Security

How To Keep Uninvited Guests Out of Your Zoom Event

Zoom is a videotelephony and online chat services through a cloud-based peer-to-peer software platform and is used for teleconferencing, telecommuting, distance education, and social relations.  With most of the country working from home and using Zoom as well as other cloud-based communications there has been an uptick in hacking stories.  So, what are we to do?  Let’s look at a few ways we can practice Zoom Safety. At designDATA we believe the following best practices will help:

  • Create separate passwords for each virtual meeting;
  • Establish a Zoom waiting room for meeting participants
  • Lockdown the meeting once everyone invited to attend has joined
  • Do not publicly post-meeting links on social media or any other public forum

How to Best Manage Passwords

How to Best Manage Passwords

The average person can have nearly 100 passwords (or more!) when combining professional and personal accounts and services. That is a lot to remember! Many often use the same email and password for many (if not all) accounts, so they have less to remember. This is the number one liability for accounts online: password reuse. If a popular streaming service suffers a security breach, you may not be too concerned with someone watching a show on your account. However, if your log in information for this service is the same for your banking or other sensitive accounts, the damage can be much more severe. When sites suffer a breach, the hackers immediately try those credentials on banking, email and other sites to see how many areas they can log into with one password. So, it is vitally important to have a different password for every account. In addition, to be really secure, your passwords should all be at least 15 characters (some cybersecurity analysts recommend 25 characters.) How is it humanly possible to remember up to 100 unique lengthy passwords? It’s not! That’s where password managers come into play. A password manager will become your best friend, because it takes care of three critical tasks for you:
  1. It generates lengthy, complex passwords for each of your accounts or logins
  2. It stores these complex passwords in a digital “vault”
  3. It automatically fills in this complex password every time you log into a site
People often say “I’m already using my Internet browser to save my passwords – isn’t that the same thing?” No! Browsers are designed for us to surf the Internet, and although they can store passwords, it doesn’t mean that your passwords are secure. It also means your passwords would be in one browser, so they wouldn’t be available if you use a different browser. Whereas with a password manager, you could log into your personal vault from any browser, making them much more versatile. What if the Password Manger is compromised? Great question! LastPass has been hacked multiple times, but the number of compromised passwords? ZERO. LastPass encrypts all passwords, so the company never sees your passwords, keeping your passwords secure even if a security incident occurs. To find the best password managers for you, your family, and/or your business, we recommend Googling “Best Password Managers”, and you will see a number of reviews of the top password managers available today. Also, please contact your Program Manager to ensure your organization is enrolled in designDATA’s complimentary Dark Web Scan offering which will notify you if any account in your organization has shown up on the Dark Web. Stay safe out there! by Imran Khan

Understanding Dual Band WiFi

Manage Your Work Life Balance and Avoid Burnout

Internally at designDATA, we have been focused on staying connected and checking on each other.  Many times, we have heard staff say, “What day is it?” or “I feel like I work past 5 pm more often now than before.”  Are we showing greater loyalty by sending emails after 6 pm on a Friday because we work from home?  This is an interesting topic and can apply to most of us in this remote work environment.  The Harvard Business Review published some tips about this topic in the article, Avoid Burnout.  It’s important to manage your work-life balance, develop routines, and set boundaries.  It has been a challenge for all of us to some degree.

At designDATA, we share calendars to help with meeting scheduling and work management.  A new modification across the company is the use of unified colored categories in our Outlook calendars to categorize blocks of time.  As an example, block the time, “personal”(grey),  to remember to check on the kids who should be in Distance Learning, not playing FortNite.  Perhaps, you are scheduling team huddles or check-ins, use a specific color so at quick glance you could quantify how many reoccurring meetings you have for the week.  This tip should help avoid burnout and increase productivity with some planning and effort.  Plan your balance and set your boundaries.

Changing Password over VPN

Even with so many working remote in these tumultuous times, security practices such as regular password expiration dates keep looming before us. While we at designDATA are always here to walk you through how to handle this process, here are some tips on how you can do so yourself!

While you are working in the office, you have the convenience of being on the same network as your domain, meaning that if your password needs to be changed, all you need to do is the simple CTRL+ALT+DEL to pull up the ‘Change a Password’ menu.
While the process is largely the same when remote, you also need to make sure that you are connected to your VPN, which simulates being connected to your office network. For most of our customers using the Sophos VPN, that will be the little traffic light icon you should find in the lower right-hand corner of your screen.

Once connected to the Sophos VPN, you can enter the ‘Change a Password’ screen as normal by pressing CTRL+ALT+DEL, and choosing your password. Remember that you will need to enter your new password twice, just as a confirmation!

Once you’ve changed your password, make sure you’re still connected to the VPN by checking to see that the icon is still showing the “green light” and then LOCK your computer twice. This is to ensure the new password is confirmed both on the network as well as on your local computer, as it doesn’t always do so the first time around. If you want to be absolutely sure that it has worked after locking and logging back in twice, you can also sign out and back into the VPN. If you can sign back in, it’s been changed at the domain level as well!
If you’re working from a Mac, or you aren’t a VPN user, your instructions will be different and are specific to your organization. Please contact the designDATA service desk for assistance.
Remember, if you have any issues with any of this, our technicians are standing by to help assist you with your password update or any other needs. We can be reached at service-request@designdata.com, or by calling your client-specific service desk numbers, 24/7.

Status in Microsoft Teams

Microsoft Teams has a Status feature (also sometimes called Presence) that lets people know your availability.  This feature works automatically, but you can also control it manually if you need to:

To access it, click on your portrait in the top-right of Teams, and then mouse-over your current status to see your available statuses. 

If there’s a meeting going on in your calendar, Teams will auto-update your status to “In a Meeting,” or to “On a Call” if you’re on a Teams call.  If you’re idle for a period of time, it will auto-update to “Away.” 

You can manually choose a different status if you want to override the auto-chosen status.  Just be sure to click on “Reset status” when you’re done to let Teams go back to automatically updating your status. 

Lastly, you have an option to “Set status message” to let people know what’s up, such as “On a lunch break, back at 1pm.” 

Teams on your phone or tablet!

You can get all of the same great connectivity and collaboration options from Microsoft Teams not only on your computer but also on your Android or iOS device!

Simply go to your App store, look for Microsoft Teams, install, and log in as you would from your computer.  You’ll find you have access to all of your chats, teams, and the ability to join Teams meetings with one touch, including the ability to participate in screen shares and other features!

While some features aren’t natively available in the Teams app, you’ll find many of the ones you need all the time are available or are available via a separate app (such as the “Planner” app, which allows you to interact with all of the Planner tabs you may have created in Teams).

eSign Solutions

Many of our clients are asking for recommendations on e-Signature software. With COVID-19, eSign solutions aid organizations that do business remotely and within their own organizations. eSign solutions are typically cloud-based and very easy to deploy and use. Some of the top providers of these solutions are below for your investigation. Watch for an upcoming designDATA webinar on eSign solutions!

Adobe Sign

https://acrobat.adobe.com/us/en/sign/pricing/plans.html

$15 / month – and offers PDF manipulation in this monthly fee.  Easy to use!

Docusign

https://www.docusign.com/products-and-pricing

$25 / month – and has a handy mobile application.   An industry leader.

Nitro PDF

$128 for a license for their PDF manipulation with unlimited e-signing.  Plug-in for MS-Word available.  Great deal for a basic solution with no recurring fee.

Data Privacy and ZOOM

During this time, as the majority of the Global Workforce works from home, many people are using Zoom.  While the video conferencing application is very popular, there have been privacy concerns.  Some of the concerns are not unique to Zoom but are standard for any web conference/meeting app, such as the host’s ability to record the session, something that can also be done in Teams.  However, other Zoom ‘features’ are a little “big brother-ish”, such as the attention tracking feature and the data collection mechanics. It is designDATA’s recommendation to create a separate account for Zoom when creating your login, instead of using your Facebook or Google credentials.

Here’s a recent report from Consumer Reports and a CNET Article on data privacy concerns with Zoom. If you don’t have a decent password protecting your meeting, don’t be surprised if you get trolls (or uninvited guests) joining in.

(credit: Jamey Wester)

designDATA’s plan of action during COVID-19

As many of you may have heard, the President has extended the social distancing guidelines to April 30th with the possibility of going past that date. designDATA will continue working remotely and suspending onsite engagements according to the Federal guidelines.

During these times while working from home, we understand a focus on productivity and collaboration is of high importance. Our aim is to be of greater resource to you and your organization during these times.  If you are in need of IT solutions at this time please contact us at https://www.designdata.com/contact-us/ .

Access our blog via our website for tips and tricks on cybersecurity, Microsoft Teams, eSign solutions, other relevant subjects to improve IT productivity in this remote working environment.  https://www.designdata.com/resources/blog/

Why autocomplete passwords are risky

Many people use auto-fill passwords for their convenience. What you might not know is that hackers and advertisers can use them to get access to websites and other applications and gather sensitive information. Learn more about the risks of using autocomplete passwords.

Why auto-fill passwords are so dangerous

Certain web browsers have integrated features that enable usernames and passwords to be automatically entered into a web form. There are also password manager applications that have made it easy to access login credentials. But these aren’t completely safe. They can become a liability if hackers gain access to computers or browsers.

For example, if a hacker gains access to just one account, it’ll be easier for them to obtain access to other accounts because the autocomplete feature will fill in all other saved credentials.

Tricking a browser or password manager into giving up saved information is incredibly simple. All a hacker needs to do is place an invisible form on a compromised webpage to collect users’ login information.

Using auto-fill to track users

For over a decade, there’s been a password security tug-of-war between hackers and cybersecurity professionals. Little do users know that shrewd digital marketers also use password auto-fill to track user activity.

Digital marketing groups AdThink and OnAudience have been placing these invisible login forms on websites to monitor the sites that users visit. AdThink and OnAudience track people based on the usernames in hidden auto-fill forms and sell the information they gather to advertisers. While the intention is not to steal passwords, there’s always the likelihood of exposure.

One simple security tip for today

A quick and effective way to improve your account security is to turn off auto-fill in your web browser. Here’s how to do it:

  • If you’re using Chrome – Open the Settings window, click Advanced, and select the appropriate settings under Manage Passwords.
  • If you’re using Firefox – Open the Options window, click Privacy, and under the History heading, select “Firefox will: Use custom settings for history.” In the new window, disable “Remember search and form history.”
  • If you’re using Safari – Open the Preferences window, select the Auto-fill tab, and turn off all the features related to usernames and passwords.

Being cautious about your password security habits can go a long way in protecting your sensitive data. For managed, 24/7 cybersecurity assistance that goes far beyond protecting your privacy, call us today.