You know what we love where I work? Security. Seriously, it’s our favorite thing to talk about around NSS Labs Headquarters that’s not the finale of West World (yes, we’re still stuck on it).
We dream about security threats while analyzing what a breach really means. We obsess about keeping things secure, we argue about strategy, and plenty of times, we wax poetic on ways teams can make their systems more secure.
As the NSS Labs crew heads into this year’s RSA conference, we’ll be surrounded by some of the brightest minds in security.
On the other hand, we’ll also be around those looking to hack those bright minds. Security culture is complex like that.
But, we figured this was a good time to share some tips that any team could use to make their systems stronger, the basic stuff everyone can do. A few might seem obvious, but it never hurts to remind folks that simple measures could keep their systems secure.
1. Make sure your plug-ins are up to date
There are a lot of people who hit “remind me later” when it’s time to download that plug-in update. But, what folks don’t realize is that those updates typically provide patch fixes for known bugs, or errors working as backdoors to all kinds of viruses.
It’s a hacker’s job to try their damnedest to get into your computer, and by not updating your Java, you’re giving them that much more firepower.
Plug-ins like Java or Flash need to be updated on the regular.
If you want an alternative to checking for updates manually, both Firefox and Chrome offer plug-ins of their own, which tell you when updates are available for practically everything on your machine. All you need to do is click a button, and you’re off to the update races – your browser does all of the work for you. By doing so, you’re giving shady characters one less avenue to potentially get your information.
2. Get proactive in the fight against ransomware
If you haven’t heard of ransomware, here’s the easy definition: it sucks. Some variants of ransomware live in your spam folder and can turn your computer into a brick with a simple click. If you’re unlucky enough to open that email from the Nigerian Prince, and next thing you know, you’re locked out of your machine – it’s likely you’ve been hit with ransomware.
Ransomware is a threat that scrambles your data and then makes you pay a ransom to decode it. Over 4,000 ransomware attacks happen every day. Go ahead, Google it. Every. Day. It’s the second most scary thing next to self-diagnosing on WebMd.
Staying vigilant in today’s ever-evolving tech landscape is imperative. Hackers don’t sleep – they’re always looking for a way to get paid. Not everyone falls victim to this plague, but there are a few steps your team can take to ensure no one is opening an email they shouldn’t.
If you’re running an IT team, or are in charge of your company’s security, there are a few easy best practices you should keep in mind when dealing with your not so technical co-workers:
- Get an incident management plan together with your IT team
- Remind coworkers to not open shady-looking emails from unknown addresses
- Simulate an attack and put your system to the test
- BACK UP YOUR STUFF – Get a Dropbox account for your important documents and work in Google Docs or Confluence
- Set up automated system alerts when code looks compromised
- Adjust your computer’s security settings to alert staff in case of suspicious activity
3. Keep your password complicated
Look, this seems easy enough, but there are a lot of people who use 1234 as their password. Really.
By making your password complicated with a series of numbers and symbols, you’re protecting yourself and your information.
Cyber awareness is crucial – it’s important you don’t give hackers the edge. By making the password complicated, it’s harder for password jugglers to crack your accounts.
4. Wipe that drive
Just because you delete something from your computer doesn’t mean it’s gone.
Computers have hard drives like the raptors in Jurassic Park: they remember.
When it’s time to get a new laptop, make sure your drive is wiped clean and you give it a factory reset. If you don’t, those files you thought you’d deleted could fall into the wrong hands.
And there you have it – four simple tips to get your team more secure in 2017.
What is UI/UX? Take a little time to learn for free!
(TECH NEWS) For the all-time low price of—well, free—Invise gives you the option of learning a few basic UI and UX design techniques.
There’s no denying the strong impact UI and UX design has on the success of a website, app, or service—and, thanks to some timely altruism, you can add basic design understanding to your résumé for free.
Invise is a self-described beginner’s guide to the UI/UX field, and while they do not purport to deliver expert knowledge or “paid courses”, the introduction overview alone is pretty hefty.
The best part—aside from the “free” aspect—is how simple it is to get a copy of the guide: You enter your email address on the Invise website, click the appropriate button, and the guide is yours after a quick email verification.
According to Invise, their beginner’s guide to UI and UX covers everything from color theory and typography to layout, research principles, and prototyping. They even include a segment on tools and resources to use for optimal UI/UX work so that you don’t have to take any risks on dicey software.
UI—short for “user interface”—and UX, or “user experience”, are two critical design aspects found in everything from websites to app and video game menus. As anyone who has ever picked up an outdated smartphone knows, a janky presentation of options or—worse yet—a lack of intuitive menus can break a user’s experience far faster than slow hardware.
Similarly, if you’re looking to retain customers who visit your website or blog, presenting their options to them in a jarring or unfamiliar way—or selecting colors that clash for your landing page—can be just as fatal as not having a website to begin with.
The overarching problem, then, becomes one of cost. Hiring a design expert is expensive and can be time-consuming, so Invise is a welcome alternative—and, as a bonus, you don’t have to dictate your company’s vision to a stranger and hope that they “get it” if you’re doing your own design work.
2020 probably isn’t the year to break the bank on design choices, but the importance of UI and UX in your business can’t be overstated. If you have time to read up on some design basics and a small budget for a few of the bare-bones tools, you can take a relatively educated shot at putting together a modern, desirable interface.
Google set to release new AI-operated meeting room kit… and it’s pretty baller
(TECH NEWS) Google’s newest toy is designed to “put people first” by alleviating video and audio issues for conference room meetings.
Remote meetings can be the worst sometimes. The awful video and audio quality are frustrating when you’re trying to hear important details for an upcoming project. Even with the fastest internet connection, this doesn’t guarantee you’ll be able to clearly hear or see anyone who’s in the office. But Google is re-imagining conference rooms with their new video conferencing hardware.
Yesterday, the company introduced Google Meet Series One. In partnership with Lenovo, this meeting room kit is made exclusively for Google Meet and is poised to be the hardware that “puts people first.”
The Series One has several components that make it stand out. First is the “Smart Audio Bar,” powered by eight beam-forming microphones. Using Google Edge TPUs, the soundbar can deliver TrueVoice®, the company’s “proprietary, multi-channel noise cancellation technology.” It removes distracting sounds, like annoying finger and foot-tapping noises, so everyone’s voices are crystal clear from anywhere in the room.
The hardware also has 4K smart cameras that allow for high-resolution video and digital PTZ (pan, tilt, zoom) effects. Processed with Google AI, the device knows to automatically zoom in and out so all of the meetings’ participants are framed in the camera. With an i7 processor and Google Edge TPUs, the system is built to “handle the taxing demands of video conferencing along with running the latest in Google AI as efficiently and reliably as possible.”
The meeting kit has Google grade security built-in, so the system automatically updates over-the-air. The system also works seamlessly with Google services and apps we already use. Its touch control display is powered by a single ethernet cable. From the admin controls, you can manage meeting lists and control room settings. Powered by assistant voice commands, their touch controller provides a “touchless touchability”; if you want to, you can join a meeting just by saying, “Hey Google, join the meeting.”
These new meeting kits are easy to install and are versatile. They can be configured to fit small, medium, and large-sized rooms. “Expanding kits for larger rooms can be done with just an ethernet cable and the tappable Mic Pod, which expands microphone reach and allows for mute/unmute control.”
According to the Google Meet Series One introductory video, the meeting room kits are “beautifully and thoughtfully designed to make video meetings approachable and immersive so everyone gets a seat at the table.”
Currently, there is no release date set for Google Meet Series One. However, pre-orders will soon be available in the US, Canada, Finland, France, Norway, Spain, Ireland, United Kingdom, Sweden, Australia, New Zealand, Japan, Netherlands, Denmark, and Belgium.
One creepy way law enforcement might have your private data
(TECH NEWS) Wait, geofences do what? Law enforcement can pull your private data if you’re in the wrong place at the wrong time.
By now, it’s pretty common knowledge that our smartphones are tracking us, but what you might not be aware of is just how much law enforcement is taking advantage of our private data. Now, the good news is that some places have gotten wise to this breach of privacy and are banning certain tactics. The bad news is: If you were ever in the vicinity of a recent crime scene, it’s quite possible your privacy has already been invaded.
How are law enforcement doing this? Well, it starts with a geofence.
At its core, a geofence is a virtual border around a real geographic location. This can serve many purposes, from creating marketing opportunities for targeted ads to tracking shipping packages. In the case of law enforcement, though, geofences are often used in something called a geofence warrant.
Traditionally, warrants identify a subject first, then retrieve their electronic records. A geofence warrant, on the other hand, identifies a time and place and pulls electronic data from that area. If you’re thinking “hey, that sounds sketchy,” you are–forgive the pun–completely warranted.
With a geofence, law enforcement can dig through your private data, not because they have proof you were involved in a crime, but because you happened to be nearby.
This practice, though relatively new, is on the rise: Google reported a 15-fold increase in geofence warrant requests between 2017 and 2018. As well as invading privacy, these warrants have led to false arrests and can be used against peaceful protesters. Not to mention, in many cases, geofence warrants can be extremely easy to acquire. One report in Minnesota found judges signed off on these cases in under 4 minutes.
Thankfully, there have been signs of people pushing back against the use of geofence warrants. In fact, there have been multiple federal court rulings that find the practice in violation of the Fourth Amendment, which protects citizens from “unreasonable searches and seizures,” including your electronic data.
If you’re still worried about your privacy, there are ways to keep your electronic data on lock. For example, turn off your location services when you’re traveling, and avoid connecting to open Wi-Fi networks. You can also work to limit location sharing with apps and websites.
Opinion Editorials6 days ago
The actual reasons people choose to work at startups
Opinion Editorials2 weeks ago
Online dating is evolving and maybe networking will too
Business News2 weeks ago
2020 Black Friday shopping may break the mold
Business News2 weeks ago
Fake news? Well, what about fake reviews?
Business Entrepreneur1 week ago
Small businesses must go digital to survive (and thrive)
Business Finance5 days ago
Small business owners furious over more PPP fraud this week
Opinion Editorials2 weeks ago
Work from home – are we over it?
Business Finance2 weeks ago
Small businesses: CapitalOne, GoFundMe want to give you money