Researchers at the University of Washington are trying to store small amounts of data on smart fabrics.  These magnetized garments would be readable by a magnetometer and not need any electronics or batteries to function.  This would be useful for invisibly labeling items or using clothing or accessories in place of a password or key card.

While connected textiles have been around for years, they haven’t yet made it to the mainstream.  Some reasons include high prices, limited functionality, and durability; not to mention lack of precision with things such as gloves for smart phones.

Soon, though, you might be able to buy ties, belts, and bracelets that may be programmed to help you open doors, unlock phones, or give you access to your laptop.  And you can bet when these new gadgets become mainstream in the workplace, Optfinity will be there to assist our clients manage their usage, security, and updates.

In December 2015 (2 years ago), DFARS 225.204-7012 required DoD contractors to implement NIST 800-171 “as soon as practical, but not later than December 31, 2017.  That is this month!   This deadline is now less than 30 days away, and many contractors are not complaint.  What is worse, is that many have not taken steps to begin to comply, putting their business at risk.

There is a lot of debate over what is and what is not Controlled Unclassified Information (CUI), and many small businesses think they do not have to comply because they are subcontractors, or they think they don’t hold any CUI.  However, the problem is that the big, multi-billion dollar DoD prime contractors (you know who they are) are not taking ANY chances with NIST 800-171 at all.  If you are a government contractor and you fall anywhere within the DoD supply chain, you need to comply with NIST 800-171.

For more information on compliance and what you can do from a technology perspective, please contact us at OptfinITy.

It’s the Holiday Season once again, but remember it is also a holiday for the bad guys as well, but not in the way you might think. Hackers go into scam-overdrive mode during this time of the year to prey on the heavy shopping done by consumers. This time of year is the busiest for on-line shopping and scammers are out to get rich off of your money. So what should you look out for?

There are too-good-to-be-true coupons that offer free or discounted phones, tablets, and countless other cool items all over websites and social media; don’t fall for them! Make sure the offers are from a legitimate company. While you’re at it, watch out for alerts via email or text informing you that you just received a package from FedEx, UPS or the US Mail.  These notifications will then ask you for some personal information; don’t be fooled into giving them anything!

The price of security, especially now, is constant alertness and willingness to fight back. Remember to only use credit cards online, never debit cards, as your liability is limited with a credit card and the money does not come straight out of your bank account. Be super-wary of spam email with crazy good BUY NOW offers and anything which looks slightly “off”.  Remember, if it seems too good to be true, it probably is.  And if you’re still wanting to take advantage of that offer, double check with the company directly.

If you think you might have been scammed, stay calm and call your credit card company right away, nix that card, and get a new one.  It is always better to be safe than sorry.

Most of us have been using wireless networks (Wi-fi) daily for years, but you may not know that every one of your wireless devices is currently at risk of being hijacked. Wireless networks previously used a protocol known as WEP, which was insecure, resulting in the creation of WPA2. WPA2 was supposed to protect networks and devices, but we’ve now learned of a new vulnerability nicknamed “KRACK”, which is short for Key Reinstallation Attack.

What KRACK does is it allows hackers to eavesdrop on any compromised network traffic. For this to work, the hacker needs to be within physical range of a device and they can decrypt network traffic, hijack connections, and inject content into the traffic stream. This means you are not threatened by an overseas hacker but, instead, by someone who could be sitting next to you at a Starbucks or outside your office window.

The good news is the connection between you and your bank (and other secured websites) are not at risk. Since those sites use their own level of protection known as HTTPS, the data remains secured between your device and their server.  Additionally, the vulnerability exists at the software level which means it is easy to fix and vendors such as Microsoft have already published a patch for this issue.

So, what should I do?

The most important thing to do is make sure you update all wireless devices with the latest security patches available. This includes your desktops, laptops, routers, wireless access points, and most importantly, your mobile phones.  If you are a business, you should make sure you have a reliable company managing your devices and ensuring patches are continually being applied as they are released. As such, all of Optfinity’s clients are already or are in the process of being updated and protected from this vulnerability.

When out in public, you should always try to use your cellular data network, directly on your phone, or as a password-protected hotspot for your other devices. If this is not possible, make sure to utilize a VPN when connecting through a free Wi-Fi spot (as provided by most cafes and restaurants nowadays) to limit your vulnerability to hacking.

For more information on keeping yourself protected, sign-up for our newsletter or give us a call for a free assessment of your environment. We can be reached at sales@optfinity.com or via phone at 703-790-0400.

Voice over Internet Protocol, more often referred to as VoIP or Voice over IP is a technology that utilizes your internet connection to make and receive phone calls. VoIP is a popular technology option among small to medium sized business to replace their traditional phone system or landlines since it provides more features and cost benefits.  These added features and benefits are possible because VoIP utilizes software on servers meaning that features can be developed and added as new technology develops.  We’ll discuss the benefits and features of VoIP that traditional phone lines lack and why they’re important to businesses.

Extra Features

VoIP has a few extra features that regular landlines don’t. In addition to making/receiving calls, transferring calls and voicemail, VoIP also has caller ID, video conferencing and phone extensions. A VoIP feature that really impresses users is the ability to have your phone extension at your desk or on your mobile phone. For companies that have remote users or people constantly out in the field, it’s a big plus.

Enhanced Flexibility

VoIP’s flexibility makes it compatible with almost all networks and can be used over WiFi! It can use data types in different combinations to make and route calls, a tool that can be extremely useful when developing and deploying applications across various computers.  This flexibility greatly diminishes any need to worry about incompatibility and can support many types of communication.

Real-time Faxing

Setting up and maintaining long distance fax services can be more expensive than what it’s worth, not to mention the less than stellar data quality. The traditional fax service is also faced with equipment incompatibility causing more delays in the process. VoIP can replace your fax machine altogether with a fax interface by converting the data into packets to deliver data faster and more reliably.

Cost Benefits

Traditional landlines are more expensive than internet calling lines, so utilizing VoIP can help you reduce long distance calling costs.  Since it is scalable, you can adjust your plan to fit your business needs by adding or removing features and lines as needed.

OptfinITy has partnerships with many different VoIP providers. We can compare different providers with what you need and find a solution that is perfect for you. If you have any questions or are interested in switching to VoIP, give us a call!

Spear phishing campaigns make up 90% of cyberattacks and most employees are still unable to discern these scams from innocent emails. If you want to improve your company’s cybersecurity education, you might want to consider phishing your own staff.

Before making the campaign public, companies should take a baseline measurement of how employees react to one of the phishing exercises, according to Carl Leonard, principal security analyst at Forcepoint. Then, you have a metric to measure improvement against.

“A company’s most accurate results will arise from tests conducted when employees have not been forewarned,” Leonard said. “Ideally, they will be in a typical frame of mind and not in a heightened state of alertness knowing that a test will be conducted soon. This allows companies to more accurately baseline current status.”

While there are many options out there, a company can do this for free by designing their own emails to mimic a phishing attack and utilize their current software or exchange platform to track metrics. But if you don’t have the time or knowhow to accomplish this, Optfinity has a solution for you.

Through our relationship with KnowBe4, we can send out customized phishing emails and scams, gather the information, track their performance, and send regular reports. Training is also provided in this package, both before and after they are alerted to the software. If you have more questions about this topic or want a free assessment, contact Optfinity today!