Empowering IT Support to Deliver Efficiency, Reliability, and Satisfaction Across Every Interaction
October marks the start of Cyber Security Awareness month so there’s no better time to revisit some common security tips & practices! At a time where many are in remote or work-from-home environments, it’s important to help protect your workforce, assets, and data.
One of those common attack vectors despite being the most common can be the most effective, phishing. Phishing is the act of pretending or falsifying information in order to get the recipient to reveal sensitive data such as banking, company info, credentials, and so on. While this commonly gets bundled as spam email it’s worth noting that phishing attacks nowadays can be complex & surpass certain spam filters. So here are some tips from the Network Right team to help protect yourself & your employees when it comes to Phishing attacks.
A very common rule when it comes to email phishing attempts is to do a twice-over of all the details of the emails. Noticeable things such as :
That said it’s worth being aware that there’s such thing as domain spoofing. This is where the spammer in question can pretend to be a part of your domain user@domain.com. Making it hard to 100% tell if the email is legitimate or not. While IT admins can do things to help prevent these (Such as implementing filters in G-Suite & so on) it’s always a chance for spammers to leverage this. It’s best for the IT department to preemptive about this and ensures most filters or security policies are in place before any phishing attacks. However, for users knowing this is possible in the first place is the most important step so you can be aware of it.
Often a common attack method is to pretend to be a service or app users may use or be the admin of & attempt to contact users & urge them to change certain credentials or add billing info.
Always be aware of any email in which a company asks you to confirm billing info such as credit cards, reset your password when you didn’t manually request it, and so on. While there are legitimate ways to get these emails it’s always a safe bet if your unsure to go to the site directly & change such info versus clicking a link in an email especially when it’s unwarranted or disguised in an email telling you that its urgent to do so.
While spammers get email addresses from a variety of methods it never hurts to be cautious of whom & what services you give your email to. Often times we’ve seen even legitimate companies have info leaked where users’ emails get out to the public & thus added to these lists that end up spamming users. So while it’s at times unavoidable always do your best to be aware of what services you sign up for.
In the event, you or your employee fall victim to a phishing attack these are some ways you can better prepare & react to when it occurs.
Whether it’s the work from home shift or just general use case here’s a look at some apps we use on our macs to help be a bit more productive from optimizing screen real estate to just saving time & being more efficient in your day to day use. We’re focusing on apps exclusively for Mac OS & that are outside the traditional Slack, Zoom, and other staple apps amidst these times to give some variety to already essential apps.
Whether it’s the work from home shift or just general use case here’s a look at some apps we use on our macs to help be a bit more productive from optimizing screen real estate to just saving time & being more efficient in your day to day use. We’re focusing on apps exclusively for Mac OS & that are outside the traditional Slack, Zoom, and other staple apps amidst these times to give some variety to already essential apps.
A great part of Mac OS is the built-in search functionality known as a spotlight. This is the magnifying glass that sits in the top right of your mac or using the Command + Spacebar shortcut to trigger it. This allows you to search for files, applications, and more. That said there’s a utility out there known as Alfred that takes the already great built-in search & takes it to the next level.
Alfred sits & looks similar to the spotlight search ( You can even use the same command + space keyboard shortcut) to trigger it.
However, Alfred offers a couple more features such as:
Above all, this takes common shortcuts or apps within the Mac & puts them at a single keystroke away. It’s a big part of how I personally navigate my mac & while free you can opt to buy the “Power Pack” to get even more features added to it, which I’d highly recommend doing for mac power users who want to get the most out of Alfred.
The Magnet app makes managing multiple windows in Mac OS quick & easy. For windows users used to the snap-like feature, this achieves the same effect. The app allows you to set hot zones in which you can easily drag or use a shortcut to snap your window into place.
This is highly effective especially in work-from-home situations where you may be using a smaller or not monitor at all compared to the office. Giving you easier ways to arrange your windows to view multiple apps at once in an orientation that fits your needs.
While most may access their email on the web or even the default Mail app on the Mac. Spark is a free app worth checking out for Mac OS. Spark allows you to add multiple inboxes and easily access emails & sort through them in multiple ways.
Some notable features include:
Bear is an app that’s both simple yet versatile & has changed the way I take notes. For those times you need to jot something down or take full-on outlined notes Bear has you covered. With its, customizable yet simple interface to its markdown editor Bear offers a variety of ways to use it. You can opt for the $ 2-month upgrade to get syncing across iOS/Mac OS devices if you’re using it across your ecosystem of devices however the free version on the mac will suffice for most. Upgrade from the standard TextEdit and give it a try. Simple at the surface but the more you dive in the more useful it becomes.
Keyboard Maestro is the epitome of a productivity app for Mac OS. This takes common tasks done across your mac & helps automate them. Everything from launching a series of apps to arranging the windows & how they arrange on the screen to a long laundry list of other tasks. Be it opening commonly used files/directories, triggering an event when something as simple as connecting to wi-fi happens, Keyboard Maestro really does it all.
While set up can take some time to learn, Keyboard Maestro excels in taking repetitive tasks or things you do on the Mac & setting up automation rules for it. Below are just some of the useful automation’s that can be achieved via Keyboard Maestro. Keeping in mind this barely scratches the surface, the possibilities with an app like this really are endless.
At the end of the day, these apps are simply tools to help you get your work & common tasks done more efficiently. As with any tools they are what you make of them and how you utilize them. However given the dependency on our machines in this remote work period, anything that can help automate, improve, or make our tasks easier are a win in our book. Check out the list of apps above today!
Given the climate we’ve been in for the majority of 2020 security is more important than ever when it comes to Infosec/IT. Seeing as employees may be working from home or outside networks is more important than ever to practice implement certain measures to help secure your employees & your company data. Here are some ways we at Network Right recommend & help implement across our clientele in these remote times.
One of the most common ways of protecting your employees at home is to implement some sort of VPN. A VPN helps encrypt your employee’s data across the internet & secure all information that’s transferred. This setup can be as simple as looking to integrate a solution such as OpenVPN or NordVPN for your team to help encrypt their traffic or going as far as implementing a full hardware/onsite equipment at the network level to have your employees connect just as if they were at the office. Enforcing certain rules such as only being able to access certain company resources or files while on said VPN.
A VPN is useful across many spectrums, it encrypts traffic end to end ensuring all work they do is secured whether they’re on public or home wi-fi. Given the amount of data we’re sending nowadays as well as the increased work from home, the internet as a resource is one that’s become very essential. How your employees connect & send data over the said connection is equally as important & why you may want to consider some level of VPN setup.
Commonly referred to as an MDM this tool comes in handy in a multitude of ways when it comes to protecting your employees. Not only does it let you track assets & push out updates/apps but it also lets you remote wipe computers in the event they’re lost or stolen.
This is important because given the remote climate laptops may be more vulnerable to accidental damage or even theft. Ensuring your team has an MDM in place allows IT to remotely wipe the machine or even go as far as to track it. Popular MDM’s like JAMF for Mac or InTune for Windows allows all sorts of controls over your companies fleet of machines & is an investment worthwhile from productivity to security in this remote climate.
A security measure we commonly put in place for our clients is 2FA or some level of multi-factor authentication. This feature ensures that there are at least two methods of verification when logging into an account. So for example outside of entering your companies email password, you would be prompted for a code that’s texted to your phone. This creates a second step to login into the account, so in the event, someone compromised your password to a critical login there’s a backup. 2FA is flexible & can be triggered for example only when you log into an account for the first time on a new device or a different location.
While it may not be as common in a work from home setting you can invest in physical security procedures to help your remote workforce stay safe & protect their hardware. While some of these implementations may be over the top for certain setups we understand that different companies have certain data protection policies in place & protecting that asset is a top priority. So here are some methods to do just that.
Thus why now more than ever as employees are a mix of work or personal machines, accessing accounts on home networks, and from a nontypical location, 2FA is vital to securing account access. Ensuring outside parties can’t get in even with access to a user’s password or account off the bat.
With the remote workforce at an all-time unfortunately so are scams. Nefarious parties trying to get people to log in to fake portals, compromise sensitive data, or just outright gain access to company hardware all amidst these work from home times. This is why it’s important for you to keep your employees up to date & remind them of proper phishing/spam hygiene. Sending out information & resources to ensure they avoid said scams they may get via e-mails and what not while working from home.
Tips such as:
As time goes on in this work from the home state, there will always unfortunately be those trying to exploit said times. So doing your best to keep your team informed & aware is a key step!
On that same token ensuring not just the physical but digital aspect of your employee’s machines is protected is vital. While we may not always be able to control the environment in which an employee connects to a secured network or user behavior we can help prevent attacks through Anti-Virus or Endpoint management deployment. Deploying anti-virus/malware software like Sophos, Malware Bytes, and many others allow us to remotely scan assets & ensure no nefarious programs or software has infected the systems. It also helps prevent users from accidentally getting exposed to scams or malicious downloads. Remote or not it’s a good practice to deploy some form of endpoint protection to your fleet & there’s no better time than now to ensure company data is protected at the digital level.
At the end of the day, everyone has different living situations. That said though the climate we’re in may not be optimal, it doesn’t mean there aren’t things we can do to help protect our employees & the companies data. Whether it be a home network or users on personal devices there are always ways to help secure & make it a safer & seamless experience for your workforce in these already difficult times. These are just some of the many steps you can take to further protect your remote workforce. At Network Right we help ensure our clients & their team are secure & safe amidst this work-from-home period. As in keeping them safe, we help protect the company’s valuable assets & allow them to continue their work efficiently.
Reach out today if you are interested in implementing any or all of the above at your company today to help everyone be more safe & secure in these already difficult work-from-home times.
The popular conferencing app Zoom has pushed an important update that as of May 30th, 2020 will be a mandatory one. Amidst the backlash they’ve got in response to security concerns Zoom’s 5.0 update will introduce full GCM Encryption for all communication through the app & a series of other features such as host controlling the ability to lock the meeting after participants join, enable/revoke access to features such as screen sharing & more all in one place. All to ensure that the app is much more secure & features are conveniently available for users to prevent unwanted parties from joining their calls.
Follow the instructions below to ensure you on the latest 5.0 update on your machine prior to May 30th to avoid any interruptions in your workflow.
3. Run any update that is 5.0 or later
PC or Windows users can simply open the Zoom app & click on your profile icon & look for “Check for Updates”. Chances are you may already be on a 5.0 version but there may be a later update available in any case it’s worth updating to the latest version.
For those administrating your organization’s Zoom, there are some checks you can run on your end depending on the setup. If you’re using Zoom Rooms, Zoom will auto-push an update on May 29th prior to the mandatory 5.0 requirement. However, if you want to push the updates ahead to avoid any issues, you can do it into your Zoom Admin dashboard & under Zoom Room Management push out any updates needed ahead of time.
Additionally, Admins can use the user management section to filter user App versions & ensure all users are on 5.0 or newer. This also helps to find any users who have yet to push the updates so that you can reach out or send reminders to update prior to the May 30th date.
These updates are vital to ensure proper workflow as Zoom calls won’t be permitted unless users are on said version. All of this however is in part to assure users are safe & secure when using the Zoom platform.
With the recent outbreak of COVID-19, sanitation has become even more important. We often clean our kitchens, bathrooms, dining spaces, and floors, but we rarely clean our technology. Because of this, there are phone screens that can have up to 10 times as many bacteria as a toilet seat, and keyboards can have as high as 20,000 times as many germs as a toilet seat as well. While these are likely only your germs, it highlights how little we clean our workspace. Given the recent pandemic, it is now more important than ever to clean our workspace to keep ourselves, our coworkers, and our loved ones safe.
First, we should define a couple of things. Sanitizing refers to disinfecting, whereas cleaning and decluttering refer to organizing items. Both are different, and both are important.
One thing that prevents many of us from sanitizing our workspace is the sheer amount of clutter on it. We may have loose papers, receipts, empty snacks, mugs, books, or more lying around on our desk, so the act of sanitization may feel daunting if there are few clear surfaces. To begin sanitizing, start with decluttering. Try to keep your desk organized so that sanitizing it is quick and simple.
Your instinct may be to grab your spray cleaner and use it on your keyboard but do not do that. You can use disinfectant on your keyboard, but it should be wipes rather than spray because spraying any liquid at your keyboard (or almost any electronic device) can damage it. If you’re unable to find alcohol wipes because stores are out of stock, there are alternatives. If you have spray cleaner (such as Windex or similar brands), you can spray a little bit onto a paper towel and carefully wipe your keyboard. Whichever method you use, make sure to wipe gently – too much pressure could cause excess liquid to leak into your system. Whether it’s a keyboard, laptop, or mouse, gently wiping your device down will keep it sanitized.
One last note: when cleaning a screen, be sure to take extra caution. Avoid using any liquid, and preferably use a microfiber cloth. If any extra effort is necessary, only use a cloth slightly damped in warm water, possibly with a little soap.
Unless your desk is full of devices or things that could be damaged, this is where you switch to spray. Using surface cleaners like Windex, spray your surfaces with it, then spread it and rub it in with a towel or paper towel. Be gentle enough to damage your desk, but use enough pressure to remove any grime and fully apply the cleaner.
It is now more important than ever to keep a clean workspace. It is a fairly simple process, but be sure to take care not to damage your devices. Declutter your space, then sanitize your devices and desk. We’re going through a hard, historic time, and this is one small step we can all take to ensure safety for ourselves and others.
If you found the content in this post useful, please follow us on Twitter for updates! We hope that NetworkRight can continue to provide tech solutions for you.
Follow us on Instagram @network.right and on Twitter @NetworkRightIT
In light of recent events, we wanted to post updates surrounding the popular conferencing app Zoom. The app has gained major popularity amidst this remote climate, however, all that growth comes with a cost. There have been multiple security concerns brought up & we wanted to do our best to summarize what has occurred & has been fixed. Additionally providing some additional tips to help stay secure going forward.
A day later Zoom acknowledged the “feature” & sent out an update to prevent this going forward
After rampant reports of users having their meeting hijacked by external parties, the FBI issued a public warning to users of Zoom to ensure their meetings aren’t left public or share links to said meeting to the public alongside other tips we’ll list below.
Around the same time, multiple bugs were brought public such as the Mac OS installer bug which revealed that Zoom had been using a technique to install the app on user’s macs before they even clicked “install” more about that here. Other bugs included the fact end to end encryption wasn’t used as promised by Zoom, hacks discovered that allowed zoom user microphone & webcam access.
Zoom CEO Eric Yuan published this blog post addressing the aforementioned bugs & reports. Announcing all feature updates would be put on pause to address all security concerns over the next 90 days. Apologizing multiple times following that as more bugs came to light.
“I really messed up as CEO, and we need to win their trust back. This kind of thing shouldn’t have happened”
That all said as Zoom continues to work on fixing its issue what can you as a user do to stay safe on the platform?
Prevent Zoombombs–
Restrictions–
If you’re still concerned about using the Zoom platform as always there are multiple platforms you can consider using such as Google Meet, Slack, Lifesize & much more. We at Network Right value our customer privacy & security & thus want to keep them up to date on the latest happenings on the software they & their teams may be using. Following the above will help you stay safe & ensure your following best practices amidst all of these concerns.
Get started with Network Right.
