by Felicien | Aug 9, 2018 | Education
End-Of-Life Vs. End-Of-Sale
The end of a product’s lifecycle can mean trouble for companies that haven’t prepared for the inevitable. If your organization uses certain products on a daily basis, you may find it difficult to keep up with the different dates revolving around these products’ unique life cycles. But failing to do so can have negative consequences for your operations if you’re not careful.
Familiarizing yourself with the life cycle of a product can help you make wise decisions about your hardware needs. “End of Life,” “End of Service Life,” and “End of Sale” are just a few terms you may need to know in order to avoid an issue with coverage later down the line. Read on to learn more about some of the similarities and differences between these common product lifecycle terms.
End Of Life Vs. End Of Sale: What Is The Difference?
“End of Life,” or EOL, means that the vendor of a particular product has determined that the product has reached the end of its life or its “useful lifespan.” For products in the EOL stage, the manufacturer will cease to market the product, and in most cases, will stop selling that particular product altogether. Past this date, it may become difficult to access support for the purchased product. In some cases, though, manufacturers may offer extended support, which can ensure you’re covered in increments for a certain period of time.
EOS or “end of sale,” also known as EOA or “end of availability,” is another important term companies dealing with equipment contracts should know. This refers to the date after which a product is no longer available for purchase through its manufacturer. The impact of this can be significant if you haven’t got a game plan. It’s important to be prepared for if and when the product and subsequent support you need for these products, is no longer available. How heavily would something like this affect your everyday operations?
Luckily, there may be a bit of hope, even if a product has been deemed EOS. While not available through its manufacturer, you may still be able to obtain an EOS product from a third-party vendor.
EOSL, known as “End of Service Life” means that a particular manufacturer will cease to provide technical support for a product after a chosen date. Although you might still be able to access some kind of manufacturer support after this time, it will probably cost more.
The 4 Stages Of Product Life Cycles
A product’s life cycle — its birth to its demise — is divided into 4 stages. From the initial introduction stage to the decline stage of the life cycle, understanding this unique sequence will help you further grasp what to expect from your products and what their life cycles may mean for you and your organization.
Introduction Stage
The introduction stage of a product’s cycle is often the most costly. Launching a new product can entail strong marketing efforts, which can include research and development stages and consumer testing. Things can become even costlier for products in highly competitive industries.
The Growth Stage
The growth stage is an important one for a product, as the company finally begins to see the fruits of its labor. During the growth stage, sales show strong growth, profit margins increase, as does profit. Here, businesses are able to invest more funds into advertising, allowing the product to achieve maximum potential.
Maturity Stage
Once a product has reached its maturity stage, it’s well established and it’s now the duty of the manufacturer to not only maintain but to further build upon its success. Investing wisely in marketing efforts during this stage is crucial, as it’s often the most competitive time during a product’s cycle, meaning it’s also a good time to evaluate making improvements to the product as a competitive advantage.
Decline Stage
The decline stage of a product happens when the market for that particular product begins to diminish. This can happen for a variety of different reasons, perhaps due to market saturation or because consumers are making the switch to a different product entirely. It’s also common that a large percentage of the target audience already have the product or that of a competitor. While this stage of a product’s lifecycle is inevitable, not all hope is lost. It can still remain profitable by implementing cheaper production costs or making the switch to more affordable markets.
Why It’s Important
Performing an IT upgrade can be difficult enough. Add in the worry of expiring service contracts and this can take things to a new level. Your maintenance contracts are highly important in making sure things are flowing smoothly. Finding out your manufacturer no longer offers support for one of your most-used products can bring on new levels of stress. Familiarizing yourself with the different aspects of your product service contracts can ensure you’re never without coverage when you need it most.
Another good solution is simply to look around and see whether there are newer products on the market that would provide you with even better features. Often when products are phased out and reach the end of their life, it’s because newer and better products have been released that will do a much better job.
by Felicien | Aug 9, 2018 | Education
They are the next best thing to hauling your laptop around to school and on flights, and they’ve become the weapon of choice for parents with fussy toddlers in public spaces. But while tablets have earned their accolades in recent years, that’s not to say choosing one to take home is an easy task. With endless options to select from, it will take some time and research to determine which tablet is best for your unique needs.
What constitutes a great tablet depends on several factors. Aside from function, things like versatility, user-friendliness, and affordability all play a role in how well a tablet is received by the masses. Versatility carries so much weight, in fact, that many of today’s top tablets come with keyboards to offer an experience similar to that of a desktop. These 2-in-1s are all the rage, and if you’re hoping to pick up a new one, you’ve got your fair share of picks. Here are some of our favorite tablets to help you navigate your options.
Apple iPad
The Apple iPad is one of the most revered tablets to date, and the newest version spares no expense when it comes to cool features. Compatible with the new Apple Pencil, the tablet is easy on the eyes with a 9.7-inch Retina display and a small, but mighty A10 Fusion processor for all the power you could want in a tablet. Plus, Apple now carries plenty of options for immersive AR experiences, and at its most affordable price point yet, you can be sure this tablet is one to covet for business and entertainment alike.
HP Envy x2
HP’s Envy x2 model, hot off the heels of the debut of the Snapdragon 835 processor, allows for stronger performance and a load of other features. Fast-charging capabilities, optional LTE connectivity, and a 15-hour battery life are just a few things users have to look forward to in this tablet. From a digital pen to a sleek backlit keyboard, the Envy x2 is versatile and durable, and definitely not one to be looked over if a solid tablet is on your wish list.
Acer Chromebook Tab 10
Created in collaboration between Acer and Google, the Acer Chromebook Tab 10 is a 9.7-inch slate tablet perfectly fitting of its target K-12 education market. The first tablet to be powered by Chrome OS, it features a 2,048 x 1,536 resolution display, and a textured design for easy handling on-the-go. It also comes complete with an EMR stylus, which fits conveniently in its own slot. This tablet was definitely built for convenience.
Samsung Galaxy Tab S3
With a 2048 x 1536 resolution AMOLED display, the Samsung Galaxy Tab S3 is primed for immersive entertainment. Inside you’ll find a powerful quad-core Snapdragon 820 CPU and a sufficient 4GB of RAM. Its 600mAh battery is good for up to 12 hours of power, whether you’re hoping for gaming or Netflixing. It also comes with a bundle featuring the new S-Pen, which is ideal for creatives hoping to use this tablet for work. All in all, between its power and its potential, the Galaxy Tab S3 is among the best money can buy.
HP Chromebook x2
The HP Chromebook is heavy on both looks and performance. This 12.3-inch tablet is touted as the first detachable Chromebook and comes complete with a base hinge for keyboard attachment. It runs on Google’s Chrome OS and can download apps from Google’s Play Store. Aside from an impressive QHD display, it offers both front and rear facing cameras and includes the new HP Active Pen to make tasks like sketching that much easier.
Dell Latitude 5290 2-in-1
This 2-in-1 is pricey, to be sure, but that’s not to say it isn’t worth the money if power is what you’re after. Weighing in at just 2.64 pounds, the tablet boasts an eighth-gen Intel Core i7 processor and a crisp, clear screen ideal for work or play. Gorilla Glass 4 for durability and an adjustable kickstand are just a couple of the perks you’ll find on this hybrid, and that’s not all. There is also an optional keyboard to make typing a breeze.
Lenovo Miix 630
The Lenovo Miix 630 has a unique advantage over its competitors. It can stay connected all day via LTE, which is enabled by a Qualcomm Snapdragon 835 processor. It’s a fresh option for Windows devices, courtesy of a partnership between Qualcomm and Microsoft. And with this Snapdragon processor also comes an extended battery life, upwards of 20 hours. So if you happen to be looking for a tablet to replace your laptop for business, the Lenovo Miix 630 is a suitable option, indeed.
Surface Pro 4
Equal parts tablet and laptop, the Surface Pro 4 gets right a lot of what the original Surface Pro got wrong. Its 12.3-inch screen offers more than enough space for clear, crisp pictures, and its configuration capabilities are nothing to scoff at. From its dual cameras to its loudspeakers and extraordinary picture quality, the Surface Pro 4 is the best of both worlds.
Xplore XBOOK L10
One thing’s for sure: durability isn’t an issue with the Xplore XBOOK L10. Waterproof, dustproof, and drop proof for up to six feet, this tablet is one with plenty going on. It’s got a plethora of ports, including USB-C, USB-A, and Ethernet, with its powerful performance courtesy of an eighth-gen Intel Core i5/i7 processor. And with an ultra-bright display, there isn’t much this tablet can’t do.
Google Pixel C
The Google Pixel C, which many call a solid alternative to the Apple iPad, has a unique design that sees its optional Bluetooth keyboard double as the tablet’s cover. Its made from durable compact aluminum, and boasts a lightning fast performance plus a bold, bright screen bound to make your favorite games that much more enjoyable. If Android is what you’re after, this is simply one of the best.
by Felicien | Aug 7, 2018 | Education
An all too common occurrence that takes place in many businesses, organizations, and institutions is the data breach. This is where hackers infiltrate your database and steal all types of information including that of your clients. Just this past month, Algonquin College, located in the National Capital region, released a statement informing the public about a data breach that affected a large number of people and exposed more than 111,000 records.
With the alarming trend of various organizations exposing their customer’s data online due to vulnerabilities, what can you do to keep this from happening to you? More importantly, how can you keep your clients’ and employees’ personal and private records safe? Let’s take a look at what you can do to keep your data secure.
5 Ways To Protect Your Business From A Data Breach
Keep Business and Individual Accounts Separate
First of all, begin with yourself. It’s important to create separate emails for your business, your personal, and your financial accounts. If someone hacks your personal email and password from a personal site, they should not be able to gain access to your business or banking/credit/PayPal sites. Guard what you allow to be uploaded or attached to your computers, and encrypt as often as you can. Having numerous passwords or passcodes can be confusing and troublesome, but consider the alternative. Having to undo and sort out what has been stolen in a data breach will be more confusing and costly in the long run. There are sites such as Lastpass.com that keep track of your passwords and preserve your information so it’s private and secure.
Create a Culture of Awareness
So often, employees are not well trained to protect against a breach. At the same time, companies do not have a protocol to secure their data. While, some things can be automated like encrypting email, there needs to be a heightened sense of resolve to keep the data safe by establishing the proper procedures and training for your employees.
Communicating with your employees and clients that there is a new attitude in how you think and operate is essential in ensuring they understand the need for a heightened awareness. Most successful hacks use social engineering through email messages and other social passageways.
Create an atmosphere where employees and clients are paying attention to their email inboxes and the links they are asked to click on. This is a fundamental method of fending off cyber-attacks. Because hackers are creative and inventive, informing your group of new tactics that hackers are implementing will keep your crew on their toes.
Teach your people to strengthen their passwords. This one step alone is worth its weight in gold. Many of your employees are no doubt using easy-to-decipher passwords like “abcdefgh” or “password123”. These will not take long for hackers to crack. Require two-step identification and keep a good antivirus program running at all times. Do your part to make sure your work environment is a fortress ready for an attack.
No boss likes to come across as heavy-handed, but limiting employee access to websites outside the scope of their daily duties will go a long way to ensuring your data is safe. An educated workforce is your best defense against cyber-attacks.
Establish Preventive Data Authorizations
As mentioned before, most data breaches are not complex attacks through unidentified backdoors. Most breaches are due to an employee clicking on a bad link in an email or attachment. Businesses should constantly confirm that employees only have access to the information necessary to do their jobs. Restricting data permissions will help ensure that these types of breaches do not occur.
The best cybersecurity comes in layers, making it difficult or frustrating for an intruder to break into the network and gain access to your important data. These preventive layers can sometimes slow down an employee from completing a task or lead to a frustrating work environment. That is why much thought and planning must be given to establishing strong preventive layers in order to keep data safe.
Hire a Cybersecurity Expert
Experts cost money. Bringing one in to educate both yourself and your team may seem expensive until you consider the cost of a data breach. A data breach these days can easily cost a million dollars to mitigate. Cybersecurity experts can help educate you and your employees on the latest trends in malware and ransomware. It’s so important for you and your team to understand how data breaches occur. Security awareness is key to keeping your data safe.
Follow the FINRA Checklist
The Financial Industry Regulatory Authority (FINRA) has a checklist on cybersecurity you can download for free on its website. Every company should take a thorough look at their security measures and use the FINRA checklist as a definitive guide. The checklist will prepare you to identify cybersecurity threats, protect your data from cyber-attacks, plan for a response if a compromise arises, and implement a plan to recover lost or stolen data.
It’s US-based, but it is a good start, even for Canadian companies.
Conclusion
Each day, hackers find new ways to get past your best cybersecurity programs so they can steal your database. Though it can seem like a constant war to maintain control, the alternative is not pretty. Data breaches diminish your company’s reputation and hurt your ability to compete in the marketplace. Train employees well and regularly. Take advantage of the latest security protocols to protect what’s yours. You can’t let your guard down for even a moment these days.
by Felicien | Aug 7, 2018 | Education
Cyber attacks have become an issue of growing concern for institutions across a variety of industries. With so much of everyday life conducted online, it’s no wonder a new breed of hackers is intent on stealing information. How can you be sure your business is protected?
In 2018, a number of high-profile companies have already experienced data breaches. Now they are left to deal with the repercussions of a dip in consumer trust, along with penalties, fines and perhaps even lawsuits.
The Meltdown, Spectre, Heartbleed, and ShellShock cyber breaches in recent years have proven that there is no one-size-fits-all solution to this growing problem. The time for businesses to act is now. Man-in-the-middle attacks, distributed denial of service attacks, and session cookie tampering all played a role in these data breaches, leading to the conclusion that businesses must do more to prepare themselves against a range of attacks.
According to CSO, cybercrime damage is expected to cost over $6 trillion annually by the year 2021. Software firm Rapid7, intent on cracking down on cyber attacks, conducted hundreds of penetration tests over the past 10 months to determine how well networks can combat cyber threats. The study, named “Under the Hoodie 2018” is filled with interesting data that sheds light on some of the most common cyber targets and what businesses can do to arm themselves.
What Is A Penetration Test?
A penetration test, or pentest, is a simulated cyber attack conducted to determine exploitable vulnerabilities in any given computer system. Pen tests can involve the attempted breach of a variety of application systems, including APIs, front and backend servers, and others. These tests are designed to uncover network vulnerabilities that may make a company susceptible to breaches.
Studies of this nature are vital for pinpointing which type of network misconfigurations are liable for hacker access, and how user credentials are being used. The insights provided by pen tests can help businesses create a plan of action against attacks, allowing them to fine-tune their security policies and find solutions to fix vulnerabilities before they’re impacted.
What Are The Stages Of Pen Testing?
Pen testing is typically divided into five stages. The first involves planning and reconnaissance, which means defining the goals of a test and clearly outlining the systems and testing methods that will be addressed. Gathering data is another important part of this stage, as it allows the test conductors to more clearly understand a target and the potential vulnerabilities to be encountered.
The second stage involves scanning and static analysis, which means inspecting an application’s code to determine its behaviors. Dynamic analysis, also part of the second stage, involves inspecting this code in a running state, offering a real-time view into its performance.
A pen test’s third phase most often includes gaining access to a network by way of web application attacks to uncover a specific target’s vulnerabilities. It is then the duty of the tester to attempt to exploit these by escalating privileges, intercepting traffic, stealing data, or doing other damage.
Maintaining access, the fourth stage of a pen test, involves determining how a specific vulnerability can be used to present a persistent threat. Often, persistent threats are used to steal sensitive data from an organization over a period of months.
Finally, comes the analysis of collected data. The tester will compile a report that details which specific vulnerabilities were exploited, what type of data was accessed, and the amount of time the tester was able to maintain access to the system while remaining undetected. All of this information combined paints a clear picture of what a business can do to protect itself against similar attacks in the future.
What Were The Results?
Rapid7 conducted more than 268 pen tests across a wide range of industries, 251 of which involved live production networks likely to hold real and confidential data. Of these 268 tests, 59% of the simulated hackers attacked from outside the target network, which would most likely be the case for the majority of today’s businesses.
The study helped gather a world of insight into the everyday user’s online security habits, or lack thereof. One interesting finding was that of password patterns. The findings suggest that the majority of users choose passwords of the minimum required length, and tend to use numbers at the end of the password.
The most common password used? “Password1.” According to a popular password hacking website, it would take hackers .29 milliseconds to crack this password.
Overall, the study concluded that Rapid7 testers exploited at least one in-production vulnerability in nearly 85% of all engagements. For internally-based penetration tests in which the pen tester had local network access, that number rose to 96%. This means that success rates are significantly higher for penetration testers when they have access to internal LAN or WLANs.
This type of information is imperative in giving businesses a leg up in preparing their defense against cyber attacks.
by Felicien | Aug 7, 2018 | Education
The Microsoft Cloud for Government is a comprehensive cloud platform designed expressly for U.S. Federal, State, and Local Governments to meet the U.S. Government’s thorough security and compliance regulations. Microsoft Cloud for Government meets the standards of many government agencies, including FedRAMP, HIPAA, and CJIS, to name a few. It has the flexibility to run in government, public, or private clouds with an integrated open platform. Microsoft Government Cloud was designed to meet the precise requirements of GovCloud.
What does GovCloud mean?
GovCloud denotes all the virtualization products and cloud computing solutions that are established expressly for government agencies, institutions, and organizations.
GovCloud was created to address and administer cloud solutions that meet the needs of IT as well as the operational, financial, and strategic objectives of the United States government.
What Can Microsoft Government Cloud Do for You?
Depending on the type of work you do – and who you work with – Microsoft has a wide range of cloud environments to meet your specific needs. Microsoft provides these three types of government clouds:
1. Government Community Cloud (GCC) for local, civilian, and federal government agencies.
2. GCC High for highly classified government users and those doing business with them.
3. DoD cloud for intelligence agencies.
Let’s take a closer look at Microsoft cloud services and solutions for government.
1. Microsoft Azure Government
For businesses, organizations, and agencies looking for cloud computing services, Microsoft Azure provides a directory of hundreds of different services you can use, including:
· Databases
· Full virtual machines
· File storage
· Services for mobile & web apps
· Backups
In the past, an organization would host their own infrastructure using their own hardware. If more power was needed, they would have to purchase more server hardware. They would also have to pay someone to manage the hardware and pay for the Internet link to serve its customers or users.
Microsoft Azure gives you the advantage of paying for access to a massive pool of computing resources provided by Microsoft instead of running your own hardware or paying for the use of some someone else’s data center. Azure allows you to host email servers, user directories, web servers, databases, virtual machines, file storage servers, and much more.
Microsoft Azure features smaller upfront costs. Creating your own data center can be expensive and requires hardware, software, maintenance, and skilled workers to run everything. The risk of paying too much for hardware and software, or not having enough IT resources for your business is eliminated.
2. Office 365 U.S. Government
Microsoft 365 for US Government Cloud provides a package that includes Windows 10, Office 365, and Enterprise Mobility + Security features for U.S. Government customers. This service also includes versions for SMBs, educational institutions, customer service employees, nonprofits and more.
These services are designed to meet the security and compliance requirements of the United States government. Many agencies and organizations can benefit from using Office 365 for U.S. Government including local, state, and federal governments, as well as Tribal entities. This product will also work well for the defense industry and their contractors.
3. Dynamics 365 Government
Since the U.S. government has unique and ever-evolving requirements of the public sector, Microsoft created Microsoft Dynamics 365 Government that is available to qualified government entities in the United States. Microsoft Dynamics 365 Government involves the protections provided to the government community cloud aimed at four distinct functions: Customer Service, Sales, Project Service Automation, and Field Service.
Dynamics 365 Government offers a number of excellent features to allow users to interact using Skype for Business. It integrates well with other Microsoft enterprise service offerings such as Office 365 for Government.
Microsoft Dynamics 365 Government plans are available for the following types of government and private entities:
· United States federal, state, local, tribal, and territorial government entities.
· Private entities using Dynamics 365 Government to provide solutions or services to a government entity.
· Private entities with customer data using Dynamics 365 Government to meet the government’s regulatory requirements.
Why Is Microsoft Government Cloud Important?
Organizations who provide services for any type of U.S. government entity, whether it be local, state or federal, need to meet the criteria of The National Institute of Standards and Technology (NIST) Special Publication 800-145. These stringent standards have been put in place to secure both “customer data” and “customer content.”
Customer data refers to all data, including text, sound, video, or image files, that are provided by a customer through the use of the Online Service.
Customer content denotes a specific subset of customer data that has been specifically created by users, such as content stored in databases. This includes, but is not limited to a customer’s private contact information. Content is commonly considered confidential and should not be shared over the Internet without encryption.
Conclusion
Microsoft Government Cloud gives organizations and government entities the security, power, and peace of mind knowing that they are meeting the strict standards required by the NIST. This, in turn, can prevent hefty fines and penalties, plus it protects consumers and others from global hacking scams.
by Felicien | Aug 7, 2018 | Education
Phishing is just one of many tools in a hacker’s repertoire and happens to be one of their most effective. Through phishing, hackers dangle their bait in front of preoccupied employees who would never dream that their PC could provide an open door for a hacker. That’s why it is so important that employees understand how phishing works, how costly it can be, and what they can do to avoid letting themselves become an unwitting accomplice to a hacker’s attack on their company.
The Nature of Phishing
Phishing involves a malicious entity that sends out emails that look like they are from reputable, well-known companies (maybe even the employee’s own employer) – but these emails are not what they seem.
Sometimes the purpose of a phishing email is to trick the recipient into revealing information such as logins, passwords, or personal information. Other times, phishing emails are used to install malware on the recipient’s computer. Once the hacker behind the phishing attack has succeeded in infiltrating the target system via login information or malware, the damage they cause quickly escalates.
Phishing Can Be Very Costly
So how expensive can phishing be? Well, consider what happened to a bank in Virginia that fell victim to two phishing attacks in just eight months. Their disaster began when an employee received and opened a phishing email which succeeded in installing malware on company computers. The malware was able to use the victim’s computer to access the STAR Network, a site used to handle debit card transactions. Through the STAR Network, the hackers behind the malware were able to steal $569,000 in that one incident alone.
But that wasn’t the end of the matter. Eight months later, even after hiring a cybersecurity forensics firm and following their advice to better secure their system, the same bank was victimized again through another phishing email. This time, the hackers again gained access to the STAR Network, but then used the bank’s Navigator system. Through those systems combined, the hackers were able to credit money to various bank accounts and then withdraw the money using hundreds of different ATMs. Losses from this incident amounted to almost $2 million.
To make matters even worse, the bank’s cyber insurance provider denied coverage and the bank is now forced to pursue a lawsuit to recover their losses.
The Very Real Dangers Of Phishing Attacks
Phishing wouldn’t be so effective if it wasn’t so easy for busy employees to fall victim to seemingly legitimate emails or innocent-looking attachments. The malware that was used to initiate the first attack on the bank discussed in this article was embedded in a Microsoft Word document. Most of us have worked with thousands of Word documents during our careers and have never been victimized by one – but it only takes one time to cost a business millions of dollars.
In this case, once that document was opened, the malware was installed and the group behind it had access to what they needed. The bank in question hired Verizon to investigate both incidents. It was finally determined that the same group of Russian hackers were likely responsible for both attacks.
Common Sense Required
Even the most powerful of cyber security systems is still susceptible to attacks that take the form of phishing or social engineering. As long as people continue to subscribe to the view that firewalls, anti-virus, and anti-malware systems provide all the protection against cyberattacks that a company needs, then successful phishing attacks will continue. Education is one of the forgotten keys to foiling phishing attacks.
Employees need to be taught how to recognize a suspicious email and be given real-world examples of how convincing phishing emails can appear. They need to be encouraged to view both emails and attachments with a critical eye. Employees must also understand that, under no circumstances, is there a legitimate reason for someone to ask for their password.
Another aspect of this type of education is making sure that people realize that the targets of phishing are not C-suite executives or IT technicians, but employees from all levels. Through a connection to the company’s network, any employee’s computer could serve as a launching pad for an industrious hacker’s plan of attack.
Conclusion
Phishing attacks are a reality that must be addressed if a company wants to avoid becoming a victim. These attacks often result in very expensive losses that may not be covered by insurance. While the importance of a rigorous cyber security system is never to be overestimated, neither is the importance of employee education. Too many employees have unwittingly become accomplices in costly cyberattacks because they didn’t recognize a phishing email and never thought they could be the target of one. The first line of defense against phishing isn’t a network firewall, but a trained employee who knows how to recognize a suspicious email or a questionable attachment.
