Mobile Security Suggestions for Employees

Nearly a decade after Bring Your Own Device (BYOD) entered the enterprise environment, cybersecurity leaders still strive to manage the risks.

Employee‑owned devices were responsible for nearly 51% of corporate data breaches in 2017, according to AT&T.

Like desktop and laptop computers, mobile devices (smartphones, tablets) must be secured appropriately to prevent leakage of user/business sensitive information.

Several security aspects that facilitate the mobile device protection are presented as follows:

Avoid Auto-Login Features without Re-confirmation.

Mobile payment services are very common these days. Some mobile apps or web services recommend users to activate features like “remember username” or “remember password”, so that you don’t have to re-enter the password each time you login. In this case, you shouldn’t choose to remember, especially the password, to reduce the risk of unauthorized access and payments in case the device is lost or stolen.

Be careful of phishing scams / social engineering.

Attackers always target sensitive data because by selling it they could generate easy money. Cybercriminals tend to make use of social engineering such as emails, links to attract people to provide personal/business information. Hence, when browsing the Internet, be extra careful not to expose yourself or your organization to potential harmful schemes.

Use a VPN extension for your browser.

A good VPN extension will encrypt your browser traffic so that hackers cannot use sensitive data to get unauthorized access to your accounts. In addition to securing your connection, a VPN browser extension will hide your IP location and allow you to view geoblocked content and bypass censorship from anywhere in the world.

NOTE: Activating a VPN extension may slow down your browser.

Be careful when accessing Public Wi-Fi / Wireless Access Points.

As you probably know, Public Wi-Fi / Wireless Access Points are insecure. So, you should avoid as much as possible to perform payment transactions or transmit sensitive data through public Wi-Fi / Wireless Access Points. Also, consider using encryption, such as SSL or VPN when is mandatory to do so.

Do not leave your Mobile Device/s Unattended.

Leaving your device unattended is dangerous firstly because it can be stolen. Secondly, it would also increase the risk of unauthorized use of the device, or even a data breach.

You should use Private / Secure Mode when surfing the Internet.

Last generation mobile devices let you enable private mode / secure mode when browsing the Web. From security and privacy perspective, you should keep this mode enabled, so that your browsing behavior will not be easily traced.

Disable any unused Applications and Services.

To reduce security risks, you should stick with the Apps, options and services that are absolutely necessary. So, a small number of installed applications means fewer software updates and fewer vulnerabilities. Also, if it is not required to use Bluetooth or Infra-Red (IR), it is also recommended to keep them off to mitigate the risk of unauthorized network access.

Keep the Operating System (OS) & Mobiles Apps Up-To-Date.

It is required to perform security updates for the Apps and OS of your mobile devices by enabling automatic updates, accept security updates when prompted by trusted providers, such as OS / Apps manufacturers that attempt to fix known security loopholes or vulnerabilities.

Use Password / Fingerprint & include Screen Timeout Settings.

If you set a weak password and a long screen timeout period, your mobile device may be easily hacked. Cyber security professionals recommend you to use a password that cannot be easily guessed while setting a short screen timeout interval (a minute or less).

Avoid Android Rooting or iOS Jailbreaking.

Some iOS users like to jailbreak their device after purchasing it, because that allows them to perform certain actions on their Apple devices that cannot normally do. Basically, jailbreaking is the process of removing software restrictions put into place by iOS developers allowing users to install software that Apple doesn’t authorize.

On the other hand, Android rooting allows you to gain privileged control over your device, it also enables you to remove or replace the entire operating system of the device. This is achievable because Android itself was built on a Linux kernel, and permits users to access administrative permissions on their smart devices.

Jailbreaking or rooting to break factory security settings would make you mobile devices vulnerable to cyberattacks. Mobile apps that run on rooted or jailbroken devices may also be vulnerable to attacks, especially mobile banking applications.

Backup your mobile data regularly.

Nowadays, there is no excuse of not backing up your most important data. Make sure you do it regularly to be able to restore the most recent version of your files and software. When adopting a cloud-based backup solution, consider using data encryption, integrity checks etc. to protect your backups.

Download Mobile Apps from trusted stores.

Obscure mobile apps may include malware designated to collect sensitive information. To protect your mobile devices from being hacked, it is recommended to download mobile apps from trusted stores only.

Reset to Factory Settings before decommissioning the old mobile device.

Last-gen smart devices become increasingly popular. It is quite often for consumers to change their mobile devices with new ones, disposing of the old ones. In addition to data migration, before decommissioning the old devices, don’t forget to reset to factory settings to clear all configurations and data containing sensitive information to prevent data leakage.

Last but not least set up wipe / kill apps & encrypt your mobile device if it is possible.

As we all know, it is vital to protect our data. When it comes to business information such as emails and files, extra caution is required.

How To Speed Up Google Chrome

Google Chrome is the most popular desktop internet browser in the world with a global market share of more than 70% in December 2018 according to Statista.

Unlike other browsers, Chrome is a minimalist one, but its resizing performance and web page loading speed are usually superior. But, like any expandable browser that allows users to enable plugins or to install extensions, Chrome can generate load speed issues due to high system resource usage (CPU and memory).

If you’re experiencing low Chrome performance, you should apply these suggestions to speed up your browser.

Clear browsing data

As you probably know, Chrome stores a cached copy of any web page you visit, so it can load the page faster next time you visit it. It also keeps a database of your browsing history and cookies for the same purpose. As you visit more and more websites, your browser’s database will grow slowing Chrome down.

Fortunately, there is an easy and viable solution: clear your cache. To do this, you just need to access your browsing history by entering chrome://history on your address bar. From the left panel click Clear browsing data. Then, choose what to clear by clicking the checkboxes next to the items you want to delete, like cached images, browsing history, cookies etc. Once you’ve selected the files you want to delete and the time range, click Clear data. Restarting Chrome is recommended.

Track internet performance

Sometimes your browser appears to load a web page slowly, but when the problem is the website itself, there is nothing you can do rather than wait or abort.

This is where Gauge (Chrome extension) comes in. This free extension, developed by Dyn, measures the performance of the internet, recording page loading times, geographic latency, and other relevant variables. Gauge is very useful to find out if your browser is slow due to your Wi-Fi connection, internet service provider or web page you visit.

Remove ads and malware

Chrome can also be affected by malware or adware which is a type of malware that hides on your computer and monitors your behavior online for serving you promotional content. So, if you are displayed recurring pop-up ads, toolbars, alerts about a virus or web pages redirecting to other URLs, be aware because those are clear indications of a form of malware.

Google made malware scanning even easier in 2018. You just need to go to chrome://settings/cleanup on your browser and click on Find and remove harmful software on your computer. It’s a pretty efficient scan that you should run from time to time.

Disable extensions

Extensions are programs that can be downloaded from the Chrome Web Store that you can install to your browser to add more features and functionalities. For instance, you can add an extension that shortens URLs, blocks ads or one that shows you what are your most important tasks every day. While some extensions are useful, they can slow Chrome down especially when there are too many installed and activated.

You can check your browser’s extensions by entering chrome://extensions on your address bar. There you’ll find the list with all the extensions you have (even the ones that are turned off). You just need to scroll through the list and click Remove to delete the extension/s you don’t need anymore.

Speed up page loading

One of the most efficient extensions for speeding up the browser is Google’s own Data Saver extension.

Nowadays, more and more websites move to HTTPS and pages accessed through HTTPS or in incognito tabs will not be optimized or seen by Google. Therefore, Data Saver extension has become less useful, but for regular HTTP connections this means faster browsing and smaller downloads making it ideal in case you are using a slow Wi-Fi connection or if you are charged for downloads.

Eventually, a top-performing web browser can increase employees’ productivity therefore is critical to keep it secure and optimized.

Why hosted virtual desktops?

More and more companies adopt virtual desktop solutions. This is a great way to achieve better network control and to improve your company-wide performance.

As you probably know, with virtual desktop infrastructure, each individual user’s desktop environment is hosted by a remote-access server and not stored on the employee’s local machine. This enables organization-wide access to higher computing power with a centralized approach, and it allows employees to bring their own devices saving the company’s resources.

Instant backup capabilities

In general, employees work on machines with all software stored on the hard drive, locally on that same machine and possibly also on a server within the local network. This traditional solution often left applications and files on those machines exposed to potential threats – they could be misplaced, stolen or experience hard drive failure.

VDI eliminates dependence on the local machine for storage or computing power. The user’s experience remains the same, but all the core software, applications, and files are stored on remote servers instead of individual hard disks.

This shift makes backup and restoration a painless process and reduces the chance of failure that could lead to data loss. And because each virtual machine works as an individual on the server, even if one of these virtual machines goes down, the others are not affected.

Cost efficiency

Purchasing and maintaining their hardware rank among the highest IT expenditures most companies make.

VDI uses data center’s computing power and storage capabilities, so all individual machines within your local area network (LAN) will require less RAM, HDD space and overall computing power to function efficiently. This means your company can invest in more affordable machines basically without sacrificing performance. This obviously prolongs the life of otherwise quickly outdated hardware, allowing your organization to capitalize more on the initial hardware investments.

By using VDI you will be able to avoid costly capital expenditures such as top-notch servers, relying instead on a professionally managed remote data center to provide this resource for your organization. This way you can reallocate the budget to other vital areas of your business.

A virtual desktop infrastructure will reduce costs associated with equipment maintenance. Also, patches, upgrades, and updates can be made to your company’s unique centralized hard drive image and then easily pushed out to the entire network, rather than patching or updating each individual machine one by one. This will save time and headaches.

Multiple layers of security

Like many other benefits of VDI, improved security is the result of centralization. By storing all sensitive data and files in one central location where access is password-protected, your data will be secure and automatically protected from loss.

If an employee loses his/her smart device, and if your organization already requires machines to be password-protected and has login/logout policies in place, VDI will use multiple layers of security to monitor and protect your data from potential hackers.

Simplified management

We’ve pointed out several benefits associated with VDI’s centralization, but there isn’t one more important than the simplified management VDI provides. VDI allows you to perform updates, backups, virus scans and other maintenance tasks far easier.

This centralized management is also an advantage in growing and scaling. VDI means hardware is virtualized, so as you hire employees, your IT provider can deploy the base image of what their desktop should look like and then credential them into that image. All employees will get access to the network’s computing power and virtualization will replicate the traditional local area network (LAN) connection where all machines are connected and able to communicate with each other.

Reduced lag time

With virtualization, all the “heavy lifting” associated with computing is transferred to powerful remote servers where software and data are centralized. This means that all applications will perform faster due to increased computing power.

So, reduced latency, increased computing power and downtime reduction VDI ensures for disaster recovery will generate massive savings over time.

Is VDI right for my small business?

Every organization has its own operational needs. Still, almost all organizations can benefit from the centralized control over their data, security, and performance that a virtual desktop infrastructure provides.

Eventually, most small businesses will use VDI to save man-hours on administrative activities and maintenance costs to further improve their IT approach.

Microsoft Teams Vs. Skype For Business

Back in 2017, Microsoft revealed that they intend to make Microsoft Teams its primary communications platform for organizations, replacing Skype for Business over time.

About Microsoft Teams

Supporting Microsoft’s intelligent communications project, Teams is the nucleus of efficient teamwork, bringing together chat, meetings, calling, collaboration, app integration, file sharing, storage etc. In case you are an existing Skype for Business user, you’re invited to upgrade to Microsoft Teams, to try the full suite of communication and collaboration capabilities in a single client experience.

When Microsoft Teams is used along with other advanced tools and features of Microsoft Office 365, a complete collaboration environment can be created. So, companies will no longer need to use Skype for Business or other voice/video specialized applications.

Microsoft Teams adds several other functionalities on top of Office 365 Groups. What it means is that Teams is giving users access to OneNote, SharePoint Online document libraries, Planner, and a whole bunch of other features such as unified presence, federated meetings (the ability to host and participate to meetings spanning multiple organizations) cloud-based meeting recording, direct routing, in-line translation feature that allows participants to discuss in their native language and many more.

Note: Officially, more than 200,000 companies utilize Teams.

Microsoft is constantly working at improving meetings with Teams and thanks to AI technology the future looks promising. Microsoft uses machine learning, cognitive services, and speech recognition to improve meetings experience and makes it easier to set them up and receive follow ups after the meeting has finished.

We shall see if they continue to upgrade Skype for Business as they are doing with Teams, because it seems that Microsoft doesn’t just want you to upgrade your Skype for Business client – they want you to use the complex solution which is Microsoft Teams to upgrade the way your team works.

How to upgrade

To simplify the transition, the company has released self-serve guidance for upgrading to Teams, along with upgrade tools in the Microsoft Teams and Skype for Business Admin Center, which are expected to be distributed to all Office 365 customers over the coming weeks.

Microsoft provides a complex framework to help you plan and execute the upgrade. The framework includes two options: Upgrade Basic dedicated for less complex environments and smaller deployments, and Upgrade Pro for big companies that rely heavily on Skype for Business and its features.

Eventually

Skype for Business was developed to support both voice and video calls, briefly a communication tool – a capable one. As you probably know, it can offer video conferencing calls that could support up to 250 participants. Comparatively, Microsoft Teams was designed to be a comprehensive collaborative solution, including but not limited to: chat, voice, and calling features.

In the end, reducing the number of tools that have similar functionalities in Office365 is promising because it can eliminate user confusion. Office 365 already includes about 25 apps and each of them has its own set of solutions.

It does make sense that Microsoft wants to combine the products when certain features are redundant. What’s your take on this? Please share it with us.