What to know about the LastPass data breach and 4 password managers you can use instead

LastPass is a well-known and widely used password manager. It offers a range of features, including password storage, automatic password filling, and the ability to share passwords with others. It also includes a password generator to help you create strong, unique passwords. On June 15, 2021, LastPass announced that it had discovered and promptly fixed a security breach that had occurred on their network. According to the company, the breach was limited to a single, isolated server and the attackers did not gain access to any sensitive data.

While the full details of the breach are still not publicly known, it is believed that the attackers may have gained access to some user email addresses, password reminders, and authentication hashes. LastPass has stated that no passwords, credit card information, or personal identification documents were accessed during the breach.

In response to the breach, LastPass has implemented additional security measures to further protect user data and is working with law enforcement to investigate the incident. The company has also reset the master passwords for all affected accounts and is urging users to change their passwords as a precautionary measure.

It is always important to use strong, unique passwords for all of your online accounts and to use a password manager to help keep track of them. While no system is completely foolproof, using a password manager can help to reduce the risk of your password being compromised. If you are a LastPass user and have not yet changed your password, it is recommended that you do so as soon as possible.

In the wake of the LastPass security breach, it is also a good reminder to regularly review and update your online security practices. This includes using two-factor authentication whenever possible, avoiding reusing passwords across multiple accounts, and being cautious of phishing attacks and other types of online scams. By taking these simple steps, you can help to protect yourself and your personal information online.

If you are looking to switch from LastPass, or perhaps you don’t yet have a password manager and would like to consider other options, there are many password managers available, and the best one for you will depend on your specific needs and preferences. All password managers listed below include at least password storage, automatic password filling, and a password generator. It is available on a variety of platforms, including Windows, Mac, Linux, iOS, and Android. Some popular password manager options include:

 

  1. Password

In addition to storing and generating passwords, 1Password also has other features to help keep your online accounts secure. For example, it can alert you if any of your stored passwords have been leaked in a data breach, and it can also help you securely share passwords with other people.

1Password is available as a desktop app, a mobile app, and as a browser extension, and it can be used on multiple devices and platforms. You can use 1Password for free, or you can upgrade to a paid subscription to access additional features and support.

 

  1. Dashlane

One of the key features of Dashlane is its security dashboard, which helps users to identify and improve their online security practices. It includes a password strength checker, alerts for compromised passwords, and the ability to identify and change weak passwords.

In addition to its core password management features, Dashlane also offers a number of additional features, such as the ability to store sensitive documents and credit card information, and support for two-factor authentication.

Dashlane is available in both a free version and a premium version with additional features. The free version includes password storage, automatic password filling, and a password generator, while the premium version includes additional features such as unlimited password storage and priority support.

 

  1. KeePass

KeePass is a free, open-source password manager with a  strong focus on security. It uses advanced encryption techniques to protect user data, and the source code is publicly available, allowing it to be reviewed by anyone. It also includes a variety of security-enhancing features, such as the ability to use a key file in addition to a master password for added protection.

In addition to its core password management features, KeePass also offers a number of additional features, such as the ability to store sensitive documents and credit card information, and support for multiple languages.

 

  1. Bitwarden

Bitwarden offers both a free version and a premium version with additional features. The free version includes password storage, automatic password filling, and a password generator, while the premium version includes additional features such as 1GB of secure file storage and priority support. It also includes two-factor authentication and the ability to store sensitive documents and credit card information.

One of the key features of Bitwarden is that it is open source, which means that the source code is publicly available and can be reviewed by anyone. This can be a positive for those who are concerned about the security and privacy of their password manager.

 

When choosing a password manager, it is important to consider factors such as the level of security offered, the range of features, and the cost. It is also a good idea to read reviews and do your own research to find the best option for your needs.

If the thought of managing all this information for your business makes your head spin, the experts at amshot have got you covered. To set up your free consultation, contact amshot at consult@amshot.com.

password

Image by Freepik

You could be a victim of cryptojacking and not even know it

This invisible cybercrime is on the rise in 2022

 

Cryptojacking is a form of cyberattack in which a criminal deposits software onto your phone, tablet, or computer to “mine” for cryptocurrency like Bitcoin. The software works invisibly in the background to generate cryptocurrency—essentially a form of digital money—that the attacker makes a profit from. For the victim, the act of mining the cryptocurrency is an intensive operation that requires a ton of processing power and uses up your device’s resources.

 

The end results? Your systems begin to work slower and slower, and it’s usually not even apparent why.

 

Why is cryptojacking a thing?

 

The value of cryptocurrencies has grown exponentially in recent years. The most famous of which, Bitcoin, was worth about $1,000 per coin in 2017. Today it’s worth $20,000 and has had surges up over $65,000. Additionally, other currencies such as Ethereum and Monero have generally tracked Bitcoin’s growth and relatively increased in value.

 

The problem comes from how most cryptocurrencies are created. On top of being tradeable (which is the average person’s interaction with crypto), many popular cryptocurrencies can be created by anyone in a process called mining. In short, mining is an immensely resource-intensive operation that requires tons of computer processing power to be profitable. Miners face costs from buying computers and hardware to the electricity required to power the entire operation.

 

But what if you didn’t need to pay for the computers or the electricity? That’s where cryptojacking comes in. The attackers simply use other people’s computers and their electricity to generate cryptocurrency that is sent back to the cybercriminal. Each individual laptop, phone, or tablet they control doesn’t individually contribute much mining power, but because they spread their malware to thousands or millions of computers, it adds up. It’s basically free money.

 

Should I be worried about cryptojacking?

 

The threat of cryptojacking to people and businesses is simple to understand. First of all, if you become affected by one of these attacks, your devices will suffer from poor performance. Second, you likely won’t realize what the problem is, as there are tons of issues that can slow down your computer.

 

For anyone, a laggy device is frustrating on its own. For a business, poor performance can hurt the bottom line, too. It goes without saying that slow devices hurt the efficiency of any workforce.

 

And unfortunately, businesses appear to be the primary target of cryptojacking attacks. A report from cybersecurity firm SonicWall found a 269% increase in these attacks on the financial sector compared to 2021, and a 30% in cryptojacking attacks overall. “It has a lower potential of being detected by the victim; unsuspecting users across the world see their devices get unaccountably slower, but it’s hard to tie it to criminal activity, much less point to the source,” said Terry Greer-King, SonicWall vice president for EMEA in an interview with TechMonitor.

 

How can I protect myself from cryptojacking?

 

We’ve written extensively on this blog about the cybersecurity strategies individuals and businesses can engage in to protect their data. However, no amount of best practices can ever leave you truly protected. The most important tool in your arsenal is having the expertise of professional IT watching your back.

Reach out to the pros at amshot today for a free consultation to find out how they can protect your business from costly intrusions.

data breach

How to know if your email or phone number has been hacked (and what to do about it)

A website you use has suffered a data breach. Now what?

How safe are your online accounts? In July, Twitter experienced a data breach that affected more than 5 million users.1 A recent U-Haul hack exposed customers’ driver’s licenses.2 Marriot will continue to go on into the foreseeable future.

With how often these large-scale data breaches happen, you might be wondering if your personal or sensitive information has ever been compromised—or even worse, your business. Luckily, there are a few easy-to-use tools that can help you determine if any of your accounts have ever been involved in a data breach, but first, let’s dive into what’s at stake.

Why are data breaches a big deal in the first place?

If a data breach involves credit card or social security numbers, the potential impact of identity theft can be devastating and immediate. However, not all cyber attacks rise to that level of catastrophic impact, so it might be natural to wonder why it matters if Facebook or whoever accidentally leaks your account details. Worst-case scenario, you get locked out of social media and have to reset your password, right? Wrong.

Because the vast majority of people reuse passwords and don’t enable two-factor authentication, any hack can mean dire consequences for the average person. If one of your logins is compromised due to a data breach on one site, reusing passwords can allow attackers to get into your accounts on other sites as well. That means any site that has financial information or is tied to a credit card or bank account is then at risk. For example, if you use the same login credentials across multiple sites, having your TacoBell.com account hacked could result in a cybercriminal wiring money from your bank account or buying things for themselves on PayPal.

One of the worst-case scenarios with reusing passwords is an attacker gaining access to your primary email account. That’s because password reset emails are generally sent to your inbox. Therefore, if someone gets access to your primary email account, they can change your password on any site they want.

To summarize the risk, a data breach could lead to identity theft or online accounts becoming compromised. To minimize the headache, it’s better to know sooner, rather than later, if one of the websites you use has been part of a data breach.

How to find out if you have been involved in a data breach

Luckily, there are a few online tools that can quickly tell you if your email address or phone number have been involved in a data breach. These sites will then provide you with more information about the breach and even provide guidance about next steps. In the interest of not playing favorites, here are 3 popular sites that will get the job done (and are essentially identical).

1. haveibeenpwned?
2. FireFox Monitor
3. Google Password Checkup (only if you use Google/Chrome’s password manager)

My email address has been involved in a data breach, what do I do? First, don’t panic! Or maybe choose the appropriate level of panic. Either way, immediately change your password on the affected site, as well as any other site that shares the same login credentials.

A best practice for this would be to generate a secure password using a password manager, and continue using the password manager here on out if you’re not already. Chrome and FireFox have built-in solutions. If you want something that works beyond the web browser, there are password managers from established names such as LastPass, Nord, and Bitwarden.
These utilities can take the headache out of remembering passwords, while ensuring each password you do use is secure.

Second, enable 2-factor authentication everywhere you can. Any financial entity like a bank or payment app is almost guaranteed to have this feature. Your primary email accounts are also just as important to secure, and the biggest names you know and likely use also support 2-factor authentication. It doesn’t hurt to check on your other accounts, too, the next time you login. Every website will be a tiny bit different in enabling two-factor authentication, but they always have simple instructions you can follow.

Running a business? You might need a little more protection than a password manager and two-factor authentication. That’s where amshot comes in. Schedule a free consultation today to see how amshot’s managed IT solutions can help prevent your business from being the target of a cyberattack.

References

1. Twitter data breach affects 5.4 million users
(https://www.malwarebytes.com/blog/news/2022/08/twitter-confirmed-july-2022-data-bre
ach-affecting-5.4m-users)
2. U-Haul discloses data breach exposing customer driver licenses
(https://www.bleepingcomputer.com/news/security/u-haul-discloses-data-breach-exposin
g-customer-driver-licenses/)
3. Marriott data breach exposes PII, credit cards
(https://www.darkreading.com/attacks-breaches/marriott-data-breach-pii-credit-cards)

data breach

4 signs it’s time for your business to hire an IT company ASAP

Every business will eventually need IT support. Here’s how to know when the time is right for your business. 

All businesses rely on technology. As businesses grow, so too does the complexity of their IT requirements. At some point, it becomes too much to securely and efficiently manage without the help of a professional. 

Not properly managing the technological aspect of your business could cost you potential growth and customers due to inefficiency, data loss, or security breaches. Here are 5 signs it’s time for your business to offload the headache of tech support onto the specialists:

 

  • You have mission-critical data and no backup plan

What would happen to your business if you suddenly lost all your data? How long until you could be back on your feet? Would the business even survive? Hard drives fail; employees download ransomware; even a flood could wash away your laptop with all of your important financial spreadsheets.

This is definitely one of those “if you fail to plan, you plan to fail” situations. Professional IT services teams can put in place a disaster recovery plan so your business could bounce back from data loss in a matter of minutes.

 

  • You’ve already experienced a security breach

If the thieves know you leave the door unlocked, you’re an easy target and they’re going to return. A survey by Nationwide found that half of small businesses have experienced at least one form of harmful cyber activity, because cybercriminals know that small businesses don’t typically have the same resources to fight them off as large corporations. Another report from CNBC found that small businesses take 146 days to detect a security breach on average. 

So, there’s a 50-50 shot you’ll fall victim to a cyberattack, and you won’t even know they made off with your financial information for six months. Working with an IT services company will dramatically shift those odds in your favor. 

 

  • Your growing team has productivity issues

As businesses scale up and increase their number of employees, they need new tools and tech solutions to maintain productivity. Two-hundred people can’t share ideas as easily as two people—suddenly you need a communication tool like Microsoft Teams or Slack. A giant sales and project management team will struggle to share leads and execute projects without something like Salesforce or Adobe Workfront.

A tiny startup can get by with Excel spreadsheets, texting, and elbow grease. After a certain threshold of employees, systems and architecture need to be put into place by an IT team. 

Plus, firms can get stuck with old, outdated hardware that quietly kills their productivity. Without an expert to guide the IT procurement process, the average person is in over their head when trying to outfit their company with a suite of new devices (which could include computers, tablets, servers, mobile devices, and a host of other technology products). You can’t just walk into Best Buy and put 50 Dell laptops on your credit card and call it a day. 

Matching the right technology to the business for maximum efficiency while being cost effective is part of what IT company’s do best. Not to mention, they will be able to then setup, roll out, maintain, and upgrade those systems while training employees whenever necessary. 

 

  • You have a random employee handling technical support

Raise your hand if you’ve seen an admin moonlight as tech support for the C-suite. Or maybe it was “that one guy who’s really good with computers and stuff.” Well that one guy and that admin both have their own roles that take a hit when they’re asked to take on extra duties. Plus, it’s highly likely they are going outside of their wheelhouse and lack the technical expertise to truly do the job right. You wouldn’t ask your accountant to rewire the electricity in your building, would you?

Ok, you can put your hand down now. The fact that you have a go-to person means there’s a need. If there’s a need, it’s worth doing it properly with managed IT services from a provider like amshot.

Schedule a free consultation today to see how amshot can save your business from a data disaster—or just give a break to the employee who never asked to be “the tech guy.”

amshot managed it services

95% of workers say IT problems hurt productivity and morale

Your business is a well-oiled machine. Unfortunately, IT issues can throw a wrench in the gears.

frustration IT

A recent study found that 95% of workers face disruptive IT issues that hurt productivity and decrease morale. If you’ve ever worked from home, you probably found yourself asking, “Who are the other 5%? Have they ever even tried working remotely?” More than half of survey respondents said they have to contend with software-related IT disruptions daily or multiple times per week.

On top of that, 75% of workers now expect their technology troubles to be fixed preemptively, before they are even aware a problem has occurred. And perhaps most tellingly, 81% of respondents said businesses that don’t make their employees’ “digital experience” a top-level priority will soon fall behind competitors.

The takeaway here is that employees everywhere are having trouble with IT, they expect it to be handled better in today’s work-from-home revolution, and companies that do take care of it well will leave their competition behind.

The hybrid work-from-home model is here to stay

The COVID-19 pandemic forced everyone’s hand in establishing a remote or hybrid solution just to stay afloat. And now, 77% of those surveyed said they expect remote and hybrid models going forward.

Throw in the fact that younger generations are only becoming more digitally connected in their daily lives and it’s clear that there’s no going back. Workplace norms have shifted and will only continue to evolve in the future. With the “Great Resignation” and ongoing staffing shortages in many industries, businesses that invest in a flexible remote option that meets the expectations of modern workers will stand to benefit.

IT staff is overworked

The statistics mentioned so far demonstrate that the vast majority of us are struggling with technology. To make matters worse, IT professionals are struggling to keep up. 98% of IT teams said that improving the situation has been held back due to being overburdened and having to deal with outdated technology, all while trying to keep up with the rapid changes in the workplace.

In this transitional period of shifting norms and expectations, getting the technology right is more important than ever for your business. Simply put, now’s not the time to under-invest in IT.

Next steps

The employer-employee relationship is entering a new normal. Workers rely on technology more than ever, and they need support for an increasing amount of remote work. Since employees are relying on technology to such a degree, any disruptions to the business’ technology directly impact productivity and the bottom line.

Now is the time to invest in rock solid IT services. Contact amshot today to set up a consultation and learn how you can ensure your technology isn’t hampering your employees.

How to stay safe on public Wi-Fi

Is public Wi-Fi unsafe? 

The short answer is: not necessarily, but you are vulnerable. Many people are unaware of the risks of connecting to a public Wi-Fi network. Imagine walking home alone late at night. The city streets are not necessarily dangerous, but you’re a lot more secure in your house, behind a locked door. When using public Wi-Fi, like walking home alone late at night, you want to take precautions and be on guard.  

 

How is public Wi-Fi dangerous?

Open Wi-Fi means anyone can connect, including an attacker. On top of that, you have no way of knowing the level of security of the network, if it has any security at all. These two factors mean a malicious actor could be lurking on the network with the intent and ability to steal your data and personal info—banking logins, credit card and social security numbers, and private files. What a hacker can steal is only limited by what sites you access and what info may be located on your computer itself. 

The bottom line is, you just can’t know if public Wi-Fi is safe, and it’s better to protect yourself than to take a chance. Here are five tips you can take with you the next time you need to connect to any public Wi-Fi.

 

  • Use a VPN

If you’ve ever listened to a podcast, you’ve probably heard at least one ad for NordVPN or ExpressVPN. VPN stands for virtual private network, and the simple explanation is that a VPN encrypts your data and obfuscates your browsing by passing it through a third party. There are free VPN options, but it is better to entrust your data to a reputable, established service, and the vast majority are in the $3-$6 per month range. 

Other examples of respected VPNs include ProtonVPN, IPVanish, and Surfshark. Most of these services come with an app that you simply switch on, it does its work in the background, and you don’t even notice a difference.

 

  • Turn on “always use https” in your browser

The “S” in HTTPS stands for secure. It means your connection to a website is encrypted. When you switch on this setting, which previously required an extension but is available now in all modern browsers, your computer will always connect to the HTTPS version of a website if it is available. These days, most websites will have an HTTPS connection, especially sites with sensitive information like your bank. 

This is not a fool-proof defense and won’t stop every attack, but it does add a layer of protection and costs you nothing in terms of money or browsing speed. If a warning pops up that says something along the lines of “this site is not secure,” that means your browser couldn’t find an HTTPS connection, and you’re better off not visiting that site or at least waiting until you’re on secure Wi-Fi. You can find this setting by searching HTTPS in your browser settings. 

 

  • Don’t log into your bank or other sensitive sites

Hackers can’t take data you don’t provide. A common attack is called a “man in the middle attack.” This can take many forms, but the end result is they take advantage of poor public Wi-Fi security to serve you a fake website that looks real, such as your bank. As soon as you enter your credentials, you’ve handed them over to the attacker. 

If you absolutely must access sensitive data while away from a secure network, you’re better off using an official app on your phone while connected to cellular data. Although rare, spoofed cell networks are a possible attack vector as well, but these tend to target large gatherings and haven’t been prevalent enough to warrant being afraid to use your mobile data generally. 

 

  • Turn off automatic connections and disconnect when you’re done

Most of these tips require some active measures on your part, which you can’t do if you don’t realize or forget that you’re connected to public Wi-Fi. On Windows, make sure to choose “public Wi-Fi” when it prompts you while connecting to the network for the first time. On Mac, you can click the Wi-Fi icon, go to network preferences and uncheck “automatically join this network.”

 

  • Enable 2-factor authentication everywhere you can 

This won’t protect your private data like credit card, social security, or bank account numbers, but it will add a layer of protection for your logins. Usually, two-factor authentication requires you to enter a special code the first time you log in on a new device. The code is either texted to you or generated by an app. That way, even if an attacker had your login and password, they would have to physically take your phone and get past the lock screen to be able to get into your account.

Most banks, financial institutions, and email providers have this option. More and more websites are adding this option every day. Add two-factor authentication everywhere, but at the very least, to your email account. Password reset emails are sent to your inbox, which means if someone compromises your email, they could potentially get into any account you own. Are you still reading this? What are you waiting for? Go set it up now!

 

Don’t want to think about data security? Let us think about it for you. Give us a call at (405) 418-6282 or schedule a free consultation at amshot.com.

Photo by Franck on Unsplash

The worst cyberattacks of 2022 (so far)

As technology gets more sophisticated, so do cybercriminals, and the arms race between IT security and hackers continues to escalate. 2021 was a record-setting year for cyberattacks, with data breaches increasing by 68% over 2020. With a third of 2022 in the books, the rate of attacks doesn’t seem to be showing any signs of slowing down. While cybercriminals keep their foot on the gas pedal, the best defense against a costly intrusion is still a well-informed, well-prepared human being.

That’s why it’s vital to understand the risks and stay informed of the dangers of being defenseless against cyberattacks. Here are the worst cyberattacks of 2022 (so far) and the businesses that are learning that lesson the hard way:

January

February

March

Ignoring the threat is not an option

While the hacking of governments and multinational corporations make the headlines, small and medium-sized businesses are just as at risk for a cyberattack. In fact, 43% of attacks target small businesses and 60% of those that fall victim go out of business within 6 months.

It’s more important than ever to protect your small business against the ever-looming threat of cybercrime and data breaches. Schedule a free consultation with amshot today to learn how employee training and IT security can help save your business from facing a devastating attack. The best way to beat cybercrime is to make sure you’re never a victim of it in the first place.

always watching twitter preview pic

Aimee Eischen to be featured artist at amshot’s ExhibITion on May 12

You read that headline correctly—Do NOT contact your systems administrator! This month at amshot, we’re pulling the plug on IT education and instead giving you the download on our upcoming art gallery event, exhibITion: In the Unraveling

exhibITion is amshot’s local art gallery, engineered to give back to worthy causes while promoting Oklahoman artists and the Oklahoma City art community. This year’s exhibITion features Aimee Eischen and will be installed on May 12 from 5–8 pm at amshot headquarters located at 428 Dean A McGee Ave, Oklahoma City.

Aimee Eischen is an Oklahoma City-based abstract artist working in a variety of media, including acrylic, watercolor, graphite, charcoal, ink and oil pastels (think physical NFTs). Her vibrant and colorful paintings have been featured in galleries across the country.

exhibITion: In the Unraveling will compile a collection of Aimee’s mixed media abstract art, including her floral-style pieces. This collection will display a never-before-seen series of brightly colored abstract works filled with line and movement. Inspired by her literary background, Aimee begins the development of her paintings by writing down lyrics, poetry, or other personally significant text, which are then coded into the spirit of that particular work. 

Aimee commented:

Original art can transform a space both visually and emotionally with the energy it radiates. It can be calming, meditative, and uplifting. Art can inspire new ideas and relieve stress. Beautiful works of art in your space speak to your soul and connect you to the people around you.

exhibITion: In the Unraveling will benefit Halo Project, an Oklahoma City nonprofit organization that supports foster and adoptive families and works to meet the needs of vulnerable children in the community. Halo Project will receive the proceeds from all ticket sales and 15% of art sales.

To learn more about Aimee Eischen, check out her cloud-based website, instagram, and Facebook

Why Cybersecurity Training for Employees Matters

Cyber attacks are a growing and ever-present threat to businesses. While giant corporations are an obvious target and attacks on them make splashy headlines, 43% of all data breaches involve small- and medium-sized business. Cybercrime is thriving in 2022 and every business is a potential target.

That’s why cybersecurity should be a vital topic of concern for all business owners and decision makers. And of all the considerations regarding protecting a business from cyber attacks—technology, services, infrastructure—the most important link in the chain is often overlooked: people. They also just so happen to be the weakest link in the chain. 

Cybersecurity training for employees matters because the most successful cyber attacks usually aren’t a result of “attacks” per se, but rather a form of social engineering. Nearly 90% of data breaches are caused by human error, usually via a form of phishing or some other method that tricks an employee into handing over sensitive data or credentials. There will never be a software or service that can reduce human error other than training and education. 

Training employees to be vigilant and utilize best practices can be the best line of defense against intrusions that caused at least 8 hours of downtime for 40% of small and medium-sized businesses that fell victim to a cyber attack. With phishing and other social engineering attacks becoming both more commonplace and more sophisticated, it is critical to provide employees with the tools they need to defend themselves (and your business). 

 

How does cybersecurity training for employees work?

Cybersecurity training will teach employees to be aware of threats and vulnerabilities to the business, as well as their responsibilities when using company email and computers. Ideally, new hires would receive this training as part of their onboarding, and all employees would get periodic refresher courses.

Employees will learn such topics as how to safely and responsibly handle company data, manage passwords, send and receive files, use company software, recognize email threats, browse the web, use mobile devices, and safeguard computers and other equipment. These are a few of the most common vectors that cyber criminals take advantage of.

 

How do I get cybersecurity training for my employees?

While there are many resources available on the topic, the best cybersecurity training still comes from the professionals. When 83% of businesses are not financially prepared to recover from a cyber attack, the stakes are high enough to entrust training to the people who do it every day.

Schedule a free consultation with amshot today and learn more about how cybersecurity training for employees can help your business.

data breach

4 Reasons Why Microsoft Teams Can Instantly Make Your Business Run Better

Borne from the ashes of Skype for Business, Microsoft Teams is an all-in-one communications platform that provides chat, videoconferencing, file storage, and more. It’s built around the central idea that a workforce should have everything it needs “all in one place,” and with 250 million active users, many businesses big and small seem to agree.

Microsoft Teams takes an integrated approach, designed to save time, be more efficient, and generally alleviate the headaches of handling day-to-day minutiae in the office. Rather than using email and various apps, Teams provides a streamlined approach to some of the most common tasks everyone engages in every day. Here’s how:

1) Microsoft Teams solves everything you hate about calls and video conferences.

Scheduling a team meeting the old-fashioned way? It probably goes something like this: Start with way too many back and forth emails to find a common opening in everyone’s schedule and finally send out a Zoom link. On the day of the meeting, inevitably one person will be frantically digging through their emails for that Zoom invite. Then, the presenter shares a file that was too big for email via DropBox. A third person can’t open the file because they only use Google Drive. The meeting takes far too long and everyone laments the poor use of time.

Now, take Teams. When scheduling the meeting, Teams shows the organizer a meeting planner that automatically finds and suggests open times for all parties. On the day of the meeting, a “join” button magically appears on everyone’s agenda and calendar that can instantly bring each person to the call. Files can be shared and opened directly in the meeting chat. Everyone wins because less time was wasted just trying to make things work and get people on the same page.

As the meat and potatoes feature of Teams, this list could honestly end at 1 and still be enough of a reason to get many businesses on board.

2) Find everything – from that old file you suddenly need again, to a conversation you had 6 months ago

Microsoft Teams is like having Google search for everything at work.
Looking for a client presentation someone shared in a meeting 6 months ago? Search it. What about that conversation with a key piece of client information? Search it. The time when James shared his pizza dough recipe? You guessed it, search. You can even find out who James is, if he works in another office for example, see what he looks like, and learn that he prefers to go by Jim.

With Teams, you can search for messages, files, and people, all in one search bar. That means less time spent organizing and less need to take and keep notes. Everything you need is just a search away.

3) We live in the year 2022. Stop spamming each others’ inboxes and chat already!

Email is supremely useful and important, but what it fails at is the “quick chat.” Too many quick questions and reply alls and suddenly you’ve got a clogged inbox that takes time and effort to sort through. Chat is just a more natural and streamlined channel for sending a file or having…well…a chat.

Consider the explosion of remote work due to the pandemic (as well as the general trend in that direction). A remote worker cannot simply swing by an office for a 30 second update. With 1-to-1 and group chat in Microsoft Teams, it’s so much easier to have that super fast, less-formal line of communication for matters that suit it, such as conversations that necessitate a rapid “back and forth.” It provides a social function for remote workers, as well. Imagine the only way to communicate with coworkers being email. It would be rather isolating, wouldn’t it? Chat can be a pseudo replacement for many of the quick conversations that typically happen in an office.

4) If you’re already paying for Office365, it’s included (and there’s a free version if you aren’t).

When doing a cost-benefit analysis, it’s hard to argue against literally 0 dollars. The only challenge can be getting started. That’s why amshot Managed IT Services handles all aspects of Microsoft Teams integration, so you don’t have to take focus away from what you do best.

Ready to get started? Schedule a free consultation with the amshot team.

What you need to know about SMiShing to protect your business

Hackers are using text messages to steal credentials and other personal information.

 

SMiShing is a new vector for attack that targets the victim’s cell phone through SMS messages. For the unfamiliar, SMS is the system used to send simple text, picture, and video messages. Phishing is a term used to describe fake emails that trick people into entering credentials like bank account info or a login password. However attackers are increasingly using the same tactics as phishing, but via text message instead of email.

The resulting combination is SMiShing: a strangely capitalized, slightly difficult to pronounce term that The Guardian calls a “rising threat for business owners.” How much of a threat is it? The FBI says it cost Americans $54 million in 2020 alone, with instances sharply increasing year-over-year. Most likely, these attacks are successful (and therefore increasing rapidly) because of the lack of awareness of their existence, leaving victims unprepared to defend against them. Businesses and Managed IT Services like amshot have been implementing training and helping employees guard against “typical” phishing for years now, and the average person is likely familiar with the term and has some basic knowledge of email safety. However, very few realize that the same tactics can be used against them on their own personal cell phone. 

At a broad level, SMiShing texts attack using the same principles as phishing emails. Their primary goal is to have the victim enter sensitive data (or download malware) by pretending to be a trustworthy source. For example, the text may claim to be from your bank, asking you to login to confirm a transaction. It could look like it comes from your HR department giving you access to training sessions, sending you to a fake webpage that requests your work credentials. 

Generally, SMiShing attempts, like phishing, will try to create a sense of urgency. An example might be: “Click here to login in the next 12 hours to confirm your expense report or you will lose access to financial reporting.” The goal is to get the victim to act without thinking about the legitimacy of the request.

The attacker has masked their true identity, created a fake webpage that probably looks identical to the real one, and then sets a ticking clock to spur action. If you enter those credentials into the fake website, the attack now has them and it can wreak untold havoc. 

Of course, the SMS may even directly just ask for credentials or sensitive information. With so much done on our phones these days, an unprepared victim may simply give the information right to the attacker without thinking. It’s important to always remember institutions like banks (and pretty much everyone) will never ask for this information via text message. 

For the more sophisticated attacks that more closely resemble phishing, the key to increasing defense is simply more awareness. The same smart practices that protect against phishing will help with SMiShing if people are aware they can be attacked this way and trained to make the right choices. At the end of the day, SMiShing is a time-tested tactic wrapped in a new package, targeting people as the weakest link in the IT security chain. That’s why it is so crucial to keep employees up to date with IT security training from Managed IT Services companies like amshot.

Looking for more protection? We can help. Set up a free consultation with an amshot pro.