by Felicien | Sep 28, 2018 | Education
Facebook Was Breached
Were You Or A Facebook Friend Affected?
Facebook has confirmed that more than 50 million user accounts have been breached. They made the announcement today, Friday, September 28th. However, their engineering team discovered the security breach back on Tuesday, September 25th, 2018. They tell us that the vulnerability has been fixed and the breach was reported to the appropriate authorities.
How Did This Happen?
Hackers stole users’ access tokens through Facebook’s “view as.” This is a feature that lets you view what your profile looks like to other Facebook users. The flaw in this feature allowed hackers to take over 50 million user accounts.
If you’re like me, you may have received notices from some of your Facebook friends this week that someone took control of their accounts. Perhaps they were affected by this breach.
What Are Access Tokens?
These are the digital keys that keep us logged in so we don’t need to re-enter our password every time we use Facebook. With this information, hackers can take over our account.
Here’s how Facebook explains what happened:
“Attackers exploited a vulnerability in Facebook’s code that impacted ‘View As,’ a feature that lets people see what their own profile looks like to someone else. This allowed them to steal Facebook access tokens which they could then use to take over people’s accounts.”
What Now?
Facebook reset the tokens of all those affected. They also logged off 40 million additional users as a precaution. If you are one of these people, you’ll need to log back in the next time you use Facebook.
According to Facebook, their investigators are in the early stages of their investigation. They are temporarily turning off the “View As” feature while they conduct a thorough security review
What Should You Do?
If you have trouble logging back into Facebook, or you forgot your password, visit Facebook’s Help Center.
If you’re like me, you take extra precautions when you hear about breaches like this. If you want, you can visit the “Security and Login” section in Facebook settings. It lists the places where you’re logged into Facebook with a one-click option. If you choose, you can log out of them all.
by Felicien | Sep 28, 2018 | Education
The September update of Office 365 includes some major additions and changes to tools such as Microsoft Teams, PowerPoint, and Excel, just to name a few. It is important to keep up with these developments, so here is a list of the major advancements of which you need to be aware.
Microsoft Teams: Skype, Selective Do Not Disturb, Wiki App
Many users have been looking forward to the day when Skype is integrated into Microsoft Teams, and that day has finally come. You can now use Microsoft Teams for cloud-based meetings that can have up to 250 participants, powerful messaging features, and some awesome calling features.
One of the most practical additions to Microsoft Teams is to set up a selective Do Not Disturb status so that some people can still feel free to reach you (e.g., your supervisor or manager).
It’s simple to setup: Click on your avatar, Settings, Privacy, and then select the individuals who you still want to receive notifications from.
Another one of the new updates in Microsoft Teams is the Wiki app, which can be accessed through the left-hand navigation panel using the More Apps ellipsis. This app allows you to see the wiki pages you are a part of, keep track of your own private notes, and see the notes you’ve most recently been editing.
PowerPoint: Embedded Fonts
Have you ever prepared a presentation on one computer and had it looking just perfect, only to open it up on another computer and the fonts looked totally different? There is a way to keep this from happening: embedding the fonts in the PowerPoint deck when you save it.
Go to Save As > Browse > and then go to the Tools drop-down box in the bottom corner of the dialog box. In the Tools drop-down, click on Save options. Toward the bottom of the box that pops up, you will see an option to “Embed fonts in the file.” Check that box, then click OK and save as you normally would.
This option used to be only available on Windows devices, but the new update of Office 365 also makes it available on Office for Mac for Office Insiders. To access it on a Mac, go to the PowerPoint menu and click on Preferences, then Save. The Font Embedding option will be in the dialog box that appears.
Excel: Flow Integration
Microsoft Flow has been integrated with Excel, and is accessible via an Excel add-in. This will allow you to connect your data to services like Microsoft Teams, Twitter, SharePoint, Dynamics 365, Office 365, and more. You will be able to create and trigger on-demand flows for selected rows in spreadsheets that are hosted on OneDrive for Business or in SharePoint.
With this integration that uses the ‘For a selected row trigger’ and the Flow launch panel, you can create and trigger on-demand flows for selected rows in any Excel table on spreadsheets hosted in SharePoint or OneDrive for Business.
Access: Improved Visualization Tools
Users have been requesting more visualization tools for their data contained in Access, and that is exactly what Microsoft has provided. Not only have charts been made easier and more intuitive to create, but additional chart types have also been added. For power users who developed their own Active-X solutions to the challenge of creating charts for forms and reports, their solutions will continue to work.
Power BI: Export to PDF
This is another update that came about as a result of user feedback: the ability to export Power BI reports in PDF format where they can be shared with others. This will only be available in the desktop version of Power BI for right now.
Microsoft has also added an “Ask A Question” to the Power BI Desktop which will be globally available in the client. What this means is that you can use natural language queries to explore your data and allow report users to ask their own questions.
SharePoint: More Granular Control for IT Admins
In previous releases, if a group of users was not allowed to create Office 365 groups, they would be limited to creating Classic SharePoint sites. They could not create modern SharePoint sites. The new release has changed this: the IT administrator determines who can create classic SharePoint sites, who can create modern SharePoint sites, and who can create Office 365 groups.
Security
Microsoft Cloud App Security is a powerful tool that evaluates every app used in terms of industry-specific standards, compliance, and regulatory certifications. The goal of this is to make sure that your company can make informed decisions on the type of apps that are most appropriate for not only your needs, but your security. This new release also checks for GDPR compliance and can generate a C-level report on critical findings.
Conclusion
While this isn’t an exhaustive list of all the new features and changes available in the September update of Office 365, it does present the ones that are going to have the greatest impact. However, it’s always a good idea to be cognizant of new developments even if they don’t directly impact your daily work.
by Felicien | Sep 28, 2018 | Education
After decades of avoiding the use of innovative technologies, many law firms are implementing IT into their operating procedures to streamline their services. Clients have demanded more convenient interactions with their counsel. Additionally, with extensive amounts of data, firms need to keep pace with ever-changing legal regulations. They must remain in compliance and address perceived incidents rapidly. The legal sector has responded by striving to catch up with contemporary automated methods that other fields have used for years.
As with any other endeavor, some offices have adapted more quickly than others. Presented in no particular order, here are several law firms that are leaders in their use of technology.
Akerman LLP
A subscription-based product, Akerman Data Law Center uses Thomson Reuters research and Neota Logic Software to provide automated legal advice in response to data breaches. In fact, in December of 2017, former CEO Andrew Smulian was named a Top 10 North American Innovator in Financial Times.
Jackson Lewis P.C.
Jackson Lewis P.C. has more than 200 lawyers named to the 2019 Edition of The Best Lawyers in America©. It has also been named by “Working Mother Magazine” as one of the “Best Law Firms for Women.” It is no surprise that the firm uses cutting-edge technology.
Jackson Lewis has developed workthruIT ®, which is an award-winning, online tool suite and digital solution to workplace regulation challenges. It also takes security seriously. The firm works with a third-party security provider to offer services to assist small and mid-sized companies. It focuses on addressing and rectifying data breaches.
Allen & Overy
Allen & Overy partnered with two other law firms to forward open standards around smart contracts through the Accord Project. Promoting collaboration between attorneys, clients, and technology companies, Fuse (the firm’s technology hub) has supported over eight start-up businesses. In fact, with its involvement in a range of legal technological improvements, it is somewhat of an incubator for innovation.
Drinker Biddle & Reath
One of the first firms to implement technology to streamline its daily operations, Drinker Biddle & Reath introduced the role of Chief Data Scientist in 2015. Since that time, it has added the following:
Analytics for client data and business advising
Predictive data models
Tritura Information Governance, its own e-discovery operations
Drinker Biddle & Reath is truly one of the legal trend-setters, leading the way.
Perkins Cole LLP
Along with serving technically astute companies, such as amazon, Avvo, and Netflix, Perkins Cole LLP uses IT to improve customer service for its legal clients. The firm developed the webinar series “Understanding the Legal Implications for Artificial Intelligence,” for algorithm training. It also partnered with Elevate to create a platform for patent prosecution management. These are just a couple of ways Perkins Cole continues to push the envelope.
Baker & Hostetler
The innovative firm of Baker & Hostetler has been on the cutting-edge of technology integration. Along with its involvement in the Accord Project, which promotes open standards around smart contracts, this firm offers webinars on the following topics:
Artificial Intelligence: How to Leverage IT in Your Legal Department
Blockchain and the Manufacturing Industry
GDPR Compliance – Employees, DPI Assessments, and M&A Transactions
The firm’s clients also benefit from the Ransomware Response Team that addresses cybersecurity threats.
Crowell & Moring
A committee of 11 attorneys and 40 core members of consultants and technologists work with Crowell & Moring’s Digital Transformation group. Among other areas, the firm’s expansive approach includes the following:
Artificial intelligence
Cybersecurity
Robotics
The client-facing group focuses on autonomous, automated technologies to improve security and streamline processes.
Slaughter and May
A review from Chambers, U.K. in 2012 states that, “Commentators say the firm is an ideal choice for innovative and valuable work, and it is known for its ability to devise new structures to satisfy the complex needs of its clients.”
One of the first legal investors in AI, Slaughter and May entered the market with Luminanace in 2016. Since then, it has continued in a leadership role promoting the responsible deployment of AI in business. At the same time, it has grown an impressive list of law firm clients.
Winston & Strawn LLP
Choosing to take on the bulk of its operations in-house, Winston & Strawn has been handling its own e-discovery since 2015. With increased success and confidence, the firm developed a full-service consultancy. It created a data-centric practice to work its way into the analytics space. In fact, according to The American Lawyer, 30-percent of its projects are for lawyers working outside of the Winston & Strawn law firm.
In Conclusion
Some companies create technology in an effort to keep all research and discovery in-house. Others have branched out to consult and address data breaches for attorneys around the world. From building out applications for compliance to pay equity, or developing programs for streamlined communication and data maintenance, innovative legal firms are leading the way with their successful implementation of technology.
by Felicien | Sep 27, 2018 | Education
OneNote is a free application from Microsoft that allows you to collect notes in a variety of formats – handwritten text, typed text, digital drawings, photographs, links, screenshots, videos, and audio files – and organize them, share them, and use them to create other documents. OneNote is an excellent app whether you take notes in a classroom, convention hall, or business meeting. However, the usefulness of OneNote is greatly increased when you use a tablet with it. The two top competitors on the market today are the Surface Pro and the iPad Pro, and both are compatible with OneNote.
OneNote on a Surface Pro
Because the Microsoft Surface Pro is a Windows device, there are many more apps available that are compatible with OneNote. It works like a Windows PC, which means you can run the basic OneNote App available in the Microsoft Store. This is also true for the Surface Pro.
One of the benefits of the app is the ability to easily add pictures to your notes using the Surface Pro’s camera. Just keep in mind that the photo quality may not be very good, especially in conditions with little light. The iPad Pro offers a much better picture-taking (and editing) experience compared to the Surface Pro.
On a Surface Pro, the typical battery life is about 7 hours, which could leave someone looking for an outlet near the end of the workday even if they charged it the night before. However, the battery life is considered an improvement over the previous versions of the Surface tablet.
One of the key benefits of the Surface Pro is its physical, tactile keyboard a part of the cover. The Surface Pro does need to be docked in order to use the keyboard, but it is an option that isn’t available with an iPad Pro. Note that the keyboard can be tilted at a slight angle when used. These features would be very important to someone who plans to type their notes into OneNote rather than write them.
The ability to lay the Surface Pro screen almost flat while it is still attached to the keyboard works extremely well for adding handwritten notations to something you are working on in OneNote. Of course, the screen can be completely detached from the keyboard when needed.
Note that one of the commands available on the Surface Pro tablet that isn’t available on the iPad Pro is the Add/Remove Space command located on the Insert tab. This makes the process of rearranging the content in your notes very easy.
OneNote on an iPad Pro
Compared to the Surface Pro, the iPad Pro is both lighter and thinner, making it easier to carry around, more mobile, and easier to hold for notetaking. This can be a major benefit for those who have to spend extended time taking notes without the convenience of a desk or table. The battery life of an iPad Pro averages about 15 hours, almost twice that of the Surface Pro. This is great for users who often struggle to find an outlet to charge their device.
One of the outstanding features of the iPad Pro is the Apple Pencil. The Apple Pencil glides very smoothly and is better at capturing handwriting when compared to the Microsoft Surface Stylus, which is a great bonus for OneNote users that depend on handwritten notes. It also has a solid tip, unlike the soft tip of the Surface Stylus. The size of the tip is also slightly larger on the Pencil.
Another plus of the Apple Pencil is that you don’t have to switch tabs to erase something. Rather, you can simply flip the Pencil over and use its eraser. The lasso tool can also be turned on instantly by using the magnetic button on the Pencil.
Unlike the Surface Pro, the iPad Pro allows you to take very high-quality photos even in low-light conditions. You can then easily add them to your OneNote document, as well as zoom, crop, and focus them. This is very useful for capturing content-heavy slides during a presentation or extensive notes someone has written on a whiteboard. Also remember that the Add/Remove Space command is not available for the iPad Pro, and this can make it difficult to rearrange content you have added to your notes.
Conclusion
Both the Surface Pro and the iPad Pro work extremely well with the OneNote app, but only the Surface Pro can be used with the full-fledged desktop version of OneNote (aka, OneNote 2016). The Surface Pro offers the Add/Remove space command, a tactile keyboard, and the ability to easily switch between typing in notes and writing notes. The iPad Pro, on the other hand, offers a much better writing experience when the Apple Pencil is used and the Pencil offers more functionality for things like erasing text and lassoing content. Both tablets, however, are ideal for notetaking.
by Felicien | Sep 27, 2018 | Education
Microsoft makes it clear that with each fresh release of Windows 10 there will be new features added – and some features that will be dropped. Here is what you need to know about the features that Microsoft is dropping or stopping development for, and what the alternatives are, for the October 2018 release.
The Difference Between Being Dropped and Stopping Development
The Windows 10, version 1809 release is coming out in October, and with it will come some very interesting changes. As we have come to expect from Microsoft, some features will be dropped altogether, some will be dropped and replaced, and some will no longer be developed. Dropped features will not be available under the new Windows release, having been replaced with something better or simply removed because they are not used anymore. When a feature is no longer going to be developed, there is a strong probability that it will be dropped in later releases. For the time being, however, it means that the feature is not going to be further developed by the Microsoft team.
Business Scanning Dropped
Business Scanning, also known as Distributed Scan Management (or DSM), is a secure scanning management feature for organizations that have many different users. It is being dropped for the simple reason that there are no longer any devices that support it and thus it is no longer needed.
Disk Cleanup Tool Dropped
The Disk Cleanup Tool has essentially been replaced by Storage Sense in Windows 10 and is being deprecated in this release. Storage Sense will both monitor and automatically free up space on your hard drive.
Hologram App Dropped and Replaced
The Hologram App is being dropped but will be replaced with functionality within the Mixed Reality Viewer. For those that still need to create 3D word art, Microsoft recommends using Paint 3D and viewing the resulting work using Hololens with the Mixed Reality Viewer or in VR.
FontSmoothing Setting in unattend.xml Dropped
The purpose of the FontSmoothing setting was to allow selection of the antialiasing strategy to be used across the system. Windows 10 now uses ClearType by default, so this setting is no longer needed. If it appears in an unattend.xml file, it will simply be ignored. Dropping this particular feature should cause no foreseeable problems for users.
Limpet.exe Dropped and Replaced with Open Source
The limpet.exe is a tool used to access the Trusted Platform Module (TPM) for Azure connectivity. Microsoft has decided to release limpet.exe as open source.
The Phone Companion App Dropped
One of the features that users can expect to see dropped is the Microsoft Phone Companion App. This useful app acted as a basic guide on how to get Microsoft services on your phone. This included things such as synching your media files and documents, installing apps, or using Cortana.
Microsoft has said that new replacement apps are in development, one for iPhones and one for Android phones. In the meantime, Microsoft recommends using the Phone page available under Settings to accomplish the same thing.
Updates Through the WEDU Server
Microsoft will no longer publish new updates to the Windows Embedded Developer Update (WEDU) server for Windows Embedded 8 Standard and Windows Embedded Standard 8. Updates should be downloaded from the Microsoft Update Catalog.
Trusted Platform Module Management Console Moved
The information that used to be found in the Trusted Platform Module (TPM) Management Console has been moved. The same information is still available, but now under the Windows Defender Security Center on the Device Security page.
Companion Device Dynamic Lock APIs Development Ends
In Windows 10, version 1709, Microsoft introduced Dynamic Lock as a part of the companion device framework (CDF) APIs. It would lock or unlock a PC based on whether Bluetooth could detect a user present. This particular CDF method was not adopted by third-party partners and therefore it is no longer going to be developed.
OneSync Service Development Ends
Another app whose development is coming to an end is the OneSync service Calendar, Mail, and People apps. Microsoft has now added a sync engine directly to the Outlook app that makes OneSync unnecessary.
Snipping Tool Development Ends
While the Snipping Tool isn’t being dropped from the new release, Microsoft has announced that it will no longer be actively developed. A new tool called Snip & Sketch (formerly known as Screen Sketch) is being introduced in this release. The functionality of the Snipping Tool will be consolidated with Snip & Sketch, which means even more functionality.
Conclusion
The new Microsoft Windows 10 Release that is coming out in October includes quite a few changes. Fortunately, most of the tools and apps that are being dropped are either no longer in use or have a solid replacement waiting in the wings. The same can be said for the services, tools, and APIs whose development has ended.
by Felicien | Sep 27, 2018 | Education
In today’s world, technology can be found nearly everywhere. As more advanced technology continues to pervade society, it is increasingly important to ensure proper steps are taken to keep people safe. In fact, recent efforts have been made to improve this. For example, a bill has been introduced that will set cybersecurity standards for all devices connected by the Web.
This is particularly important as the number of these products continues to increase rapidly. Additionally, innovative yet malevolent hackers find or develop new ways to take advantage of these weaknesses. This often results in a security breach, loss of productivity, and even financial manipulation, etc.
As with many policies, including ones regulating transparency and protecting privacy, once again California leads the way. The bill easily passed through the Senate. Once it is signed by democratic Governor Jerry Brown (if, and when it is), this will be the first state to pass laws that govern the security of the “Internet of Things.”
What Is the Internet of Things?
Coined in the 1990s, the phrase “Internet of Things” (IoT) refers to the system of connections of seemingly benign items in your home or office, or on your person that use the Internet. These do not include devices like computers or smartphones, which obviously use the Internet. Instead, it is the network of devices, appliances, vehicles, and other items that have actuators, connectors, electronics, sensors, and software installed.
Examples of IoT devices include the following:
Baby monitors
Driverless car or truck
Fitness bands
Lightbulb controlled by a Smartphone app
Motion sensor
Smart thermostat
Smartwatches
Some toys
Webcams
Small appliances
IoT creates opportunities for the appliance or device to connect and exchange data without human interaction. This makes their use very convenient, as it allows them to have more direct interaction with the physical world.
Unfortunately, this also leaves them vulnerable to the attack of malicious hackers.
Years ago, crowd-sourcing cybersecurity firm Bugcrowd’s founder Casey Ellis warned, “It’s important for [Internet of Things] vendors who haven’t prioritized security to take this escalating series of attacks as a wake-up call. We’re entering a period where there could be a very real, calculable, and painful impact upon having insecure products.” California lawmakers are finally taking note.
How Is California Leading the Way to Better Cybersecurity?
The new California bill will require manufacturers to install “a reasonable security feature or features” into all connected devices. It also specifies that these items have passwords that can be reprogrammed by the owner to improve security. Most products are not currently equipped with these safeguards.
What Are the Three Outstanding Complaints about the Bill?
There are several aspects of the bill that naysayers take issue with. The first complaint about the bill is that it may increase the cost of products and suppress innovation more than it actually helps. Any time new standards are required, this is the first issue to be mentioned. Although this usually increases the cost initially, it typically decreases over time.
The second potential problem is that it mandates the addition of security features rather than removing a product’s vulnerabilities. This is like putting a bandage on a wound rather than ensuring the wound does not occur at all. It would be better to remove weaknesses than to try to shore them up.
The third issue is that the ambiguous wording of the bill does little to cause real change. It is said that only the most basic automated threats would be prevented. Perhaps a better solution would be to provide clear standards. Manufacturers would be able to follow these standards, as well as verify that they have been met.
How Would New Federal Regulations Be Better?
The federal government is also considering new cybersecurity regulations regarding IoT. The Internet of Things Cybersecurity Improvement Act would require any company that does business with the federal government to improve their products’ security. They would need to have changeable passwords, be patchable, and be free of known vulnerabilities.
Securing the IoT Act would mandate that the Federal Communications Commission develop standards that wireless equipment would need to meet to become certified.
Although the need for federal standards received bipartisan support, neither of these regulations is gaining steam in Congress. If the bill in California passes, it may provide the incentive to discuss this more seriously on a federal level. Once again, the west coast will lead the way.
In Conclusion
At this time, the wording for what constitutes “appropriate” security procedures is too ambiguous. For example, it does not address the various functions and nature of specific devices. Plus, there is no method for verifying whether the manufacturer took the necessary security precautions.
However, as tech-forward devices proliferate homes and businesses, it is increasingly important to improve their security. Ultimately, if manufacturers must adhere to California laws regarding cybersecurity, consumers throughout the country will benefit.
