Secure Your Email

Email security continues to be the most vulnerable security link in your email chain. Ninety-six percent of all phishing attacks use email, and some three billion emails are launched daily. Phishing can cost businesses $26 billion annually. The more email accounts you have, the more vulnerable you are.

One of our clients had six email accounts, all of them created for a variety of legitimate reasons. The problem is that it meant they had to guard six doors against intruders. That’s worrisome enough, but if you use multiple email clients, such as Outlook and Gmail, you need to deploy your security measures in line with each client.

Google’s Gmail has a particular vulnerability. According to a report from Malwarebytes, Russian hackers were able to bypass Google’s multi-factor authentication (MFA) in Gmail to pull off targeted attacks. They did it by posing as US Department of State officials in advanced social engineering attacks, building a rapport with their target, and then persuading them to create app-specific passwords (app passwords). App passwords are special 16-digit codes that Google generates to allow certain apps or devices to access your Google Account securely, especially when you have MFA enabled.

Outlook faces several significant security challenges, including vulnerabilities that allow for remote code execution, phishing attacks, and the potential for credential theft. These vulnerabilities can lead to data breaches, unauthorized access, and the spread of malware.

Here’s how to strengthen your defenses.

  • Only use app passwords when absolutely necessary. Change to apps and devices that support more secure sign-in methods whenever you can.
  • Authenticator apps, such as Microsoft Authenticator, or hardware security keys (FIDO2/WebAuthn), are more resistant to attacks than SMS-based codes.
  • Stay up to date on phishing attempts. Attackers often bypass MFA by tricking users into revealing credentials or app passwords.
  • Keep an eye on unusual login attempts or suspicious behavior, such as logins from unfamiliar locations or devices. Limit those logins where possible.
  • Regularly update your operating system and the apps you use to patch security vulnerabilities.
  • Enable automatic updates whenever possible so you don’t have to remember them yourself.
  • Use security software that can block malicious domains and recognize scams.

When it comes to SMS-based codes, we want to emphasize one particular vulnerability: SIM swapping. It’s one of the internet security industry’s biggest worries.

It’s undetectable and it works like this:

  • A hacker puts your mobile phone number on a SIM card installed in their own phone.
  • Using their phone, they get your authentication code, which gives them access to a website or email account.

Despite this vulnerability, SMS-based codes are better than nothing. At a recent training seminar, we learned that many people don’t use any kind of 2FA or MFA methods at all. That is totally unacceptable.

We can help you – and your employees and family members – set up better security measures on all apps devices. Call us – 973-433-6676 – or email us to discuss your needs and develop an action plan.

Be Weather Aware

Here in the Northeast, we’ve learned to take our flights in the morning or as early in the day as possible because storms around the country can affect flights to almost anywhere. Locally but similarly, heat and storms can wreak havoc with our technology systems and our utilities.

The Old Farmer’s Almanac, which sometimes seems more reliable than our local TV meteorologists, predicts a stormy July. Our summers are also getting hotter. That’s the perfect storm for power outages, voltage reductions, and power surges. There’s not much we can do about the first two problems, but we can certainly reduce their effects.

With most of us working between our computers and the cloud, the best strategy would be to give a file a name and save it as soon as you start working on it. That will allow you to turn on AutoSave if you’re working with Microsoft 365 and OneDrive. In Excel and Word, the default AutoSave feature saves your work automatically every few seconds. For older versions or files not saved to these locations, AutoRecover saves a backup copy every 10 minutes by default. If the power goes out after nine minutes from the last time you saved, you’d be mighty upset. So, save early and often.

If a power surge affects your computer’s hard drive, there’s no telling how many files can be salvaged. We have tools to recover data from damaged hard drives, but there are no guarantees. Again, our best advice is to use AutoSave, which gets your data to the cloud in real time.

As a follow-up to saving, use a backup power supply for desktop computers, printers, and your Wi-Fi network. Laptops will automatically switch to battery power when the lights go out, but anything plugged in will stop before a task is completed. Backup power lets you shut down what you’re doing.

When the power comes back on, there’s a risk of a power surge frying electronics. Surge protectors are designed to physically absorb the surge before it gets to a device (which includes anything in an office or home that you plug into a socket). When they work, there’s no way to tell how much energy they absorb. When they fail, you need to pick up the pieces.

Therefore, it makes sense to replace all your surge protectors every three years or – and it also makes sense to replace modems, routers, and mesh network components to keep your Wi-Fi up and running. Newer equipment will give you better insurance against a power surge and improve your overall system performance. When your internet provider increases the speed of their service to your office or home, your system needs to be able to handle it. Newer modems, routers, and mesh network nodes can handle those speeds and give you the performance you’re paying for.

We can help withstand the summer storms and work more effectively on sunny days by analyzing your system and helping you make necessary upgrades. Call us – 973-433-6676 – or email us for an appointment.

Windows Shades

You wouldn’t believe how many versions there are of Windows 10 and Windows 11. Don’t bother to try to count them. Instead, start making a plan to make sure you have the latest version of each throughout your organization and a plan to update on a regular basis.

Let’s look first at Windows 10. As we all know, Microsoft will end its support of this operating system (OS) in October, but there are ways to keep it going with security updates. You have two options to enroll in the Extended Security Updates (ESU) program for free. That will enable you to receive critical and important security updates from October 15, 2025, through October 13, 2026. You can also enroll in a wizard accessible via notifications and the Settings app.

In order to take advantage of the extended support, you need to know which version of Windows 10 you have on your computer(s) and see if it will be supported. Since its introduction, Microsoft has issued 14 versions of Windows 10, covering office, home, and student versions and updates for each. If you have version 1903 of Windows 10, for example, you won’t be able to receive any updates. To extend your Windows 10 use, you need to have version 22H2.

Depending on your hardware, it may or may not be possible to update your Windows 10 to a version that can work with security updates going forward. To check your Windows version, navigate to Settings > System > About. Under “Windows specifications,” you’ll find the edition and version of your Windows operating system.

Windows 11, by the way, has four versions, with a new one expected this fall.

A key thing to know about Windows – and your app software – is that you used to be able to install newer app software on older versions of Windows. That’s becoming less and less possible. One of our clients learned about that when they couldn’t install a new app their accounting firm had suggested because their Windows version wasn’t compatible.

As we go forward, this is only going to become a more critical issue. Both OS companies, such as Microsoft, and app publishers, will need to meet their customers’ need for more speed to process more data and provide the security measures needed to protect critical data.

Don’t wait until your technology system collapses under the weight of more data and faster-moving environments. We can help you by analyzing your current system – both hardware and OS – with an eye toward your future needs. That will help you develop a plan (and a budget) to make changes with minimal disruptions to your business. Call us – 973-433-6676 – or email us to set an appointment to talk about it.