It’s Time to be Authentic

Getting a text (SMS) code to verify your access to a website is becoming increasingly vulnerable because of SIM swapping. It’s essentially a way for a hacker to “borrow” your mobile phone number without you ever knowing it – until you suffer the consequences. It’s time to use a better authentication method.

One of our clients was victimized by SIM swapping. We suspected a problem when none of their cellular devices worked. They used a family member’s phone to call us about the problem. We told them to get to the Apple Store immediately to buy new devices and bring them directly to us – without opening any boxes. Using special tools, we were able to set up all their devices securely, but the damage had been done.

How does SIM swapping work? It requires a fraudster to convince a mobile carrier to transfer your phone number to a SIM card they control. With your phone number, the attacker can intercept one-time passcodes and two-factor authentication (2FA) codes sent via text message, allowing them to gain access to bank accounts, which they can quickly drain, and social media and other sensitive online services.

The SIM swappers usually get your information through phishing expeditions, which are designed to trick you into revealing details like birthdates, full names, and addresses. Then, they pretend to be the account holder and claim their SIM card is lost or damaged, and they request to have your number “ported” to a new SIM card, which they have in their phone. Conceivably, they can access your bank account if your 2FA is a text message, clean you out, and wipe the SIM from their phone. You’ll only notice it when your phone doesn’t work – at which point you’ll contact your carrier, who will issue you a new SIM card.

You can prevent SIM swapping by not using SMS or text as an authentication method. Our recommendation is to use an authenticator app, such as Microsoft Authenticator or Google Authenticator. If you are signing into a website from your computer, the authenticator will send a code to your phone, and you’ll enter the code from your computer.

This is one area we strongly urge you to avoid shortcuts. There are a lot of authenticator apps available, but Microsoft and Google have a lot at stake in your security. Both have huge customer bases and publish a lot of apps.

An alternative to an authenticator app is a biometric, such as facial recognition (iPhones and other Apple devices) or a thumbprint (Android phones). As with an authenticator app, these measures are device-specific.

We can help you set up both an authenticator app and biometric authentication to replace an SMS message. Call us – 973-433-6676 – or email us to talk about it.

Computer or Tablet?

Our world is changing fast. Computing and business experts tell us that by 2028, the cloud will be a necessity. AI (artificial intelligence) will have us using so much data that only the cloud will handle the workload. We’ll need more computing power, but at the same time, we’re demanding the ability to access that data quickly and from anywhere – even while traveling. Tablets are looking more and more like replacements for laptops.

We’ve seen a steady switch to smaller devices with greater portability. From being tied to desktop computers that were impossible to move, we increased our mobility when we found ways to access our stationary laptops with an internet connection. Using a laptop, we could essentially access our apps and files and modify them – or even create new files – and find everything up to date when we returned to our desks. The penalty was speed, but it wasn’t a prohibitive penalty.

The next step in the progression was to hook our laptops into docking stations, a step that still works for many who work in the office and remotely. You could have your big monitor and a regular keyboard in the office, but you could use the same computer – with all the same apps and files – working at home or in a hotel room.

The power of tablets and cell phones combined with the expansion of the cloud has made it possible to work on the road without a computer. A vast number of business applications have versions for computers and mobile devices, and you actually can access and edit files with a lightweight device that’s easy to carry outside the office. The newest tablets and phones actually have more powerful processors than many laptops still in use because the mobile devices contain NPUs, Neural Processing Units, that give you faster processing and better photo/video capabilities.

So, as you decide what platform to use as your main computing device, you have a lot of options. Your choice will depend on how you work, and it’s a personal decision for every user.

Computers, on one hand, give you better multitasking capability. You can keep multiple files and web browsing windows open at one time on multiple screens and monitors. It’s a lot easier to move among all those apps and views on multiple screens than it is on a single mobile device screen.

Mobile devices, on the other hand, can process data, including photo and video files, faster, and if you need to work on an Excel, Word, or PowerPoint file, you can tie your device to a portable keyboard. But you can’t use multiple screens. That may be outweighed by the ability to carry a cell phone in your pocket or pocketbook or carry a tablet (and keyboard) in a small backpack. Road warriors, field workers and anyone who needs to access data away from a desk will appreciate this.

If you need to work in public places, you should use a tablet that can work on a cellular network just like your phone. I will never tell you unequivocally that a cellular connection is hack-proof, but it is far more secure than a Wi-Fi network. With the availability of unlimited-data cellular plans, it doesn’t make sense to rely on Wi-Fi in the US.

If your PC has an eSIM, you might be able to add your device to your current mobile account by using the Mobile Plans app in Windows 10 (not available in all computers) and 11. The app connects you to your mobile operator’s website so you can get a data plan for your device and connect to their cellular network.

Whatever devices you use, make sure your operating system (OS) software and apps are up to date. If your device can’t accommodate the latest OS and app software, we urge you to replace the device. Keep in mind the realities of today’s technology environment and how it will change in the near future:

  • We will be making more use of the cloud. By 2028, the vast amounts of data needed to work with AI will require cloud storage because it will be the way to meet your capacity needs.
  • Your device must be capable of processing more data faster to work with AI.
  • Your device must be capable of using the latest security technology. Cybercriminals are spending big money to find a hole in your system – in hopes it will lead them to holes in bigger systems.
  • Remember the number 244. That’s how many days it takes on average to detect a security breach. You can best protect your system by being well-prepared and vigilant.

We can help you choose and configure the devices that best fit the individual needs and corporate needs of everyone in your organization to maximize performance and security. Call us – 973-433-6676 – or email us to set up an appointment to discuss your needs and available options and costs.