Blog

September 23rd, 2016

2016september23_microsoftwindowsnewsandtips_bRegardless of the app, platform, or operating system, digital notifications are a tricky business. Our devices are overcrowded with software of varying importance, and without proper customization the stream of information can become overwhelming. Thankfully, Windows 10’s action center is built atop a solid foundation -- it just needs a bit of help. If Windows notifications are driving you up a wall, try out the three steps we’ve listed here to get them under your thumb.

Overarching action center settings

The place to start is customizing system-wide notifications settings. To view these, click on the Cortana icon on your taskbar, type ‘Notifications,’ and click ‘Notifications & actions settings.’ From here you can turn off alerts entirely, adjust those on the lock screen, or customize the alerts for core functions such as alarms and incoming calls.

Settings for individual applications

If you’re interested in taking a far more nuanced approach to your notifications, there are options to create rules on an app-by-app basis. At the bottom of the ‘Notifications & actions settings’ screen is a section titled ‘Get notifications from these senders.’ At first glance it may look as though you can only turn alerts completely off or on for these apps, but that’s not the case.

By clicking on any of the items in this list, you can open a new window full of more graded notifications options. From here, users can specify lock screen, sound, and priority settings for individual software.

Closing the blinds

For users who have no interest whatsoever in the Windows 10 action center, there is a way to banish it entirely. Open Cortana again and search ‘Notification area.’ Halfway down the page, click the menu titled ‘Turn system icons on or off.’ Toggling the Action Center option (third from the bottom) allows you to remove the icon from your taskbar altogether.

While you’re at it, why not take this philosophy one step further? Click the back arrow to return to the ‘Notification area’ window and this time choose ‘Select which icons appear on the taskbar.’ Here you can choose which apps to remove from your taskbar entirely, eliminating any annoying icons that change to alert you of distracting notifications.

Everyone is different. If artists have tools unique to their style, why shouldn’t the tools of your trade be tailored to your preferences? Our paintbrush is technology, and we’d love to show you how we work by helping you achieve new levels of productivity and efficiency on your Windows machine. Get in touch with us today to speak with one of our tech-savvy specialists about your technology goals.

Published with permission from TechAdvisory.org. Source.

Topic Windows
September 21st, 2016

2016september21_security_bEveryone hates jargon. It’s ostracizing and off-putting, but somehow we just keep creating more and more of it. For those who have adopted an “if you can’t beat ‘em, join ‘em” philosophy, we have just the list for you. Let’s take a look at some of the most relevant cybersecurity terms making the rounds today.

Malware

For a long time, the phrase ‘computer virus’ was misappropriated as a term to define every type of attack that intended to harm or hurt your computers and networks. A virus is actually a specific type of attack, or malware. Whereas a virus is designed to replicate itself, any software created for the purpose of destroying or unfairly accessing networks and data should be referred to as a type of malware.

Ransomware

Don’t let all the other words ending in ‘ware’ confuse you; they are all just subcategories of malware. Currently, one of the most popular of these is ‘ransomware,’ which encrypts valuable data until a ransom is paid for its return.

Intrusion Protection System

There are several ways to safeguard your network from malware, but intrusion protection systems (IPSs) are quickly becoming one of the non-negotiables. IPSs sit inside of your company’s firewall and look for suspicious and malicious activity that can be halted before it can deploy an exploit or take advantage of a known vulnerability.

Social Engineering

Not all types of malware rely solely on fancy computer programming. While the exact statistics are quite difficult to pin down, experts agree that the majority of attacks require some form of what is called ‘social engineering’ to be successful. Social engineering is the act of tricking people, rather than computers, into revealing sensitive or guarded information. Complicated software is totally unnecessary if you can just convince potential victims that you’re a security professional who needs their password to secure their account.

Phishing

Despite often relying on face-to-face interactions, social engineering does occasionally employ more technical methods. Phishing is the act of creating an application or website that impersonates a trustworthy, and often well-known business in an attempt to elicit confidential information. Just because you received an email that says it’s from the IRS doesn’t mean it should be taken at face value -- always verify the source of any service requesting your sensitive data.

Anti-virus

Anti-virus software is often misunderstood as a way to comprehensively secure your computers and workstations. These applications are just one piece of the cybersecurity puzzle and can only scan the drives on which they are installed for signs of well known malware variants.

Zero-day attacks

Malware is most dangerous when it has been released but not yet discovered by cybersecurity experts. When a vulnerability is found within a piece of software, vendors will release an update to amend the gap in security. However, if cyber attackers release a piece of malware that has never been seen before, and if that malware exploits one of these holes before the vulnerability is addressed, it is called a zero-day attack.

Patch

When software developers discover a security vulnerability in their programming, they usually release a small file to update and ‘patch’ this gap. Patches are essential to keeping your network secure from the vultures lurking on the internet. By checking for and installing patches as often as possible, you keep your software protected from the latest advances in malware.

Redundant data

When anti-virus software, patches, and intrusion detection fail to keep your information secure, there’s only one thing that will: quarantined off-site storage. Duplicating your data offline and storing it somewhere other than your business’s workspace ensures that if there is a malware infection, you’re equipped with backups.

We aren’t just creating a glossary of cyber security terms; every day, we’re writing a new chapter to the history of this ever-evolving industry. And no matter what you might think, we are available to impart that knowledge on anyone who comes knocking. Get in touch with us today and find out for yourself.

Published with permission from TechAdvisory.org. Source.

Topic Security
September 20th, 2016

2016september20_hardware_bThe term ‘hard’ in hard drive shouldn’t refer to the difficulty many experience when they set out looking for a new one. It’s hard to deny the importance that hard drives still have to computers of all shapes, sizes, and operating systems -- but like the elusive concept of soulmates, how do we know which one is right for us? We’ve put together a list of five things you should take into consideration prior to buying new hardware.

Hard Disk Drive VS. Solid State Drive

Firstly, you have to know which type of data storage you plan to use: Hard Disk Drive (HDD) or Solid State Drive (SSD).Capabilities of HDDs are on par with SSDs -- but that doesn’t mean there aren’t any pros and cons. An SSD is a type of drive that uses flash memory for storing data, as opposed to spinning metal disks found in the traditional HDD -- think of it like an extra large USB thumb drive.

On the upside, SSDs are faster at reading and writing data. They require less energy, are silent, and generally have longer lifespans. Downsides include small data capacities and a heftier price tag. It all boils down to what you're going to your needs. Go for HDDs if you have budget restrictions or are looking for a backup/external drive; go for SSDs if the drive will run frequently-accessed files and programs.

Physical size and interface

After deciding between an HDD or SSD, you now have to choose a form factor. Luckily there are only two choices: the 3.5-inch drive and the 2.5-inch drive. The right one will likely depend on your current setup. With traditional HDDS, data is stored on spinning metal disks, meaning that more disks will be needed to expand data capacity. Because of this, desktop HDDs tend to be 3.5 inches with a maximum capacity of 4 TB, whereas laptops are 2.5 inches with a maximum capacity of 2 TB. SSDs are made smaller since they don’t require any removable parts, meaning they’ll fit easily into the 2.5-inch form factor. Adapters are available if you need to use the SSD in a 3.5-inch connector.

Specifications and performance

Now that you know what kind of drive to buy, it’s time to narrow down the candidates and find the best one that suits your needs. Here are some factors you need to consider:
  • Storage capacity - HDDs come in various sizes, but due to physical limitations, they cap off at 4 TB. Whereas SSDs are much smaller and doesn’t exceed the 1 TB mark - some consumer-level SSDs rarely exceed 512GB.
  • Transfer speed - Performance of consumer-level HDDs are determined by multiple factors, and revolutions per minute (RPM) is an important one. Higher RPM means faster data transfer between drives.
  • Cache space - If a hard disk needs to transfer data from one section to another, a special area of embedded memory known as the cache is utilized. Larger cache enables data to be transferred faster (because more information can be stored at one time). Modern HDDs have cache sizes ranging from 8-12 MB.
  • Access times - HDDs have a couple of factors that impact their performance. One is the time it takes for the reader to start reading or writing data from the drive. For SSDs, you want to look for sequential read and write speeds (also known as sustained reading and writing speeds). Just as long as the speeds are within the SATA connector’s max speed, you'll be fine.
  • Failure rate - Though all things mechanical gradually wear and tear over time, not all HDDs are the same. Some models last six months where others make it past six years. You must do adequate research on a per-model basis before making a purchase.

External VS. Internal

The final step is to decide whether you want the hard drive to reside within of if it will get its own compartment outside. External drives are ideal for storage and backup purposes; they generally connect with a USB 2.0 that caps out at 480Mb/s -- newer models that support USB 3.0 boasts a max of 5.0Gb/s. Unless the model you get is USB 3.0 compatible, the speed will likely be insufficient when it comes to running an operating system.

Speed issues aside, they’re portable and can be shared with multiple computers. They can even be plugged into TVs and media centers for direct playback. If portability falls second to speed, or if your current system lacks a working data drive, internal is the best choice.

Now that you’re armed with the necessary information, buying your next hardware should be a pleasant experience, like a walk in the park. If you have further questions or would like to know more, feel free to contact us by phone or email; we’re more than happy to help.

Published with permission from TechAdvisory.org. Source.

Topic Hardware
September 14th, 2016

2016september14_businesscontinuity_bCompanies can pay a hefty sum if they ever experience any downtime. In fact, Delta Air Lines had a bad bout of severe downtime just last month. In just three days, the airline company cancelled 2300 scheduled flights and suffered $150 million in income loss. That doesn’t even account for the considerable reputational damage from delayed service. So how do you avoid sharing the same, expensive fate? Here are some valuable business continuity lessons we can all learn from Delta’s IT outage.

Strive for 100% redundancy According to Delta’s chief information officer, a power failure caused the company’s data center to crash, grounding thousands of would-be passengers. Although power was restored six hours after the incident, critical systems and network equipment failed to switch to a secondary site, corrupting valuable data in the process. And while some systems failed over, other vital applications didn’t; this created bottlenecks, decreased revenue, and diminished customers’ confidence.

Delta’s case is a massive wakeup call not just for the airline industry but for every business -- large and small. Companies must implement disaster recovery plans for their data centers, on-site technology, and Cloud applications to continue servicing customers while fixing the main issue with their primary systems. Companies also need to get rid of the false notion that redundancy plans to assure service continuity is restricted to larger corporations. DR and business continuity solutions are extremely affordable today, and a partnership with a provider can help you in more ways than one (more on this later).

Always test your backups

So although Delta had a plan to bring its business back to normalcy, the DR plan left a lot to be desired in practice. This begs the question as to whether the airline company is actually testing, reviewing, and reinforcing its vulnerabilities to different disasters.

The point is that even though your company may have a failover protocol in place, that protocol adds no value to your business unless it has been rigorously tried and tested. In order to avoid the same fate as Delta, make sure to find out whether your disaster recovery plan is capable of running mission-critical applications like email and customer service applications before -- not after -- downtime occurs.

Account for different types of vulnerability

In an interview with the Associated Press, Delta CEO Ed Bastian said, “We did not believe, by any means, that we had this type of vulnerability.” Indeed, it’s often hard to foresee what threats and vulnerabilities a natural disaster, power outage, or hacker can produce. But it’s not impossible.

By conducting a comprehensive audit of your data center security and disaster protocols, your business will be more aware and adept at minimizing the risk of potential disasters. This also means evaluating and preparing for disasters that are likely to happen to your business depending on its geographic location. Southern US, for instance, is prone to hurricanes and flooding.

Call for help

These lessons and strategies are all crucially important, but pulling off a DR and business continuity solution on your own may be difficult. For this reason, it’s critical to have a planned partnership with a managed services provider that can assess, plan, test and install the continuity solutions your business needs in order to minimize the impact and avoid encountering a Delta IT outage of your own.

To find out more about business continuity and guaranteeing complete IT redundancy, contact us today.

Published with permission from TechAdvisory.org. Source.

Topic Business
September 13th, 2016

2016september13_office_bIt’s normal for us to utilize whatever tools we can to make things a little easier. Wanting to use tech to make presentations easier to understand is no exception. Although Microsoft PowerPoint can help you through the daunting task of speaking in public, that isn’t always the case. If your slides distract the audience from what you’re trying to say, or if they decide to throw a technical fit and malfunction half-way through, it’s best that you take a look at the following tips:

Start slideshows instantly

The audience doesn’t want to see the speaker’s cluttered desktop or unread emails as the PowerPoint presentation is being set up. Simply name the file with a .PPS or .PPSX file extension and voilà! Bypass the editing mode and start the show with a double click and end it with the Esc key.

Pull back the focus with Blackouts and Whiteouts

Audience members have the tendency to lose focus or drift away when presentations are longer than usual. If you suspect audience members are starting to lose focus, hit the B key for a complete blackout or the W key for a total whiteout. Then hit any key or click the mouse to return to the slides - this technique helps get the eyes back on you, where they belong.

Say no to bullet points

Both Steve Jobs and Tim Cook agree that bulleted lists aren’t the ticket. A better way to create lists is to drop each item in one at a time, if possible, next to a big image that is the main focus of your presentation. Don’t forget to talk about each individual list item, but not with bullets.

Insert pictures from Flickr and OneNote

Jazz up presentations by including images or memes that’ll make the audience laugh instead of doze off. Head to the Insert tab and select Online Pictures; you’ll see Office.com Clip Art, Bing Image Search, Flickr, OneNote and even Facebook. The vast pool of online imagery is now at your disposal.

Chart animation

The challenge doesn’t lie in inserting the chart into the presentation, but in making it interesting. Enter chart animation. After inserting the chart, click the Animations tab and activate the Animations pane. From there, click Add Animation. Pick an animated effect. Then, in the Animation Pane where you see the entry for the chart's animation, right click and select Effect Options.

This lets you customize sound and animation timing. But on the final tab—Chart Animation—be sure to change Group Chart from "As One Object" to "By Category." This makes charts display on screen one element at a time as you click, with bars or pieces of pie arriving one after the other, as if each was its own slide.

Kiosk presentations

Kiosk mode simply plays your presentation on a loop without allowing any human intervention or desktop access. This is ideal for trade shows and kiosks that you’d find in malls. Simply click the Slideshow tab > setup Slideshow > and in the dialog box, click next to Browsed at kiosk. Duration, audio, animation and transitions are fully customizable.

Extend music over multiple slides

Why confine your favorite tunes to just one slide? Expand it over the duration of your presentation by clicking on the speaker icon that indicates the embedded audio. Look for the Audio Tools above the tabs on top. Now select the new Playback tab, and in the Start section make sure to check the box for “Play Across Slides.” And presto, the audio is played across the next few slides or until the music runs out.

Duplication

If you are constantly reusing the same element throughout your presentation, the good old Ctrl-C+Ctrl-V is fine, but Duplication is better. Hold Ctrl while you click and drag on the object to create an exact dupe, keep selecting and making dupes and they’ll all space themselves out evenly. You can even dupe entire sets of slides; simply select one or more slides on the left navigation pane, select Insert, click New Slide menu and select Duplicate Selected Slides.

Animate, animate, animate

Any element of a PPT slide is animatable. Choose the element, go to the Animations tab, and at the right end of the Animations Gallery, click the down arrow to get "More." You can choose from many options about how an element appears, gets emphasis, or disappears—but for animated motion, go to the fourth section. If you pick Custom Path, you can get the object to do just about any wild motions you want on the screen before it settles down. Keep in mind that you don’t want an audience with motion sickness. PowerPoint presentations are complicated -- that’s a fact. So is how effective it becomes once utilized properly. If you have any further questions regarding our tips or how to execute them, please feel free to give us a call or send us an email. We’re more than happy to answer all of your questions.
Published with permission from TechAdvisory.org. Source.

Topic office
September 12th, 2016

2016september12_iphone_bAlthough they may not garner the fervor of hardware releases and refreshes, iOS updates still manage to bring even the most casual of iPhone and iPad users out of the woodwork. Those who were willing to brave the bugs of Apple’s beta got a chance to play with the most recent version of the mobile platform, but the rest of us have been patiently awaiting its release. The time has finally come. Let’s take a closer look at iOS 10’s release details.

In keeping with its yearly mid-September schedule, the next update to iOS will be released on September 13th around noon (depending on your time zone). Before updating, it’s a smart idea to begin charging your phone and connect to a wireless network. Once you’re all set for the lengthy download and installation, go to your Settings dashboard, then tap General, and finally Software Update. This screen will give you detailed information on the latest update and the option to ‘Download and Install.’

As we’ve seen in the past, not all Apple devices can handle the RAM-hungry features of a new operating system. If you’re still holding onto any iPhone model older than the iPhone 5, you won’t be able to download the update. Unfortunately, the same goes for the original iPad Mini and the Retina/third-generation iPads. And although they’re not too common nowadays, the sixth generation iPod Touch will get iOS 10, while anything older will not.

We’d be remiss if we didn’t warn our readers, however; just because your device is eligible doesn’t mean updating it is the best idea. Older hardware wasn’t designed with the requirements of current software in mind, and updating may result in a significant slowdown of your phone or tablet. Furthermore, despite going through a beta stage, there’s no guarantee that all the bugs have been worked out of the system yet. We recommend waiting a day or two until Apple’s servers aren’t overburdened and other users have had a chance to suss out any problems.

Something as simple as updating your phone can become immensely frustrating if you’re not fully prepared. And despite what you may think, no task is too small for us to consider. If you think helping you update your phone, or even just configuring it to receive work emails is too mundane for your neighborhood managed services provider -- think again. Stop searching for the iOS update menu and call us today.

Published with permission from TechAdvisory.org. Source.

Topic apple
September 8th, 2016

2016september8_virtualization_bUntil now, virtualization hadn’t been targeted by cyber attackers with the same vigor as other small- and medium-sized business IT solutions. Whether it was because of the inherent security of virtualization or because of the relatively narrow scope of its adoption, this is no longer the case. VMware, one of the leading virtualization software vendors, released a vital patch to a number of their products to combat unauthorized users attempting to gain undeserved privileges. Keep reading for an update on how it affects you.

Since its first software release in 2001, VMware has remained the leading provider of virtualization platforms, with most sources estimating double-digit leads in market share over the nearest competitor. By creating virtual environments stored on a network server or in a cloud environment, the company has given their clients the ability to create workstations, software, and even networks that can be utilized remotely. Fast forward to today, and VMware is working overtime to maintain its reputation by preempting software security vulnerabilities.

Obviously, when delivering any kind of specialized privileges over a network, adequate protection is of the utmost concern. In this case, two services for managing mobile clouds (vIDM and vRealize) were found to be vulnerable to exploits wherein users with minimal rights could cheat their way into full administrative privileges.

The security team at VMware elaborated that when executed in just one of the two services, this flaw would not be considered critical. However, when combined, it could pose an imminent threat to the security of your cloud infrastructure. To amend this oversight, ask your managed services provider or IT staff to update vIDM and vRealize to their most recent versions (2.7 and 7.1, respectively) as soon as possible. If this can’t be achieved in a realistic time frame, blocking port 40002 would act as a temporary workaround.

Sufficient security requires by-the-minute responses to the latest breaches and exploits. By partnering with us, you’ll never need to worry about checking in regarding patches or breaches you read about in the news. Instead, you’ll be hearing about them from us when we come around to install the updates. Choose the safe option -- contact us today with any of your virtualization needs or questions.

Published with permission from TechAdvisory.org. Source.

September 7th, 2016

2016September7_MicrosoftWindowsNewsAndTips_BUnlike those who attend Hogwarts, magicians rely mainly on subtle sleight of hand to convince others that they managed to make coins disappear into thin air. The same concept applies to ransomware. How can it complete its mission in a suit labeled with the word “Villain”? Nowadays, ransomware fashions various disguises that render it undetectable. A case in point is Fantom -- here are some of the reasons why you should steer clear of this technological spook.

AVG security researcher Jakub Kroustek recently spotted Fantom coded atop an EDA2, a ransomware-building kit that was open-sourced but eventually taken down. EDA2 contained certain flaws that allowed researchers to obtain decryption keys from its C&C server, yet these flaws have since disappeared, indicating that Fantom coders might have found and fixed them before anyone else had a chance to.

Very little is known as to how Fantom is distributed. As for the method of deployment, cybercriminals plant the file onto the target’s computer via spam email or exploit kits. Fantom-infected files are named criticalupdate01.exe; they utilize a “Windows Security Update” to prompt targets into running the file.

After activation, the ransomware starts by locking the user’s screen while displaying fake Windows Update graphics, complete with a fully-functioning percentage-based loading timer that mirrors the original Windows Update screen. However, beneath this pleasant facade, Fantom is encrypting your files right before your eyes. Luckily, the temporary lock screen is removable before it reaches 100% -- simply press CTRL+F4. Unfortunately, the encryption process remains intact.

The MalwareHunterTeam states, “The ransomware uses classic ransomware encryption by locking files using an AES-128 key and then encrypting this key with a dual RSA key, with the private key stored on the crook's server, and a public key left on the user's PC.”

In order to retrieve the private key to unlock your files, you must contact the perpetrators by email. The email address is listed in the ransom note that appears after the process of encryption is complete. Fantom displays ransom notes in the form of HTML and TXT files, while changing the user’s desktop with a custom screenshot that lists the contact details. Lastly, after completing all its operations, Fantom cleans after itself by running two batch scripts wiping all the installation files clean.

Ransomware isn’t new, but the ways that cybercriminals utilize them are. Who would’ve thought that the ever so familiar Windows Update window has fallen prey to malicious intent? Pretend that you’re the Little Red Riding Hood and that the wolf is the ransomware that cybercriminals have disguised as your grandmother. They no longer wait to trap you, instead, they wait for you to walk straight into one instead.

The issue of ransomware is as extensive as it is meticulous. If you have any questions about Fantom or would like to request more information, feel free to get in touch with us! Give us a call or send us an email. Our dedicated staff are more than happy to help.

Published with permission from TechAdvisory.org. Source.

Topic Windows
September 5th, 2016

2016September5_HealthcareArticles_BIs being responsible for electronic medical records a daily source of trepidation for you or your business? While the sentiment is understandable, it often results from a lack of understanding about what HIPAA compliance actually means. As industry-wide penalties continue to rise every year, it’s essential to take a closer look at who is being fined, and why. Keep reading for more details on the most recent case.

As the largest fully integrated healthcare system in Illinois, Advocate Health Care Network’s mismanagement of electronic medical records (EMR) came as quite a shock. Regardless of your feelings on such a sizable provider being unable to maintain secure EMRs, what can’t be argued is the precedent set by last month’s $5.5-million settlement.

How exactly did it come to such a historic penalty? The answer is threefold. Firstly, Advocate failed to perform the risk assessments mandated by HIPAA regulations -- an oversight that could have potentially prevented the other two infractions. Secondly, Chicago’s premier healthcare network failed to obtain proper written agreements with each of the business partners who had access to its data, which may have gone unnoticed if one of its associates had not been the subject of a security breach.

The final infraction, and arguably the most directly relevant to Advocate’s internal security policies, was the unsatisfactory safeguards in place on two stolen laptops with confidential medical information. While the breach of its business partner’s network only put 2,000 EMRs at risk, the stolen computers had access to almost 4 million.

So, if you’re tired of vague platitudes about ‘penalties for lax data compliance’ or the ‘liability risks of mediocre security,’ this is your answer: inadequate preventative measures, unfit business partners, and poor internal security protocols can spell millions in damages. Unfortunately, this isn’t just an aberrant case -- the total punitive damages for HIPAA noncompliance in 2015 totaled $6.2 million; after just over eight months into 2016, they currently stand at $20.3 million.

Keep your company’s name off the growing list of companies that didn’t have suitable systems in place when it mattered most. Our EMR management practices provide a full suite of care for your data records; from prevention to end-point security, your information is safe with us. Our proficiency in the healthcare IT industry spans a wide variety of experiences and know-how. Contact us today. We’d love to tell you all about it.

Published with permission from TechAdvisory.org. Source.

Topic Healthcare
September 2nd, 2016

2016September2_Security_BIn 2012, cloud storage firm Dropbox was hacked with over two-thirds of its users’ details dumped all over the internet. While the company initially thought a collection of email addresses was the only thing stolen, it was wrong -- passwords had been compromised as well. This new information came to light when the database was picked up by a security notification service. So if you were using Dropbox before the incident and haven’t changed your password since, you should do so right away.

Despite the unfortunate incident, Dropbox has implemented a thorough threat-monitoring analysis and investigation, and has found no indication that user accounts were improperly accessed. However, this doesn’t mean you’re 100 percent in the clear.

What you need to do

As a precaution, Dropbox has emailed all users believed to have been affected by the security breach, and completed a password-reset for them. This ensures that even if these passwords had been cracked, they couldn’t be used to access Dropbox accounts. However, if you signed up for the platform prior to mid-2012 and haven’t updated your password since, you’ll be prompted to do so the next time you sign in. All you have to do is choose a new password that meets Dropbox's minimum security requirements, a task assisted by their “strength meter.” The company also recommends using its two-step authentication feature when you reset your password.

Apart from that, if you used your Dropbox password on other sites before mid-2012 -- whether for Facebook, YouTube or any other online platform -- you should change your password on those services as well. Since most of us reuse passwords, the first thing any hacker does after acquiring stolen passwords is try them on the most popular account-based sites.

Dropbox’s ongoing security practices

Dropbox’s security team is working to improve its monitoring process for compromises, abuses, and suspicious activities. It has also implemented a broad set of controls, including independent security audits and certifications, threat intelligence, and bug bounties for white hat hackers. Bug bounties is a program whereby Dropbox provides monetary rewards, from $216 up to $10,000, to people who report vulnerabilities before malicious hackers can exploit them. Not only that, but the company has also built open-source tools such as zxcvbn, a password strength estimator, and bcrypt, a password hashing function to ensure that a similar breach doesn’t happen again.

To learn more about keeping your online accounts secure, or about how you can protect your business from today’s increasing cyber threats, give us a call and we’ll be happy to help.

Published with permission from TechAdvisory.org. Source.

Topic Security