Hate those annoying update notifications? We all do. First you need to determine whether the notification is legit or not. Assuming it is, then having to go through the process of updating annoys most people when you get one of those alerts that your device needs to be updated.

And they’re so easy to ignore. “Leave it for a few weeks… it’ll be OK…” Right?  Wrong!

There are many reasons why you should always keep your devices fully updated, and why we do this for our clients, so they don’t have to think about it.

Here are the main reasons.

The Sharing Team is experienced in determining what updates you need to stay on top of and help you determine when to safely apply security updates without concern.Let us help.

No one likes passwords. Creating them. Remembering them. Typing them in.

Your whole mood can change when an application you’re using suddenly logs you out, and you have to go through login all over again. It’s frustrating for all of us. The use of a secure password manager helps but you still have to deal with passwords.

So, we have some welcome news, courtesy of Microsoft, Apple, and Google. The tech giants have joined forces to kill off the password for good.

During the next year, there is a plan to roll out no-password logins across their platforms, using a standard tech by the FIDO (Fast Identification Online) Alliance. This organization sets the standards for passwordless authentication.

Sure thats a bit of a mouthful … so some people call this a passkey. Much easier to remember.

A passkey works in a similar way to multi-factor authentication (where you use a separate code generated by your device to prove it’s really you), also know as Two-Factor Authentication but with less effort required.

It’s pretty simple but secure. To login to your device, you’ll use your phone to prove it’s really you. Your computer will use Bluetooth to verify you’re nearby. Because Bluetooth only works a short distance, this should stop many phishing scams. Then it’ll send a verification message to your phone. You’ll unlock your phone in the usual way, with your face, fingerprint, or PIN. And that’s it. You’re logged in.

Passkeys rely on something called public key cryptography. When you register with an application or website a key pair is made between the website and your device. These are a sequence of ong numbers that are connected in some way. But you’ll never see them, and you certainly don’t have to remember them. Your phone verifies the pair when you unlock it in the normal way.

In addition, you don’t have to worry about losing your device. It’s not enough to just have your device … someone has to be able to unlock it as well. Your passkeys will be backed up automatically, so transferring data to a new device is easy. Similarly to the same way it’s now easy to set up a new phone to be just like your old device.

These passkeys are not only simpler for you but will keep your data safer. There is no password for criminals to steal. And your phone needs to be close to your computer to login. Sp physical location is important to security. While you should not consider it completely foolproof, it is more secure than saved passwords.

Any version of authentication has some weaknesses. Whether it is passwords, biometrics, faceID and so on … each has its pros and cons. However, the biggest strength in Passkeys is a physical location and requires two separate devices, one of which, you likely don’t get far from, must be in physical location near to each other.

If you would like to learn more about this technology, check out this link.

We have all seen a LOT of change over the past couple of years. You’ve changed the way your business operates, including how we interact with others.

How has your business changed? What change do you need to make in the years ahead? And how does your technology help to power that?

We’ve written a new guide about something called Digital IT transformation. It’s how you use current technology to bring on a revolution within your business.

It’s what Netflix and Lego did… and Kodak famously didn’t. Download our case study about this, and learn how digital IT transformation affects businesses of every size, in our new guide.

A new report has discovered that 67% of remote workers are using faulty tech when they are working remotely. Often that’s because they’ve accidentally damaged the tech themselves they don’t want to admit it to their boss in case they get into trouble.

A survey of 2,500 remote workers found that laptops were most likely to be broken, followed by keyboards, monitors, and PCs.
Most of the time the damage was done by spilled food and drink. Other causes of damage included other people in the house such as a partner or housemates – and of course, pets.

We’ve all watched in horror as a cat brushes up against a full glass of water next to a laptop. While more than half of people try to fix the damage, and 81% of people continue to use their faulty devices with limited features, a third of workers switch to their personal devices instead.
As well as this causing a loss of productivity, it could also be a huge data security risk for your business. It’s possible, even likely, their personal laptop doesn’t have proactively monitored security protection as their work laptop does, including:

• • • Security software
    • Data encryption
    • Multi-factor authentication

When an attacker gains access to an unmanaged device, if it’s connected to your network, it also can give them unmonitored access to your infrastructure and all of your business’s data.

This can result in your data being stolen and sold. Or worse, your data is encrypted and held for ransom. However, you already have a plan for that … right? No? Ransomware is the most common cyber security threat to your business right now.
It’s not just access to your data that’s the problem. After a ransomware attack, there is a huge time and financial cost involved in making sure your network is clean, protected and secured … if you aren’t prepared.

Shring’s recommendation is to start with evaluating your employee’s Security Awareness. This includes helping them understand the risks associated with using personal devices, whether they work remotely or not. Some will say “Just block any non-business managed device from accessing your infrastructure”. And honestly, that would be ideal however this is not practical with many organizations.

We can help evaluate your current exposures and assist you in choosing the right security approach for your organization, or implementing new policies to help your staff protect your critical business data, give us a call.

Phishing (pronounced: fishing) is an attack that attempts to steal your money, or your identity, by getting you to reveal personal information — such as credit card numbers, bank information, or passwords — on websites that pretend to be legitimate. Cybercriminals typically pretend to be reputable companies, friends, or acquaintances in a fake message, which contains a link to a phishing website.

You’ve all heard of the “big name” phishing/ransomware attacks that have had a widespread effect on us all. Know that all of the organizations had high-dollar, cutting-edge technology in front of their networks to help mitigate these attacks however these events prove that technology alone, cannot prevent your organization from being a victim of a phishing attacks. And unfortunately they are becoming the norm.

One person accidentally clicking on a malformed url/link in an email is all it takes. So it is important to educate yourself, your peers, and your family on how to identify and protect yourself from these vicious attacks.

We encourage you to take about 10 minutes to review this highly informational article/video by Microsoft focusing on how to protect yourself and your organization from phishing and ransomware. We are confident you will learn something.

Link to Microsoft article

THIS IS AN IMPORTANT ALERT FROM THE SHRING SUPPORT SERVICES TEAM

We have seen a huge uptick in spear-phishing attack attempts globally. Some group(s) are mounting large-volume attacks utilizing phishing emails in an attempt to catch folks working from home off guard. They are banking you not having the typical protection you would in the office.

Shring has a very robust email protection platform that utilizes multiple technologies to determine the legitimacy of inbound emails. You … as the recipient are the last line of defense for your organization. Whether we host your email or not .. it is imperative that you up your skepticism on inbound emails you may receive. This not only applies to work email but your personal email as well. There seems to be a focus on GMail, Hotmail and Microsoft hosted email domains.

With that being said, it is super important that you be diligent in reviewing emails before taking any type of action if they include links. DO NOT CLICK ON ANY LINKS OR ATTACHMENTS in an external email body unless you are 1000% sure that it is legit.  Yup … you’ve been hearing this from us for years but it is another reminder of the potentially severe consequences that can result from just a single click.

If you receive an email and are unsure about its legitimacy, please do not hesitate to forward us for review. We will get back to you within a few minutes during normal business hours of 8AM to 8PM EST. However please do not forward any emails that may contain Personally Identifiable Information (PII) such a Social #s, Account numbers, TaxIDs, etc. Call us and we can work with you on these without compromising data security.

It is unfortunate, with everything else we are having to deal with in our world right now, this being a concern but it is. Remember all the malware protection tech in the world will not work if you overrule it. Should you be working remotely and get a popup message from a threat prevention tool .. don’t ignore it! Read it so that you understand what it just did and why?

As always our sole focus is protecting your organization’s mission-critical data and your privacy.

Shring Support Services