Blog

Broadcasting your password on national television may be the easiest way to invite hackers, but common password mistakes make it almost as easy for your data security to be compromised.

Password safety may not be one of the most interesting topics in the realm of cybersecurity, but having a strong password is one of the easiest ways to protect your business’ data integrity. The importance of a robust password has been emphasized by many experts, yet often users who think that they are utilizing a secure password are actually opening themselves up to attacks. You may not be broadcasting your password on national television, but if your password falls into one of the following categories, you could be just as vulnerable to hackers.

Short and Simple

Short, simple passwords may be easy to remember, but they are also easy to guess. In general, the longer a password is, the harder it is for hackers to break it. Each additional character that you add to your password increases the possible combination of letters, numbers and symbols exponentially. Remember that hackers tend to go after low-hanging fruit, so any steps that you take to make your password harder to crack increases the likelihood that someone trying to break in will move on to the next target instead.

Lacking in Numbers or Symbols

Letters-only passwords may be more intuitive for you–but they are for hackers as well. Just as adding additional characters to your password exponentially increases the number of the possible combinations, so does using numbers and symbols in addition to letters. Just think about it: using letters, symbols and numbers means that each character in your password has almost twice as many options as if you only use letters.

Based on Personal Information

As highlighted in the clip from Jimmy Kimmel Live, using personal information such as a pet’s name or a birthday is incredibly common. Including personal details in your password, however, makes you very vulnerable to hacking. You may think that “Fido111379” is secure and difficult to guess, but blog posts discussing your dog or Facebook comments wishing you a happy birthday can broadcast your personal details to anyone who cares enough to look for them.

Simplistic Patterns

Being able to remember your password is, of course, necessary and utilizing a pattern might seem to be an easy solution to commit it to memory. Complex patterns that use letters, numbers and symbols within a long password are not a security risk. However, most people who use patterns in their password rely on overly simplistic ones, and this makes you vulnerable to hackers, particularly if your password is short. One particular type of pattern that you must avoid is keyboard-based patterns, such as “123qwe” or “1qaz2wsx.”

Worried that your business’ data might be vulnerable to hackers? The experts at Omaha’s InfiNet Solutions can help you evaluate your security procedures to see if you have any glaring holes. Contact us today at (402) 895--5777 or [email protected] to learn more.

Used by permission

Outlook for Mac now works with beloved apps like Google Calendar and Contacts: Take a look at the details!

Outlook for Mac began with a simple goal: Provide Outlook services for Mac users with a new app. Many users are familiar with Outlook or prefer using Outlook services for business along with other Microsoft apps, while also preferring to use a MacOS or iOS platform. Outlook for Mac allows people to have it both ways.

However, in the past, OfM has lacked in-depth integration, which may have kept you from considering it. Fortunately, in the latest updates Microsoft has pushed new functionality to the email client: Now it’s more useful for companies than ever before, especially to those who already depend on Google apps for their communication. Here’s what has changed.

Outlook and Gmail

If you have used Outlook for Mac in past years, you may know that it is designed to link to your Gmail account: This is particularly useful for Mac-based companies and sole proprietors who tend to rely on Gmail for their communication before adopting Outlook for Mac. This way, Gmail emails are synced to the Outlook account, and users don’t have to go around telling all their clients about a new email or changing their logins for every site that requires an email. It’s an effective solution, but for a long time it stopped with basic email syncing.

Now, Microsoft is adding new, deeper connections to Gmail services. This way, you don’t have to bounce between Outlook and Gmail tools when trying to organize events or plan out your schedule, significantly increasing the usability of OfM for most Mac users that are still accustomed to Gmail.

Create and Edit Google Calendar Events

One of the biggest features coming to Outlook for Mac is the ability to connect to Google Calendar as well as traditional email. That means that your Outlook Calendar and Google Calendar will be synced. Any events that you have in your Google Calendar will be automatically transferred to Outlook, and vice-versa.

The syncing is adept enough carry changes across programs no matter where you decide to make edits. If you prefer to add events in Outlook, they will carry over to Google. If you want to open up Google Calendar quickly and make an edit to an event, that edit will carry to Outlook as well. Because Calendar can essentially function as a separate app, you don’t even need to be heavily invested in Gmail to take advantage of this feature – just have a Google account and make use of Calendar. This adds a lot of usability for people who were not interested in the original Gmail syncing.

Add and Manage Google Contacts

Really, it’s a little surprising that it took this long for Google Contacts to sync with Outlook. But now that the two programs share information readily, Contacts will now port over to your Outlook list. This change also works both ways, so no matter where contacts are added or modified, they will be synced. This can be especially helpful if you have a sales rep or marketing employee who loves to use Google Contacts, while you are trying to get everyone to use Outlook. They can continue to use the Google version, while Outlook will still be updated with their latest contacts.

Sync with Mobile Devices

Yes, the new version of Outlook for Mac will sync on both iOS and Android devices. If you pull out a mobile device and update a contact or calendar event during a conversation, it will carry over for both Google and Outlook. Since most of our common on-the-fly calendar and contact adjustments tend to occur on the go when our mobile devices are easy to reach for, this feature guarantees that such updates will transfer without trouble.

Gmail Now Benefits from Traditional Outlook Features

Outlook for Mac has several features that tied its emails to other functions. Those features now work with Gmail emails as well. For example, if you talked about an even and its time in an email, Outlook would add that to your events. Now Outlook will look into Gmail emails for the same information and automatic event posting. This also applies to package delivery details, travel reservations, and other relevant information found in emails.

Note on Downloading

The new OfM features are already available if you already have an older version software. Just update your current Outlook for Mac app, and you should now be linked to Calendar and Contacts. If you do not currently have Outlook for Mac, it’s an easy online download and you still have a couple months to download it for free before June 30, 2017, after which Microsoft will put a price tag on the software. It’s in your best interest to act quickly on this one to save money!

For more information on the apps and services that can make your Omaha business more efficient (and a lot easier to handle), contact InfiNet Solutions at (402) 895--5777 or [email protected] and let us know how we can help!

A recent study by Deloitte found that most HR departments are significantly behind the curve in adopting and adapting to new technology, but these challenges present opportunities for HR departments to improve their effectiveness in the digital age.  

As companies of all types and sizes continue on the path of their digital transformation journey, many will find that individual departments seem better suited to adapting to and integrating new technology than others. In their most recent annual Global Human Capital Trends report, professional services firm Deloitte found that human resources departments, in particular, have difficulty keeping up with the rapid pace of technological change. Executives across industries rated their HR departments as significantly below average in adopting and utilizing new technology, while only 17 percent of business leaders felt that their companies were ready to oversee an “augmented” workforce that includes people and AI working together. Despite these challenges–or perhaps because of them–HR departments have some of the strongest opportunities for any practice area to significantly improve their functionality, increase their effectiveness and boost the overall results of their entire company by taking strides toward technological integration.

A large reason that HR departments have difficulty responding to new technology is that the potentially transformative effect of these innovations is often much greater for HR than it is for other departments. Like Deloitte, competing for professional services firm Accenture believes that digital technology has the potential to completely disrupt the role of HR departments–and that this could result in a total shift in the function of HR.

For example, talent management has long been seen as a function that resides solely in the purview of the HR department, but shifts in technology stand to disperse this role throughout a business. Digitization and an increasing utilization of cloud-based tools will move the talent management process toward becoming an everyday activity for managers and employees themselves rather than a centralized function overseen and run by HR departments.

This radical change in function doesn’t eliminate the need for HR departments, however. Instead, HR professionals have the opportunity to take on a more expansive and strategic role within their organizations. For example, Accenture foresees HR departments will play a much more significant role in evaluating external technologies as well as creating more effective interfaces between external tools and their organization’s internal systems and data. About employees, HR will still play a major role, but the opportunity is now to act more as a marketing department for talent. Analyzing employee data and using this information to create a strong company brand and custom talent offerings will be the functions of the HR departments that fully embrace the digital transformation.

What does all of this mean for small businesses and their HR professionals? As many small business owners know, their size doesn’t mean that they can ignore new technology; indeed, adapting to innovations and staying nimble in the face of change is often more important for small businesses than for large corporations. The HR departments of small businesses have a potentially transformative role to play for their entire company. By relying more on technology to replace rote tasks and integrating more closely with other departments as part of the digital transformation process, HR departments can add significant value to a business by acting more like a strategic partner and engaging with current employees, potential employees and outside vendors on a higher level.

Are you curious if your HR department is staying on target with adopting new technological solutions? At Omaha’s InfiNet Solutions, our digital transformation experts can help you identify your business’ problem areas and the solutions that can address these issues. Please contact us today at (402) 895--5777 or [email protected] to learn more.

Malware attack seeks to disable user systems by targeting Microsoft Office vulnerability

Microsoft Office users are on edge after being made aware of a new threat that has been targeting fully-patched systems using a zero-day attack. This cyber attack installs malware through an Office vulnerability and can leave user systems damaged or completely disabled. Until a patch to solve this issue has been released, experts strongly recommended that business owners instruct staff members not to open or send Word documents via email.

In the short-term, Microsoft Office has a ‘Protected View’ setting that should be enabled by default. All Office users should ensure this feature is activated before opening any Microsoft Office attachments. If users open a Word document and see a pop-up, it’s a strong indication that the system has been compromised. Microsoft Office is such a fundamental part of almost all modern business operations, so the malware attack has the potential to affect businesses of all sizes and across all industries.

The IT experts at InfiNet Solutions want to be sure that local business owners are aware of the potential threat and know exactly how to keep team members on their toes. Until a solution is implemented and the problem is fixed, informed staff members are the front line of defense. More than just being wary of Word documents sent via email, there are several other precautions to be taken including:

• Ensuring team members are aware of this threat and the risk level it presents,
• Implementing an alternative method to share documents,
• Making us of email filtering solutions to temporarily block Word documents,
• Temporarily disabling the Group Policy Object (GPO) in Active Directory systems that allow users to edit flagged files, and
• Enabling the GPO that uses ‘File Block’ to temporarily block .rtf files altogether.

While there is currently no patch available to correct this vulnerability, Microsoft has assured users that they are working closely on the issue. A fix is expected to be rolled out over the coming days in conjunction with the next batch of Microsoft updates. In the meantime, InfiNet Solutions is urging local business owners to use caution when opening email attachments, and avoid opening Word files altogether if possible.

Until the update is made available, users should be especially vigilant, keep an eye out for communications from Microsoft, and be sure to install any updates the moment they’re released. If local business owners have specific questions or concerns about the threat, the InfiNet Solutions team is always available to help. Their cyber security experts can be reached directly at (402) 895--5777.

If you’d like to connect your business-minded audience with more information about this potential threat and how they can stay secure and productive while Microsoft fixes the issue, please don’t hesitate to reach out to us.

Spring clean your computer with this full checklist!

Spring is the perfect time to clean out your computer – and we’re talking about both outside and inside! If you can’t remember last time you really cleaned your computer and other electronic devices, then schedule a space to really spend some time cleaning off the dirt, dust, and unwanted files or data. Not sure where to begin? We’ve got just the place for you to get started!

1. Clean Your Screen and Apply a Screen Protector

Screen protectors are those thin, invisible films that you apply to your screen to help protect it against scratches and make it easier to clean. While screen protectors are fairly common on smaller devices like smartphones, they are also available for larger screens, but few people take advantage of them. This is often a missed opportunity! The right film can not only protect screens but also help reduce glare, improve privacy, and much more. It’s an ideal solution for a laptop that’s frequently on the go.

The key is finding a screen protector film that fits your electronics and is a high-quality product. Poor quality films aren’t worth the time, so make sure you check out reviews before buying the first film protector that you see.

When you have your screen protector, carefully clean and dry your screen with a soft cloth and a neutral cleaner. Take this time to clean off all those little specks that have been on the screen forever. Then carefully apply the film – many versions use some kind of adhesive or spray in the process, so everything needs to stay extra clean. Smooth out the film, and don’t worry about a few small bubbles, since these tend to settle down over time.

2. Get Up Close With Your Keyboard

While you’re cleaning, give your keyboard some love, too! If you have the type of keyboard with cracks between the keys, you know what’s coming: It’s time to disconnect the keyboard, gently pry up the keys, and give everything a thorough cleaning to remove any dust and grime. Water and isopropyl alcohol will remove tough stains, and you can use cotton swabs and Q-tips to get inside all the little spaces. Clean each key, too! When you’re finished, gently replace the keys – not only does this clean up one of the dirtiest parts of your computer, it also usually improves keyboard functionality!

If you have a flat keyboard with thin keys that don’t easily pop up, take a cloth and Q-tips and carefully clean around them instead, before rubbing the surface clean.

3. Air it Out: Have Your CPU Cleaned Professionally

You may not think about it much, but the inside of your computer can get dusty as well, as dust finds its way in through vents and other openings. Dust inside your CPU is bad news because it can cause far more damage there, especially over time.

Fortunately, you can clean out a CPU effectively with compressed air. However, since this requires some disassembly and careful use of air to avoid damage, you may want to leave it up to a professional. InfiNet Solutions of Omaha provides quick CPU cleaning for just this purpose, so don’t be afraid to stop by as you start cleaning up!

4. Go Through Your Backgrounds Apps and Unnecessary Apps

Chances are good that your operating system may have gotten a little cluttered too. There are dozens of ways to clean out your computer data, but we’re going to talk about an effective way to speed up and de-clutter your PC that many people don’t even use. One of the best places to start are the background apps. These are apps and software that may not be currently open or visible, but are still active in the background, slowing down your computer – often unnecessarily.

Halting and deleting these unnecessary background apps can speed up your computer and even your Internet. Both the Windows Task Manager and the Disk Cleanup tool are useful here. MacOS offers to Reduce Clutter and Activity Monitor to spot any hidden apps. These tools will also allow you to delete any temporary or junk files that you don’t recognize to help clear up some more room.

5. Download a Password Manager

We have a lot of passwords to deal with these days, spanning multiple devices and services. If you really want to gain the upper hand and end your spring cleaning with some great organization, download a password manager like LastPass to help keep all your passwords organized, remembered, and even changed across every device you have. No more scattered physical lists of your passwords!

For more information on cleaning up and fixing your Omaha computer, InfiNet Solutions can help you find solutions fast. Contact us as [email protected] or gives us a call at (402) 895--5777!

As the new FCC Chairman rapidly reverses the commission’s stance on privacy protection and cyber security, small businesses are faced with the need to tighten their own security protocols to protect their sensitive data.  

Many business owners assume that the Federal Communications Commission has a set of stringent rules designed to regulate the actions of internet service providers and help protect the security of sensitive business data transmitted over the web. However, recent steps were taken by the newly appointed FCC Chairman Ajit Pai clearly demonstrate that this is not the case. According to Pai, the FCC has no role to play in communications cyber security, and this change in approach by the FCC leaves internet service providers free to sell their customer’s sensitive data without oversight. For businesses across industries, this shift in the FCC’s stance on their role in privacy protection and cyber security signals a need for stronger cybersecurity protocols at the corporate level.

Before this policy shift, the FCC was working on new and robust privacy rules that would have placed greater constraints on what internet service providers could do with private customer information. In general, service providers would have been required to let their customers know that their data was being collected and gain affirmative opt-in consent before utilizing the data or sharing it with any third-parties. Given that internet service providers have access to a wide range of sensitive data including financial information, internet history, email content, Social Security numbers and more, these rules would have served to protect small businesses from having their sensitive data exploited.

New FCC Chairman Pai, however, had suspended these new regulations before they even had a chance to go into effect. Moreover, under Pai’s direction, the FCC has also reversed course on plans to enact federal regulations that would require Internet service providers to let their customers know when a data security breach has occurred, deferring to state laws instead. This change in policy means that businesses may not even find out when hackers have gained access to sensitive and critical data through an attack aimed at their internet service provider. What is the reasoning for these changes on the FCC’s part? The new FCC Chairman is responding to two key groups: Internet service providers who disliked the cost of the regulations and the industry trade groups that benefit from purchasing sensitive information from Internet service providers.

In the face of this shift in rules and regulations at the FCC, what should business owners do? To a great extent, many small businesses should take these policy changes as an important reminder of the need to maintain strong cybersecurity in general. Treating any data that is shared over the internet as potentially vulnerable is a good practice, and enacting robust protocols to encrypt and protect the sensitive business or customer data is a smart move in any climate.

Concerned that your business’ sensitive data might be at risk? The cyber security experts at InfiNet Solutions can evaluate your security protocols and check for weak spots that could leave your firm vulnerable. Contact us today at (402) 895--5777 or [email protected] to learn more.

The number of security issues and malware risks that your company must contend with continues to grow every year, but one of the most potentially devastating threats that your business faces is surprisingly low-tech in nature. Spoofed emails don’t rely on complex ransomware or sophisticated keystroke loggers. Instead, your company’s bank account and sensitive information are at risk simply by your employees attempting to perform their job duties. Training your team to spot spoofed emails is key to avoiding falling victim to common scams.

What types of spoofed e-mail scams are out there?

Examples of two common types of spoofed email scams played out in recent weeks. The first, an instance of the CEO fraud, involved an Internet criminal passing himself off as the head of a small Kansas construction company. The fraudster pretended to be the CEO of Cornejo & Sons and emailed the finance department of Sedgwick County to request $566,000 in payment. Because the county actually owed the construction company money for services rendered, they submitted payment as directed–only to later find out that the payment request hadn’t come from Cornejo & Sons and the construction company never received any funds.

A similar scam aimed at a Wyoming hospital system sought to obtain employees’ W2 forms. In this case, the Internet fraudster posed as an internal executive at Campbell County Health and requested the W2 files for all staff from the hospital group’s finance department. The finance department complied, exposing the hospital’s 1,300 employees to potential tax return fraud.

Can you and your staff spot a spoofed e-mail?

No longer completely confident that your employees won’t fall victim to one of these commonly spoofed e-mail scams? Luckily, there are steps that you can take to train your staff to spot a spoofed e-mail. Conducting training sessions to alert your employees to the existence of such scams is an important first step. Putting in place internal practices to verify the veracity of any request before responding will also help your employees understand how to deal with any potential scam emails that your business receives.

However, some employees don’t understand the real threat that accompanies spoofed emails until they have actually been the recipient of a fake request. For this reason, some businesses choose to initiate a simulated attack to reveal to their employees firsthand how easy it is to become the victim of a spoofed email. Some services exist that make it easy to carry out a pretend to attack. Some of these services such as PhishMe allow you to target the attack to match the real threat each of your employees is likely to face, such as an email sent to marketing asking them to provide their SharePoint credentials. Experts assert that it is fundamental to follow any simulated attack with further training as your employees will be particularly receptive to in-depth lessons on avoiding spoofed emails after falling for your staged attack.

Concerned that your employees might be vulnerable to spoofed emails? The security experts at InfiNet Solutions can help you discover your business’ weak spots. Contact us today at (402) 895--5777 or [email protected] to learn more.

Contact us today at (402) 895--5777 or [email protected] to learn more.

Home Depot has agreed to pay another $25 million, raising the cost of a security breach to $179 million and rising as the company finishes the process.

In 2014, Home Depot suffered a massive security breach, which affected more than 50 million customers. Personal information of each customer was exposed, and the hackers were able to gather information that could be used to steal identities of shoppers who used the self check-out terminals.

Hackers infiltrated Home Depot’s self check-out terminals, gaining access to emails and credit card data of every customer that used the self check-out devices in the store.

Home Depot has recently come to an agreement, paying out $25 million because of the breach. A huge price to pay for being hacked by criminals determined to gather sensitive data. This points to a clear need to have optimized online security for all businesses, no matter what size, as the cost of controlling the breach can be staggering.

Beyond the $25 million, Home Depot has also agreed to improve all cybersecurity implementations and provide more secure oversight of all vendors that they use as part of their business.

Stephen Holmes, spokesman for Home Depot stated, “We’re pleased to have moved through this phase of resolution.”

This isn’t the only money Home Depot has lost because of the security breach. Home Depot paid out approximately $134.5 million out as compensation to card brands and to financial institutions affected by the breach. Consumers who were affected were also compensation by Home Depot last year, where the company shelled out $19.5 million.

According to a report in Fortune, this breach has already cost Home Depot $179 million, and this number is only going to go up. The current figures lost are found in court documents, while Home Depot continues to incur legal fees and pay for other charges not currently factored into the total amount paid out.

The importance of having a cyber attack prevention plan as well as a robust response plan can’t be overstated when looking at what Home Depot has had to spend to stay in business. For smaller companies, a cyber attack that gathers the sensitive data of its customers can be the end of that business. The fees from a cyber attack and the clean up can cause a small business to go bankrupt.

A solid response plan needs to include more than only trying to prevent an attack. Cyber attacks are going to happen, and minimizing those attacks are what is at the forefront of good cyber security. Working with an experienced security company will help keep your business and the data of your customers safe from hackers. When you can’t afford the high cost of a security breach, you need to invest in quality security services.

Cyber attacks are going to happen and your response plan will directly affect your overall security and gravity of the assault itself.

In today’s digital world, it’s not a question of if a cyber attack is going to occur, but when the attack is going to happen. All businesses must assume that their network will be hacked at some point, and developing a robust response plan is the best way to decrease the overall impact the attack has on your business.

All companies have to worry about security breaches, as attacks are becoming more routine, complex, and with more severe consequences. How you respond to a cyber attack is essential to the profitability of your business and your long-term reputation among investors. When investors lose confidence in your business because of a costly, inadequate response to a cyber attack, you may find yourself at a loss year after year and unable to recover.

Defense of your digital perimeter is good, but it’s not enough. When your information is valuable to hackers, they are going to find a way to gather your digital data to use it for illegal purposes. The creation of an incident-response plan is essential to most businesses to limit the damage that occurs from a data breach. Limiting damage is the primary objective of the IR plan, which will, in turn, improve confidence among investors of the company.

Poorly designed IR plans or a lack of implementing the plan can cause critical problems when a breach occurs. The plan must be consistently revisited to make sure that it’s not out of date. In a crisis, you need a specific plan and not simply a generic protocol that’s hard to follow. Further problems occur when targeted attacks can be handled with ease but aren’t useful for managing a hacker attack that occurs throughout the business. With a thoroughly thought out plan, decision making won’t be based on the knowledge of existing staff, but instead be easy to replicate by anyone with the ability to read through and understand the plan itself.

How an Effective Incident-Response Plan Benefits Your Business

A solid incident-response plan will help improve decision making when a cyber attack occurs. A quick, appropriate response will contribute to reducing the risk of a data breach. Also, downtime will be minimized, which will reduce your financial losses. Internal coordination will be easier with a plan, as all business functions will need to communicate to maximize the response to a data breach. When law-enforcement agencies need to be reached, a solid plan helps communication with third parties. When the duties of everyone involved in managing a data breach are well defined, a quick response is much easier.

Damage is limited when there is a high response plan in place, and it helps minor incidents remain small. A solid plan allows businesses to stay vigilant, and respond to potential data breaches quickly. When you have your business data protected, it’s still important to understand that an attack will occur. How you respond is going to make a big difference in the overall damage.