ZTNA: Your Security Escort Service

So, here’s the problem that starts at your firewall: Your security setup grants permission to a credentialed user to access your system. The credentials have been authenticated by several methods, and the user is free to move about your apps and files. It’s an everyday occurrence with our mobile, hybrid work systems. But what happens when someone either fools your authentication system or decides to go rogue? ZTNA gives you the ability to follow every user everywhere in your system.

ZTNA stands for Zero Trust Network Access, and it’s based on the premise that you can’t trust any user with unfettered access to your entire system. The rationale for a business to use ZTNA goes back to a security breach at Target more than 12 years ago, when the personal and credit card information for some 40 million customers was compromised. It’s become a classic case study for cybersecurity.

In short, hackers exploited a vulnerability in the system of a third-party contractor, a mechanical engineering firm. Using stolen credentials, the attackers gained access to Target’s systems, where they deployed malware on the company’s point-of-sale (POS) devices. This allowed them to capture sensitive customer information without being detected for several weeks.

Granted, firewall security systems have become much stronger over time, but for most of them, you can access any part of a system once you get past the firewall. ZTNA technology never stops tracking any user as long as they’re inside the network.

  • It grants access only to specific applications and files based on system admin’s determination of each user’s need to know.
  • It assumes every access attempt is risky (zero trust).
  • It continuously monitors a user’s activity and verifies it.

In operation, ZTNA sets up one-to-one connections between users and the resources they need. It’s similar to two people who need to contact each other by exchanging phone numbers. But unlike two people exchanging numbers, ZTNA connections need to be re-verified and recreated periodically.

The technology is also device-based, which is critical in our hybrid work world of BYOD (Bring Your Own Device). ZTNA can incorporate the risk and security posture of devices as factors in access decisions. It does this by running software on the device itself (sort of like a license plate reader) or by analyzing network traffic to and from the device.

While there are variations of ZTNA technology, the bottom line is that the protection of your data – and your clients’ and customers’ data – is priceless. This is where we can help. Call us – 973-433-6676 – or email us to talk about your security needs, your workforce’s access needs and your administrative needs.

Standard or Premium? The Answer to the Question

Microsoft 365 is the app suite of choice for businesses, governmental agencies and institutions all over the world. It comes in two versions: Business Standard and Business Premium. The cost difference is $10 to $15 per month per user, which can be significant for larger organizations. Here’s why we think it’s a good investment: SECURITY.

The Premium version has four security features that the Standard version does not:

  • Microsoft Defender for Business provides advanced threat protection, helping to safeguard against malware and phishing attacks.
  • Intune for Device Management allows organizations to manage and secure devices, ensuring that only compliant devices can access company resources.
  • Azure AD Premium with Conditional Access offers granular access controls based on user identity and device compliance, enhancing security for sensitive data.
  • Advanced Compliance Tools include data loss prevention and message encryption, which help protect sensitive information and ensure compliance with regulations.

Premium is recommended for businesses or organizations with up to 300 users that require enhanced security and device management for:

  • Protecting sensitive data against threats like ransomware and phishing
  • Managing devices, especially for remote work
  • Compliance with regulations

Microsoft 365 Business Premium incorporates some principles of Zero Trust Network Access (ZTNA) such as identity verification to control access to applications and resources and continuous verification to verify user identities and device compliance before granting access.

If you have Microsoft 365 Business Premium deployed in your organization, you can always scale up to a full ZTNA program. You and the people in your organization will already be familiar with its principles, and that should ease the migration.

If you’re thinking about moving more of your technology to the cloud or if you want to strengthen your security with measures such as access control and device management, you should talk to us about moving up to Microsoft 365 Business Premium. We can configure it to meet the needs of your organization. Call us – 973-433-6676 – or email us to set up a conference.

Mac’s New ‘Mini’ is the Max

In our opinion, the new MacBook Neo punches so far above its weight for what’s considered an entry-level computer that it’s a real heavyweight for road-warrior business users.

As we wrote this issue of Technology Update, our Neo was on order, and we’re looking forward to getting it with great anticipation. We believe it will be the best device for making the most efficient use of Microsoft Cloud PC, and it will be highly cost-efficient, too.

Costing $599 to $699, it’s a full computer with the size advantages of a tablet – like the iPad – with a built-in keyboard and a high-resolution screen – 13-inch Liquid Retina with 2408 × 1506 resolution. Its A18 Pro chip is capable of handling everyday tasks such as web browsing, document creation, and media consumption. It is not intended for heavy workloads like professional video editing or gaming. Instead, it should be ideal for getting on the internet to access your apps and files and get to work.

The laptop includes:

  • Two USB-C ports (one supporting DisplayPort)
  • A headphone jack
  • Wi-Fi 6E and Bluetooth 6 for wireless connectivity

It comes with 8 GB of RAM and either 256 GB or 512 GB of storage. Both specs are above the entry levels for an iPad 11. It weighs 2.7 pounds and has a battery life of 16 hours. While it does weigh more than an iPad, the weight difference can get wiped out if you have a thick case and need to carry an external keyboard and mouse to try to emulate a computer.

The iPad’s high-resolution touchscreen and lighter weight may be better suited to those who don’t need full computer capabilities. But the Neo can run the full Microsoft 365 applications, and for me, at least, that’s the big winning factor. I was on the fence about it, but in talking with colleagues at various conferences, I was convinced to give it a shot.

We’ll have more about it once I have an opportunity to put it through its paces. In the meantime, we’re happy to talk to you about it and deploying it so that the Mac and Windows operating systems are in sync. Call us – 973-433-6676 – or email us to start the conversation.

COVID and the iPhone 6

We’re still feeling the effects of the COVID-19 pandemic six years ago in many aspects of our lives. When it came to technology, lots of businesses made huge investments to accommodate remote workplaces. If you haven’t made any investments in your technology since then, it’s like using an iPhone 6, which was released in 2014.

What’s the connection? It’s the speed of change. The iPhone 6 debuted 12 years ago. Think about how the performance of your current iPhone compares to an iPhone 6 – or any single-digit model. Remember, we’re up to iPhone 17.

Now, think about all the equipment you bought six years ago to meet the computing needs brought on by the COVID19 pandemic. In half the time that it took the “revolutionary” iPhone 6 to become a benchmark for obsolescence, your COVID-era technology is now obsolete.

Windows-based computing has advanced in four key areas since 2020, starting with the introduction of Windows 11 in 2021. It featured a new interface for improved windows management and productivity features such as Snap Layouts and virtual desktops to help you organize your workspace better.

But the big stuff was under the hood.

Windows 11 includes several security features like Microsoft Defender Antivirus, Trusted Platform Module (TPM) 2.0, and passwordless authentication options such as Windows Hello and Passkeys to protect against cyber threats. Administrator Protection is a new feature that adds an extra layer of security by requiring Windows Hello authentication for admin tasks, reducing the risk of unauthorized system changes.

Windows 11 also brought Microsoft Copilot: An embedded AI-powered tool to help with tasks like summarizing documents, drafting emails, and managing system settings. It also made possible Smart App Control that predicts which applications are safe to run, enhancing security. It was also much faster, making it better able to handle all the tasks we require for complex computing and cloud technology.

For today’s typical business needs, the minimum required specs for a Windows-based computer include an Intel 8th Generation or AMD Ryzen 3000 series processor, 16GB of RAM, and a 256GB SSD. It’s also essential to have the Windows 11 operating system to meet ever-evolving cybersecurity measures and the speed requirements to use cloud-computing effectively. In addition, Microsoft has ended support for Windows 10, and that system will no longer get security updates and bug fixes. Eventually, too, better-performing application software won’t work with it.

We can help you get your hardware up to date. Call us – 973-433-6676 – or email us for an audit.

Brace for the Cost Increases

When it comes to chip shortages and computer prices, the “fun” has just begun. The industry is expecting price increases of at least 25 percent, and no relief is expected until 2028 at the earliest, when manufacturers can get new capacity online. Even if you’re not ready to buy, you need to start planning.

AI is proving to be the blessing and the curse for hardware pricing and availability in today’s world. We’ve been in labs that have AI computers, and they are true technological marvels that drive so many improvements in how we work at just about any job you can imagine. They also require massive amounts of high-quality chips, which manufacturers produce because they have high margins as well as high demand. It’s no wonder that one computer can cost $300,000 to $400,000.

You won’t spend that much, but mistiming a major overhaul of your technology or having to meet emergency needs will wreak havoc on your budgeting. If you were contemplating updating/upgrading your hardware sometime in the next 6 to 12 months, we recommend you move up your timetable. The longer you wait, the more likely it is that your equipment will cost more and that you may not have as many choices.

Similarly, you can expect to pay more for mobile phones and tablets. Memory accounts for around 10 to 20 percent of a smartphone’s cost. Low-margin manufacturers will need to raise their prices accordingly to skimp on upgrades. Manufacturers such as Apple and Samsung are likely better insulated because of their higher margins.

We have partnerships with some of the major computer manufacturers, but it’s hard to say when any kind of benefit from a relationship will get wiped out.

Our advice is don’t panic but start moving ahead. Call us – 973-433-6676 – or email us to evaluate your hardware and software to see what needs an upgrade now and how you can redeploy some of your current equipment. We can also look at what you might do when the law of supply and demand swings back in your favor.

Going Straight to the Cloud

We now have some operating experience with the Windows 365 Cloud PC we recently started using. It’s a cloud-based PC service that lets you access your entire operating system, applications, and files from any device with an internet connection.

We’ve given it a real-life test over the past six weeks or so, and the big advantage is that we don’t need to lug along a laptop computer anymore. Now, all you need is the Windows 365 Link, a small, 8-oz. device that connects you directly to your Windows 365 Cloud PC. Designed for corporate use, it’s priced at $349.

The device runs a simplified version of Windows called Windows CPC, with no local applications or data storage. It can work with a laptop computer, a tablet or a mobile phone. We prefer the tablet because its display is more practical than a phone for looking at documents, spreadsheets, PowerPoints or anything else you might view on a computer screen.

You can connect the device to a monitor – or even dual 4K monitors – if you are working in an office environment. It has four USB ports, an audio port, an HDMI port and a DisplayPort. I like all the internet connectivity options: Wi-Fi 6E, Bluetooth 5.3 or an Ethernet port. For business travelers, you never know what will be available. I’ve been able to log into my Cloud PC account from hotel rooms and cruise ships – as long as a stable connection is available.

I like the security measures that can’t be disabled, such as a Trusted Platform Module (TPM) 2.0 chip, BitLocker encryption, and password-less authentication options. Its minimal operating system reduces the attack surface and integrates with Microsoft Intune for management. Those features are great for implementing and managing security when you have multiple users. There’s also no local data storage. If the device is lost or stolen, nobody can tap it for sensitive data.

The irony is that the laptop became a go-to computer because you can take it anywhere and have full computing capabilities. Now we have an even smaller device that fits the way most of us who travel do business.

We can help you and your road warriors get up and running with Windows 365 Link and your Windows 365 Cloud PC. Call us – 973-433-6676 – or email us to answer any questions you have and get everyone who needs a device all set up.

RAMageddon Raising Computer Prices

Computer prices are skyrocketing. Sony has postponed its new PlayStation 6 to 2029. Why? RAM chips are sold out for the year. We are facing RAMageddon, a term coined by Jason England at Tom’s Guide. If you’re thinking about new computers and/or servers, now is the time to act.

This will be a snooze-you-lose proposition because businesses are turning more and more to cloud-based applications that are driven by AI. If you don’t have computers and servers capable of handling massive amounts of data at lightning-fast speeds, you won’t be able to work at maximum productivity.

The problem is that you and those big AI data centers are looking for the same DRAM (Dynamic Random Access Memory) chips and SSD memory chip storage. RAM chips prices are up 500 percent according to some reports, and SSD memory chips are up 100 percent. Our computer suppliers tell us they’re working off current inventories and will be able to hold the line on pricing until those inventories are exhausted. Then, it will be a matter of finding whatever they can for whatever the market will bear.

The way we see it, computer and server supplies and prices will make the shortages and prices of the COVID era look like bargain-basement shopping. The computer industry doesn’t expect any relief until 2028.

A lot of industry observers say you should buy now and buy as much preinstalled RAM as you can afford for laptops. Most laptops have soldered RAM that you can’t upgrade after purchase, so this is a good general rule of thumb at any point when buying a laptop. But it is even better advice now with prices set to take off. If you can pack 32GB or even 64GB of RAM into that laptop you’re eyeing, go for it.

The same is true for storage. Get the largest hard drive you can. Even though you may do most of your computing in the cloud, your computer’s speed will depend on the combination of RAM and storage to bring in data and work with it before you send finished work back to the cloud.

We’re ready to help. Call us – 973-433-6676 – or email us to discuss your computer and server needs. We can help you shop for the hardware that best meets your needs and then help you get everything installed and configured.

Cellular Wi-Fi? Look Before You Leap

A residential client cut the internet cord in favor of Wi-Fi from their cellular provider. They made the switch abruptly and didn’t get everything they thought they would. If you’re thinking about going cellular for your internet service, you need to have a plan. It’s not a matter of just pulling the plug on one system and plugging in another.

Yes, cellular internet can be cheaper – although the cable internet providers always seem to have a special offer going. You don’t need to bundle services like you used to. The key to cellular is to look at coverage. If you don’t always get a strong cellular signal on your phone at the place you want to put your cellar receiver, you won’t be able to install a good Wi-Fi network.

When you get right down to it, if you have a lot of devices running your Wi-Fi network – phones/tablets, TVs, computers, smart devices, etc. you need 5G ultrawide cellular service – or whatever your carrier calls it – to make it all work. 5G service essentially comes in three bandwidths:

  • Low Band, which has a frequency rate below 1GHz and provides slower speeds (up to 50 Mbps). However, it’s good for building penetration.
  • Mid Band, which has a frequency range of 1 to 6 GHz and balances coverage in urban areas with speeds from 100 to 900 Mbps. It’s commonly used in urban areas.
  • High Band, which has a frequency range up to 24 GHz, provides very high speeds (up to 10 Gbps) but has limited coverage. It’s best for dense urban environments.

The service you get will depend on how your carrier’s network is configured for your location.

While the information above is for urban areas, we believe 5G service is probably better for rural areas, where it’s either impossible or prohibitively expense to run wires. Cable delivers faster, more stable internet service, and that can be important for businesses and homes that offices and lots of devices.

Aside from technical factors, you also need to look at the logistics of your email. If you leave your cable internet provider, you’ll need to migrate to a new email platform. That’s because email from a phone or cable company is essentially a loss-leader service, and the providers have found it’s a costly loss.

We strongly advise against simply cutting one service and starting with a new one. You should take whatever time you need to let people and organizations know your new address, and you should transfer all your messages to your new platform. Your old cable or phone email provider has no obligation to keep your old messages for an extended time once you disconnect from their service.

If you’re considering a move to a cellular internet provider, call us – 973-433-6676 – or email us to discuss it. Let’s look at your Wi-Fi needs and make sure your internet provider can handle everything on your network, and let’s look at your email platform options and plan an orderly migration process.

Yeah, Tablets Are That Good

We stopped by the home of a client we hadn’t seen in person for a while to pick up a couple of old Macs for disposal. They had been in the habit of bringing along a computer when traveling, but when I showed them my iPad with a mouse and keyboard, it started a whole new conversation.

As most of you know, we’ve been traveling a lot lately, and in addition to my phone and computer, I’ve brought along my DSLR (digital single lens reflex) camera for fine photography. The computer has been a necessity for complex remote service for our clients’ tech problems and for downloading our photos as we go from place to place.

However, I’ve been able to add a keyboard and mouse to my iPad, and that’s mostly made my computer unnecessary. The display clarity on my iPad is nothing short of remarkable, and the screen is big enough to give me all the information I need for work and play. I can access clients’ computers remotely and see their screens as well as I can with a computer.

For a short time or maybe longer, you might find a tablet more to your liking than your laptop, especially if you travel a lot or are mostly mobile. Many of the apps we use, such as Microsoft 365 with Word, Excel and PowerPoint, have mobile apps for Apple and Android phones and tablets. You can also find mobile versions for apps like Photoshop or use the phot editing capabilities in iCloud or Google Photos. All of them take advantage of the cloud, and they work well on tablet screens.

And while we’re on the subject of phones, we’re increasingly inclined to leave our large cameras in our hotel rooms or ship cabins – or even at home – because the lenses in our phones’ cameras are getting better. We can tout the benefits of the latest iPhone Pro models. They’re small enough to put in our pocket but have the capabilities of any point-and-shoot camera and a wider angle lens on a DSLR. They are also very good in low-light environments. The only area where the DSLR and a high-quality lens are better is a long-distance closeup.

And, of course, when you upload your pictures to the cloud – from both your phone or your DSLR – you can see a large, crisp display of each photo on your tablet screen and make some quick edits, such as cropping and color/light adjustments.

Call us – 973-433-6676 – or email us to talk about finding more ways to use your tablet instead of your computer and to see what tablet may best suit your needs. And we might even be able to help you find a photography club, too.

Arming the ‘Road Warrior’

I’ve been traveling a lot over the past two years, and that’s made me more conscious than ever about what we all need to do to create mobile fortresses wherever we are. Some of the best defenses are tried and true, and some take advantage of new technologies. Here are steps for you to consider.

If you haven’t done so already, the first thing you should do is install a VPN on every device you use in a place that’s not your office or home. A VPN, or Virtual Private Network, creates a secure connection between your device and the internet. It encrypts your internet traffic, making it unreadable to anyone who might intercept it, and routes it through a remote server, which helps protect your online activities from being monitored. It also protects sensitive information, such as passwords and personal data, especially on public Wi-Fi networks. And if you’ve been reading this newsletter for several years, you know that we don’t consider a password from a publicly provided network, such as a hotel, to be secure.

A VPN can replace your real IP address with its own server IP address and enhance your online privacy by making it difficult for websites and services to track your location and browsing habits. It also allows you to bypass geographic restrictions on websites and streaming services so you can access content that may be blocked where you are.

With a VPN significantly improving your online security and privacy, you can take advantage of other technologies, such as Microsoft’s Cloud PC, which allows you to access a full Windows desktop experience from any device with an internet connection. For business travelers, this means you can replicate your work environment during a flight or while sitting in a public place.

I’ve started using it during my travels to conferences as well as while on vacation. It has two major caveats, which don’t bother me at all. One is that it is a subscription service, so I wouldn’t recommend it for casual use. The other caveat is that it works better on a laptop computer or a tablet. Because it displays what you would get if you logged into your Microsoft 365 account on your office computer, you need a bigger screen. I think a telephone display is too small to be effective.

Combining a VPN and Cloud PC are just two tools you can use to make your online life safe and efficient. We can help you find and configure the tools you need to be productive on the road – or in the air or at sea. Call us – 973-433-6676 – or email us to discuss your needs for online safety when away from the office.