TechTidBit - Tips and advice for small business computing - Tech Experts™ - Monroe Michigan

Brought to you by Tech Experts™

Smart Phones

What Is App Fatigue And Why Is It A Security Issue?

The number of apps and web tools that employees use on a regular basis continues to increase. Most departments have about 40-60 different digital tools that they use. 71% of employees feel they use so many apps that it makes work more complex.

Many of the apps that we use every day have various alerts. We get a “ping” when someone mentions our name on a Teams channel. We get a notification popup that an update is available. We get an alert of errors or security issues.

App fatigue is a very real thing and it’s becoming a cybersecurity problem. The more people get overwhelmed by notifications, the more likely they are to ignore them.
Just think about the various digital alerts that you get.

They come in:

  • Software apps on your computer
  • Web-based SaaS tools
  • Websites where you’ve allowed alerts
  • Mobile apps and tools
  • Email banners
  • Text messages
  • Team communication tools such as Slack or Teams

Some employees are getting the same notification on two different devices. This just adds to the problem.

This leads to many issues that impact productivity and cybersecurity. Besides alert bombardment, every time the boss introduces a new app, that means a new password.

Estimates are that the average employees is already juggling about 191 passwords. They use at least 154 of them sometime during the month.

How Does App Fatigue Put Companies at Risk?

Employees Begin Ignoring Updates

When digital alerts interrupt your work, you can feel like you’re always behind. This leads to ignoring small tasks seen as not time-sensitive. Tasks like clicking to install an app update.

Employees overwhelmed with too many app alerts tend to ignore them. When updates come up, they may quickly click them away. They feel they can’t spare the time right now and aren’t sure how long it will take.

Ignoring app updates on a device is dangerous. Many of those updates include important security patches for found vulnerabilities.

When they’re not installed, the device and its network are at a higher risk. It becomes easier to suffer a successful cyberattack.

Employees Reuse Passwords (and They’re Often Weak)

Another security casualty of app fatigue is password security.

The more SaaS accounts someone must create, the more likely they are to reuse passwords. It’s estimated that passwords are typically reused 64% of the time.

Credential breach is a key driver of cloud data breaches. Hackers can easily crack weak passwords. The same password used several times leaves many accounts at risk.

Employees May Turn Off Alerts

Some alerts are okay to turn off. For example, do you really need to know every time someone responds to a group thread?

But, turning off important security alerts is not good.

There comes a breaking point when one more push notification can push someone over the edge.

What’s the Answer to App Fatigue?

It’s not realistic to just go backward in time before all these apps were around.

But you can put a strategy in place that puts people in charge of their tech, and not the other way around.

  • Streamline your business applications
  • Have your IT team set up notifications
  • Automate application updates
  • Open a two-way communication about alerts

Don’t Forget Your Phone’s Security Settings

It’s common for people to rely on their personal phones to keep in touch at work.

That’s not always the best idea, and there are lots of good reasons to provide company phones to your team (would you want to own the number and block access to sensitive data if somebody left?)

But whoever owns the device, you need to make security your top priority. Cyber criminals know how much valuable information lives on our mobiles, and they’re making phones a target.

If you don’t already have a mobile security and management strategy in place, it’s time you did. Here are our top 5 ways to keep phones secure:

Set minimum upgrade requirements

Cyber crooks and device manufacturers both work in three-year cycles. That means that, as threats evolve, so do the protections that address them. Upgrade devices to follow this cycle, and even if you’re using BYOD (bring your own device), enforce this rule if employees want to use their personal phone for work.

Implement mobile device management

MDM allows you to track the location of devices, lock/wipe their data remotely, and can help you access remote support for any issues. That means your data stays safe, even in cases of a lost or stolen phone. You can also create a list of apps that are to be blocked for security reasons.

Set up MFA (Multi-Factor Authentication)

Make sure all devices have biometric locks requiring facial or fingerprint ID to open them, and that all apps require MFA to log in. Only allow employees access to the software and files they need for their job.

Always update everything

Like all your devices, phones need to have the latest updates installed as soon as they become available.

If you have MDM in place, it’s possible to schedule updates across the entire team at the same time – ask us for more info.

Regular awareness training

You should hold regular cyber security training for your team that includes mobile devices. Your people are your weakest link when it comes to security. Keeping them up to speed on security risks can improve compliance.

It’s easy to overlook mobile devices when it comes to keeping your data secure, but it’s a vital step in protecting yourself against cyber attacks.

Smartphones Are Now The Preferred Device For Mobile Work

Smartphones have taken over from laptops as most people’s preferred portable work tool.

They enjoy the flexibility and, perhaps obviously, they’re easier to carry around than a laptop or a tablet.

It means that mobile connectivity and reliable broadband have become two of the largest IT considerations. In turn, that creates a different set of security risks.

If a number of your people need a phone to do their job, here’s a big thought: Would they be better off using a work-issued phone instead?

If an employee has contact with customers, would you want to own their phone number in case they left?

And there are security considerations that might be best handled on company-issued phones. That includes rolling out security updates, managing secure mobile gateways, and administering passwords.

You should make sure data on the device is encrypted, not only to protect data from cyber criminals, but to make sure your information is safe should the phone be lost or stolen. Can the phone be remotely wiped?

The software installed on the phone should be policed too. You may need a policy that limits or blocks the use of third-party software. This can also help establish a boundary between work and personal tasks.

As with most tech, this isn’t a case of set it and forget it. You need to make sure updates are run on time, and remotely audit company-issued devices to ensure they’re secure, protected and don’t contain any malicious applications.

Is this something we can help with? Your technology headaches are exciting for us! Get in touch, we’d be glad to help out.

Mobile Malware Has Increased 500% – What Should You Do?

Cybersecurity researchers uncovered an alarming mobile statistic. During the first few months of 2022, mobile malware attacks surged by 500%.

For years, mobile phones have become more powerful. They now do many of the same functions as a computer.

Yet, people tend to secure their computers better than they do their smartphones.

This is a behavior that needs to change. Over 60% of digital fraud now occurs through mobile devices. That makes them highly risky if proper safeguards aren’t followed.

Use Mobile Anti-malware

Yes, your mobile phone needs anti-virus/anti-malware too! Malware can and does infect smartphones and tablets. Ensure that you have a reliable mobile anti-malware app installed.

Don’t download apps from unknown sources
Only download mobile apps from trusted sources. Do not download outside a main app store. Trusted app stores include places like:

• Apple App Store
• Google Play
• The Microsoft Store
• Amazon Appstore

Don’t assume email is safe
Many people prefer checking email on their phone rather than PC because it’s so handy. But they have a false sense of security about the safety of emails when viewed on a mobile device.

It’s difficult to hover over a link without clicking when on a smartphone. If you see something questionable and want to check the link, open the email on your PC where you can do that.

Beware of SMS phishing (aka “smishing”)
In March of 2022, text spam outpaced robocalls. Unwanted text messages rose by 30%, ten percent higher than robocalls. Many of those spam texts are smishing.

Be on the lookout for text messages that don’t quite make sense. For example, getting a shipping notification when you haven’t ordered anything.

Remove old apps you no longer use
Go through your device and remove old applications that you are no longer using. There is no reason to keep them around, potentially leaving your device at risk.

Keep your device updated
Speaking of updates, you also need to keep your device’s operating system updated. Are you using the current version of Android or iOS?

Not installing updates can mean your phone has vulnerabilities. These vulnerabilities allow hackers to
breach your data.

Use a VPN when on public Wi-Fi
Public Wi-Fi is dangerous. Most people understand that, but many connect to it out of necessity. Reduce your risk by using a VPN app.

Use mobile security solutions to prevent a data breach
Don’t wait until your phone is infected with malware to secure it properly. It’s only a matter of time before you are the next victim.

Nine Tips To Keep Mobile Devices Safe

The reality is, mobile devices are less safe than desktop computers. Boosting security on such devices is essential if you use them in business.

Information on your team members’ mobile devices is no longer limited to just phone numbers and contacts. They now contain much more significant data, such as emails, passwords, and other account details.

That’s why keeping those mobile devices secure is key to shielding your reputation and minimizing the risk of losing money.

Fortunately, you can implement robust safety measures to protect your smartphones and tablets. This article will cover the nine best practices in improving cybersecurity on mobile devices.

Establish a sound security policy

Before issuing tablets or smartphones to your teams, create an effective usage policy. Define rules about acceptable use and determine the penalties for violating them.

Your employees must be aware of the security risks and measures that can help them reduce the risks. They should know that they are the first line of defense against cybercrime.

Ensure the operating system is up to date

Updating Android and iOS operating systems improve overall user experience, but their most significant role is in addressing security vulnerabilities.

Therefore, install updates as soon as the developer rolls them out to reduce exposure to cybersecurity threats.

Enable password protection

A complex password or PIN can help prevent cybercriminals from accessing mobile devices. Besides using alphanumeric combinations, you can also use facial or fingerprint recognition, depending on what suits your employees.

If you opt for digits and letters, don’t share the combination with people outside your company. On top of that, be sure that your staff doesn’t store them on their phones. Unmarked folders and physical wallets are a much safer option.

Only install business apps

Lenient download policies can allow your team members to install non-business apps. Downloading such apps might seem harmless, but they are also infamous for their harmful advertising codes and many other threats.

To mitigate this risk, tell your employees they can only download and use apps necessary for their roles.

Avoid public Wi-Fi

Your team may need to use public Wi-Fi networks in emergencies to send crucial emails or schedule a meeting. However, connecting to such networks can expose confidential company information to cybercriminals using the same network.

The easiest way to minimize this risk is to provide a high-quality Internet plan that features roaming services for your remote workers.

Leverage phone tracking

Losing company-issued mobile devices is unfortunate, but it’s not the end of the world.

Enabling Android Phone Tracker, Find My Phone on iOS, or other device-tracking software can help locate your lost smartphones. Some programs also enable you to remove data on your stolen devices remotely.

Installing these apps takes a couple of minutes and gives you much-needed peace of mind. With it, even if your staff loses their mobile device, cybercriminals are less likely to get their hands on the content.

Use mobile device management (MDM)

For even more security, you may want to integrate with a reliable MDM. It’s an excellent way to separate personal and business information while allowing your team members to set up robust security measures on their devices.

In most cases, cloud-based software is the most affordable, flexible, and manageable type of MDM. Many platforms let you check out device information, update and manage apps, configure your devices, create restrictions, and remove content remotely.

Screen messages

Cybercriminals frequently employ SMS phishing to trick your team into clicking dangerous links. They pose as someone credible, asking your staff to share confidential information.

If your employees encounter such messages, they should delete them or alert the IT department. Another great idea is to avoid opening the SMS and block the sender.

Practice blocking and whitelisting

Many threats can compromise your company due to employee errors. For example, a team member may not realize they’re downloading a malicious app that allows thieves to steal data from their mobile devices. Blocking and whitelisting can enable you to protect your employees from these risks by determining which sites and apps are safe.

The Biggest Cyber Threat To Your Business Is In Your Pocket

According to a Verizon study, one in three businesses has admitted to suffering a breach as a result of a mobile device. The same study found that 80% of businesses were aware that they had a big gap in their network security as a result of mobile device usage.

Banning the use of mobile devices for work is not an option, however. The productivity benefits of these mobile devices are too big to give up, and chances are, employees will still use them.

So how can you make sure that your data is safe as it travels around in your (and your employee’s) pockets?

Basic protection for all operating systems

Regardless of your operating system and device model, the following security protocols can easily be implemented.

Fingerprint and/or face recognition and secure passcode – this feature not only protects you, but your employee as well. Highlight and encourage employees to set this security feature up on their devices.

Offer internal support to help less tech-inclined employees to set this up and troubleshoot common challenges with unlocking the device with these features.

Not only will this help keep your information secure if the device is lost, but it will also help prevent other unauthorized individuals from accessing your device if it is left unattended.

Use a VPN – A VPN provides a secure phone connection to a private server between your devices and your data and bypasses using public networks to access your information. This helps secure the data and encrypts it as it travels from point to point.

Enable data encryption – Both Android and iPhone devices can be encrypted through the device and it is highly recommended that you encourage your employees to activate this feature. Spreadprivacy.com has detailed instructions on how to do this for both Android and iPhone devices.

Set up remote wipe capabilities – Depending on the device, there is a function along the lines of Find My Phone that you can have implemented that will allow you to remotely lock and erase the device in the event it is lost or stolen.

Apple devices have the function built into the operating system and Android devices can enable this feature with app downloads.

Mobile protection for Android users

One of the great things about Android devices is that you have a variety of manufacturers, features, and price points to choose from.

While they might differ slightly in features and functionality, here are some basic tips for protecting your Android device:

  • Only buy Androids from vendors who are proactive in issuing security patches
  • Use 2FA (Two-factor authentication)
  • Take advantage of built-in security features
  • Do not save all passwords
  • Only buy apps from Google Play
  • Always, always back up the device’s data
  • Encrypt your device (See instructions above)
  • Be careful about connecting to public WiFi, and be diligent about securing your own WiFi networks.
  • Use the Android security app
  • Install a VPN

Mobile protection for iPhone users

Regardless of the model, all Apple iPhone devices will have the following security features. Keep in mind, however, that older models of the phone will not be able to take advantage of the newest iOS and may require an upgrade.

Here are 10 tips for keeping your iPhone safe:

  • Update the iOS frequently. You can opt into automatic software updates through your phone as well so you don’t have to keep an eye out for new updates
  • Enable 2FA (Two-factor Authentication)
  • Set the phone to “self-destruct” or wipe the entire phone after someone fails to access the phone 10 times.
  • Activate “Find my iPhone.”
  • Avoid public WiFi
  • Only use trusted iPhone charging stations
  • Change your iTunes and iCloud passwords regularly.
  • Revoke permissions to your camera, microphone, etc
  • Use a passcode longer than 4 numbers
  • Disable Siri access from the lock screen.

Take the next step

These tips will get you started on keeping your business, and personal, information safe as you roam. But this is just the first step. Take the next step and set up a full security audit to see where there may be a crack in your armor that leaves you vulnerable.

What’s Your Pocket-Sized Security Threat?

Thomas Fox is president of Tech Experts, southeast Michigan’s leading small business computer support company.

You guessed it. I’m talking about phones.

How many people in your business have a company-issued phone, or use their own to access company data like emails, client information, or documents? It’s probably a high number, right?

And your phone is a big risk to your data security. Smishing attacks (that’s the text message equivalent of a phishing email) increased 328% in 2020 and will probably significantly rise again this year.

That’s because it’s a goldmine for cyber criminals. 98% of text messages are read and 45% are responded to. So a smishing text is likely to yield good results for criminals.

Once your phone is infected, malware can monitor your calls and messages, download and delete your data, and if a phone is connected to your business network, the infection might even spread. [Read more…] about What’s Your Pocket-Sized Security Threat?

Are Smartphones And Tablets Killing The Traditional PC?

In the early days of the Internet, there was only one device that enabled you to access it. That was the desktop computer.

Laptop computers have existed for as long as desktops have, but due to hardware limitations, they never really became a viable alternative.

In a technical sense, laptops are “mobile” devices, but still require the user to be seated to use. It hasn’t been until recently that we have seen truly mobile devices.

The Rise Of Smartphones
The first smartphone was invented in 1992, three years before the term “smartphone” even existed. It was IBM’s “Simon,” which was a cellphone with a monochrome LCD touchscreen and a stylus.

It was the first phone was able to send faxes, pages, and emails and it was even capable of running third party applications.

It came with built-in features that are so commonplace on today’s smartphones that most people take them for granted, such as a calendar, a notepad, a world clock, and a way to schedule appointments.

Simon didn’t sell well and its $899 price tag surely didn’t help move units either. For comparison, that’s the same purchasing power as $1607 in 2018.

It wasn’t until Apple’s iPhone in 2007 that the modern smartphone became mainstream. IBM was able to sell a total of 50,000 Simon smartphones over its entire lifetime, a number that is dwarfed by Apple’s 1.4 million iPhone sales in the first year of its existence.

The Aging Desktop
Hardware advancements in recent years have made smartphones powerful enough to perform all the basic functions that consumers were using desktops for in the early days of the Internet.

Smartphones are also priced lower than their desktop counterparts. Sure, if you compare the price of a brand new, top-of-the-line smartphone to a much more powerful desktop PC you may find that the desktop by itself is less expensive.

But for a desktop to function you also need peripherals like a monitor, keyboard, a mouse, speakers, etc. You also need a desk, a chair, a constant source of power, and, in most cases, an entire dedicated room. One could make the argument that you need to pay for a cell phone service to be able to use all the functions of a smartphone, but that isn’t much different than paying for an ISP.

Tablets
In 2010, Apple made yet another mobile device that would change the tech world forever: the tablet. Tablets are essentially large smartphones although they aren’t typically used to make phone calls.

Due to their size, they are capable of carrying stronger hardware than smartphones and they are easier to use as a practical tool in the workplace. There are even specialized “professional” tablets that are designed with detachable keyboards and Bluetooth mice that run the same operating systems that their desktop cousins do.

They weigh less than modern “lightweight” notebook laptops, and have the advantage of a touchscreen. Their functionality comes at a steep price though, and it’s one that will be felt by your wallet. Most “professional” laptops will cost even more than the most powerful desktops and laptops.

No Clear Winner
Each option has different pros and based on how you intend to use it. Although smartphones and tablets have been quickly taking over the home user market, almost all workplaces still use the desktop computer.

The price per performance ratio is still in the desktop’s favor. It could be a very long time before mobile devices gain the functionality of a desktop while matching their price.

Google Maps “Guesses” Your Destination, Getting Smarter

In further proof of how the digital age has transformed daily life, you no longer have to make tough decisions about where to go when you access Google Maps from an Android device.

Google Maps now has a new feature that predicts where you would like to go and weighs all the pros and cons for you between potential destinations – even if you weren’t actively debating your options.

Let’s say you usually go to a favorite coffeehouse at about the same time every Saturday. Google Maps can now alert you if the traffic to your normal destination is exceptionally bad and can automatically provide you with less stressful alternatives based on your past behavior. You don’t even have to enter a destination – it all happens just by opening Google Maps.

The mapping app will also alert you to gas prices in the area, your estimated time of arrival to each option, and tell you the quickest way to get to your preferred choice. You can even add shortcuts, that Google Maps may have overlooked, for future use.

While this all sounds futuristic, it has the potential to be a huge time saver. Any time that you’re not quite sure of where you’re going, you can get the lowdown on the trip to your potential destinations without having to actually go there.

You can access this new feature on Android devices on the sidebar of Google Maps. Choose the option to Start Driving, and the application will quickly help you decide, if you really want to try the newest restaurant on the other side of town or stick closer to home with a tried-and-true location and have time to spare for an after-dinner coffee or cocktail.

How to Cut Down Your Mobile Data Usage

With unlimited mobile data plans being few and far between, it is imperative to monitor and manage your data usage to prevent outrageously high cellular bills. Even if you have an unlimited plan grandfathered into your service, there are other benefits to cutting down your mobile data usage, including increased battery life on your device and faster service in general. Try these tips to keep your data usage at a minimum:

• Track your usage. It’s impossible to set a usage goal or identify problems without knowing how much data you use and how you use it. Within the settings of your smartphone, you can easily find how much data you’ve used in a billing period and even set warnings for when you approach your data limits.

• Identify what applications use the most data. This can also be done within your smartphone’s settings where you can see app usage at a glance and can also set warnings or cut-off limits at this level. After assessing how much data each application uses, you may even want to delete the most data-hungry ones.

• Take advantage of free WiFi. A wide array of businesses offer free wireless Internet service as a perk to customers, so don’t pass up the opportunity to get your high-usage needs met at no expense to you. You can even configure your settings where applications only update when WiFi is available.

• Put the stymie on streaming music and video. While you may like to show your friends the latest footage off of YouTube or listen to your playlists while on a run, these activities come with a high data usage price tag. Try waiting to view videos until WiFi is available and make your playlists available offline to listen to them at will without any costly data usage.

Just by implementing these simply usage-reducing and awareness strategies, you can greatly decrease your cellular data bill and the workload on your smartphone device. This is a win-win no matter how you look at it.