Monday
Nov112019

Eclipse Manager – Simple Microsoft Project Management

If you are not ready to swing into the Microsoft’s Project Management Program but still want to be able to track project tasks and time spent on them, you may want to take a quick look at their new Eclipse Manager Product. There are two versions, the free one really is just a slight step above Microsoft Planner but the Pro version adds several additional key components to make it really functional.

For just $1.99 per month you can upgrade the free version of Eclipse Manager and add the following functions:

  • Track Costs - Cost tracking lets you assign values against tasks, great for projects where you will invoice.
  • Offline Usage - Eclipse Core requires a constant internet connection to sync the files to the server. With Eclipse Pro you can take your computer offline and then sync the tasks when you reconnect.
  • Export to Excel - Eclipse Pro lets you export your projects to Excel.
  • Review - With the Review page you get to see the bigger picture view of your projects and tasks.
  • Access to Reports - Eclipse Pro allows you to use the reports page to see insights into your past and current progress.

So if you are interested in finding out more about these products, you can access the Guide Page and look through the different functions by going to: http://www.eclipsemanager.com/guide

If you don't see it in your Windows 10 Start Screen, try going to the site and sign up for it and down load the app. https://www.microsoft.com/en-us/store/top-free/apps/pc?category=Business&cid=eclipsewebsite

 

Wednesday
Nov062019

Business Email Compromise (BEC) scams

They come in many forms, but they are getting more and more sophisticated and taking companies and individuals for larger amounts of money. Naked Security wrote a report yesterday about the City of Ocala, Florida that wrote out a check after it received fraudulent new payment information that was processed into their system. The scammers used all of the right processes and until the Construction Company called the city about the payment.

Naked Security has a great posting on the many ways that this is happening and what to look for to protect yourself and your organization from this happening to you: Click Here

Tuesday
Nov052019

NFC being on is not always a good thing...

Google has patched a bug that let a hacker, and this is key, that is physically close to your phone to send malware to your phone using NFC (Near Field Communication) functions.

Take a look at this report from Sophos's Naked Security Blog that spells out the vulnerability: Click Here

What to do?

  • You can turn off permissions for the NFC app to install unknown applications, which will prevent the NFC app from trying to install an APK.
  • You can also turn off Android Beam in the NFC and Payment area of your Android device’s settings, while still leaving NFC on for contactless payments.
  • Finally, you can install the fix that Google released last month, patching the flaw.

Tuesday
Oct292019

Adobe Crative Cloud customer database breached

Naked Security reported on this breach that exposed 7.5 million Adobe customers revealing the following information:

  • Account creation date
  • Adobe products used
  • Subscription status
  • Whether the user is an Adobe employee
  • Member IDs
  • Country
  • Time since last login
  • Payment status

See full details here: https://nakedsecurity.sophos.com/2019/10/28/adobe-database-exposes-7-5-million-creative-cloud-users/

 

Friday
Oct252019

5 hidden costs of aging technology

Did you know that most business owners don’t even think about replacing technology until it fails? That can make it more expensive than it has to be. Here’s why.

  • More downtime – Lost time is lost money for essential equipment and software 
  • Lower efficiency – Competitors with newer solutions can do more in less time 
  • Higher maintenance costs – Spending more money to get the job done hurts margins 
  • Costly rentals – Substitute equipment is expensive and can create cash flow issues 
  • Urgent replacements – Emergencies can lead to rushed decision making on long-term solutions

Is any of your technology getting to the place where it may be costing more than you thought? Get in touch and let’s break down the costs to see if an update could save you some money in the long run.

Don't forget that the cutoff for support of Windows 7 is coming up on January 14th 2020.

 

Thursday
Oct242019

Message Center Major Change Update Notification

Microsoft sent out notification of another change in their Office 365 licensing that will be starting Nov 22, 2019. It involves Microsoft Teams Licensing and states:

To align Microsoft Teams with other workloads, we will be retiring the ability to disable Microsoft Teams for all users of a particular license category.

Note: Edu Faculty and Edu Student license categories are excluded from this change.

We'll be gradually rolling this out to customers starting November 22, 2019, and the roll out will be completed by the mid-December.

[How does this impact me?]

Users who were previously disabled for Teams via this option will now become enabled for Teams. Admins who wish to continue to disable these users will have to do so via the “Manage Product Licenses” option in the Office 365 Admin Portal Active Users page.

I normally jump to the How Does this impact me? section to see what we need to do. I don't currently know of any of you that this will cause a problem for but if it does let us know and we can address it.

Tuesday
Oct222019

Google chief warns visitors about smart speakers in his home

We put signs up around our businesses when we have video surveillance shouldn't we do the same thing in our homes if you have voice activated devices to warn visitors of their presence? Here is an interesting article that caught Rick Osterloh a little off guard when asked if Home Owners should warn about these devices in their homes. He said that he does… sure.

https://nakedsecurity.sophos.com/2019/10/22/google-chief-warns-visitors-about-smart-speakers-in-his-home/

Wednesday
Jun262019

Lenovo Smart Tab P10 review: Part Android tablet and part Alexa smart screen

Great overall article on this product. Interesting that it was done by someone that doesn’t like Android Tablets much.

I have been using the P10 for over 6 months now as my primary Tablet device and have been perfectly happy with it. Good sound, very light, and no problem running any app that I have in my arsenal. It functions much better than my previous Lenovo Tablet with applications but the design features of the Yoga Pro 10 with the battery on the side and the kickstand made it useable in many more situations.

Would I recommend it? Already have to my fellow workers and they are just as happy.

Article: https://techaeris.com/2019/06/21/lenovo-smart-tab-p10-review-part-android-tablet-and-part-alexa-smart-screen/

Note: the base which is a speaker and charging unit for the tablet connects to the tablet using Bluetooth. The positive thing with this is that you can be using the tablet for one function and still have it being able to stream music or a podcast to the base. This also allows you to pair other devices to it as well.

Tuesday
Jun252019

Are you handling Credit Card Payments? Let us help you become PCI compliant!

While we are all working towards making our businesses run as smoothly and safely as possible, one of things you may have overlooked is making sure you client’s financial information is as safe and secure as possible.

Credit Card information is a critical piece of information that you need to be aware of protecting. It is not hard to do so but you need to put the right protection in place to help you do this.

We find many small businesses still using simple home routers or just your Internet Provider’s modem for your connection to the Internet. That is just not the right piece of equipment to do this. You need to call one of our security experts to provide suggestions on how you can easily create a secure environment for your business.

We suggest Sophos Security products primarily to do this for you. The first line of defense is to put in place a business class firewall that will provide the following protection:

  • ·         Intrusion Protection for those trying to break into your network and detection of outbound traffic that needs to be secure and managed
  • ·         Control address, port, protocol and specific application traffic and behavior patterns.
  • ·         Perform NAT (Network Address Translation)
  • ·         Detect and block spoofed IP Addresses
  • ·         Inspect data traffic for malicious activities

While this is a good first step in creating a protected environment, it is not the only one you need.

Again, contact one of our security specialists that can provide you with a complete analysis and recommendation for your business.

Monday
Jun242019

HabiTap - Auto Clicker with Autmatic Tapping

Yes, I have finally found a game that I have gotten emersed into and it has begun to become a problem with certain repetitive tasks. You know, who wants to set there and just tap a screen constantly to process some ongoing task? Right?

Well, I began searching and finally came up with a simple solution that works well for me. The free version gives you a single arrow that points to an area and produces a screen click every 1/5 second. Position the arrow where you want the screen tap and then press on the arrow to turn it from red to green. A single point of continous clicks. For an additional $1.99 you can upgrade the product to a dual pointer system. You can also record a series of movements and have them played back continuously as well so you can create a series of movements and also control turning on and off the pointers to automate a process. It may take a few times recording to get the process to your liking.

This has become a big timesaver for me and allows me to take my eyes of the screen and put back into the conversation with my wife. Its putting that smile back on her face.

Wednesday
Dec122018

RPost Email Security made simple

I have been using this product for over a year and it make my encrypting of emails very simple and straight forward. There are many different capabilities that this product provides and is especially helpful in a Law Practice environment with the added feature for documenting delivery receipt of emails and signoffs as well.

Here is a sample of a recent RPost News item:

 

 

RPost Adds New Security Automation, APCC Top Choice

RPost simplifies total email security, now with a hosted security gateway solution. Customers, especially small businesses, have all of the email threats and compliance requirements of enterprises, but fewer IT staff and smaller tech budgets.
 

With RMail Security Gateway, now with full service hosted options, business IT staff can simply change an email routing rule and all of their email will have market leading threat protection, data leak prevention, and rules to trigger all or certain messages to be sent via RMail; automatic encryption, RPX AES encryption, certified e-delivery proof, or for recipient e-signoff.
 
“As technologies advance and threats get ever more sophisticated, encrypting email for privacy compliance is not getting simpler. In fact, it is getting more complicated,” states Steve Anderson, an insurance technology expert & LinkedIn influencer with more than 330 thousand followers.  “Not all TLS is created equal. Not all email one thinks is going by TLS, in fact is transmitted securely.” Learn more about pitfalls with TLS
 
Insurance agencies, for example, rely on RMail automatic encryption to detect this simplest, secure transmission to each recipient; with each message returning auditable proof of privacy compliance. Now, agency administrators can simply click an option in a web-tool to enable all messages to be sent via RMail encryption, whether sent from an agency management system, or from their email service.

“RMail consistently makes email life easier for business people. Easy, secure, simple, automatic,” adds Anderson. “And, RMail Security Gateway is just another way that RPost does it. RMail Security Gateway is a great option for total encryption automation.”
 

[Join Steve Anderson on a December 12 webinar to learn how to automate and streamline email compliance with policy-based encryption solutions – REGISTER HERE.]

 
RMail Security Gateway automates email security with advanced email encryption for privacy compliance, inbound and outbound threat protection, data loss prevention, and more. It includes proof of privacy compliance (GDPR, HIPAA, etc.), with email tracking, certified e-delivery proof, and e-sign productivity built-in. It is the simplest to use, most affordable full featured total security solution for email and documents; fully hosted, completely managed. 
 

 

[Read more about RMail Security Gateway in our PDF Guide.]

 
“RMail SG furthers our mission to think of security in line with productivity. Services should make it easier to do business, all the while focusing on ensuring underlying security and compliance needs are covered,” states RPost CEO Zafar Khan. 
 
Users report adding RMail SG to make it easy to send encrypted from mobile phones, by adding the word ‘encrypt’ to the subject – in particular in the legal sector. Others prefer to create rules to automatically send encrypted to certain recipients, based on message content, or when from certain senders, when privacy compliance is a concern.
 
RMail has been identified as a top choice for privacy compliance by leading organizations like the Association for Professional Compliance Consultants (APCC).  

 

[Interested in GDPR Compliance? Download the GDPR Privacy Compliance Guide Here.]

 

Friday
Nov302018

Naked Security Post: Huge Marriott breach puts 500 million victims at risk

by 

Marriott has today revealed that its Starwood guest reservation database has been subject to unauthorised access “since 2014”. The scope of the data breach is huge, covering nearly five years and approximately 500 million guests.

The company has created a website to deal with the breach at info.starwoodhotels.com (note that at the time of writing it redirects to answers.kroll.com).

Who’s affected?

The company warns that if you made a reservation at one of its Starwood brands in the last five years then you are at risk:

If you made a reservation on or before September 10, 2018 at a Starwood property, information you provided may have been involved.

According to Marriott, its Starwood brands include: Starwood branded timeshare properties, W Hotels, St. Regis, Sheraton Hotels & Resorts, Westin Hotels & Resorts, Element Hotels, Aloft Hotels, The Luxury Collection, Tribute Portfolio, Le Méridien Hotels & Resorts, Four Points by Sheraton and Design Hotels.

What data is at risk?

It seems that different guests may be subject to different levels of exposure, according to how much data they shared. Until you have successfully confirmed your level of exposure with Marriott, you should assume the worst.

Information put at risk by the breach includes “some combination of” name, mailing address, phone number, email address, passport number, Starwood Preferred Guest (“SPG”) account information, date of birth, gender, arrival and departure information, reservation date, communication preferences, payment card numbers and payment card expiration dates.

Although payment card numbers were encrypted, thieves may have stolen the information required to decrypt them.

What happened?

Marriott has not revealed what events or security failures occurred (it may not yet know), but it has released some details about how it discovered the breach.

The company says that on 8 September 2018 it was alerted to an unauthorised attempt to access the Starwood guest reservation database. Security experts called in to deal with the incident revealed that unauthorised access to the Starwood network started as far back as 2014, two years prior to Marriott’s acquisition of Starwood.

On 19 November 2018, Marriott learned that a recent attempt to encrypt and exfiltrate data from the network had included data from the Starwood guest reservation database.

As you can see from what Marriott has revealed so far, it can be difficult for everyone concerned to tell the difference between data that has been put at risk and data that has actually been stolen.

Until they can confirm otherwise, victims would be prudent to assume they amount to the same thing.

Thursday
Nov082018

The New and Improved Root Cause Analysis in Intercept X

There are a lot of interesting things happening with Sophos Security Products these days. With the recent release of Intercept X with EDR you have even more information for forensic analysis of malware attacks.

To get the best results from your installation you need to have a Sophos XG Firewall, Sophos Central Enpoint and Intercept X.  Here is a case study some of the improvements in Root Cause Analysis in Intercept X.

Click Here

Thursday
Nov082018

ZDNet Reports: Windows 10 activation bug baffles, angers users

 

Another instance where Microsoft has a reported issue with a release that can have devastating results if you update with it.

Microsoft is working on a reported problem with their Windows 10 Pro system deactivating their license.

Microsoft states:

"Microsoft has just released an Emerging issue announcement about current activation issue related to Pro edition recently. This happens in Japan, Korea, America and many other countries," wrote the support agent.

"I am very sorry to inform you that there is a temporary issue with Microsoft's activation server at the moment and some customers might experience this issue where Windows is displayed as not activated. Our engineers are working tirelessly to resolve this issue and it is expected to be corrected within one to two business days, Daniel."

To see more on this issue: Click Here

Thursday
May312018

Action required: Security upgrade needed for uninterrupted QuickBooks services

Intuit QuickBooks

Effective June 1, 2018, all services within QuickBooks Desktop will need to meet updated system requirements. These industry standard security requirements will provide greater security and stability with TLS 1.2, an internet security protocol. To learn more about TLS 1.2, click here.

How does this impact you?
If these requirements are not met, services impacted include, but are not limited to the following:

  • Connected services such as Payroll, Payments, Online Banking, etc.
  • QuickBooks Desktop activation on a new computer
  • Password reset tool
  • Services that require Intuit account credentials such as My apps, secure webmail, contributed reports, etc.
  • Intuit Data Protect (IDP)
  • Ordering checks and supplies

What do you need to do?
Please take the following steps by May 31, 2018 to ensure uninterrupted QuickBooks services:

  1. Make sure the QuickBooks Desktop version you are using is updated to the latest release.
  2. Run the TLS 1.2 Readiness tool from this QuickBooks article on the computer where QuickBooks is installed to confirm your system readiness for TLS 1.2.
  3. If the TLS 1.2 Readiness tool indicates failure, you should review the details here to take the necessary steps.

For additional information, please see this QuickBooks article.

Thank you for being a valued QuickBooks Desktop customer.

Sincerely,

The QuickBooks Desktop Team

Wednesday
Apr112018

Sophos Ranked #1 in Malware Detection

MRG Effitas conducted a commissioned test comparing endpoint protection products’ ability to detect malware and potentially unwanted applications. Six different vendors, including Sophos, were reviewed in the test. This report will serve as an excellent proof point for Sophos. Some highlights of the report include:

Sophos ranked #1 at detecting malware. Sophos had an automatic block rate of 99.19% and a miss rate of 0.81%, half as much as next competitor. The percent of samples missed was over 11 times smaller than the average of the other vendors included in the study.

Sophos ranked #1 at detecting potentially unwanted applications (PUAs). Sophos detected 100% of the PUAs in the test, which is important as the sample contained a high number of cryptominers (aka coinminers) that are used in cryptojacking. Comparatively, four of the six vendors tested missed between 47% and 69% of PUAs.

Sophos’ false positive rate according to MRG Effitas was 0.05%, which is even more impressive when considering the corresponding best-in-class detection rates of in-the-wild malware and potentially unwanted applications.

You can read the report here.

You can download the report here.

Tuesday
Apr102018

Announcing Sophos Mobile 8.1 With Office 365 App Management

Hot on the heels of Sophos Mobile 8, we are pleased to announce that Sophos Mobile 8.1 is now available. New capabilities include support for devices running iOS 11.3, plus management and configuration of Office 365 applications on enrolled iOS and Android devices.

The new functionality means that admins can now use Sophos Mobile to manage and configure Office 365 apps on mobile devices. Admins will save time by using a single console, making policy creation and distribution very simple in the Sophos Mobile admin interface.

Office 365 app management features are available in both Sophos Central and when installed on premises. Customers will need an Office 365 license, but no other separate Microsoft license is required to enable app management.

Sophos Mobile 8.1 is available now for installation on the customer’s own premises with management in Sophos Central following on April 24, 2018.

To learn more as well as to find Sophos Mobile sales resources, please visit the Sophos Mobile product page.

Thursday
Apr052018

Exciting Upcoming Changes from PAconnect!

Over the last six months we have will been working very hard in creating better integration of all our administrative systems. If you have received a recent bill from us you'll see that it has changed from a tool system listing to a single system listing so that you are being billed just from our service management product.

The next part of her integration provides automated reporting of all the services that you currently have with us so that with a much quicker turnaround time on audit control of those services being billed to you. By integrating these two parts of our systems reporting, we are insuring a more accurate report to you on what you have been receiving as a service from us.

Another change that you will see is that your service billings will be billed separately from your discounted service contract. These are going to be two separate processes and will come to you as separate invoices. If you have quarterly or annual billings those also come under separate invoices as well. This should provide a much simpler method for you to track what services you are being billed for and when to expect the billings to occur.

We look forward to answering any questions that you might have discussing these changes.  will

Thursday
Apr052018

Important Sophos Security Advisory for Sophos Mobile and Sophos Mobile Control

Sophos

Technical Alert

Important Sophos Security Advisory for Sophos Mobile and Sophos Mobile Control

Date issued: 2018-03-26

Sophos has released a security update to Sophos Mobile and Sophos Mobile Control installed on premises. Customers running Sophos Mobile managed in Sophos Central or the hosted Sophos Mobile as a Service are not affected by this issue.

This update fixes a security bypass bug that could allow an unauthenticated user to access the administration console or the self-service portal.

This vulnerability was responsibly disclosed to Sophos on 2018-03-21. We are not aware of any attempts to exploit this bug in the wild.

We have assessed this update as critical and therefore advise you to install the update as soon as possible.

If you have Sophos Mobile or Sophos Mobile Control version 6.0 or later, please login to the Sophos License Portal, download the security patch for your version and apply immediately.

If you have Sophos Mobile Control 5.1 or earlier, you need to upgrade to the current version. For more information please read the article https://community.sophos.com/kb/128031.

For more information, please read this knowledge base article on our support site: https://community.sophos.com/kb/131867.

Note: We would like to make you aware of a vulnerability affecting Sophos Mobile customers running the product installed on premises. Customers running Sophos Mobile managed in Sophos Central or the hosted Sophos Mobile as a Service are not affected by this issue. We will send the following email to all affected customers indicating any required actions. Please don’t hesitate to reach out to your account or support representative if you have additional questions.

Monday
Jan152018

PR: Sophos Mobile 8 Launch Update

Timeline:

January 17, 2018 – Sophos Mobile as a server (SMaaS) upgrade to version 8

January 17, 2018 – Sophos Mobile 8 for installation on premises generally available to download

February 13, 2018 – Sophos Mobile 8 available in Sophos Central

February 26, 2018 – Announcement and public launch at Mobile World Congress 2018