Rule Over Your Domain

We’re seeing more instances of clients and their customers/clients losing access to their websites and emails connected to their domains. The reason why? Somebody missed a notice to verify their identity with their domain registrar.

Prevention is totally within your control. It just requires paying attention to a couple of things that are easy to overlook – as these two stories illustrate.

On a recent Sunday morning, a client called to report their website and email were down. The bad news is that most problems like these seem to happen on a weekend. The good news is that they can be fixed before they interrupt business. When internet systems go down, we look for technical issues, such as the connections between our clients and their host companies or problems with the host company.

In this case, it was an identification issue. Domain registrars, the companies that issue domains, periodically send out a request for the domain holder to verify who they are who they say they are. It should be a simple matter going into your account with your registrar and verifying the names and contact info for the domain owner and the technical contact are correct.

When you don’t respond, two problems typically arise. First, most domain owners miss the message to verify their information because it comes across as a phishing email and gets deleted or ignored. Second, it winds up in a spam folder that never gets checked.

For this client, it took us 2-1/2 hours to solve the problem. First, we checked with their website company, who reported not seeing any notice for verification. Then, we went into their email system and into a list of emails they had deleted and trashed. It’s like going through an electronic dumpster, but we found and retrieved the message – which was never opened. They were fortunate to discover the problem and fix it before the business week began.

In a second case, it took a client more than two weeks to resolve a verification issue for its domain. Outages of this length are usually the result of somebody not having the credentials to get into their registrar’s website to verify their information. You have to jump through hoops to reestablish your credentials.

You can avoid all of this by knowing your username and password for your registrar’s website. It’s your responsibility as the domain owner. If you don’t know the info now, make it a priority to find it or start the process to reestablish your credentials. Second, make it a point to check your spam files or junk mail at least once a day to make sure nothing important is buried there. Third, make it a point to log in to your account with your registrar every six months to verify your info.

If you can’t find your domain registration information or need to manage your email, call us – 973-433-6676 – or email us. We can help you work with your registrar to verify or reestablish your credentials (and store a backup copy), and we can help you set up rules to better handle spam or junk mail.

Getting Oversubscribed and Fed up

Our love-hate relationship with Microsoft – and Apple and Google – is coming to a head. Our beef right now focuses on Microsoft and its hard push to get users to adopt the New Outlook. It’s the default for Microsoft 365 subscriptions, and it’s not as feature-rich as the Old Outlook, which Microsoft calls Classic Outlook. Subscription prices are another issue.

Let’s get one issue out of the way. We like subscriptions for application software, such Microsoft 365. They provide regular updates and bug fixes automatically, either periodically or as needed, to make sure you have the latest performance and security features. As we use the cloud more, these updates become a bigger benefit.

Our beef with Microsoft is with the New Outlook. In our opinion, Microsoft is pushing us into a new system that has fewer features than the one it replaced. We recently covered the differences between Old and New Outlook, and we invite you to revisit that article. Microsoft essentially forced us to go with New Outlook before it was ready for prime time. It may be faster, but Microsoft took away many features in the new version. It seems like they made the move for their own convenience, not for the betterment of its customers. They say they will restore some features, but we have to ask why they didn’t get in all the features before they rolled out the new version?

You can go back to the Old Outlook by clicking on the Help tab along the top of your screen and then clicking on Go to Classic. But it’s not a simple toggle-back-and-forth process. It takes some time, which you may not have when trying to get a lot of things done.

You really don’t have a lot of choices. Most organizations are locked into Microsoft 365 for email (Outlook), its suite of Office products (Word, Excel, PowerPoint, etc.), and the collaboration enabled by OneDrive and Teams. Everyone knows how to use the apps, and businesses, non-profits and governments know how to support them, either through internal tech departments, IT consultants or both.

Microsoft knows they have a firm grip. If they maintain the best possible security measures for their customers, they can get away with fewer features to support while raising prices. They’ll add features (and support them) when enough customers kick and scream or when another software provider threatens a piece of their market.

We can help you on the economic side by analyzing all your Microsoft and other application subscriptions to see where we can eliminate duplications of licenses or scale back some to meet your needs more efficiently. There’s no need to be oversubscribed. Call us – 973-433-6676 – or email us to set up an appointment.

Hardware Plays Hard to Get

As we were writing this issue of Technology Update, tariffs hit the fan. We have discussed their possible impact on prices before, but that was hypothetical. Now, they’re real, but we’re still not sure where they will land and how they will affect supplies and prices. At the same time, technological advances make hardware obsolete faster.

Before tariffs were officially announced, we saw a 10 percent minimum increase in hardware prices. Now, nobody is betting on how long the tariffs will stay in effect and for how long. Anyone who’s been living on the bleeding edge of their hardware’s service life – and there are many – has to feel uncomfortable because there is uncertainty supplies, prices and delivery dates.

That discomfort is heightened by a crunch from software providers, who need to meet demands for better online security and performance from operating systems and applications. It used to be that in some cases, you could expect seven years of service from a piece of equipment. That’s because the hardware manufacturers could provide updates for their products’ firmware (hardware operating system software) to keep pace with software developments.

Today, hardware can become obsolete in as little as three years. Security systems, working in the cloud, and higher-performing application software all demand more powerful equipment. The technology industry has made a business decision to put its resources into supporting the larger base of forward-moving customers than those who are trying to hang on to older systems.

For some organizations, it’s a double-edged sword. They find it’s especially critical to be lean and mean to survive in tougher economic conditions. But they can’t cut away too much meat after they’ve trimmed all the fat. At some point, they’ll need to buy new hardware regardless of the price.

The best way to work around a double-edged sword is to see what hardware is connected to the internet. That’s a security move. Hackers look for the weakest link in any system, and if you have any hardware that’s connected to the internet, it must be able to handle the latest security software.

When one of our retail clients ordered 10 new computers, we saw one old computer just running ads on a TV in their store. It was not connected to the internet, and that was a perfectly good use for it. You may have equipment in your office that’s not connected to the internet – or can be used without an internet connection.

We can help you make more efficient use of your hardware by taking a close look at what equipment you have to determine what needs to be replaced and what can be used in other ways. Call us – 973-433-6676 – or email us to set up an appointment.

Making Technology Work Abroad

When you travel to some of the more remote parts of the world or parts of the world that lag in communications technology, you need to be flexible. You could need to work around slower internet service or service blackouts. But you may not be able to easily work around security and tech support issues that can crop up at the most inopportune time.

As experienced travelers and technology experts, we’re used to dealing with less-than-ideal conditions. But we still came across glitches we didn’t foresee. We need to plan for less-than-optimal service (sometimes no service) and problems with internet access, and we need to have some flexibility.

When we were in a game reserve in South Africa, we knew there would be limited Wi-Fi or cellular service, but we were too busy being awed by all the animals we saw. We were surprised on our cruise ship when we were in Madagascar. The ship had internet blackouts; there was no Wi-Fi service. Satellite connections were not available. We also had to work around 3G technology (which has basically been eliminated in the United States). In some cases, VPNs would not allow access to certain websites – and we had counted on that access for certain business needs.

This presents an interesting dichotomy. We take vacations to get away from our normal routines, but sometimes we need to stay in touch. We like being able to resolve issues remotely for our clients or get a detailed understanding of issues so that we instruct those who provide services on our behalf. We believe it’s a critical part of our pledge to serve you.

We also like to take a lot of photographs and shoot videos to share with family and friends during our vacations. With images and videos creating ever larger files, we rely on fast internet service, which may not be available.

Then, there’s the matter of security, especially with authenticator apps and VPNs (virtual private networks).

Authenticator apps are part of the two-factor authentication (2FA) process for accessing websites. The first thing you should do is log in to your authenticator app and make sure it works. You should especially make sure it works with any privacy measures you might take, such as a VPN. Microsoft Authenticator (our preferred app) and Google Authenticator are two of the most commonly used apps, and they work with mobile devices – even if you are logging in from a computer.

If you get a new phone or tablet, you’ll need to reinstall your authentication app; it doesn’t transfer. When we get a client call about an authenticator problem, the first question we ask is whether you have a new phone. We can always walk you through the setup process.

While we’re on the subject of VPNs, be prepared for yours not to work when logging in to a website you normally use. In some countries, an international company’s website might be hosted in a country outside the US. If you are running a VPN that identifies your device as being in the US, just hope it works well so that you can access the site. If you need to contact that company’s tech support, make sure you know what time it is in their location.

If you’re planning a trip to remote locations anywhere in the world – even here in the US – we can help you with contingency plans based on your needs. Call us – 973-433-6676 – or email us to see what you can do.

Turn on 2FA with Microsoft 365

If you’re using Microsoft 365 without two-factor authentication (2FA), you could have a basic security problem. Cybercriminals are taking advantage of a loophole in Microsoft’s Basic Authentication, an outmoded system doesn’t require extra security checks, like a second password or a verification code sent to your phone. Here’s how to harden your system.

Hackers are using a method called “password spray and pray,” where they try common passwords across many accounts, hoping for a match. Security researchers have discovered that a botnet of at least 130,000 infected devices is being used in this attack. The hackers use non-interactive sign-ins, a method commonly used for automated logins between services. Because these logins don’t require human interaction, they often bypass 2FA protections, and many security protocols don’t pay much attention to them.

While Microsoft is phasing out Basic Authentication, it will still be partially active until September 2025. The threat is immediate and serious.

If you have a website, experts urge you to disable Basic Authentication and monitor non-interactive sign-in logs. You should also adopt access policies based on location and device security to restrict logins from unknown locations or requiring extra security steps for an unfamiliar device. Enabling multi-factor authentication (MFA) or certificate-based authentication would require users to verify their identity with a second factor, like a phone code or fingerprint scan. Even if hackers steal a password, they still won’t be able to access the account without this extra verification.

On the user side, eliminate multiple-use passwords. A password manager makes it easy to generate long, unique, complex passwords that are extremely hard to hack. And if a hacker does happen to hit one, it’s highly unlikely they’ll get another one.

If the websites you use require 2FA, we suggest using your password manager to set up a six-digit token through your phone’s authenticator app. With a cell phone, you can use facial recognition or fingerprint for authentication. And there’s still the six-digit code sent to your phone as a text message or an email.

We can help businesses and individual users upgrade or improve their online security. Call us – 973-433-6676 – or email us to talk about your needs.

When Old Technology Meets the Present Day

This is a cautionary tale about how many businesses maintain years and years of data storage. They’ve maintained servers and stored them on disks using RAID 5 technology. It’s a reliable system, but when you need to retrieve data, it can present a lot of costly complexities, as one of our clients recently discovered.

Our client was having trouble retrieving data and asked us to take a look. They gave us a half-dozen or so drives, and our immediate problem was that we couldn’t just pop them into a machine and take a look.

The problem was that our client had a server configured for RAID 5. In technical terms, RAID 5 is a configuration – redundant array of independent disks – that utilizes disk striping with parity. It enables you to distribute data across multiple drives with a parity check. This ensures data integrity even if one drive fails, and the configuration makes fast data retrieval possible.

However, it requires a minimum of three drives to function properly, and you need detailed record keeping to retrieve your data. That’s where the problem comes in. You need to take a Sharpie and identify each RAID 5 drive you have from the oldest to the newest. If you can’t view them in their proper sequence, you can’t retrieve your data.

If you have data on RAID 5 disks, you should consult an IT pro to see if you can dump your data to an external drive. However, it won’t be cheap. The cost can be $250 to $500 per disk to copy data to an external drive. The more disks you have, the harder it can be – unless you absolutely have them in the right sequence. And the process can be more difficult – if not impossible – if a disk is inadvertently fouled.

A better choice is RAID 1, commonly referred to as disk mirroring. Hard disks are kept in sync with one another so that if a disk were to fail, an exact copy remains, ensuring no loss.

In the event of a drive failure, recovery is easy since the duplicate drive can take over immediately. Read performance can be enhanced as data can be read from multiple disks simultaneously. The major drawback is that storage capacity is diminished, which means you’ll need more disks. In our opinion, that could outweigh the drawbacks of RAID 5, which requires more time and resources to rebuild data after a drive failure and can have slower write operations because of the need to update parity information.

We can help you determine which storage need is better for you or help you organize RAID 5 disks for more efficient data retrieval. Call us – 973-433-6676 – or email us to discuss what’s better for you.

Is ‘Zero Trust’ in Your Future?

The words “zero trust” in Zero Trust Network Access (ZTNA) are probably appropriate in a time when it seems like we don’t trust anybody about anything. ZTNA is being touted as a replacement for VPNs (Virtual Private Networks), especially for remote business needs. It could be more effective, but small businesses will need to jump through hoops.

ZTNA is a technology designed to limit who can access a network and where in the network they can go. The limits are important. For example, anyone who can access a Microsoft 365 network as a global administrator can effectively play God; they can do ANYTHING.

The goal of a ZTNA is to keep out false gods. Its proponents tout the following benefits:

  • Invisible infrastructure: ZTNA allows users to access applications without connecting them to the corporate network, thereby eliminating risk to the network.
  • More control and visibility: Managing ZTNA solutions is easy with a centralized admin portal with granular controls. Managers can see everything and create access policies for user groups or individual users.
  • Simpler app segmentation: Because ZTNA isn’t tied to the network, organizations can segment access down to individual applications instead of complex network segmentation.

Proponents further contend ZTNA is faster and more convenient than VPNs, offer better security, and are easier to manage. Gartner, a technology and research consultancy for large corporations and government, predicts its client base will largely phase out VPNs for ZTNA.

If you’re a small business or nonprofit organization that deals with large companies and government agencies, you may need to learn how to live in the world of ZTNA at the very least. If you want to adopt for your own use, you’ll need to answer some risk/reward questions:

  • Do you need a Ft. Knox type of defense system?
  • Are you willing to build new access systems to maintain your current business process?
  • Are you willing to take on the learning-curve risks of implementing a new security system?

There are no cookie-cutter solutions to changing your security measures. Call us – 973-433-6676 – or email us to discuss the specifics of ZTNA, especially if you need to use it to comply with another organization’s directive. We can help you design and implement a plan that minimizes your risk as best as possible.

New Outlook has Mixed Benefits

Classic Outlook has aged like a good wine, but Microsoft is pushing more users to the New Outlook for managing emails, contacts and calendars. Some features are gone from the New Outlook, and some are hidden.

Deciding whether to hang in with the Classic Outlook or go to the New version depends on how you use the app. However, keep in mind that Microsoft is like Lola. What Microsoft wants, Microsoft eventually gets – and at some point, they’ll stop supporting Classic Outlook to force everyone into New Outlook.

Microsoft touts a more minimalist interface for New Outlook that it says is more in line with Windows 11 and AI and handles email, calendars and contacts better. One of the specific benefits is they claim is the use of AI to help you write better emails, but you can turn off the autofill. They also claim New Outlook can let you access your emails – including Gmail, Yahoo, and even your “shopping account” – from one spot on every Windows device. And you can organize your appointments, share availability and events with a click, and ensure time for important people and events.

However, Microsoft took away a number of key functions that they may or may not restore. These include features involving multiple mailbox accounts and ways in which accounts can be shared from SharePoint. Some “take-aways” are scheduled to be restored, and some are still under investigation. The company says it’s looking for user feedback in deciding what to restore and when that might happen.

Quite honestly, we think this hurts Microsoft’s credibility, but it also shows where all major software companies are headed. They will make changes seemingly on a whim without regard to how those changes affect our ability to maximize our production. Features might come back – or they might not.

Together, we need to be flexible in how we use software such as Outlook, but on the other hand, we can force the issue somewhat. We can look specifically at how you use Outlook and determine what Classic features we may be able to recapture some things that were lost or help you find ways to make better use of New Outlook.

As much as we might yearn for the “good old days” of apps like Classic Outlook, it’s likely we’ll all be using New Outlook sooner rather than later. So, let’s get a head start on adapting to it. Call us – 973-433-66765 – or email us to see how you can bridge the Classic and the New to make Outlook work better for you.

Busting the Passkey Myths

Passkeys are replacing mere passwords at a rapid pace, and that may be scary for some people. Passkeys are inherently more secure than passwords. For the most part, they are extremely difficult (we won’t say impossible) to crack, and that’s why you should get more comfortable with using them.

Tech leaders such as Microsoft, Google, and Apple are among those leading the passkey charge because there are nearly 7 million combinations of usernames and passwords on the dark web. When your passwords end up on the dark web, cybercriminals can use them to get into your accounts and steal your private data. That’s why passkey-based authentication is becoming a fast-growing trend. Their main benefits are that they can’t be stolen like passwords, and there’s nothing for you to remember.

Still, myths persist, and Dashlane, the password manager app that we prefer, has its own magnificent seven myths it wants to bust.

  1. If you lose your phone, you can’t access your passkeys. If you have a password manager, your passkeys should sync across all devices – unless you “cheaped out” on a freebie. If you only use a mobile device for your passkey, make sure you store it in your phone’s password app. That will enable you to move them to your new device.
  2. Only Google and Apple currently sync passkeys. Third-party passkey providers like Dashlane use their own cloud infrastructure for syncing, similar to Google and Apple. Microsoft has announced that synced passkeys will be coming to Windows 11 and associated with Microsoft accounts. Google recently indicated that synced passkeys in Google Password Manager will soon be available on both macOS and Windows.
  3. Passkeys send your biometric information over the internet. All verification methods operate solely on your device. No biometric information is sent to the website, only confirmation that verification was successful.
  4. You can change your password but not a passkey. Passkeys can be changed simply by deleting them from the website they’re set up with and re-enrolling a new one. This is because every new passkey is unique, even when multiple passkeys are set up for the same website.
  5. PIN codes are not as secure as passwords. Once a device PIN code is set up, it can only be used on a particular device. That’s a security feature not available with a password.
  6. Using a password manager for your passwords is better than using passkeys. While password managers help, they can’t completely prevent phishing. Passkeys, by contrast, are phishing-resistant by design. Additionally, almost all leading password managers now support passkeys for both secure password storage and the added protection of passkeys.
  7. Passkeys are a way for vendors to lock users into their platforms. The FIDO Alliance has published new standards that will allow password managers to safely and easily export passwords and passkeys.

The myths point to a certain intimidation factor about using passkeys. Our advice is don’t be intimidated. We can help you set up an authentication app, such as Microsoft Authenticator, and other methods, such as biometrics and PIN codes. Call us – 973-433-6676 – or email us to talk about what’s best for you and your organization.

We’re Traveling in January

We’ll be taking the trip of our lifetime, starting Jan. 10, when we head to South Africa, Madagascar, Mauritius and few other stops on the other side of the world. You won’t lose our support while we’re gone, and we’ll have the chance to see how some of Apple’s new communications technologies are working.

Most of our previous travels have been to places with good communications infrastructures, and that’s always enabled us to plan with some certainty how we can serve your needs. We’re still going to serve your needs; we have Apple’s iOS 18 with the ability to communicate via satellite when no Wi-Fi or cellular service is available.

So, we’ll be able to stay in touch with you and our support resources whether we’re on a game reserve or in a jungle or rain forest.

Just to remind all of you, when we are away, it’s best to call our office – 973-433-6676. We have people trained to get the information we need to serve you best by contacting us or going directly to one of our trusted partners. If need be, we can get in touch with you or resolve your issue remotely.

Because the places we will be visiting are 7 to 9 hours ahead of New Jersey, we will be doing our activities while you’re asleep, and our downtime will be during your waking hours.

If you happen to be traveling to some remote areas of the world and have an iPhone 14 or newer, you’ll be able to take advantage of Apple’s new communications technologies. You should be able to send and receive texts, emojis, and Tapbacks over iMessage and SMS. To connect to a satellite, you will need to be outside with a clear view of the sky and horizon. You can learn a lot more by visiting Apple’s support page for messages via satellite.

In the meantime, we have a month until we leave. If you have some issues that need attention or questions about planning future maintenance or the purchase and configuration/installation of new equipment, let’s take care of it as soon as possible. Call us – 973-433-6676 – or email us to discuss your needs.