If there’s a will there’s a way when it comes to scammers, especially with gift cards. Everyone loves gift cards. Consumers love how easy it is to purchase gift cards, use gift cards and even give gift cards. It’s as simple as buying a card at a brick and mortar store or clicking a few buttons and almost instantly having the funds needed to play. Scammers love gift cards too. Gift cards can immediately be activated and spent by these scammers even before the owner of the card knows what happened.
Google Play gift cards are targets right now. Scammers love how easy they are to steal so consumers need to stay one step ahead of these online crooks. Here’s one of the latest Google Play Gift Card Scam that is scouring the internet.
Scam Alert: Currently there is an email scam occurring where thieves, posing as someone the recipient knows and are phishing for personal, financial, and other private information. This includes requests for Google Play Gift Cards. For example, the message will read, “I need you to pick up a couple of gift cards. Can you make this happen? The type of gift card I need is Google Play gift cards. I need 4 cards in $500 denominations…scratch the back of the card to reveal the card codes and email me the gift card codes.”
Take away: Never provide any personal information including gift card codes like Google Play in an email. What seems like the information is going to a trusted source, it could be a scam.
How Marriott Got Caught In A 500-Million Person Data Breach
Were You Affected? (Your Questions Answered)
What Do We Need To Know About The Marriott Breach?
Another big corporation got hooked. This time it was Marriott International. They just revealed that their Starwood reservations database of 500 million customers was hacked and that the personal information of up to 327 million guests was stolen. And, this has been going on since 2014!
How Did This Happen?
- On September 8, 2018, Marriott was alerted about an attempt to access the Starwood guest reservation database.
- They contacted leading security experts to help them determine what occurred. Marriott said that the hacker copied, encrypted and removed their customers’ data.
- On November 19, 2018, Marriott was able to decrypt the data and learned that it was from the Starwood guest reservation database.
Marriott acknowledged that the encryption security keys for this data may have fallen into the hands of hackers. This allowed them to access the massive amount of data. Secure systems lock up data and should store the encryption keys in a location that’s separate from the confidential information.
Some good questions to ask here are:
“How did the criminals get Marriott’s encryption keys?
“Why did it take so long for Marriott to reveal the breach?” They learned about it in September which is over two months ago.
And, this was a 4-year long breach! “Why didn’t Marriott know that their customers’ data was being stolen over this long period?”
Maybe we’ll find out the answers to these questions, and perhaps not. What’s for sure is that you are on your own when it comes to protecting your confidential data.
How Do I Know If My Data Was Stolen?
If you are a Starwood Preferred Guest member and your data was stored in the Starwood property’s database (which includes Sheraton, Westin and St. Regis hotels, among others) you need to be on alert.
As mentioned, this data breach goes all the way back to 2014 and includes names, passport numbers, email addresses and payment information for approximately 327 million travelers – a “big catch” for any hacker. Even your date of birth, gender, reservation dates and communication preferences may be included in the breach.
Should I Contact Marriott?
Marriott set up a website and call center for customers who were impacted by the data breach. Email notifications are also being rolled out.
Marriott is also offering affected customers the option to enroll in WebWatcher free of charge for one year. WebWatcher monitors internet sites where personal information is shared and generates an alert if your personal information is found. If you live in the U.S., you’ll also be offered fraud consulting services
What Else Should I Do?
If your data was stolen, you should observe for incidents of identity theft. Also, watch for phishing emails where hackers try to impersonate someone you trust to take information or money from you.
Arrange For Security Awareness Training For Your Employees
If your business data was involved, make sure that you arrange for Security Awareness Training for your employees to train them to recognize phishing attempts. This includes:
- Baseline Testing to assess the Phish-prone percentage of your employees through a free simulated phishing attack.
- Training For Your Users with content that includes interactive modules, videos, games, posters, and newsletters.
- Simulated Phishing Attacks that utilize best-in-class, fully automated, simulated phishing attacks, thousands of templates with unlimited usage, and community phishing templates.
- Reports with statistics and graphs for both training and phishing for your management to review.
Whether your business was involved in the breach or not, Security Awareness Training for your employees is always a good idea.
Another good idea is to sign up for Dark Web Scanning Services.
Get Dark Web Scanning For Your Confidential Business Data
The Dark Web is a secret internet society that’s only accessible to a select group of criminals. Criminals use it to take stolen data (like the Marriott/Starwood customer information) and dump it on the black market for sale.
Dark Web Scanning is a sophisticated monitoring solution that helps businesses of any size detect cyber threats that expose their stolen business accounts, email addresses, payment information, and other confidential data that’s on the Dark Web. It also does this in real time and detects any of your compromised credentials or information before criminals can use it for profit or other crimes.
Don’t Count On The Marriott’s Of The World To Protect Your Business Data – You Must Do This Yourself
Contact us for information about Data Protection, Security Awareness Training and Dark Web Scanning. We have a Suite of IT Security Solutions to help you keep your business data secure.
The Department of Homeland Security and the Federal Bureau of Investigation issued a critical alert Dec. 3, warning users about SamSam ransomware and providing details on what system vulnerabilities permit the pernicious product to be deployed.
According to the alert, which came from the DHS’s National Cybersecurity and Communications Integration Center (NCCIC) along with the FBI, the SamSam actors targeted multiple industries—some within critical infrastructure—with the ransomware, which also is known as MSIL/Samas. The attacks mostly affected victims within the United States, but there was also an international impact.
As pointed out in the alert, organizations are more at risk to be attacked by network-wide infections than individuals because they are typically in a position where they have no option but making ransom payments.
“Organizations that provide essential functions have a critical need to resume operations quickly and are more likely to pay larger ransoms,” the alert states.
That does not mean individual systems cannot or are not attacked, but they are targeted significantly less by this particular type of malware.
How do SamSam actors operate?
Through FBI analysis of victims’ access logs and victim-reporting over the past couple of years, the agencies have discovered that the SamSam actors exploit Windows servers and vulnerable JBoss applications. Hackers use Remote Desktop Protocol (RDP) to gain access to their victims’ networks through an approved access point and infect reachable hosts. From there, the cyber actors “escalate privileges for administrator rights, drop malware onto the server, and run an executable file, all without victims’ action or authorization,” the report states.
RDP ransomware campaigns are typically accomplished through stolen login credentials—sometimes purchased from darknet marketplaces—or brute force attacks. Since they do not rely on victims completing a specific action, detecting RDP intrusions is challenging, according to the alert.
Ransom notes instructing victims to establish contact through a Tor hidden service are left on encrypted computers by the SamSam attackers. Victims are assured that once they pay the ransom in Bitcoin, they will receive links to download cryptographic keys and tools for decrypting their network.
Where did SamSam originate?
The Department of Justice recently indicted two Iranian men who allegedly were behind the creation of SamSam and deployed the ransomware, causing approximately $30 million of damage and collecting about $6 million in ransom payments from victims. The crippling ransomware affected about 200 municipalities, hospital, universities and other targets during the past three years, according to an article from Wired.
Keith Jarvis, a senior security researcher at SecureWorks, reiterated the sophistication of the SamSam ransomware and how it gains access to systems through weak authentication or vulnerabilities in web applications, methods that don’t require the victim to engage in a particular action. Hackers also go out of their way to target specific victims whose critical operations rely on getting systems up and running as quickly as possible, making them more likely to simply pay up.
What technical details about SamSam are important?
In the joint DHS and FBI report, the federal agencies provided a list, though not exhaustive, of SamSam Malware Analysis Reports that outline four variants of the ransomware. Organizations or their IT services administrators can review the following reports:
MAR-10219351.r1.v2 – SamSam1
MAR-10166283.r1.v1 – SamSam2
MAR-10158513.r1.v1 – SamSam3
MAR-10164494.r1.v1 – SamSam4
What mitigation and prevents practices are best?
In general, organizations are encouraged to not pay ransoms, since there is no guarantee they will receive decryption keys from the criminals. However, relying on a contingency plan or waiting out an attack, as advised by the FBI, is difficult when an entire operation has been compromised.
The best course of action is for organizations to strengthen their security posture in a way that prevents or at least mitigates the worst impacts of ransomware attacks. The FBI and DHS provided several best practices for system owners, users and administrators to consider to protect their systems.
For instance, network administrators are encouraged to review their systems to detect those that use RDP remote communication and place any system with an open RDP port behind a firewall. Users can be required to use a virtual private network (VPN) to access the system. Other best practices, according to the report, include:
- Applying two-factor authentication
- Disabling file and printer sharing services when possible, or using Active Directory authentication or strong passwords for required services
- Regularly applying software and system updates
- Reviewing logs regularly to detect intrusion attempts.
- Ensuring third parties follow internal policies on remote access
- Disabling RDP on critical devices where possible
- Regulating and limiting external-to-internal RDP connections
- Restricting the ability of users to install and run the unwanted software application
This just scratches the surface of actions that administrators and users can take to protect their networks against SamSam or other cyber-attacks. The National Institute of Standards and Technology (NIST) provides more thorough recommendations in its Guide to Malware Incident Prevention and Handling for Desktops and Laptops, or Special Publication 800-83.
Information technology specialists can also provide insight and advice for how organizations can detect gaps or vulnerabilities in their cyber-security that leave them susceptible to SamSam or other malware infections.
Username and Password Security – Make sure your employees are not making access way too easy for hackers.
Although it should be common sense, employees need to understand password security and avoid the use of passwords that are easy for hackers to guess. Among the top ten worst passwords according to www.splashdata.com are those that use a series of numbers in numerical order, such as <123456>. The names of popular sports such as <football> and <baseball> are also on the list as are quirky passwords such as <qwerty> and even the word <password> itself.
Emphasis should also be placed on the importance of avoiding common usernames. In analysis conducted by the information security firm Rapid7, hackers most often prey upon these 10 usernames in particular3:
• Username • administrator • Administrator • user1 • Admin • Alex • Pos • Demo • db2admin • Sql
How Attackers Exploit Weak Passwords to Obtain Access
While most websites don’t store actual username passwords, they do store a password hash for each username. A password hash is a form of encryption, but cybercriminals can sometimes use the password hash to reverse engineer the password. When passwords are weak, it’s easier to break the password hash.
Password Security Hazards
Here is a list of common word mutations hackers use to identify passwords if they feel they already have a general idea of what the password might be:
- Capitalizing the first letter of a word
- Checking all combinations of upper/lowercase for words
- Inserting a number randomly in the word
- Placing numbers at the beginning and the end of words
- Putting the same pattern at both ends, such as <foobar>
- Replacing letters like <o> and <l> with numbers like <0> and <1>
- Punctuating the ends of words, such as adding an exclamation mark <!> • Duplicating the first letter or all the letters in a word
- Combining two words together
- Adding punctuation or spaces between the words
- Inserting <@> in place of <a>
Educating end users on these tactics underscores the importance of creating long passwords (at least 12 characters) and applying multiple deviations, rather than something simple like just capitalizing the first letter.
Nine Tips to Better Password Security
- Change passwords at least every three months for non-administrative users and 45-60 days for admin accounts.
- Use different passwords for each login credential.
- Avoid generic accounts and shared passwords.
- Conduct audits periodically to identify weak/duplicate passwords and change as necessary.
- Pick challenging passwords that include a combination of letters (upper and lower case), numbers and special characters (e.g. <$>, <%> and <&>).
- Avoid personal information such as birth dates, pet names and sports.
- Use passwords or passphrases of 12+ characters.
- Use a Password Manager such as LastPass where users need just one master password.
- Don’t use a browser’s auto-fill function for passwords.
- An advanced and under-used password security tip to consider is two-factor authentication, which is a way for websites to double confirm an end user’s identity. After the end user successfully logs in, they receive a text message with a passcode to then input in order to authenticate their ID.
- This approach makes sure that end users not only know their passwords but also have access to their own phone. Two-factor authentication works well because cybercriminals rarely steal an end user’s password and phone at the same time. Leading banks and financial institutions enable two-factor authentication by default, but if not, the service can often be turned on by asking the website to do so. More and more non-financial websites are now offering two-factor authentication as well.
Next blog: Mobile Security
For more information on keeping your small business secure call 678-389-6200 or contact us online.
What You Need to Know About Email Security
You may have email security measures in place, but every employee needs to understand that there are cybercriminals out there who are masterful at deceiving people into giving over secure information.
Social Engineering Inboxes and VoiceMail
Social engineering is non-technical, malicious activity that exploits human interactions to obtain information about internal processes, configuration and technical security policies in order to gain access to secure devices and networks. Such attacks are typically carried out when cybercriminals pose as credible, trusted authorities to convince their targets to grant access to sensitive data and high-security locations or networks.
An example of social engineering is a phone call or email where an employee receives a message that their computer is sending bad traffic to the Internet. To fix this issue, end users are asked to call or email a tech support hotline and prompted to give information that could very likely give the cybercriminal access to the company’s network.
Phishing Email Compromises
One of the most common forms of social engineering is email phishing—an attempt to acquire sensitive information such as usernames, passwords and credit card data by masquerading as a trustworthy entity. Phishing is likely the #1 primary email security threat employees need to focus on.
Such emails often spoof the company CEO, a customer or a business partner and do so in a sophisticated, subtle way so that the victim thinks they are responding to a legitimate request.
Among the reasons these scams succeed are the appearance of authority—staffers are used to carrying out CEO instructions quickly. That’s why phishing can be so easy to fall victim to.
Four Common Phishing Techniques
The scope of phishing attacks is constantly expanding, but frequent attackers tend to utilize one of these four tactics:
- Embedding links into emails that redirect users to an unsecured website requesting sensitive information.
- Installing Trojans via a malicious email attachment or posing ads on a website that allow intruders to exploit loopholes and obtain sensitive information.
- Spoofing the sender address in an email to appear as a reputable source and requesting sensitive information.
Attempting to obtain company information over the phone by impersonating a known company vendor or IT department.
Email Security Best Practices—Five Ways to Block Phishing Attacks
Employees should always be suspicious of potential phishing attacks, especially if they don’t know the sender. Here are five best practices to follow to help make sure employees don’t become helpless victims:
- Don’t reveal personal or financial information in an email—Make sure employees also know not to respond to email solicitations for this information. This includes clicking on links sent in such emails.
- Check the security of websites—This is a key precaution to take before sending sensitive information over the Internet. <http> indicates the site has not applied any security measures while <https> means it has. Also consider if employees are practicing safe browsing habits. Sites that do not serve a legitimate business purpose are also more likely to contain harmful links.
- Pay attention to website URLs—Not all emails or email links seem like phishing attacks, so employees may be lured into a false sense of security. Teach them that many malicious websites fool end users by mimicking legitimate websites. One way to sniff this out is to look at the URL (if it’s not hidden behind non-descript text) to see if it looks legit. Employees may also be able to detect and evade the scheme by finding variations in spellings or a different domain (e.g.,.com versus .net).
- Verify suspicious email requests—Contact the company they’re believed to be from directly. If an employee receives an email that looks odd from a well-known company, such as a bank, instruct them to reach out to the bank using means other than responding to the suspicious email address. It’s best to contact the company using information provided on an account statement—NOT the information provided in the email.
- Keep a clean machine—Utilizing the latest operating system, software and Web browser as well as antivirus and malware protection are the best defenses against viruses, malware and other online threats. It may be difficult for employees to do this, so the business may want to invest in a managed IT services provider who can also be a trusted advisor for all IT needs.
Next blog: User Name and Password Management
For more information on keeping your small business secure call 678-389-6200 or contact us online.
It seems so simple, but keeping a clean desk is often overlooked when talking about data security. It’s also the perfect place to start the discussion with employees.
Employees that keep a cluttered desk tend to leave USB drives and smartphones out in the open. They also often forget to physically secure their desktops and laptops so someone can’t simply walk off with them.
A messy desk also makes it more difficult to realize something is missing such as a folder with hard copy print-outs of customer lists. In addition to increasing the likelihood of something being removed, a cluttered desk means that the discovery of any theft will likely be delayed—perhaps by days or even weeks if the employee is out of the office. Such delays make it more difficult to determine who the perpetrator is and where the stolen material might now be located.
11 Common Messy Desk Mistakes to Avoid
The following list presents 11 “messy desk” mistakes employees are prone to commit and which could cause irreparable harm to the business, the employee, fellow employees, customers and business partners. These are all bad habits for which to educate employees to stop:
- Leaving computer screens on without password protection: Anyone passing by has easy access to all the information on the device. Be sure to lock down screen settings.
- Placing documents on the desk that could contain sensitive information. It’s best to keep them locked up in drawers and file cabinets.
- Forgetting to shred documents before they go into the trash or recycling bin: Any document may contain sensitive information; it’s best to shred everything rather than taking a risk.
- Failing to close file cabinets: This makes it easy for someone to steal sensitive information and more difficult to realize a theft has occurred.
- Setting mobile phones and USB drives out in the open: They likely contain sensitive business or personal information and are easy to pick up quickly without being caught in the act.
- Neglecting to erase notes on whiteboards: They often display confidential information on products, new ideas and proprietary business processes.
- Dropping backpacks out in the open: There’s often at least one device or folder with sensitive information inside.
- Writing user names and passwords on slips of paper or post-its: This is especially important given that user names and passwords are typically used to log in to more than one site.
- Leaving behind a key to a locked drawer: This makes it easy to come back later—perhaps after hours when no one is around—and access confidential files.
- Displaying calendars in the open or on the screen for all to see: Calendars often contain sensitive dates and/or information about customers, prospects and/or new products.
- Leaving wallet, credit cards or security card out on the desk: This is more likely to impact the employee, but wallets may also possess corporate credit cards and security badges.
Of course you’re thinking – I trust my employees. Why would I need to be concerned about security of their desk area?
Trust isn’t always the issue. You have to be careful about accidental or inadvertent security vulnerabilities. For example, you sure wouldn’t want a document left on screen or on a desk pertaining to an employee review, compensation info, or termination. You wouldn’t want someone seeing a jump drive on a desk, thinking that’s the one with their project on it, and it has sensitive company information not intended for their eyes.
Sometimes it is about trust. Not all employees are as loyal as they seem. Some my be overly competitive and want to get info they shouldn’t have to advance in the company. Some may be planning to leave and take your customer lists with them.
The point is, if everyone keeps their own desk area clean and secure, you won’t have to worry about accidental, inadvertent, or malicious security breaches within your own company.
Next blog: Email threats!
For more information on keeping your small business secure call 678-389-6200 or contact us online.
When developing cybersecurity programs, many businesses focus on protecting their infrastructure perimeter and device endpoints. After all, that’s where cybercriminals usually first gain access and wreak havoc on a company’s digital access.
But it’s also important to consider what happens when a threat bypasses perimeter defenses and targets an employee—in the form of a malicious email or text, or even a voicemail that might prompt an employee to respond with confidential company information. There’s also the possibility of an offline attack from inside the office, where an employee or an office visitor might gain access to valuable data by quickly taking something carelessly left on a desk.
According to a recent PricewaterhouseCoopers survey, 86% of business executives expressed concern about cyber threats, including a lack of data security. In addition, 100% of IT professionalsrecently surveyed at an SMB said they could improve their cybersecurity systems. These numbers indicate that it’s clear there’s a pressing need for better cybersecurity. The issue is not going away anytime soon. If anything, it’s only getting worse.
Stronger cybersecurity has become a global priority over the last few years as hackers penetrate the IT infrastructure of government and enterprises with increasing frequency and sophistication. According to a recent government report, How to Protect Your Networks from Ransomware, 4,000 ransomware attacks occurred per day in 2016. Furthermore, the annual cost of global cybercrime damages are estimated to cost $6 trillion by 2021, according to a 2017 Cybercrime Report by Cybersecurity Ventures. Coupled with the Internet of Things (IoT) and the explosive growth of mobile devices, the threat landscape and potential for data leaks is even more significant.
In my next few blogs, we’ll explore the need for employees to practice strict and secure cybersecurity habits— not only to thwart digital attacks, but also to prevent someone from simply walking by their desk (in the office or at home) and picking up a device or document that contains sensitive information. We also present the key steps SMB business owners can take to educate their employees to help secure their company’s data and intellectual property.
We can’t stress enough the importance of security awareness training for internal employees. Educating them on what it takes to protect proprietary documents and data is critical. Any leaks— unintentional and intentional—could hurt the business in the form of information that assists a competitor, violates regulations, or harms the corporate image. Leaks can also hurt employees from the standpoint of personal information that might be exposed. Lastly, customers and business partners could be at risk, compromising the industry reputation of any business that does not properly protect confidential information. It only takes one incident to completely destroy any goodwill you established and built with your customer base.
Next blog: Physical Security Precautions…beware the messy desk!
For more information on keeping your small business secure call 678-389-6200 or contact us online.
Dementia and Alzheimer’s are scary for both patients and caregivers. Right now, there is no cure. Scientists are trying to find ways of prolonging patient’s lives and delaying the onset of the disease. IT Technicians are finding ways to make lives better and caring for patients easier. Some remarkable work is doing things for these individuals that has never been seen or done before.
First, A Word About The Disease
According to Alzheimer’s International, nearly 44 million people worldwide have Alzheimer’s or related dementia. More than 5 million American’s are living with it, and Between 2017 and 2025 every state is expected to see at least a 14% rise in the prevalence of Alzheimer’s. Those statistics are startling, especially since Alzheimer’s disease is irreversible.
Accounting for around 70 percent of dementia cases, Alzheimer’s Disease is the most common cause of dementia, a group of brain disorders that results in the loss of intellectual and social skills. These changes are severe enough to interfere with day-to-day life. It progressively destroys the brain and ruins memory and thinking skills, and eventually the ability to carry out the simplest tasks.
A Few Other Statistics
- In 2017, Alzheimer’s cost the United States $259 billion.
- By 2050, costs associated with dementia could be as much as $1.1 trillion.
- The global cost of Alzheimer’s and dementia is estimated to be $605 billion.
- Alzheimer’s is the 6th leading cause of death in the United States.
- Between 2017 and 2025 every state is expected to see at least a 14% rise in the prevalence of Alzheimer’s.
- By 2050, it’s estimated there will be as many as 16 million Americans living with Alzheimer’s.
- Every 66 seconds someone in the United States develops Alzheimer’s.
- 1 in 3 seniors dies with some form of dementia.
Technology at its Finest
Because of these sad stats and high numbers, IT experts have come up with some amazing devices that use modern technology to aid in the care of people suffering from memory problems. Here’s a look at a few of the latest innovations.
Clocks precisely intended for those with Alzheimer’s and dementia can help ease the stress associated with day to day life. Someone who has dementia may confuse night and day so an easy to read clock can help them to better tell the time.
Medication management technology created high tech automated pill dispensers which beep and open to remind caregivers and those with dementia to take their medicine. Vibrating alarms on a watch have also been fashioned to remind when it’s time for a pill. This technology serves the busy caregiver well by helping them not to forget medication time as well.
Video monitoring technology supports both care recipient and caregiver, by allowing both people more freedom. The patient doesn’t feel watched constantly because loved one can spend a little time away, and loved ones get the comfort of being able to see their family even when they’re not in the same house.
GPS Location and Tracking Devices
People with Alzheimer’s or dementia may wander. Tracking devices can be worn by the person in some way and have alert systems that let a caregiver know if their loved one has left a certain area. This type of technology can also alert emergency personnel to aid in a quick recovery.
Picture phones are specifically designed for people who cannot remember phone numbers. These phones have large numbers and are pre-programmable with frequently called phone numbers. Some of the phones come with clear buttons where photos can be placed so that the person can just push the button associated with the photos to call their loved one quickly.
Electrical Use Monitoring
This device monitors a patient’s use of electrical appliances. It plugs into a wall outlet or power strip and will alert caregivers if their commonly used appliances have not been turned on or off.
Wearable cameras and augmented reality glasses could be the next big thing in helping patients. These devices can take hundreds of pictures every day from the user’s point of view logging their lives in this way.
A Village of Care
In Kitchener, Ontario, something wonderful is happening. Facilities have been designed to be less institutional-looking, friendlier and homier. “Schlegel Villages” is one of the first of its kind and is improving the quality of life for the people that live there.
One problem they deal with though is when at-risk seniors become confused and attempt to leave. According to Schlegel’s IT director, Chris Carde, “Some seniors with certain types of mental illness can remember the door-lock code to get out but can’t remember anything else. A confused senior wandering out into a southern Ontario winter can be a serious, even fatal, incident”.
Schlegel Villages is also implementing an e-health system to replace paper charts at its care facilities. Carde states, “Nurses would have to write down a patient’s vital signs, then enter them into a desktop computer some distance away. The new system, which will use iPads and iPad minis to enter health information directly into the database, is being greeted warmly by clinicians”.
Thinking Outside of the Box
A German senior center applied the idea of using fake bus stops to keep Alzheimer’s disease patients from wandering off. Because their short-term memory is not intact, but their long-term memory works fine, they know what the bus stop sign means, and they stop. It is a huge success in Germany, now they want to bring it to several clinics in North America.
A Final Word
Thanks to these researchers and IT innovators, the future is much brighter for patients with memory diseases and their families and care providers. This is just the beginning when it comes to making life easier. Information Technology has only just begun to scratch the surface of what can be done to help in the fight against dementia and Alzheimer’s.
Steve Jobs Day Sheds Light On Apple Founder’s Legacy
In today’s modern world, the name “Apple” has become synonymous with technology. It’s no wonder then that Steve Jobs, the company’s late co-founder, has become such an influential figure in American history. His contributions are well documented in motion pictures, books and an authorized biography.
October 16 is known as Steve Jobs Day, which was declared in 2011 by the Governor of California. The day brings forth the opportunity to reflect on the life of the famed innovator and how his contributions have helped advance the human race. From iPhones to iPads and every single app in between, one could argue that humanity would not be as technologically savvy without the work of Steve Jobs.
In August of this year, Apple achieved what no other company in history has done. It became the first publicly traded U.S. company to reach $1 trillion. Not only is this historic in terms of branding, but it brings to light the incredible ingenuity the company has displayed throughout the years. Along with his partner Steve Wozniak, Jobs’ innovations have helped solidify an incredible legacy likely to stand the test of time.
The Early Years
Jobs grew up in the San Francisco bay area in the 1960s. By the age of 10, he had developed a fascination with electronics, likely due largely in part to time spent with his father building crafts. This hobby paved the way for Jobs’ establishment of Apple in 1976, along with his co-founder Steve Wozniak.
Jobs sat at the helm of Apple’s operations until 1985, when he broke ties with the company and established NeXT computers. Apple later purchased NeXT and paved the way for Jobs’ return to the company in 1997.
While Jobs can’t be credited for inventing the first computer, his founding of Apple paved the way for its widespread use. The computers that came before Apple was expensive and typically used only for business purposes. The introduction of the Apple II, the brainchild of Jobs and Steve Wozniak, changed this concept forever. Marketed as the world’s first mass-market personal computer, the Apple II meant users could now access the technology from the privacy of their own homes.
More than two decades later, in 1998, Apple released the iMac, an all-in-one computer. One of Apple’s lesser-known inventions is the iBook, which was introduced in 1999. The laptop came equipped with Wi-Fi technology and a few upgrades to its design. People today may remember it for its tangerine and blueberry color options and clamshell design.
The Apple iPad, introduced in 2010, has made the Internet even further accessible. This tablet computer was built more for entertainment than previous devices, making it a staple in many households, utilized by children and adults alike. The product was deemed so successful that Apple sold more than 15 million of these devices in its first year.
Of all Apple’s products, none is as influential in the tech world as the iPhone. Apple’s introduction of the iPhone marked a paradigm shift for the traditional mobile phone. Apple’s version, like the majority of its most revolutionary products, boasted a sleek, simple design that helped further uncomplicate technology for the masses.
Introduced in 2007, the phone has undergone a radical series of redesigns over the years, each year presenting more opportunities for productivity than the last. Prior to the invention of the iPhone, mobile phones’ primary purpose was to access chatting and emailing. Today’s version is utilized for web-surfing, Facetiming, social media and the utilization of an endless stream of apps available for download at users’ fingertips. Frequent updates and new designs ensure Apple users are getting the best product possible, which has helped the brand amass its own population of loyal followers.
One of Apple’s most significant inventions to date remains the iPod. While mp3 players had been on the market for several years, Apple’s version was seen by many as far superior, and so it began to dominate the market. Able to store thousands of songs, the iPod grew in success with the help of other products, such as Apple iTunes, which was released in 2001. The new technology allowed users to organize their digital library on both their personal computer and through their devices. The iTunes Music Store went live in 2003.
Not all of Jobs’ best inventions were technological. The innovator is also credited with inventing the world’s first glass staircase. The design, which was awarded a patent in 2002, has been used across some of Apple’s flagship stores and has since been adopted, in some sense, by both commercial and residential properties the world over.
Steve Jobs Day is a day designated for honoring the Jobs legacy, but his impact is seen daily, in the hands of millions. While Apple, as a company, has certainly carried on without him, Jobs is one innovator unlikely to ever be forgotten.
Google+ Social Media App Will Soon Move Off Into The Sunset
Google+ has never really been a popular social media network. In fact, most people say they’ve never used it and don’t know how it works. So it’s not too surprising to hear that Google has finally decided to pull the plug.
Google just announced a ten-month sunsetting period, which begins now and will end in August of 2019.
Besides the site simply not being popular, Google has had serious security issues. Project Strobe discovered a bug in Google+ that may have leaked the personal information of thousands of users. Though Google says the vulnerability was not discovered by hackers and that no profiles were compromised, their senior executives felt that rumors of a breach would likely trigger “immediate regulatory interest.” So they simply didn’t tell anyone.
Other Social Media Data Breaches
For several years, Facebook has been under scrutiny for allowing the data firm Cambridge Analytica to access their user information. This data was in turn used to create targeted social media ads that eventually swayed the presidential election of 2016. Since that incident, Americans have become much more aware of the effects and dangers of data breaches and social media manipulation.
Given the fact that almost no one was using the Google+ app and the high risk for potential data leaks, Google execs said they simply felt that it was best to discontinue Google+. Users will have 10 months to migrate their data before the platform is officially dissolved in August of next year. However, the company has decided to continue supporting the Enterprise version of Google+ so businesses using that app will not be affected.
More About the Google+ Security Breach
Last March, Google discovered a privacy breach, which allowed third-party apps using their programming interface to access the personal data of users. This data includes usernames, addresses, email addresses, birth dates and other bits of personal information.
The Wall Street Journal reported some details about the security breach and said that Google executives had been informed about the breach soon after it occurred. These executives made the decision not to disclose the breach to its users for fear of tarnishing their reputation.
Reporting Security Breaches
In a blog post, Google said that it decides when and if the organization should notify users of data breaches. They take into consideration the type of data that was leaked, whether there’s evidence of misuse and whether there’s anything that users can do about it.
According to security breach laws, any organization that experiences a data breach must inform those affected. And they only have a specific amount of time to do so. This varies by state but there are severe penalties for not correctly reporting a security breach.
Executives at Google say that the gap has been fixed and that users do not need to worry about any further data leaks. However, there is ample evidence that Google did not follow the law once they learned of the data breach. This can result not only in penalties from the federal government but also users can file individual lawsuits if they believe their personal info has been compromised.
How Data Breach Laws Are Changing
With the new European Union GDPR (General Data Protection Regulation), more countries and organizations are implementing stronger security measures. The GDPR affects anyone who does business with an entity that resides within the European Union. This has caused many business owners to revamp the way they collect and store personal information from their users.
Once a company has collected an individual’s personal information, they have a legal responsibility to keep that data as secure as possible. In spite of these advances in data security regulations, hackers seem to be one step ahead. Their tactics change, improve and evolve making it necessary for all organizations to be more cautious.
Senate and House Committees Get Involved
This past year, many social media and technology companies have come under scrutiny due to their data and privacy practices. Executives from Twitter, Facebook and Google have testified before various Senate and House committees. Under fire are their security measures, but also their political biases. The government is considering types of regulations that would prevent these companies from meddling in important things like the elections.
Now that everyone is fully aware of how easy it is to sway voters in one direction or the other, there is a very real fear that future elections may be manipulated by these companies. They not only have the knowledge, but they have the resources to influence the way people vote. And this ability holds within it a great deal of potential power to change our society in ways that can only be speculated about at the moment.
What Should Google+ Users Do?
In the meantime, if you are a Google+ user, it’s best to go ahead and make copies of any content you have on the site, then delete your account. Once it has been deleted, you’ll no longer have to worry about losing it to hackers who have found yet another weakness in the site’s security protocols.