed distrust of your current system. Directly targeting EPP can be more efficient and effective.
If you are still doing regular background scans, or your new machines seem slower than you think they should be, you may want to consider improving your EPP. The newer generations of antiviral protection do not require background scanning. Traditional processes for security may be insufficient in addressing the range of possible endpoint attacks.
What is Current In Research And Development?
Many software and strategy developments have taken place to address relevant needs. Amid a range of scholarly and professional research efforts, several patents have been developed in an attempt to optimize a range of relevant security functions and features.
A patent for automated configuration has been developed to optimize efficiency, using a client security application for an EPP system capable of selecting configuration based on the state of the network. The application can then be used to run security processes managed through the configuration.
Another patent has been developed for scalable cloud-based EPP, which allows users to maintain security policies based on endpoint combinations. Configuration and command information is entered and transmitted with an API server. The endpoint then maintains communication with it in ongoing security processes.
Another recent patent has been designed for relevant structures, processes, and operational systems for End Point Protection. Examples of content in this patent include an execution system based on inputs passed to execution only following a separate validation process, and a security structure based on multiple processors and communication channels.
Such developments are expected to become increasingly available and integrated in improved software and technologies over time.
What’s The Bottom Line?
EPP improvements may be demanded for many essential reasons
Many additional indirectly relevant factors are also important to consider
Recent developments show potential for further improvements
by Felicien | Sep 19, 2018 | Education
Microsoft is offering an early version of the new Outlook on the web for you to sample. If you open your Outlook Live Mail Inbox, in the top right corner, you should see a “Try the new Outlook” toggle. By clicking the toggle, you’ll open new Outlook on the web modules for Mail, Calendar, and People. Microsoft gives you the option to try it out and go back and forth to the different versions by simply clicking the toggle.
What’s in the New Version?
As with all change, the adjustment can take a little time, but more often than not, Microsoft makes changes that improve the use of their products and services in the long run. Let’s take a look at some of the new updates to help your navigation and adjustment to the new version of Outlook go smoother.
Files and Images are Easier to Find
Nothing is more frustrating than digging around in your email trying to find a file that a colleague or client has sent to you. The new Outlook on the web has made finding files and images much easier. Located on the bottom left you will see a file icon. When you click on the icon only emails that have files attached to them are listed for you. If you are specifically looking for an attached file that is an image, you can narrow your search by clicking on images once you are in the file’s module.
Eliminating the hassle of looking for a file in your inbox is a pretty big deal. Now file finding doesn’t need to be a time-consuming exercise anymore. Make sure you take advantage of the Files module that Microsoft has added in the new Outlook on the web.
Searching for Emails Quickly
Now, with Microsoft’s newest version, Outlook predicts what you’ll be searching for based on your most recent conversations and the customers and team members with whom you communicate and interact the most. The advantage of using all of the Microsoft 365 tools on a daily basis is Microsoft’s advancement in technology gives them the edge by anticipating your moves as you make them. The new intelligent search window will help you find the email you need faster and easier.
Event Creation Simplified in Calendar
You can now quickly add events to your calendar with updated event icons, so you can identify events and see location suggestions to get address details. These eye-catching icons will assist you in recognizing the event before you read all the details of the event. The added visual helps the user in keeping track of their busy schedule with these newly designed event icons.
Outlook’s Suggested Replies
The new Outlook incorporates its intelligent technology to your email by saving you energy and time. The new version will suggest replies that you can click on to quickly respond when you don’t need to type an elaborate response. For example, when your boss gives you a new task, one of the suggested replies could be, “I’m on it.” Click on it, and the email automatically sends the reply in seconds without you having to even click send.
The All-inclusive Add-in Feature
The new Outlook on the web has streamlined how you retrieve add-ins by giving you more control to what you use the most. Outlook add-ins are simply your favorite apps that Outlook allows you to add to your inbox, giving you the ability to accomplish tasks faster. You can save an email straight to your notebook, translate emails quickly, and even pay bills and receive payments with the add-ins. All the popular apps, such as Evernote, Gfycat, Boomerang, MojiLaLa Microsoft Translator, PayPal, GIPHY, and Trello can be added to your inbox.
Better Techniques to Manage Your Groups
Office 365 Groups help you with your group-based collaboration. This service is a vital part of many teams that use Outlook. The new Outlook on the web has improved its current features by offering speedier and easier group creation abilities, richer and sleeker business group cards, and a more user-friendly group email triage. The new version also has some great features such as a group Files view that spotlights group managing in the People module, as well as the latest file actions.
Favorites Stick Out Front and Center
Although many work emails are important, there are those specific emails that you can’t miss. An email from your boss or an important client are both examples of emails that you might want to read right away. The Favorites feature is made for those important messages. You can add specific folders, people, or categories to your Favorites to keep them front and center for your attention.
To learn more about the features included in Outlooks early version, click HERE.
by Felicien | Sep 19, 2018 | Education
What Is Phishing?
Phishing is the act of sending phony emails to people for the purpose of tricking them into revealing their user name and password. The sender pretends to represent an organization that has a viable reason to make an information request. For instance, you might get a genuine-looking email that looks just like it’s from Paypal. The sender will be claiming that there’s something wrong with your Paypal account. They want you to click on their link and go to your Paypal site and then log in and change your password or some other action.
Should you follow their instructions? No! These are cyber thieves trying to get your personal and financial information. Their goal is to steal from you. Hacking has become big business around the globe.
Microsoft Office 365: How It Works
Office 365 is a longstanding software package developed by Microsoft. It includes Word, Excel, PowerPoint, and other commonly used software applications that are used in business. Office 365, unlike previous versions of these applications, operates through yearly subscriptions. Updates are performed regularly. You have access to the latest programs so you can work more efficiently both at home and in the office.
There are good reasons to operate under a yearly subscription plan using these programs. They’re always current and up-to-date and you never have to worry about maintenance issues. Office 365 is available for phones, tablets, computers and you can work from anywhere there’s an internet connection. Microsoft has consistently created the best security programs and systems to guard its products from hackers. And yet, cyber thieves are finding ways around these security protocols.
What Potential Is There For Phishing Scams?
Any hacker can potentially claim that they represent Microsoft. These thieves have been able to replicate an authentic email very well. People who are not paying attention might fall for one of these phony emails. These hackers can sound like they have a viable reason to request information or actions that could place the account holder at risk.
Using good business imagery and closely matching email addresses, recipients may be fooled. Hackers can easily cut and paste company logos into these emails to make them even more convincing. Meanwhile, users that fail to take a second look may be fooled. They can inadvertently reveal log-in information, credit card numbers, or banking information.
Can Hackers Get Around Microsoft’s Security Features?
Recently, hackers have been using certain phishing methods to bypass the current Safe Links security features found in Office 365 software. Safe Links have been a basic aspect of the organization’s Advanced Threat Protection (ATP) program, which has been helping to protect businesses from receiving damaging links that are sent through phishing.
These links scan the URL in attempt to match it to those entered into a stored blacklist, notifying the user of detections. By using tags in HTML headers, hackers have been able to bypass the detection of harmful listings.
Many users of Outlook have been affected by this approach, and while Gmail’s security has evolved well enough to avoid these kinds of bypasses, similar updates are recommended for Microsoft. SecurityWeek explained that users now have the capacity to block URLs on gateways. While this has helped prevent attacks, software developers will be required to address all these new threats as they design their software programs.
Microsoft has been updating aspects of its security to increasingly protect against the improvements of phishing and hacking actions. Along with their central ATP features, which allow users to customize their account settings, users can create their own system-tailored anti-phishing policy. It will update across the range of datacenters within 30 minutes of activation.
These help but there is now a full range of phishing attack types, including ‘spearfishing’ and ‘whaling.’ These both target specific individuals in an organization—normally someone in a high position such as CEO and CFO.
One of the problems with Office 365 security is that ATP is not available with the basic subscription. Users must purchase the security feature or a different version of the software in order to get the best protection against the latest hacking schemes. Once the additional protection is purchased, users should optimize the wide range of settings available within advanced ATP features to get the best security.
According to The Hacker News, cyber theives have been adding words hidden to the user, reducing their font size to zero, in efforts to make phishing emails appear normal to security code while bypassing its detection features. This method has been used to improve the potential and frequency of phishing scams. There’s now a greater demand for updated security features that are able to detect writing with a font size of 0.
CSO reported that there has been an increase in phishing scam types, and while the zero-font method may be addressed with security code improvements, another type of bypass method will likely be developed by hackers.
What Should I Do?
Microsoft recommends that users follow common practices in addition to optimizing program features to best protect against hacking scams. These may include:
Learn about ATP and its advanced features and security upgrades.
Establish an optimized ATP policy for your business.
Learn about ATP anti-phishing policy options.
Set up an ATP anti-phishing policy that addresses your company’s distinct needs.
Research and upgrade security options and features as needed.
Continue to follow statistics and trends regarding hacking and the efforts of cyber-thieves.
by Felicien | Sep 19, 2018 | Education
Discipline, honor, tradition, and excellence—these could previously be described as the foundation of the legal profession. After decades of consistency, however, the field of law is experiencing an extensive transformation with far-reaching effects. For better or worse, much of this has been attributed to the millennial generation: those individuals born between the early 1980s and 2000.
In the TIME article titled: “The Me Me Me Generation,” Millennials are described in the following way:
“They’re narcissistic. They’re lazy. They’re coddled. They’re even a bit delusional. Those aren’t just unfounded negative stereotypes about 80 million Americans born roughly between 1980 and 2000. They’re backed up by a decade of sociological research.”
However, other research has suggested that this generation is responding to an evolving world defined in part by rapid technological changes. Millennials have become the largest generation wielding a projected spending power of $1.4 trillion by 2020. Attorneys and law firms that wish to succeed in the future should take note of these current trends, which are anticipated to continue.
How Have Millennials Changed the Legal Landscape?
There are many ways that this demographic has influenced changes in how most business is done. This includes business conducted within the legal profession. These changes are evident in response to millennial members of the legal profession, as well as clients of that age group.
First, perhaps above everything, Millennials appreciate the flexibility. They prefer using technology that allows them to work remotely and set their own hours. Billable hours, routine, and face-to-face interactions are less of a priority.
Second, members of this generation require frequent feedback. Whether as a client or a colleague, they prefer platforms where they can monitor progress. Associates also want a clear view of how they are performing in real time.
Third, Millennials value information. They are more likely to want to know the “big picture” rather than being satisfied to just follow protocol. They want to know “why” certain practices are in place. Additionally, they are likely to research employers, colleagues, and clients, etc. A quick google search helps them to determine which firm to hire or work for.
In What Ways Did the Information Age Change the Way Data is Managed?
Rather than file cabinets full of hard-copy documents, and legal teams scrambling to find them, today’s law offices depend more heavily on digital platforms. With the enormous volume of data in a variety of formats, it has become increasingly more important for law offices to take advantage of cutting-edge technology.
Contemporary online data management rooms handle PDFs of paper documents, electronic documents, emails, social-media postings, and text messages. Innovative technologies allow small firms to compete with larger companies like never before. A few of the most popular include the following:
Artificial intelligence
Cloud computing
Predictive coding
Platforms
This results in lower overhead and less expensive services for clients. What lawyers give up in billable hours, they make up in quantity.
Why Are Online Communities Being Created?
Attorneys have always depended on communities to mentor each other, share insights, make cross-referrals, and find clients. Today, lawyers who wish to succeed in the legal profession are building and/or joining communities online.
Communities like LawyerSmack—previously LawyerSlack—are increasingly becoming the go-to locations for brainstorming, mentoring, sharing files, and engaging in discussions with colleagues. Intended for use by individuals and teams, they can be used across a variety of platforms and devices.
LawyerSmack, in particular, can also be integrated with the following apps and services:
Giphy
Skype
Trello
Uber, etc.
Although social media venues like Facebook, LinkedIn, and Twitter still have a place in legal marketing, communities like LawyerSmack provide much more.
How Is Virtual Reality Being Used in the Legal Sector?
Virtual reality (VR) and augmented reality (AR) are among the most highly anticipated and intriguing technological advances. These will potentially find a place in the courtroom, as well. In recent years, evidentiary rules have begun to accommodate technology in a variety of ways. Examples include the introduction of DNA evidence and videotaped depositions being entered as evidence.
Additional ways VR and AR could be used in the legal sector are with the presentation of evidence. It would be possible for crime scenes to be virtually recreated and presented to jurors. Another method would be to use a drone with a small camera to show the crime scene and surrounding areas in real-time.
In the not-too-distant future, it is not unrealistic to envision trials occurring with the assistance of virtual reality technology. Jurors could remotely participate in a trial, and even deliberate with other members of the jury over an online platform.
In Conclusion
The legal profession has a history of being rather conservative. Recent trends, however, indicate that is no longer practical. Online formats continue to alter how communities are built and data is managed and shared. VR and AR will become more prevalent in the courtroom. In fact, as technology becomes an inevitable tool in the modern law firm, it is increasingly important for attorneys to embrace it or risk being left behind.
