If your using Microsoft Outlook, (i.e. the ~$250 value product that comes with Microsoft office) and you get an option to 'Try the new Outlook' I strongly suggest you don't do that, if you do you you will possibly lose a LOT of functionality and go from the business grade $250 value product to essentially the free web based version that everyone with a Hotmail or outlook.com email account gets for free. A lot of features will disappear including Outlook add-in utility's and any secondary emails you may have setup.
You can see more detail here on this email from a Microsoft outlook add-in developer.
A number of people have reported receiving a "review document" email.
This email looks like a scam from my perspective and several organisations are reporting that this is the case. (Example https://us.norton.com/blog/online-scams/docusign-phishing-scams)
Don't click on the links in this email, just delete it
Microsoft Office 2013 has moved out of being officially supported this month. That means no more security updates and eventually, Outlook will stop working with office 365 at some point (no indication of when that will be).
If your still running Office 2013 (or older) you need to make a plan to move to a supported version for security sake at least.
Office 2016 is no longer supported after October 2025
People who know about these things are getting a bit worried about the LastPass data breach. If you use LastPass you need to evaluate what action to take.
Late last year a hacker broke into LastPass and stole their entire data vault, that included all your logons and passwords if you use LastPass (or even have an old account that you don't use anymore).
LastPass say that they, and consequently the hackers, don't have access to your logon data because its encrypted and protected by the master password that only you know. They have advised that it would take 'millions of years' to crack open the vaults and get access to your data.
However, as time has gone on, we have been hearing that there are caveats to this and it depends on the length of the master password and some of the default settings that you had setup in LastPass, some of those settings have changed their defaults over time so If you have an older account, you may have less protection. The end result of that is that some online security sites are saying in reference to the 'millions of years' claim that in actuality "it may be a lot less than that!"
Advice is extremely varied about what to do, here are some examples:
Whatever action you decide on, do it soon as the clock is ticking if the hackers are trying to brute force crack the data. Some sites are reporting that LastPass have been very coy about the details including when the data was even stolen and as such how long the hackers may have been working on the data, and some say that general communication about the whole event has been poor which brings about a loss of confidence in the service.
The LastPass notice:
https://blog.lastpass.com/2022/12/notice-of-recent-security-incident/
Some other sites information:
https://www.wired.com/story/lastpass-breach-vaults-password-managers/
https://blog.1password.com/not-in-a-million-years/
Finally, almost all security experts still recommend a password manager for managing your passwords. The general consensus is that having strong complex passwords for all your sites and services that you don't have to remember, all stored within a very secure service, protected by a single unique, strong password still provides the best protection compared to the alternatives.
This blog post has been provided for the benefit of digitalwelcomemat IT customers. Treat this information as informative only and do not take actions or make decisions on the basis of the information contained here. All IT decisions and actions should be made after consultation with your chosen IT professional taking into account all the of the relevant factors.
ACSC (Australian [Government] cyber security centre) are recommending that all business purchase their equivalent domain name to prevent "...to help protect your business from opportunistic cybercriminals" before 20 September 2022.
To help protect your business from opportunistic cybercriminals, the Australian Cyber Security Centre (ACSC) recommends that all Australian businesses with existing domain names register their .au equivalents before 20 September 2022. If a business does not reserve their .au equivalent direct domain name during this six-month period, that name will become available to the public on a first come, first served basis.
Digital pacific is reporting that the pre-order process for new .au domains now open now go here: https://digitalpacificdomains.com.au for details.
If you have reallylongdomainname.com.au this may be your opportunity to purchase imshort.au instead or to secure your business identity and reputation by purchasing mydomainname.au as well as your existing mydomainname.com.au (before your competitors do) I don't know what the allocation process is but I strongly suggest you act quickly if your interested.
In the continuing saga of older "perpetual license" MS office apps accessing Microsoft 365 services here is a good article:
https://www.computerworld.com/article/3569435/microsoft-points-to-october-end-of-support-for-older-office-apps-accessing-365-services.html
"Microsoft has long played with the support of Office applications connecting to Office 365 services. Three years ago, the company said that perpetual-license versions of Office would be able to connect to Microsoft's cloud-based services only during the first half of their 10-year support lifecycle. It set Oct. 13, 2020 as the date when the new policy would take effect."....
......Mcrosoft softened the blow considerably. "We won't take any active measures to block other versions of the Office client, such as Office 2013, from connecting to Office 365 services, but these older clients may encounter performance or reliability issues over time," the Redmond, Wash. developer stated in the support document."
MS is pushing Office *64 bit* version as the default install now for office 365 installs and its creating havoc with many customers. A major software update is meant to be carefully planned and not just forced on us by Microsoft..
If you are looking for maximum compatibility install the 32 bit version of Office (regardless of your Windows version) details here https://digitalwelcomemat.com/index.php/how-to-guides/51-how-to-install-microsoft-office-from-the-web-office-365-version
Tech journalists have been reporting in the last few days that:
"Microsoft is readying multi-session support for Windows 10 [for remote desktop/remote access]
Microsoft looks poised to add a new Multi Session option to Windows 10, likely this fall, which will allow IT to provide multiple users with remote access to desktops/apps without relying on Windows Server [for that role]…"
http://www.zdnet.com/article/microsoft-is-readying-multi-session-support-for-windows-10/
More information as it comes to hand later in the year, at the end of the day its really all about the total licensing cost so we will have to see if there is any real change for business.
Take away message: Find out when your traditional phone services are being cut off due to the NBN and take some action well before then.
"Homes and business have 18 months to migrate to the NBN once it is available to them, after which traditional copper and cable services in the area are severed — cutting off fixed-line phone and internet access."
https://www.nbnco.com.au/learn-about-the-nbn/device-compatibility/services-that-will-be-switched-off.html
You can check your address here (https://www.nbnco.com.au/connect-home.html) and you may see advice similar to as follows:
"The disconnection process for the old phone and internet network in this area is scheduled to begin on July 2018"
You can also find additional information about timing via the Telstra wholesale website which has some downloadable spreadsheets searchable by suburb.
https://www.telstrawholesale.com.au/nbn/nbn-rollout-schedule.html
For some information on what will be turned off the following web sites list services that will be cut of or need to be considered:
https://www.acma.gov.au/Citizen/Phones/Landlines/The-NBN-and-you/phone-and-internet-disconnection-schedule
https://www.finder.com.au/nbn-copper-cut-off
What will be turned off?
"As well as phone and Internet, it's important to consider other services running off the old copper-based network that will be affected after the switch-off date. These include:"
Of most concern for most businesses is the phone lines and existing phone system. Note that you almost universally do NOT need to purchase a new phone system or sign a new contract with Telstra to maintain your lines regardless of what Telstra the sales people may tell you. In fact with the Telstra demotion from network owner and maintainer to "Just another player in the marketplace" I would suggest that Telstra may not be the best provider for phone line services going forward (mobile services excluded from that statement).
Once the NBN has rolled out and your phone lines have been converted, phone calls will be made over the internet. In reality you should not notice any difference you can typically use the same phones or phone system that you have now.
For your existing phone system (PABX) you will need to look at getting a SIP gateway device, which is similar to a set-top box when we moved from analogue to digital TV. Once you have this in place, the new phone lines connected, and the number(s) transferred over. Your old phone system should be able to make and receive calls just as you always have but using SIP or Voice Over IP (VoIP) as the underlying technology.
If you do need or want a new phone system for whatever reason a more sensible approach to replacing a system where the concept hasn't really changed much since the 1970's, is a virtual PABX. There are a number of significant benefits to this and it will probably work out a *lot* less expensive upfront and ongoing.
I will be contacting all of my customers individually to discuss this further.
This blog post has been provided for the benefit of digitalwelcomemat IT customers.
Treat this information as informative only and do not take actions or make decisions on the basis of the information contained here. All IT decisions and actions should be made after consultation with your chosen IT professional taking into account all the of the relevant factors.
The Windows 10 Fall creators update is available now if you don't want to wait for the staged automated install .
For a single PC just go to the following web site and click "update now". If you have multiple PCs you can also create an install disk either on USB or ready to burn to DVD.
https://www.microsoft.com/en-us/software-download/windows10
This will need to be done from an administrative account and I suggest you plan to let it run overnight. As always make sure you have good backups if you store data on the PC that's getting updated.
When you log on to work remotely and your connection speed is 34 times faster than it was yesterday you know its going to be a good day...
Good quality 100/40 speed FTTN NBN is a wonderful thing even if you are a long way out of a metro area. (Exetel in this case)
Over the weekend, news broke of a new ransomware threat called WannaCryptor.
WannaCryptor is a worm that was developed thanks to the release of a hacking tool developed by the US NSA in the called EternalBlue.
If you PC becomes infected, normally by one of the common methods, opening an infected email, an infected USB disk, or an infected website the worm will infect any PC on the network that does not have the appropriate security patch installed. The end result is that all your files will be encrypted and you will have to undertake a massive clean-up and restore from backup or consider dealing with the ransomware creator (with no guarantee of getting your files back).
Microsoft patched that vulnerability in March this year in supported systems. But PC's and servers that are not patched either automatically or manually will be vulnerable including (and of particular concern) is always those operating systems that are no longer supported. Microsoft has released a one-time update for Windows XP, Server 2003, and Windows 8 even though these operating systems are no longer supported and are in most cases well over 10 years old: https://blogs.technet.microsoft.com/msrc/2017/05/12/customer-guidance-for-wannacrypt-attacks/
Nod32/Eset antivirus provider have provided this brief statement: "ESET products can detect and block this malware" (http://support.eset.com/alert6442/) However, there will be new variants released over the coming weeks so you should have multiple layers of protection.
The usual security precautions apply to try to prevent getting this (or any other) virus or malware:
Microsoft had a big product launch in the US overnight I haven't had time to fully digest it yet but here are some of the highlights:
[Updated 26/05/17 this still works]
Reportedly you can still get a Windows 7 (or 8) - Windows 10 free upgrade the following way:
(Requires **erasing your PC** and some advanced knowledge of boot selection and install procedures, only for power users and make your own investigations before attempting this)
I expect this opportunity will only be for a limited time MAKE YOUR OWN INVESTIGATIONS BEFORE ATTEMPTING THIS.
THIS INFORMATION PROVIDED WITHOUT WARRANTY OR OFFER OF FREE SUPPORT.
A number of sources in the media are reporting a bogus email purporting to come from AGL Energy that contains malware. This malware typically installs some type of ransomware on your computer that will encrypt all the data files that it has access to (including network shares) and demand a ransom before they [promise to] unlock them.
It's been reported that this has affected over 10,000 Australians in a week. Here are some links for more information:
So "I guess", be on the lookout for this one however that's in some ways a bad approach. Being on the lookout for an AGL email when the same thing has been coming from emails purporting to be from Australia post, DHL, Telstra and others for some time now isn't very effective. A better approach is to be careful with ALL emails and have the proper prevention and mitigation strategies in place.
Here are three things you can do as a starting point:
Bonus point:
(for your information I can recommend that dedicated antispam product for about $3.50 per user per month)
This blog post has been provided for the benefit of digitalwelcomemat IT customers. Treat this information as informative only and do not take actions or make decisions on the basis of the information contained here. All IT decisions and actions should be made after consultation with your chosen IT professional taking into account all the of the relevant factors.
Q: Now that I have Windows 10 can I stop it from updating at the most inopportune times?
A: Yes and no, go to start -> settings -> "update & security" -> "Windows update" -> advanced options -> defer updates
This will defer them for a while but does not affect security updates:
"Defer upgrades in Windows 10 - Some Windows 10 editions let you defer upgrades to your PC. When you defer upgrades, new Windows features won't be downloaded or installed for several months. Deferring upgrades doesn't affect security updates. Note that deferring upgrades will prevent you from getting the latest Windows features as soon as they're available.
http://windows.microsoft.com/en-au/windows-10/defer-upgrades-in-windows-10
However that's probably not want you are after. The intended approach is to leave the PC *on* overnight but *not* logged in same way Windows has handled updates for years. That way it will handle all that stuff overnight when you are not using it and restart around 3am - 4am if needed. This would require sleep setting to be set appropriately (I always recommend that sleep is turned off on PC's and laptops anyway), bear in mind that with a Windows tablet that's probably not feasible.
One of the big changes that Microsoft made in windows 10 is that it WILL do its updates eventually regardless, its created a bit of angst within the industry but the problem they were facing is that people never allowed Windows to update (mostly by turning the PC off overnight every night) and as such Windows didn't get the security fixes and PC's were often vulnerable to the bad guys long after Microsoft had released the patch.
There are a couple of ways of "hacking" this so that it won't do updates unless you manually force it, but for the reasons above it's not recommend because you really want to get the security fixes without manual intervention.
Consider leaving your laptops and desktop PC's on overnight (and logged out) or at least over "a" night during the week.
Interesting article from ZDNet. This is why I prefer a company specified and IT retained password for small organizations. It also means that IT support work can be done outside business hours so as not to impact on staff productivity:
Forcing users to change their passwords may do more harm than good: (ZDNet) http://www.zdnet.com/article/forcing-users-to-change-their-passwords-may-do-more-harm-than-good/
Further, Cranor notes that "There is also evidence from interview and survey studies to suggest that users who know they will have to change their password do not choose strong passwords to begin with and are more likely to write their passwords down."
digitalwelcomemat now has a blog!
Subscribe for the news as it happens, call me for support on 0404 493 770 or access my remote support solution here: http://help.digitalwelcomemat.com/
Digitalwelcomemat provides IT consultancy and services for business customers on the NSW Central Coast in Australia.
Give me a call: 0404 493770