The IT Experts

The first thing that we should mention in this article is that Windows 7 will be losing support this upcoming January, and with so many people/businesses still using machines running the decade-old operating system, Microsoft knew they needed to make Windows 10 that much more accessible. Their strategy is to provide Windows 10 as a cloud service.

In launching Microsoft 365, the software developer has made it easier to upgrade away from Windows 7 and 8.1. For the modern business that depends on their Windows 7 workstations, this provides them with an option to get their business moved over to a platform that’s security is strong and up-to-date.

Windows 10 has been remarkably resilient as threats continue to multiply. In fact, there are some people in the industry that argue that Windows 10’s Windows Defender is one of the best antivirus solutions ever made for a personal computer. It may be that for an individual user Windows 10’s built-in security is enough to protect them against a web filled with viruses and malware. For the enterprise, however, it is vigilant to have added security in the form of a dedicated antivirus and powerful spam blocker. That’s not to deride the improvements Microsoft has made to its internal security system, it just provides more control for administrators whose job is keeping these threats from damaging an organization’s operational effectiveness.

What to Expect from Windows 10 Enterprise Security
As stated above, Windows Defender is a strong antivirus, but the real benefit to Windows 10’s security solutions is the improvement in identity and access management and data protection. In improving Windows 10’s identity and access management systems, Microsoft has made a point to improve security around the access points. They’ve thoroughly overhauled the way they authorize users, groups, and other systems to access data on Windows 10-controlled networks or devices. With this enhancement, administrators have more options to outline the ownership of objects, user rights, and data that is available for reporting.

User Account Control (UAC), found in the most recent version of Windows, is enhanced in Windows 10. It works to prevent malware by blocking the installation of unauthorized applications and prevent non-administrators from changing system settings. Another change is the use of two-factor authentication to gain access. By setting up a two-factor authentication system, users will be forced to have access to additional accounts to gain access, mitigating access problems that come from stolen passwords.

Additionally, Windows 10’s security includes BitLocker, a data protection feature that integrates with the OS and is used to address the near-constant threat of data theft (or unauthorized exposure). There are also dynamic features such as the Trusted Platform Module, which provides hardware-based security functions, and the ability to secure the Windows 10 boot process. Every security feature should be added into a dedicated Windows Information Protection policy that can be set per device or over an entire network.

Windows 10 is one of the strongest operating systems ever created in dealing with threats. Learn more by contacting our IT experts today at (954) 834-2800.

One thing to keep in mind is that many manufacturers are making devices that are, at the very least, water resistant. These devices are given an International Protection (IP) score, which is based on the International Electrotechnical Commission (IEC). This rating is given to any consumer device, and it designates how much protection a consumer can expect from it. For example, a device classified as IP67 is resistant to dust and can be submerged in water no more than one meter deep for up to half an hour. The only difference between this and an IP68 device is that the IP68 guarantees protection in 1.5 meters of water for up to half an hour.

Of course, you didn’t come here to learn about the semantics related to device protection classification--you want to know what to do if your device falls in water. Here are some decent catch-all steps you can take to potentially save your device.

1. Turn Off Your Device: Be sure to turn off your device as soon as possible. Don’t try to plug it in or shake it. Don’t blow in it or use a blow dryer to try to save it. Just follow the steps below and don’t stray from them.
2. Remove your SIM card and any other expandable storage.
3. Remove the battery if possible: Some phones don’t have the removable battery, so if it doesn’t, don’t just pry it open. Have a professional do it for you. You can always check out YouTube for tutorials as well.
4. Use an absorbent rag to dab your phone dry: Try not to wipe it around, as this could spread the liquid too much.
5. Place the phone in a plastic bag filled with uncooked rice: The rice will absorb the liquid.
6. Let your phone dry for a day or two before trying to turn it on.
7. Turn it on: If this doesn’t work, try charging it. If the device doesn’t charge, the battery could be damaged. You will want to work with a professional to do this, if you haven’t already done so.
8. If it seems to work right, make sure everything does: Make sure you test the screen for responsiveness, as well as the speakers and microphone.

By following these eight steps, you’ll maximize your chances of getting away from a phone-meets-liquid incident unscathed. If you found this blog helpful, be sure to share it with anyone else who might benefit from it.

The Criteria
Ask yourself the following questions about your messaging application:

• Are my messages encrypted (and how encrypted are they)?
• How transparent is the application to scrutiny?
• How are messages deleted?
• How much metadata is kept?

We’ll go through each question to help you ascertain if the messaging platform you use is secure enough to use for business.

Are My Messages Encrypted? (And How Encrypted Are They?)
Encryption can scramble data so that it is difficult to read to all those who don’t have a decryption key. We don’t want to get into too much detail, but suffice to say that encryption can make your data much more secure than it would be otherwise. While most major messaging applications use encryption, not all of them follow the most secure of practices.

For example, solutions like Google Hangouts and Skype encrypt the messages that users send, but they also retain a copy of the encryption keys. This is so they can access the messages sent to collect data for advertising purposes. Unfortunately, this also means that the data will be vulnerable if a cybercriminal manages to make their way onto the application’s servers, or if the government were to issue a search warrant for them.

Thankfully, end-to-end encryption is more common with these kinds of apps, where the application holds the keys that encrypt the data. The users also have a key to decrypt the data, meaning that no other external party can access the contents of the messages. Some of these include WhatsApp and Signal. While Skype does offer this option, it isn’t enabled by default.

How Transparent is the Application to Scrutiny?
It’s important that your messaging application provider not only is honest about the state of security, but is also evaluated by an independent and impartial expert that comes to the same conclusion. This means that open-source applications are usually more trustworthy, as they have been the subject of much closer scrutiny over the years. Examples of these applications include Signal, Telegram, and Wickr, while WhatsApp and Facebook Messenger aren’t true open-source, but are based on the same protocol as Signal. An application that is closed-source, like iMessage, trusts the developer entirely to maintain the security of the messages sent.

How Are Messages Deleted?
What happens to messages after they have reached their destination and been deleted? In truth, deletion might be the best way to ensure the privacy of important information. Applications that automatically delete messages within a certain amount of time can be great for security. For example, Skype, Telegram, and Signal all have this capability. WhatsApp even goes as far as deleting messages within 13 hours. Not all apps feature self-deleting messages, and to be fair, nobody is stopping the recipient from taking screenshots of messages, either. Thus, security is left to the discretion of the recipient.

How Much Metadata is Kept?
It’s also critical that your chosen application is protected by the metadata it stores. Metadata contributes to security through user profiling, which stores data of both the sender, receiver, time of communication, IP address, and the device used. Thus, knowing what kind of data is stored by the messaging application will help you best preserve the security of this data.

KB Technologies can help you implement secure methods of communication for your business. To learn more, reach out to us at (954) 834-2800.