Archive for May 7, 2020

After Work-From-Home: 3 Biggest Tech Woes Coming For Businesses

Posted in Commentary with tags on May 7, 2020 by itnerd

As coronavirus-related work-from-home restrictions are lifted, some companies and government agencies are going to be staring down major tech woes as they try to deal with the flood of hardware and software that flowed home with workers. But the International Association of IT Asset Managers (IAITAM) encouraged organizations to also look at the process as an opportunity to put solutions in place for hardware and software.


CHALLENGE #1 – Figuring out what stays … and what goes. Many organizations have assets that just sat unused during the work-from-home period. Offices closed due to stay-home orders purchased a large amount of new hardware that will lead to stuffed tech closets. Technology depreciates rapidly. The longer an asset sits on a shelf, the less it is worth. Take stock of what you really need … and don’t need … and pare away the excess.

SOLUTION #1 – “Spring clean” your tech, be a good corporate citizen, and get a tax write-off in the process. There are several ways an organization can remove assets from their environment that does not involve destroying them or shipping them to a dump site in Asia. Charities are a major avenue right now for organizations. Many schools and children’s programs have been forced to shift to online classes. By donating unused assets to a charity/education program (that will repurpose devices for those who are in need) organizations can have an impact on society. Additionally, the value of an asset can be deducted from the tax burden of the organization and affect bottom line budgets in two ways: recouping capital expenses and reducing operational overhead. Organizations taking this route must remain diligent in their data security and data sanitization standards. In addition to charities, there are companies like PlanITROI that provide the same kind of services. 

CHALLENGE #2 – Getting all that new hardware and software back to the office.  When they were scrambling to equip work-from-home employees with needed assets to get their work done, the last thing many organizations thought about was how it would all come back to the office. End users who were sent home with corporate assets did so with the intent of being able to work remotely. Some end users took this as an opportunity to quarantine themselves with family and loved ones they are unable to see as often as they would like. While the intent is that an employee would have stayed local, there was no guarantee. As such, these mobile assets may have become significantly more mobile than initially anticipated.  Now, everything must be fully accounted for and integrated into the office environment.

SOLUTION #2 – Leverage door-to-door services for tech.  From the demands of the current working environment many organizations rose to answer the call for remote device pickup. Some highly mature ITAD service providers already had door-to-door pickup services in place before the coronavirus pandemic started. As the need for this service grew, more disposal companies followed suit, including it in their service offerings. Organizations can leverage these services to easily gather remote assets and bring them into one centralized location for tagging, identification, assessment, data protection, due diligence, etc. It does not get much easier than having all of an organization’s remote assets shipped right to the loading bay doors. 

CHALLENGE #3 – Dealing with often too-expensive tech hardware that you don’t need any more.  Organizations around the world placed an unprecedented demand on hardware technology manufacturers when the new working environment transition occurred. Stores were out of stock on many popular items, and organizations were left with purchasing whatever was available at that moment. Due to this, many organizations purchased non-standard assets that were significantly over budget and/or “over-powered” for the roles to which they were assigned. 

SOLUTION #3 – Sell now while demand is still high and supply remains low. A monumental opportunity exists for organizations to identify how to recoup expenses on excess computer purchases … and to do so as fully as possible. Companies and agencies that find a way to sell their assets back while demand is still high, stand to gain back most of their expense.  Particularly nimble and savvy organizations might even turn a profit!  Proper asset disposal will need to be practiced in order to avoid an inadvertent leak of what could be sensitive employee, company, or client data.

IAITAM President and CEO Dr. Barbara Rembiesa recently went on camera to share more about the unique opportunities available to businesses coming out of this crisis.

An Update To Apple’s Lack Of A Security Patch To Solve Two Serious iOS Security Issues

Posted in Commentary with tags on May 7, 2020 by itnerd

You might recall that I’ve recently written about a pair of security issues that exist in iOS, and that came to light in the last couple of weeks. Here’s a quick recap:

Once these security issues were made public, Apple promised that an emergency patch would be released last week to address the Messages bug at the very least. But that didn’t happen. And there was no comment from Apple in regards to that. Not that I am shocked by that as Apple isn’t the type of company that displays transparency.

But I do have an update on this that may partially explain this situation. YouTube tech content creator Aaron Zollo posted a video yesterday commenting on the new features of iOS 13.5 Beta 4. The interesting part of the video is 3:00 into the video below where it is confirmed via an email to one of Zollo’s followers from Craig Federighi who is the SVP of Software Engineering at Apple that the Messages bug is fixed.

That’s nice. but there’s no word on if the Apple Mail exploit is fixed. But at least something will eventually be released to fix the Messages issue.

Here’s the problem with this. The optics of this suck. It makes Apple look like it doesn’t take security of its users seriously. And that leaves their users wide open to bad stuff potentially happening to them. As well as leaving a bad taste in their users mouths. Take this person who left a comment on this blog post:

And the fact that this is the same company that makes a $1000 USD monitor stand, or wheels for a computer that cost $700 USD doesn’t help matters. The fact is that Apple isn’t doing itself any favors by not being open and upfront about these issues. They as a company need to be far more transparent when it comes to stuff like this, otherwise they’ll have lots of frustrated customers like the one above who will decide not to buy their products. And if that happens en masse, I would not want to be Tim Cook trying to explain that to Apple shareholders.

HP Canada Partners With Federal Government To Supply 540,000 3D Printed Face Shields

Posted in Commentary with tags on May 7, 2020 by itnerd

As Canada seeks support from partners nationally and abroad to establish a stable supply of much needed personal protective equipment (PPE), HP recently announced their partnership with the federal government to supply 540,000 3DP face shields in an effort to help battle the COVID-19 pandemic. This partnership marks the largest coordinated effort to establish a domestic supply chain for critical PPE at this scale. The face shields have been approved by Health Canada. 

HP Canada and its Digital Manufacturing Partner Network are mobilizing their 3D printing teams, technology, experience, and production capacity to fulfil the growing demand for supplies.

Just under a dozen small and medium businesses who specialize in 3D Printing across the country are using HP’s industry-leading 3D printing technology to manufacture face shields for Canada’s front-line workers that began shipping out last week.

BREAKING: Google Backed Sidewalk Labs Is Abandoning Plans To Build A Smart Neighborhood In Toronto

Posted in Commentary with tags on May 7, 2020 by itnerd

You might recall that a Google backed company named Sidewalk Labs was planning to build a smart neighborhood in Toronto called Quayside. Which in turn set off all sorts of privacy related alarm bells. Including from yours truly. Well, news is breaking that this project is now being abandoned:

For the last two-and-a-half years, we have been passionate about making Quayside happen — indeed, we have invested time, people, and resources in Toronto, including opening a 30-person office on the waterfront. But as unprecedented economic uncertainty has set in around the world and in the Toronto real estate market, it has become too difficult to make the 12-acre project financially viable without sacrificing core parts of the plan we had developed together with Waterfront Toronto to build a truly inclusive, sustainable community. And so, after a great deal of deliberation, we concluded that it no longer made sense to proceed with the Quayside project, and let Waterfront Toronto know yesterday.

While we won’t be pursuing this particular project, the current health emergency makes us feel even more strongly about the importance of reimagining cities for the future. I believe that the ideas we have developed over the last two-and-a-half years will represent a meaningful contribution to the work of tackling big urban problems, particularly in the areas of affordability and sustainability. This is a vital societal endeavor, and Sidewalk Labs will continue our work to contribute to it.

Now there’s no mention of any of the privacy related issues that have dogged this project. But you have to think that this factors into the decision to deep six this project. I am sure that all the facts will come out in the hours and days ahead. And when they do, you’ll see it here. But I for one am happy that this project is not proceeding as I simply don’t trust Google to manage the data that this project would generate.

Zoom Acquires Keybase

Posted in Commentary with tags on May 7, 2020 by itnerd

Zoom and Keybase today announced that Zoom has acquired Keybase, a secure messaging and file-sharing service. The acquisition of this exceptional team of security and encryption engineers will accelerate Zoom’s plan to build end-to-end encryption that can reach current Zoom scalability. 

As members of Zoom’s security engineering function, the Keybase team will provide important contributions to Zoom’s 90-day plan to proactively identify, address, and enhance the security and privacy capabilities of its platform. Max Krohn, Keybase.io co-founder and developer will lead the Zoom security engineering team, reporting directly to Eric S. Yuan, CEO of Zoom. Leaders from Zoom and Keybase will work together to determine the future of the Keybase product. The terms of the transaction were not disclosed. 

Visit the Zoom blog for more details on the plans for building the end-to-end encryption offering. 

ESET Asks If Passwords Are Becoming Obsolete?

Posted in Commentary with tags on May 7, 2020 by itnerd

A minimum number of characters, mix of letters and numbers and must include a symbol.

Sometimes, it seems like it can be a Herculean task just to come up with a unique password, never mind having to remember it — and all of the other passwords you are asked to use to protect not only your devices but also all of the websites and online services you may use that require inputting sensitive personal information. But with the way technology is progressing, may experts are starting to question whether passwords may becoming obsolete, and if still need them at all.

Online vulnerabilities have amplified during the current COVID-19 pandemic. More of our business is being done online and much of interaction with others is happening on a digital pathway. In early April, the popular conferencing platform Zoom revealed that half a million stolen passwords were up for sale on the dark web, and phishing scams have increased exponentially.

Passwords are the key to keeping digital lives secure, and yet they’re not very secure by themselves. Without a password manager or two-factor authentication, it is relatively easy for hackers to crack people’s passwords, not least because “123456,” “qwerty” and “password” are still some of the most commonly used passwords across the globe.

It is now pretty commonplace to open your phone with your fingerprint or your face, and soon, biometric identification might be the norm for accessing all kinds of personal data. Since 2015, Google has worked to limit both the use of and the need for passwords in Android phones. Microsoft, too, launched its own alternatives, introducing a biometric login system in order to avoid the need for conventional passwords. The fight against our overreliance on passwords even has an open industry body backing the cause – The FIDO Alliance, which includes member companies such as Google, Facebook, PayPal, Visa and Amazon.

The technology to replace passwords exists, yet adoption has been slow. Despite some companies like Dropbox adopting this form of user identification, it has been used as a second layer of security for passwords, when it was really intended to be the first line of defense. 

While it is unlikely that we’ll see passwords completely disappear anytime soon, they may begin to take a backseat to more secure forms of identification, just as you can still use your PIN to open your phone if your fingerprint or face doesn’t register. In the meantime, there is no excuse to slack off on password safety!

Ensure you’re using strong passwords and invest in a password manager for both yourself and your business, such as ESET Password Manager. While recovering a personal password might not be too difficult, accidentally compromising business data can be much trickier to recover from. This World Password Day, take a moment to review your own password protections – it just might save you a lot of hassle down the track!

For more tips about password safety, please visit: www.welivesecurity.com