The IT Experts

Research from the University of California at Irvine found it took a whopping 23 minutes to return to a single task after a notification came in on a person’s smartphone. What’s more troubling is that people only average about 47 seconds before they return to their mobile device. This means that people, on average, check their mobile devices nearly 600 times in an eight-hour workday. They also found that since it takes time to recover from notifications, the more notifications a person receives during the day, the more errors they made and the more stress it causes on workers. 

What is Being Done About It?

The number of notifications people receive aren’t going down. In fact, with many people still working remotely, the number has risen precipitously. Apple and Google, the two companies that fuel most modern smartphones, have tried to help users manage their notifications. Apple has instituted its Screen Time feature, while Android has its Digital Wellbeing tool. These apps are designed to (ironically) notify users on how much time they spend in each app and report how many notifications they receive. They can then set daily limits and set timeframes in which they don’t want to receive notifications to help them be more productive and less distracted. 

For those that aren’t great at managing this, there are hardware options. There are phones available today that take a lot of the applications out of the picture. Remember the flip phones from the late ‘90s and early 2000s? No. Well, they function a lot like those mobile options used to.

One of these phones called The Light Phone, just provides SMS and calling features in a very simple form factor. It’s an elegant solution to the problem, but for many people, especially people that spent $1,000 or so on their smartphone, buying a less smartphone isn’t really in the cards.

More affordable options have come in the way of applications. App developers have come up with productivity-enhancing apps that have been constructed to allow for what is being called “deep work”. One deep work application called Medium actively promotes the limiting of notifications and gives users a respite from the world around them to get more meaningful work done. Other apps such as Seque, Shift, and Asana give users options to control their productivity platforms so that they can reduce workplace stress and control their schedules better. 

What do you think? Do you spend too much time staring at your phone when you could be more productive? Do you feel like the constant flow of notifications is holding your career back? Leave your thoughts in the comments section below and return to our blog soon for more great technology-related content.

For this week’s tip, let us consider the different ways to implement 2FA.

Let’s make something clear from the start:

Two-factor authentication of any kind is better than just relying on a password. After all, a password can be cracked, stolen, or guessed. Adding a second requirement for a proof of identity will prevent that from enabling access to your accounts so easily. Therefore, while some forms are often more reliable than others, two-factor authentication is always something to implement wherever possible—particularly in the workplace.

Types of Two-Factor Authentication

2FA comes in all shapes and sizes:

Text Messages

Chances are this is the form of 2FA that most people were first introduced to, as it simply requires you to provide the code that you receive to your mobile device via SMS.  This method is simple to pick up, making it easily accessible for any user and convenient. However, with the prevalence of phishing today amongst other considerations, 2FA through SMS is perhaps the least secure option, but it will still do in a pinch.

Applications

Next, we have the 2FA that functions by generating a code for the user to input into when prompted. Using these kinds of applications effectively turns a mobile device into the key for a lock, as a user isn’t going to get past the lock without access to their device. This makes the successful implementation of this form of 2FA heavily reliant on the likelihood that your users will both keep their devices charged and have them with them whenever they are needed.

Physical Devices

This variety of user authentication—where a physical token is plugged into a device or activated—has seen a resurgence in popularity in recent years, largely due to the rise in phishing attacks and other scams. While these keys come at some financial cost, they have been acknowledged as a successful and secure means of ensuring that someone is who they claim to be as they access digital resources.

Biometrics

Alternatively, we have also seen a rise of authentication wherein the user is the key, providing an identifier (like a fingerprint) to the scanner in order to secure access. While this form of authentication is undeniably (and sometimes literally) handy, it can be somewhat temperamental and lead to inaccuracy at times.

So, Which Type of 2FA is Best?

In simple terms: whatever kind you will actually use.

While they may not all be equally secure, any of the above options are more secure than just relying on a password alone. Data is just too valuable to be taken for granted nowadays, so if it is implemented and utilized correctly, any variety of two-factor authentication will ultimately benefit your business’ data and network security strategies.

We can help you put two-factor authentication in place, as well as any other cybersecurity measure or productivity tool your business could benefit from. Find out more about all we can do by calling (954) 834-2800 today.

You were found guilty after being accused of stealing nearly $120 million in BPA-free technologies from assorted companies, including Coca-Cola and the Eastman Chemical Company. Each of these companies had threat detection systems intended to prevent such activities, but the approach that each took proved to have different effects. Let’s consider the situation, and what we can learn from the threat detection practices that each company seems to have had in place.

Introducing Xiaorong “Shannon” You

You is a naturalized US citizen who holds a Ph.D. in Polymer Science and Engineering, a degree that enabled her to work for several companies since the early 1990s. Starting in December of 2012, You served as a principal engineer for global research for Coca-Cola until August of 2017. After that, she transitioned to the Eastman Chemical Company to take a position as packaging application development manager, where she worked from September of 2017 until her employment was terminated in June of 2018 upon the discovery of her activities.

While she held these positions, You had access to various trade secrets—many of which were only shared amongst a small group of employees. Despite her written affirmation that she had not retained any of these secrets, You had in fact done so and shared them with the People’s Republic of China in an application to The Thousand Talents program. This program has been used in the past to bring advanced technologies to the country and has been linked to other such cases that have been prosecuted by the Department of Justice.

You stole this data by simply uploading it to her personal Google Drive storage, occasionally photographing particularly sensitive information with her personal smartphone. Once she had this data, You collaborated with a Chinese national named Xiangchen Liu to create their own company in China to monetize these secrets. Co-opting an Italian manufacturer, the stolen BPA-free technology was then incorporated into their own products.

Several companies were ultimately impacted by these activities: naturally, Coca-Cola and Eastman Chemical, as well as AkzoNobel, Dow Chemical, PPG, TSI, Sherwin Williams, and ToyoChem.

What Could Have Prevented These Threats?

To be clear, Coca-Cola and The Eastman Chemical Company were notably different in how able they were to handle these kinds of insider threats. While You had left Coca-Cola by August of 2017, she was not indicted for these crimes until 2019—after she had already been exposed by Eastman Chemical.

This suggests that, until her activities were brought to light, Coca-Cola had no idea such things had happened under their roof. In turn, this suggests that:

• Coca-Cola wasn’t using the tools that could have detected these activities in real-time, and as a result did not have the means to keep their sensitive data from leaving the corporate infrastructure and environment.
• Coca-Cola also had no policies in place to keep non-authorized devices away from sensitive data. As You demonstrated, the relatively low-tech method of photographing data can still be highly effective.

Now, comparing You’s departure from Coca-Cola to her dismissal from the Eastman Chemical Company, it seems clear that the latter organization did in fact have the means to detect her activities in place. Otherwise, that sum of $120 million could have been substantially more.

Even if a business is serious about its security, it could all be for naught if the small details go unnoticed. There is no denying the size and influence that Coca-Cola possesses, but that did little to stop You in her efforts.

KB Technologies Managed IT can help your business protect its data the way it needs to be protected, against threats from all angles. To learn more about the solutions and services we offer, give us a call at (954) 834-2800.