It’s Time to Revisit Your Password Best Practices

Closeup of Password Box in Internet Browser

When a hacker tries to access one of your accounts, the first challenge they must overcome is the password. This is why industry professionals always encourage you to create them with security in mind. The latest guidelines issued by the National Institute of Standards and Technology, or NIST, are not quite conventional or traditional, but they do give valuable insights into how password best practices.

What is the NIST?

The NIST is the authority on all things password-creation, and they are no strangers to issuing various best practices. While these practices do shift over time, due to the unfortunate side-effect of threats adapting to security standards, their advice is trusted and should absolutely be considered by all. Please see below for the recent update on password best practices.

The New Guidelines

Many organizations and Federal agencies have adopted these guidelines. Here are the latest steps to take when building a secure password.

Length Over Complexity

Most security professionals have advocated for password complexity over the past several years, but the guidelines issued by NIST disagree. NIST suggests that the longer the password, the harder it is to decrypt, and they even go so far as to say that complex passwords with numbers, symbols, and upper and lower-case letters make passwords even less secure.

The reasoning for this is that the user might make passwords too complicated, leading them to forget them entirely, so when it comes time to replace the password, they will add a “1” or an exclamation point at the end. This makes them easier to predict should the original password be stolen. Users might also be tempted to use the same password for multiple accounts, which is a whole other issue that certainly does not aid in security.

No More Password Resets

Many organizations require their staff to periodically change their passwords, mostly every month or every few months. The idea here is to preemptively change passwords on the off chance that the old passwords have been compromised. Trying to use the same old password multiple times would then lock the hacker out of the account, as the password has since been changed. While this has been an accepted best practice for some time, NIST recommends that this practice be put to the wayside, as it is actually counterproductive to account security.

The reasoning behind this determination is that people will not be as careful with the password creation process if they are always making new ones. Plus, when people do change their passwords, they will use the same pattern to remember them. This means that passwords could potentially be compromised even if they have been changed, as a hacker could recognize the pattern and use it against the user.

Make Passwords Easy to Use

Some network administrators worry that the removal of certain quality-of-life features such as showing a password while the user types it or allowing for copy/paste will make the password more likely to be compromised. The truth is the opposite; ease of use does not compromise security, as people are more likely to stick to established password protocol if you make it easier for them to do so.

Don’t Give Out Password Hints

At the same time, you don’t want to make things too easy for your employees, either. One way that administrators help out employees who easily forget passwords is by providing password hints. The system itself is flawed, especially in today’s society of oversharing information across social media and the Internet in general. If Sally makes her password-based around the name of her dog, for example, the hacker might be able to find that information on her social media page, then can try variations of that name until the code is cracked. So, in the interest of network security, it’s better to just forego these hints. There are other ways to make your password system easier to deal with that don’t compromise security.

Limit Password Attempts

When you place a limit on password attempts for your business, what you are essentially doing is giving hackers a limited number of chances to get lucky. NIST suggests that most employees will fall into one of two categories in regard to password remembrance; either they will remember it, or they will keep it stored somewhere (hopefully in a password management system). Thus, if an employee is likely to do one or the other, a limit on password attempts will not necessarily impact them but will make all the difference against security threats.

Implement Multi-Factor Authentication

COMPANYNAME recommends that your business implement multi-factor authentication or two-factor authentication whenever possible. NIST recommends that users be able to demonstrate at least two of the following methods of authentication before they can access an account. They are the following:

  1. “Something you know” (like a password)
  2. “Something you have” (like a mobile device)
  3. “Something you are” (like a face or a fingerprint)

If two of the above are met, then there is sufficient evidence to suggest that the user is supposed to be accessing that account. Consider how much more difficult this makes things for a hacker. Even if they have a password, it is unlikely that they also have physical access to a mobile device, a face, or a fingerprint.

Make password security a priority for your organization now so that you don’t have to worry about data breaches later on down the road. AE Technology Group can help you set up a password manager that makes adhering to these best practices easier. To learn more, reach out to us at (516) 536-5006.

How Old Technology is Actually Recycled

Pile of old computer monitors and keyboards on grass. old technology.

Regardless of how well a new device or gadget works when it is first acquired, they certainly don’t last forever. Eventually, the time comes that your old technology needs to be replaced, leaving you to dispose of it. This requires more than just a quick trip to the dumpster, however. These devices need to be properly recycled, as many contain hazardous materials.

Let’s take a few moments to look at the process that this old and discarded technology undergoes when it has been recycled properly. But first, let’s briefly go over what kinds of devices now count as “e-waste”, and what about them has the potential to be recycled.

What Qualifies as E-Waste?

Effectively, anything that can be described as an electronic device would become e-waste if it were to break. This includes, of course, the computers and laptops, mobile devices, batteries, drives, monitors, and such things that we all rely on today, but it also lumps in our other appliances, things like air conditioners, televisions, kitchen appliances, radios, fans, and such things.

It isn’t uncommon to hear people complain that things “just don’t last as long as they used to.” While the reasons for this is another can of worms that we won’t be opening, this has contributed to a growing amount of e-waste to contend with. Projections from 2019 estimated that over 52 million tons would be produced annually by this year.

Unfortunately, much of this waste is destined for the landfill. Recent data suggests that only about 20 percent of e-waste around the world is reportedly collected and recycled, the rest presumably winding up buried deep in landfills. This is not good.

Why Should Old Technology Be Recycled?

There are numerous reasons that recycling e-waste is a better alternative to utilizing “fresh” raw materials, in a manner of speaking. First off, let’s consider the types of materials we’re talking about here. You have your metals, like:

  • Iron
  • Tin
  • Aluminum

Accompanying those is a small, yet significant, portion of valuable metals, like:

  • Titanium
  • Gold
  • Silver

Finally, there are plenty of other recyclable materials involved in making these components, including:

  • Plastic
  • Glass

You’d be surprised to hear what can be extracted from your devices through the recycling process. Circuit boards contain recoverable materials like tin, copper, and various valuable metals like gold, silver, and palladium. Hard disks contain aluminum that can be repurposed into creating an automobile. Batteries can have their contents recovered to produce new batteries. This helps us make the most of the resources we have already invested so heavily into procuring, and it creates jobs to boot! Someone needs to take on the responsibility of recycling these materials to be used again, after all.

Furthermore, recycling e-waste helps prevent many of the more hazardous materials incorporated into our devices from being introduced into the natural environment, where it could cause some harm.

How is Old Technology Recycled?

As you might imagine, there is no single procedure for recycling e-waste… there’s simply too many different variables to consider in terms of the materials used and how they have been incorporated into the device in question. Despite this, there is a somewhat uniform process that each of these procedures will follow.

Collection and Transportation

After the electronics to be recycled are gathered in an established place, these materials are brought to the recycling facilities that will process it.

Disassembly and Dispensing

The collected electronics are then shredded—in a very literal sense, broken down to pieces small enough to be sorted by hand, unless the nature of the product means it shouldn’t or can’t be broken down—and sorted out by type.

Dusting, Magnetic Separation, and Water Separation

Next, the shreds are spread out and broken down even more, with all dust produced drawn out and safely discarded. Once this is accomplished, magnets are used to pull out the metallic elements from the rest of the waste along with other methods, with water separation used to pull glass and plastics away from one another.

Purification

Finally, any leftover metals are removed from the plastic wastes to ensure that the waste stream remains as pure as possible.

Preparation and Resale

Finally, all the sorted materials are processed back to a more raw state to be reused in the production of new products.

Before You Recycle Your Old Technology

Before you hand off your older computers, laptops, and mobile devices over to be recycled, donated, or any other track where it leaves your possession, you’ll want to make sure that they are properly wiped of any data. This doesn’t just mean deleting files or reinstalling Windows – it needs to be done so thoroughly that there is no chance your sensitive information can get accessed. Old drives can not only contain files, but your web history, passwords, and plenty of other personal information can be pulled, sometimes even if the drive has already been formatted. You’ll want a professional to handle this for you if you aren’t 100 percent positive how to handle it correctly.

Fortunately, we can help! Give us a call at (516) 536-5006 before you get rid of your old technology.

Document Management Delivers These 5 Benefits

document management

Business owners don’t often think about where their documents are stored. They typically have a staff of people who handle that for them. If you want to speed your business up and make it easier to store, search, and retrieve the documents you need, a Document Management System (DMS) might be right for you. Here are five good reasons why moving to document management can surely be a benefit for your business.

Cost of Office Space

Square footage can get pretty expensive. The more physical documents your business needs to store, the more space is taken up storing them. It stands to reason that you wouldn’t want to pay premium prices for a bunch of file cabinets. With a DMS, your staff would simply scan the document and then you can store it anywhere. You can reduce the price you pay in mortgage and rent costs by storing the files you once stored onsite in a place where square footage isn’t quite so expensive, while still having constant access to the digital copy of the file.

File Security

Document management provides a secure system in which to save your documents. Traditional thought would dictate that saving physical files would provide better access control, but with physical security, costs increase dramatically. Any DMS will provide your company the ability to control documents at the folder level, giving you a level of control over your information that’s as good as any a physical security system can provide. Additionally, any documents stored inside a DMS have an associated audit trail, giving administrators the transparency needed to manage system security.

Access and Speed

This is where the DMS starts to pay for itself. The time it takes to file and find physical documents costs businesses a lot of money. According to one industry study, it costs over $20 for businesses to file a single paper document, and if some part of the file management chain fails, those costs increase substantially. A DMS provides fast access to your organization’s documents and the ability to print documents in seconds, saving a lot of capital that could better be spent elsewhere.

Seamless Collaboration

Today, improving collaboration is a key business strategy. Using a solid DMS, sharing information is much easier and far more efficient. You don’t have to send someone to look for a document for half an hour, simply search for it in the DMS and it’s there in seconds.

Improved Compliance

Most businesses have to comply with some type of regulatory standard. By using a DMS to store your documents, your organization can significantly reduce the risks associated with non-compliance, even for the most complex regulations.

Today’s document management systems are more powerful and dynamic than any in the past and can be a huge time and money-saver for your business. To talk to one of our technicians about document management today, call AE Technology Group, a WheelHouse IT company, at (877) 771-2384.

How to Prepare Your Business for the End of Lockdown

how to prepare your business for the end of lockdown

2020 has held many unexpected challenges along with a wealth of opportunities for collaboration and adaptation in the modern business arena. If there’s one lesson the evolving year has for trend savvy business owners, it’s that today’s workplace is ready for anything. Gone are the days of the traditional 9 to 5. A dynamic, fluid model sets the standard for the future with everyone’s focus on a successful reopening. Consider these key tips on how to prepare your business for the end of lockdown.

Devise a Plan

The current health crisis means exercising strategic flexibility as circumstances may change from day to day. Many businesses aren’t rolling out the reopening balloons just yet, but that doesn’t mean we can’t start moving towards a normal work week. A staggered schedule is the perfect next step for returning companies.

Consider which roles necessitate an office presence. These positions should be marked as priority for a gradual reopening. Operating at half capacity or rotating shifts throughout the day is an excellent tool for encouraging social distancing and minimizing a crowded workspace.

Discuss any safety concerns with your key workers and be prepared to accommodate any health or scheduling related anxieties for vulnerable staff. Remember, some of your best teammates may still be playing part-time teacher to their children as well as full time executives! Phasing into a reopening as well as maintaining clear lines of communication with employees, vendors, and clients will ensure everyone knows what to expect by the time the red ribbon is cut and the doors are open on Monday morning.

Be Proactive in Prevention

The best way to ensure a successful reopen and mitigate the chance of future closures is to support your team’s health and wellbeing. It’s a great idea to invest in essential PPE such as masks, hand sanitizer, and plexiglass dividers. Arrange office spaces accordingly, allowing for 6-feet of distance between work stations. They may mean utilizing non-traditional spaces such as conference and break rooms as open workspaces for ongoing collaboration.

Consider implementing varying hours to avoid the 8 a.m. rush or having multiple side doors for entry and exit. Now that travel has resumed (and many of our stressed out parents are in need of a vacation), clearly communicate protocol for out of state excursions such as mandatory 14-day remote work or wearing masks following any long distance travel. Use signage on sinks to remind everyone of the power of hand washing and don’t be afraid to invite your employees to collaborate on ways we as a team can make the office a cleaner, safer environment. Re-engaging your staff is a vital part of the reopening process and a great way to ensure your team feels that their feedback is valuable and timely.

Clients, Vendors, and Training for What’s Ahead

With a staff schedule finalized, the next priority is to alert key contacts of the reopening as well as any potential changes to normal business hours. For vendors, ensure department managers are equipped to communicate their needs and work alongside supplier availability. Many vendors will also be operating under reduced hours so it’s important to schedule deliveries well in advance in order to accommodate any hard and fast deadlines.

Once the technical details have been worked out, it’s time to tell clients that you’re back in business. Remember to keep the tone of all communications positive and encouraging while maintaining a sense of reliability in the midst of COVID-19. Clearly announce any limited hours, state whether masks will be required, and what (if any) services have not yet resumed. Advanced appointment booking and contactless payment are excellent tools for making everyone feel safe while returning to normal. Be sure to spread the message on all digital communications platforms, using email, SEO, and blog announcements to get the word out.

Last but not least, don’t slack on training due to the current health crisis. Technology is more important now than ever for keeping us connected and delivering efficient products and services. Hackers and cyber criminals are quick to take advantage of the growing number of remote workers. Every staff member plays a significant role in ensuring data and confidential information is protected. 

Schedule a virtual meeting to discuss common phishing schemes, particularly those centered around COVID-19 and other recent scams to be aware of, and take a moment to review firewalls and system integrity. Your IT team has you covered as you begin the next phase of your company’s future.

Working Together, Apart: The Office Guide to Social Distancing

social distancing

As many companies move into the next stage of a phased reopening plan, it’s an exciting time to get the team back together and return to business as usual. In the wake of COVID-19 and the new normal, use our office guide to social distancing to adapt, excel, and succeed together.

AE Technology Group is here to support our business clients in a successful reopening with these key tips on creating social distancing in any office space.

Lean, Mean, and Sparkling Clean

Although our offices may be running at half capacity until we slowly transition into a full workplace, there’s never been a greater need for cleanliness. Think beyond the recycling bin and develop a rotating schedule for disinfecting common areas. Frequently disinfect surfaces such as conference room tables, kitchen spaces, and front desks.

Remember that COVID-19 can survive for 24 hours to three days on hard surfaces! Daily cleaning proactively eliminates viral germs before they have time to spread. Divide tasks between in house staff members, bearing in mind flexible schedules as teams continue to increase hours. 

Consider temporarily removing shared coffee stations, microwaves, and community cupboards. As an alternative, treat your staff to a weekly local business luncheon and offer a coffee perk card instead of the traditional water cooler. Not only is this a great way to show your team how valuable they are, but it’s a responsible strategy for minimizing the spread of COVID-19.

Last but not least, please emphasize that everyone — yes, everyone — must wash their hands. 

Personal Space and the No Contact Bubble

Social distancing in the workplace is a simple matter of making the most of any space available. This may entail rearranging desks and cubicles to allow for the appropriate distancing of 6-feet apart. Considering establishing a sign-up sheet for conference rooms and limiting capacity to under ten individuals. Providing masks is a great idea to protect vulnerable workers, as well as utilizing plexiglass and other barriers to avoid direct peer-to-peer or client contact.

Small businesses may need to think outside the cubicle box and “create space” by employing back-to-back or side-to-side stations rather than front-facing ones whenever possible. Another tactic for reducing the number of people each person has contact with is to divide your staff into teams or partners so that each individual only works with 3-5 other individuals.

Provide hand sanitizer at all workstations and minimize shared devices such as phones by encouraging the use of headsets instead. Consider staggering shifts to avoid a crowd during the opening and closing hours. With a little teamwork, your company can enjoy a seamless reopening while doing your part to protect our staff and our clients.

Viruses: Not Just for People

Once you’ve implemented a germ proof social distancing plan, it’s time to take a look at technology considerations while returning to a new normal. Many staff members will likely still be working remotely for some portion of their workweek. Support your team by ensuring your network is encrypted with a strong firewall and confidential client information is well protected. Discourage the use of personal devices such as laptops, tablets, and phones for work purposes as these are often easily compromised and prone to viruses of the digital kind. Instead, assign laptops to each key member along with a list of available IT resources for training, troubleshooting, and more.

Stay connected with seamless all-in-one communication and project management software. Microsoft Teams is the number one choice for collaboration from conference calls to client meetings. Securely access and share files through SharePoint and OneDrive for added efficiency from home or anywhere in the office.

Technology Etiquette

Lastly, remember to be polite and mindful of your co-workers. With many employees working remotely for some time now, a lot of these behaviors may have slipped.

Need a little extra help migrating to a socially distant workspace?

Our experts are here to help with practical strategies for meeting your business’ technology needs and keeping everyone healthy, happy, and ready to crush that 9 to 5 grind.