What are 2-step and 2-factor authentication?

In the digital age, cybersecurity should be one of the top priorities for anyone who goes online. One way is to vet those who are trying to access your systems. But when it comes to verifying users’ identity, many are unaware of the two kinds of authentication measures available. Read on to know the differences between two-step authentication and two-factor authentication.

If you want to improve your business’s cybersecurity for you and your customers, you should look at your authentication process. Two-step and two-factor authentication are two of the most commonly used options in cybersecurity. Many businesses use the terms two-step and two-factor authentication interchangeably. There are, however, subtle differences between the two.

Two-step authentication

A two-step authentication process requires a single-factor login (such as a password or biometric reading) as well as another similar type of login that is essentially sent to the user. For example, you may have a password for your first step and then receive a one-time-use code on your cell phone as the second step.

Two-step authentication adds an extra step in the verification process, making it more secure than single-step authentication (i.e., just the password). However, if a person or business is hacked, it won’t be enough to stop hackers from getting a hold of whatever they are looking for.

Two-factor authentication

On the other hand, there is two-factor authentication (sometimes referred to as multifactor authentication), which is significantly more secure. This type of authentication requires two different types of information to authenticate a user’s identity. For example, it could be a combination of a fingerprint or retinal scan as well as a password or passcode. Because the types of information are different, it would require a hacker a great deal more effort to obtain both forms of authentication.

The difference between the two

In essence, every two-factor authentication is a two-step authentication process, but the opposite is not true. With this information in mind, make sure that you are using the right type of authentication in your business to keep your company and customer information as secure as possible.

Your network needs the best security technology has to offer. The type of authentication you should use is just one of hundreds of choices that must be made to achieve that end. To take the stress out of securing and protecting your network, call us today for all the help you could ever ask for.

To learn more about how to safeguard your business, or if you are looking for an expert to help you find the best solutions for your business talk to GCInfotech about a free technology assessment.

 

Published with consideration from TechAdvisory.org SOURCE

 

 

/by

Five design tips to improve your website

It’s not enough for small businesses to have a beautiful-looking website these days. Small business owners must also adopt web design trends that not only attract more visitors but ultimately increase sales. Consider the following web design ideas to achieve just that.

Scrolling

Scrolling is a convenient method to navigate a website. Instead of clicking on confusing menus and drop-down tabs, you can just scroll through a one-page site that has a cleaner look and is usually more intuitive to users. This web design style is definitely more important now that people have grown more accustomed to mobile web browsing.

You also have to decide how far visitors will have to scroll to get to know your company. While a long scrolling page gives you more white space and content to work with, a short scrolling page can quickly convey your company’s message and encourages action.

Animations

One way businesses have been setting themselves apart from others is by adding customized animations to their pages. This doesn’t mean you should overload your site with flashy effects that take forever to load. If you want to use animations on your site, give it a subtle twist. For instance, Slack’s loading animation features their logo.

Additionally, animations can be used to increase user interaction and engagement. Hover animations will allow your users to position the mouse over your content and get an immediate response without having to move between pages. Slideshows on your homepage can also showcase what your company is about without throwing too much information at the audience. When deciding to add animation to your page, figure out how a specific effect can enhance the user experience while showcasing your business.

Flat design

To achieve an optimal viewing experience for users, many companies have adopted a flat design for their websites. The flat design style replaces the elements that give an illusion of depth, like shadows and textures, with minimalist typography and colors. For example, Google employed this style to get content to viewers more effectively. The company added flat-design colors and used a sans-serif font. This allows the logo to load faster and makes it easier to read, as well.

Full-screen forms

More websites and apps are using full-screen forms to increase user interaction. Rather than being redirected to another page where your visitors decide to register or login to a website, they are welcomed by a full-screen form right on the home page. This is also especially useful for mobile users since they are less likely to misclick sections of the form.

Customized photos

The next time you want to use photographs to highlight your company, forget about using stock photos. Business websites that exhibit the company’s own photographs on their homepages look more personal and stand out from the competition.

While these trends are popular at the moment, don’t blindly adopt them all because it might end up looking messy. Instead, use the trends that are best suited to your company.

Ask yourself what your website is doing for you and whether it’s aligned with your business needs and objectives. The GCInfotech professional web design team is here to help.

 

Published with permission from TechAdvisory.org. SOURCE

/by

Make the most out of your O365 subscription

It may seem as if Office 365 is merely Microsoft’s way of joining the online subscription bandwagon, but that’s not the case. O365 is Microsoft’s way of upgrading its ubiquitous Office suite by augmenting it with cloud features.

Office apps and the files you create with them are accessible wherever there’s an internet connection, but that is actually the bare minimum that O365 offers. If you go for either the Premium or Essentials bundle, you’ll gain access to communications and collaboration apps that you can use to increase your organization’s productivity. Here are some of the specific ways you can do this:

Build an engaging intranet using SharePoint

Unlike the internet, which is a megalithic network spanning the entire world, an intranet is basically a private network built for your employees’ exclusive use. It began as a repository for basic company information, then it evolved into a document management system, an HR portal (where staff can file leaves of absence), a platform for knowledge-sharing and discussion forums, and a social media platform where users are both consumers and pushers of company-centric content.

If you use Microsoft Word and Excel to create work files, SharePoint is the platform where your team can keep and share such files. Build forums that bolster collaboration, information libraries that help staff leverage collective knowledge, and message boards that inform and invite staff to engage with the goings-on inside the company.

Enjoy continuous collaboration with Teams

Microsoft brings collaborations up a notch with Teams, a tool that allows you to build shared workspaces. In a Teams workspace, each team member can share files as well as comment on and work on one another’s files. Imagine doing all of that via email — you’ll most likely weave a nightmarish tangle out of multiple threads and attachments.

Additionally, Teams has communications facilities such as web conferencing, group chat, and live online meetings. Since Teams can be used on desktops, laptops, and mobile devices, workers can share information and connect frontline staff such as factory machine operators and sales clerks.

Coordinate your efforts with Planner

If Teams is O365’s communications hub, then Planner is its Kanban board — a project workflow visualization tool that lets you categorize tasks according to their progress status. A physical Kanban board is limited by the size of sticky notes used, but with Planner, you can assign tasks to team members, attach relevant files to them, and discuss tasks without leaving the app.

Automate tasks with Flow

There are tasks that promote critical thinking, but there are also tasks that are tedious and repetitive. An example of such a task is preparing an income statement. This usually involves emailing a finalized income statement to your superiors and archiving it. Automating the archive step alone would significantly ease this workflow.

With Flow, you can easily create detailed workflows that accomplish tasks automatically once you fulfill certain triggers. You can also make different apps “talk” with one another (e.g., have new OneDrive files be copied to your Dropbox account), provided that integrations allow them to do so. Imagine not having to shift between so many apps anymore — this will save your staff plenty of time and mind-space to do more worthwhile tasks that add more value to your company.

Let your staff step up from being mere individual Office suite users to being members of synergistic teams! Contact us to learn more about how you can squeeze every drop of value from your Office 365 subscription.

To learn more about how to safeguard your business, or if you are looking for an expert to help you find the best solutions for your business talk to GCInfotech about a free technology assessment.

 

Published with consideration from TechAdvisory.org SOURCE

 

/by

5 cloud security tips for business owners

Cloud computing marketing can be deceiving. When you see an image of the cloud, it’s often a happy, bubbly, white puffball floating delightfully in front of a blue sky background. Its presence is both calming and reassuring, which makes you believe that anything is possible. Security would never be an issue, right? Ask one of the nearly seven million Dropbox users who had their accounts hacked, and they’ll give you a definitive answer. Sure, not every cloud provider has had security breaches, but that doesn’t mean we can take cloud security lightly. Here’s what you can do to protect yourself as a business owner.

Ask your IT provider what cloud security policies they have in place

This is probably the single most important security measure you can take. Find a trusted IT provider and have a candid conversation with them about their cloud security policies.

Ask where the physical cloud servers are located

When you have “the conversation,” don’t forget to ask about this. Believe it or not, some cloud servers may not even be located in your own country. Wherever they are, it’s wise to make sure they’re located in a safe data center with proper security afforded to them.

Create unique usernames and passwords

Your login credentials represent one of the cloud’s main security vulnerabilities. Think of a better password than “12345” or “football.”

Use industry standard encryption and authentication protocols

IPsec (Internet Protocol Security) is a reliable technology choice.

Encrypt data before it’s uploaded to the cloud

Encryption is a must, and can be done by you or your cloud service provider. Should hackers manage to access your data, they’ll find it useless because they can’t make heads or tails of it.

When it comes to trusting the security protocol of a cloud service provider, transparency is key. They should take security seriously, be able to explain their security policies clearly, and be willing to answer any questions. If they can’t do one of these, that’s a red flag telling you to find another vendor.

Are you ready to talk cloud security and transition your business into the cloud? Call us today. We’re happy to answer all your questions.

To learn more about how to safeguard your business, or if you are looking for an expert to help you find the best solutions for your business talk to GCInfotech about a free technology assessment.

 

Published with consideration from TechAdvisory.org SOURCE

/by

3 Reasons why security is better in the cloud

If small- and medium-sized businesses (SMBs) think cybersecurity is impossible to manage now, just think about what it was like before the internet provided a way to receive IT support remotely. Today, enterprise-level solutions and security can be delivered from almost anywhere in the world. Read on to find out why that’s even safer than you realize.

Hands-on management

Unless you have an overinflated budget, relying on local copies of data and software means your IT staff is forced to spread themselves across a bevy of different technologies. For example, one or two in-house tech support employees can’t become experts in one service or solution without sacrificing others. If they focus on just cybersecurity, the quality of hardware maintenance and help desk service are going to take a nosedive.

However, cloud service providers (CSPs) benefit from economies of scale. CSPs maintain tens, sometimes thousands, of servers and hire technicians who specialize in every subset of cloud technology.

Fewer vulnerabilities

Cloud security isn’t superior just because more technicians are watching over servers. When all the facets of your business’s IT are in one place, your technology is more susceptible to a slew of cyber incidents.

For example, a server sitting on the same network as workstations could be compromised by an employee downloading malware-infested files. And this exposure extends to physical security as well. The more employees you have who aren’t properly trained in cybersecurity, the more likely it is that one of them will leave a server room unlocked or unsecured.

CSPs exist solely to provide their clients with cloud services. There are no untrained employees and there are significantly fewer access points to the network.

Business continuity

The same technology that allows you to access data from anywhere in the world also allows you to erect a wall between your local network and your data backups. Most modern iterations of malware are programmed to aggressively replicate themselves, and the best way to combat this is by storing backups in the cloud. In the cybersecurity world, this is commonly referred to as data redundancy, and nowhere is it as easy to achieve as in the cloud.

The cloud doesn’t only keep your data safe from the spread of malware; it also keeps data safe from natural and man-made disasters. When data is stored in the cloud, employees will still have access to it in the event that your local workstations or servers go down.

The cloud has come a long way over the years. It’s not just the security that has gotten better; customized software, platforms, and half a dozen other services can be delivered via the cloud. Whatever it is you need, we can secure and manage it for you. Call us today!

To learn more about how to safeguard your business, or if you are looking for an expert to help you find the best solutions for your business talk to GCInfotech about a free technology assessment.

 

Published with consideration from TechAdvisory.org SOURCE

/by
,

Why should I use private browsing?

You may think that you’re not online enough to risk your safety, or that you never visit unsafe sites. However, the world wide web is a vast network where the exchange of information is often difficult to track. Here are some good reasons to “go incognito”.

With the headlines about data breaches and cyberattacks greeting you every time you go online, it seems impossible to have a surefire, foolproof way to keep your information secure. Sometimes cyber predators are relatively harmless, but oftentimes, their goal is to steal identities and financial information. Virus scanners and firewalls can definitely help, but here’s an added layer of protection when you go online.

What is private browsing?

Your web browser — whether it be Chrome, Edge, Firefox, Safari, or Opera — stores the addresses of the sites you visit, cookies that track your activity, passwords you’ve used, and temporary files you’ve downloaded.

This can be convenient if you frequently visit certain pages, can’t remember your login details, or if you’re trying to recall a website you visited a few days ago. But if someone else uses or gains access to your computer, your most private (and embarrassing) internet activities are exposed for anyone to see.

With private browsing — also called Incognito Mode in Chrome and InPrivate Browsing in Edge — all the information listed above does not get recorded. In fact, all the websites and information you accessed during a private browsing session is discarded without a trace as soon as you close the browser. This can come in handy when you’re using a public computer because you’re instantly logged out of all the accounts after closing the window.

Private browsing also prevents cookies from being stored on your computer. In a normal browsing session, sites like Facebook will inundate you with highly targeted ads based on the sites and pages you’ve visited. But in private browsing mode, your internet activity won’t be used against you by marketing companies.

Another benefit of private browsing is you can use it to log in to several accounts on the same site, which is useful if you need to log in to two different Google accounts at the same time.

Limitations of private browsing

Although private browsing does prevent your web browser from storing your data, it doesn’t keep your online activities 100% private. If your computer is connected to the company network, system administrators can still keep track of what you’re browsing, even if you’re in Incognito Mode. Also, if spyware or keylogger malware is installed on your computer, hackers will still be able to see what you’re doing online.

A keylogger malware records every key you punched in and may send this information to a predefined email address without you knowing. This means passwords, answers to verification questions, account numbers, credit card details, or even the words you type in a chat can be emailed to someone spying on your online activities.

Even though private browsing has quite a few benefits, you shouldn’t solely depend on it for online privacy. Your computers and mobile devices must be equipped with Virtual Private Networks that encrypt your internet connection and prevent anyone from intercepting your data. And don’t forget to scan your computer for viruses with a strong anti-malware program to keep spyware and other malicious web monitoring software at bay.

If you want to know where you can get these solutions or learn more about web browser security, call us today. We have the tools and expert advice you need to prevent anyone from snooping on your internet browsing.

To learn more about how to safeguard your business, or if you are looking for an expert to help you find the best solutions for your business talk to GCInfotech about a free technology assessment.

 

Published with consideration from TechAdvisory.org SOURCE

/by

It’s time to rethink your password

In 2003, a manager at the National Institute of Standards and Technology (NIST) authored a document on password best practices for businesses, federal agencies, and academic institutions. More recently, however, the institute has reversed its stance. Find out why and what great passwords are made of.

The problem

The issue isn’t necessarily that the NIST advised people to create passwords that are easy to crack, but it steered people into creating lazy passwords, using capitalization, special characters, and numbers that are easy to predict, like “P@ssW0rd1.

This may seem secure, but in reality, these strings of characters and numbers could easily be compromised by hackers using common algorithms.

To make matters worse, NIST also recommended that people change their passwords regularly, but did not define what it actually means to “change” them. Since people thought their passwords were already secure with special characters, most only added one number or symbol.

NIST essentially forced everyone to use passwords that are hard for humans to remember but easy for computers to guess.

Recently, the institution admitted that this scheme can cause more problems than solutions. It has reversed its stance on organizational password management requirements, and is now recommending banishing forced periodic password changes and getting rid of complexity requirements.

The solution

Security consultant Frank Abagnale and Chief hacking officer for KnowBe4 Kevin Mitnick both see a future without passwords. Both security experts advise enterprises to utilize multifactor authentication (MFA) in login policies.

This requires users to present two valid credentials to gain access to their data. For instance, a code texted to an employee’s smartphone can serve as an added security measure to thwart hackers.

Moreover, Mitnick recommended implementing long passphrases of 25 characters or more, such as “correcthorsebatterystaple” or “iknewweretroublewhenwalkedin5623”. These are much more difficult to guess and less prone to hacking. As for the frequency of changing passphrases, it will depend on a company’s risk tolerance.

Simply put, passwords should be longer and include nonsensical phrases and English words that make it almost impossible for an automated system to make sense of.

Even better, you should enforce the following security solutions within your company:

  • Single sign-on– allows users to securely access multiple accounts with one set of credentials
  • Account monitoring tools– recognizes suspicious activity and locks out hackers

 

When it comes to security, ignorance is the biggest threat. If you’d like to learn about what else you can do, just give us a call.

Published with consideration from TechAdvisory.org SOURCE

/by

Autocomplete password risks

Advertisements and “helpful” suggestions based on your internet browsing habits can be troubling. But what’s even more alarming is that hackers have found another way of tracking you via seemingly harmless autocomplete passwords. Here’s what you need to know.

Why auto-fill passwords are so dangerous

As of December 2018, there are 4.1 billion internet users in the world. This means users have to create dozens of passwords, either to protect their account or simply to meet the password-creation requirements of the platform they’re using. Unfortunately, only 20% of US internet users have different passwords for their multiple online accounts.

Certain web browsers have integrated a mechanism that enables usernames and passwords to be automatically entered into a web form. On the other hand, password manager applications have made it easy to access login credentials. But these aren’t completely safe.
Tricking a browser or password manager into giving up this saved information is incredibly simple. All a hacker needs to do is place an invisible form on a compromised webpage to collect users’ login information.

Using auto-fill to track users

For over a decade, there’s been a password security tug-of-war between hackers and cybersecurity professionals. Little do many people know that shrewd digital marketers also use password auto-fill to track user activity.

Digital marketing groups AdThink and OnAudience have been placing these invisible login forms on websites to track the sites that users visit. They’ve made no attempts to steal passwords, but security professionals said it wouldn’t have been hard for them to do. AdThink and OnAudience simply tracked people based on the usernames in hidden auto-fill forms and sold the information they gathered to advertisers.

One simple security tip for today

A quick and effective way to improve your account security is to turn off auto-fill in your web browser. Here’s how to do it:

  • If you’re using Chrome– Open the Settings window, click Advanced, and select the appropriate settings under Manage Passwords.
  • If you’re using Firefox– Open the Options window, click Privacy, and under the History heading, select “Firefox will: Use custom settings for history.” In the new window, disable “Remember search and form history.”
  • If you’re using Safari– Open the Preferences window, select the Auto-fill tab, and turn off all the features related to usernames and passwords.

 

This is just one small thing you can do to keep your accounts and the information they contain safe. For managed, 24×7 cybersecurity assistance that goes far beyond protecting your privacy, call us today.

To learn more about how to safeguard your business, or if you are looking for an expert to help you find the best solutions for your business talk to GCInfotech about a free technology assessment.

 

Published with consideration from TechAdvisory.org SOURCE

/by

Three Tips for Improving your SMB’s Web Presence

According to the B2B research firm Clutch.co, in 2018 a small amount less than two-thirds of all SMBs in the United States had their own websites, but interestingly, the same study also reported that only 17% of those SMBs with websites are actually investing in Search Engine Optimization – or what gets your SMB’s website to the top of Google’s search results so that new and old customers can actually find your official website.

The reason for this statistical discrepancy will be blatantly apparent to most SMB owners. The marketing budget is not unlimited for SMBs, and unnecessary expenses should be avoided, but don’t trick yourself out of realizing the importance of your company’s web presence.

Research has been done that states that upwards of 80% of people lookup and research an SMB or their product or service before visiting a site or buying something from them. Even if your company has a website, chances are your most important content and information is being buried by other, less relevant search results. The following are three ways to ensure the right audience is seeing your site, and benefiting from all of the services you offer:

  1. Off-Domain Visibility

For SMB owners that haven’t built a website yet, this tip can be especially helpful. As you build your website, think of other ways to increase your online presence. Tools like Google My Business(GMB) are a great way to provide information and content for potential customers on the web, even before your website is completed. If you have little experience in this area, it can help to consult with an experienced company offering Google My Business services.

It is also beneficial for any company trying to establish an online presence to have consistently-updated social media profiles. This provides a different avenue of exposure for your business, and may even reach potential customers you might not find elsewhere.

  1.  Technical SEO

The benefits of, and strategies behind technical search engine optimization(SEO) are some of the most important concepts to learn when it comes to getting your website found by the right people.

 

Search engines rely on complex algorithms to rank sites based on a host of factors like page load time and rendering speed. Testing your site’s HTML and correcting errors, along with finding and eliminating pieces of duplicate page content will also go a long in boosting your page in the rankings. This means there are two important things you need to understand:

 

  • Why search engines view your site the way they do and the factors they are looking at when indexing
  • How to control and optimize the aspects of your site that are being evaluated by search engines.

Working with an experienced web development-, marketing-, or SEO-focused company can give you all of the tools you need to harness the power of technical SEO services.

 

  1.  Fresh Content

It is important to be consistent and earnest when it comes to posting content for your website. Simply providing fluff content stuffed with industry keywords will usually result in a lower ranking or your site. It is important to work with someone who knows what google is looking for and how to strategically plan content management services as part of your website design. Fully understanding the role of fresh content and how to manage it with a well-laid-out plan can make your website visible to those who are searching for it.

 

Having a site that looks great is only half the battle when it comes to attracting customers and providing a great first impression. A stream of content that is both relevant and useful plays an important role when it comes to the way Google and other search engines view your site.

 

Bonus: Up to Date

It’s current year, your SMB’s website should not look like it’s from the same era as bell-bottom jeans. While some would rightfully argue that completely redesigning and updating the look of your website is not an easy step toward fixing your SMBs web presence, it is one of the most important ways a company can improve its presence on the internet. If your SMB needs a website overhaul, Xponex Marketing can help. We’ve worked with dozens of SMBs to modernize their websites and optimize their SEO to give them competitive advantages in their marketplaces.

Ask yourself what your website is doing for you and whether it’s aligned with your business needs and objectives. The GCInfotech professional web design team is here to help.

 

Published with consideration from SMBnow.com. SOURCE

/by

The risks posed by Windows 10 bloatware

Have you bought a new PC or laptop recently? Don’t be too impressed by so-called value-added pre-installed software, as these take up storage space and use up processing power. More than this, a new report shows that free trial versions of browser toolbars, video games, and antivirus programs can make you vulnerable to cybersecurity threats. To mitigate those risks, here are a few things you ought to know about bloatware.

In the middle of 2014, Lenovo users noticed something awry with their web browsers: banner ads were breaking webpage layouts and pop-ups made surfing unpleasant. A deep dive into the problem led to the discovery of a pre-installed software called Superfish — adware that jumps in the middle of your internet connection to stuff web pages with ads. Not only was this bloatware irritating, but it also made connections unsecure, leaving users vulnerable to hackers.

 

Software behemoth Microsoft has developed and deployed its fair share bloatware as well. The Windows 10 operating system, in particular, has plenty of them, such as:

  • 3D Viewer (previously called Mixed Reality Viewer)
  • Calculator
  • Calendar
  • Candy Crush Soda Saga
  • Disney Magic Kingdoms
  • Groove Music
  • Mail
  • Movies & TV
  • Paint 3D
  • Snip & Sketch
  • Sticky Notes
  • Voice Recorder

 

These programs are called bloatware because users don’t necessarily want them, yet they’re already installed on computers and take up storage space. Some of these even run in the background and slow down computers without users knowing it.

While many of these programs are pleasant add-ons for those who find value in them, many users prefer to start with a leaner operating system due to storage space and processing power concerns. If they want a particular software, they prefer to download it themselves. This gives them greater control over their machines and how they experience their hardware and software.

Like Superfish, other Windows 10 bloatware can also cause critical vulnerabilities. The most ironic example of this was a pre-installed version of Keeper Password Manager. Instead of keeping passwords safe, it allowed malicious people behind any website to steal passwords. While Windows 10 users needed to enable Keeper to store their passwords for them to become vulnerable, it makes you wonder why such a flawed password manager app is there in the first place.

 

How to rid yourself of bloatware

 

Removing inclusions you did not ask for is a hassle in and of itself, but thankfully, the process is not too tedious:

  1. Click the Startmenu, then the gear icon.
  2. In the Settings window, select Update & Security.
  3. On the left-hand side, click Recovery.
  4. Select Learn how to start fresh with a clean installation of Windowsand follow the instructions.

 

Bloatware not only clutters your laptops and PCs, but it can render your business vulnerable to cybersecurity breaches as well. Save yourself from tons of headaches down the line; learn more about protecting your computers from bloatware. Call our team of IT experts today!

To learn more about how to safeguard your business, or if you are looking for an expert to help you find the best solutions for your business talk to GCInfotech about a free technology assessment.

Published with consideration from TechAdvisory.org SOURCE

/by