The basic gist of this law is that U.S. officials and others involved with them could potentially obtain digital information that isn?t hosted on their home turf. This law garnered overwhelming support from both the U.S. Department of Justice and major technology companies, prompting Congress to push it through. What Does This Mean? At a glance, this law represents a significant loss for the individual. It?s now easier than ever before to conduct criminal and civil investigations. Part of this law also allows for access to personal information and communication as well. Prior to the passing of this law, foreign governments would have to go through the proper channels in order to access information from U.S.-based technology companies. Naturally, these companies wouldn?t necessarily consent so easily. Due to the multitude of nations that the United States deals with on a regular basis, before submitting to a request for information from a foreign entity, there would be much thought put into factors such as records of human rights abuses and other pressures placed on the company to make the decision. As a member of the Mutual Legal Assistance Treaty, or MLAT, the United States is hesitant to provide any information that could place human lives at risk, but the CLOUD Act can potentially shake these responsibilities up. In the wake of this new law, the executive branch of the United States government will be able to control who this information is shared with, as well as who it?s not shared with. At the helm of such decisions are U.S. President Donald Trump and Attorney General Jeff Sessions. Data can now effectively be used as bargaining chips by the executive branch. Consequently, there has been a lot of power placed in the hands of appointees that haven?t necessarily been directly elected to positions of authority. The United States and other law enforcement agencies around the globe will have powerful new ways to seize data for any express purpose. Therefore, the average user?s private messages via email or social media can now be confiscated and looked upon without a search warrant. This puts the personal information of so many users right in the crosshairs of people who now have a legal right to view it. Below is a short explanation for what changes the CLOUD Act will bring about: Enable foreign police to collect and wiretap people?s interpersonal communications without obtaining a warrant to do so. Allows foreign nations to demand records saved and stored by American companies. Allows the U.S. President to enter ?executive agreements? designed to help foreign police agencies obtain data regardless of that regime?s human rights record. Allows foreign police to obtain and collect data without notifying the party. Gives U.S. police the right to grab data anyplace, no matter where it is stored. The Electronic Frontier Foundation has been a particular opponent of this new law. They issued a public statement that decreed it a ?dangerous expansion of police snooping? and that it would ?erode privacy protections around the globe.? They go on to state: ?Legislation to protect the privacy of technology users from government snooping has long been overdue in the United States, but the CLOUD Act does the opposite, and privileges law enforcement at the expense of the people?s privacy. EFF strongly opposes the bill.? Clearly […]

Password The old standby of authentication, a well-thought-out password can be an extremely effective security measure, but a password with little effort put into it can just as easily be a considerable security risk. Despite this, a password (or its cousin, the passphrase) can be the strongest security measure available for your mobile device. However, there is one major shortcoming to the password, in that it very quickly becomes tedious and inconvenient to enter each time your phone needs to be accessed. Pattern Lock Another option that many elect to use is the pattern lock, which allows the phone to be accessed only when the correct pattern is traced out on a three-by-three square. This natural and intuitive lock becomes a very quick way to access a phone once the user becomes accustomed to it, and if all nine dots are used in the pattern, provides close to 400,000 possible access codes. Unfortunately, the pattern lock falls short in a few ways. First, many people elect to use shapes that are easily guessed out of simplicity and convenience, and it is fairly simple for someone to simply watch one?s hand to ascertain the pattern they?re using. PIN Number Like a password, a PIN number is a relatively strong form of authentication, as the typical 4-digit option has over 10 thousand potential combinations. While this would admittedly be very difficult to remember, an Android device can be secured by a 16-digit PIN, boosting the number of potential codes to 10 quadrillion. However, there is a shortcoming to the PIN number, as many people may succumb to the temptation of, again, making an oversimplified PIN number that could potentially be guessed quite easily. Fingerprint Scanner This unlock method has quickly become the preferred method to access a mobile device, and for good reason: not only is it secure enough to be trustworthy, it?s also quite fast. However, even this method has its weaknesses. For instance, the fingerprint scanner itself isn?t always positioned in the most convenient place on the phone itself. Furthermore, gloves make this method impossible to use. Facial Recognition/Iris Scanning/Intelligent Scan The way things are going, it is likely that this will soon become the preferred method of authenticating your identity to access a phone. However, in their current states, these methods just aren?t quite secure enough to safely authenticate things like purchases and other financial tasks with 100 percent confidence, although things are getting better as far as that goes. Smart Lock – Other Security Measures Many phones now also offer security features that rely on alternative forms of authentication. On-body detection keeps the device unlocked whenever it is being carried – regardless of who is carrying it. You can also teach a device to ?trust? certain places, devices, and faces. Another option is to use the Google Assistant to unlock your phone by saying ?Okay Google.? However, these features don?t serve your security very well, and are primarily for the sake of convenience. So Which is Best? The generally accepted school of thought is that, until face and iris scanning is more widely available and some of the wrinkles are ironed out, a fingerprint scan with a PIN or password backup is the safest route to take. Regardless, any form of authentication measure is better than nothing, so […]

You might be wondering how it?s even possible that Google?s quality control manages to miss so many of these apps. Here?s how. How These Apps Make it to the Play Store It?s clear that Google understands just how important security is, so it?s a bit concerning that malware can find its way to the Play Store. Still, this doesn?t mean that it?s easy for threats to do so, as hackers still have to meet Google?s standards in order to post their content on it. Malware developers, however, have found ways to sneak their apps past the automated security that Google implements. They do this by uploading an app that initially has no malicious intent, and can therefore circumvent the security of the Play Store. Once the app has been downloaded, it reaches out to a third-party server that then proceeds to install malware directly to the device. This is the process that many malicious applications use to sneak past Google?s security. How to Spot the Fakes Google has taken a stand against malicious and fraudulent apps on the Play Store, but measures like Google Play Protect aren?t nearly enough. Vigilance is one of the best ways to keep your business secure from fake apps. If you ever find yourself needing to install an app in the future, be sure to check this list to make sure that the app is actually legitimate first. Name, description, and other details: The first sign that an app isn?t legitimate will be its name or description. Malicious applications have traditionally tried to replicate original applications as often as they can, laughing in the face of Google Play?s impersonation policy. Sometimes these apps aren?t caught and pulled immediately, so you have to be extra careful to read the description. Often times, impersonated apps will have descriptions written in broken English. This is why the description is the best indicator that an application is legitimate. Check the reviews: The Google Play Store lets users leave reviews, and you can use these reviews as a way to identify dangerous applications. However, a fake application could also be subject to fake reviews, which might make it difficult to identify the good from the bad. Either way, any negative reviews might give you the chance to reconsider your choice to download the app anyway, so if it?s a bad apple in the barrel, you?ll be saving yourself some stress anyway./ The Developer: Is the app really from the developer that it claims to be from? If it?s a well-known application, you should be able to tell who developed it, but you might need to put on the brakes and take a closer look before downloading a business application. If it?s from an unknown developer with no history, think twice before downloading it. Number of downloads: How popular is the app that you want to download? If it?s been downloaded billions of times, it?s probably more legitimate than one with hundreds, thousands, or even millions of downloads. How many fake apps have you come across on Google Play or the Amazon App Store? Let us know in the comments, and be sure to subscribe for more technology tips and tricks.

In short, it amounts to being as vigilant as you can be. You should always be looking for reasons not to click on links in your emails if you can help it, as it?s better to err on the side of caution than risk suffering from a data breach or malware infection. Here are three warning signs to look for in a potentially malicious email attack. Spelling and Grammar Errors The first warning sign of a fraudulent email is that it?s filled with all sorts of spelling and grammar errors. Professional messages sent from reputable sources will likely have passable grammar, but if it?s incoherent and difficult to understand, chances are that the message is risky at best–especially if it contains links. There are always exceptions to this rule, however. Phishing emails are often so discreet that it can be difficult to identify them through this method. Therefore, you?ll have to keep other information in mind when clicking on any links. Links Leading to Obscure Targets Sometimes you?ll get an email and you won?t be sure if it?s fraudulent or legitimate. In cases like this, it?s always best to approach the link carefully by making sure that the link leads to where it claims to. You can do this easily enough by simply hovering over the link with your mouse without clicking on it. You?ll see the linked URL right in a little bar at the bottom of your browser showcasing the link target. If it?s not something that it should be linking to, stay away from it. Messages from Unknown Senders Another major red flag that gives away the nature of a message (and its links) is who is the actual sender. If it?s from someone who you don?t recognize or someone who you don?t think should be reaching out to you, immediately reconsider clicking on any links or messages found in it. Even if the sender is known to you, but the message is suspicious, you can see if the email address matches anything that you have on record for that user. If it doesn?t, you know that you can?t trust whoever sent the message to you. In a worst-case scenario, you could be looking at a phishing or whaling scam, in which case you want to notify your IT department immediately so that proper measures can be taken. The good news about suspicious or fraudulent emails is that you can keep the majority out of your inbox with an enterprise-level spam filter. The bad news is that even this sometimes isn?t enough for more dangerous threats. As we said before, the best security measure you can implement is good old-fashioned caution. If you teach your employees how to effectively identify threats, they will be more likely to avoid them; or, better yet, they?ll report them to IT for proper analysis. To learn more about security tools and training, reach out to White Mountain IT Services at (603) 889-0800.

Why You Want to Keep Your Technology Clean, Inside and Out If your business is like most, you rely on technology to help manage things. While your particular operations may use different solutions than one in another industry will, your technology is an essential piece of your business. Therefore, you need to make sure that it can meet two criteria. First, it needs to remain in proper working order, and secondly, it needs to be organized so that the resources you rely on it for are easy to access and utilize. In order for these criteria to be met, your office technology needs some attention to both its physical components, and the information those components give you the ability to store, access, and edit. Furthermore, an unkempt technology strategy can have some detrimental effects to your overall productivity and even your general success as a business. Benefits of Digital Office Organization First, consider the state of your digital file storage. Is it organized properly, with documents and resources saved in the correct folders, with proper labelling and an intuitive, hierarchical system? If not, it will do you quite a bit of good to take the time and organize these files so that they can be found for reference more easily in the future. This is because this organization will enable you and your employees to find the things you need more easily, which means you and your employees will therefore be able to find them more quickly. This creates time savings that, while apparently insignificant when considered individually, can add up to be fairly significant after all. Secondly, taking the time to establish a filing system will also give you the opportunity to audit your old materials as you organize them into it. Perhaps some of them are due to be revisited and updated, and others are outdated to the point where they can be archived away or deleted safely. Going through your materials and making this call can easily save you some headaches in the future, and help build beneficial habits for the future. If part of your clutter problem is due to your reliance on physical files that are stored in bulky filing cabinets around the office, you might consider adopting a digital file storage solution and starting off with this hierarchical system in place. Not only does this make sense from a financial standpoint (fewer paper files means less paper and ink to buy), it is also environmentally responsible and allows you greater control over who in your organization has access to particular files. Organizing Your Inbox We?ve all learned the hard way how easy it is for a mess to pile up, and few places make that piling up more visible than your email inbox. While you know that there are certainly important messages mixed and buried in there, there?s also going to be plenty of conversations that you were privy to, but not really involved in, or situations that have long since been resolved and no longer require your attention. However, while these messages may not currently seem important, there is always a chance that they will be at some point in the future. It is better to take messages like these and, similarly to your business data and files, create a filing system to […]