Arming the ‘Road Warrior’

I’ve been traveling a lot over the past two years, and that’s made me more conscious than ever about what we all need to do to create mobile fortresses wherever we are. Some of the best defenses are tried and true, and some take advantage of new technologies. Here are steps for you to consider.

If you haven’t done so already, the first thing you should do is install a VPN on every device you use in a place that’s not your office or home. A VPN, or Virtual Private Network, creates a secure connection between your device and the internet. It encrypts your internet traffic, making it unreadable to anyone who might intercept it, and routes it through a remote server, which helps protect your online activities from being monitored. It also protects sensitive information, such as passwords and personal data, especially on public Wi-Fi networks. And if you’ve been reading this newsletter for several years, you know that we don’t consider a password from a publicly provided network, such as a hotel, to be secure.

A VPN can replace your real IP address with its own server IP address and enhance your online privacy by making it difficult for websites and services to track your location and browsing habits. It also allows you to bypass geographic restrictions on websites and streaming services so you can access content that may be blocked where you are.

With a VPN significantly improving your online security and privacy, you can take advantage of other technologies, such as Microsoft’s Cloud PC, which allows you to access a full Windows desktop experience from any device with an internet connection. For business travelers, this means you can replicate your work environment during a flight or while sitting in a public place.

I’ve started using it during my travels to conferences as well as while on vacation. It has two major caveats, which don’t bother me at all. One is that it is a subscription service, so I wouldn’t recommend it for casual use. The other caveat is that it works better on a laptop computer or a tablet. Because it displays what you would get if you logged into your Microsoft 365 account on your office computer, you need a bigger screen. I think a telephone display is too small to be effective.

Combining a VPN and Cloud PC are just two tools you can use to make your online life safe and efficient. We can help you find and configure the tools you need to be productive on the road – or in the air or at sea. Call us – 973-433-6676 – or email us to discuss your needs for online safety when away from the office.

Make Reading a Habit

We’re so overloaded with emails, texts, WhatsApp and other communications that we’ve fallen into the bad habit of skimming messages and probably doing the same with websites and documents. It’s time to get back into the habit of reading things more closely because not everything is as it seems.

For example, you may be expecting to get a payment from a customer or a client, or you may be asking someone for help. When you get an email that appears to be responding to your expectation, many people tend to click on something without reading all the details closely. That’s when disaster strikes because that click opens the door for a hacker.

Hackers have taken really good advantage of artificial intelligence (AI). They can use it to create exact matches for corporate logos and write messages with perfect spelling and the most appropriate language for their target. This makes phishing attacks easier to carry out, and phishing attacks are the most common means of hacking an email account.

The obvious way to combat AI-generated phishing attacks is to use your own RI – real intelligence. Read the sender’s address very carefully. Is it the real address that you know, or is there a slight misspelling, such as an extra letter, a missing letter, or transposed letters? Does it make sense to you that the sender has included an attachment or link?

If you’ve skimmed over a phishing email and didn’t catch a warning sign, you may have provided a hacker with an opening to your personal information and the ability to access your financial accounts. If you’ve skimmed legitimate invitations to use two-factor authentication (2FA) for websites and – especially – your email login credentials, you may have provided an opening for hackers.

Protecting your email login credentials is critical to your online security. If a hacker steals access to your email and you have no 2FA, they can go to your bank’s website, for example, and use the “forgot password” process to reset your password. Signs your email account has been hacked include the inability to log in with your correct password, notifications about changes to your account settings or messages sent from your account that you didn’t initiate.

The start of the year is a good time to get a security audit and initiate strong security procedures, such as 2FA measures and the use of a password manager with unique passwords for every website you and your employees or family members access. Call us – 973-433-6676 – or email us to set up an appointment.

DIY Email

We can expect cable and telecom companies to accelerate their exit from providing email services. Verizon/FIOS long ago transitioned their email management to AOL, which is really Yahoo Mail. Comcast is about to follow the same route, handing their email off to Yahoo. Getting live support from an actual person will become even more difficult. If you think Gmail is an answer, when did you EVER talk to a person from Google? It’s time to take matters into your own hands by getting your own domain and better managing how you handle your email accounts.

The problem with email from your cable or telecom company or from Yahoo/AOL is that it’s not a profit center – unless they can convince you to buy a support subscription. And buying a support subscription is the only way you’ll get a chance to talk to an actual human being if you have a problem.

Support can be critical when your email gets hacked. In cases with Comcast, for example, it can take human intervention to clear out any contact info a hacker may have planted in your account. Then, you’ll need to reset your password and set up a phone number and secondary email address that can be used for two-factor authentication (2FA) and notifications of problems if you get hacked again. Support people are generally good when you get to one of them after navigating their cumbersome phone trees. When you move to the Yahoo platform, it will be harder to get human support – unless you get a subscription. The cost of Yahoo Plus is $49.99 per year, which includes features such as ad-free email, priority customer support, and premium features for Yahoo Mail and Yahoo Fantasy.

Instead of sliding over to the Yahoo platform when your cable company ends its email, we recommend you go to Outlook or Gmail. Microsoft (Microsoft 365 subscriptions) and Google (lots and lots of ad revenue) have many other ways to monetize their relationship with you, so they put more stock in maintaining email support. Additionally, IT consulting services know the ins and outs of their systems and your needs. We can help you transfer all your folders and messages to your new system. We make it a point to provide the personal support you need when you have problems.

But a much better solution is to get your own email domain for both business and personal use. For security and management, the key benefits are:

  • Enhanced Security and Control: You can create better security processes to prevent unauthorized access, and you can create multiple addresses for specific purposes.
  • Improved Deliverability: Custom email domains allow for proper authentication and are less likely to be flagged as spam.
  • Long-term Consistency: Whether you’re a business, non-profit organization, family or business, you can keep your system going forever and ever if you wish, and people will always know where to contact you. It keeps life simple.
  • Flexibility and Scalability: You can create as many email addresses as needed for various functions. For businesses and organizations, you can manage functions or projects better. For individuals, you can keep various parts of life separate, such as a shopping address where you can get coupons or messages you only want to check occasionally.

 Getting your own email domain is no different from getting any other domain. We can help you with everything involved from securing a domain name to setting up all the email addresses you need. Then, we can work with you to transfer all your messages, folders, etc. from your old email account to your new domain. Call us – 973-433-6676 – or email us to answer all your questions about email accounts and get you set up with a system that can work for you long into the future.

The Key to Better Security

Many of us have replaced keyed door locks with electronic locks that use codes to unlock doors. They emulate the PIN technology we use to unlock our computers. Our computer technology, however, is going the other way. Physical keys – with PIN codes – are proving safer and more convenient in office environments.

In many offices, an administrative assistant or another employee may need to access the email or a website of an employee who is out of the office. Two-factor authentication (2FA) – which should be installed – usually requires access to a second device, such as a cell phone or an email address. If the account owner is not available, 2FA won’t work, unless the system is set up to work with another person’s devices. That gets really complicated, and it can be compromised.

A security key is a much more secure passwordless form of 2FA. The term security key should not be used interchangeably with passkeys, which are another form of passwordless security. Security keys are physical devices that typically work through a USB-C port, but they are not limited to USB-C. They can use USB-A ports and Apple’s Lightning ports.

When you or an authorized user logs in, that person enters your password and then uses the security key, which generates a unique code or signature to confirm your identity. That makes it difficult for unauthorized users to access your account even if they have your password.

Security keys utilize public-key cryptography, making them resistant to phishing and credential theft. They can be used with cell phones, and to be honest, not enough of our clients are setting them up on their phones. They can be more secure in public places.

Security keys work with virtually all password managers, but they need to be supported by website hosts and the cloud providers they use, such as AWS. That support is getting stronger as many services now recognize their importance for enhancing online security. Security keys are compatible with various platforms and applications, providing reliable authentication without the risks associated with cloud storage.

Security keys are relatively inexpensive to purchase, but they do require specific setup and customization. We can help you with a comprehensive purchase and deployment program. Call us – 973-433-6676 – or email us to discuss your needs and develop a program.

Microsoft’s Annoyances

A lot of our clients are complaining about Microsoft’s annoying habit of making unannounced changes in features and in how we access what’s left and what we need. We can complain all we want, but this is one case where we just need to bite the bullet and work around various issues.

The biggest annoyances with Microsoft revolve around the New Outlook and the Classic (Old) Outlook. While New Outlook is faster and has some really good message management features, it doesn’t handle attachments as well as its “classic” version.

One of our clients receives .csv files as attachments from their bank. They can’t open them in New Outlook. The only solution is to toggle back to Classic Outlook to download the files and then toggle back. It’s an extra step I find having to use myself, and it doesn’t make me happy.

Other missing features cited in discussion groups and various articles are editing and writing features that used Word, especially for shortcuts; dozens of message handling options; calendar editing options, especially not having Word for editing; lack of print options in Mail view; using Outlook without a mouse; and PST file support.

Microsoft acknowledges that many features are missing and claims to be working on them, but our feeling is that they won’t do anything that will take a lot of time and money. My own feeling is that they don’t have engineers talking to people anymore. If you read responses to complaints, they seem like they were generated by bots; there’s little or no empathy for their customers.

Of course, Microsoft is not alone. Other tech companies seem to do what they want when they want, knowing that most of us have few or no alternatives. It seems that workarounds are the only solution to their shortcomings.

Workarounds are where we can help. Call us – 973-433-6676 – or email us and tell us what you’re trying to do with Outlook, Microsoft apps and apps from other software publishers. We’ll work with you to find workarounds that can make you more efficient.

Old Windows, Old Files

Believe it or not, we have some clients who need to keep computers capable of running really old versions of Windows to access equally old files. They need to keep these legacy systems going, and we have ways to help them.

One client still has a system running on Windows XP. Windows XP is 24 years old, yet some people consider it to be one of the best pieces of software ever made by Microsoft, and the best all-round version of Windows. It had a reputation for being a reliable workhorse.

One of the apps it can run is Lotus 1-2-3, a discontinued spreadsheet program from Lotus Software. It was the first killer application for the IBM PC and was hugely popular in the 1980s. Running on DOS, the operating system that preceded Windows, it significantly contributed to the success of IBM PC-compatibles in the business market.

Our client still has Lotus 1-2-3 files, which contain vitally needed information, and a computer with Windows XP. Because the Windows system hasn’t been updated for many years, it needs to be kept offline with a separate firewall so that files can be accessed and printed without jeopardizing the company’s security.

While this is an extreme situation, this client is not alone. We support a number of clients who need to use legacy systems, and our major concerns are preserving their access to files and keeping their systems secure.

Because backward compatibility depends on what files can be read, we do whatever we can to make sure files are backed up. We also set up parallel systems to protect online security for the rest of their technology. The older the legacy system is, the more intricate our solution becomes. For most clients, this involves Excel spreadsheets.

If you have a Windows operating system that’s older than Windows 11, we should be looking at systems to backup files and maximize your access. Technology changes quickly, and the sooner we can get to something, the better the plan we can design and implement to protect your valuable data and access to it.

Call us – 973-433-6676 – or email us to start the conversation. It’s much easier to get everything in order as soon as possible, and that will also help you control your costs.

Copilot is My God?

We likely don’t realize how much AI plays a role in our daily lives. You know those annoying phone trees, the ones that don’t seem to ask the right questions for your problem or offer a good answer or access to a real human being? That’s AI at work. They drive me nuts, but what keeps me awake is who has access to my data?

Many of our customers are turning to Microsoft Copilot to access the power of AI, and if you’re thinking about doing it, here are a couple of things to consider.

As you’ll discover upfront, there’s a free version and a paid version. The main difference is that free Copilot is a basic AI assistant with web-grounded chat and limited image creation. The paid Copilot Pro and Microsoft 365 Copilot offer deeper integration with Microsoft apps, priority access to advanced models, and higher usage limits. I can use ChatGPT to create Excel formulas for my data, but it’s the paid version that accesses my data.

AI carries a number of risks, including data poisoning, adversarial attacks, and privacy leakage, which can compromise a model’s integrity and sensitive data. There’s also the potential for model theft and vulnerabilities in the supply chain and APIs. Let’s focus on risks related to data, privacy, and model integrity.

  • Privacy Leakage: AI models trained on sensitive data may inadvertently leak that information through their outputs. This includes data inversion and membership inference attacks, where attackers try to extract private information about the training data.
  • Model Stealing: Attackers can reverse-engineer or replicate an AI model by analyzing its outputs, which can be used for malicious purposes or to steal intellectual property.
  • Data Breaches: AI systems often require large amounts of data, making them attractive targets for data theft. A breach can expose sensitive personal, financial, or proprietary information.

Whether you use AI or not, Windows 11 and your computer play key roles in your security. All computers are not created equal. If you do a lot of work with Copilot, your computer may not cut it. You should have a computer with a neural processing unit (NPU) capable of processing 40 TOPS – 40 trillion operations per second. Anything less than that will require your computer to offload data from your CPU and graphics card by sending it to the cloud.

Sending it to the cloud involves a security risk, no matter how small the risk may be, and that’s a breach opportunity. Sending data to the cloud also slows you down. If your computer can keep all your work local, it’s faster and more private.

Windows-based computer chips that run 40+ TOPS or more are the specialized Neural Processing Units (NPUs) in new “Copilot+ PCs,” which include processors from Intel’s Lunar Lake series and upcoming Qualcomm Snapdragon X Elite/Plus chips. These are not standard CPUs like the Intel Core Ultra 7 155H, which does not meet the requirement.

Computers capable of 40 TOPS start at around $600 to $700. More powerful and versatile models can cost more than $1,000, but prices could be much higher, depending on the NPU or if it uses a more expensive, high-performance GPU, which can add significant cost for graphics-intensive tasks. In addition, you likely will have licensing fees depending on what you’re doing and how many computers are doing the work.

We can help you assess your AI needs and sort through myriad options for Copilot licenses and the computers needed to accomplish the tasks you require. AI can require a large investment, which requires intensive investigation. Contact us by phone – 973-433-6676 – or email to set up an appointment to start the investigation process.

 

Fools and Their Money: A Seasonal Shopping Guide

“A fool and his money are soon parted” is a saying often attributed to Thomas Tusser, an English poet and farmer, who first wrote a version of it in his 1573 book Five Hundreth Pointes of Good Husbandrie. If only he could have envisioned today’s internet. AI will test your ability this year to differentiate the fake from the real more than ever.

As we scour the internet for bargains, hard-to-find items, and the best possible shipping terms, charities are making their annual push for donations, including major online solicitation campaigns. Scammers of all sizes are also using all sorts of AI tools to get between you and the companies you want to buy from or donate to.

Succumbing to a scam doesn’t make you a fool; the scammers and their tools are really, really good. AI helps them create exceptionally good graphic and video deep fakes. It helps them replicate flawless logos and improve their grammar, spelling, and syntax, all of which used to be dead giveaways of a scam.

But it would be foolhardy not to raise your antennae and harden your common sense with renewed vigilance. The cardinal rule remains the same: If something looks too good to be true, something is likely wrong.

Let’s look at some things that should raise a red flag:

  • Links: Whether in an email or especially on a website popup, don’t click on a link from a person or entity you don’t know or can’t verify. It’s the quickest way to allow a bad actor to plant malicious code that can compromise your data and that of anyone in your contact list.
  • Emails from Businesses, Charities or People You Don’t Recognize: The sender’s name may look legitimate, but you can hover your mouse over the sender’s name and see the real email address. If you’re not sure about anything you see, you have two options:
    • Delete the email.
    • Open a new browser window and type in the name of the business or charity as you know it to be. You should be able to find a phone number to call to verify if it’s from a legitimate organization.
  • Unsolicited Text Messages: This is another form of phishing known as smishing. Treat them the same as an email.

Be careful of really good prices when shopping for all products and services. Prices that are too good to be true may be outright fraudulent or carry terms and conditions that are extremely unfavorable to you. Check closely to make sure a product or even an airline ticket or hotel room is not offered by a gray-market or third-party provider. Read the terms and conditions and look for authentic user reviews. Again, if something looks funny, it should raise a red flag.

No matter what you’re looking to do online, it’s more important than ever to use two-factor authentication (2FA) for all the websites you can. While a code sent to your computer or phone is better than nothing, more advanced forms of 2FA, such as authenticator apps or biometrics, rely more on information stored on a specific device, making them more secure.

If you think you may have been hacked, call us – 973-433-6676 – as soon as you possibly can to assess the breach and take steps to close up your security holes.

The Monitor Whisperer

If the eyes are the windows to one’s soul, then the monitor can be the window to your computer’s hardware issues. Here are two examples of what a monitor revealed, and how we found their revelations. It wasn’t as high-tech as you might think.

Our first instance involved a panicked client with a year-old Mac laptop that was hooked up to an external monitor. They said the computer was making a noise intermittently, and they were afraid it was the Mac’s version of a death rattle. We have to admit that the noise confounded us, too.

We did a search on the monitor make and model. Virtually all monitors have a single button that you need to push multiple times to make adjustments, and half the time, the user doesn’t know what adjustments are being made – or not being made. In this case, the monitor has a feedback feature that causes it to make a sound when it wakes up. That is scary until you learn about it; then it’s annoying.

We worked the button to shut off the monitor sounds.

In our second instance, a client thought they were hacked because they kept seeing a message in the corner of the screen. We remoted into their system but never saw that problem. Nor did we find any evidence that they had been hacked or compromised.

One thing you have to keep in mind is that when we look at your computer remotely, we don’t see your monitor screen. We see a representation that enables us to see what’s going on inside your computer. We didn’t see anything on our view, and the client couldn’t see any messages because they saw the same view we did.

Yet the problem persisted. So, we decided to do a FaceTime call, which enabled us to see what the client saw during their normal work. We saw that the monitor was throwing off alerts. We did some research and found the monitor was from 2006. The monitor owed the client nothing. We ordered two new monitors for the client and installed them. The client got better performance from their new monitors and screens with larger viewing areas.

The lesson learned from these experiences is that if we can’t remotely see the problem you reported, it’s likely a hardware issue. Call us – 973-433-6676 – or email us if you see something odd. We can confirm if it’s a hardware issue and help you solve it or replace it. And if it is a software issue, we can take care of that during the remote session.

Carrots: The Root of Speedier Scrolling, Less Clutter

Carrots can provide useful shortcuts for navigation and decluttering your screen. You can find them almost anywhere on your screen. You’ve likely seen them and never paid much attention to them.

The carrot symbol ^ can be pointed in any of four directions on a screen – up, down, left, right – and carrots are most useful in File Explorer and Outlook, although they’re not exclusive to those apps.

Most of us will find carrots useful for doing a quick search in File Explorer. If you look at the upper left corner of File Explorer, you’ll see three listings: Home, Gallery, and your OneDrive. In Home, for example, you might find a screen to the right that shows > Recommended on the top row and > Recent, Favorites, Shared. If one of those three folders is highlighted, you can click on it and get a listing of files for a quick search. You can then open a selected file or simply collapse the listing by clicking on the downward-pointing carrot.

In the next grouping on the left, clicking on Documents or Pictures, for example, opens a dropdown menu of folders and subfolders (showing as many levels of subfolders as you have) to give you a quick look at your files. We’ve found it quicker to search this way than scrolling through our folder or subfolder lists of Documents or Pictures.

Farther down on the left are This PC and Network. Clicking the > carrots will show you more information about files on your PC or devices connected to your network. Again, they’re easily collapsable.

Similarly with Outlook, you can use carrots to expand or collapse your Favorites and the contents of each mailbox (account) that you have through Outlook. This can help you keep your screen less cluttered and more organized, helping to navigate the contents of each account more efficiently.

Working in Microsoft Word, if you keep the ribbon open and expanded across the top, you can access more options by using carrots for things such as fonts, sizes, colors, bullets in bullet lists, etc.

We encourage you to look for carrots in File Explorer, Outlook, and your Office apps. Looking at the results of each click may lead you to a new shortcut that makes your computing life easier.