Your Personal Titanic Moment

On a recent interview about the Titan sub catastrophe, director of the movie Titanic James Cameron, who has made 33 successful dives to the Titanic wreckage site, pointed out that this tragedy is eerily similar to the 1912 Titanic disaster: the captain of the 1912 RMS Titanic was repeatedly warned about ice ahead of his ship, yet he plowed ahead at full speed into an ice field on a moonless night, resulting in the deaths of over 1,500 innocent souls.  

The captain of the sub Titan and CEO of the company OceanGate, Stockton Rush, was also repeatedly warned about his vessel’s safety, lack of certification for the vessel’s integrity, lack of a tracking device (think airplane black box), their experimental approach to deep dives (despite the fact that this is a very mature and well-understood practice) and lack of a backup sub. He also proceeded to plow ahead at full speed, taking people in an extremely unsafe vehicle, also killing innocent people. If there was ever a case for willful negligence, this is it. 

When it comes to IT security and compliance for small business, this kind of willful negligence is rampant. Sometimes it ends with an abrupt, catastrophic “implosion,” as with the Titan, where a company is destroyed by a ransomware attack, operations shut down, unable to transact, employees and clients harmed and their reputation tarnished.  

In other cases, the risk is there but hasn’t been addressed because nothing bad has happened – yet. Willful negligence in IT security and regulatory compliance to data privacy and protection comes in three forms. 

The first is willful ignorance. Some people running a business are young and inexperienced, too new to the business world to understand the risks they are incurring by failing to protect their clients and themselves. Often, they are being advised by the wrong people – an IT firm that knows how to make their tech work but lacks the expertise to implement good security protections. You kind of can’t blame them for getting it wrong initially, but at some point they’ll get smacked with a cyber-attack and learn the error of their ways the hard way. 

The second type of willful negligence is willfully stupid 

This group CANNOT claim “ignorance” as their defense. They KNOW they should be protecting their business and their clients’ data from cyber-attacks. They’ve heard the stories, they know the laws and may have been warned by their IT company or person, but foolishly believe “that can’t happen to us,” or choose to assume they’re “fine” because they are using a cloud application that promises compliance (which is correct for THEM, not necessarily for YOU). They trust but don’t verify that their IT person or company is actually doing what they’re supposed to, and often lack cyber liability insurance, choosing to take the risk because they’re cheap or can’t be bothered.  

The third type of willful negligence is, in my opinion, the TRUE meaning of willful negligence and the most immoral and unforgivable. Determined negligence. These people stubbornly insist on continuing to operate without proper security protocols in place, without a disaster recovery plan, without any insurance, without assessing and inspecting their environment, refusing to acknowledge ALL facts, history and evidence to the contrary. They know they are acting irresponsibly but don’t care.  

After the tragedy of the sub, multiple experts came forward to point out all the risky behaviors Rush was allowing. The hull had not gone through any type of cyclical pressure testing or thermal expansion and contraction testing. The hatch could only be opened from the outside and not the inside, which wouldn’t allow them to escape if needed in the event of an emergency – one small fire inside would have been catastrophic. No atmospheric system to monitor interior gases such as oxygen, carbon dioxide and carbon monoxide. No emergency air breathing system. The viewing window was only certified to 4,000 feet, not the 12,500 feet of the Titanic wreck. But the most egregious of all was an egotistical assumption by the CEO that he knew better than everyone else around him. 

I wonder if he put all of this in the brochure and explained that philosophy to the people in the sub who lost their lives that day. 

Everyone makes mistakes. Everyone has a moment in their lives when they place trust in someone they shouldn’t. Everyone has blind spots, and we’re all ignorant and misinformed about something. The question is do you STAY willfully ignorant or stupid to the point of being determined to hold steady to your course of action to the point where you not only do harm to yourself, but to others as well? 

If you do, it’s only a matter of time before you have your own ship sunk, your own personal Titanic-size wreck. Sadly, if you’re the CEO of a company that holds financial data, credit cards, medical records, tax returns, Social Security numbers, birthdays or even the contact details of your clients OR employees, YOUR willful negligence in cyber protection will absolutely harm others.   

5 Essential Tech Tools To Grow Your Business And 2 You Should NOT Waste Your Money On 

Growing your business involves learning how to make money and hang on to it responsibly. When you’re in the weeds, it’s easy to think that a fancy piece of well-marketed software could help dig your way out. That’s usually not the case, and you’ll likely end up paying for software that you don’t need and barely use, and that burns through your bank account. 

On the other end, a few pieces of technology benefit most growing organizations. When set up and implemented correctly, these pieces of software can improve operations, increase efficiency and lend a hand to revenue-generating efforts. Investing in the right technology is not a wasted expense. However, with so many options, especially with the new wave of AI-powered digital tools, it can be challenging to decide which ones you need and which ones are distractions.

In today’s blog, we’re outlining five tech tools you should use to grow your business and a few that will only take up space.  

Tools To Use: 

  • Direct Messaging Platforms – Whether everyone is in-office, remote or hybrid, a communication tool is a must. These tools allow for targeted communication that can be one-on-one, small, select groups, entire departments, channels within the organization or the entire organization. This feature helps to keep messages relevant instead of consuming everyone’s time. Tools like Microsoft Teams or Slack are popular options that offer video call capabilities, integrate with other tech tools, can leverage AI and more. Other critical factors to consider when choosing which software you’ll use are whether it’s high-speed, easy to use and scalable, and whether the company provides great support.  
  • Project Management Software – This is essential for internal and external projects to keep you on track, on budget and organized. Using this tool, you can work with others on your team to set deadlines, assign tasks, monitor deliverables, track issues, connect with clients for feedback or approval and more. However, there are many options available that have more features than you need. When choosing project management software, first see if there are any industry favorites. For example, JobNimbus is specialized software for roofers in the contracting industry. Others exist specifically for health care. Finding these unique options can help you get the project solutions you need. If you’re looking for a general tool, software like Monday, Asana and ClickUp all continue to top the popularity chart. 
  • Customer Relationship Management Software (CRM) – If you’ve been tracking leads and customers via pencil and paper or with a simple spreadsheet, this tool will change the game for you. CRMs allow you to store your customer information in one place, which can help streamline your sales process, strengthen customer relationships, increase sales and run a smoother operation. Again, look for industry-specific options first. After that, tools like Keap or Salesforce come highly recommended.
  • Cloud Computing Solutions – These are vital for all organizations that share data or collaborate on projects. The cloud is a web-based hub that holds all your data virtually and can be manipulated by anyone with access at any time, even at the same time. It syncs to all connected devices to share changes in real time, allowing for better collaboration and scale-up as your company grows. Cloud platforms to consider are Microsoft Azure, Google Drive, Amazon Web Services (AWS) or Dropbox. 
  • Cyber Security Solutions – Digital tools make running your company easier, but they invite new threats into your business. Cyber security is a serious issue for business owners. You handle sensitive data, financial information and more for you and your clients, so safeguarding it against cybercriminals is necessary. Computers, USBs, mobile devices, servers and networks must all be secured.  

 While there are antivirus and firewall solutions available for you to set up on your own, having an IT company with a cyber security expert on the team monitoring your network is recommended. Hackers break through the standard firewalls regularly, which leaves people who think they are protected unknowingly exposed. With 24/7 monitoring, an IT team can patch those holes before cybercriminals can find them. 

 Those are five tools all business owners would benefit from. But what about items you don’t need? Here are two you can avoid wasting money on. 

 

  • Ineffective AI Tools – With the launch of ChatGPT, a wave of new AI-powered programs has popped up. It seems like there is an AI tool for everything. The problem is, can these tools be used effectively? Many programs were rushed to market and are still in the early stages of development. They have frustrating bugs and limitations and don’t produce quality results. 

Be selective about which AI tools you use. Do you need it? Does it work? Remember, whenever you sign up for another free trial or create an account, you’re giving your private information to a company that could experience a data breach. Choose carefully!  

  • Duplicates – Are you paying twice for the same tool? As software companies merge and develop new features, you might find that you can consolidate your tools in one place. For example, if you’re using Canva to design images for social media and something else like Hootsuite to schedule them, you could reduce the number of tools you use from two to one because Canva can schedule the posts for you! There are likely other areas in your business where this can happen. Spend some time evaluating what you invest in to see if you can eliminate anything. 

 When it comes to running an efficient business, choosing the right tech tools is critical to your success. Instead of spending your limited time researching the best options, let our tech experts help. Using our FREE Network Assessment, we can help you identify bottlenecks and areas of opportunity in your business to help you save money, improve productivity and grow. Click here to book your free assessment now or call our team at 480-464-0202 to get started. 

The One Lesson Business Owners Miss When Training Employees That Can Cost Them Thousands

Training employees on anything can be an expensive process. You incur the cost of investing in necessary materials plus the time it takes away from your employees doing revenue-generating activities. But what’s worse when it comes to cyber security training is the expense you’ll incur if that training fails.  

Recent studies show that human error plays a role in a shocking 90% of data breach cases! Smart business owners are taking a proactive approach and training their employees on cyber security do’s and don’ts. While we applaud their efforts and encourage all owners to take this step, research suggests their efforts aren’t paying off. Despite their willingness to train employees, the number of data breaches continues to increase.  

What gives? We’ll be first to say it – cyber security training can be boring. And what happens during boring presentations? People aren’t engaged, so they tune out and miss the critical information needed to keep your company secure. After the presentation, they sign off, saying they have learned the lessons, but have they really or are they a ticking time bomb in your organization? 

The latter is likely true. If you want the information to stick, you must take some additional steps – and the most important is putting them to the test! 

According to Education World, interactive activities are six times more effective when learning and remembering material than simply listening to a lesson. You can incorporate this tactic by putting employees to the test to find out whether or not they can apply what they learned. 

One of the best ways to do this is to use phishing simulations. Here’s how the process works: 

  • A third party creates a realistic but fake phishing e-mail that shows identifiable signs discussed in the training. An example could be creating an e-mail that is similar to the CEO’s requesting private information, an outside company sending a bad link, etc. You can customize it to look like something relevant that your employees could potentially see and fall for.
  • The employees are then put to the test. You choose which employees will receive what links and what dates the e-mails will be sent. Will they be able to identify the threats or will they fall for the scams?
     
  • The results are collected and shared with you to develop more comprehensive training programs and help you identify which employees are your biggest risks so you can provide specific coaching. 

 Another great way to use phishing simulations is to send out the tests before the training. When employees see that people in the company are making mistakes, they are more likely to pay attention to the lesson. 

 It’s not enough to just teach the information! It must be learned and implemented every day to be effective and keep your organization secure. 

If you’re looking for effective cyber security awareness training for your employees, our team has a comprehensive program that will engage, teach and test your employees so you can have peace of mind knowing they are working to keep your company safe. Click here to get in touch with our team and get started on your cyber security training session today. 

The Shocking Facts About The New FTC Safeguards Rule That Affect Nearly EVERY Small Business Operating Today 

As former President Ronald Regan once said, the scariest words you’ll ever hear are “We’re from the government, and we’re here to help.”  

In this case, the government is trying to help by forcing nearly all businesses to implement and maintain a strong cyber security program to protect the customer information these companies host – definitely not a bad thing, and all businesses should take this seriously without the government mandating it. 

Sadly, the majority of small businesses don’t take cyber security seriously enough and believe they are doing enough to prevent a cyber-attack when they aren’t, which is why the government is having to step in and create laws (the GLBA Act) to enforce better security protocols.  

What Is The New FTC Gramm-Leach-Bliley Act Safeguards Rule And Who Does It Apply To? 

Back in April of 2022, the FTC issued a new publication entitled “FTC Safeguards Rule: What Your Business Needs to Know.” This was published as a “compliance guide” to ensure that all companies that fall under the Safeguards Rule maintain safeguards to protect the security of customer information. 

While you might think your business is “too small” to need to comply or doesn’t hold any data “that a hacker would want,” you’ll be shocked to discover you are likely to be wrong on both fronts. 

Hacking groups use automated bots to randomly carry out their attacks – and small businesses are their #1 target due to the gross negligence and inadequate protections they have. You are low-hanging fruit. That’s why it’s not only the obvious organizations, such as CPAs, financial institutions and credit unions, that need to comply. Here’s a short list of just a few of the organizations that fall under this new law. You should know that this is NOT a complete list: 

  • Printers that print checks or other financial documents.  
  • Automotive dealers who provide financing for car purchases. 
  • Any organization that accepts credit or loans for the goods and services they sell, whether or not the credit is granted. 
  • Companies that do tax preparation or credit counseling of any kind. 
  • Real estate settlements, services or appraisals.  
  • Career counselors that provide services to people employed by or recently displaced from a financial organization.  

As you can see, the companies that must comply are growing rapidly. Bottom line, if you handle any kind of financial data or personally identifiable information, you need to make sure you are complying with these new standards. 

What You Need To Do Now 

The rule requires you to implement a “reasonable” information security program. But what does that mean? For starters, you need to designate a qualified individual to implement and supervise your IT security program – and you cannot outsource this. Yes, you can and should get a professional IT firm like us to guide you on the implementation, but the buck still stops with you. 

The person you designate doesn’t have to have a background in IT or cyber security – but they will be the person responsible for ensuring your company is taking reasonable precautions to comply with the new security standards. 

Second, the Safeguards Rule requires you to conduct a risk assessment to initiate an effective security program. From there, you would work with your IT company (us!) to roll out a plan to secure and protect the data you have by putting in place access controls, encryption, data backups, 2FA and a number of other protections. 

Cyber security is not something you do once – it’s an ongoing effort of protection as new threats evolve. If you want to see where your organization stands on cyber security, click here to sign up for a quick, easy and completely free Cyber Security Risk Assessment. That is the first step toward complying and will give you the information you need to know about your own security stance. 

Is It Illegal To Track Your Employees’ Activities When They’re Working From Home?

Along with the surge of people working from home or in hybrid situations over the last few years, there has also been an increase in employers looking for ways to monitor their employees’ work activities to ensure they actually ARE working when remote.

This is no surprise given the new “quiet quitting” trend that has now evolved into “Bare Minimum Mondays” and “Try Less Tuesdays.” Sadly, some employees are taking advantage of working remotely as a way of working less.

Of course, not all remote employees are slackers – but how can an employer know the difference? That’s where tools like Teramind and ActivTrak come into play. These are software tools that can be installed on employees’ workstations and laptops to monitor their activity, both while in the office and remote.

Not only will these tools provide insights into productivity and where employees are spending their time, an employer can also see when someone checks in to work and leaves for the day. These apps can also help in ensuring employees aren’t surfing inappropriate websites during work hours using company resources.

While many people are against monitoring, it’s perfectly legal in the US, provided this is for work-related activities on workplace devices. Monitoring laws do vary by state, so you should always check with an HR attorney on any employee-related monitoring. While there is no requirement to gain consent on a federal level, some states require that you establish consent before monitoring.

It’s also legal to monitor company-owned devices outside of work hours, including Internet traffic, search terms, websites visited, GPS geolocation and content viewed, to name a few things. If you issue your employees’ phones, you are legally allowed to monitor them as well. It’s even legal to monitor your employees’ own personal devices if you have a BYOD (bring your own device) to work, provided those devices are used for work purposes.

If you are thinking of rolling out employee-monitoring software, here are a few recommendations.

  • Let your employees know you WILL be monitoring them, and how, before rolling out any monitoring activities. Being totally transparent about what you are monitoring and why is important to establishing and maintaining trust with your employees. Most people would be very upset to discover you were monitoring them without their knowledge. While it’s legally your right (in most states) to monitor without letting them know, we feel it’s best to be open about this so they understand what’s being recorded.
  • Put in writing what is and isn’t allowed during work hours and on company-owned assets. If you don’t want employees visiting what you deem as inappropriate websites and mixing personal activities with work activities on company-owned devices, let them know that. If they work from home, set guidelines such as start and end times for work and how long and how frequently they can take breaks, detailing when they need to be available (at work). No one likes getting a speeding ticket when there’s no speed limit signs posted. Be absolutely clear on your expectations and put them in writing so there’s no risk of “You never told me that…” happening.
  • Get legal advice before implementing any kind of monitoring software, cameras or activities. Laws can change – and with privacy of data becoming more critical (and a legal hot potato), we suggest you work with an HR attorney to make sure you’re not violating anyone’s rights. Recently, the fast-food restaurant White Castle was hit with a lawsuit that could cost them up to $17 billion for using fingerprint login software for their employees to access certain systems. The lawsuit claims they violated Illinois’s biometric identification laws by asking employees to use their fingerprint as a secure way of logging in to their systems without first gaining consent.So, while it’s legal to monitor employees, you still need to be mindful of employment laws and data and privacy protection of the employees you monitor.

Need help implementing a more secure and productive remote workplace? Click here to schedule a quick call to discuss your options and to get ideas on how we can help you and your entire team be productive and safe, no matter where or how you choose to work.

 

Cyber Security for Arizona Business Travelers: 8 Tips To Vacation Safely

As we get into the summer, many business owners and employees look forward to a well-deserved break. However, high achievers are known to do a little work on vacation. Unfortunately, studies show that working outside the office, whether on vacation, from a local coffee shop, or even business travelers out on work trips, can lead to significant cyber security issues. If you or your employees plan on answering urgent emails or checking in on projects while on vacation this summer, it’s essential to maintain strong cyber security best practices to avoid exposing the company network to hackers preying nearby. In this blog post, we’ll cover what cyber security best practices for remote workers must be implemented so that you and your team can get your work done and enjoy your vacation without worrying about a data breach. 

 Why Cyber Security Matters While Traveling 

 For business travelers, the need to stay connected to the office is a reality of the digital age, and our handheld devices make it easy. But with this constant connectivity comes an increased risk of cyber threats. Whether you’re using a public Wi-Fi network in the lobby or accessing sensitive files from your hotel room, you can expose your company to hackers, malware, and other cyber risks. 

 Cybercriminals know how this works! They understand that people are more likely to let their guard down while on vacation. They know you’re more focused on enjoying your time off than ensuring your devices are secure. This situation makes travelers an attractive target for cybercriminals, who can use a variety of tactics to compromise your data, such as phishing emails, fake websites, and man-in-the-middle attacks. 

 To minimize the risk of a cyberattack while traveling, here are a few best practices to cover with your team:  

  • Use A Virtual Private Network (VPN): A VPN encrypts your internet connection, ensuring your data is secure even when using public Wi-Fi networks. Before you leave, set up a VPN on your devices and use it whenever you’re online. 
  • Keep Your Devices Updated: Before leaving for vacation, update your devices to the latest software and security patches. Outdated software can leave you vulnerable to cyberattacks, so staying current is essential. 
  • Be Wary Of Public Wi-Fi: Although convenient, public Wi-Fi networks can be a hotbed for cybercriminal activity. Avoid using these networks whenever possible. Yes, that means no checking your email poolside unless you have a VPN. 
  • Enable Two-Factor Authentication (2FA): Using 2FA adds an extra layer of security to your accounts by requiring a second form of verification, such as a text message code or fingerprint scan. Make sure to enable 2FA for all of your critical accounts before you depart. 
  • Beware Of Phishing Attempts: Cybercriminals often target travelers with phishing emails, which are designed to trick you into revealing sensitive information. Be cautious of any emails you receive while on vacation, and never click on suspicious links or download unfamiliar attachments. 
  • Secure Your Devices: Physically secure your devices by always keeping them with you and never leaving them unattended in public places. Additionally, enable password protection, biometric authentication when applicable, and remote wiping capabilities in case your device is lost or stolen. 

Traveling for business or pleasure doesn’t mean you should compromise on cyber security. Following these best practices can reduce the risk of a data breach or other cyber security issue while away from the office. However, it’s important to know that these steps aren’t infallible. To truly ensure that your company’s cyber security measures are up to par, you need to work with a qualified IT team that can monitor your network 24/7, patch any vulnerabilities that pop up (which happen regularly), and can alert you if something goes wrong. 

To help you prepare for your vacation and have peace of mind knowing your business is secure while you or your employees are working remotely, click here to schedule a free IT assessment with our experts today. We’ll evaluate your current cybersecurity measures, identify potential vulnerabilities, and help you implement a strategic security plan to keep your company safe. 

Cybercriminals Pose As Facebook And Instagram Support: How To Protect Your Private Information From Being Stolen On Social Media 

Another day, another scam! A new wave of social media scams has emerged, targeting unsuspecting Facebook and Instagram users. Whether you use your page for personal or business use, this new con could affect you. In this article, you’ll discover what this scam is, how to detect if hackers are targeting you, and how to avoid falling for it and potentially leaking your private information. 

 If you’re a social media user, you may have noticed that in recent years, both platforms are quick to hand out page violations. An inappropriate comment or post can land you in “Facebook jail” or with a 30-day suspension for repeated offenses. Facebook’s goal appears noble – keep these platforms a positive, kind place for all users.  

 To help identify these comments, the platforms have developed a sophisticated bot that can read the posts and detect “flagged” phrases that the platform has deemed inappropriate. Typically, they remove the inappropriate content and notify the user that the post was flagged and warn if they continue posting similar content a ban can occur.  

 However, this robotic peacekeeper is not perfect. It has a reputation for flagging ordinary content because of key trigger words and banning unoffending accounts. This situation is frustrating for users who don’t want to lose access to their social media platforms for an offense they didn’t commit or are worried that years’ worth of memories they’ve accumulated on their account could disappear if their account is wrongfully deleted.  

 Cybercriminals saw their opportunity and went for it. Hackers pose as support agents from Facebook or Instagram, contacting users via direct message on the platforms saying there has been a policy violation and they’ll help the user resolve it by filling out a simple form that gives them the information they need to make this digital slap on the wrist go away. The alarming twist? Once users submit their information, it falls directly into these skilled hackers’ hands, who can use it for who knows what. 

 If you want to protect yourself from this scam, you must first be able to recognize it. If you receive a message like the one below – don’t panic. Cybercriminals want you to be worried, so you slip up and make a mistake. Remember, a Facebook agent will never directly contact you unless you go through the support chat first. The platforms have in-app notifications about banned or flagged content that you will see first, and they will follow up via email.  

 The image below features an actual screenshot of this scam in action and points out other factors to notice when determining the legitimacy of a violation.  

 


  

We didn’t request the form to see what information it collects (and neither should you), but we can guess. Facebook has developed strict verification processes for confirming identities to reduce the number of imposters on Facebook and determine the rightful ownership of accounts in hacking situations. The platform will request proof of identity with a photo of your ID or sometimes even business documents proving ownership. Cybercriminals will likely request this information but may take it further by asking to confirm your password, social security number, and more.  

 This deceptive tactic highlights the ever-evolving nature of cybercrime. Just as we’ve seen with the rise of AI-powered tools used in voice cloning scams, these hackers are becoming increasingly creative and sophisticated in their efforts to manipulate social media users. They are watching what’s happening and adapting their tactics accordingly. The stakes are high, and so is the potential damage to individuals and businesses. 

 To safeguard yourself and your business from such threats, it’s crucial to remain vigilant and informed. Here are a few practical tips to help you stay protected:  

  • Always verify the authenticity of messages received from social media platforms. Support does not contact you via message unless you request chat support, and they will never ask you to provide sensitive information through direct messages. 
  • Be cautious of unsolicited messages requesting you to click a link or fill out a form. Instead of clicking the link, visit the platform’s help center or contact support directly to inquire about the issue. 
  • Strengthen your account security by enabling two-factor authentication, regularly updating your passwords, and using unique, complex combinations of characters. 
  • Provide regular security awareness training to your employees. Share articles like this one that shed light on emerging scams and engage in ongoing education to ensure your team remains alert and prepared. 
  • Collaborate with your IT service provider to implement robust cybersecurity measures and disaster recovery protocols. Investing in comprehensive protection is essential in minimizing the risk of falling victim to these sophisticated attacks. 

Remember, prevention is critical. Don’t wait until it’s too late to take action. If you’re concerned about the security measures your IT service provider has in place, click here to request a FREE IT Security Risk Assessment. This assessment will give you a clear understanding of your current security stance and whether you’re well-equipped to handle a cyber-attack. 

Cybercriminals Are Deploying Powerful AI-Powered Tools To Hack You – Are You Prepared For What’s Coming? 

An Arizona family was recently in the news warning others about how they were the target of a ransom call in which scammers used AI (artificial intelligence) to clone their daughter’s voice to convince the parents they had kidnapped their daughter, with the apparent goal of extorting money.  

DeLynne Bock, the mother of Payton Bock and target of the con, said she feels she can easily spot a fake scam call, but this was on a whole other level. 

According to the news story, the scammers called their home, where DeLynne’s husband answered the call. A man on the other end of the line was screaming and using foul language, saying his daughter had caused an accident, hitting his car, and couldn’t find her insurance. From there, he started making threats, saying he had her tied up in the back of his truck.  

What made the call so convincing was the deep fake of her daughter’s voice on the other end of the line – pleading for help, crying. Unable to reach her daughter by phone, DeLynne called the police while her husband kept the man on the phone. “I called the police, and they’re saying, ‘This is possibly a scam situation.’ I said, ‘There is no way this is a scam. This is my daughter’s voice,’” DeLynne said. “This wasn’t just some person pretending. As a mother, you know your daughter’s voice, and this was my daughter.” 

Apparently, this wasn’t the first time this happened which is how the police were able to suggest it could be a scam. This is just the latest iteration of how hackers are using AI to produce deep fakes to extort money. AI and ChatGPT have been in the news recently for a reason – AI is an extremely powerful tool that, if put in the wrong hands, can do a lot of harm.  

It’s not a stretch to imagine the use of AI to fake a CEO’s voice, signature or writing style in an e-mail, text, call or instant messaging to trick an employee into sending money or doing things that would severely harm the organization, such as providing a login or access to the company’s network, data or critical applications. Or similarly use this same type of approach to scam clients or patients into giving up confidential information or payments.  

A report released by security experts at Home Security Heroes showed that 51% of common passwords could be cracked in less than one minute using an AI. Both the length and complexity of the passwords factored into the speed of successfully cracking the password, but even a complex password with seven characters using both uppercase and lowercase letters, numbers and symbols took just minutes to crack. 

This means it’s hypercritical for all business owners to no longer rely on strong passwords and simple antivirus to protect their organization.  

Today, all businesses should have some type of security awareness training for their employees. For example, simply sharing this article and others we publish like them with them can go a long way toward making sure they’re always on high alert for scams; but sharing the occasional article is not enough. You should have some type of ongoing reminders and formal training so that it’s always top of mind. Employees AREN’T “too smart” to fall for these scams. If someone can trick a mother into believing her daughter has been kidnapped by duping her daughter’s voice, they can trick an employee into clicking on a link, giving them access or transferring funds – and it’s happening right now to a lot of businesses. 

Second, you need to work with your IT company to ensure they have implemented robust cyber security tools and protections, as well as disaster recovery protocols so if you are ransomed, you can be sure to recover your data. This is not an area to be cheap about. Most people stubbornly believe it won’t happen to them, or that it will be a minor inconvenience, not the costly, business-crippling and devastating disaster that a cyber or ransomware attack can have. An ounce of prevention goes a long, long way toward minimizing your risk.   

If you want to make sure your IT services provider is protecting you properly, click here to request a FREE IT Security Risk Assessment. This assessment is not time-consuming, invasive or difficult to do, but will give you the unvarnished truth about your current security and whether or not you will be properly and brilliantly prepared for a cyber-attack. 

Facebook Owes You Money!

How To Apply For Your Share Of Facebook’s Recent $725 Million Privacy Lawsuit 

Here’s a shocker: Facebook is being forced to pay a whopping $725 million in a settlement following a number of lawsuits claiming they violated users’ privacy. This is in addition to another class action lawsuit for $650 million for storing and collecting the biometric data of nearly 1.3 million Illinois residents without their knowledge or consent.  

The lawsuits allege that Facebook shared data from users and their friends with third parties without the users’ knowledge or consent and then failed to monitor or direct how these third parties accessed the data or what they did with it. 

The plaintiffs’ lawyers estimate about 250 to 280 million people may be eligible for payments as part of this suit. 

The money being paid to each person depends on how long they’ve had a Facebook account and how many people actually file claims. Users will get “points” for every month they’ve had an account between May 24, 2007, and December 22, 2022. The money will be split (after lawyers’ fees are paid, of course) based on those numbers, so don’t expect a financial windfall that will allow you to move to Beverly Hills. The only people getting rich here are the lawyers. 

If you had a Facebook account during the dates above, you’re automatically part of the settlement, but you must submit a claim by August 25 of this year using this website. If you do nothing, you won’t get paid and you’ll give up the right to sue or be part of another lawsuit against Facebook related to these claims. 

However, if you’re feeling ambitious (and have deep pockets to pay the legal fees), you can choose to opt out of this lawsuit and attempt to sue Facebook separately, under your own initiative.  

We should all be happy that big tech companies accessing, selling and sharing our data without our knowledge or consent are being held accountable; but it’s not enough to depend on lawyers or our government to protect our identity and personal information. Companies like Meta make far too much money from our data to turn away from selling it and using it. For example, Meta made over $116 billion last year from a FREE app. That money is coming from selling access and data. This lawsuit, while sizeable, only represents just 0.62% of the company’s total revenue – a rounding error. 

The entire dark web and the rise of hacking demonstrate how much money there is to be made from gaining access to personally identifiable information, so you need to be careful you don’t end up a victim of your data being stolen, shared and sold.  

One of the ways to prevent your information from being shared is by going into the privacy settings on Facebook and finding “Your Facebook information.” From there, click “Off-Facebook activity” and “Recent activity” to clear your history. 

You can also click “Manage future activity” and choose “Disconnect future activity” to disable this feature. Of course, if you like the ads you get from Facebook this will (should?) make all of that go away.  

Another suggestion is to check the privacy settings on your phone to ensure apps installed aren’t getting free access to your camera and microphone unless specifically given permission by you to perform those functions. Many apps will install with that access feature turned on and require you to opt out.  

Of course, as a business owner, YOU have to also think about how you are storing and using your clients’ data. As this lawsuit proves, the government is taking data privacy and protection seriously, which is why you’re seeing more regulatory compliance for data security and privacy hitting all industry sectors. 

If you want to make sure you’re not accidentally exposing your clients’ data and violating data protection laws, schedule a quick call with us to discuss your concerns and see if there are ways we can help you avoid exposing your clients’ and employees’ data by accident.  

Microsoft Teams Productivity Tips Every Small to Medium Sized Business Needs To Know

Every business needs the right tools to get the job done and to keep your team on track. But juggling multiple apps and software can be a nightmare when trying to keep information streamlined and easily accessible. That’s where Microsoft Teams for small businesses comes into play.

In this article, we’ll explore the 10 best Microsoft Teams hacks so everyone in your company has everything they need at their fingertips.

The 10 Best Microsoft Teams Hacks For Small Businesses

1) Share And Co-Edit Files

The demand for coworking capabilities has risen in recent years. And while modern working conventions have dictated the need for more collaborative software, there are real statistics to back up the benefits of co-editing.

According to a study from Deloitte, “When workers collaborate, 73% do better work, 60% are more innovative, 56% feel more satisfied, and 15% work faster.”

Microsoft Teams understands this and has continued to develop its ability to share and co-edit files. With 10 GB of cloud storage per user, it’s easier than ever to work on documents with others no matter where you are.

You can also quickly share document files by attaching them to a chat within Microsoft Teams so there’s no need for extra emails to share information.

2) Filter Messages

Along with our previous point, running an efficient business often means having messaging software that can keep up. However, it can be overwhelming when you have a sea of messages and no way to mark or find what you’re looking for.

Not anymore. With Microsoft Teams, you’re able to filter messages and find exactly what you need. This replaces the need to use an additional messaging service, such as Slack, and keeps everything within one comprehensive platform.

This eliminates the headache of switching back and forth between platforms and having to have multiple windows open all the time to get work done.

3) Host Meetings

Hosting meetings is another huge capability of Microsoft Teams. The software allows you to schedule virtual meetings with hundreds of participants at a time. That means you have everything you and your team need, no matter the size of your business.

Recent updates have also expanded the ability for co-hosting breakout rooms as well. More features mean more ways for your team to connect!

4) Live Translated Captions

2023 updates for Microsoft Teams have increased accessibility as well. For example, there’s a new setting you can toggle on and off that will allow for live translated captions to appear during meetings.

The system will save your settings for every meeting, or you can simply toggle it off when you no longer need it. The choice is ultimately yours.

You can also get the meeting transcripts when done to quickly review just the one part you were looking for!

5) Chat Features

One of the best features of the Microsoft Teams experience is the chat. With unlimited chats and the ability to filter through them, as we mentioned earlier, your team can have important conversations while also getting work done in the same place.

New this year, the platform now allows you to delete chats on your end while leaving them open on the other person’s when you no longer need the information. In addition, you can easily add people to existing conversations, and AI technology can suggest who you might want to talk to next.

These features make it easier than ever to collaborate with others and keep everyone on the same page.

6) Picture-In-Picture Functionality

Not every meeting needs your full attention. Teams has picture-in-picture functionality that allows you to have a meeting playing while you are doing other things.

That means you don’t have to put down other work while you’re on less important calls and can multitask.

7) Do Not Disturb

In addition to picture-in-picture display options, there are other ways you can value your time with Microsoft Teams settings.

This platform allows you to toggle on “do not disturb” when you need to step away from your desk, are taking a vacation, or going home/logging off at the end of the day.

There are plenty of things that can wait until tomorrow, and you deserve to set healthy boundaries when it comes to getting work done and taking time for yourself and your family.

8) Data Encryption

When you’re using an all-in-one comprehensive platform, a lot of information is exchanged. Between attaching important documents to chat threads to day-to-day communications, you need to know that all your information and your clients’ information is safe.

Microsoft Teams has you covered. With data encryption, you don’t have to worry about private information leaking on the internet. That means peace of mind for you and everything you work with.

9) Multi-Question Polls

The last feature we’ll mention that’s new in 2023 is the ability to have multi-question polls within a meeting. This gives you more flexibility to ask the questions you need and gives you an easy place to collect that data.

It’s never been easier to run a meeting and gather information.

10) Save MONEY (Thousands a month!)

Most businesses already have Microsoft Teams included in their current software package and can save a lot of money by eliminating redundant services.

Paying for dozens (or hundreds) of employee licenses for Slack, Zoom, Monday, Basecamp and more may be a thing of the past using the features already included in Microsoft Teams.

Many companies we look at are needlessly spending tens of thousands or more on these other services and that money goes straight to the bottom line.

Microsoft Teams For The Win

 

Whether you’re looking for a solution to messaging, collaborative working, video calls, document sharing or accessibility features within your organization, Microsoft Teams can help your small business accomplish exactly what you need.

With these 10 features — and many more — you will be better equipped to work together as a team and won’t have to waste time cobbling together multiple apps along the way.

Compushooter specializes in working with small businesses to make them more productive and profitable, while keeping their data and business protected. To see what we can do for you, click here or go to: https://www.compushooter.com/discoverycall/  to schedule a quick discovery call.