by Felicien | Jul 10, 2019 | Education
Without the ability to quickly and easily access the right business productivity software, your office is likely to come grinding to a halt. The basic tools and functionality that businesspeople utilize throughout the world are something that we are so used to we often forget it is there — until something happens and it’s not working! With the latest release of updates to the perennial favorite Microsoft Office suite of software, there are two key options for obtaining licenses and many businesses struggle to determine which is right for their needs. While the core functions of the platforms are nearly identical, there are significant differences in the pricing models as well as how often you receive updates to the software. This quick overview will help you select between the two primary options for Microsoft Office based on your current needs and where your business is headed in the future.
What Is the Difference Between Microsoft Office 365 and Office 2019?
There are a few key differences between the two versions of this most popular business productivity software suite. Office 2019 provides the core functionality of Microsoft Outlook, Access, Excel, Word, PowerPoint and OneNote. This perpetual, on-premise license is valid for a single device and named user. While transferrable, this more traditional license model does have some serious limitations. You won’t receive support, you won’t receive improvements and you’ll be missing some of the cool new AI and cloud features. What you gain is a one-time purchase of software that your business can safely use for years.
With Office 365, Microsoft generously provides a set amount of storage space per license and the licenses are valid for up to 5 total devices so you’re able to work with more flexibility. This includes fully-featured mobile versions of the popular Office software as well as real-time collaboration tools and Skype minutes. New features, patches and bug fixes are dropped on a regular schedule and there are several different plans available so you can select the one that most closely meets your needs.
Which Microsoft Office Option is Best for Startups?
Startup businesses are often running lean and mean, making it difficult to make an early investment in business software. With Microsoft Office 365, you’re able to make a smaller monthly investment in your business software, while funneling any additional funds back into growing your business and attracting customers. Microsoft offers several attractive options for businesses that are just getting started, such as their Microsoft 365 solution, that brings together office productivity software plus Windows platform, cybersecurity options and device management. With a monthly or annual subscription, you will always have the right number of licenses as your business grows and won’t be overpaying for licenses that you’re not quite ready for yet.
Which Microsoft Office Option is Best for Small Businesses?
While it’s relatively easy to make a selection for business startups, small businesses might find that there’s a slightly different value proposition to consider. Some businesses are small simply because they’re in a period of growth and are still scaling up, while others are mature businesses that are considered small by design. If your small business is still in growth mode — regardless of the age of your business — you might be better off selecting Microsoft Office 365 or Microsoft 365 to support all of your business needs. These scalable solutions receive updates in real-time as they’re released and ensure that you are fully covered for all upgrades in the future.
Small businesses that are stable in size and have a fair amount of upfront capital available for purchase may find that the perpetual license option with Microsoft Office 2019 is more attractive. While you’re still receiving the full desktop versions of all the office software that your team needs to be productive, you can save money over time as many businesses keep their Office suite for multiple years without an upgrade. This isn’t necessarily recommended, even though critical security patches will still come through. You might be missing out on new functionality that will help your business move more swiftly or collaborate more cleanly internally and with external customers.
Which Microsoft Office Option is Best for Mid-Size Businesses?
Businesses that are in a stable growth pattern often reach for the more flexible software alternative that leaves resources free to re-invest in the business — Microsoft Office 365. As organizations mature, they are more likely to be multi-site and have more complex needs for management of their licensing, and also the added complexity involved with a larger pool of staff members. With Office 2019, some staff may find that the options are too limiting such as the inability to utilize popular programs on their platform of choice. Windows 10 and MacOS are the only two operating systems supported with Microsoft 2019, and customer support is not available. When you contrast that with the full support for Office 365 and the flexibility to also utilize older Windows operating systems, mid-size businesses may find that Office 365 is a better value for their organization.
There are no hard and fast rules about which solution is right for your business. If your organization runs on multiple platforms with professionals who need to be productive regardless of their physical location, Office 365 may be a better fit. More traditional office settings where there are limited changes and a fair amount of capital to invest may discover that Office 2019 perfectly suits their needs. Microsoft Office is still the choice for the vast majority of business users throughout the world, meaning new employees will be comfortable — and productive — right away.
by Felicien | Jul 9, 2019 | Education
Did you know that your Macintosh webcam could have been hijacked? A serious security flaw in the Zoom video conferencing application joined Mac users to video calls without their permission.
A vulnerability in the MacZoom client allowed malicious websites to enable Mac cameras without users’ permissions. This is a serious flaw that was thankfully discovered by Jonathan Leitschuh.
Jonathan Leitschuh, a US-based security researcher, reported this serious zero-day vulnerability. It allowed any website to forcibly join someone to a Zoom call, and activate their video camera.
Plus, he said that the vulnerability let any webpage cause a Denial of Service (DOS) by repeatedly joining the Mac user to an invalid call.
Even if the user uninstalled the Zoom application from their Mac, it could be re-installed remotely.
What Should Mac Users Do?
To fix this particular issue, Leitschuh advised that Mac users with the Zoom application installed, update it to the latest version of Zoom and then check the box in settings to “Turn off my video when joining a meeting.”
A computer webcam is always a potential gateway for security intrusion. This is why some users put a piece of tape over their webcam just in case.
Zoom Has Since Patched The Vulnerability
The vulnerability has been patched; however, the flaw could have exposed up to 750,000 organizations around the world that use Zoom.
Leitschuh said that the Zoom vulnerability was originally disclosed on March 26, 2019, and that a “quick fix” from Zoom could have been implemented to change their server logic. However, it took them 10 days to confirm the vulnerability. And, it wasn’t until June 11, 2019, that Zoom held their first meeting about how to patch the vulnerability. This was only 18 days before the required 90-day public disclosure deadline.
He said that he contacted Zoom on March 26, giving them the public disclosure deadline of 90 days. Zoom patched the issue, so a webpage couldn’t automatically turn on a webcam, but that this partial fix regressed on July 7th, allowing webcams to once again be turned on without permission.
What Was Zoom’s Response?
“Zoom installs a local web server on Mac devices running the Zoom client…This is a workaround to an architecture change introduced in Safari 12 that requires a user to accept launching Zoom before every meeting. The local web server automatically accepts the peripheral access on behalf of the user to avoid this extra click before joining a meeting. We feel that this is a legitimate solution to a poor user experience, enabling our users to have seamless one-click-to-join meetings, which is our key product differentiator.”
Zoom also reported that they had no record of a Denials of Service or this type of weakness being exploited. They said that they fixed the security flaw back in May.
by Felicien | Jul 9, 2019 | Education
There are everyday warriors in businesses across the country, but these individuals may never have worn the uniform of their country. This next generation of cyber warriors is being groomed by organizations of all sizes in an attempt to overcome the growing skills gap in the cybersecurity world. While many current cybersecurity analysts started in general IT, there are individuals throughout the business and technology world that are moving towards this lucrative career path. Unfortunately, there are few set career paths already in place and no firm list of skills to develop to move in this direction. See what Under Armour’s VP & CISO, Matt Dunlop, is doing to arm the next generation of cyber warriors that he knows his organization desperately needs.
Background of a True Cyber Warrior
One of the key reasons that Matt Dunlop sees the value of developing these skill sets is because he’s worked throughout the fields of mathematics and computer engineering since his time in the U.S. Army as a colonel. After starting as a network engineer, he further developed his skills by completing a master’s degree in computer engineering and ultimately a doctorate in a related field. When the U.S. Army Cyber Command was created, he was a logical choice to help stand up this new division — partially due to his status as a computer science educator at West Point. In his position as CISO with Under Armour, he’s able to bring together his passion for teaching and marry it with his deep knowledge of technology and cybersecurity. “As we look into the future and project this huge job shortage, companies are looking for the silver bullet,” says Dunlop. “But I look at it as a long game.”
Creating Lifelong Learners
Cybersecurity is an ever-changing landscape and one that doesn’t have a set career path or an endpoint. Dunlap is currently working with the National Cyber Education Program to help create a generation of students that are interested in the exciting field of cybersecurity. There is a major deficit of individuals who have the breadth and depth of knowledge that would allow them to effectively provide cybersecurity protection for an organization. Sparking the interest of the next generation of smart workers is crucial, especially as automation takes the place of low-level activities and leaves plenty of room available for strategists and individuals who are able to implement more complex — and therefore more challenging — environments. Historically, cybersecurity professionals begin as entry-level IT professionals and work their way through the ranks to ensure that they gain the necessary knowledge about infrastructure and integrations to help protect an organization from both malicious actors and internal business challenges.
Cloud is Changing the Face of Cybersecurity
As cloud-based applications gain prominence in today’s business world, cybersecurity professionals will need a better understanding of data and integrations as well as hardware and servers. Transitioning from general IT to cybersecurity requires in-depth knowledge of how and where weak points can occur in an organization’s security net. From next-generation firewalls to strategies for warding off malware and phishing attacks, there are integration details that require recognition of how data flows throughout your business — and beyond. Pulling together information from disparate cloud-based platforms leaves a fail point that needs to be monitored, especially when you consider the proliferation of third-party vendors in the business ecosystem. Each link in the chain that passes data between organizations and customers must be analyzed and monitored for compliance and security throughout the sales and manufacturing cycle.
Arming the next generation of cyber warriors starts with firing the imagination of generations of children and young adults as they enter the formative years of their education. Cybersecurity is an exciting career path and one that will continue to morph as threats emerge. Encouraging staff members to become lifelong learners is one of the shorter-term ways that Dunlop encourages individuals to enter the cybersecurity field, but he is the first one to recognize that we need a broader group of future professionals to enter this critical field and support the security of businesses in the future.
by Felicien | Jul 9, 2019 | Education
A recently discovered security vulnerability could leave Mac users exposed to malware disguising itself in other programs. If your business relies on Mac, it’s important to know how you can protect your company from falling victim to a cyberattack.
What is the Security Vulnerability?
In early 2019, security expert Filippo Cavallarin discovered a bug in Apple’s Gatekeeper functionality. Gatekeeper is a service that inspects apps that you want to install on a device to ensure they are certified by Apple. If not, you’ll get an “are you sure?” message before you complete the installation.
Cavallarin discovered that there’s a flaw that lets untrustworthy apps trick Gatekeeper into giving the all-clear signal, meaning you never get that “do you really want to do this?” alert.
Instead, once bypassed, you will get a simple, “please download” message, which could contain a zip file that once unpacked, connects back to the hackers’ server.
Cavallarin gave Apple 90 days to repair the flaw, but Apple did not, leading the researcher to disclose the exploit himself in late May. The vulnerability affects all macOS versions. As of this posting, Apple has yet to address the vulnerability.
How Can the Vulnerability Be Exploited?
In late June, cybersecurity companies began noticing the first identified attempts to bypass the Gatekeeper function, now dubbed OSX/Linker. The first identified attempts were believed to be a test to see if the flaw can truly be exploited and worked by writing something to a text file on a compromised computer. Those test runs were signed with certificates used by known adware producers behind the OSX/Surfbuyer malware.
At present, it does not appear that the OSX/Linker malware has taken root outside of test environments.
The identified malware attempts also used a common technique used by malware writers. In a second strain discovered, the malware was disguised to look like Adobe Flash Player installers, a tried and true approach that tricks Apple users into downloading malware when they think they’re downloading a routine software update.
The second strain of malware, dubbed OSX/CrescentCore, checks to see if there’s evidence of common third-party anti-malware software and tools that reverse engineer code on a computer. It also checks to see if it’s being installed on a virtual machine. If so, it will not install itself. Researchers have already found OSX/CrescentCore on multiple websites. It’s also disguised as an Adobe Flash Player installer.
CrescentCore also appeared via high-ranking Google search result listings, which redirected multiple times to a suspicious website.
Once installed, OSX/CrescentCore installs a LaunchAgent folder in a Mac Library folder that includes code to be run every time a user logs in.
It appears the malware coders got access to an Apple Developer ID to deliver the sample code in some instances.
Another identified exploit, called OSX/NewTab, inserts new tabs into a Safari browser session. The injected tabs can contain loaders or malware packages.
One danger of this potential malware is that the embedded code on disk images points to a malicious app on a single linked server. That means that a malicious app could be distributed more easily at any time.
Aren’t Apple Computers Virus-Proof and Much Safer than Windows and Other Operating Systems?
It’s a longstanding myth that Macs are inherently safer than Windows PCs. In recent years, hackers have increasingly targeted Apple operating systems to exploit vulnerabilities.
In February 2018, for example, OSX/Shlayer was discovered, yet another Adobe Flash Player scam that would download additional adware and malware. Similar to the newly discovered threats, it also looked for installed anti-malware software. The year also brought the discovery of OSX/MaMi, which pointed an infected computer to a server allowing them to access websites, even those with encrypted traffic.
June 2018 was an active month for malware discovery. There were several types of malware that exploited a Firefox browser vulnerability. A cryptocurrency miner was discovered embedded in pirated copies of audio software, making it possible to take over a Mac’s processing capabilities to mine.
What Can My Business Do To Protect Our Systems?
There are several security steps to take if there are Apple operating systems in play on any devices connected to your business network.
Stick to What You Know and Trust
Make sure you stick to apps you know are certified by Apple or are from highly trusted sources. Be suspicious about any apps that are downloaded from an unrecognized source, too.
Scan Your System
Make sure that your anti-virus programs have added the OSX/Linker vulnerability to their detection registries. Many commercial and free anti-virus apps and tools have already added the vulnerability to their known threat lists.
Don’t Install Adobe Flash Player
It’s really not necessary or helpful to install Flash at this point, as Adobe is discontinuing the product and will stop releasing security updates after 2020.
Partner for Security
No matter what operating systems your organization uses, you need comprehensive network and data security. Partnering with a valued managed IT services company gives you the security and confidence that hardware and software are protected and monitored constantly. With next-generation firewalls and best-in-class anti-malware protection, you can keep hacker threats contained and minimized.
by Felicien | Jul 9, 2019 | Education
Microsoft Office products have become ubiquitous throughout a range of industries, and there are more choices than ever before to find the suite of professional office software tools you need to run your business effectively.
While you can still find Office products available for a single licensing fee (Office 2019, for example), most businesses are turning to Office 365 as a subscription software solution that offers a range of powerful tools, including cloud storage and seamless sharing integration across devices.
But if you’re ready to move forward with a subscription-based Office 365 solution, you’ve still got to narrow it down for the right product. Will your business benefit from the Business or Enterprise option? If you choose Enterprise, which level makes the most sense for your organization? Read on for a breakdown on how to choose the best Office 365 product for your team [OPTIONAL CTA] and feel free to reach out to us at any time for support or guidance in making the transition to Office 365.
Choosing Between Office 2019 and Office 365
The key distinction between Office 2019 and Office 365 is connectivity. Office 2019 is different in the way you purchase and use it, but more importantly, it does not offer any of the cloud-connected features of Office 365. For businesses wishing to utilize the power of cloud storage as well as greater choice in terms of features and connectivity, the subscription-based Office 365 is the way to go.
Business vs. Enterprise
If you operate a small business, you can find several Office 365 Business options that provide licenses at a set rate per user for up to 300 users. Select either basic plans that focus on cloud storage solutions to more advanced options that also include desktop access to products like Microsoft Word and Excel, as well as cloud collaboration system, SharePoint. Opting for Office 365 Business is a good move if you’re keeping an eye on your budget, but still want to access many of the staple features that Office has developed over several decades. To take full advantage of the cloud tools, larger businesses will want to opt for Office 365 Enterprise options, which offer unlimited data storage, including archive and mail storage. Enterprise plans also allow for greater interaction and collaboration across platforms like SharePoint, which is another bonus for larger companies with employees in multiple sites.
Which Enterprise Level is Right for Your Business?
If you run a larger business, or have a small business with high data storage needs, then choosing Office 365 Enterprise is probably the right choice. Microsoft currently offers 3 levels of service: E1, E3 and E5.
The first level, E1, offers basic office tools, including Word, Excel, and SharePoint, at a reasonable monthly rate. E3 includes these tools as well as additional connectivity–and the protection to go with it. Data loss prevention and encryption are among several tools that Office 365 customers at the E3 level will be able to take advantage of. To consolidate your entire suite of digital solutions into one overarching tool, the E5 level of Office 365 Enterprise includes advanced protection for your company’s data, plus communication tools and video conferencing platform options to best accommodate larger business and keep them in compliance.
As you find the right next move for your organization, feel free to reach out to {company} today to assess your needs and the potential solutions that today’s Office products can provide.
