We’re receiving calls from our cybersecurity customers when the IT Team discovers that ordinary users have given third-party applications access to all their organization’s files, email messages, calendar events, Teams chats and channels, and other data.

How can ordinary users have that much power?

By default.

Situation: This configuration affects most companies. While the default settings for your Microsoft 365 system allow your users to approve third-party access, Microsoft recommends the following more restrictive settings to increase security.

The Risk: Without this setting, workers may override protections without oversight and allow any application to access your company data, create and delete files in SharePoint and OneDrive, read and send email messages, edit calendar events, access and modify Teams chats and channels, update user profile information, and perform other tasks. While some applications might need this level of access, it must be granted only after the appropriate authorities, including your IT Team, thoroughly consider it.

Reality Check: This setting catches many IT Teams by surprise. Microsoft is updating its security controls quickly, and it is nearly impossible for IT Teams to keep up with the changes. And when defaults promote ease-of-use over security, like this one, your systems can become at risk quickly without the team realizing it. Know that your IT Team’s level of expertise can be excellent, and situations like this sneak up on them anyway.

Urgent Quick Verification: Your IT Team can quickly access the Microsoft Entra admin center > Enterprise applications > Consent and permissions > User consent settings. There are three options:

• “Do not allow user consent.”
• “Allow user consent for apps from verified publishers, for selected permissions.”
• “Allow user consent for all apps” (the current risky default value)

Update If Necessary: Microsoft recommends you select “Allow user consent for apps from verified publishers, for selected permissions.” Different organizations have different data access needs. Your IT and compliance teams must determine the appropriate level for your situation. Smaller organizations might choose the first option if they don’t want users to expose data to third-party applications without checking with the IT team. Larger organizations with more complex needs often prefer the middle option with careful permission management to take some of the workload off busy IT professionals while providing protection.

Next Step: Your Administrators will also need to specify which permissions are low-impact, as detailed in Microsoft’s article “Overview of user and admin consent.”

Facilitate the Approval Process: Your team can optionally set up an admin consent workflow that users must follow when they want to provide permissions.

Forward this to your friends who are executives at other organizations so they can give their teams this heads-up, too.

The post Executives – Any User Can Accidentally Expose All Your Data Unless IT Changes This Default Setting appeared first on Foster Institute.

To combat this, Apple’s iOS 17.3 introduces “Stolen Device Protection”. Here’s why activating it is crucial:

1. Face ID/Touch ID Requirement: Your iPhone will require your Face ID or Touch ID to turn off lost mode or erase the phone.
2. Time-Delay Security: Changes to your Apple ID password, iPhone passcode, and key settings now have a one-hour delay.

Settings for Theft Protection:

• Quick Tip to find specific settings: Open Settings, swipe down slightly, and use the search box that appears at the top. You will find all of the settings in bold text by searching in Settings:
• Software Update: iOS 17.3 enables Stolen Device Protection.*
• Backup: Check your backup status by searching for Backup in Settings.
• Use Face ID or Touch ID so potential thieves won’t see you enter your passcode.
• Activate Stolen Device Protection:This is the new setting that spurred me to write this blog for you
  
• Ensure “Find My” is enabled on Apple devices. Use iCloud.com/find or the Find My app to be sure tracking works.

Other Essential Steps:

• Have alternate login methods for resetting passwords for apps and websites that use multi-factor and two-step logins.
• If you use authentication apps, ensure you configure ways to generate codes or recover keys if you lose or erase your phone.

If Your Phone is Stolen:

• Act Fast: Use iCloud.com/find or the Find My app to enable “lost mode” and track your phone.
• Consider Carrier Notification: They can disable phone calls and cellular data but might limit Find My functionality.
• Device Erasure: If you have backups, and ways to recover keys in authentication apps, use Find My to erase your device to help prevent data access.
• Password Resets: If not erasing your phone, consider resetting passwords for critical accounts if passwords are stored on the phone or if apps login automatically.

As always, threat actors will seek ways to bypass this protection. As of now, this feature is a huge leap forward to protect an iPhone and iPad from thieves who see the passcode. Congratulations, and thank you, Apple!

*If your phone or tablet is too old to update to iOS version 17.3 or newer, see https://fosterinstitute.com/be-prepared-know-the-impact-of-iphone-theft-and-what-to-do-right-now/. for recommendations.

Note: Testing the Stolen Device Protection feature at home may not work, as Apple devices might waive the strict requirements in familiar locations like home or work. You can read all of the details about Apple Stolen Device Protection for iPhone here: https://support.apple.com/en-us/HT212510

Subscribe to maximize your executive potential with Foster Institute’s E-Savvy Newsletter, packed with practical IT security solutions and actionable strategies for success: https://fosterinstitute.com/e-savvy-newsletter/

Disclaimer: The information provided in this blog is for general informational purposes only. Technology changes constantly, and some of this information might become obsolete or incorrect. We do not endorse or receive compensation for mentioning products, services, or brand names. Any outbound links provided are for your convenience and to get you started, but we cannot guarantee the security or safety of those external websites. Conducting your research and making an informed decision about any products or services mentioned here is essential. We shall not be held responsible for any actions taken based on the information provided.

The post Safeguard Your Apple iPhones and iPads: Activate the Latest Theft Protection Setting Now! appeared first on Foster Institute.

At a client’s office this week, one of the IT Professionals had an interesting idea. He can configure two-step logon to contact him, not the consultant, for login verification.

If you configure this at your office, here is how it would work: First, the consultant would enter their username and password to login to your network. Then, an app on your smartphone would indicate that the outsourced consultant is trying to gain access. Then, you will be able to choose to allow or deny the consultant’s login attempt.

This IT Professional wants to know, in real-time, when someone is attempting to log on to his network. If you use this arrangement, you will have the capability to permit them or deny them access each and every time.

It is an interesting idea.

The post A Way to Control Consultant Access – Every Time appeared first on Foster Institute.

Microsoft presents the feature to users saying, “Download apps and OS updates from multiple sources to get them more quickly”.

Think about it and it sort of makes sense. Rather than every computer on the planet having to go to Microsoft’s servers to download patches and apps, Windows 10 computers can reach out to other Windows 10 computers and obtain the patch from them. This helps prevent Microsoft’s servers from becoming overloaded, and can allow your computer to receive patches and apps sooner. Ultimately, this can even reduce the amount of traffic flowing on the Internet in general.

Microsoft has built in strong security – though security can be broken.

Microsoft does their best not to use your computer to deliver patches if you are connected to the Internet using a mobile hotspot – helping you avoid unexpected data charges. You can also specify what Wi-Fi connections are charged as metered networks.

One concern is that, if your computer is being used to deliver updates, your Internet connection may slow down. Or, perhaps you don’t want your computer to be, what some users may feel is, a zombie for Microsoft to use as part of their patch delivery mechanism.

How to turn this feature off in Windows 10: Go to the Start button icon, choose Settings > Update & Security > Windows Update > Advanced Options. You can choose to not participate, or to select either PCs on your local network only, or PCs on your local network and PCs on the Internet”

Please help spread the word and forward this newsletter on to those you care about!

The post Microsoft Using Your Computer To Deliver Software appeared first on Foster Institute.

Please forward this to anyone you know who might have purchased a Lenovo computer – laptops included.

The post Lenovo Computers Infected appeared first on Foster Institute.

To restore from a recent backup. Be sure to remove the infection prior to restoring your data.

If you discover you cannot restore your files to a satisfactory level, there is an online tool designed to help you obtain the key to unlock your files. The tool is here: https://www.decryptcryptolocker.com/. I’ve not vetted the tool, nor am I suggesting that you use it. If you are in a situation where you feel you have no other option, you may want to give it a try. The tool is created and maintained by some very reputable security companies: Fire Eye and Fox-IT.

Be safe – avoid getting infected with Ransomware by practicing excellent IT security – even at home.

Be sure to test your backups to be sure you can restore if you need to!

Please post your comments below…

The post A Possible Solution for Ransomware appeared first on Foster Institute.

Visit, or be sure your IT Pro visits, Adobe Flash Player to see what version of flash is installed. The page shows what version is installed on your browser, and shows the most recent version. Visit that site in each of your browsers to be sure they all have the latest version of Flash.

Thank you for helping keep the world a safer place to work and live!

Please post your comments below…

The post Get Attacked in a Flash appeared first on Foster Institute.

SDN: Software Defined Networking. This new technology is a sweeping change that organizations, such as yours, need to consider as a future direction. It is game changing and so simple.

You’ll save money, alleviate a lot of networking issues, increase security, and more.

At the very least, suggest that your IT professional, professionals, and/or third party firm look into this technology.

If you want to learn more, here is a short story intended to introduce the technology in plain English:

Meet the star of the story: Paul the pilot. He flies the newest passenger jets of your favorite airline.

Now, you become a part of the story. Imagine you paying an IT Professional to build a modern airport for your company using the latest technology. Think of Atlanta, DFW, Chicago, or the airport of your choice. The IT Pro creates a network of runways and taxiways for you.

When Paul lands safely at your airport, like at all airports, he uses the runways and taxiways to travel a dot-to-dot path from the runway to the terminal.

The way things work now: Imagine taking all the air-traffic controllers and placing them at intersections around the airport’s field. Then take away everybody’s radios and add fog so thick that nobody can see each other. There is your network! A disaster that is happening!

With this system, imagine this: A plane lands and then, at the end of the runway, there
is an aircraft controller standing on the runway that asks, “Where are you headed?”

Paul steps on the brakes, rolls down the cockpit window and says, “I need to get to Gate 23.” The controller has to think for a moment, then points to one of the taxiways and says, “Drive your plane that way!” Paul does as instructed.

After scooting down the taxiway for a while, Paul encounters another air traffic controller who reviews a table of best routes, and then points Paul towards the next step of the journey. This goes on, through all the intersections along the route, all the way to the terminal. Paul just cannot help it; he starts humming, “Do you know the way to SJO… (San Jose in the Caribbean)

Now think of dozens and dozens of aircraft moving along the taxiways and runways, slamming on the brakes, honking the airplane horns, traffic jams, and the inevitable crashes. No way, San Jose.

In this analogy, the airplanes represent packets of data. Imagine that Paul the pilot comes from (the) cloud, into your (network of) runways and taxiways, and eventually arrives at a (computer) terminal. In a similar fashion, he can leave the terminal, travel your network, and go back into the cloud, or at least into your file server.

Companies such as Cisco, D-Link, HP, Juniper, NETGEAR, etc. design, build, and sell these traffic controllers. Those switches and routers are expensive because each one has to be intelligent enough to know where next to send each data packet. They have to have good memories in order to remember where to route airplanes for best results. In addition, they are usually uncoordinated with the other devices on your network.

When a user connects to your network with their computer, an iPhone, or some other device, their information travels through your network cables of taxiways and runways to and from your servers, other computers, and the Internet cloud.

With this existing system, when someone starts listening to Internet music for peace of mind, it bogs down the whole network. Nobody notices the hacker or virus that is methodically looking for holes in your security by peeking into every computer on your network.

To top it all off, you pay lots of money for this archaic system! Drawbacks of this system, the one you use now, abound.

This is the happy conclusion: You, all the wiser after reading this story, tell your IT Pro to investigate the implementation of SDN: Software Defined Networking.

Then your wise IT Pro will move all the traffic controllers to a control tower, lift the fog so it is a bright sunny day, and provide radio communications so everybody can function as a team. Teamwork between your network devices is like striking oil! Synergy that is.

The key to all of this is the controller. The controller watches the traffic and tells the devices on the network what to do. Every step of the way, there is a signal that tells Paul where to steer next.

Faster – If Paul is carrying lots of music, then because music uses a great deal of data, he is directed to a special taxiway for music.

Prioritize Data – If a passenger is not feeling well, Paul gets priority and is expedited to the gate to provide a high quality of service (QOS).

Security – If there is an unruly passenger aboard, called a hi-hacker, Paul is directed to pull over so that the local S.W.A.T. team can storm the plane.

Save Money – Cisco, and other vendors may not like it, but your switches and routers
become inexpensive because they no longer have to be “intelligent.” They are generic, can be any brand, just as long as they listen to the controller.

Coordination – the seventh habit of successful people! Your devices now listen to an intelligent controller that has a clear view of all of the planes in the airport and can make things work right.

From an IT Pro point of view, this is perhaps oversimplified, but for an executive – I hope you found this very useful for understanding the next step in networking technology – and why you need to be planning for Software Defined Networking.

If you want to speak a little Geek, tell your IT Pros, who may already know all about this: The data pathways (the runways and taxiways) make up the Data Plane. The controller communication travels on the Control Plane using a protocol such as OpenFlow to send out instructions to the Forwarding Plane that contains routing information.

Moreover, all of those signals travel across the regular network connections that are in place now.

Are your IT Pros are aware of the emerging technology called Software Defined Networking?

Please post your comments below…

The post Know About this IT Networking Strategy Change appeared first on Foster Institute.

The secret is to use Windows 8 but make it look like you are using Windows 7. Everybody’s happy, you have the huge power, speed, and security of Windows 8. Maybe nobody will ever know you upgraded.

Be sure to have your IT pro go into that “tiled interface” one time, right-click the programs you want to use, and choose “pin to taskbar.”

Remember to ask your IT Pro to start by upgrading one computer to Windows 8, iron out any bugs – and there may be no bugs, and then your IT Pro can upgrade the rest of your machines.

Use this tip to reduce the resistance your users may have about moving from Windows 7 to Windows 8.

Please post your comments below…

The post Use Windows 7 with Windows 8’s Benefits appeared first on Foster Institute.

The reality is that you can have, contrary to what some people believe, both security and productivity at the same time.

Enforcing security policies that dictate strong passwords is a common problem and sometimes results in, understandably, executives responding something like, “That will make our salespeople angry and we can’t afford to slow down their workflow!  Let’s leave the passwords restrictions the way they are.”  As a result, some companies still allow two letter passwords that never have to be changed. Attackers love that!

The IT professionals are right about security being important. But the executives “have the final say.”

Sometimes the key is to discuss changes with the executives that meet two criteria:  First, the change will improve security, and second, the users may not even notice the change.

Here’s a common problem: Putting productivity too far ahead of security such that security gets nearly wiped out.

Password restrictions are a change that most users will notice. Hence, IT professionals may receive a great deal of push-back from users, including executives if the password restrictions have been lax for a long time.

However, users will never notice many, in fact the majority, of security settings.  An example may be, as long as your users aren’t  used to installing their own programs (which is a bad idea anyway), is making users “just plain users” on their own machine rather than having, (the most common way), users being something called “local administrators.”

That modification alone can make enormous improvements in security because it is more difficult for attackers to “trick users into installing viruses on their machines” since users can’t install anything on their machines anyway. And maybe the users won’t notice anyway.

The real issue: It is your role to talk with your IT professionals and ask them, “Are you implementing the protections that users won’t notice anyway?”.

Stay tuned for more about “What to ask your IT Professionals” so that you know the right questions to ask.

Please forward this to your friends and post your comments below…

The post Adding Security Makes Systems Unusable! appeared first on Foster Institute.