by Felicien | Jul 30, 2019 | Education
The cloud may still feel like a new technology – but in reality, it’s been around for more than 10 years now.
Does that make you feel old?
Let’s be clear about something – the cloud is here to stay. In recent years you may have still heard the occasional “industry insider” suggest that the world may be moving too quickly to an untested and unsure platform in cloud computing, but no more. The cloud is now an integral part of daily life for private consumer and business users alike.
What Is The Cloud?
The cloud is a network of technologies that allows access to computing resources, such as storage, processing power, and more. That’s where the data is – in these data centers all around the world. Which data center your data is in depends on what cloud service provider you’re working with.
The Cloud’s Many Layers
Public Cloud
Ideal for small businesses that may have trouble budgeting for any other type of cloud deployment, a public cloud is simple and cost-effective. Your data is stored in a “communal” data center, which, while not offering the best possible security or compliance guarantees, is often sufficient enough for organizations that aren’t required to maintain regulated compliance.
Private Cloud
A secure, dedicated environment to ensure maximum performance, security, and functionality for your business applications and employees. This is usually deployed for complaint-driven businesses such as healthcare and finance.
A Hybrid Cloud
This is like a dedicated cloud computing resource on Office 365 and Azure Stack with an extension to on-premise resources for maximum performance, control, security, and functionality. This is for businesses that require maximum control and scalability.
Instead of entrusting your legacy solutions to a public or private cloud, many businesses are opting for a hybrid cloud. They use a mix of on-premise, private and third-party public cloud services because this provides an infrastructure where one or many touchpoints exist between the environments.
Using a hybrid cloud gives you the freedom to choose which applications and resources you want to keep in the data center and which ones you want to store in the Cloud.
The Cloud Isn’t As New As You Might Think…
Would you say the cloud is “new”?
To some, this may seem like a question with an obvious answer, but it’s not that simple.
The way in which we think about technology can lead to something feeling new for a lot longer than would make sense otherwise.
After all, the cloud is more than a decade old, but a lot of people still think of it as a new technology.
For context, it was 2006 when Google and Amazon began using the term “cloud computing” – not necessarily the beginning of the cloud, but as good a point to choose as any.
In that year, the now woefully dated Crash won Best Picture at the Oscars. The Tesla Roadster was still two years from hitting the streets. Netflix was more than a year away from launching its now prolific streaming services.
Does that put it in perspective?
How Is The Cloud-Delivered?
SaaS (Software as a Service)
Software as a Service (SaaS) applications are being adopted at a much faster pace today than in the past. These are productivity applications like Microsoft Office 365, cloud-based practice management solutions, accounting programs, and more.
Your SaaS provider helps you identify and select line of business applications that will run well in the cloud. They can migrate your data and integrate it with software platforms in your current premise or cloud technology stack, or help you implement new ones.
PaaS (Platform as a Service)
This is whole cloth delivery of web applications that are based in the cloud, all via a comprehensive platform. The idea is that, in accessing this platform, you can utilize, develop and even deliver applications based on resources that you don’t need to maintain on-site.
IaaS (Infrastructure as a Service)
Infrastructure as a Service (IaaS) delivers IT infrastructure on an outsourced basis and provides hardware, storage, servers, data center space, and software if needed. It’s used on-demand, rather than requiring you to purchase their own equipment. That means you don’t have to expend the capital to invest in new hardware.
Why Should You Use With The Cloud?
For the same reasons that thousands of other businesses around the world have already adopted cloud computing:
Computing Power: The cloud has the ability to activate tens of thousands of CPUs. This unparalleled power can quickly perform deep analytics of your data, and process nearly any ad-hoc queries that you require.
Reliable Costs: The cloud services subscription model offers the strategic advantage of low-cost, low-risk opt-in combined with a simple, predictable monthly fee.
Easy Scalability: Cloud services have the unique strategic characteristic of being able to stretch or shrink to suit your current level of demand. This is especially useful for businesses of scale or companies that go through seasons of activity.
Real-Time Collaboration: With cloud technology, your staff doesn’t have to wait for each other to be done with their part of the document or project in order to tackle their own aspect. They can all work on the same project at the same time to maximize productivity.
Remote Work Capability: This cloud feature allows you and your employees to work remotely as need be, which will give your business members the flexibility they desire to have a more balanced home/work life.
You Need To Keep An Eye On Your Cloud
As beneficial as the cloud can be, it’s important to note that it can also pose risks if it isn’t managed properly. It all comes down to the classic binary relationship between convenience and security.
The cloud gives you unparalleled access to your data from anywhere with an Internet connection. That means that external parties (including cybercriminals) can have undue access to your data as well if you don’t take the necessary steps to secure your environment.
That’s why you need to monitor your cloud. No matter who you entrust your data to, you should ensure that you or someone in your organization is given appropriate visibility over your cloud environment. That way, you can guarantee that security and compliance standards are being maintained.
If you don’t have the resources to manage this type of ongoing monitoring, then it would be wise to work with the right third party IT services company. Doing so will allow you to outsource the migration, management, and monitoring of your cloud. You’ll get the best of both world – security and convenience.
by Felicien | Jul 26, 2019 | Education
8 Essential Reasons to Outsource Your IT Services
Technology moves fast and furiously. In this modern world, you need IT services for your business to run as smoothly as possible. The last thing any well-run company wants is for their IT issues to trip up working conditions so your employees are frustrated, and not being as productive as they should be. Ideally having the right technology in place can help your business to be more profitable in the long run. The question then becomes, is it better to have your IT department in-house or outsource those services? There are actually many terrific benefits to outsourcing your IT services to the right qualified professionals.
Here are 8 essential reasons to leave it to the pros at a managed IT service company for all your technology needs.
Reason #8: Increased Productivity
When companies have their IT services in-house, this can take up time and reduce productivity among the staff. It’s been shown that Managed Service Providers (MSP) who have all the right credentials can implement IT solutions for you in a much faster way. The speed and efficiency an outsourced IT company can give you will allow your business to operate at full capacity much faster in the long run. Less IT distractions equal a better working environment for your staff.
Reason #7: Focus on Core Operations
If you and your employees have to worry about IT glitches and struggles, it’s going to carry over into your daily working environment. That takes away the focus on your core operations. Your managers and employees have limited time to do their job. There are only so many work hours in a day. They can do their jobs better without having to get sidelined by IT problems they shouldn’t have to deal with.
Reason #6: Smaller Business Can Compete
Smaller companies sometimes can’t afford the kind of IT services that larger, more established companies use. By having an MSP who can give you the kind of technological advance that larger companies can afford, will make it easier to compete with the “big guys” on a global scale.
Reason #5: Risks and Threats Are Handled
Most outsourced IT companies are available for risks and threats 24 hours a day, 7 days a week. It’s something they monitor all the time. They will be able to handle and manage these threats for you seamlessly to keep your company operationally rock solid.
Reason #4: More Security
Security and compliance issues are less of a problem with experienced IT professionals. Hardware crashes, viruses, data corruption, and backup failures are less of an issue when outsourced IT people are constantly looking out for your company’s security.
Reason #3: Implement New Technology Faster
When you outsource your IT and need updates to be made to your technology, the professionals are going to be able to put that new technology in place much faster. They can also do these updates in off-hours that won’t interfere with your working day.
Reason #2: More Experienced IT Professionals
A company that focuses solely on IT is going to have all the right credentials and certifications in place that will allow you to have the most experienced professionals in your back pocket. A highly qualified MSP also has the most up-to-date training and ongoing education of everything involved in the technology sphere.
Reason #1: Less Expensive IT Costs
This is by far the most important reason in the minds of most companies, the bottom line. By not having your IT department in-house, you are going to be saving serious monetary resources. It’s just less expensive to outsource your IT costs with an MSP that works efficiently and allows you to pay only for the services your company needs from them.
by Felicien | Jul 26, 2019 | Education
How To Download Audio From Facebook Messenger
Facebook Messenger is one of the most popular chat and messaging services in the world. Increasingly, Facebook Messenger is increasingly being used to communicate using text, audio, and video.
However, a common question asked by users of Facebook Messenger is how audio files can be saved from within the messages app.
As it currently stands, the ability to save audio messages is not an integrated feature built into Facebook Messenger itself. Fortunately, there are a few reasonably easy ways to save audio messages to your desktop or laptop.
Method one: Open Web Inspector in your browser
The first method may seem a bit tricky, but it’s actually pretty easy once you get the hang of it.
First, find the audio message that you want to save within Messenger. Next, select “Develop” then “Show Web Inspector”. After that, you’ll want to select the “Network” tab and look for a file that starts with “audioclip-” followed by letters and numbers, and ending in “.aac”. Right-click or double-click on the file and it will download to your Download folder.
Once you’ve done that, the audio file will be saved to your computer, and can be shared or moved like any other file.
Method two: Mobile site hack
An alternate method involves using the mobile version of Facebook on your desktop computer. To do this, simply type “m.facebook.com” instead of facebook.com” as the URL. Once there, click on messages and find the audio file you want to save. Once you find it, click the down-facing arrow in next to the audio clip. As in Method one, you should see the file download to the Download folder on your desktop.
Hopefully, Facebook will eventually integrate the ability to save audio files in a streamlined and user-friendly way. For now, rest assured that the two methods described above will allow you to save audio files quickly and easily.
by Felicien | Jul 26, 2019 | Education
5 Incredible Benefits of Effective Managed IT Services
Managed IT services are one of the many ways an organization can choose to handle their IT needs. With managed IT services, a third-party handles the entirety of the tasks and responsibilities regarding managing IT and keeping the company running. The difference between this and many traditional third-party services is that it’s provided for a set cost. Instead of having access to an hourly consultant rate, you’ll be paying a flat rate monthly (or annually) in exchange for total coverage.
Every arrangement is slightly different and must be outlined very clearly in the Service Level Agreement (also known as the SLA). This document will arrange not only the cost structure, but also the exact services that are included in the partnership, and the metrics that are used to define success or failure.
There are many reasons that companies elect to go with managed IT services to handle their day-to-day needs. Here are five of the most compelling reasons:
1. Provides Total Alignment Between Both Parties
In a managed services agreement, both parties are aligned for maximum efficiency and performance. Since it’s not an hourly rate, the third-party is incentivized to handle your IT in an efficient and effective manner. Otherwise, they have to spend more time and manpower resolving your issues, which brings down their effective hourly rate.
Additionally, if they don’t live up to the metrics set forth by the SLA, they may be liable for penalties or even complete termination of the contract. In this way, it’s in both companies interest to do the very best job possible.
2. Focuses on Being Proactive versus Reactive
If you’re paying by the hour, the services you’ll receive are going to be reactive. When your company notices an issue, they’ll reach out to the third-party to help fix it. Managed services provide proactive support. Since they’re working for you no matter if there’s a problem or not, much of their time is spent preventing problems in the first place. This results in much smoother daily operations and the avoidance of problems that could potentially hurt your businesses but would be unavoidable with another type of arrangement.
3. Contains Simple Cost Structure
The simple cost structure of managed IT services will be much appreciated by your accounting department and whoever is setting the budget. Instead of seeing costs vary wildly by the amount of support required in a particular month, the amount will be a flat fee. You’ll also likely save a great deal of money versus hiring a fully functional team in-house since you won’t need to pay for things like recruiting, onboarding, benefits, and continued training.
4. Makes Projects Easier to Manage
When you need to roll out a brand-new technology or simply update an existing one, it can take a great deal of time and resources. This is especially true if the third-party isn’t used to the way your business operates each day and has to fit the entire roll out into a small window of time. If you have continuous support, however, it’s a much more manageable process. They can work on the project when they have a spare moment in the day. Since they’re fully integrated into your day-to-day processes, they’ll have a much better idea of how to implement a new system from end-to-end, including training and providing post-launch support.
5. Offers Access to True Experts
Unless you’re a massive organization, it’s unlikely that you can afford to recruit, train, and maintain the very best in the IT field. With an agreement with a top-notch IT firm, you gain access to experience and perspectives that you would be unlikely to otherwise access. These talented professionals will be able to help you with all of your IT needs, from daily maintenance to improving upon your existing systems and processes.
Managed IT services are only one of the many ways that a company can choose to handle its IT needs. However, it offers many advantages over some of the other options, including handling IT in-house and going with an hourly consultant-based fee schedule. If you believe that your business could benefit from controlled costs, improved support, and access to an incredible variety of IT talent, managed IT services might be the best option for your business.
by Felicien | Jul 25, 2019 | Education
What You Need To Know About OAuth Phishing Attacks
Amnesty International has reported that OAuth Phishing attacks targeted dozens of Egyptian human rights defenders since the beginning of this year. They are warning that these human rights defenders should be vigilant and contact them if they receive any suspicious emails.
“Since January 2019 several human rights defenders and civil society organizations from Egypt started forwarding dozens of suspicious emails to Amnesty International. Through the course of our investigation, we discovered that these emails were attempts to access the email accounts of their targets through a particularly insidious form of phishing known as OAuth Phishing … We estimate the total number of targeted individuals to be in the order of several hundreds.” Amnesty International
What Is OAuth Phishing?
The Egyptian authorities are using a new spear-phishing technique called OAuth phishing. OAuth is an industry-standard protocol used for authorizations. All computer users should beware of OAuth Phishing.
OAuth Phishing is being used to abuse the legitimate authorization feature of online service providers that lets third-party applications gain access to an account. OAuth is the protocol used by many companies, including Google, Facebook, Amazon, and Microsoft. It’s used to manage access to user data across these and other platforms.
With access to a user’s email account OAuth can add events or flight times to their calendars. The OAuth Phishing hackers use malicious third-party applications to trick users into giving them access to their accounts.
OAuth Phishing targets OAuth tokens instead of passwords. When a user grants a third-party app the right to access their account, the application uses the OAuth token instead of a password. Egyptian authorities are gaining unauthorized access and use third-party apps to compromise users’ accounts.
How Does OAuth Phishing Work?
The hacker uses phishing emails with fake security warnings from Google to trick victims into clicking on a malicious link. The victim is instructed to click the “Update my security now” button. When they do, they’re sent to a third-party application called “Secure Mail.” This prompts the OAuth process.
But that’s not all. They are then asked to give the “Secure Mail” app access to their Gmail or other accounts. They’re told to click on the “Allow” button. When this happens, the hacker gains access to the victim’s account.
Now the attacker can use a malicious application to:
Download other messages, attachments and files.
Search for and read their messages.
Install filters and forwarding rules.
Inject macros into Word documents.
Access users’ contacts.
Get into OneDrive and search for downloaded files.
Extract emails by searching for keywords.
Setup malicious Outlook rules.
Amnesty International warns that these OAuth phishing attacks also target users’ Yahoo, Gmail, Outlook and Hotmail accounts.
How Can You Prevent Your Employees From Being Victimized By OAuth Phishing?
The best way is to be educated. Security Awareness Training is the go-to solution to keep employees informed about security threats and how to avoid them. But, because OAuth phishing can be difficult to detect and the victim authenticates through a legitimate site, people are still being tricked.
OAuth Phishing can be hard to identify. And, even with Security Awareness Training, people are being tricked. They’re trained to look for suspicious website URLs and to use Two-Factor Authentication. But these tactics don’t work to prevent OAuth phishing.
Phishing messages can convince users to click links that deliver malware or reveal their user credentials. Now with new tools, OAuth is being used for this. The account can be accessed until authorization is explicitly revoked. Not even password resets or using 2-factor authentication will work to stop it.
Train and test your users to:
Spot phishing messages and specifically OAuth phishing messages.
Know how to submit suspicious email messages if they find them.
Defend and respond to OAuth attacks.
Along with Security Awareness training, companies must ensure that their IT service companies have set up the technology, policies and remote monitoring and management to detect these OAuth attacks.
What Does OAuth Recommend?
You can visit this page for security guidance. They say that if a suspicious or malicious third-party application is found in the OAuth environment that all permissions should be revoked. Then review remote monitoring logs to learn what was compromised.
They also suggest that you:
Limit the number of third-party applications that can be accepted.
Disable any third-party applications that you don’t need.
Search and monitor all third-party applications that have been approved for use, and check for suspicious activity.
If you use Microsoft Office 365, be sure to monitor your application permissions in the Cloud App Security.
The Bottom Line
All of your employees should be educated about the dangers of OAuth and other phishing attacks. They should always use best practices and only access applications that they trust.
Also, make sure that you and your IT provider periodically review the list of applications that you use. Revoke access to all applications that you no longer need.
