Is ‘Zero Trust’ in Your Future?

The words “zero trust” in Zero Trust Network Access (ZTNA) are probably appropriate in a time when it seems like we don’t trust anybody about anything. ZTNA is being touted as a replacement for VPNs (Virtual Private Networks), especially for remote business needs. It could be more effective, but small businesses will need to jump through hoops.

ZTNA is a technology designed to limit who can access a network and where in the network they can go. The limits are important. For example, anyone who can access a Microsoft 365 network as a global administrator can effectively play God; they can do ANYTHING.

The goal of a ZTNA is to keep out false gods. Its proponents tout the following benefits:

  • Invisible infrastructure: ZTNA allows users to access applications without connecting them to the corporate network, thereby eliminating risk to the network.
  • More control and visibility: Managing ZTNA solutions is easy with a centralized admin portal with granular controls. Managers can see everything and create access policies for user groups or individual users.
  • Simpler app segmentation: Because ZTNA isn’t tied to the network, organizations can segment access down to individual applications instead of complex network segmentation.

Proponents further contend ZTNA is faster and more convenient than VPNs, offer better security, and are easier to manage. Gartner, a technology and research consultancy for large corporations and government, predicts its client base will largely phase out VPNs for ZTNA.

If you’re a small business or nonprofit organization that deals with large companies and government agencies, you may need to learn how to live in the world of ZTNA at the very least. If you want to adopt for your own use, you’ll need to answer some risk/reward questions:

  • Do you need a Ft. Knox type of defense system?
  • Are you willing to build new access systems to maintain your current business process?
  • Are you willing to take on the learning-curve risks of implementing a new security system?

There are no cookie-cutter solutions to changing your security measures. Call us – 973-433-6676 – or email us to discuss the specifics of ZTNA, especially if you need to use it to comply with another organization’s directive. We can help you design and implement a plan that minimizes your risk as best as possible.

New Outlook has Mixed Benefits

Classic Outlook has aged like a good wine, but Microsoft is pushing more users to the New Outlook for managing emails, contacts and calendars. Some features are gone from the New Outlook, and some are hidden.

Deciding whether to hang in with the Classic Outlook or go to the New version depends on how you use the app. However, keep in mind that Microsoft is like Lola. What Microsoft wants, Microsoft eventually gets – and at some point, they’ll stop supporting Classic Outlook to force everyone into New Outlook.

Microsoft touts a more minimalist interface for New Outlook that it says is more in line with Windows 11 and AI and handles email, calendars and contacts better. One of the specific benefits is they claim is the use of AI to help you write better emails, but you can turn off the autofill. They also claim New Outlook can let you access your emails – including Gmail, Yahoo, and even your “shopping account” – from one spot on every Windows device. And you can organize your appointments, share availability and events with a click, and ensure time for important people and events.

However, Microsoft took away a number of key functions that they may or may not restore. These include features involving multiple mailbox accounts and ways in which accounts can be shared from SharePoint. Some “take-aways” are scheduled to be restored, and some are still under investigation. The company says it’s looking for user feedback in deciding what to restore and when that might happen.

Quite honestly, we think this hurts Microsoft’s credibility, but it also shows where all major software companies are headed. They will make changes seemingly on a whim without regard to how those changes affect our ability to maximize our production. Features might come back – or they might not.

Together, we need to be flexible in how we use software such as Outlook, but on the other hand, we can force the issue somewhat. We can look specifically at how you use Outlook and determine what Classic features we may be able to recapture some things that were lost or help you find ways to make better use of New Outlook.

As much as we might yearn for the “good old days” of apps like Classic Outlook, it’s likely we’ll all be using New Outlook sooner rather than later. So, let’s get a head start on adapting to it. Call us – 973-433-66765 – or email us to see how you can bridge the Classic and the New to make Outlook work better for you.

Busting the Passkey Myths

Passkeys are replacing mere passwords at a rapid pace, and that may be scary for some people. Passkeys are inherently more secure than passwords. For the most part, they are extremely difficult (we won’t say impossible) to crack, and that’s why you should get more comfortable with using them.

Tech leaders such as Microsoft, Google, and Apple are among those leading the passkey charge because there are nearly 7 million combinations of usernames and passwords on the dark web. When your passwords end up on the dark web, cybercriminals can use them to get into your accounts and steal your private data. That’s why passkey-based authentication is becoming a fast-growing trend. Their main benefits are that they can’t be stolen like passwords, and there’s nothing for you to remember.

Still, myths persist, and Dashlane, the password manager app that we prefer, has its own magnificent seven myths it wants to bust.

  1. If you lose your phone, you can’t access your passkeys. If you have a password manager, your passkeys should sync across all devices – unless you “cheaped out” on a freebie. If you only use a mobile device for your passkey, make sure you store it in your phone’s password app. That will enable you to move them to your new device.
  2. Only Google and Apple currently sync passkeys. Third-party passkey providers like Dashlane use their own cloud infrastructure for syncing, similar to Google and Apple. Microsoft has announced that synced passkeys will be coming to Windows 11 and associated with Microsoft accounts. Google recently indicated that synced passkeys in Google Password Manager will soon be available on both macOS and Windows.
  3. Passkeys send your biometric information over the internet. All verification methods operate solely on your device. No biometric information is sent to the website, only confirmation that verification was successful.
  4. You can change your password but not a passkey. Passkeys can be changed simply by deleting them from the website they’re set up with and re-enrolling a new one. This is because every new passkey is unique, even when multiple passkeys are set up for the same website.
  5. PIN codes are not as secure as passwords. Once a device PIN code is set up, it can only be used on a particular device. That’s a security feature not available with a password.
  6. Using a password manager for your passwords is better than using passkeys. While password managers help, they can’t completely prevent phishing. Passkeys, by contrast, are phishing-resistant by design. Additionally, almost all leading password managers now support passkeys for both secure password storage and the added protection of passkeys.
  7. Passkeys are a way for vendors to lock users into their platforms. The FIDO Alliance has published new standards that will allow password managers to safely and easily export passwords and passkeys.

The myths point to a certain intimidation factor about using passkeys. Our advice is don’t be intimidated. We can help you set up an authentication app, such as Microsoft Authenticator, and other methods, such as biometrics and PIN codes. Call us – 973-433-6676 – or email us to talk about what’s best for you and your organization.

We’re Traveling in January

We’ll be taking the trip of our lifetime, starting Jan. 10, when we head to South Africa, Madagascar, Mauritius and few other stops on the other side of the world. You won’t lose our support while we’re gone, and we’ll have the chance to see how some of Apple’s new communications technologies are working.

Most of our previous travels have been to places with good communications infrastructures, and that’s always enabled us to plan with some certainty how we can serve your needs. We’re still going to serve your needs; we have Apple’s iOS 18 with the ability to communicate via satellite when no Wi-Fi or cellular service is available.

So, we’ll be able to stay in touch with you and our support resources whether we’re on a game reserve or in a jungle or rain forest.

Just to remind all of you, when we are away, it’s best to call our office – 973-433-6676. We have people trained to get the information we need to serve you best by contacting us or going directly to one of our trusted partners. If need be, we can get in touch with you or resolve your issue remotely.

Because the places we will be visiting are 7 to 9 hours ahead of New Jersey, we will be doing our activities while you’re asleep, and our downtime will be during your waking hours.

If you happen to be traveling to some remote areas of the world and have an iPhone 14 or newer, you’ll be able to take advantage of Apple’s new communications technologies. You should be able to send and receive texts, emojis, and Tapbacks over iMessage and SMS. To connect to a satellite, you will need to be outside with a clear view of the sky and horizon. You can learn a lot more by visiting Apple’s support page for messages via satellite.

In the meantime, we have a month until we leave. If you have some issues that need attention or questions about planning future maintenance or the purchase and configuration/installation of new equipment, let’s take care of it as soon as possible. Call us – 973-433-6676 – or email us to discuss your needs.

Microsoft’s Outage Issues

Microsoft outages seem to be a regularly occurring event, and that’s a real problem for all of us as we grow even more dependent on technology. The bad news is that the problem won’t get any better. Here’s a look at the industry’s metrics.

From my old help desk days, we followed the “rule of five-nines.” This meant our goal was to be “up” 99.999 percent of the time. Is it attainable? It sounds like a great marketing goal, but the reality is that no global company with the size and scope of Microsoft – or Google or Amazon or anyone else – can be perfect. It doesn’t matter which company you use; their service depends on the reliability of satellites and cables for connections and the power grid to keep them online. As we use online services more extensively, we can strain the capacities of those resources.

According to ThousandEyes Internet and Cloud Intelligence from Cisco, more than 90 percent of the world’s data centers experience outages. Local ISPs (internet service providers) experience the most outages, trailed by CSPs (cloud service providers). Outages increases are attributed to more demand on their infrastructures.

You’re not going to get any better service by switching the companies you use; they all face the same challenges. And they share some challenges with you, and those will be hard to plan for based on the world’s political and economic environment. This is not a political statement; it’s just a clear-eyed look at potential problems. For example, will there be a rush to order new equipment before possible tariffs go into place? Supply and demand issues ahead of any tariff issues will undoubtedly affect prices and inventories.

What can you do? We’ve discussed many of the steps you can take, so let’s put them in perspective.

  • Be backup savvy. Make sure all the data you and your employees use is backed up frequently in multiple places. In addition to backing up data, have battery backup capability so you can save data and close applications. This is more critical for desktop computers; laptops and phones have batteries.
  • Keep all your software up to date. It’s all related. Up-to-date operating systems and apps perform better, and that performance may be the difference in finishing and saving critical data or losing something that will take a long time to recreate or that might be lost forever.
  • Think about replacing computers and other hardware that’s approaching five years of service time. It’s nearly five years since the COVID-19 pandemic, when a lot of companies and individuals bought new hardware to be able to work effectively from remote locations. Five years is about the effective service life of most equipment, and your equipment may be on the same timeline as many other users. Our vendors and distributors have told us to expect shortages just for this reason.

We can help you set up a plan to replace your aging hardware and make sure all the systems you keep have the best prospects of making it through the next year or so. Call us – 973-433-6676 – or email us to discuss your needs.

Windows 10 ‘Support’

We’ve been talking about this for a while. Microsoft will end its support for its workhorse Windows 10 operating system next October. The good news is that the company will provide security patches and bug fixes until October 2026. The bad news is that it will cost you $30 per device. The worse news is that we don’t know how long that support will last – and you won’t get any performance enhancements. Right now, it’s a matter of kicking the can down the road.

The can is called Microsoft’s Extended Security Updates (ESU) Program, and enrollment will open near the end of the current Windows 10 support program in October 2025. It will only cover security updates, and its effectiveness will be limited by Windows 10’s limitations. This is Microsoft’s way of giving in to customer demands to keep Windows 10 alive – at least for now. Older computers can run Windows 10 but may not work with Windows 11.

Thirty bucks a device sounds cheap enough until you look at what you get for your money – and what you don’t get.

The ESUs are just for security updates. You don’t get any new capabilities, performance improvements, or bug fixes that come with the newer software versions. Then, you need to worry about other limitations and risks.

  • You’re still vulnerable to other types of threats, like zero-day exploits or advanced persistent threats.
  • ESUs don’t guarantee compatibility with other software or hardware. Your outdated systems may not work properly with newer applications or devices, leading to productivity and security issues.
  • ESUs can create a false sense of security. Just because you’re getting security patches doesn’t mean your systems are fully protected. Hackers are consistently discovering new ways to exploit vulnerabilities, and outdated software is an easy mark.
  • ESUs can slow down your business and hinder your business growth. Companies get complacent with ESUs, and before they know it, they’re years behind on their technology and struggling to keep up with their competitors.
  • There are no guarantees that Microsoft will continue ESUs or that they will hold the price.

At some point, you may have no other choice than to buy new computers and move to Windows 11. But Microsoft’s ESU for Windows 10 could buy you some time – or let you procrastinate longer. Either way, it’s kicking a bigger, heavier can down the road. Don’t stub your toes. Call us – 973-433-6676 – or email us to discuss your technology footwork.

Dumpster Diving – Email Style

We get overloaded with email and tend to let it just sit in our inboxes. When you max out your storage space, which is the equivalent of an electronic dumpster, you can create problems that are time-consuming and costly to fix.

Email overload became a vexing problem for a client who had 160,000 messages in their inbox, which Outlook limits to 50 GB. They wanted to delete some messages and keep some, but there were just too many messages to go through individually.

We decided the most practical course of action would be to delete all the messages except for those from the last three months. But that solution created other problems. There are limits on how much email you can simply delete. There’s also an issue of how Outlook handles deleted files: they just don’t go to an electronic landfill. They can go to recoverable folders, where they stay for 30 days before going to the “landfill.”

You can delete a large number of files by going to your Outlook online instead of your Outlook mail client. That’s what we had to do, but the process took hours. You can prevent the problem by just paying more attention to your inbox management. Try some of these measures:

  • Delete unwanted/unneeded email as you go. New Outlook’s default lists your messages on the left, and the preview pane on the right shows you the content. As long as you don’t open the email, it won’t harm your system. You can simply click on the trash can in the list to delete the message.
  • Set up subfolders within each account. Within each account, you can set up subfolders and drag-and-drop file messages there. That keeps them out of the dumpster.
  • Empty deleted emails on a regular basis. Whether you do it daily, weekly or biweekly, empty your deleted emails as a routine task. If you have Outlook on your mobile devices, you can delete unnecessary emails without needing your computer. I make deleting emails from my phone a regular task while traveling.

If you need to empty an electronic dumpster, we can help you set up and manage the process. If you need to institute a system to manage email across multiple accounts and users, we can help you determine rules that meet your needs and implement a program. Call us – 973-433-6676 – or email us to talk about it.

Cybersecurity Climate Only Getting Worse

The heat is rising fast in the cybersecurity world. At a recent conference in Phoenix, AZ, we saw how the industry’s top hackers and defense experts team up to fight an ever-increasing number of invasion attempts from bad actors around the world. Visiting a cybersecurity war room really opened our eyes.

We were ushered into a huge room, full of screens that hackers and defenders used to monitor traffic. This link, which shows the origins of constant firewall attacks from all around the world, made a huge impression on me. The attacks were detected because they had an invalid format or invalid character. It meant that the hackers probably forgot to change the language they were using to launch the attack.

My takeaway is that if hackers get smarter or pay more attention to details, they can become more lethal. They can use AI (artificial intelligence) to eliminate the need to know English, and that’s scary. For example, as we saw, they can use Chat GPT to create malware with a specific task. It’s only going to get worse as we hit the holiday shopping season.

Helping a client deal with an email hack brought home all the dangers. They thought they had an email hack, which resulted in emails going to their contacts under the guise of coming from them about file sharing in Dropbox. They thought they had it fixed, but the same problem cropped up two weeks later. It had a link to click (always a danger sign when the recipient “trusts” the sender).

As we got into the process of fixing the hack, it involved an apple.com account with a reference to Dropbox. Our efforts were hampered by the difficulty we had getting into accounts to verify that the hackers were using Dropbox to launch bogus email.

Our client could have just ignored the problem, or they could have sent an email to their entire contact list to warn them not to open emails with the Dropbox reference. But my preference and theirs was to get to the root of the problem. You have to know where all the dots and connections are so that you can get ahead of the hackers and shut them out.

We can help you stay secure by auditing your cybersecurity practices and implementing programs to strengthen your defenses. Call us – 973-433-6676 – or email us to discuss your cybersecurity and gain more peace of mind.

Out with the Old, In with the New

As Microsoft winds down its tech support for Windows 10, it’s time to make a plan to migrate to Windows 11 and – if needed – the hardware to run it. It can save you money in the long run when you factor in the cost of support for Windows 10 and the efficiencies you’ll gain.

As most of you know, Windows will only offer security-related tech support for Windows 10, starting next October. It will not upgrade any performance features. Furthermore, the tech support will cost you $30 per year.

We’ve been getting a lot of calls from clients whose hardware is not up to snuff for Windows 11. Your best option, in our opinion, is to have new hardware in place for Windows 11, and as you’ve probably read in our newsletter, it goes beyond just the operating system.

Older hardware and software put software vendors in a bind. They feel a need to protect all their users, and they don’t want to leave technology systems exposed to a breach. Yet at the same time, they need to serve their customers who demand more security and better performance. If not, those customers will look for other software vendors.

Hardware has a shorter shelf life, but hanging on to a device for too long can be a disservice. As most of us work with larger files, possibly in collaboration with other users in real time, the speed and security of data transfers through the cloud has become increasingly more important. We’ve had older computers crash during file transfers, putting data at risk. Data, after all, is your most valuable asset.

We saw that value first-hand when we installed five new computers for a client. During the process, we discovered there were some missing files in obscure locations. They had not been saved to the cloud or backed up. Two of the people getting new computers had issue after issue with transferring files. We had to copy files from their old computers onto another device and then transfer them from the device to the new computers.

When you combine the cloud with software subscriptions and up-to-date hardware, you have data security with system reliability and performance. It’s where technology is heading, and we think you will fall farther behind by waiting to install and maintain new hardware.

If your hardware isn’t compatible with Windows 11, we strongly urge you to start the replacement process. Rome wasn’t built in a day, as the saying goes, but your technology can crash and burn in an instant. Call us – 973-433-6676 – or email us to develop a plan to keep your technology up to date.

Upgrade for Security

Should you upgrade to Windows 11 and get a new computer? Microsoft and an increasingly aggressive, more sophisticated hacking environment are calling the question. For a number of reasons, our answer is a resounding “yes.”

We’ve discussed this before, but we have an increased sense of urgency about upgrading technology to improve your security. Microsoft reports that in 2015, they were detecting around 115 password attacks per second. In 2024, that number has surged 3,378% to more than 4,000 password attacks per second. We need stronger, more comprehensive security approaches than ever before, and we need them across all devices and technologies we use in our lives, both at home and at work.

Microsoft and its hardware partners developed an array of software solutions to harden your security. These solutions rely on brute power to process massive amounts of security protocols and tools to keep out bad actors. Many of these tools use artificial intelligence (AI) to find and implement security measures that require nimble, changing movements, much like you find if you’re a gamer. They also power increasingly sophisticated passkeys (such as facial recognition or other biometrics) or two-factor authentication (2FA).

Windows 11 has the software tools, but they’re either useless or toothless without the hardware to power them. To install or upgrade to Windows 11, devices must meet the following minimum hardware requirements:

  • Processor: 1 gigahertz (GHz) or faster with two or more cores on a compatible 64-bit processor or system on a chip (SoC).
  • Memory: 4 gigabytes (GB) or greater.
  • Storage: 64 GB or greater available disk space.
  • Graphics card: Compatible with DirectX 12 or later, with a WDDM 2.0 driver.
  • System firmware: UEFI, Secure Boot capable.
  • TPM: Trusted Platform Module (TPM) version 2.0.
  • Display: High definition (720p) display, 9″ or greater monitor, 8 bits per color channel.
  • Internet connection: Internet connectivity is necessary to perform updates, and to download and use some features. Windows 11 Home Edition also requires a Microsoft Account to complete device setup on first use.

These are the minimum requirements, and they can change at any time.

Is your computer compatible? If it’s more than three years old, it’s unlikely. Three years has become the lifespan for many machines because the technology changes so quickly and extensively. We recently replaced the personal computers in our family so that we could all take advantage of new computer capabilities. For personal computers, it will be a crapshoot as to how much longer you can safely go online.

For businesses, it can be to your advantage to upgrade your computers before the end of the year – though your tax advisors can give you more precise information. We can only tell you that you need to balance the cost of a new computer against the possible costs of a security breach.

We can help you in several ways.

  • We can evaluate your hardware, especially if you are still running Windows 10, and help you determine if new hardware will be cost-effective for running Windows 11.
  • We can help you select and buy computers and other systems that fit your budgets, and business needs as best as possible.
  • We can configure your new computers and systems to make sure you have the best balance of security and performance.

Call us – 973-433-6676 – or email us for an appointment.