Cybersecurity Keeps Them Awake at Night

“What keeps you awake at night?” That’s a question that seems to come up at many a business networking group when someone begins to offer a solution to a problem they can solve. If you’re a CEO at a major corporation, the answer to that question is: cybersecurity.

Internet systems are more complex, and complexity leads to more risks. It’s become a boardroom issue, and the most concerning part of the problem should be the increased time it takes to find a system intrusion. It now takes 292 days – more than nine months – to discover a breach.

Part of the problem is the size and complexity of large corporate networks. They have thousands of endpoints, and it’s become harder to spot anomalies and deploy patches. While our clients typically don’t have large, sprawling networks, we all interact on the corporate or personal level with large global networks for just about everything we do.

Other parts of the problem are that companies may take too long to investigate the breach, and then they need time to develop a plan to patch it. That time is directly related to the network’s size and complexity. If a company doesn’t have a continuous monitoring plan (yes, it’s hard to believe a large company wouldn’t have one), it also extends the time to discover a breach.

Two other reasons are:

  1. Hackers have better stealth tools to invade a network. Once they’re in undetected, they can take their time to look at all of their victim’s data to see what’s best to monetize.
  2. Hackers can steal login credentials and hang around a system for a long time until they’re detected.

Companies that can detect intrusions in less than 100 days can save $1 million in containment costs. But they may not be as motivated as you are to protect your network and the people they serve.

Here are some things you can do right away:

  1. Make sure you have strong passwords for every account you and your employees and family members have.
  2. Insist on using passkeys or some other form of two-factor authentication (2FA) wherever possible. A good authenticator should be device-specific and tied to a device that’s always with the user.
  3. Make sure all your software (operating systems and apps) and firmware (hardware systems) is up to date.
  4. Have an easily accessible list of your key usernames and passwords for emergency use.

Microsoft is making strides in a couple of areas. The company introduced passkey support across most of its consumer apps a year ago, allowing you to sign into your account without the need for 2FA methods or remembering long passwords. Today, it’s encouraging all new signups to use passkeys as it removes passwords as the default.

Windows Hello allows users to securely sign in to their accounts with their face, fingerprint, or PIN. Today, more than 99 percent of users sign into their Windows devices using Hello. The company reports that 98 percent of passkey attempts to login are successful; passwords are only 32 percent successful.

To help keep all your software up to date, Microsoft is developing an update orchestration platform designed to unify the updating system for all apps, drivers, and system components on Windows systems. Right now, it’s aimed at developers and IT product teams. The goal is to run an update scan tool that will queue downloads and updates at optimal times. We’ll see if they can actually make it work.

That’s in the future. For the here and now, we recommend you contact us for a security audit. It’s something you should do annually to make sure you’ve taken the four steps we enumerated above. At the very least you can strengthen your own systems before the big guys know they were breached. Call us – 973-433-6676 – or email us for an appointment.

Pass the Key, Please

If you’re sick and tired of managing passwords (see our article Take the Time to Do the Right Thing), take a new look at using passkeys and forget about the hassle. A passkey is a pair of cryptography keys generated by your device. A public key and a private key combine to create a passkey that unlocks your account. They may take some getting used to, but the security boost will be well worth the effort.

Microsoft is encouraging everyone to use a passkey when they sign up for a new account, and they’re moving away from the default of passwords for all new accounts allowing you to ditch them altogether. Just as a related side note, when you create a Microsoft account, do not create a local passkey. It will only work on the device you used to create the account, and that will defeat the purpose of being able to sign in from anywhere on any device.

A passkey is a pair of cryptography keys generated by your device. A public key and a private key combine to create a passkey that unlocks your account. If you remember going to your safe deposit box at the bank, you had one key in your possession, and you got a key from the bank for your visit. This is an electronic variation of the theme.

Microsoft introduced passkey support across most of its consumer apps a year ago, eliminating the need for two-factor authentication (2FA) or passwords. Now, it’s encouraging all new signs up to use passkeys as it removes passwords as the default. Websites are increasingly allowing you to passkeys for secure access.

Passkeys and password managers are able to work together for the most part. Usually, the device or software generating the passkeys uses a biometric authentication tool, such as FaceID or TouchID, to authenticate your identity. If your password manager is the passkey source, you can log in with your master password. Passkeys are unique to each app or website and stored in a password manager’s vault or your device’s keychain. Passkeys can also sync across devices, making them a convenient choice.

There are some holes in the passkey strategy that you should be aware of. The websites themselves can be the source of weakness in the security chain. Security experts say criminals can easily get around a passkey by stealing users’ validated browser cookies using malware.

While that puts an onus on the websites  to tighten up their operations, you can help protect yourself better. For example, don’t just accept the website’s data privacy settings when a box pops up on a website. Instead, navigate to the “Cookies” or “User Data” sections and choose the shortest available session duration. That way your cookies will expire automatically or whenever you close your browser window. You can also turn off various marketing and targeting cookies.

Again, passkeys take time to set up, and there’s a learning curve to using them effectively. We believe it’s well worth your time to start using them. Call us – 973-433-6676 – or email us to learn more about passkeys – and how they work with password managers. We can help you select and configure passkeys and password managers together and move you up to the next level of online security.

Getting Oversubscribed and Fed up

Our love-hate relationship with Microsoft – and Apple and Google – is coming to a head. Our beef right now focuses on Microsoft and its hard push to get users to adopt the New Outlook. It’s the default for Microsoft 365 subscriptions, and it’s not as feature-rich as the Old Outlook, which Microsoft calls Classic Outlook. Subscription prices are another issue.

Let’s get one issue out of the way. We like subscriptions for application software, such Microsoft 365. They provide regular updates and bug fixes automatically, either periodically or as needed, to make sure you have the latest performance and security features. As we use the cloud more, these updates become a bigger benefit.

Our beef with Microsoft is with the New Outlook. In our opinion, Microsoft is pushing us into a new system that has fewer features than the one it replaced. We recently covered the differences between Old and New Outlook, and we invite you to revisit that article. Microsoft essentially forced us to go with New Outlook before it was ready for prime time. It may be faster, but Microsoft took away many features in the new version. It seems like they made the move for their own convenience, not for the betterment of its customers. They say they will restore some features, but we have to ask why they didn’t get in all the features before they rolled out the new version?

You can go back to the Old Outlook by clicking on the Help tab along the top of your screen and then clicking on Go to Classic. But it’s not a simple toggle-back-and-forth process. It takes some time, which you may not have when trying to get a lot of things done.

You really don’t have a lot of choices. Most organizations are locked into Microsoft 365 for email (Outlook), its suite of Office products (Word, Excel, PowerPoint, etc.), and the collaboration enabled by OneDrive and Teams. Everyone knows how to use the apps, and businesses, non-profits and governments know how to support them, either through internal tech departments, IT consultants or both.

Microsoft knows they have a firm grip. If they maintain the best possible security measures for their customers, they can get away with fewer features to support while raising prices. They’ll add features (and support them) when enough customers kick and scream or when another software provider threatens a piece of their market.

We can help you on the economic side by analyzing all your Microsoft and other application subscriptions to see where we can eliminate duplications of licenses or scale back some to meet your needs more efficiently. There’s no need to be oversubscribed. Call us – 973-433-6676 – or email us to set up an appointment.

New Outlook has Mixed Benefits

Classic Outlook has aged like a good wine, but Microsoft is pushing more users to the New Outlook for managing emails, contacts and calendars. Some features are gone from the New Outlook, and some are hidden.

Deciding whether to hang in with the Classic Outlook or go to the New version depends on how you use the app. However, keep in mind that Microsoft is like Lola. What Microsoft wants, Microsoft eventually gets – and at some point, they’ll stop supporting Classic Outlook to force everyone into New Outlook.

Microsoft touts a more minimalist interface for New Outlook that it says is more in line with Windows 11 and AI and handles email, calendars and contacts better. One of the specific benefits is they claim is the use of AI to help you write better emails, but you can turn off the autofill. They also claim New Outlook can let you access your emails – including Gmail, Yahoo, and even your “shopping account” – from one spot on every Windows device. And you can organize your appointments, share availability and events with a click, and ensure time for important people and events.

However, Microsoft took away a number of key functions that they may or may not restore. These include features involving multiple mailbox accounts and ways in which accounts can be shared from SharePoint. Some “take-aways” are scheduled to be restored, and some are still under investigation. The company says it’s looking for user feedback in deciding what to restore and when that might happen.

Quite honestly, we think this hurts Microsoft’s credibility, but it also shows where all major software companies are headed. They will make changes seemingly on a whim without regard to how those changes affect our ability to maximize our production. Features might come back – or they might not.

Together, we need to be flexible in how we use software such as Outlook, but on the other hand, we can force the issue somewhat. We can look specifically at how you use Outlook and determine what Classic features we may be able to recapture some things that were lost or help you find ways to make better use of New Outlook.

As much as we might yearn for the “good old days” of apps like Classic Outlook, it’s likely we’ll all be using New Outlook sooner rather than later. So, let’s get a head start on adapting to it. Call us – 973-433-66765 – or email us to see how you can bridge the Classic and the New to make Outlook work better for you.

Microsoft’s Outage Issues

Microsoft outages seem to be a regularly occurring event, and that’s a real problem for all of us as we grow even more dependent on technology. The bad news is that the problem won’t get any better. Here’s a look at the industry’s metrics.

From my old help desk days, we followed the “rule of five-nines.” This meant our goal was to be “up” 99.999 percent of the time. Is it attainable? It sounds like a great marketing goal, but the reality is that no global company with the size and scope of Microsoft – or Google or Amazon or anyone else – can be perfect. It doesn’t matter which company you use; their service depends on the reliability of satellites and cables for connections and the power grid to keep them online. As we use online services more extensively, we can strain the capacities of those resources.

According to ThousandEyes Internet and Cloud Intelligence from Cisco, more than 90 percent of the world’s data centers experience outages. Local ISPs (internet service providers) experience the most outages, trailed by CSPs (cloud service providers). Outages increases are attributed to more demand on their infrastructures.

You’re not going to get any better service by switching the companies you use; they all face the same challenges. And they share some challenges with you, and those will be hard to plan for based on the world’s political and economic environment. This is not a political statement; it’s just a clear-eyed look at potential problems. For example, will there be a rush to order new equipment before possible tariffs go into place? Supply and demand issues ahead of any tariff issues will undoubtedly affect prices and inventories.

What can you do? We’ve discussed many of the steps you can take, so let’s put them in perspective.

  • Be backup savvy. Make sure all the data you and your employees use is backed up frequently in multiple places. In addition to backing up data, have battery backup capability so you can save data and close applications. This is more critical for desktop computers; laptops and phones have batteries.
  • Keep all your software up to date. It’s all related. Up-to-date operating systems and apps perform better, and that performance may be the difference in finishing and saving critical data or losing something that will take a long time to recreate or that might be lost forever.
  • Think about replacing computers and other hardware that’s approaching five years of service time. It’s nearly five years since the COVID-19 pandemic, when a lot of companies and individuals bought new hardware to be able to work effectively from remote locations. Five years is about the effective service life of most equipment, and your equipment may be on the same timeline as many other users. Our vendors and distributors have told us to expect shortages just for this reason.

We can help you set up a plan to replace your aging hardware and make sure all the systems you keep have the best prospects of making it through the next year or so. Call us – 973-433-6676 – or email us to discuss your needs.

Windows 10 ‘Support’

We’ve been talking about this for a while. Microsoft will end its support for its workhorse Windows 10 operating system next October. The good news is that the company will provide security patches and bug fixes until October 2026. The bad news is that it will cost you $30 per device. The worse news is that we don’t know how long that support will last – and you won’t get any performance enhancements. Right now, it’s a matter of kicking the can down the road.

The can is called Microsoft’s Extended Security Updates (ESU) Program, and enrollment will open near the end of the current Windows 10 support program in October 2025. It will only cover security updates, and its effectiveness will be limited by Windows 10’s limitations. This is Microsoft’s way of giving in to customer demands to keep Windows 10 alive – at least for now. Older computers can run Windows 10 but may not work with Windows 11.

Thirty bucks a device sounds cheap enough until you look at what you get for your money – and what you don’t get.

The ESUs are just for security updates. You don’t get any new capabilities, performance improvements, or bug fixes that come with the newer software versions. Then, you need to worry about other limitations and risks.

  • You’re still vulnerable to other types of threats, like zero-day exploits or advanced persistent threats.
  • ESUs don’t guarantee compatibility with other software or hardware. Your outdated systems may not work properly with newer applications or devices, leading to productivity and security issues.
  • ESUs can create a false sense of security. Just because you’re getting security patches doesn’t mean your systems are fully protected. Hackers are consistently discovering new ways to exploit vulnerabilities, and outdated software is an easy mark.
  • ESUs can slow down your business and hinder your business growth. Companies get complacent with ESUs, and before they know it, they’re years behind on their technology and struggling to keep up with their competitors.
  • There are no guarantees that Microsoft will continue ESUs or that they will hold the price.

At some point, you may have no other choice than to buy new computers and move to Windows 11. But Microsoft’s ESU for Windows 10 could buy you some time – or let you procrastinate longer. Either way, it’s kicking a bigger, heavier can down the road. Don’t stub your toes. Call us – 973-433-6676 – or email us to discuss your technology footwork.

Out with the Old, In with the New

As Microsoft winds down its tech support for Windows 10, it’s time to make a plan to migrate to Windows 11 and – if needed – the hardware to run it. It can save you money in the long run when you factor in the cost of support for Windows 10 and the efficiencies you’ll gain.

As most of you know, Windows will only offer security-related tech support for Windows 10, starting next October. It will not upgrade any performance features. Furthermore, the tech support will cost you $30 per year.

We’ve been getting a lot of calls from clients whose hardware is not up to snuff for Windows 11. Your best option, in our opinion, is to have new hardware in place for Windows 11, and as you’ve probably read in our newsletter, it goes beyond just the operating system.

Older hardware and software put software vendors in a bind. They feel a need to protect all their users, and they don’t want to leave technology systems exposed to a breach. Yet at the same time, they need to serve their customers who demand more security and better performance. If not, those customers will look for other software vendors.

Hardware has a shorter shelf life, but hanging on to a device for too long can be a disservice. As most of us work with larger files, possibly in collaboration with other users in real time, the speed and security of data transfers through the cloud has become increasingly more important. We’ve had older computers crash during file transfers, putting data at risk. Data, after all, is your most valuable asset.

We saw that value first-hand when we installed five new computers for a client. During the process, we discovered there were some missing files in obscure locations. They had not been saved to the cloud or backed up. Two of the people getting new computers had issue after issue with transferring files. We had to copy files from their old computers onto another device and then transfer them from the device to the new computers.

When you combine the cloud with software subscriptions and up-to-date hardware, you have data security with system reliability and performance. It’s where technology is heading, and we think you will fall farther behind by waiting to install and maintain new hardware.

If your hardware isn’t compatible with Windows 11, we strongly urge you to start the replacement process. Rome wasn’t built in a day, as the saying goes, but your technology can crash and burn in an instant. Call us – 973-433-6676 – or email us to develop a plan to keep your technology up to date.

Upgrade for Security

Should you upgrade to Windows 11 and get a new computer? Microsoft and an increasingly aggressive, more sophisticated hacking environment are calling the question. For a number of reasons, our answer is a resounding “yes.”

We’ve discussed this before, but we have an increased sense of urgency about upgrading technology to improve your security. Microsoft reports that in 2015, they were detecting around 115 password attacks per second. In 2024, that number has surged 3,378% to more than 4,000 password attacks per second. We need stronger, more comprehensive security approaches than ever before, and we need them across all devices and technologies we use in our lives, both at home and at work.

Microsoft and its hardware partners developed an array of software solutions to harden your security. These solutions rely on brute power to process massive amounts of security protocols and tools to keep out bad actors. Many of these tools use artificial intelligence (AI) to find and implement security measures that require nimble, changing movements, much like you find if you’re a gamer. They also power increasingly sophisticated passkeys (such as facial recognition or other biometrics) or two-factor authentication (2FA).

Windows 11 has the software tools, but they’re either useless or toothless without the hardware to power them. To install or upgrade to Windows 11, devices must meet the following minimum hardware requirements:

  • Processor: 1 gigahertz (GHz) or faster with two or more cores on a compatible 64-bit processor or system on a chip (SoC).
  • Memory: 4 gigabytes (GB) or greater.
  • Storage: 64 GB or greater available disk space.
  • Graphics card: Compatible with DirectX 12 or later, with a WDDM 2.0 driver.
  • System firmware: UEFI, Secure Boot capable.
  • TPM: Trusted Platform Module (TPM) version 2.0.
  • Display: High definition (720p) display, 9″ or greater monitor, 8 bits per color channel.
  • Internet connection: Internet connectivity is necessary to perform updates, and to download and use some features. Windows 11 Home Edition also requires a Microsoft Account to complete device setup on first use.

These are the minimum requirements, and they can change at any time.

Is your computer compatible? If it’s more than three years old, it’s unlikely. Three years has become the lifespan for many machines because the technology changes so quickly and extensively. We recently replaced the personal computers in our family so that we could all take advantage of new computer capabilities. For personal computers, it will be a crapshoot as to how much longer you can safely go online.

For businesses, it can be to your advantage to upgrade your computers before the end of the year – though your tax advisors can give you more precise information. We can only tell you that you need to balance the cost of a new computer against the possible costs of a security breach.

We can help you in several ways.

  • We can evaluate your hardware, especially if you are still running Windows 10, and help you determine if new hardware will be cost-effective for running Windows 11.
  • We can help you select and buy computers and other systems that fit your budgets, and business needs as best as possible.
  • We can configure your new computers and systems to make sure you have the best balance of security and performance.

Call us – 973-433-6676 – or email us for an appointment.

Hacked SSNs: What, Me Worry?

With apologies to Alfred E. Neuman, yes, you should worry. But you don’t need to panic, especially if you have Windows 11, a computer with a later-generation chipset and a lot of common sense.

New reports say the hacking group USDoD claimed it had allegedly stolen personal records of 2.9 billion people from National Public Data, according to a class-action lawsuit filed in U.S. District Court in Fort Lauderdale, FL. The breach was believed to have happened in or around April, according to the lawsuit. A class-action law firm said the stolen file includes 277.1 gigabytes of data and includes names, address histories, relatives, and Social Security numbers dating back at least three decades. A post from a cybersecurity expert on X claims the records for citizens of the U.S., U.K., and Canada were sold on the dark web for $3.5 million.

Yes, that’s scary. But it’s not as dire as you think. Security breaches happen all the time because thieves find vulnerabilities in large systems and exploit them. Some thieves steal simply because they can. If they don’t try to use stolen information, you don’t have a problem. But if they do try to use stolen data, they need to know how to defeat whatever aggressive defenses exist at, say, a bank. Often, they fail.

They may try to sell the data, but if there’s no market, the stolen information languishes. If they do sell it, the data might turn out to be outdated. Finally, the buyers may be state actors. If you’re not a likely target of blackmail or in possession of interesting secrets, they may have the goods on you but not want to use them.

All you can do is harden your defenses as best you can.

Set up two-factor authentication for every online account that offers it, or use an authentication app, such as Microsoft Authenticator to secure your online accounts. If thieves haven’t intercepted your email, text messages, or phone, it’s going to be hard for them to break in.

Sign up for account alerts. Depending on your bank or card company, you can set them up for many things, including any charge outside your home country, any (or all) ATM withdrawals, or transactions over a certain amount.

If you get an alert you didn’t expect — or even one you did — don’t click links or call phone numbers in the alert. Instead, log into the account in question and find a contact number there. That will keep thieves from redirecting you to their own operations.

We can answer questions about 2FA, and we can help you set up Microsoft Authenticator. A proper set-up will prevent problems down the line. Call us – 973-433-6676 – or email us for an appointment.

Passkeys Not There…Yet

Passkeys hold a lot of promise in eliminating passwords. They rely on an electronic handshake to allow your device to access a secure website, and many password managers claim to link to passkeys. They’re getting there, but they’re not there yet.

A major hurdle right now is that not all websites recognize the passkeys from password managers. Sometimes, recognition depends on the device. Since most of us have fairly new cell phones, our phones usually have the ability to work with facial recognition, which is a form of a passkey. Older devices may not have the ability to work with this type of technology.

We suspect the move to newer computers – especially as Microsoft ends support for Windows 11 – and the need for better security will speed the drive to make more devices capable of using passkeys.

Why are passkeys secure? They eliminate the need to enter usernames and passwords, both of which are stored on the website you’re trying to access. We know the problems with usernames and passwords: they can be stolen by hackers from the website or your device, they can be forgotten, and we can make them less effective by using simple passwords multiple times so we don’t forget them.

Passkey information is stored on the website and in your device. They are not the same info; they rely on the handshake – sort of like two spies who each know what they need to hear in a phrase. On your device, the most common passkey information is a biometric (facial recognition or fingerprint) or a PIN (personal identification number). Because they are device specific, the system relies on you having your device when you log into the website.

When you combine a passkey with some form of 2FA (two factor authentication), you’re using an access method that has proven reliably secure up to now. Many of the leading password manager programs, such as Dashlane, 1 Password and Bitwarden, can create and store passkeys for you, and both Apple and Android can store their passkeys locally and access them using the keychain app on mobile devices.

Even if you can’t use the passkey with your password manager, you’re still ahead. Remember, with a password manager, you only need to remember a single master password. You can let the password manager generate a long, complex password for each website. That password should be immune from guesses based on any of your personal information.

More websites, too, are using passkeys instead of the username/password duo. As the websites use them more, you will have easier access to more websites, but that comes with a caution. The websites will need to tighten their security, too, to prevent more sophisticated hijackers from getting info from their sites. One of their hacks is to hijack cookies. You can help prevent that by not clicking on “Accept” when the cookie dialog box pops up. Instead, navigate to the “Cookies” or “User Data” sections and choose the shortest available session duration. That way your cookies will expire automatically or whenever you close your browser window.

To expand the conversation about the internet and security, you can apply the same security measures to any device in your office or home that uses the internet or a Wi-Fi network. Printer manufacturers such as HP have created anti-hacking steps, such as entering a PIN, to gain access to the information stored in a printer.

We can help you install and configure password managers and set up effective passkeys and other security measures. Call us – 973-433-6676 – or email us to talk about it.