by Felicien | Jun 12, 2018 | Education
According to a recent survey, around 29 percent of companies named security as the major problems in the upcoming years. The current percentage is a ten percent increase from last year’s survey results. While security is the biggest problem, efficiency and workflow was a close second, at 26 percent. Apart from cybersecurity and problems pertaining to privacy, emerging technology and infrastructure management have also been ranked as the top technological challenges faced by companies; regarding of the industry they belong to.
Challenges faced by tech companies
While firms do face these major challenges, coming up with a solution for them is a problem because half of the companies that cited security as a big problem don’t have the money needed to deal with the problem. Half of the respondents claimed that their firm’s budget was the same as last year while 8% of them stated that the budget allocated to the IT department was smaller this year. Another research also suggests that a large part of global companies, up to 55%, only have an IT audit assessment on a less-frequent basis; most commonly once a year.
It is a difficult task for security professionals to get the budget they require for setting up a proper, well-developed cybersecurity program. The problem is that security professionals are only handed the budget after there has been a major data breach or if there has been an incident that has left a negative impact on the company. A number of organizations find it hard to quantify security or put a monetary value on it.
With news filled about phishing scams and hacking incidents and social media websites talking about privacy, one can easily understand why security is such a concern. For instance, just last year in May, companies in more than 150 countries had been targeted. The targeted companies included big names such as NHS, FedEx, and Honda.
Just like law firms, tech firms also store tremendous amounts of sensitive data about users, which is why it is crucial for them to employ high-security levels. A lack of security on the part of tech firms not only shows negligence but also puts all the users at risk who’s data is stored with the company.
What security challenges do tech firms face?
The challenges to cybersecurity are regularly developing and are becoming more severe; making it vital for tech firms to stay on top of their game and constantly work on finding solutions, so they stay safe from security attacks. Mentioned below are a few of the common kinds of threat that tech companies can face:
Malware
Malware is highly common. Not only is it present abundantly on the internet, but it is also the tool that a majority of cybercriminals use for obtaining their goal. Whether it is for locking up computers and charging them for obtaining their goal or it is for infiltrating an organization and stealing confidential information; malware is the best tool. Similarly, malware can also be used for making public statements and getting people’s attention. In each cybersecurity incident, malware always has a role. In fact, it can also be used as a pivot into the company.
Users
While this might seem surprising but users are a threat too. For instance, the threat can come from the inside, i.e., a malicious employee, or it could also be because of accidental user actions.
Spear phishing
Another tool that is becoming more common these days is spear phishing, primarily because it is quite effective. Hardly anyone thinks twice before opening any PDF document or a Word document. Many of us, in fact, use it regularly for work without thinking. This routine of not giving a second thought before opening a document is exactly the factor that criminals count on.
For all these security threats, the solution is simple; user education. For any organization, it is crucial to teach employees to first think before clicking on anything; whether it is a link or a document. While user education is important, it doesn’t mean that technology selection should be neglected. Enterprise systems can provide a sufficient amount of security if their users are given the right cybersecurity training and know how to use the systems correctly. While this requires more money and more time, the training is crucial for keeping the firm’s data protected.
Furthermore, another step that firms can take is to use email gateway technologies that can help get rid of the malicious emails before it goes into the user’s inbox. This simple measure can go a long way when it comes to protecting the firm from spear phishing.
Bottom line
It cannot be denied that the industry is filled with challenges, that increase in difficulty with each passing year. However, the good news is that all problems can be solved if only firms make use of passion, ingenuity, and a systematic thought process for solving them.
by Felicien | Jun 11, 2018 | Education
Coming in the fall of 2018, Apple has announced the release of iOS 12 for iPhones and iPads. The new operating system has been designed to greatly improve the user experience. It will be faster and more responsive than the older versions. It includes a number of helpful apps that will make life easier and more fun.
Apple has invested a great deal of time and effort in learning what users want most in their smartphones. They are touting iOS 12 as the most significant improvement to come along in some time. Keyboard typing will be much faster and more responsive. The camera will launch much quicker so you can get those great shots of your kids or pets playing.
The new operating system will work on older iPhones as well. Apple has said that the operating system will improve performance on devices going back to the iPhone 5S and iPad Air.
The Screen Time Tool
One of the most exciting improvements for parents will be a tool called “Screen Time.” This tool is integrated into the operating system so there’s no additional app to download. It provides a much-need method of monitoring how much time your kids spend on their phone and tablet computer. For years, parents have been complaining that there’s no way to tell how much time their kids spend on the phone. Now there is.
For years, Google has had a Family Link app on its Android phones with similar capabilities. However, Apple has taken the idea to a new level. Screen Time has a program to record the time that users spend on various apps. Though there are various third-party apps on the market that do monitor this, for many users, these have simply not been as user-friendly as promised. With the Screen Time program, there’s no third-party app to download.
If you want to know how much time your son or daughter has spent on Facebook, it’s easy to find out. Now that the information is readily available, parents can regularly check to see if their child is spending too much time playing games or on favorite social media sites. Those who have tracked this before always say consistently that they’re surprised at how much time they (or a family member) spend on certain websites or involved in some online activities.
The time does seem to fly by when you’re playing your favorite game or joking around with friends on Facebook. Though these activities are entertaining, often kids are neglecting more important things like homework, cleaning their room, or just getting out of the house for some fresh air.
Parents (or kids) can generate activity reports by logging into their “Family Sharing” account located in iCloud. The app also enables parents to set time limits for usage. Though this is meant to help parents control how much time their kids spend playing around, it’s an important tool for learning behavior patterns and developing behavior modification programs.
A tool in Screen Time called “App Limits” will notify you when your time is almost up. The warning is a good way for kids (and parents) to transition off of their device and get more involved in “real world” activities. Experts believe that the app is a more productive substitute for a parent yelling at their child to get off the phone.
iOS 12 includes many helpful apps for kids such as “Sleep is Supreme”, an app that allows parents to set up bedtime parameters on their kids’ tablets and phones. Parents can also limit the child’s access to apps like Snapchat and Instagram during school hours. If you have learning apps on your phone like Quizlet, you can continue to allow them to run these at any time.
Sleep deprivation
No one’s getting enough sleep these days. According to a new report by the American Academy of Sleep Medicine,[1] approximately half of all 15-year to 18-year olds get less than seven hours of sleep each night. Doctors recommend at least nine hours of sleep for this age group. Sleep deprivation can make you cranky and irritable. It keeps the brain in a state of being foggy and unable to process information as fast. It also affects the central nervous system and the immune system among others. Specialists have noted suicidal tendencies in teens with higher sleep deprivation.[2]
Control notifications
If you’re bothered by notifications, you can set up parameters that control how often and when you receive notifications. The new tool is called “Downtime” and it will no doubt be a big hit with everyone. Getting notifications at all hours can be annoying, distracting, and it can prevent you from finishing a project. Now you can set up “Downtime” to deliver notifications when it’s most convenient for you.
With Apple’s new iOS12, adults are finally able to take charge of the time their kids can spend on certain activities. This should go a long way towards improving quality time with your family. It may also help kids to improve their school grades and make everyone more aware of the time we spend playing games or interacting on our favorite social media platform.
[1] http://sleepeducation.org/
[2] https://www.healthline.com/health/sleep-deprivation/effects-on-body#2
by Felicien | Jun 11, 2018 | Education
From the word go, the term communication indicates that there is more than one party involved in the conversation. For there to be effective communication, both parties must understand what the other is saying. Communication in business is somewhat different from casual communication, say among friends. In business, the stakes are higher. Much more is involved and there is much more to lose, therefore, it is important that the communication is as effective as possible.
There are certain rules that need to be followed for communication to be effective. These have been summarized as the 7C’s and are believed to guide communication especially in business. The 7C’s of communication is meant to inform people who do not know much about the rules of communication. Below, we discuss the 7C’s of good business communications.
Conciseness
First of all, communication needs to be concise. Conciseness simply means that you get to the point. Communication in business that does not convey to the other party exactly what the person is saying can be frustrating. It not only wastes time but can also lead to mistakes when the information conveyed is not understood. For this purpose, it is important that the message is conveyed in a concise manner. Of course, don’t be abrupt or rude, but be sure that you make your point. In today’s fast-moving world, business people appreciate it when you say what you mean and don’t leave listeners wondering.
Completeness
The message communicated needs to be complete. Do not assume that the person you are talking to will fill in the blanks or read between the lines. Ensure that before the conversation comes to an end, the person you are talking to has understood you completely. It is common knowledge that different people react in various ways to information that is presented to them. In addition, each person’s level and speed of understanding varies. Leaving people to complete information for themselves opens up the material being conveyed to misinterpretation. Depending on the level of communication, mistakes that arise as a result of incomplete information being passed can end up being quite costly to the business.
Clarity
Always remember that clarity is key. Imagine a situation in which you need an employee to make certain purchases for your business. You give the employee the instructions, focusing mainly on the exact items to be purchased, the quantities needed, and the budget. The employee when making the purchases, however, ends up purchasing the wrong items or the wrong quantity. Can you imagine the impact that this would have on your business? This is just one of the reasons why there needs to be clarity on the information being passed. Say exactly what you mean, exactly how you mean it.
Consideration
Keep in mind, whenever you are communicating with someone else that the other party is a human being with needs, feelings, life experiences, and certain biases. Knowing your audience is important if you are going to communicate effectively. Whether you know your audience or not, however, strive to be thoughtful in all your communications. Consider the other person’s feelings, their beliefs, their culture, and their biases. This can ensure that the message you are conveying is not received in a negative light. If possible, ensure that the message resonates well with your client.
Correctness
Correctness means that the message you are delivering must be accurate. Do not rely on fake news sources, for example, to inform the information passed. Instead, verify the facts before communicating with others. This will maintain your credibility with the other party and increase their trust in you. Secondly, the correctness of information reduces the chance of misleading information being passed on to others. This, in turn, protects you from liability for misrepresentation. Even large news organizations report incorrect information nowadays. Though this can temporarily improve their ratings, it also tarnishes their reputation. People will always return to the most reliable news source at the end of the day.
Confidence
First impressions are everything. They matter a lot. First impressions dictate how your audience will receive the piece of information that you are attempting to pass on to them. A good communicator is confident. This inspires confidence in listeners. A poised speaker is more likely to be received in a positive light. Their message will be regarded as important.
Conversational
Communication that is conversational is important for both parties. Such communication ensures that no one is left out and that, at the end of the day, the ideas of both parties are taken into consideration. Conversational communication prompts both parties to listen well and respond appropriately. It can prevent misunderstandings.
Final thoughts
Good communication is an important part of the business. Business owners who communicate well are often more successful than those who don’t. They’re more respected in the community and more likely to build healthy, long-standing relationships. The art of being a good communicator is something that comes naturally to a few people but it can be taught. And, it’s well worth the time and effort to learn this trait. Especially, if you’re planning on being in business for a long time.
by Felicien | Jun 11, 2018 | Education
For many business owners, Google’s announcement to switch over to mobile-first indexing comes as a real shocker. It’s a revolutionary thing to do in a world of disruptive technology. Since the beginning of the World Wide Web, a company’s desktop website was their first and foremost consideration when developing a marketing plan. With the new changes announced by Google, all that changes. Now, a company’s mobile website is what must be in prime condition.
For some business owners, this change will just be a bump in the road. For others, it’s a huge sinkhole where their profits could fall in and never be seen again. Many business owners still struggle to get their mobile website in excellent working order.
One business owner commented recently, “My mobile website comes up with these huge, looming images and you can’t really read much of the text.”
If this is you, then it’s time to get serious about fixing those issues. The top 5 problems that business owners face with their mobile website are:
Being denied access- Users hate getting those little messages that the mobile site they’re searching for isn’t viewable on their device. Or, some say, “Mobile support coming soon.”
Performance- Why can’t a mobile website just work the same as a regular one? That’s a big question with lots of answers. Sometimes the mobile device is at blame. Sometimes it’s the load speeds/internet connection.
Design- Many users have landed on mobile sites where the images overlay the text, so you can’t really read anything. It’s frustrating and it usually ends with the user going someplace else to shop.
URL redirects- This confounded message has been the scourge of surfing the web for many years. There are several reasons why you might get a redirect message. It could be that you typed the wrong thing in your browser. Sometimes links are broken. Other times, the website owner simply has several pages that refer to the same site and they need to do some maintenance. It can also be the result of phishing attempts.
Confusing apps- There’s no excuse for this but many business owners have attempted to save money by doing it themselves or hiring a non-professional to design their app.
Why is Google Doing This?
Back in November 2016, Google announced their initial mobile-first indexing effort. They called it “an experiment” and it seemed like a good idea on the face of it. However, no business owners could foresee that the Tech Giant might eventually decide that mobile sites were more valuable than desktop sites.
The reasons they give seem pretty concrete. Almost 60 percent of all searches are performed from a mobile device now. A report from 2015, verified that 56 percent of global search queries originate from a mobile phone. Mobile traffic was responsible for about 49 percent of all website traffic according to this report.[1]
These numbers are expected to rise significantly over the next ten years. Google has a long reputation of knowing where the next big trends will take place so you can trust their word when it comes to topics like this. The only thing left to do is make sure your mobile website is amazing!
The Good News
Google has repeatedly said that they will transition into this new phase slowly. That’s the good news. All this will not take place overnight. Instead, Google will give business owners time to fix whatever they need to so their mobile site will be first-class.
The other piece of good news is that Google has assured business owners that if they do not have a mobile site, the google bots will still continue to crawl the desktop version of the site. That means your revenue stream should not decline for lack of a high-performing mobile site.
The Google announcement says, “If you only have desktop content, you will continue to be represented in our index.”
Further Clarity Needed
Google also made it clear that mobile-first indexing does not mean that there will now be two separate indexes performed. There will still be only one and it will focus on mobile sites, not desktop sites.
The reason they cite for this is:
“…To better help our primarily mobile users find what they’re looking for.”
For those who don’t know, mobile-friendliness has always been a major factor in determining how a site is ranked. Of course, it’s not the only factor, but it is still a component of ranking your website. Google is quick to point out that if a non-mobile-friendly page has the best (most relevant) information, it will still rank higher than a mobile site with similar content.
The Bottom Line
All business owners should begin to see more traffic in their logs from Googlebot Smartphone. Google search results will contain snippets that have been generated from the content on the mobile version. Though Google has historically used the desktop version of your site for its indexing purposes, times they are a’changin’.
We can either get on board with the changes or be left out in the cold. Most business owners are already hard at work making sure their mobile website is the best it can be. For those who are willing to go the extra mile, this could be a great time of increases in traffic and sales. The sites that are ready to go are the ones that consumers will flock to for all their buying needs.
[1] https://searchengineland.com/report-nearly-60-percent-searches-now-mobile-devices-255025
by Felicien | Jun 8, 2018 | Education
Data protection and compliance is a major concern for organizations worldwide. With the introduction of the Service Trust Portal, organizations working to support or protect the privacy rights of individuals in Microsoft’s online environment can now rest easy.
Defining the Service Trust Portal
This is a one-stop shop for security, regulatory compliance, and privacy information related to the Microsoft Cloud. The Service Trust Portal, also referred to simply as STP, is a service feature available within Microsoft Office 365 that provides current and prospective users of the platform with a wealth of insight into how the tech giant manages privacy, compliance, and security.
This platform is the location where Microsoft shares information that organizations need to perform due diligence and evaluate all of Microsoft’s cloud services. Microsoft has launched this service as a way to help improve transparency, enhance understanding, and simplify assessments for its users.
What is contained on the STP
The Microsoft Service Trust Portal (STP) contains quite a bit of useful information aggregated from all across the Microsoft cloud services. It also has tools and other resources that organizations need for all things concerning security, compliance, and privacy.
Detailed information
STP is home to in-depth information regarding Microsoft’s way of managing security and how you can access it as a user. The portal has information about compliance and privacy within the Office 365 environment, with the goal of making it easier for users to understand how Microsoft cloud services safeguard data so they can meet their own regulatory compliance objectives.
These include audit reports from independent third-party service providers. Users can find information regarding the ways in which Microsoft’s online services may be able to help organizations comply with regulations and laws. The following standards are included:
NIST, or the National Institute of Standards and Technology
FedRAMP, or the Federal Risk and Authorization Management Program
ISO, or the International Organization for Standardization
SOC, or the Service Organization Controls
General Data Protection Regulation, abbreviated as GDPR
The regulatory environment is just as dynamic as business risks. With all the compliance-related documents in this platform including audit reports, frequently-asked questions, white papers, and more, you’ll be able to learn everything you care to know.
Assessment tools
There are a rich variety of tools on the platform. These include the resources you’ll need for data protection, risk assessment, and compliance management. These resources should simplify your compliance journey.
Microsoft Cloud compliance resources
STP is also loaded with other resources about Microsoft’s security, privacy, and compliance practices. Essentially, these are centralized resources for all of Microsoft’s Cloud services.
Accessing the Service Trust Portal
STP is a free resource available to everybody; both existing Microsoft online services customers and those who are simply evaluating the cloud-based platform.
To access the Microsoft Service Trust Portal or any of the STP materials, you must be logged in to the platform with your Microsoft cloud services account.
Whether you have an Azure Active Directory account or a Microsoft account, log into that account to take advantage of all the tools and resources now available. You will be asked to accept their Non-Disclosure Agreement for Compliance Materials, so click on “Accept” to move forward.
If you are a current Microsoft cloud services registered user, you can access the Service Trust Portal at https://aka.ms/STP with any of the following internet subscriptions available for both trial and paid users:
Office 365
Microsoft Azure
Microsoft Dynamics 365
Microsoft Intune
New customer sign-up
If you are just considering Microsoft online services for the first time or as a new user, you have the option to create a new account or create a trial account. Either of these should allow you to access the Service Trust Portal.
That said, you can use any of the following sign-up forms to gain access to the Microsoft STP. Ensure that you enable Azure Active Directory at the time of signing up to support your access to the STP.
New Office 365 Business trial account sign-up form or a new Office 365 Enterprise trial account sign-up.
New Microsoft Azure trial account sign-up form.
New Microsoft Dynamics 365 trial account sign-up form.
After you are logged into STP, you can access any of the content available on the platform by navigating to the section containing the item you’re looking for and clicking on it.
To review content on the STP, pick an option from the menu: Audit Reports, Data Protection, Azure Security and Compliance Blueprints, Poland Compliance, Romania Compliance.
Once you locate the item you need, you can click on it and download it locally for your own use. Other resources such as the FAQs are serviceable from within the STP, so you won’t have to constantly download documents to your hard drive.
Wrap up
You’ll be happy to know that Microsoft is regularly adding more tools to STP to empower organizations. So, you’ll want to keep checking back to STP for the latest available information.
by Felicien | Jun 8, 2018 | Education
The concept of Code Signing SSL Certificates includes protecting users against phony software and assuring that the software is not infected with a virus. Most reputable companies require this certificate before accepting a product and using it. In today’s world, it’s the safest method of guaranteeing that software has not been altered or compromised.
Types of Code Signing SSL Certificates
There are several types of Code Signing SSL Certificates. The Business Validation SSL certificate requires that the software manufacturer or developer provide verification documents to the Certificate Authority. Once these documents are submitted, it can take three days for approval. This approval guarantees the authenticity of the digital program.
Code Signing SSL Certificates for Individuals are used less, though still important. If an individual programmer creates an app or software product and wants to include a Code Signing SSL Certificate, then the programmer must provide documents that prove his/her identity. The Certificate Authorities check to make sure this person is who he says and that he is the author of the digital work.
What is a Code Signing SSL Certificate?
This certificate is a way for the programmer to digitally sign his or her work. An authentic Code Signing SSL Certificate includes a company or individual’s name, their signature, and often a timestamp, though this is not required. With this certificate, end users can feel confident that the program will work as promised. SSL Certificates are used on software programs, applications, script, code, and drivers.
Improving Internet Security
Security on the World Wide Web has become an important commodity. There are phishing attacks launched daily. Along with that, ransomware has become quite prevalent. Attackers lock your computer files then demand a ransom be paid, usually in Bitcoin. Add to that so many computer viruses and worms hidden within suspicious links that it’s difficult to keep up today.
In spite of the great amount of publicity about these attacks, many are successful due to a poorly educated public. Most users admit they sometimes click on links or visit sites they probably shouldn’t. It’s human to think that bad things only happen to other people.
Large reputable companies like Microsoft simply can’t take chances with their security or risk exposing end users to harm. The cost in both time and money would be too great; not to mention the damage to their reputation. That makes the Code Signing SSL Certificate very critical to businesses with a strong reputation to protect.
With this certificate, we can be assured of two important elements:
Content Source Authentication — ensures the developer’s code legitimacy
Content Integrity — verifies that the code is authentic and has not been tampered with
How to view the SSL Certificate
To authenticate a software program, click on the certificate that has been issued. You should be able to view the publisher’s name. There may be other information such as a timestamp. If it isn’t there, then the software originates from an “Unknown Publisher”. It may or may not be authentic. It could contain spyware, ransomware, malware, or other viruses. In some cases, thieves download authentic-looking programs onto your computer with a dangerous script running in the background. These lines of code can allow the Software Pirate to steal passwords and/or personal information.
How do Code Signing SSL Certificates work?
Just like other SSL Certificates, the Code Signing Certificate is created based on the public-private key pair. Though a key pair is related mathematically, the private key can only be decrypted by its original owner. Public keys are made available to anyone with access to the public repository. If you have a message that you only want one person to be able to read, this can be done using a private key. It always remains confidential and private to its respective owner.
This history of Cryptography
The concept of cryptography began as early as 1874 when William Stanley Jevons wrote a book called The Principles of Science. In it, he described various ways of creating a message that could only be read by the intended party. His theory was to produce a long random number that could only be known by one other person. For years, various mathematicians worked on the idea until 1970 when a British cryptographer working for the UK government came up with what he called, “non-secret encryption”.
Cryptographers and scientists saw the important applications for military use. Being able to send messages that the enemy could not read became a vital function of national security for all governments. Though this type of cryptography is still used today, it’s more common usage now is to protect software programs from alteration.
Why are SSL Certificates necessary?
When an application or program does not have a Code Signing SSL Certificate, any programmer can go into it and change lines of code however they want. This leaves everyone vulnerable. Maybe the programmer improved the software but maybe he added a Trojan worm. Individuals and especially companies have a lot at risk and simply cannot afford to download malware or ransomware that would lock up all their files.
Reputable software manufacturers want to ensure that their products are free from tampering and the Code Signing SSL Certificate makes alteration impossible. It’s the perfect way to let users know that the software or app is authentic.
The process of creating a Code Signing SSL Certificate
There are multiple steps required in the process of creating the Code Signing SSL Certificate. The process begins with the actual code signing itself. This confirms the identity of the person or company that created the software. The steps are briefly outlined below:
The software developer requests a Code Signing SSL Certificate.
The identity of the developer is certified.
A special Code Signing program is used to attach the SSL certificate to the software as a digital signature.
The developer can now send the program out to publishers.
Publishers double check to make sure the digital signature is authentic.
A time stamp is often entered so that the certificate doesn’t expire.
