Is ‘Zero Trust’ in Your Future?

The words “zero trust” in Zero Trust Network Access (ZTNA) are probably appropriate in a time when it seems like we don’t trust anybody about anything. ZTNA is being touted as a replacement for VPNs (Virtual Private Networks), especially for remote business needs. It could be more effective, but small businesses will need to jump through hoops.

ZTNA is a technology designed to limit who can access a network and where in the network they can go. The limits are important. For example, anyone who can access a Microsoft 365 network as a global administrator can effectively play God; they can do ANYTHING.

The goal of a ZTNA is to keep out false gods. Its proponents tout the following benefits:

  • Invisible infrastructure: ZTNA allows users to access applications without connecting them to the corporate network, thereby eliminating risk to the network.
  • More control and visibility: Managing ZTNA solutions is easy with a centralized admin portal with granular controls. Managers can see everything and create access policies for user groups or individual users.
  • Simpler app segmentation: Because ZTNA isn’t tied to the network, organizations can segment access down to individual applications instead of complex network segmentation.

Proponents further contend ZTNA is faster and more convenient than VPNs, offer better security, and are easier to manage. Gartner, a technology and research consultancy for large corporations and government, predicts its client base will largely phase out VPNs for ZTNA.

If you’re a small business or nonprofit organization that deals with large companies and government agencies, you may need to learn how to live in the world of ZTNA at the very least. If you want to adopt for your own use, you’ll need to answer some risk/reward questions:

  • Do you need a Ft. Knox type of defense system?
  • Are you willing to build new access systems to maintain your current business process?
  • Are you willing to take on the learning-curve risks of implementing a new security system?

There are no cookie-cutter solutions to changing your security measures. Call us – 973-433-6676 – or email us to discuss the specifics of ZTNA, especially if you need to use it to comply with another organization’s directive. We can help you design and implement a plan that minimizes your risk as best as possible.

New Outlook has Mixed Benefits

Classic Outlook has aged like a good wine, but Microsoft is pushing more users to the New Outlook for managing emails, contacts and calendars. Some features are gone from the New Outlook, and some are hidden.

Deciding whether to hang in with the Classic Outlook or go to the New version depends on how you use the app. However, keep in mind that Microsoft is like Lola. What Microsoft wants, Microsoft eventually gets – and at some point, they’ll stop supporting Classic Outlook to force everyone into New Outlook.

Microsoft touts a more minimalist interface for New Outlook that it says is more in line with Windows 11 and AI and handles email, calendars and contacts better. One of the specific benefits is they claim is the use of AI to help you write better emails, but you can turn off the autofill. They also claim New Outlook can let you access your emails – including Gmail, Yahoo, and even your “shopping account” – from one spot on every Windows device. And you can organize your appointments, share availability and events with a click, and ensure time for important people and events.

However, Microsoft took away a number of key functions that they may or may not restore. These include features involving multiple mailbox accounts and ways in which accounts can be shared from SharePoint. Some “take-aways” are scheduled to be restored, and some are still under investigation. The company says it’s looking for user feedback in deciding what to restore and when that might happen.

Quite honestly, we think this hurts Microsoft’s credibility, but it also shows where all major software companies are headed. They will make changes seemingly on a whim without regard to how those changes affect our ability to maximize our production. Features might come back – or they might not.

Together, we need to be flexible in how we use software such as Outlook, but on the other hand, we can force the issue somewhat. We can look specifically at how you use Outlook and determine what Classic features we may be able to recapture some things that were lost or help you find ways to make better use of New Outlook.

As much as we might yearn for the “good old days” of apps like Classic Outlook, it’s likely we’ll all be using New Outlook sooner rather than later. So, let’s get a head start on adapting to it. Call us – 973-433-66765 – or email us to see how you can bridge the Classic and the New to make Outlook work better for you.

Busting the Passkey Myths

Passkeys are replacing mere passwords at a rapid pace, and that may be scary for some people. Passkeys are inherently more secure than passwords. For the most part, they are extremely difficult (we won’t say impossible) to crack, and that’s why you should get more comfortable with using them.

Tech leaders such as Microsoft, Google, and Apple are among those leading the passkey charge because there are nearly 7 million combinations of usernames and passwords on the dark web. When your passwords end up on the dark web, cybercriminals can use them to get into your accounts and steal your private data. That’s why passkey-based authentication is becoming a fast-growing trend. Their main benefits are that they can’t be stolen like passwords, and there’s nothing for you to remember.

Still, myths persist, and Dashlane, the password manager app that we prefer, has its own magnificent seven myths it wants to bust.

  1. If you lose your phone, you can’t access your passkeys. If you have a password manager, your passkeys should sync across all devices – unless you “cheaped out” on a freebie. If you only use a mobile device for your passkey, make sure you store it in your phone’s password app. That will enable you to move them to your new device.
  2. Only Google and Apple currently sync passkeys. Third-party passkey providers like Dashlane use their own cloud infrastructure for syncing, similar to Google and Apple. Microsoft has announced that synced passkeys will be coming to Windows 11 and associated with Microsoft accounts. Google recently indicated that synced passkeys in Google Password Manager will soon be available on both macOS and Windows.
  3. Passkeys send your biometric information over the internet. All verification methods operate solely on your device. No biometric information is sent to the website, only confirmation that verification was successful.
  4. You can change your password but not a passkey. Passkeys can be changed simply by deleting them from the website they’re set up with and re-enrolling a new one. This is because every new passkey is unique, even when multiple passkeys are set up for the same website.
  5. PIN codes are not as secure as passwords. Once a device PIN code is set up, it can only be used on a particular device. That’s a security feature not available with a password.
  6. Using a password manager for your passwords is better than using passkeys. While password managers help, they can’t completely prevent phishing. Passkeys, by contrast, are phishing-resistant by design. Additionally, almost all leading password managers now support passkeys for both secure password storage and the added protection of passkeys.
  7. Passkeys are a way for vendors to lock users into their platforms. The FIDO Alliance has published new standards that will allow password managers to safely and easily export passwords and passkeys.

The myths point to a certain intimidation factor about using passkeys. Our advice is don’t be intimidated. We can help you set up an authentication app, such as Microsoft Authenticator, and other methods, such as biometrics and PIN codes. Call us – 973-433-6676 – or email us to talk about what’s best for you and your organization.