TechTidBit - Tips and advice for small business computing - Tech Experts™ - Monroe Michigan

Brought to you by Tech Experts™

You’d Be Lost Without It, So Don’t Forget Email Security

Let’s talk about something super important: Email security. Yep, we know it might not sound like the most thrilling topic, but it’s a big deal. Businesses like yours face more cyber threats than ever.

We’ve seen our fair share of cyber attacks, and let us tell you, many of them start with a simple email (official figures say it’s a massive 90%!). Yep, that innocent-looking message in your inbox could be the gateway for cyber criminals to wreak havoc on your business.

So, why is keeping your business email secure so important? Well, for starters, it’s your first line of defense against cyber attacks. Think of it like locking the front door of your house to keep out intruders.

If your email is secure, you’re making it a whole lot harder for cyber criminals to sneak in and steal your sensitive data.

But implementing proper email security measures safeguards your valuable data from getting lost or falling into the wrong hands.

It’s not just cyber criminals you’re at risk from; an employee could accidentally leave a laptop on a train or in a coffee shop.

That could mean all your important business communications and documents were suddenly open for someone else to read. It would be a nightmare, right?

You might be thinking, “But I’m just a small business. Why would I be a target?” Ah, but here’s the thing – cyber criminals don’t discriminate based on business size.

In fact, small and medium-sized businesses are often seen as easier targets. That’s because they may not have the same level of security measures in place as larger corporations.

So, don’t think you’re off the hook just because you’re not a Fortune 500 company.

Now that we’ve established why email security is crucial, let’s talk about how you can ramp up your defenses.

First off, use strong, unique passwords for your email accounts. None of that “p@ssW0rd123” nonsense, please.

Better still, use a password manager to create and store uncrackable passwords.

Consider implementing two-factor authentication for an extra layer of security (where you generate a login code on another device to prove it’s you).

And don’t forget to keep your software and security patches up to date – those updates often contain important fixes for vulnerabilities that cyber criminals love to exploit.

Lastly, educate your employees about the importance of email security. They could be your strongest defense or your weakest link when it comes to keeping your business safe from cyber threats.

Teach them how to spot phishing emails (emails pretending to be from someone you trust) and what to do if they suspect something isn’t right.

Remember, a little prevention now can save you a huge headache, time, trouble (and money) later. If we can help with that, get in touch.

Google & Yahoo’s New DMARC Policy – Why Businesses Need Email Authentication

Have you been hearing more about email authentication lately? There is a reason for that. It’s the prevalence of phishing as a major security threat. Phishing continues as the main cause of data breaches and security incidents. This has been the case for many years.

A major shift in the email landscape is happening. The reason is to combat phishing scams. Email authentication is becoming a requirement for email service providers. It’s crucial to your online presence and communication to pay attention to this shift.

Google and Yahoo are two of the world’s largest email providers. They have implemented a new DMARC policy that took effect in February 2024. This policy essentially makes email authentication essential. It’s targeted at businesses sending emails through Gmail and Yahoo Mail.

But what’s DMARC, and why is it suddenly so important?

The email spoofing problem

Imagine receiving an email seemingly from your bank. It requests urgent action. You click a link, enter your details, and boom – your information is compromised. The common name for this is email spoofing.

It’s where scammers disguise their email addresses. They try to appear as legitimate individuals or organizations. Scammers spoof a business’s email address. Then they email customers and vendors pretending to be that business.

These deceptive tactics can have devastating consequences on companies. These include:

  • Financial losses
  • Reputational damage
  • Data breaches
  • Loss of future business

Unfortunately, email spoofing is a growing problem. It makes email authentication a critical defense measure.

What is email authentication?

Email authentication is a way of verifying that your email is legitimate. This includes verifying the server sending the email. It also includes reporting back unauthorized uses of a company domain.

Email authentication uses three key protocols, and each has a specific job:

  • SPF (Sender Policy Framework): Records the IP addresses authorized to send email for a domain.
  • DKIM (DomainKeys Identified Mail): Allows domain owners to digitally “sign” emails, verifying legitimacy.
  • DMARC (Domain-based Message Authentication, Reporting, and Conformance): Gives instructions to a receiving email server including, what to do with the results of an SPF and DKIM check. It also alerts domain owners that their domain is being spoofed.

SPF and DKIM are protective steps. DMARC provides information critical to security enforcement. It helps keep scammers from using your domain name in spoofing attempts.

Why Google & Yahoo’s new DMARC policy matters

Both Google and Yahoo have offered some level of spam filtering but didn’t strictly enforce DMARC policies.

Starting in February 2024, the new rule took place. Businesses sending over 5,000 emails daily must have DMARC implemented.

Both companies also have policies for those sending fewer emails. These relate to SPF and DKIM authentication.

Look for email authentication requirements to continue and be more strictly enforced. You need to pay attention to ensure the smooth delivery of your business email.

The benefits of implementing DMARC include:

  • Protects your brand reputation
  • Improves email deliverability
  • Provides valuable insights

Introduction To Smart Home Technology For Small Biz Owners

In the past, the concept of a “smart home” might have conjured up images of futuristic living spaces from science fiction movies. Today, technology such as video telephones and voice-activated lights have made those dreams a reality.

However, with the rapid advancement of technology, some traditional problems persist, such as security vulnerabilities and connectivity issues. If you’re incorporating smart home technology into your small business, understanding these challenges and knowing how to address them is essential.

Here are some of the most common smart home issues and solutions.

Connectivity woes

Problem: Your smart devices frequently lose connection or have slow performance.

Solution: Start by restarting your router and any problematic devices. This often resolves temporary connectivity issues. If problems persist, check the placement of your router. It should be in a central location to evenly distribute the Wi-Fi signal throughout your premises.

For larger spaces, consider investing in a Wi-Fi extender to boost signal strength and expand coverage.

Device unresponsiveness

Problem: Devices fail to respond to commands or operate sluggishly.

Solution: The first step in troubleshooting unresponsive devices is to turn them off and on again. This can clear out any temporary glitches affecting performance.

Additionally, ensure your devices are running the latest software updates, as these can include important fixes and improvements.

Battery drain

Problem: Smart devices are consuming battery power more quickly than expected.

Solution: Adjust the device settings to optimize power usage. Disable unnecessary features and reduce the frequency of updates or checks that the device conducts autonomously. These small adjustments can significantly extend battery life.

Incompatibility issues

Problem: Smart devices don’t communicate or work well together.

Solution: Ensure all devices are compatible with your chosen smart home platform (such as Google Home, Amazon Alexa, or Apple HomeKit). When purchasing new devices, review the manufacturer’s specifications to ensure they can integrate smoothly with your existing setup. This can prevent a lot of frustration and ensure that your devices can work together seamlessly.

Security concerns

Problem: Vulnerability to hacking and unauthorized access.

Solution: Secure all devices with strong, unique passwords. Avoid using default or easily guessed passwords. Implement two-factor authentication (2FA) wherever possible, adding an extra layer of security by requiring a second form of verification to access accounts.

App troubles

Problem: Apps controlling the smart devices frequently crash or lose connection.

Solution: If your app isn’t working correctly, first try logging out and logging back in. This can refresh the app’s connection to your devices. If this doesn’t solve the problem, uninstalling and then reinstalling the app may resolve underlying issues.

Automation gone wrong

Problem: Automated functions don’t operate as expected.

Solution: Review the automation rules you’ve set up and test them one at a time. This approach helps identify where things are going wrong so you can make necessary adjustments.

Limited range

Problem: Devices far from the Wi-Fi router or hub have poor connectivity.

Solution: Move devices closer to your router or smart home hub. This can enhance their communication reliability and speed.

Ghost activity

Problem: Devices activate unexpectedly or exhibit unexplained behavior.

Solution: Investigate any unusual activity thoroughly as it could indicate security issues. Change your passwords regularly and monitor device logs for any unauthorized access.

Feeling overwhelmed

Problem: The complexity of managing a smart home system can be daunting.

Solution: Take advantage of device manuals and online tutorials. These resources can provide valuable guidance on setup and troubleshooting. If needed, don’t hesitate to seek out professional help to ensure your smart home setup meets your business needs efficiently.

By understanding these common issues and solutions, you can better manage smart home technology both at home and in your business, ensuring a smoother, more secure operation. If we can help, please reach out – (734) 457-5000, or info@mytechexperts.com.

It’s Time To Fix Your Risky Password Habits

Thomas Fox is president of Tech Experts, southeast Michigan’s leading small business computer support company.

We all know how important it is to keep our data safe, but sometimes our best intentions fall short. And when you have employees, you’re at an increased risk of security threats and bad habits creeping in.

Here’s the deal: Even if you invest in cyber security training, changing long held password habits can be a tough nut to crack. People love convenience, and remembering a ton of complex passwords just isn’t their idea of a good time.

Your employees are juggling dozens of passwords for work and personal use. It’s a lot to handle, and sometimes they slip up and reuse passwords across different accounts. It’s a familiar story, right? And it’s where the trouble starts.

When passwords are reused, it’s like leaving the front door wide open for cyber criminals. If the password is breached on one site, they will try it to access other sites.

Here’s how you can make sure your team stays on top of their password game.

Password audit: Ask your IT partner to do an audit of passwords and look for weak ones that should be changed.

Block weak passwords: Ask your IT partner to implement a password policy that stops common passwords from being used.

Scan for compromised passwords: Even strong passwords can be compromised. Stay one step ahead by scanning for breached passwords and prompting employees to change them.

Use password managers: Password managers securely generate then store a unique password for every different account… and fill them into the login box so your team doesn’t have to.

Multi-Factor Authentication (MFA): Add an extra layer of security with MFA, where you get a code on a separate device. It’s like putting a deadbolt on your front door – double the protection, double the peace of mind.

With the right tools and guidance, password security doesn’t have to be hard work. If we can help you with that, get in touch – (734) 457-5000.

What Is Microsoft’s New Security Copilot?

It can be challenging to keep up with the ever-evolving cyber threat landscape. Companies need to process large amounts of data as well as respond to incidents quickly and effectively. Managing an organization’s security posture is complex.

That’s where Microsoft Security Copilot comes in. Microsoft Security Copilot is a generative AI-powered security solution. It provides tailored insights that empower your team to defend your network. It also works with other Microsoft security products.

Microsoft Security Copilot helps security teams:

  • Respond to cyber threats
  • Process signals
  • Assess risk exposure at machine speed

A big benefit is that it integrates with natural language. This means you can ask questions plainly to generate tailored guidance and insights. For example, you can ask:

  • What are the best practices for securing Azure workloads?
  • What is the impact of CVE-2024-23905 on my organization?
  • Generate a report on the latest attack campaign.
  • How do I remediate an incident involving TrickBot malware?
  • Security Copilot can help with end-to-end scenarios such as:
  • Incident response
  • Threat hunting
  • Intelligence gathering
  • Posture management
  • Executive summaries on security investigations

How does Microsoft Security Copilot work?

You can access Microsoft Security Copilot capabilities through a standalone experience as well as embedded experiences available in other Microsoft security products.

Copilot integrates with several tools, including:

  • Microsoft Sentinel
  • Microsoft Defender XDR
  • Microsoft Intune
  • Microsoft Defender Threat Intelligence
  • Microsoft Entra
  • Microsoft Purview
  • Microsoft Defender External Attack Surface Management
  • Microsoft Defender for Cloud

You can also use natural language prompts with Security Copilot.

Should you use Microsoft Security Copilot?

The pros:

  • Advanced threat detection
  • Operational efficiency
  • Integration with Microsoft products
  • Continuous learning
  • Reduced false positives

The considerations:

  • Integration challenges
  • Resource requirements
  • Training and familiarization

The Bottom Line

Microsoft Security Copilot marks a significant advancement in the world of AI-driven cybersecurity solutions. This cutting-edge system boasts an enhanced ability to detect threats in real-time, greatly improving operational efficiency. Additionally, its wide-ranging integration capabilities make it an extremely versatile tool in the cybersecurity arsenal.

These features render Microsoft Security Copilot an especially attractive option for businesses that are intent on strengthening their digital defense mechanisms.

The decision to implement Copilot in your organization should be tailored to your specific business requirements. It’s important to weigh factors such as your current cybersecurity infrastructure, the resources at your disposal, and the level of commitment your organization is willing to make towards ongoing training and adaptation of this sophisticated AI tool.

Be Careful When Scanning QR Codes

QR codes are everywhere these days. You can find them on restaurant menus, flyers, and posters. They’re used both offline and online. QR codes are convenient and easy to use. You just scan them with your smartphone camera. You’re then directed to a link, a coupon, a video, or some other online content.

With the rise in popularity of QR codes comes an unfortunate dark side. Cybercriminals are exploiting this technology for nefarious purposes. Scammers create fake QR codes. They can steal your personal information. They can also infect your device with malware or trick you into paying money.

It’s crucial to exercise caution when scanning QR codes. This emerging scam highlights the potential dangers lurking behind those seemingly innocent squares.

The QR code resurgence

QR codes were originally designed for tracking parts in the automotive industry. They have experienced a renaissance in recent years as a result, and they’re used as a form of marketing today.

They offer the convenience of instant access to information. You simply scan a code. Unfortunately, cybercriminals are quick to adapt. A new phishing scam has emerged, exploiting the trust we place in QR codes.

How the scam works

The scammer prints out a fake QR code. They place it over a legitimate one. For example, they might stick it on a poster that advertises a product discount or a movie.

You come along and scan the fake QR code, thinking it’s legitimate. The fake code may direct you to a phishing website. These sites may ask you to enter sensitive data such as your credit card details, login credentials, or other personal information.

Or scanning the QR code may prompt you to download a malicious app. One that contains malware that can do one or more of the following:

  • Spy on your activity
  • Access your copy/paste history
  • Access your contacts
  • Lock your device until you pay a ransom

The code could also direct you to a payment page. A page that charges you a fee for something supposedly free.

Tactics to watch out for

Malicious codes concealed: Cybercriminals tamper with legitimate QR codes. They often add a fake QR code sticker over a real one. They embed malicious content or redirect users to fraudulent websites.

Fake promotions and contests: Scammers often use QR codes to lure users into fake promotions or contests. When users scan the code, it may direct them to a counterfeit website.

Malware distribution: Some malicious QR codes start downloads of malware onto the user’s device.

Tips for safe QR code scanning

Verify the source: Verify the legitimacy of the code and its source.

Use a QR code scanner app: Use a dedicated QR code scanner app rather than the default camera app on your device.

Inspect the URL before clicking: Before visiting a website prompted by a QR code, review the URL.

Avoid scanning suspicious codes: Trust your instincts. If a QR code looks suspicious, refrain from scanning it.

Update your device and apps: Keep your device’s operating system and QR code scanning apps up to date.

Be wary of websites accessed via QR code

Don’t enter any personal information on a website that you accessed through a QR code. This includes things like your address, credit card details, login information, etc. Don’t pay any money or make any donations through a QR code.

Insights from the 2023 Annual Cybersecurity Attitudes and Behaviors Report

We are living in an era dominated by digital connectivity. As technology advances, so do the threats that lurk in the online world.

Often, it’s our own actions that leave us most at risk of a cyberattack or online scam. Risky behaviors include weak passwords and lax security policies, as well as thinking “This won’t happen to me.” This is why human error is the cause of approximately 88% of data breaches.

The National Cybersecurity Alliance and CybSafe publish a report on cybersecurity attitudes and behaviors. The goal is to educate both people and businesses on how to better secure their digital landscapes.

This year’s study surveyed over 6,000 people across the U.S., Canada, the U.K., Germany, France, and New Zealand. The survey asked about several things including knowledge of cybersecurity risks, security best practices, and challenges faced.

The report reveals some eye-opening insights, including how people perceive and respond to cyber threats as well as what they can do to improve their cybersecurity posture.

We are online… a lot

It’s no surprise that 93% of the study participants are online daily. The logins we create continue to expand, as well as those considered “sensitive.” Sensitive accounts hold personal information that could be harmful if stolen.

Nearly half (47%) of the study’s respondents have ten or more sensitive online accounts. This amplifies risk, especially if people are using the same password for two or more of those accounts.

Online security makes people frustrated

Most people (84%) feel that online security is a priority. But as many as 39% feel frustrated, and nearly the same amount intimidated. It can seem that you just can’t get ahead of the hackers. Just over half of people thought digital security was under their control. That leaves a whole lot that don’t think so.

But that is no reason to let down your defenses and become an easy target. There are best practices you can put in place to safeguard your online accounts that work, including:

  • Enabling multi-factor authentication on your accounts
  • Using an email spam filter to catch phishing emails
  • Adding a DNS filter to block malicious websites
  • Using strong password best practices

People need more access to cybersecurity training

One way to reduce human errors associated with cybersecurity is to train people. The survey found that just 26% of respondents had access to cybersecurity training.

It also broke this down by employment status. We see that those not actively employed are most lacking. Even those employed can use more training access and encouragement. Just 53% report having access to cybersecurity awareness training and using it.

Employers can significantly reduce their risk of falling victim to a data breach by improving their security awareness training.

Cybercrime reporting is increasing

Over a quarter (27%) of survey participants said they had been a victim of cybercrime. The types of cybercrimes reported include:

  • Phishing (47%)
  • Online dating scams (27%)
  • Identity theft (26%)

Millennials reported the most cybercrime incidents. Baby Boomers and the Silent Generation reported the fewest.

No matter where you fall in the generations, it’s important to adopt security best practices and be vigilant about your online security.

How Can A Data Breach Cost Your Company For Years?

Thomas Fox is president of Tech Experts, southeast Michigan’s leading small business computer support company.

The repercussions of a data breach extend far beyond the immediate aftermath. They often haunt businesses for years.

Only 51% of data breach costs occur within the first year of an incident. The other 49% happen in year two and beyond.

The unseen costs of a data breach

The First American Title Insurance Co. case is a good example.

The 2019 cybersecurity breach at First American serves as a stark illustration. It reminds us of the far-reaching consequences of a data breach. In this case, the New York Department of Financial Services (NYDFS) imposed a $1 million fine.

Cybersecurity sites announced the fine in the fall of 2023. The company’s fine was for failing to safeguard sensitive consumer information. This is one example of how costs can come long after an initial breach.

[Read more…] about How Can A Data Breach Cost Your Company For Years?

Are You Really Ready To Upgrade To Windows 11?

So, you’re thinking about upgrading your business to Windows 11? That’s a smart move because this update comes with some cool features that can boost your productivity.

But here’s the thing, it’s not as simple as clicking a button and SHAZAM, you’re on Windows 11. You need a plan, or you might end up with some messy downtime and confused employees.

Before you get all excited about Windows 11, check which of your current PCs can handle the upgrade. Some older machines might not meet the system requirements, and you don’t want any surprises down the road.

If you need to replace some computers, make sure you budget for that as part of your upgrade plan.

Most of your software that works on Windows 10 should play nice with Windows 11, but don’t take that for granted.

Look at all the software your business relies on to make sure it won’t freak out with the new operating system (OS). Some software might need updates to get along with Windows 11, so keep an eye on that too.

Whenever you’re making a big change that affects your team, you’ve got to have a plan. It’s your roadmap to success. So, what should your upgrade plan include?

  • Clear and honest communication with your team about the upgrade
  • Training sessions to show your employees the ropes of the new OS
  • Help for your managers to guide their teams
  • A timeline for when the upgrade will happen, and all the communication and training that goes with it
  • A plan to handle any bumps in the road and any resistance you might encounter
  • A resource to help your team with any questions or issues they have after the upgrade

Alternatively, team up with an IT support partner (like Tech Experts) to make sure everything goes smoothly and to take the weight off your shoulders!

Don’t go solo on this one; it’s best to have IT pros in your corner. If something goes wrong during the upgrade and you’ve done it yourself, it might take a lot longer to get things back on track. Let experts like our team handle it. We know what we’re doing.

Upgrading to Windows 11 can supercharge your business, but only if you plan.

If you’d like help to make the change as smooth as can be, get in touch.

Unlocking Business Potential With Generative AI: A Guide For Non-Technical Business Owners

In an age where technology continually reshapes the landscape of how we do business, staying informed and adaptable is key. As a non-technical business owner, you might have heard about the buzz surrounding generative AI, but what exactly is it, and more importantly, how can it benefit your small business? This article breaks down the essentials of generative AI and provides practical ways to integrate this innovative technology into your business strategy.

Understanding generative AI

Generative AI refers to artificial intelligence that can generate new content, from written text to images, and even music. This technology, powered by sophisticated algorithms, learns from existing data to create original, realistic outputs. The most common examples you might have come across include chatbots, image generators, and content creation tools.

Enhance customer service with AI chatbots

One of the most immediate applications of generative AI for small businesses is through AI chatbots. These virtual assistants can handle customer inquiries, provide product recommendations, and offer support 24/7. This not only improves customer satisfaction but also frees up your staff to focus on more complex tasks. Tools like OpenAI’s GPT-3 have made creating these chatbots more accessible than ever.

AI-generated content boosts online presence

Creating engaging content consistently can be a daunting task for many business owners. Generative AI comes to the rescue by assisting in generating blog posts, social media updates, and even marketing copy. Tools like Jasper or Writesonic can help you craft compelling content that resonates with your audience, saving you time and resources.

Personalizing customer experiences

Personalization is a key differentiator in today’s market. Generative AI can analyze customer data to create personalized recommendations, tailored emails, and targeted advertising campaigns. This level of personalization can significantly enhance customer engagement and loyalty.

Streamlining operations with automated processes

Generative AI can also play a pivotal role in streamlining business operations. For instance, AI can automate invoice generation, schedule appointments, and even manage inventory. This not only increases efficiency but also reduces the likelihood of human error.

Exploring creative possibilities with AI generated designs

For businesses that rely on creative outputs like graphics, marketing materials, or product designs, generative AI offers a world of possibilities. Tools like DALL-E or Canva’s Magic Write can generate high-quality images and designs based on your specifications, providing a cost-effective alternative to hiring designers.

Understanding the limitations and ethical considerations

While generative AI offers numerous advantages, it’s important to be aware of its limitations and ethical implications. AI-generated content may require human oversight to ensure accuracy and relevance. Additionally, issues around data privacy and intellectual property rights in AI-generated content are important to consider and navigate carefully.

Generative AI is not a distant, high-tech dream but a tangible tool that small businesses can leverage today to drive growth, enhance efficiency, and create engaging customer experiences. By understanding and integrating this technology into various aspects of your business, you can stay ahead in a competitive market.

As you explore generative AI options, remember that the key is to use these tools as a complement to human creativity and expertise, not a replacement. Embracing AI smartly can unlock new horizons for your business and pave the way for future innovations.

Start small and experiment with AI tools relevant to your business needs. Whether it’s enhancing customer service, content creation, or operational efficiency, the journey into the world of generative AI promises to be both exciting and rewarding for forward-thinking business owners.

 

Reader’s Note: This article was written entirely by AI using the prompt “write a newsletter geared toward non-technical business owners about how to use generative AI in their small businesses.” This is a technology that goes beyond automation and the AI we used to know. It can create, content, solutions, and possibilities before unimaginable. The landscape of small business marketing is evolving rapidly. The integration of AI technologies is reshaping strategies for growth. Small businesses are turning to GenAI to enhance their marketing efforts. Despite how useful AI can be, it isn’t a replacement for human review, tweaking and approvals.