You know what we love where I work? Security. Seriously, it’s our favorite thing to talk about around NSS Labs Headquarters that’s not the finale of West World (yes, we’re still stuck on it).
We dream about security threats while analyzing what a breach really means. We obsess about keeping things secure, we argue about strategy, and plenty of times, we wax poetic on ways teams can make their systems more secure.
As the NSS Labs crew heads into this year’s RSA conference, we’ll be surrounded by some of the brightest minds in security.
On the other hand, we’ll also be around those looking to hack those bright minds. Security culture is complex like that.
But, we figured this was a good time to share some tips that any team could use to make their systems stronger, the basic stuff everyone can do. A few might seem obvious, but it never hurts to remind folks that simple measures could keep their systems secure.
1. Make sure your plug-ins are up to date
There are a lot of people who hit “remind me later” when it’s time to download that plug-in update. But, what folks don’t realize is that those updates typically provide patch fixes for known bugs, or errors working as backdoors to all kinds of viruses.
It’s a hacker’s job to try their damnedest to get into your computer, and by not updating your Java, you’re giving them that much more firepower.
Plug-ins like Java or Flash need to be updated on the regular.
If you want an alternative to checking for updates manually, both Firefox and Chrome offer plug-ins of their own, which tell you when updates are available for practically everything on your machine. All you need to do is click a button, and you’re off to the update races – your browser does all of the work for you. By doing so, you’re giving shady characters one less avenue to potentially get your information.
2. Get proactive in the fight against ransomware
If you haven’t heard of ransomware, here’s the easy definition: it sucks. Some variants of ransomware live in your spam folder and can turn your computer into a brick with a simple click. If you’re unlucky enough to open that email from the Nigerian Prince, and next thing you know, you’re locked out of your machine – it’s likely you’ve been hit with ransomware.
Ransomware is a threat that scrambles your data and then makes you pay a ransom to decode it. Over 4,000 ransomware attacks happen every day. Go ahead, Google it. Every. Day. It’s the second most scary thing next to self-diagnosing on WebMd.
Staying vigilant in today’s ever-evolving tech landscape is imperative. Hackers don’t sleep – they’re always looking for a way to get paid. Not everyone falls victim to this plague, but there are a few steps your team can take to ensure no one is opening an email they shouldn’t.
If you’re running an IT team, or are in charge of your company’s security, there are a few easy best practices you should keep in mind when dealing with your not so technical co-workers:
- Get an incident management plan together with your IT team
- Remind coworkers to not open shady-looking emails from unknown addresses
- Simulate an attack and put your system to the test
- BACK UP YOUR STUFF – Get a Dropbox account for your important documents and work in Google Docs or Confluence
- Set up automated system alerts when code looks compromised
- Adjust your computer’s security settings to alert staff in case of suspicious activity
3. Keep your password complicated
Look, this seems easy enough, but there are a lot of people who use 1234 as their password. Really.
By making your password complicated with a series of numbers and symbols, you’re protecting yourself and your information.
Cyber awareness is crucial – it’s important you don’t give hackers the edge. By making the password complicated, it’s harder for password jugglers to crack your accounts.
4. Wipe that drive
Just because you delete something from your computer doesn’t mean it’s gone.
Computers have hard drives like the raptors in Jurassic Park: they remember.
When it’s time to get a new laptop, make sure your drive is wiped clean and you give it a factory reset. If you don’t, those files you thought you’d deleted could fall into the wrong hands.
And there you have it – four simple tips to get your team more secure in 2017.
Study finds 1,000 phrases that accidentally activate smart speakers
(TECH GADGETS) Don’t worry about accidentally activating your nosy smart speakers… unless, of course, you utter one of these 1,000 innocuous phrases.
It’s safe to say that privacy concerns, especially in today’s digital era, are unquestionably valid. With new video recording technology making it easier to identify people at a glance (whether they like it or not) and concerns that your smart speakers are eavesdropping on you, it may feel like you’re bordering on slightly paranoid around modern technology.
After all, even though there have been cases of smart speakers picking up on intimate conversations, there’s absolutely no risk of them overhearing private things without your consent, right? Even though it’s been documented that these devices — including Cortana, Alexa, Siri, and Google Home — have listened in relationship spats, criminal activity, and even HIPAA-protected data, you’re totally in the clear.
Oh yeah. The thing is, everything that gets broadcast into your smart speaker? There’s a completely random chance that someone back at headquarters may decide to sift through it in order to improve AI learning.
And while most of the time these conversations are totally benign, it doesn’t change the fact that a complete stranger is getting an earful of your private life. In fact, these transmissions? Are actually completely admissible in court, as several murder cases have already demonstrated. Their key evidence was none other than poor Alexa herself.
But wait, wait. These smart speakers can only get your information if you activate them, and that requires you to clearly enunciate their names. Right? Um. Not exactly. Even though you may think that you need to speak crisply into the speaker to activate it, it turns out that these devices are highly sensitive to any suggestion that you might be talking to them. It’s almost like your dog when you even remotely glance at his bag of doggie treats in the corner: one crinkle and Fido comes running, begging for some kibble and ready to serve you.
It’s the same for your smart speakers. As it turns out, there are over a thousand words or phrases that can trigger your device and invite it to start recording your voice. These can range from the perfectly reasonable (Cortana hearing “Montana” and springing to attention) to the downright absurd (Alexa raising her hackles over the words “election” and “unacceptable”). Well, crap. Now what?
It’s no secret that someone is listening in on your conversations. That’s been clearly documented, researched, dissected, and even accepted at this point. However, if you thought that they’d only listen to it if you gave them implicit permission by activating your device (which, to be fair, should not even count as permission in the first place), you were wrong.
So what’s a privacy-loving person to do? Just suck it up and try to choose between the lesser of two evils? On one hand, yes, these smart speakers are super convenient and can make your life easier. On the other?
Well, if you’re a fan of your privacy, then perhaps these devices aren’t meant for you. At this point, you’ve got little recourse. These companies will continue to use your data, and there’s nothing stopping them from spying on you. That is, unless you prevent them from doing it in the first place.
If you want to keep your private conversations private, either unplug your smart speaker when you’re not using it, or don’t get one in the first place. Otherwise, you’ll continue to give your implied consent that you’re totes cool with them butting in on your personal life, and they’ll continue to be equally totes cool with using it without your permission.
HEY needs to fix its issues to be the Gmail killer it claims to be
(TECH NEWS) You would hope that HEY, the paid email service, would launch without issues but it has a few. Let’s hope some of that money goes to fixing them.
Last week, we covered HEY–a new email service that seemingly has a lot to offer–and while we largely praised the service despite it being a paid client awash in a sea of free email options, not everyone is fully on board with HEY’s inimitable charm–at least, not yet.
Adam Silver, an interaction designer focused on user experience, had some criticisms of HEY–many of which he identified as “pretty surprising oversights.” Though Silver does mention that his overall opinion of the service is good, these oversights are the focus of his review.
“All of these things are really easy to fix,” amends Silver.
Another issue Silver highlights is the inbox (imbox?) sorting. As we mentioned previously, there are three locations for email: the imbox, the feed, and the paper trail, each of which serves a different purpose. The problem with this system is that organizing emails by only three overarching categories affords little flexibility; furthermore, Silver notes that the menu for accessing each folder leaves a lot to be desired from a design standpoint.
The feed is also the subject of Silver’s criticism in that it doesn’t function enough like a traditional inbox to the point that it is actually difficult to use. Especially given the feed’s purpose–to store newsletters and such in a free-scrolling manner–this is a hold-up for sure; coupled with the feed’s lack of notifications, you can see how this problem cripples the user experience without active attention to the ancillary feed inbox.
Lastly, Silver mentions that the name “imbox” is, well, stupid. “This is not a typo but it’s not good,” he says. “You need a really good reason not to keep things simple.”
This is actually a point that we initially glossed over in our overview, but it’s another instance of a company doing a little too much to stand out–and, in doing so, potentially disrupting the user experience. “Keeping it simple” by calling the delivery place for your email the “inbox” won’t sink your brand, and the name “imbox” is sure to, at best, annoy.
It’s important to reaffirm that HEY’s driving principle–accessible email that prioritizes your privacy and charges you a relatively nominal fee for doing so–is good, and that’s the tough part of any app’s development; should they choose to follow Silver’s lowkey advice and make a few tweaks, they’ll have a winning product.
Live captioning via AI is now available for Zoom, if a little limited
(TECH NEWS) In order to be more inclusive, and improve the share of information with your team, live captioning is a great option for your next Zoom call.
The ubiquitous all-father Zoom continues to prompt innovation–and in a time during which most companies are still using some form of remote communication, who can blame them? It’s only fitting that someone would come along and try to flesh out Zoom’s accessibility features at some point, which is exactly what Zoom Live Captioning sets out to accomplish.
Zoom Live Captioning is a Zoom add-on service that promises, for a flat fee, to caption up to 80 hours per month of users’ meetings via an easy-to-implement plugin. The allure is clear: a virtual communication environment that is more time-efficient, more accessible, and more flexible for a variety of usage contexts.
Unfortunately, what’s less clear is how Zoom Live Captioning proposes to achieve this goal.
The live-captioning service boasts, among other things, “limited lag” and “the most accurate [speech-to-text AI] in the world”–a service that, despite its sensational description, is still only available in English. Furthermore, anyone who has experienced auto-captioning on YouTube videos–courtesy of one of the largest technology initiatives in the world–knows that, even with crystal-clear audio, caption accuracy is questionable at best.
Try applying that level of moving-target captioning to your last Zoom call, and you’ll see what the overarching problem here is.
Even if your Zoom call has virtually no latency, everyone speaks clearly and enunciates perfectly, your entire team speaks conversational English at a proficient degree across the board, and no one ever interrupts or experiences microphone feedback, it seems reasonable to expect that captions would still be finicky. Especially if you’re deaf or hard of hearing–a selling point Zoom Live Captioning drives home–this is a problematic flaw in a good idea.
Now, it’s completely fair to postulate that any subtitles are better than no subtitles at all. If that’s the decision you’d like to make for your team, Zoom Live Captioning starts at $20 per person per month; larger teams are encouraged to contact the company to discuss more reasonable rates if they want to incorporate live captioning across an enterprise.
Nothing would be better for speech-to-text innovation than being wrong about Zoom Live Captioning’s potential for inaccuracy, but for now, it’s safe to be a little skeptical.
Women-owned businesses make up 42% of all businesses – heck yeah!
Supreme Court okays trademarking for ‘generic’ name URLs
How to increase website engagement
Study finds 1,000 phrases that accidentally activate smart speakers
Idea: Color-coded face masks as the new social contract to combat COVID-19
HEROES Act could increase unemployment stimulus benefits, add return to work bonus
LinkedIn: New retargeting options expand your marketing efforts
A closer look at the HEROES act, and who stands to benefit the most
The future of quantum computing is “Azure” bright and you can try it
The Apple Watch isn’t just a way to ignore calls, it could save your life
Anti-surveillance mask – creepy, ingenious, or potentially illegal?
Amy’s Ice Cream founder on Austin’s business risks and rewards #WhyAustin
Turns out a lot of people are in between introverted and extroverted
P. Terry’s founder on the booming economy in Austin #WhyAustin
Ladies and gentlemen, the U.S. National Anthem
Our Great Partners
news neatly in your inbox
Subscribe to our mailing list for news sent straight to your email inbox.
Thank you for subscribing.
Oh boy... Something went wrong.
Opinion Editorials1 week ago
Managing bipolar disorder and what I wish my employers understood
Politics2 weeks ago
The White House pushes for $450 per week return to work bonus
Business News2 weeks ago
How well-meaning diversity and inclusion hiring practices could backfire
Business Marketing2 weeks ago
Can small businesses keep up as more big box brands offer $15/hr pay?
Tech News2 weeks ago
Data Dividend Project wants you paid for companies to use your data
Social Media1 week ago
Well established Pinterest has a new competitor, Google Keen
Business Marketing2 weeks ago
Apple doesn’t push product placement. What can you learn from them?
Social Media2 weeks ago
Twitter to introduce voice recording feature, be ready for even hotter takes