It makes sense that fraudsters are drawn to our digital accounts since so much of our daily activities take place on laptops and mobile devices. Every day, we hear news of malicious attacks against companies, governments, and individuals. With this prevalent news, it does not appear that the hacks, data breaches, and other cybercrime will slow down.

In the past, a form of security was to have usernames and passwords for all our devices, social media handles, and data storage. But in recent years, passwords are just not enough. Given how simple it is for hackers to get usernames and passwords, it is no wonder breaches, and attacks occur regularly.

The frequency of websites losing consumers' personal data has dramatically increased. Hacks also result in the loss of social media users' handles. 

According to a study, 80% of hacking incidents are caused by stolen and reused login information. Another study showed that poor passwords caused data breaches in 81% of companies.

As security breaches continue to rise, two-factor authentication has emerged as a crucial web security technique due to its ability to reduce the danger associated with compromised login credentials. Two-factor authentication keeps an attacker from getting access even if a password is stolen, guessed, or phished.

Continue reading to know what two-factor authentication is and how it works

What is Two-factor Verification (2FA)?

In reality, passwords are not foolproof because, regardless of how strong or weak your password is, it is simple for a security professional or cybercriminal to crack it. To protect an account in this situation, 2FA comes into play.

Two-factor authentication is a kind of multi-factor authentication that boosts security access by requiring two ways (authentication factors) to confirm your identity.

These factors include you entering your username and password. Then, instead of gaining immediate access, you will have to provide another piece of information. The 2FA could be a one-time SMS/email code, biometric, or fingerprint that you use to verify your identity.

This authentication safeguards your logins against attackers using stolen or weak credentials and guards against phishing and password hacks. Therefore, even if your password is compromised, it is extremely improbable that someone else will have access to your second-factor information.

Types of Two-factor Verification

There are three types of 2FA. They are known as the 3-somethings. Users must enter at least 2 of these 3-somethings to access the account.

• Something you know: This could be an answer to a secret question such as a favorite book, best food, worst or best experience, or a unique pattern or pin.

• Something you have: This could include your phone, wallet, credit card, or a small hardware

• Something you are: This authentication type is a little more advanced and could include your fingerprint biometric, fingerprint pattern, an eye scan, or a voice scan

Before you can log in, any of this information must be provided.

Forms of Two-factor Verification?

A user's identity can be confirmed using various two-factor forms. These include:

SMS Two-factor Authentication

SMS-based 2FA interacts directly with the user's phone. After receiving their login and password, the site verifies the user's identity by sending a unique one-time passcode (OTP) to the user's phone number via text message. 

If the authentication is voice-based, the user will get a call, and the passcode will be spoken to them.

The user is then given access after entering the code into the website or application.

Email Authentication

Email two-factor authentication is another popular way that people access their online accounts. Users receive an OTP or secret code via email to verify their identification. Sometimes, accounts can also be accessed without passcodes by clicking a unique link in the email.

TOTP/Authenticator App 

The website or app a user is seeking to access creates a key locally using the Time-Based One-Time Password (TOTP) authentication technique. The security key is generally a QR code the user scans with their phone to generate a string of numbers. 

The user then types those numbers into the website or application to gain access. A new passcode will be produced the next time a user enters the account because authenticators generate them with an expiration date.

Push-based Authentication

Push-based 2FA verifies a user's identity with as many authentication factors as other methods cannot. 

A push notification is a passwordless authentication that alerts the user that an authentication attempt is being made by sending a message to a secure app on the user's smartphone. The user can then allow or refuse access after viewing the details of the authentication attempt.

How Does Two-factor Verification Work?

Your online accounts are given an additional layer of security thanks to two-factor authentication. Beyond only the username and password, access to the account requires a second login credential and obtaining that second credential necessitates access to something that is yours.

Accessing the account without this additional access method makes it impossible for hackers to access your account using only stolen login credentials and passwords.

Process of How 2FA Works

Different two-factor authentication options may be available depending on the application or vendor. Nevertheless, two-factor authentication follows the same process:

• The user enters their username and password to access the website or app.

• If the password is legitimate, an authentication server verifies it, and the user is then qualified to use the second factor. For processes where passwords are unnecessary, the website generates a unique security key for the user. The authentication tool processes the key, which is verified by the website's server.

• The user's second-factor method receives a unique code from the authentication server. Any of the 3-somethings in this stage.

• The user may then have to input a generated one-time code and provide further authentication.

• Once accepted and verified, they are logged in.

Why Do We Need Two-factor Authentication (2FA)?

Imagine if someone could discover or guess your password and could access any of your social media accounts. Your sole line of defense against a hacker who wants to sell your information is a password.

These days, passwords are ineffective against the most popular password cracking methods employed by hackers. Even the most complicated passwords are not enough to stop these hackers.

We require two-factor authentication because it is a more effective method of restricting access and safeguarding your personal information than using a password alone. You will most likely be notified if someone else is trying to access your account.

Upgrade Your Security

Increase security by using two-factor authentication to safeguard your data. It is the quickest, easiest approach to defend oneself against online threats.

Increase your security with BrainStomp. Let us assist you in setting up safety measures when you want to log in. Give us a call at 260-918-3548 for a consultation session or send us a message.

The global pandemic has forced many businesses to adopt a work model that is different from what they are used to. Due to health restrictions, offices were left vacant and employees have been working remotely in their homes. But now that everything is opening up and slowly returning to normal, offices are beginning to welcome back their workers as well. 

Switching work models abruptly can be quite challenging for employers and employees alike. Because of this, most offices have begun implementing a hybrid office setup to accommodate their staff who wants to return to the office as well as those who choose to stay remote. Adjusting to a new work setup will take some time, but there are things that you can do to make the transition easier. 

In this article, we will share 5 tips to maximize your hybrid office setup to make it more effective. 

What is a hybrid office setup?

Before we move on to the ways to improve your hybrid work model, let us first discuss what a hybrid office setup is. 

Hybrid work is a model where some workers work in the office while others work remotely. This can involve some employees sticking to either on-site or remote work 100% of the time, or employees splitting their time between both work environments. This hybrid model is often perfect for companies who are slowly transitioning from a work-from-home setup back to an office environment. 

The flexibility of the hybrid office model allows employees to adjust to the new working conditions at their own pace. Additionally, it’s what they are expecting. A Gallup poll found that 53% of employees expect to be offered a flexible hybrid working arrangement. 

5 Things You Can Do to Maximize a Hybrid Workplace

As an employer, your job is to make sure that your hybrid office setup is running as smoothly as possible. From the well-being of your people to the tools and systems that they are using, there are a lot of ways for you to ensure that this environment is working for everybody. 

Here are the things that you can do to further improve the effectiveness of your hybrid work model.

1. Encourage Communication

One of the management challenges that you will have to deal with when it comes to a hybrid work setup is how to effectively communicate with the rest of your team. In an office environment, it is easy to reach out to the people that you need to talk to since you are all in one location, but in a hybrid setup, part of your team will be stationed somewhere else. 

To encourage communication, you need to provide your employees with a means to communicate and collaborate with one another. Applications such as Zoom, Skype, and Microsoft Teams are just some of the software that you and your team can use to communicate with one another.

2. Set boundaries

Monitoring what your staff members do during work hours can be challenging in a hybrid setup. In order to prevent your workers from engaging in non-work-related activities during office hours, you need to set boundaries on what they can and cannot do while they are on the clock. 

One way of setting boundaries is holding regular meetings. This will allow you to monitor the work progress of your employees and it also encourages communication and collaboration between the members of your team. 

3. Provide technology that will boost productivity

Technology is the key to running a hybrid work setup smoothly. From communicating with your staff to boosting productivity, there is a technological tool available to meet your company’s needs. 

Information accessibility and collaboration are some of the areas that you will be able to maximize with the help of digital tools. A cloud-based system allows your employees to access the information that they need 24/7 anywhere in the world. Collaboration tools, on the other hand, enable your staff to work with one another whether they are in the office or at home. 

With the help of technology, you will be able to create a seamless work system that will improve your office’s working conditions while accommodating all of your employees. 

4. Strengthen your cybersecurity

To accommodate employees who are working remotely, offices have decentralized their networks to allow remote access to various work resources. While this provides flexibility to your work setup, it can also lead to vulnerabilities. 

In order to protect the data of both your company and your employees, you need to enforce strong cybersecurity measures that won’t affect the flexibility of your hybrid office. The following are some of the practices that you can do to safeguard your data and prevent security breaches: 

• Educate your employees on cybersecurity measures that they can implement to avoid potential hazards and security threats. 

• Secure your network with a VPN to allow your employees to safely access your network whether they are in the office or at home. 

• Require identity verification before providing access to work resources and devices. 

5. Provide a suitable work environment for your employees

One of the issues that is not addressed properly in a hybrid office setup is the lack of suitable workspaces for employees who are working remotely. Aside from digital tools and systems, you also need to provide your staff with a conducive work environment to further boost their productivity.

Companies like Twitter, Facebook, and Google provide their employees a flat fee of $1000 to cover their remote work expenses. While you are not required to provide the same amount of compensation to your workers, do consider providing the necessary equipment that they need to create a suitable work environment at home. 

Maximize Your Hybrid Work Environment with Help from BrainStomp

A hybrid work environment that is secure and geared towards productivity can take some time to set up and calibrate. BrainStomp can provide you the support that you need to maximize the systems that you already have in place to boost the effectiveness of your hybrid office setup. 

Schedule a free consultation today! Call 260-918-3548 or reach out online.

Keeping data safe and protected is, and should be, one of the top priorities of any company. From the sensitive information that keeps your business running to the confidential data of your employees, it is vital to eliminate the chances of a security breach or at least keep it at a minimum. 

Aside from being hacked or infected with malware, one of the instances that threaten the security of your data is when a work device gets lost or stolen. You need to be prepared in case this scenario happens by including protections for device data in your cybersecurity plan. 

What Happens When a Work Device Gets Lost?

There are two main issues that you need to concern yourself with when a work device goes missing: lost equipment and a possible breach of security. 

The chances of retrieving the lost device are quite slim, especially if the device was deliberately stolen. This means that the device will need to be replaced which will be an additional cost to the company.

The possible breach of security is a more serious consequence of this scenario. If you do not have any security measures installed in the lost device, the information and data that it contains can be easily accessed by anyone. 

Among the various causes of data breaches globally, breach of user credentials is number one on the list. You need to have contingency measures in place to protect your data in case a work device is lost or stolen. 

Helpful Tips to Mitigate Your Risk Due to a Lost Device

There are several security measures that you can put in place to avoid a data breach in case a work device gets lost or stolen. These include procedures that need to be done before a device goes missing as well as what you can do after the device disappears. 

Keep your device physically secure

The best way to avoid data breaches because of missing devices is to not lose the device in the first place. Be mindful of your equipment and keep it with you at all times, especially if you are working outside the office. 

If you are in a public area, be aware of your surroundings. There are people who will take a peek at what you are doing to try to see your passwords or any sensitive information that your device might display.  

Implement authentication processes

By having authentication measures in place, you can protect your data even if a work device goes missing or gets stolen. Using multi-factor authentication (MFA) and biometrics will make it difficult for outside parties to access your device and data. 

You can also implement a zero-trust security system to make your network more secure and make it even more difficult to steal and access your company’s data. 

Encrypt your data

Encryption is one of the most commonly used forms of data security because of its effectiveness in keeping data secure.  By encrypting your data, you will be adding another layer of protection against those who want to steal your information. 

Encryption is not only beneficial for this situation. It should be a part of your whole cybersecurity system as it prevents data theft and the introduction of malware to your system. 

Back up your files

Keep a backup of your important files to ensure that you will still have a copy even if you lose your work device.  Backing up all your files is an important part of business continuity as well.   

One of the most efficient ways of backing up your files is through the use of network drives. Compared to cloud storage, network drives can back up your data faster, they can be accessed locally, and they also provide better security. 

Report missing devices immediately

All lost or stolen work devices must be reported immediately. This is because the longer your missing device goes unreported, the longer your data is at risk of being exposed. If the company is immediately informed of a lost or stolen device, it can activate security measures that can prevent a data breach. 

In order for this policy to be effective, employees must not be reprimanded for reporting missing or stolen devices. Time is of the essence when it comes to preventing data breaches, which is why your employees should not be afraid to report missing work equipment, especially when equipment contains sensitive information.  

Erase data

If worse comes to worst, be prepared to wipe the data on the lost or stolen device. This will prevent a data breach from happening because there will be no data left on the equipment. 

As long as you back up your data regularly, wiping the memory of a missing device will not have a big impact on your system. 

Improve Your Security with BrainStomp

Work devices can go missing anytime, anywhere. Be prepared for this situation with help from BrainStomp. Let us assist you in setting up safety measures against data breaches from lost or stolen devices. 

Schedule a free consultation today! Call 260-918-3548 or reach out online.

One of the most used computing functions is copy/paste. It allows you to just right-click or use Ctrl+C (Windows) or Cmd+C (Mac) to copy text and images. You can then paste this copied data somewhere else using your right-click “paste” function or keyboard commands Ctrl+V (Window) or Cmd+V (Mac).

The copy and paste function was developed way back in the 1970s by Larry Tesler and it has been a mainstay in the base code for every operating system and program for decades. Most business technology workflows would be seriously hampered without it.

The function works by the use of a clipboard that holds onto the information you’ve copied so you can paste it into a different document or application.

It has been a great tool and has increased productivity in a number of ways. It has also evolved along the way. For example, people now often use more than one device when they work. The reality of the hybrid office has taken hold and many employees find themselves using one device at home and another at work.

Their cloud applications can be used across their devices, but what about the copy/paste function? 

It turns out that Microsoft has made this possible by using The (Windows) key + V.

How Does (Windows)+V Work to Share Copy/Paste Function?

There is a two-step process to enabling your copy/paste to work across various Windows 10 and Windows 11 devices. 

First, you’ll need to turn on your clipboard’s history. Then you’ll need to turn on clipboard syncing.

Let’s discuss clipboard history first.

Turn on Clipboard History

Have you ever seen someone who could access things they’ve copied several “copies” ago and still be able to paste those into a document? You may have wondered how if you haven’t seen this same feature on your PC.

You can do this by turning on your Windows clipboard history.

To turn on clipboard history:

1. Hold down the (Windows) key + V to bring up the clipboard.

2. Click the button that says “Turn on” in the clipboard window

Turning on your clipboard history allows you to access items that may have been copied a while back. You’ll also have the ability to pin items to make them easier to find, delete items to clean up your clipboard, and clear all unpinned items from your clipboard.

This is very helpful if you have certain data that you end up copying and pasting often. It can also be useful if you’re on one of your PCs and see something you want to save and use on another PC or device. You can save it in your clipboard history and access it later.

You can access your clipboard and its history by pressing the (Windows) key + V. 

Turn on Clipboard Syncing

To have the ability to access the same clipboard from other Windows 10 or Windows 11 devices, you need to turn on clipboard syncing.

Here’s how you do that:

1. Click the magnifying glass icon on your taskbar.

2. Type in “clipboard.”

3. This will bring up the link to your clipboard settings. Click that link.

4. This will bring you to your clipboard settings, where you’ll see several functions:

• Turn on clipboard history (you can do it here too)

• Sync across your devices

• Clear clipboard data

5. Move the slider to the “On” position for “Sync across your devices”

6. The default setting will automatically sync all text that you copy, but you can also choose to manually sync items if you prefer

What’s the difference between automatic and manual syncing of the clipboard?

Automatic will make any text you copy available to other Windows devices that you are signed into. If you choose to manually sync your clipboard text, you will instead choose the items you want syncing in your clipboard window. (Windows key +V).

If you are copying sensitive or confidential information that you need to keep on one device only, then manual may be a better option to choose.

How Do I Access the Synced Clipboard on Other Devices?

You need to be signed into another Windows device with your Microsoft ID to access your synced clipboard.

When on the device, ensure that it also has clipboard syncing enabled, then press (Windows) key + V to get to the clipboard. The synced items will be there, and you can choose from them to paste into a document.

What About Mobile Devices?

Some mobile devices can also use a cross-device copy and paste feature. This includes Surface Duo and select Samsung devices. You can learn which devices and more about this feature here on Microsoft’s site.

On compatible devices, you’ll be looking in the Settings for Features > Cross-device copy and paste, and then toggle that on. 

Need Help Optimizing Business Workflows?

There are many workflow tricks that companies miss out on, simply because they don’t know they’re there. BrainStomp can help your business optimize to increase productivity with simple and inexpensive workflow tips.

Schedule a free consultation today! Call 260-918-3548 or reach out online.

Phishing has been the main cause of cyberattacks for a while. It’s used to launch attacks for everything from ransomware to credential theft. Scammers cleverly disguise an email to make it seem legitimate to lure recipients into opening dangerous file attachments or clicking links to malicious websites.

Even though phishing isn’t new, and companies regularly train employees on phishing and cybersecurity awareness, they continue to suffer from breaches that originate in this way. And things have been getting worse.

In 2020, 57% of surveyed organizations were victims of at least one successful email-based phishing attack. In 2021, that number jumped significantly to 83% of organizations being breached due to email phishing.

One of the reasons for the increase in successful attacks is that phishing scammers keep upgrading their tactics. As people become savvy to one type of ploy, they begin using another.

One of the dangerous phishing trends being seen that fools many people is reply-chain phishing.

Criminals Are Tricking People with Reply-Chain Attacks

In standard phishing, the recipient receives an email from a scammer. It could be disguised as being from a bank, potential customer, or even a work colleague. These emails can also be personalized. But they come as a single email and often from an unknown sender.

In a reply-chain phishing attack, hackers get a little more deceptive and insert their phishing email into an existing email conversation, also known as an email thread.

Most email programs give you the option to see the replies in an email conversation below the new reply. So, if you and your colleagues are weighing in on a new marketing brochure, you might see everyone’s input in the email body, from newest to oldest.

These types of email reply chains are something we see and contribute to every day. They’re familiar, and that familiarity is what hackers take advantage of.

In a reply-chain attack, a hacker takes over this email reply chain and inserts a phishing email that contains a malicious link or attachment. Because the email looks to be coming from a colleague and is part of an ongoing conversation, no one generally suspects that it is a scam.

Because of that trust factor, this type of attack can be very effective and trick a lot of people. Even those that consider themselves smart about phishing detection and cybersecurity.

How Do Reply-Chain Phishing Attacks Happen?

You may be wondering, “How does a hacker gain access to an email reply chain?” The answer is through an account takeover.

The criminal somehow gains access to the email account of one of the people in the email thread. This can occur in a number of ways:

• Hacker breaches a weak password that’s easily cracked

• Hacker purchases passwords on the Dark Web that were stolen in a data breach

• Hacker uses phishing to get a person to type in a password into a fake web form

• Hacker gains access to a person’s computer and can obtain passwords from that device

Once the criminal has gained access to a person’s email account, they begin looking for opportunities and monitoring for these reply to chains.

As soon as they see correspondence that includes an email thread, they can easily look down the conversation, and tailor their phishing email accordingly. This makes it even more convincing.

For example, if they see that a draft document has been going around with edits for a new sales contact. They can infuse a word document with malware, attach it, and then simply say in the email, “Hey everyone, here are my latest edits to the sales contract we’ve been working on.”

The combination of the email coming from an email address the other recipients know and trust and that the email jives with the conversation that’s been going on makes it a very potent attack.

Check Your Auto-Forward Rules!

What if you realize your email has been breached and you change your password? You’re safe then, right? You might not be.

Clever criminals will set up an auto-forward once they breach an email account, knowing their time may be limited until they’re found out. Some will have the main purpose of setting up the auto-forward and never leaving another trace, hoping the person doesn’t find out their emails are being breached.

Once the hacker has auto-forwarded someone’s email to their own address, they can look for these email threads and then spoof one of the participants’ email addresses when sending a reply to the chain.

They don’t always have to be emailing from a breached account’s address to make everyone else think they are.

It’s important to regularly check your forwarding rules to see if your emails are being forwarded without your knowledge. Most people won’t ever look at this setting if they don’t use this feature themselves for anything.

Get Better Email & Password Security Solutions Through BrainStomp

BrainStomp can help your business with effective email and password security features designed to fight the rise in phishing and keep you from suffering a costly attack.

Schedule a free consultation today! Call 260-918-3548 or reach out online.

The internet is a portal to anywhere. Employees can use the browsers on their work computer for good reasons, such as doing research for a work project or looking up customer or lead information.

They can also use it for activities that you would not consider work-appropriate, such as visiting an offensive website or watching funny animal videos on YouTube.

69% of surveyed employees admit to shopping online while at work, and if you look at just the millennial age group, that percentage jumps to 81%. 

When employees use the internet at work for personal use it can cut into productivity, but also leave your network security open to risks. Landing on a sketchy website can cause an injection of malware into the work device being used, and this could quickly spread to your entire network.

Threats like ransomware, adware, spyware, viruses, and more can easily be unleashed by an unsuspecting employee that’s visiting websites they should not be while at work.

How do you control the websites employees visit when you can’t exactly be standing behind each one all the time? Through web filtering.

Benefits of Web Filtering

Web filtering allows you to set up specific sites that your network will not allow. If a user tries to visit a site that is in a blocked category, they would be met with a message letting them know that the site was blocked.

Using web filtering has multiple advantages for your organization.

Improves Employee Productivity

If employees are doing their holiday shopping when they should be working, that eats into company productivity. While you can tell employees visiting non-work-related websites is frowned upon, in many cases, they’re going to do it anyway.

Web filtering gives you a way to ensure non-work-appropriate sites are blocked, which improves company efficiency.

Improves Network Security

Being able to block potential phishing sites and sites known to be heavily populated with adware (like pornographic sites) improves your overall network security. 

Makes Administration Oversight Easier

You don’t have to look through tons of internet usage reports to try to see how many employees are wasting time on the internet. Instead, you can simply filter out the sites you see as a problem, blocking anyone on your network from visiting them. This takes much less administrative time and is a more automated solution.

Optimizes the Allocation of Network Resources

When someone decides that no one is looking and they can stream a show from their computer, that streaming is taking up your company’s bandwidth. Company resources get used when employees use the internet at work for personal use, which could actually cause cloud-based work applications to lag and freeze up.

Web filtering ensures that this doesn’t happen.

What Categories Should We Filter For?

Web filtering is completely customizable according to your company’s needs. 

Here are some of the categories that BrainStomp filters for to give you a few ideas.

Adult

Advertisements

Alcohol

Animals and Pets

Arts

Astrology

Business and Industry

Cannabis

Chat and Instant Messaging

Cheating and Plagiarism

Child Abuse Content

Cloud and Data Centers

Computer Security

Computers and Internet

Conventions, Conferences, and Trade Shows

Cryptocurrency

Dating

Digital Postcards

Dining and Drinking

DIY Projects

DoH and DoT

Dynamic and Residential

Education

Entertainment

Extreme

Fashion

File Transfer Services

Filter Avoidance

Finance

Freeware and Shareware

Gambling

Games

Government and Law

Hacking

Hate Speech

Health and Medicine

Humor

Hunting

Illegal Activities

Illegal Downloads

Illegal Drugs

Infrastructure and Content Delivery Networks

Internet of Things

Internet Telephony

Job Search

Lingerie and Swimsuits

Lotteries

Military

Mobile Phones

Museums

Nature and Conservation

News

Non-governmental Organizations

Non-sexual Nudity

Not Actionable

Online Communities

Online Document Sharing and Collaboration

Online Meetings

Online Storage and Backup

Online Trading

Organizational Email

Paranormal

Parked Domains

Peer File Transfer

Personal Sites

Personal VPN

Photo Search and Images

Politics

Pornography

Private IP Addresses as Host

Professional Networking

Real Estate

Recipes and Food

Reference

Regional Restricted Sites (Germany)

Regional Restricted Sites (Great Britain)

Regional Restricted Sites (Italy)

Regional Restricted Sites (Poland)

Religion

SaaS and B2B

Safe for Kids

Science and Technology

Search Engines and Portals

Sex Education

Shopping

Social Networking

Social Science

Society and Culture

Software Updates

Sports and Recreation

Streaming Audio

Streaming Video

Terrorism and Violent Extremism

Tobacco

Transportation

Travel

URL Shorteners

Weapons

Web Cache and Archives

Web Hosting

Web Page Translation

Web-based Email

Academic Fraud

Adult Themes

Advertising

Adware

Anime/Manga/Webcomic

Auctions

Automotive

Blogs

Business Services

Chat

Classifieds

Drugs

Ecommerce/Shopping

Educational Institutions

File Storage

Financial Institutions

Forums/Message Boards

German Youth Protection

Government

Hate/Discrimination

Health and Fitness

Instant Messaging

Internet Watch Foundation

IT-ADM

IT-AGCOM

Jobs/Employment

Lingerie/Bikini

Movies

Music

News/Media

Non-Profits

Nudity

P2P/File sharing

Photo Sharing

Podcasts

Portals

Proxy/Anonymizer

Radio

Religious

Research/Reference

Search Engines

Sexuality

Software/Technology

Sports

Tasteless

Television

Terrorism

Video Sharing

Visual Search Engines

Web Spam

Webmail

Get Help Setting Up Web Filtering on Your Network

BrainStomp can help your business put an affordable web filtering solution in place and get you set up with the best filtering categories for your needs.

Schedule a free consultation today! Call 260-918-3548 or reach out online.

Having the ability to look at business data in a meaningful way is important for finding insights. Being able to identify a downward trend and address it or capitalize on a positive data point can help businesses grow and improve profitability.

Company leaders that use data visualizations and advanced analytics are 5x as likely to make decisions faster than their peers and 3x as likely to properly execute those decisions as intended.

Last year, Microsoft made it easier for companies to create meaningful data analytics by combining PivotTables in Excel for the web with its business intelligence dashboard Power Bi. 

Let’s look at each of those pieces and then how they combine to make data analysis easier and more powerful at the same time.

What is an Excel PivotTable?

A PivotTable in Excel is a tool that allows you to calculate, summarize, and analyze data. It helps reveal data patterns and trends.

The PivotTable will pull in data from other resources and group it together into a single place, where you can organize that data in multiple ways and use graphs to create visualizations.

Using PivotTables, you can look at a large amount of data in a user-friendly way, have calculations run on that data in the background, and more.

Some of the things that PivotTables can do are:

• Subtotaling and aggregating data

• Summarizing data by categories and subcategories

• Creating custom calculations and formulas

• Expanding and collapsing levels of data 

• Making it easy for you to drill down into different summaries of source data

• Filtering, sorting, grouping, and conditionally formatting data

• Providing attractive and annotated reports

What is Power Bi?

Power Bi is an application that connects to multiple data channels throughout your organization to bring all your business data into one place. 

The platform has over 500 free data connectors that make it simple to connect to many different data sources, like Azure SQL, Salesforce, SharePoint, Excel, and more.

The platform allows you to create multiple interactive and visually engaging reports that are easy to share with others.

Why Bring Power Bi Data Into Excel?

Excel has been around for ages, and it is the “go-to” tool for a lot of organizations and their teams. While Power Bi gives a company the ability to bring all its online data sources into a single platform, Excel provides an easy user experience that people tend to be comfortable and familiar with.

It also has features, such as PivotTables and data types that allow you to do more with your raw data.

How to Create an Excel Pivot Table Using Power Bi Datasets

Step 1: Insert PivotTable

First, go to Insert in the top menu and click the PivotTable. Then choose From Power Bi (Microsoft).

Note, that your company must already have Power Bi in your Microsoft plan for this option to be enabled. 

Step 2: Chose the Dataset You Want

Next, in the Power Bi Datasets pane, you’ll choose the dataset that you want to bring into Excel. When you do this, a PivotTable will be created for you in a new spreadsheet of the workbook you’re in.

Step 3: Add Fields to Your PivotTable

Now, you’ll want to begin building out your PivotTable by adding the fields you want to work with from your dataset. The way that Excel creates the PivotTable is to add the fields that you select to Rows and to add any date and time hierarchies to Columns. Numeric fields are added to Values.

You can move fields from one area to another by dragging the field. 

Refreshing Your Data

Why connect data in an Excel PivotTable to Power Bi? Because the data can be live, and thus be updated as it comes in.

For example, say that you have sales and lead data from Salesforce connected to Power Bi. You could bring this into an Excel PivotTable and never have to worry about asking the sales team for the daily sales figures again. The data would refresh automatically as updates and new data are added to your Salesforce account.

To refresh your data inside Excel to capture any updates, you can use the following steps:

• Click anywhere in your PivotTable to show the PivotTable Tools on the ribbon.

• In that Tools area, click Analyze > Refresh.

You can refresh data automatically when the Excel workbook is opened by doing this:

• Click Analyze > Options

• On the Data tab, check the box for Refresh data when opening the file

Get Help Incorporating Technology Solutions to Boost Your Business

Knowing how to use technology to make things easier and get better business insights is important if you want to be competitive. BrainStomp can help your business with smart technology solutions that improve your bottom line.

Schedule a free consultation today! Call 260-918-3548 or reach out online.

Passwords have become a new “Holy Grail” for hackers and large criminal groups of all types. With much of the workload and data for companies moved to the cloud, getting in via a brute force attack is not easy.

Cloud service providers like Microsoft, Amazon, and Google spend millions each year on security and they have stringent defenses for their data centers and networks.

But if an attacker has the email address and password for a legitimate user of the cloud account, they can get right in. Depending on the privilege level of the account they breached, they can do things like:

• Steal sensitive data

• Access email 

• Add and remove users

• Infect cloud storage with ransomware

• Send phishing email from your email address

• Access payment card details

• And more

Breach of user credentials has become the number one cause of data breaches globally.

It’s important to have a comprehensive cybersecurity plan with several layers of protection. One of the critical layers is password security. All it takes is one unprotected password to cause a major breach that costs hundreds of thousands of dollars.

Breaches cost both companies and individuals because passwords are often shared across personal and work accounts.

Poor Password Habits Can Lead to Big Problems

Acting against how important it is to keep passwords secure is the fact that many users have bad password habits.

A SurveyMonkey survey found that:

• 34% of people share their passwords with coworkers

• 22% of people admit to using the same passwords for work and personal accounts

• Only 12% of people use a password manager to securely store their passwords. 

Unsecure storage methods used for passwords can increase the risk of having your passwords stolen. People have so many passwords to remember that they often resort to these types of methods.

Do any of these look familiar to you?

• Using your phone’s contacts app to store passwords

• Storing passwords in an Excel or Word document on your PC (not password protected)

• Using sticky notes stuck to your computer to jot down passwords

Reasons You Should Not Share Passwords

We tend to trust certain people we work with and they may be good friends. So, you might not think twice about sharing a password with your friend at work. But sharing your password is like handing out a copy of your driver's license to share. It’s a huge security risk that can lead to major problems.

Here’s why.

You Have No Control Over the Password Security Once You Share It

While you may trust your friend and they might not mean to leave your password unsecured, mistakes happen. Bottom line is that you have no control over the security of your password once you give it to someone else.

Methods of Sharing Are Often Non-Secure

How you share that password with another person might allow the password to be intercepted. For example, if you send your coworker the password in a non-encrypted email, it can easily be seen by anyone trying to infiltrate your network.

Sharing a password on a piece of paper can also lead to a security problem. Imagine if that paper is thrown away, and then retrieved by someone wanting to harm the company, such as a disgruntled employee. 

You Are Ultimately Responsible for Your Password

When a data breach happens, IT experts will look at system logs to find out the source of the breach. If your account is connected to a breach or unwelcome activity in the system, you will be blamed.

If you share your password, then whoever has it can log in as you. The system reads you as the user and all activity tracked is associated with your user login. You could be blamed for something you didn’t do, such as downloading confidential information. 

Reasons You Should Not Leave Passwords Easily Accessible

It’s Easy to Search for Documents Called “Password”

If someone has a document on their PC where they keep passwords, there is a good chance that the word “password” is either in the title or the body of the document.

All anyone with access to the computer, either physically or through malware, would need to do to find that file is to search “password” in the file search. Without any protection, that entire list of passwords could easily be stolen.

There Are Better Ways to Secure Passwords That Are Convenient

You don’t need to store passwords on sticky notes or in a contact application, there is a much better way that is just as convenient. 

One of the best ways to store passwords securely is using a password manager. This type of app encrypts passwords so they can’t be read, even if someone accessed your computer without your knowledge.

It’s easy to use on a PC or mobile device, and you only need to remember one strong password to access all your others. Password managers can even auto-fill your passwords into login forms and can suggest strong passwords for your accounts.

Improve Your Password Security With Help from BrainStomp

BrainStomp can help your business put password security solutions in place that reduce risk and fortify the security of your cloud accounts and data.

Schedule a free consultation today! Call 260-918-3548 or reach out online.

Whenever there is a crisis, there are usually innocent people that end up paying the price. Well-meaning citizens and organizations will step up to help, but unfortunately, scammers take advantage of the situation.

Whether it is a natural disaster, a pandemic, or the latest crisis, such as the war in Ukraine, there are those unscrupulous people who will see an opportunity to trick people out of some money or sensitive information (like their SSN or banking details).

You can work hard to put IT security protections in place like a network firewall and password security, but many times a breach is initiated by an employee accidentally clicking on a phishing scam, like the ones that come in times of crisis. 

A study by Stanford University found that approximately 88% of all data breaches are due to human error. 
To help stave off human error, and not be the cause of it yourself, you should be aware of the types of scams that these bad actors perpetrate. 

Types of Scams to Watch Out For

These scams will generally come via phishing emails or text messages. Phishing by SMS (“smishing”) is growing fast, and unfortunately, many people don’t yet have this type of phishing on their radar.

Beware of any unsolicited messages coming in via text or email. Especially when tied to a crisis event. Here are some examples of scams that are making the rounds.

Ukraine Charity Scams

The war in Ukraine has caused many to want to help the people being forced out of their homes, and scammers are taking advantage of this.

One scam mentioned by Tom’s Guide has a headline that says “They Need Our Help” with images of war to pull at the giver’s heartstrings. But when the recipient of this message clicks to donate, there is often nothing about what percentage of the money will be donated or much information on the organization behind the push to collect funds.

These types of sites will take your money and could also steal your credit card details and sell them on the Dark Web.

Coronavirus Scams

COVID-19 and its variants are still around, and criminals have had a heydey for the last two+ years with all types of coronavirus-related scams. This includes scams that use:

• Fake contact tracing maps with hidden malware 

• Impersonation of a government agency to get personal details, purporting that it relates to some type of COVID tax relief

• Scams involving hard to get protection items or fake cures

During the pandemic, phishing has skyrocketed by 220% as criminals ramped up these scams.

Disaster Relief Scams

Much like the Ukrainian crisis scams, anytime there is a natural disaster like an earthquake, hurricane, typhoon, wildfire, etc. fake charity scams will start popping up on social media, your email inbox, and via SMS.

They’ll pretend to be collecting money for the victims and will prey upon the desire by good people to help others.

How to Avoid Falling for Crisis Scams

Go Directly to the Source to Donate

There are many wonderful legitimate charitable agencies out there that you can donate to that really are helping in the event of a crisis.

Instead of going through a link you see in an email or on social media, go directly to a charity’s website or a reliable watchdog site like the Better Business Bureau (BBB) Wise Giving Alliance at Give.org. 

Avoid Using Links in Text Messages or Email

Avoid clicking links you receive via email or text message, no matter how compelling and heart-tugging the message may be. These scams are written to get you to respond emotionally before you have a chance to question the legitimacy of the site.

Any type of link from a source you don’t know could easily lead you to a phishing site that does a drive-by download of malware onto your device as soon as the page loads.

Don’t Trust Social Media Posts Asking for Money

Social media phishing scams (known as social phishing) can be difficult to spot. Sometimes people we trust like a friend or family member may knowingly share a scam link because it has a compelling image. They don’t realize they could be setting their own friends up to get scammed.

Scammers will also buy social media advertising and target those that fit a certain algorithm. The information that Facebook and other social sites have on you allows them to sell very targeted advertising, and they haven’t done a great job of vetting who is doing the advertising.

This targeting allows scammers to customize ads that target your personality type. For example, if you’re tagged as a pet lover, then the ad you see might have an image of a war-torn region with an animal in the middle and a fake request that asks you to help pet shelters during the crisis.

Avoid the urge to click on these social posts to donate. Do it directly through a legitimate charity’s website instead.

Fortify Your Defenses Against Phishing

In addition to user training on phishing, there are also cybersecurity solutions that help prevent a click on a phishing link from resulting in a breach. BrainStomp can help your business with important safeguards to combat these types of attacks.
Schedule a free consultation today! Call 260-918-3548 or reach out online.

A recent cloud adoption survey from 2021 found that cloud adoption by companies is at an all-time high of 90%. It’s expected that that number will reach 100% this year if it hasn’t already due to the changes in workforce structure driven by the pandemic.

With much of what companies do moving to the cloud – data, software, processes – cloud environments are the new main target for cybercriminals.

Incidents of cloud credential compromise have been rising, with this now being the main cause of data breaches. Because many cloud providers (Amazon, Microsoft, etc.) have stringent data center security standards, hackers are finding other ways in, mainly through compromised user accounts.

98% of enterprises have experienced a cloud security breach in the last 18 months. 

This shift to the cloud means that businesses need to make cloud security a priority, and there are four essential areas that you need to be addressing.

1. Identity Security

The first area of cloud security you need to look at is identity security, also known as access management. User credentials were responsible for 61% of global data breaches in 2020, according to Verizon’s Data Breach Investigations Report.

Addressing identity security involves putting some of the following cybersecurity protections into place:

• Strong Passwords: Don’t just tell users they need to use strong passwords, enforce their use through security policies in apps that don’t allow weak passwords to be saved.

• Multi-factor Authentication: With a 99.9% effectiveness rate at stopping fraudulent sign-in attempts, this is a “must-have” safeguard for all your user accounts.

• Use of Single Sign-on (SSO): You can streamline the user experience and make access security easier to manage by putting an SSO application in place.

2. Network Protections

Hackers that gain access to your network or the network of a remote employee can make their way into a device and through that device, access cloud data, and accounts, such as email.

It’s important that networks are protected with proactive monitoring for any threats, a next-gen firewall application, and zero-trust security measures. One of these would be application safe-listing that only allows designated code to run, blocking all others (including malware or ransomware).

With many employees working remotely, companies haven’t always kept up with network security when it comes to those home networks. It’s a difficult needle to thread in some cases because the network and router are owned by the employee and used for more than just work.

But some simple safeguards like ensuring a strong router password, and setting up a guest network to segregate work devices from home devices are non-intrusive protections that can be put in place.

3. Device-based Security

The computers, mobile devices, and IoT devices that connect to your business cloud apps and data need to also have proper security to ensure they’re not compromised.

Once a device is compromised, a hacker can often gain access to a cloud account without even needing the password.

Device security best practices include:

• Patch and update management for software and operation system

• Advanced antivirus/anti-malware

• Code or biometric locks for screens

• Regular virus scans 

• Monitoring of device access to business assets

Using an endpoint device management application, such as Microsoft Intune, can help you better ensure device security of all those mobile endpoints. This is especially important now that employees are accessing data from multiple devices (desktop, tablet, and mobile) and can often do this while outside your immediate company network.

An endpoint device management application also helps you keep the business side of an employee device separate from the personal side. This can allow you to enforce document security policies and better secure access to any cloud accounts. 

4. Visibility & Compliance

You need to maintain visibility into how your cloud data is being used and who is accessing that data. One data leak where an employee accidentally exposes personally identifiable information (PII) of a customer can lead to a data privacy compliance breach and penalty.

Another danger of not having full visibility into how your data is used in cloud applications has to do with shadow IT. This is the term used for cloud applications that employees may be using for work without your knowledge.

Without a cloud app use policy in place, well-meaning employees may start using an application they like on their own. This means that company data could be stored in an app that hasn’t been reviewed to see if it meets your compliance requirements.

It’s important to have visibility into all cloud data storage and activities happening in your organization and to educate employees on the apps that can be used for business data and those that cannot.

Get Help Ensuring Your Company’s Cloud Data is Protected

BrainStomp can help your business address each of the four important areas of cloud security to reduce your risk of a costly breach.

Schedule a free consultation today! Call 260-918-3548 or reach out online.