Stay on top of the Latest IT Tips and Suggestions with this Selection of Blog Posts from BCS

Passkeys could improve the way you work


Back in May, we heard there would soon be a successor to the password – the Passkey.

Now, we’re hearing that Apple will start rolling out Passkeys in the next few months in iOS 16. And we’re excited.

Though it’s caused a bit of confusion. Apple is going to great lengths to market the Passkey, and understandably, people have assumed that it’s a feature exclusive to Apple.

That’s not the case.

In fact, Passkeys will be used in a joint effort to boost online security by Apple, Microsoft and Google. The reason Apple is promoting this new feature so hard is to get the message out there.

Microsoft and Google are also keen to spread the word so that people understand how Passkeys work.

The more people take advantage of Passkeys, the safer our businesses are online.

Passkeys – otherwise known as FIDO authentication – work by letting you log into an app or website with just your username and your pre-authenticated device, most probably your phone.

Your device generates a cryptographic token, which makes the second part of a cryptographic key pair. When the pair matches, you’re allowed access to the app or website.

What that means in practice is when you’re logging in, you just use your phone to prove its really you. You’ll just unlock it using your face, fingerprint or PIN.

So long as your phone is within Bluetooth range of your computer it will work.

And without needing a password… bliss…

It’s a far more secure way to access apps and keep your accounts safe from cyber criminals. You never see your cryptographic token, so it takes away a lot of the danger of having your login credentials stolen.

Cyber criminals will be unable to use their normal tactics – such phishing emails, brute force attacks, or key loggers – to steal your credentials.

They’ll need your physical device, making remote hacking much less likely.

If you use Windows Hello, you’ll see that Passkeys are already supported. And it won’t be long until all three tech giants roll out support across their entire product range.

Before then, if you’d like any help or advice on keeping your apps and accounts safer, just give us a call.

See if your email has been stolen

Find out if your business is being targeted by hackers.

Using this tool you can see if your e-mail or phone number has been compromised.

Make sure to enter your mobile number in international format, such as 14841234567.

This is powered by Have I Been Pwned.

If your data has been compromised, it’s possible cyber criminals have used it to attempt to access your systems.

Please contact a cyber security specialist immediately. We can help.

Watch how easily your business can be hacked

Hacking and phishing scams are easily the greatest threats to your IT systems. In this week’s video series, we show you the perspective of both the hacker and a victim’s business.

Using the help of an ethical hacker, this first video shows how easy it is to encrypt your data and demand a ransom.

The second video shows how a login portal can trick you into giving up your own login credentials.

In the final video our ethical hacker exploits an operating system that hasn’t been updated.

We hope these videos have helped you understand how easily your IT systems can be compromised. Without the proper training, software, or resources, a hacker can ruin your business. Get in touch for a consultation of your business and its IT security.

Read this to avoid phishing scams

Phishing scams are one of the biggest security threats to your business right now.

A massive 83% of organisations said they suffered successful attacks last year. And with just under a third of phishing emails being opened, the chances that someone in your business will be fooled are high.

But to make matters more difficult, cyber criminals have borrowed a technique from ransomware groups that is designed to panic people into taking action and giving away their login details.

This new kind of phishing attack begins like most others.

You get an email alerting you to potentially suspicious activity on your account. It might say someone is trying to login from a different location or device and the attempt has been blocked.

You’re then asked to click a link to verify your email address and password.

That’s worrying enough, right?

But what makes this phishing attack even more dangerous, is the countdown timer that appears on screen.

Typically, it’s set at one hour, and you’re asked to confirm your details before the countdown ends, otherwise your account will be deleted.

Yes, deleted! That catches a lot of people’s attention.

This is a powerful manipulation tactic designed to scare people into taking immediate action – and think later.

In reality, if that countdown hits zero nothing will happen. But watching the seconds count down can give you a sense of urgency that makes you forget to check whether an email is the real deal or not.

The page you’re entering your details on is fake. Criminals will steal your details and login to your real account. That’s a major problem you don’t ever want your business to face.

You’ll be at risk of data theft, financial loss, or malware, as well as potentially putting other accounts at risk (if you’ve reused your password).

Your login details may even be sold on the dark web, giving other cyber criminals the opportunity to break into your account.

Here are some basic phishing protections for you and your team.

Look at the email address the email was sent from. Make sure the spelling and grammar are both correct, and hover over links to see what website address they are trying to send you to.

If you think you’ve fallen for this kind of scam, it’s important you change your login details immediately. Don’t click a link in an email – type in the website address in your browser.

We’d also recommend using a password manager. This is software that creates long and strong random passwords that are impossible to guess for every account you have.

It will store these passwords for you. And autofill login boxes to save you time (yes, password managers detect when they’re being asked to fill in details on a different page, such as a fake phishing page).

Share this article with your whole team right now. And if anyone ever clicks a link they’re not sure about, ask us how to keep your business safe.

Windows 10 is getting a very useful Windows 11 feature


There’s no denying the Windows 11 has a lot of really cool new features.

If you haven’t made the move from Windows 10 yet, you’re missing out.

But there’s good news. To make the (eventual) move from Windows 10 to 11 a little easier, Microsoft is sharing a couple of 11’s most useful features.

The first should make printing a little easier. We can hear your cheers from here! Anything that makes printing easier is OK in our book too. Printers don’t have a terrible reputation for nothing…

This feature makes printing PIN-protected. That means when you want to print a document, you’ll send it off to the printer – but it’ll only print when you’ve reached the printer and entered your PIN.

This removes the risk of you printing something confidential and leaving it on the printer for everyone to see.

Or accidentally printing several copies of the same document. Yes, this will reduce paper waste.

And that’s not all…

There’s a second really useful feature coming over to Windows 10. It’s called Focus Assist and works alongside do not disturb.

Switching on do not disturb is great when you want a little uninterrupted time to finish a task or do some research. But if you use it a lot, you might miss a notification that you really needed to see.

Focus Assist stops that from happening. You use it alongside do not disturb and it still allows important and time-sensitive notifications and messages to reach you.

These features have been in testing since June this year. There’s still no date for when they’ll be released to everyone with Windows 10. But they’re on their way.

If you can’t wait to try more of the time saving and productivity boosting features that Windows 11 has to offer, give us a call to see how we can help you make the switch.

Microsoft’s taking leadership on AI


Microsoft’s decided to retire and rework an AI tool that could not only recognise our facial features, but also identify our mood.

Azure Face is an emotion recognition tool. These are highly criticised by experts who believe they violate human rights.

Microsoft has just published the updated version of its Responsible AI Standard.

It wants AI to be a positive force in the world, and says it recognised Azure Face has the potential to be misused.

It seems like it’s not goodbye for good for the AI facial recognition technology though. Although the public won’t be able to access it, Microsoft sees the value of controlled access for specific needs, such as assistance for the visually impaired.

One thing that has been cut is the AI’s ability to recognise individuals based on their gender, age, hair, and even facial expression. The concern is that the feature could be used by cyber criminals to impersonate individuals and commit fraud.

On top of the Azure Face change, Microsoft’s also limiting which businesses can access its Custom Neural Voice service. This is a text to speech app that’s said to be very lifelike.

In other related news, it’s not the only new step that Microsoft is taking right now to help protect us from fraud and threats.

It’s also adding new features to its email service in Microsoft 365, that improve how something called Tenant Allow Block List works.

Previously, this was a feature that allowed people to block contacts. If a blocked contact tried to email you, the email wouldn’t reach you.

Now, Microsoft is previewing an additional control which also allows you to stop emails being sent to these blocked contacts, too.

It means the threat of being caught out by a phishing scam is reduced, giving you another layer of security as part and parcel of your Microsoft 365 subscription.

With phishing scams becoming increasingly more dangerous, it’s not a moment too soon in our view.

The feature should go into preview soon, and is expected to be available by the end of the month. In the meantime, if you’re concerned about your business’s email security, get in touch.

Ever wondered if your apps are spying on you?


It’s no secret that some applications are a little too interested in us and what we’re doing.

We’ve all had this experience. You might be talking to a friend about a new product that you’d like to try. Or perhaps you’ve discussed somewhere you’d like to visit.

Then the next time you go online you see adverts for the exact things you were talking about.

It’s more than a coincidence, surely???

Until recently, we haven’t had a lot of control over what information our apps are gathering about us.

Android and iOS first stepped up to give us more power over our online privacy. We were given the ability to control which apps could access our data, and sensitive things like our camera and microphone.

But while it’s easy to think of this only being an issue with phones… laptops have the same problems.

So, here’s some great news. Microsoft’s testing a new feature in Windows 11 to put the power back in our hands.

It’s currently testing a new feature – called Privacy Auditing – which allows you to see which applications have been accessing sensitive hardware, like your webcam and microphone.

You’ll also be able to see if your screenshots, messages, and even your contacts and location data have been accessed. And there’s a log of which apps accessed this info, and when.

When launched, the feature will be available in your Privacy & Security menu, under App Permissions.

There you’ll be able to see a full list of what’s been accessed, by which app, and when. It should become your first port of call if you suspect any suspicious activity is taking place on your device.

When the feature is released, it will be a great tool to check periodically to help you avoid malicious activity and to make sure your sensitive data remains in the right hands.

In the meantime, if you’d like someone to look over the data permissions on your business’s devices, get in touch.

Your business is losing hundreds of hours to spam


Spam emails. Everyone hates them.

It’s not just the emotional pain of clearing spam from your inbox. Having to do that is a real productivity killer, too.

A recent report found that each one of your employees could be losing up to 80 hours each year, thanks to filtering and deleting spam emails.

That’s a LOT of lost productivity.

Anywhere between 45% and 85% of emails generated each day are spam emails. And worryingly, that also includes malicious emails and those hoping to infect you with malware.

Although we don’t all receive the same number of emails every day, the hours lost to filtering them out adds up.

If one of your employees gets 30 external emails a day, they’d get around 30 spam emails each week. That would work out to around 5 hours each year wasted on sorting through and deleting them.

For an employee who gets up to 60 emails a day, it would be an average of 11 hours a year wasted.

And for someone who gets more than 100 emails each day, you’re looking at around 80 hours of productivity lost to filtering emails each year.

Now add that up for each one of your team and you could be looking at a big number.

Not only that, but since a proportion of these emails will be phishing attempts (that’s where the sender wants you to take an action that will secretly give them access to sensitive data), it’s also a big risk to your data security too.

Of course, there are a few things you can do to cut down the time spent on dealing with spam emails. The first is to make use of the spam and junk email filters available from your email service.

You may also consider bringing in dedicated anti-spam and anti-phishing tools.

Finally, you can make your people aware of the risks of spam, how to spot spam emails, and the best way to deal with it to save time and minimise the risk of malware or a data breach.

If that kind of training is something you’d like some help with, get in touch.

Google Chrome’s going to block disruptive notifications

When you’re browsing it can feel like you’re being bombarded with things other people want you to see.

Not only do we have to click on permissions for cookies and tracking, but now a lot of websites ask for our permission to send us notifications.

And while many of these notifications are harmless – news updates, latest recipes, product releases – sometimes they can be outright spam.

It’s distracting, it’s making us less productive at work, and it’s just really annoying.

It’s called ‘notification spam’ and it’s becoming a problem. In fact, Google says it’s one of the top complaint reports from people using its Chrome browser.

So now the tech giant has decided to do more about it.

Back in October 2020, Google first acted on harmful notifications by exposing websites that misled people into giving permission. It created its own prompts to warn people the website may have malicious intent.

Now, Google intends to take things a step further if it feels the website is ‘abusive’ or ‘disruptive’. It’ll revoke a website’s permission to send notifications, and even block attempts to request permission.

Even if you’ve accidentally allowed a malicious site to send notifications, Chrome will be able to step in and block the alerts.

While it’s not yet clear how Google will define websites as ‘abusive’ or ‘disruptive’, it feels like a good move towards reducing the amount of spam we’re exposed to.

Google has explained that this new feature works to strengthen its ‘Developer Terms of Service’ that pledge not to use the company’s API to send any form of spam. It shouldn’t affect the majority of websites, but instead should go some way to keeping your Chrome notifications spam-free.

Development on Chrome’s notification spam block protection has only just started, so we don’t yet have a release date for the new feature.

As always, if you’d like any further advice on protecting yourself from spam and other productivity killers, get in touch.

Published with permission from Your Tech Updates.

 

Woman returning to office after COVID Va Beach

Re-Opening Your Office After Working Remotely

Depending on which state you live in, you may be thinking about the process of re-opening your offices. Even if you don’t plan on having employees return for another few weeks or even a few months, it’s a good idea to consider what steps to take, and what a new work environment might look like.

Tech Tips

  • If your employees working remotely have been saving files to their own devices rather than a secure, remote network, now is the time to transfer those files to keep them safe and backed up.
  • Not all businesses will be back to their office at the same time – setting up one or more dedicated meeting rooms for video and phone conferences will help you keep in touch while eliminating background noises. Make sure devices in the room can access network resources, if needed.
  • Update your information. When you left the office, did you update your website, Google listing or Linkedin with new hours of operation and phone numbers? Don’t forget to change them back!

Personal Tips

  • It can be easy to feel motivated and work through the entire day once you’re back in your regular office setting, free of the distractions you had at home. Remember to give your eyes (and brain) a break every once in a while.
  • Respect your coworkers by maintaining safety precautions to prevent the spread of germs, and ask that they do the same. Just because it’s been deemed safe to be at work again, doesn’t mean you should stop washing your hands frequently or maintaining social distance.
  • Sanitize your work environment. It’s always a good idea to keep a clean work area, but you may want to take a few extra steps, like wiping down your phone, door handles and other surfaces regularly with a disinfectant. If you’re the owner or manager, be sure to communicate new cleaning processes with all employees.

If your office needs help transitioning back to the office with video conferencing solutions, IT support or network security, contact BCS Voice & Data Solutions today.