New Device, Same You, New Problem

You’re still the same person you always were, but when you get a new device, you’re a different person as far as some login procedures are concerned. You need to get back to basics in setting up account access. It’s a more acute problem as we do more work outside the office.

We recently got a call from a client who had trouble logging into a work system through a VPN with two-factor authentication (2FA). Nobody had changed any of the login information, so it was all baffling until the client mentioned they had a new phone.

Another client called because they couldn’t get into their email. Again, they had a new phone.

These incidents highlight the good and the bad of multiple authentication steps. The good is that they’re based on the device being used to verify the right of the person to access an account. That means a hacker halfway around the world can’t use their computer to get in. The bad is that you have to take the time to reconfigure all your access info. (Hey, we’re really sorry for the inconvenience.)

Because both cases involved clients with new cell phones, we had to invalidate their old cell phones. We registered one client as a new user and registered a new cell phone number for the other. These are essential steps everyone needs to remember to take as you get new devices.

And because all the 2FA steps in common use are tied to devices, it’s a good idea to make sure your devices require some extra steps to unlock them. Many people use a four- or six-digit PIN, and more people are going to biometrics. While nothing is impossible, even if someone knows your online login info and has your device, they can’t access your accounts if they can’t unlock the device.

If you or your employees are getting new devices, we can help you make sure that they have access to email and online accounts and protect them from unauthorized users. The process isn’t difficult, but it does involve diligence to check all the boxes in the setup process. Call us – 973-433-6676 – or email us if you have questions or need help in going through the process.

Making ‘Work from Home’ Work

As the “shelter-in-place” orders rapidly clamped down on our mobility, the massive and sudden shift in how we worked forced employers and employees to scramble. Equipment and security became the key issues to address.

Most of the equipment issues our clients faced revolved around laptop computers. Because of last year’s chip shortage, computer manufacturers were already behind in building enough machines to meet the market’s needs. Those needs shot up as COVID-19 hit, making computers as scarce as toilet paper. Simply, there are just not enough business-grade laptops to go around. In some cases, our clients have gone to consumer electronics stores to buy home-use laptops for employees and have us set them up.

In our view, that’s better than just having employees use their personal devices to log onto a business network and access files and apps. Unless an employer knows exactly how a computer is set up for security and how secure the employee’s home network is, that employer is rolling the dice.

Many employers have VPNs (virtual private networks) to protect the security of computing from the office to their servers or cloud servers. But that only covers the traffic between their covered computers and the server. Those who regularly work remotely use the VPN, but their computers and devices should have security measures installed, and the users should have been trained in internet security.

When your employee sets up a computer or device at home and logs into your network, here’s the worst-case scenario. Your employee may not have up-to-date anti-virus and malware protection software installed and running. Your employee may not have an adequate firewall – or any firewall – installed and running. Your employee may not have a secure Wi-Fi network. If your employee’s security system is like Swiss cheese, you can be sure a hacker will find a way to tunnel into your corporate data.

Fortunately, we have found a workaround.

Working with your employees, we can install VPNs and we use your ISP’s (internet service provider) IP address as an external IP address when your employee logs into your work network from home. That helps keep the connection secure. Then, we use Microsoft’s Remote Desktop to connect the home computer to your office network and the employee’s office computer. That allows employees to work just like they were in the office.

The keys to making this workaround successful are making sure that all the office computers are on and that someone can monitor the office computer system to make sure everything is functioning properly.

If you haven’t taken these steps yet, call us – 973-433-6676 – or email us to schedule the work and to run through a checklist of things to be done before we begin.