Cisco Duo – The What and Why

Everyone at this point is probably familiar with Multi-factor Authentication, or MFA. In short it is the process of verifying a login through secondary means. Duo as an application functions as a secure MFA platform that can be used across all the devices that you use to access your secure data. The mission of Duo is to ensure that the identity of the person logging in is accurate to who they actually are. It does this through multiple levels of verification, learning your regular habits, and continually checking for potential security breaches. 

Below shows some of the ways Duo works with your smartphone to keep you secure:

The Why:

We at SSI recommend Duo due to the adaptive protection that it offers while still being user friendly. We all know why MFA and identity protection is important, but we have all still felt the pang of annoyance when having to approve a login or verify a request. Duo holds all of the accounts and requests in one app so there is never confusion on how to login. Duo has the ability to log “trusted devices” which streamlines this process further when using the same phone or computer for work tasks, reducing the amount of times you are prompted for a verification. Using their patented AI technology Duo is able to learn users habits and will send security notifications when it detects unfamiliar behavior. Admin users in a company have the ability to set custom security parameters and get real time updates to maximize data protection. Unlike many other MFAs Duo’s protection doesn’t just stop at the log in screen, which is why we advocate for its use. 

Rate and Consultation:

  • $3 per device

If you are interested in a consultation and overview of this product please contact us at help@yougetit.net. 

Graphus Antiphishing – The What and Why

The What:

In the most simple terms, Graphus is an email plug-in that protects users and devices from the most common types of email cyber attacks. The more you use Graphus and teach it how you communicate within and outside your organization, the better it gets at defending you. All suspicious email activity is flagged and historically logged to allow us at SSI to make the most informed decisions about how to protect your data.  

Here is an example of what Graphus can offer you:

The Why:

A study done by America’s Cyber Defense Agency showed that 91% of Cyber attacks start from documents or links in your email inbox. One click can lead to precious data being stolen or the loss of thousands of dollars. Graphus is able to detect the suspicious activity and language that is often used, and will flag the content to make sure that you can work safely. It is highly adaptive and can only get better the more it is utilized. This feature is critical due the the lightning fast speed that technology develops at. Just as fast as hackers learn new tricks, Graphus learns how to identify them. We at SSI love how Graphus works in conjunction with our mission to protect and provide for our clients. 

Rate and Consultation:

  • $4 per device

If you are interested in a consultation and overview of this product please contact us at help@yougetit.net. 

Virtual Penetration Testing (vPentest) — The What and Why

The What:

Virtual Penetration Testing, better known as vPenTesting is a service we offer at SSI that we think is critical to add to your cyber security playbook. In short the vPentest acts like a hacker trying to get to your companies critical data. With our equipment and expertise we are able to simulate a broad variety of cyber attacks to highlight any security gaps that may exist in your systems. With this information we are able to generate a report highlighting theses gaps and providing the way to strengthen the entire system. Not only does this highlight the gaps, but it can also show us where you are doing things right and where the defensive measures you’ve already taken are working. Below are some examples of what information you may receive after a vPentest:

Examples of Assessment findings

Historical Comparisons to see how you Improve

The Why:

We live in an age where technology develops at a lighting fast pace. As fast as new security measures are developed, those with other intentions are developing their sinister tools. In the era of data and technology having strong cyber security can quite literally be the difference between a successful company or bankruptcy. We have also noticed that many Insurance companies are starting to require it for coverage due to the increased likely-hood of cyber attacks.  We offer bi-annual vPentesting to ensure that all our clients sensitive data is always secure and protected. At SSI we believe knowledge is power and this is away for us to give that power back to the clients we serve. 

Rates and Scheduling:

  • Annual (once per year) – $599/per test
  • Biannual (twice per year, 6 months apart) – $399per/test

To Schedule: Please reach out to help@yougetit.net where one of our teammembers would be happy to assist. 

Google Hangouts is Ending Nov. 1, 2022

On November 1, 2022, Google Hangouts is going to start redirecting to Google Chat. Even though the capabilities are similar between the two, Google has alerted that there is a risk of data loss during this migration period. Unfortunately, this change is not one that can be opted out of. We advise that current Hangout users sift through their Hangout Conversations and locate any that should be saved. We can assist in saving these conversations if there is a concern of data loss.

When in Gmail, if the left-hand quick access menu already has this “Chat” icon, then you are all set and do not need to take any action.


As always, please contact us at help@yougetit.net if you have any questions or require assistance.

Log Off vs Disconnect

When using your cloud server or other forms of RDP (remote desktop), there are two ways in which you can leave your connection: Logging off or Disconnecting. However, these two have different results believe it or not. If you simply select the “X” at the top of your window, you are Disconnecting.

Disconnecting leaves your open applications running and continues to use the resources of the server/desktop that is being connected to. This can cause issues for you when you reconnect or for other users who are connected as well.

Logging Off, also called Signing Out, can be done by either using the “Log Off RD” icon on your Desktop, or by selecting “Start’“ in your RD window, then your account bubble, and lastly “Log Off” or “Sign Out.” If you would like for us to add this “Log Off RD” shortcut, please let us know.

What to do if Windows 11 automatically updates

How to Roll back to Windows 10

Windows 11 updates have been happening randomly on some of your devices. Systems and Software Inc has set update policies to try and prevent these updates, but sometimes the change can happen regardless. To roll your computer back to Windows 10, simply follow these steps:

-Go to “Start” and search for “reset”

-Select “Reset this PC – System Settings”

-Under “Recovery Options”, select “Go Back”.

-A new window will open, asking to select a reason. Pick one, then select “Next”

-Now you will be asked if you want to check for Windows 11 updates. Select “No, thanks”.

-Select “Next” on the next two screens and finally choose “Go back to Windows 10” on the last screen.

-This 10-30 minute process will begin a system reboot that will return your PC to Windows 10.


Why not stay on Windows 11?

We are still asking clients to wait until the end of 2022 to completely upgrade to Windows 11, but select clients can upgrade based on their applications and tolerance to this change. For those who work mostly with Microsoft applications like Word/Excel or work primarily on a cloud server, the change to Windows 11 will have minimal effect. The only issue we have experienced with upgrading to Windows 11 is the potential for Google Chrome to not function properly, as well as its interaction with some company-specific applications. We are working to find the best solution for this and can work with users on an individual basis if they experience any issues.

Please feel free to contact us at help@yougetit.net if you have any questions or require any assistance.

Log4J Vulnerabilities and AWS Outage Update

Log4J Vulnerability
You may have been hearing news and reports of a security vulnerability called ‘Log4J’. Log4J is a logging program used by big name companies like Microsoft, Apple, Amazon, and Minecraft. Recently, a flaw was discovered that could give open access to these logs and/or company servers. These companies who use Log4J are working to put out updates to prevent breaches, and as customers we just need to apply these updates when they are available.
AWS Outage Update
As of 11:01 AM EST on 12/15/2021, Amazon has identified the root cause of an outage to AWS US-West-2 and has taken steps to restore connectivity. There has been some improvement in the last few minutes but they continue to work towards full recovery. While we are aware of AWS specific services affected by the outage – we are not aware of 3rd parties that rely on AWS that deliver services to you. Please report any outages to us and we can advise if they appear to be related to the AWS outage.

Please feel free to let us know if you have any questions or concerns.

2-Step Verification and Multi Factor Authentication

Google Workspace: 2-Step Verification

As Google has begun to make it’s 2-Step Verification into a default policy, we are reaching out to remind our clients about this important security setting. Your Google Workspace account is currently setup to allow 2-Step Verification, but it is not enforced. Users can add 2SV at their option or it can be a policy where users are required to enroll. We highly recommend that if you don’t already do so, get your account setup with 2SV. 2SV provides extra protection to your account and makes accessing your data more difficult for those who aren’t intended to see it.
Follow these simple steps to get started. Google 2-Step Verification
1. Click on your account bubble in the top right corner of the screen and select ‘Manage Your Google Account’ from the pop up window
2. Select ‘Security’ in the list on the left side of the screen
3. Under the ‘Signing in to Google’ section, select ‘2-Step Verification’
4. This will take you to a new page where you can set up the phone number to be used for the verification and the way you will be verified.

Microsoft Office 365: MULTI FACTOR AUTHENTICATION

Office 365 users have a corresponding feature of 2SV, called Multi Factor Authentication, that is also becoming the default setting. MFA shares the same idea as 2SV, and we highly recommend that its use for your safety. Here is the link to find out more of how MFA works. To set MFA up for your organization, please reach out to us.

We have recently assisted several clients who have been subject to expensive fraud due to compromised user accounts. Please take these important steps to prevent this from happening to your team!


Please reach out to us if you wish to REQUIRE your users to employ 2SV or MFA – or if you are in need of any other assistance. Thanks!

McAfee Phishing Email

We have many of our clients reporting that they have received the following email or one that looks similar. They should ignore and delete it immediately:

McAfeeThanks for being our existing valued customer.

We hope you’ve been enjoying our premium services- 5 devices subscription.
We wanted to give you a heads up that we will be charging you for the next period of your subscription today.
Your account is debited with $429.98 which will be shown on your statement shortly.

Your Subscription Details :

Product Name : Mcafee All-Round Secure Net 5 Devices Protection
Plan Details : One Year
Product Price : $429.98

Billing Support #+1 888-560-XXXX

If you have any problems with the VPN, your account or any other technical issue, please raise a ticket on “Help Section Page”.

If you have any problem with your payment reach out to us on our billing support number.

 __________________________________________________________

This is a phishing email. 

The purpose of this attack is that the sender wants a recipient to click the link and put in valuable information such as passwords, usernames, credit cards, etc. Filters do their best to try and block this kind of phishing attempt, but every so often, one gets through. The best thing to do is simply ignore and delete this email. 
Please feel free to contact us if you have any questions or concerns with any suspicious emails that you may be receiving. 

Slow Browser Speed after Windows Update?

Recently, there has been a Windows update that has caused some slow speeds when using your internet browser. We have found out the cause of this issue is rather simple. Find your browser below and follow the steps provided:


Google Chrome/Microsoft Edge

1. Click on the Vertical 3 dots in the top right corner of your browser 

​2. Select ‘Settings’ from the drop down menu

3. Look at the menu on the left of the screen and select ‘Advanced’

4. Select ‘System’ under the ‘Advanced’ menu

5. Uncheck the option ‘Use Hardware Acceleration When Available’

6. Restart your browser

———————-
Firefox

1. Click on the Vertical 3 lines in the top right corner of your browser

2. Select ‘Settings’ from the drop down menu

3. Scroll down to ‘Performance’
4. Uncheck ‘Use Recommended performance settings’

5. Uncheck ‘Use Hardware Acceleration when available’

6. Restart your browser

—————-


This should resolve any slow browser speeds that are occurring since the Windows update. Please feel free to contact us with any further questions or concerns at help@yougetit.net.
Thank you.