Coleman Technologies Blog

Why Your Employees Need Training
The most notable reason to provide training for your employees starts from their first day on the job, when they might need to be educated on how to use the solutions your organization depends on. This might be time-consuming, but it is critical if you want to save time in the long term. Training employees as soon as possible will mean you’re not leaving employees to figure it out for themselves.

Even more experienced employees will need training every now and then. The average employee will only retain about 40 percent of what is covered during their introduction to a topic, making education a critical part of maintaining operational productivity. Since technology is changing often, you should take some time to improve your training processes.

Training Options
There are many different ways to approach employee training, but one common factor among them all is pairing a new employee with an experienced one to teach them a thing or two about the process. On-the-job training is a practical way to make sure that instruction is taught by someone who knows what they are doing, and it can even help develop relationships between your workers.

On the other hand, when a new technology is introduced to the workplace, your entire staff might need to know how to use it. In cases like this, you can use webinars to help employees “self-teach” themselves on how to use it. Avoid holding all of this training in a single session, though, as it’s better to spread it out so as to avoid a situation where your employees are stuck in training for a week at a time. Some organizations have had success in splitting their teams up into internal groups to help employees learn as much as possible.

If Your Team Needs Help…
A help desk solution is a perfect way to supplement what your employees already know with what they need to know. You can provide your staff with access to trained technology professionals who can provide assistance when it’s needed. Coleman Technologies can help your business get started with technology training and support. To learn more, reach out to us at (604) 513-9428.

Before we get started, we want to make sure that you know to consult with your IT department or provider before you go to make any of these changes. That way, they will be able to undo any mistakes you or your employees might make during the following processes.

Customizing Word’s Rules to Meet Your Preferences

It’s likely that there are some things that you regularly type into Microsoft Word that it may not agree with. Your company’s name might not exactly jive with the grammatical rules that the rest of the language should subscribe to, for instance, or you may prefer to stylize certain terms or phrases differently. Word isn’t going to like this, and is going to try to let you know that a mistake has been made. Of course, it might also just change the word you typed to what it is “supposed” to be.

These corrections can be a pain to repeatedly make, and there’s always the chance that one will be missed. Fortunately, Word offers you the opportunity to “teach” it new rules via a fairly simple process.

To access these rules, select File, and from there, Options. A new window should pop up with a Proofing option in the list. That page looks like this:

Adjusting AutoCorrect

Here, you can alter a variety of proofing options, including your AutoCorrect Options. Clicking that button will present you with another window.

This window allows you to set your AutoCorrect rules, identify any exceptions you might want to make, and review how misspelled text can be automatically revised.

Establishing Grammar Rules

Returning to the Proofing List window, you also have other options that allow you to adjust Word’s corrections. For instance, clicking the Settings... button under When correcting spelling and grammar in Word provides another window. From here, you can control which grammar rules Word will flag or ignore in your copy.

Stop Worrying About Word Changing What You Write

By implementing these changes, you can prevent small annoyances from interrupting you as you work with Microsoft Word. This way, you can accomplish more without having to worry about dealing with automatic corrections again.

For more tips on how to best leverage your solutions to save you valuable time and money, subscribe to our blog!

Numbers are still coming in as far as how widespread this issue is. As of Monday, cybersecurity firm Kaspersky Lab said potentially thousands of Asus computers were infected, but on Tuesday that number has potentially broken a million.

How Could My Asus Laptop Get Hacked?

This type of attack is called a Supply-Chain Compromise and is one of the most frightening kinds of cybersecurity threats out there. Asus’s software update system was compromised by hackers, putting a backdoor into consumer devices. The scariest part is that this backdoor was distributed last year and it’s just being noticed now.

The good news is this has given Asus plenty of time to plug up the security holes on their end, but if you own an Asus device there is still a chance that it is infected with malware from the initial attack.

What Do I Do Now?

First and foremost, no matter what brand of computer or laptop you have, you need to make sure you have antivirus, and that antivirus needs to be licensed and kept up-to-date.

If you have an Asus device, Asus has released an update in the latest version of their Live Update Software. They’ve also patched their internal systems to help prevent similar attacks from happening in the future. You’ll want to make sure you have Live Update 3.6.9 installed.

Asus has also released a security diagnostic tool that will check your system to see if it has been affected. Click here to download the tool.

We HIGHLY encourage you to reach out to Coleman Technologies if you are running any Asus hardware. It’s better to be safe than sorry.

As a result of this increase in phishing attacks, endpoint security has grown much more focused, but the issue with phishing isn’t necessarily an issue with the strategies surrounding your technology--rather, it’s an issue relating to your organization’s users and their tendency for failure. Now, we know this sounds a little harsh, but it’s been proven time and again that employees need security training on how to handle credentials and other sensitive information. Let’s take a look at a couple different types of attacks you can be exposed to, and what you can do to keep your organization from becoming just another company that has suffered from a data breach.

Deceptive Phishing
Deceptive phishing is one of the most common types of phishing scams, and it aims to fool unsuspecting users into handing over sensitive information. This happens when the hacker sends a message to users that impersonates an actual person or company that the organization has some sort of relationship with. These hackers use deceptive phishing to convince users to hand over information like passwords, usernames, account numbers, etc. Since official credentials are being used to access these accounts, it doesn’t immediately become a security concern.

For the most part, these deceptive phishing messages are either ignored by the users, caught by filtering technology, or disregarded when they’re accessed. Unfortunately, the handful that actually do fool the end user are worth the hundreds-of-thousands that are sent to others. To keep your business from making this fatal mistake, you need to focus on increasing awareness of what makes phishing attacks so much different from your average legitimate email.

Some of the telltale signs of phishing messages include misspelled words, problems with sentence structure, and suspicious attachments or URLs. Always hover your mouse over a link before clicking on it to determine its location, and never download an attachment unless you know who’s sending it. Another thing to look out for is any financial institution or vendor demanding payment or access to your account--there are other, more official methods of outreach for methods such as these; and no bank or similar institution will ever, ever ask you for passwords.

Spear Phishing
Spear phishing attacks are targeted attempts against a specific user. For example, someone who sees a message from a coworker might let their guard down, but this doesn’t necessarily mean the message is safe. It just means that some hacker managed to find a way to mimic the sender in a way that is extremely convincing. Spear phishing attacks will often know the target’s name, title, company, work phone number, and much more--all to seem as authentic as possible so the user will click on a malicious attachment or URL.

Even social media isn’t safe from this trend. LinkedIn, for example, is one of the most common places where spear phishing is leveraged. It might be used for connecting with other business professionals, but it’s not hard for a hacker to imitate a business professional. We aren’t saying that you need to avoid social media like the plague, only that you should approach it with some sensible caution.

Pharming
That being said, more people are learning about these attacks by the day, meaning that some hackers have ceased these types of attacks for fear of their efforts being for naught. Instead, they turn to a practice called pharming, which is using an organization’s DNS server to change the IP address associated with the website name. This gives them a way to direct users to malicious websites to steal their legitimate credentials.

To prevent this from happening, it’s very important that you tell your staff to be sure they are entering their credentials into a secured site. The best way to make sure this happens is to look for the “https” in the hyperlink, as well as a padlock icon next to the address. It also never hurts to have an antivirus solution on each endpoint within your organization.

Coleman Technologies can help your business stay as secure as possible. To learn more, reach out to us at (604) 513-9428.

What Are Biometrics?
Biometrics are a method of authentication that uses some sort of physical attribute or qualifier rather than a password or a key code. Some examples include fingerprints, voice patterns, typing rhythms, and so much more. They are easier to use than your typical passwords or key codes, and even better, they can be used in conjunction with traditional security measures and practices.

Let’s take a closer look at what some of these biometrics are, as well as the most practical way to implement them.

Biometric Types
There are two major categories for biometrics: physical identifiers and behavioral identifiers. Physical identifiers are by far the most common:

• Signatures: Signatures are one of the unique ways you can identify an individual, and you’ve surely seen this biometric used at least once somewhere or another. Whether it’s a transaction or an agreement, a signature can do much to guarantee someone’s authenticity.
• Fingerprints/Physiological Attributes: This particular biometric is often used to secure smartphones. Fingerprints can be used to determine the identity of the user, as well as various other physiological attributes, like palm scanning, retinal scanning, and facial recognition.
• Voice: Voice-based authentication is common all over the place these days, whether it’s a personal user issuing commands to a virtual assistant or a business using voice authentication to navigate automated answering systems.
• DNA: The technology to implement DNA sequencing into authentication is still a ways off, but it’s closer than you might think.

There are other behavioral identifiers that are used for biometric authentication. While these methods are still in development, here are a few examples of them:

• Typing Patterns: People all write in different ways, and the same goes for typing. Therefore, this can be used to determine the authenticity of the user based on their keystrokes and the pressure applied to the keys.
• Navigation and Engagement: In a similar fashion, the way that people navigate applications and systems can also determine identity. Mouse movements are quite showing, as well as how we hold devices.

Reliability (and Risks) of Biometrics
Biometrics are proving problematic to an extent, mostly because they can be inconsistent. Voices can vary depending on the user’s health or age, and faces can change based on a clean-shaven (or bearded) face, a haircut, or a pair of glasses. There are ways to work around this system, and with biometric authentication, there is much that needs to be taken into account.

Security is a Major Concern
This kind of data needs to be heavily protected, as it not only exposes sensitive information, but personal information as well. These kinds of credentials are also not easily changed, as they are heavily based on physical traits. For these reasons, biometrics may take some time to be adopted as the norm.

What are your thoughts on biometrics? Let us know in the comments.