Ways to secure IoT devices in your workplace

The volume of IoT devices is booming, Statista forecasts that there will be almost 31 billion devices connected to the internet by 2020. So what is IoT and why does it matter? In the workplace, connected devices are becoming critical to various industries including healthcare, manufacturing, agriculture, and energy.

Connected devices rank very poor in regard to security. Lack of available updates, encryption, and negligence, creates vulnerability in a business network due to IoT devices.  “Unknown unknowns,” are devices that IT security teams aren’t even aware of that could potentially lead to network exposer.

So what steps can an IT department take to lessen IoT vulnerabilities?

You don’t have to connect everything

Odds are your workplace has multiple devices that have the availability to be connected. When it comes to the latest kitchen appliances (fridges, watercoolers, etc.), not everything needs to be connected. In fact, a majority of these types of devices don’t have standard update protocols. Leaving most connectable appliances vulnerable to attack.

Developing a companywide standard for wearables and other IoT devices may help business network security. Employees with personal IoT devices should be wary about what they are connecting to and must adhere to set security standards. In an ideal scenario, employees wouldn’t connect personal devices to the business network, however this is sometimes impossible.

Separate networks are key

Thankfully most WiFi access solutions have what is called a guest network. It is important to keep this network separate from your business network that which includes shared data files and workplace computers. A guest network could be used as a barrier to entry from unauthorized users and breaches from unmonitored IoT devices.

In an ideal environment, IT security teams would create an entire network for IoT devices alone. Separating IoT devices that have questionable security will prevent access of your data and devices that are connected to the business network.

Monitor devices and assess your network

Workplaces need to ensure they are tracking everything that connects to their network and monitor traffic flow. Every device that enters or will enter the network must be assessed to determine the level of access it should have. An example is an employee’s wearable, ideally it would not be connected, but if it is, the access level is minimal.

All devices that enter the network must be monitored to ensure they are fully patched and up to date when updates are available. Any unknowns should flag an alert to the IT security team. Security teams should take the time to actively look for unknown devices on their network. IoT devices are only increasing, it is crucial for businesses to secure their networks from unmonitored devices and vulnerable IoT devices.

To learn more about creating a secure business network, contact CompuOne.

Why Your Business Should Partner With a Local Managed IT Service Provider

Managed IT services allows companies to outsource their IT support in order to improve operations and cut costs. Organizations may use a provider to take a proactive approach on their information technology and create predictability within their technology infrastructure.

Why should organizations outsource IT to a managed service company?

Thoughtful IT planning

Working with a managed IT provider allows businesses to build long lasting relationships with a partner that will take the time to get to know the company. In most cases, experts will sit down with stakeholders and learn of company goals and plans for the future.

Thoughtful planning allows a MSP to build an IT environment that allows a business to operate at maximum efficiency. Local providers hold accountability and want technology to be a tool for client productivity and company growth.

Increased communication

Facing unexpected downtime is frustrating, when working with a nationwide or global IT company it could feel like jumping through hoops to connect with the right person to resolve an issue. Choosing local increases client and provider communication, allowing for fast resolution to any IT issue.

Local providers are actively uptime monitoring, meaning they monitor IT networks and websites. If an issue does arise, a team of experts will be notified early on and will resolve the issue accordingly.  Since local providers are in your area, they are available to be dispatched to your business in a timely manner.

Cost efficiency

Managed services is a cost effective option for businesses for various reasons.

  • Infrastructure expense is reduced: Overall infrastructure expense is reduced with a local provider. MSP’s extend the life of current infrastructure by investing in future of businesses. With active IT planning, costs are predictable and system failures resulting in huge IT costs are less likely. Unlike nation-wide providers, your local partner is not backed by certain suppliers. We are able to research the best products and pricing to provide clients without the push of selling specific products from select suppliers.
  • Productivity is increased: With less time spent worrying about technology, there is more time for business productivity. Planned installations and active monitoring from a local IT service provider allows businesses the ability to focus on growth without the worry of technology interference.

Key takeaway

Outsourcing business level IT to a local provider is a great option for organizations who are in need of a well thought out plan for technology to grow with their business. For more information on managed services, please contact us today.  

IoT 101: What is IoT?

IoT otherwise known as the internet of things – a broad name for a broad concept. Internet of things is a broad concept because “things” could literally mean anything. The internet of things provides connectivity to objects that would otherwise be known as “dumb.” All that is required to make an object “smart” is an IP address, a processor, and a wireless network.

Example of IoT devices:

Connectivity is powering the smart city, smart business, and the smart home phenomenon, creating a connected life. Some example of inter-connected devices can smaller such as a toothbrush or a lightbulb. Connected devices can also as big as an autonomous vehicle or an engine on an airplane.

Internet of things is growing, with no signs of it stopping. In fact, HP estimated that there were about 9.0 billion IoT devices used in 2013. They also predicted that number will jump to 1 trillion by 2025. These devices are working to bridge the gap between the digital and physical world, increasing productivity and quality of life.

IoT in various industries:

Truthfully, the internet of things is beneficial to businesses in in countless ways. Devices can be used in different ways for different industries. Here are some examples:

  • Manufacturing
    • Machine to machine communication is derived from embedded sensor systems, allowing organizations in manufacturing to run without having to be actively monitored.
  • Transportation and Logistics
    • Data accuracy increases with mobile scanners, RFID systems, etc. enterprises gain visibility of assets and operations are better streamlined.
  • Healthcare
    • Having connected devices is evolving patient care, being used to monitor medical assets, and maintains life-saving equipment.
  • Energy
    • Utility companies use IoT to gather necessary data for energy cost prediction, pinpoint outages, and schedule repairs as needed.

The biggest issue with IoT:

The main issue with device connectivity is that security is an afterthought. Sometimes, IoT devices are being sold to individuals and businesses completely unencrypted. Also, connected devices operating systems and software will eventually become outdated with no ability to update.

As the world of IoT continues to grow, the number of devices behind the same firewall (if any) also grows. Connected devices allow for an increased chance of getting hacked due to the vulnerabilities of outdated software. It is important to ensure your business is taking the proper security measures for all connected devices.

For more information on IoT security, contact us today.

Microsoft 365 vs. Office 365: What You Need to Know

As a business it is important to know the difference between Microsoft 365 and Office 365, while most people use the terms interchangeably they actually are different. Both are extremely helpful to businesses of any size including enterprise level, and it is helpful to know the difference when determining what solution is best for your business.

What is Office 365?

Office 365 is known and loved for subscription based productivity applications. Depending on what Office 365 subscription your business decides to run with, various applications are available:

  • Outlook
  • Word, Excel, PowerPoint, OneNote
  • Exchange
  • OneDrive
  • SharePoint
  • Skype for Business
  • Microsoft Teams

These applications are used to increase overall business productivity. Office 365 is a cloud based suite of applications, they are accessible from virtually anywhere. There are three subscription plans for businesses: Office 365 Business, Office 365 Business Premium, Office 365 Business Essentials. All of which are available at an annual or monthly commitment.

What is Microsoft 365?

Microsoft 365 and Office 365 should not be confused with one another. Microsoft 365 is much more than productivity applications, it is considered an “a complete, intelligent solution” according to Microsoft.

Here is what makes Microsoft 365 different from Office 365:

  • Includes all Office 365 applications.
  • Includes a Windows 10 upgrade.
  • Increased security options.

A new feature for Microsoft 365 users was announced at Build 2018, it is known as Microsoft Graph. Microsoft Graph is the API for Microsoft 365, it essentially serves as a gateway to all of your organizations Microsoft applications.

There are three separate versions of Microsoft 365: business, enterprise, and education. While they all have similarities it is important to know the difference between the business and enterprise subscription options.

Microsoft 365 Business

Microsoft 365 Business is designed for both small to medium sized businesses. It is able to support up to 300 users with different pricing and application availability based on business needs.

Microsoft 365 Business allows for a single console to manage user and device settings, automatic office application deployment to Windows 10 devices and also includes Windows Autopilot.

Microsoft 365 Business uses Windows Defender to help protect your business from malware, viruses, and other forms of unauthorized access to business network. Security features also include controls to protect company data across multiple platforms, including employee’s personal devices.

Microsoft 365 Enterprise

This solution is designed for large organizations and includes Office 365 Enterprise, Windows 10 Enterprise and Enterprise Mobility and Security. It includes a variety of services including information protection, advanced compliance, and analytics.

There are different levels of Microsoft Enterprise, with various capabilities depending on what level is chosen.

CompuOne successfully deploys Microsoft 365 plans for both business and enterprise. Contact us today.

Revamp Your Business Password Management

Let’s be honest, we use passwords for everything. From computer logins to retail sites, the use of passwords is so frequent it could potentially put professionals and consumers at risk. According to TechRepublic, 19% of business professionals use poor quality passwords or shared passwords, which could make accounts easily compromised.

It is in every organizations best interest to develop a password management plan to increase security and reduce the risk of data theft. Easy passwords simply won’t do any more. The following tips should be considered for business level password management:

Frequent password changes

Organizations must impose rules on frequent password changes. Password changes should be as frequent as 30 to 180 days; passwords should also never be repeated. Best practice is to ensure passwords have letters, numbers, and special characters.

Depending on the industry, this may already be a requirement under regulation. However, for smaller businesses, this could be a potential life-saver from security breaches. On a user level, frequent password changes may prevent unwanted access to personal information such as social media pages, bank accounts, etc.

Two factor authentication

Two factor authentication is used to confirm the end-user’s identity with a two-factor process. The first step in the process is the actual password, remember all decent passwords must have letters, numbers, and special characters. The second factor is something that the users will only know the answer to; such as a specific pin, answer to a question, or an association of an image.

Why should your business use two factor authentication? Simply because depending on your industry your password may not be enough. Passwords alone can be breakable by social engineering or brute force attacks, no matter how strong your password is. Implementing a two factor authentication can give an employer ease, knowing that employees or consumers have that added password protection.

How to store passwords

As mentioned previously, one user can have too many passwords to remember. There are many password management software’s out there, so many that it’s hard to determine what is considered the safest most reliable option. If choosing to go this route, remember that security mistakes can happen and be wary about what passwords you are storing.

Our recommendation to store passwords is to write them down with pen and paper.  Place your written password sheet in an area where you will remember it for safe storage. While this may sound tedious and paper theft is a concern, consider the fact that cyber crime is only increasing and a sheet of paper cannot be hacked.

For more information, contact us.

Spring Clean Your I.T.

Spring has fully matured, with summer fast approaching it is time to take a good hard look at your organizations’ current information technology state. While it seems like it could be a daunting and never ending task, it is beneficial for organizations to devote time to reorganize and freshen up space both in office and in technology.

Here are a few tips on how to organize your technology before summer hits:

Out with your old tech

As your cluttered and hazardous closet full of old technology continues to grow, it may be time to consider disposing of your organizations old technology. It’s important to dispose of technology the right way, consider reading our blog on how to recycle old tech.  

Build an inventory list of all your organizations software assets, then take a hard look at your software list and use it to discover unused assets.  Unused software may take up a lot of storage space and slow down operations. It would be a good idea to uninstall old software to make room for applications your organization does use and to speed up business operations.

Clean up business data

Organizations rely on data every day in some way, shape, or form. Whether it is customer contact information or details regarding invoicing, companies use data for EVERYTHING. A data cleanse is crucial for businesses, it makes for correctness and consistency.

IT departments will appreciate a data cleanse, tidying up data can be helpful in many ways. Clean data allows for more strategic decision making, better timing, and improved relationships.

Set up a system for organization

When your company decides to clean up its technology, they should take the time to set up a system to ensure technology is organized going forward. Every new addition to your technology infrastructure should be properly placed in your framework and categorized.

Rather than dig through your technology framework trying to find certain information, having your technology organized can ensure ease of use for employees, better decision making, and happy clients.

To learn more, contact us.

Is Your Email Secure?

In this day and age, one of the most commonly used forms of communication is email.  We use it at home, on our mobile devices, and in our workplace. This leads us to the question, what are workplaces doing to keep their email system secure from attacks? According to PhishMe, 91 percent of cyber-attacks start with an email. Email-based attacks come in various ways:

  • Phishing: Attempt to obtain personal information such as passwords and credit card details.
  • Spear Phishing: Personal and highly customized phishing attacks. This is a type of phishing that usually will come from a trusted source and seem legitimate. Spear phishing is highly personalized, attackers usually have done research on the victim.
  • Malware: Malicious software in the form of attachments, links, and drive-by downloads. Malware is usually delivered by spam emails. Spam emails can appear to be sent by legitimate sources, which then increases the chance of download.

Email security solutions

Undoubtedly, organizations must provide protection for their employee’s email communication. Determining the best solution for email security varies from business to business, you should carefully consider what will protect your email communications from attacks.

  1. Endpoint Security: Endpoint security is the process of securing various endpoints in a network, mostly end-user devices such as smartphones, desktops, laptops and tablets. Endpoint security systems can either be a software application or hardware that allows the system admin to manage and discover any devices trying to connect to the network. This will prevent from malware downloaded on the network, but will not prevent from phishing.
  2. Anti-Spam: Anti-spam is software, hardware, or even a process that combats spam by filtration. It is key to realize that not one anti-spam method is perfect, end users should be encouraged to be careful about providing corporate email address information. Anti-spamware can be installed to strengthen the security level of your businesses email provider by conducting screening prior to delivery.
  3. Secure Email Gateways: Secure email gateways come in many forms: public cloud-based, hybrid cloud based, hardware, virtual appliance, and email server based. Secure email gateways monitor emails being sent to a company and prevent unwanted content from being delivered. Secure email gateways prevent from malware, phishing, and spear phishing.
  4. Email Security Training: Human error is considered the biggest risk in email security. End users can click on malicious links, fail to keep their security solutions up to date, and divulge confidential information about the company. Training employees on cybersecurity and email best practices is crucial in preventing unwanted content and unauthorized users.

Email security takeaway

Email security approaches differ from organization to organization, not one single approach will work for all businesses. Every business has risks, issues, budget restrictions, and current security solutions to consider. With that said, a strong well-implemented system should have multiple solutions to cover every end of the organizations network. Businesses should also set up a reporting system, where employees are able to report all suspicious emails in a convenient way.

No email security system is completely secure, but implementing the right solutions can maximize efficiency and minimize risk.


Learn more on email security by contacting us. 

Why You Should Recycle Old Technology

Technology is not built to last, in most cases, upgrading your technology usually stems from having problems with older more outdated equipment. This usually leads most businesses and homes to have a designated area where older technology is currently gathering dust.

So what should you do with old technology? Reduce, Reuse, and Recycle.

Do NOT Throw Tech in The Trash

Unwanted technology should never be thrown away. Once a business’s technology is too far gone it is considered e-waste. E-waste is a term for old technology, so it is fine in a home or office setting. E-waste becomes harmful when it is thrown away improperly. Tons of e-waste is shipped overseas where it is dumped and burned, which then releases harmful chemicals into the atmosphere.  Consider this before tossing your old tech:

  • It Could Be Illegal: States such as California, have laws against throwing away electronics and computers in a landfill.
  • E-waste Contains Hazardous Materials: Most technology is built with heavy metals & toxic materials, including mercury, lead, and carcinogenic chemicals. It is important to dispose of technology correctly to prevent harm to the environment.
  • E-waste Is Still Valuable: Recoverable materials such as copper, aluminum, gold, silver, plastic and ferrous metals all hold value. Conserve natural resources and the energy needed to produce new electronics by finding a new option to dispose or utilize your old electronics.

Consider Donating Your Technology

More than likely, your businesses technology could be useful to someone your community. Organizations must wipe technology to industry regulation before donating. Research organizations that will take older electronics and refurbish them back into use. Here at CompuOne, we donate our old IT to an organization who will either refurbish it for children in San Diego or recycle it as e-waste.

Recycle Your Obsolete IT Assets

Recycling e-waste is not only an environmentally friendly option but is also considered privacy protector. Old technology, such as servers, must be wiped to industry and regulation standards before being recycled.

When recycling e-waste it is important to use certified recyclers. Certified e-waste recyclers break down every piece of technology and gather recoverable materials which then will be put back into use.

CompuOne is committed to the donating and recycling technology. For more information on how to recycle your unused electronics, contact us.

Is Private Browsing Considered Secure?

The Definition of Private Browsing

Private browsing otherwise known as “Privacy mode” or “Incognito” is a feature in most web browsers that disables web cache and browsing history. This allows users to browse the playground of the internet without being able to retrieve their local data at a later point in time. It also means that browsers are not storing data in cookies.

When is Going “Incognito” Useful?

Private browsing is handy for a number of reasons. Usually, authorized users are taking advantage of it to prevent people who have access to their machine from viewing their search history. Here are some ways to utilize private browsing:

  • Blocking sites that you visit from collecting your personal information. Notice that Amazon will show you products based on your search history? Private browsing prevents sites from gathering data based on your searches and cookie information. Sites like Amazon won’t show products based on past purchases. Google will not autofill a search with something you’ve searched for previously.
  • Getting the best price from an online purchase. Browsing on incognito can prevent from online retailers varying prices based on browsing history and location. Booking accommodations such as hotels and airfare are notorious for varying prices, going incognito may help prevent hiked prices based on search history.
  • Logging into multiple accounts on the same site. If you have more than one account for the same site, private browsing allows you to log into multiple accounts at once. This can be especially handy if you have two emails on one site – you would be able to pull them up side by side.
  • Bypass article limits. News and sites filled with articles may have free to read content to a certain extent. Once you reach their free article limit some sites will prompt you to either purchase the article you are reading or a subscription to their site content. Private browsing can bypass this if they are using cookies to remember when you have visited that site before.

Private Browsing Misconceptions

While people who have access to a user’s machine are unable to view search history when browsing privately, there is a common misconception that private browsing will prevent anyone from seeing search activity. Here is some information to take into account when proceeding to search incognito:

  • Private browsing is not a firewall. Whether or not you are choosing to browse publicly or privately, private browsing does not prevent from malware or other attacks such as spyware and key logging.
  • Private browsing doesn’t protect your data on public networks. Private browsing doesn’t stop an unauthorized user from stealing your data on public WiFi. Public WiFi may not be encrypted, or the user may willingly connect to a fake access point, allowing cybercriminals to gain access to the machine without their knowledge.

Some Tips On How to Browse Securely

Private browsing can help in terms of browsing history and preventing certain sites from viewing personal information about you. It can also be utilized if you are concerned about unauthorized users taking advantage of your machine to gain access to your history and online accounts. However, private browsing does not protect your data from cyber theft or other kinds of unwanted snooping.

  • Keep your OS and Firewall Updated: Attackers are more likely to target machines that are outdated, it is critical you keep your operating system up to date as developers are usually patching to cover up vulnerability. If you only have your machines built-in firewall, consider investing in a decent anti-virus program, but don’t forget to update!
  • Practice Safe Browsing Habits: Don’t download anything from a website you are not 100% sure of. A quick tip for downloading something off the internet is to hover your mouse over the download, a link will show up in your browser footer telling you exactly what the file name is.
  • Avoid public WiFi all together: If you choose to use it, then refrain from doing anything involving your personal information and sensitive data, including  accessing your email account.
  • Always Use HTTPS: The “S” stands for secure, the website is using SSL encryption. Using SSL technology ensures all data transmitted on that web server and browser remains encrypted. Check for the padlock icon or “https:” to verify that the site you are viewing is secure.
  • If Available, Use A VPN: VPN stands for “Virtual Private Network,” which is essentially a private solution within a public network. It creates a tunnel to browse in privacy online, which is helpful in preventing attackers from accessing your personal information.

Don’t Confuse Private Browsing with Browsing Securely

The key take away is to remember that private browsing SHOULD NOT be used a safeguard against cyber criminals. While is does prevent sites from seeing your history & cookies, it should not be used a preventive measure against hacking.

Cyber thieves can just as easily steal data while you are browsing privately. They can gain access to your machine in various ways to get ahold of your personal information.  Personal information can include: account names & passwords, information regarding finances & credit card information. It is important to differentiate between using a private browser and browsing securely.

For more information about VPN and safe browsing habits, please feel free to contact CompuOne at 858-404-7000 or send us an email at info@compuone.com.