(817) 439-3051

Monthly Archives: October 2018

US Data Breach Victims Can Now Request Credit Freezes for Free
Technology October 31, 2018
US Data Breach Victims Can Now Request Credit Freezes for Free

Thanks to a new federal law, US citizens no longer have to pay fees to freeze access to their credit reports. If you have been a victim of a data breach, you should consider taking advantage of this new policy. Here is what you need to know and do.


Data breaches are common nowadays in the United States. Victims of this type of cyberattack are at risk of identity theft, especially if the stolen data includes their social security numbers, as was the case in the massive Equifax data breach in 2017. Cybercriminals like to use this information to open new financial accounts (e.g., credit cards, loans) in the victims’ names. To make matter worse, the stolen data is often stored on the dark web for years, so the victims are at risk for a long time.

One way in which data breach victims can protect themselves is to restrict access to their credit reports, which is known as freezing them. A credit freeze can stop identity thieves from opening new accounts because lenders typically won’t approve an application if they cannot check the person’s credit reports.

In the past, people often had to pay to freeze and unfreeze reports at each credit bureau, which stopped many people from doing so. Fortunately, this has changed in the United States, thanks to a new federal law that went into effect on September 21, 2018. People can now freeze and unfreeze their credit reports at the three credit bureaus — Equifax, Experian, and TransUnion — for free.

If you were one of the 143 million US consumers who had their social security numbers stolen in the Equifax breach or you were the victim of another data breach, you should consider taking advantage of this new law. Here is what you need to know and do.

What You Need to Know

Before you freeze your credit reports, it is important to know the following:

  • A credit freeze won’t stop cybercriminals from making charges to your existing accounts (e.g., credit card accounts) if the stolen data included those account numbers. So, you will need to continue monitoring your account statements for suspicious activity.

  • Some groups will still have access to frozen reports, such as existing creditors and debt collectors.

  • A credit freeze won’t affect your credit score. Nor will it prevent you from getting your free annual credit reports. (US citizens have the right to obtain free copies of their Equifax, Experian, and TransUnion reports once a year.)

  • A credit freeze remains in place until you ask the credit bureau to temporarily lift it or permanently remove it. This is important to keep in mind if you want to fill out a credit card application, get car insurance, or apply for a job. If you make the request online or by phone, the credit bureau must lift the freeze within an hour. If the request is made by mail, the bureau has up to three business days to lift the freeze after it receives the request.

  • All three credit bureaus offer services such as credit monitoring and identity-theft protection. It is important not to confuse credit freezes with these services, as the services typically have monthly fees. You need to be sure that you are requesting a credit freeze, which is sometimes called a security freeze.

If you do not want the hassle of freezing and unfreezing your credit reports, another option is to request a fraud alert, which is also free. With a fraud alert, lenders can get copies of your credit reports as long as they take steps to verify your identity. The new law lengthens how long a fraud alert remains in place from 90 days to one year. However, if you are an identity theft victim, you can get an extended fraud alert, which can be in place for seven years.

What You Need to Do

If you decide to freeze your credit reports, you need to do so at each credit bureau You can request a credit freeze online, by phone, or by mail. Here is each bureau’s website and telephone number:

When requesting a credit freeze, you need to provide your name, current address, social security number, and date of birth. You might also need to provide other information to confirm your identity, such as your previous address or existing credit cards. Once the freeze is in place, you will be given a personal identification number (PIN). You need to remember the PIN because you will need it to temporarily lift or permanently remove the freeze.

You can also use the contact information just given to set up fraud alerts. However, in this case, you only have to contact one of the credit bureaus. That bureau will then let the other two bureaus know they have to set up a fraud alert for your credit reports.

iPhone XS, XS Max, and XR: Which Would Work Best for Your Business?
Technology October 24, 2018
iPhone XS, XS Max, and XR: Which Would Work Best for Your Business?

Discover what the three models have in common and how they differ from each other.


If your business is in the market for new iPhones for employees, you are in luck. You have three new models from which to choose. Apple rolled out two new models — the iPhone XS and the iPhone XS Max — on September 21, 2018. The third model — the iPhone XR — is scheduled for release on October 26, 2018.

The XR model is an entry-level smartphone, so it is less expensive (starts at $749) than the flagship XS and XS Max models (start at $999 and $1,099, respectively). But, as with any IT asset, you need to consider more than just the cost. Here are some points to keep in mind when deciding which model would work best for your business.

What the Models Have in Common

The iPhone XS, XS Max, and XR have more than just the iOS 12 operating system in common. Here are some of the features they share:

A12 Bionic chip. The new A12 chip has a six-core central processing unit (CPU), a four-core graphics processing unit (GPU), and a neural engine. According to Apple, the A12 chip can process 5 trillion operations per second, making it 15% faster than its predecessor (A11) while using up to 50% less power. The neural engine uses real-time machine learning, which enables the smartphones to recognize patterns, make predictions, and learn from experience.

Dual subscriber identification module (SIM) technology. The devices are designed to have one physical SIM card (nano-SIM) and one digital SIM (eSIM). As a result, you can have two phone numbers or two phone plans on the same device without having to physically swap SIM cards. This can come in handy, for example, if you want to have separate phone numbers for business and personal calls. If you are anxious to use this new feature, you will have to wait, though. The eSIM will be delivered through a software update later in 2018. Plus, some carriers might not support eSIM.

Intel XMM7560 modem. Thanks to the new Intel XMM7560 modem, the iPhone XS, XS Max, and XR will work with all four major US carriers (AT&T, Sprint, T-Mobile, and Verizon). In the past, the iPhones offered by AT&T and T-Mobile did not work on Sprint and Verizon networks.

Face ID authentication. With Face ID, you can use your face instead of a password to unlock your iPhone and log in to apps. Although this feature has been around since 2017, it is faster in the iPhone XS, XS Max, and XR. Face ID uses the TrueDepth camera to scan your face and the neural engine’s machine learning capabilities to recognize you, even if you are donning a hat or wearing glasses instead of contacts.

How the Models Differ

There are many ways in which the iPhone XS, XS Max, and XR differ from each other. Here are five of the most notable differences:

Display type. The display type is probably the biggest differentiator between Apple’s flagship and entry-level iPhones. The XS and XS Max models have organic light-emitting diode (OLED) screens, while the XR model has a liquid-crystal display (LCD) screen. OLED displays provide more vibrant colors, offer better contrast, and have higher resolution than LCD screens. The XS Max model has a slightly higher resolution (2688×1242 at 458 pixels per inch, or ppi) than the XS model (2436×1125 at 458 ppi). The resolution of the iPhone XR is 1792×828 at 326 ppi.

Display size. Based on price, you might expect that the most-expensive model (XS Max) has the largest screen while the least-expensive model (XR) has the smallest one. But that is not the case. While the iPhone XS Max does have the largest screen (6.5 inches), the iPhone XR comes in second with a screen size of 6.1 inches. The iPhone XS’s screen is 5.8 inches.

Battery life. While the iPhone XR’s LCD screen might not be as flashy as the OLED displays in the iPhone XS and XS Max, it has one redeeming value: It consumes less battery power. This power savings — combined with the fact that the iPhone XR’s battery is slightly larger than the one in the iPhone XS — means that you will likely have to charge the iPhone XR less often than the other two models (especially the XS). table 1 compares how long each model’s charge will last when using it for various activities.

table 1: How Long Each iPhone Model Lasts on a Battery Charge

iPhone XS

(2,658 mAh lithium ion battery)		 iPhone XS Max

(3,174 mAh lithium ion battery)
Talking Up to 25 hours Up to 20 hours Up to 25 hours
Using the Internet Up to 15 hours Up to 12 hours Up to 13 hours
Playing videos Up to 16 hours Up to 14 hours Up to 15 hours
Playing audio files Up to 65 hours Up to 60 hours Up to 65 hours

Memory capacity. For the first time, Apple is offering smartphones with 512 gigabytes (GB) of storage. This storage capacity is available in the XS and XS Max models. Each model offers three storage options. table 2 shows those options and how much they cost.

table 2. Storage Options for Each iPhone Model

iPhone XR

iPhone XS

iPhone XS Max
64 GB

$749

$999

$1,099
128 GB

$799

256 GB

$899

$1,149

$1,249
512 GB

$1,349

$1,449

Cameras. The iPhone XS and XS Max have three cameras. On the front, they have the TrueDepth 7 megapixel (MP) camera. On the back, there are the dual wide-angle and telephoto 12MP cameras. The iPhone XR has only two cameras. It has the TrueDepth 7MP camera on the front and a 12MP camera on the back.

Still Not Sure?

The best phone for your business will be the one that meets your employees’ needs at the lowest price point. For example, if your employees need a phone with a large memory capacity so they can store a lot of business data, then one of the flagship models might work best since they offer 512 GB of storage. However, if your employees do not need that much storage, the iPhone XR might be the best buy. Although it does not have an OLED screen or the dual wide-angle and telephoto 12MP cameras, it offers the same powerful A12 chip found in the iPhone XS and XS Max.

If you are still uncertain as to which iPhone model would be best, contact us. We can explain the differences in more depth so you can make an informed choice.

Are Your Employees a Security Liability or a Security Asset?
Cyber Security Technology October 17, 2018
Are Your Employees a Security Liability or a Security Asset?

While many companies realize they should provide IT security training, they often do not know where to begin. If your business is one of them, here are some suggestions to get you started.


The actions of careless and uninformed employees are a leading cause of serious IT security breaches, second only to malware attacks, according to a study by Kaspersky Lab and B2B International. Even when a security incident is caused by malware, employees’ actions are often a contributing factor.

These study findings point to the need for IT security training. This training can mean the difference between employees being a security liability or a security asset. While many businesses know they should be training their employees, they often do not know how often to provide the training, what to cover, and how to make it effective.

How Often

When it comes to IT security training, taking a “one and done” approach is not advisable. Instead, companies need to provide ongoing training because cybercriminals are constantly changing their tactics and devising new cyberthreats. The organization that oversees the United States’ Health Insurance Portability and Accountability Act (HIPAA) recommends monthly security updates in addition to bi-annual training. Yet, only a quarter of employees receive cybersecurity training at least once a month, according to a Finn Partners survey.

Although there are expenses associated with providing ongoing training, the costs incurred from a serious IT security incident would be much higher. In 2017 alone, phishing and business email compromise (BEC) scams set US companies back $705 million.

What to Include

Your training program should be tailored to meet your company’s needs. It should cover the specific types of IT security risks that your employees might face on the job. The program also needs to address the security requirements employees are expected to meet. This is particularly important if your business must comply with any industry or government regulations such as HIPAA or the European Union’s General Data Protection Regulation (GDPR).

Topics commonly covered in IT security training include:

  • The need for strong, unique passwords and how to create them

  • The different types of malware (e.g., ransomware, spyware) and how they are spread

  • Email security, including how to spot phishing emails and BEC scams

  • What employees should do if they receive a suspicious email or encounter another type of IT security problem

  • How to safely use the Internet

  • Social engineering threats

  • How to use mobile devices securely

  • Physical IT security measures being used

  • Your company’s IT security policies

All employees — including managers and executives — should receive basic security training. Some employees might need additional instruction that is specific to their particular jobs.

How to Make the Training More Effective

The IT security training will be pointless if your employees do not remember any of it. Fortunately, there are several ways to help make your IT security training more memorable and effective. For starters, you should hold short training sessions rather than marathon meetings. Bombarding employees with information for many hours will result in information overload, which means they will likely forget most of it. Providing ongoing training in small chunks is a more effective way to get employees to retain information. Plus, it will be easier for them to fit shorter training sessions into their work schedules.

Including hands-on activities in the training sessions will also help employees remember the information presented. For example, in addition to discussing on how to spot phishing scams, you could place the employees into small groups, give them copies of emails, and have them pick out the ones they think are phishing scams.

Another way to increase the effectiveness of your training is to make the information relevant to employees on a personal level. For example, a good way to get employees interested how to use company-owned mobile devices securely is to start by discussing how they can protect their personal smartphones (e.g., only use hotspots known to be safe and reliable). Once they learn good security habits in their personal lives, they will be more likely to practice them at work.

Finally, after employees have completed their training on a particular topic, you might consider testing what they have learned. For instance, after covering how to spot phishing emails, you could send out a fake phishing email with a suspicious link. If clicked, the link could lead to a safe web page that states the phishing email was an IT security training exercise. This type of testing can reinforce what employees have learned. It can also help determine the effectiveness of the training.

It is important to follow up with employees after the test, especially with the individuals who clicked the suspicious link. However, you should never embarrass or scold these employees during this discussion. Instead, you should offer them additional training and resources.

Your Employees Are an Important Part of Your Line of Defense

Educating employees about IT security is important. With training, they can bolster your line of defense against cyberattacks rather than be a weak link in it. To make this happen, you need to develop an effective IT training program that will teach your employees what they need to know to help keep your business secure. If you are uncertain of what to include, contact us. We can suggest topics based on your business’s IT environment.

Thousands of WordPress Websites Hijacked
Cyber Security Technology October 10, 2018
Thousands of WordPress Websites Hijacked

Cybercriminals hijacked thousands of WordPress websites in September 2018. Learn how hackers carried out these attacks and what you can do to protect your business’s website.


Hackers hijacked thousands of websites in September 2018 and installed malicious code in them. All the sites were using the WordPress content management system. WordPress sites are a popular target for cybercriminals because they are so common.

The September Attacks

The security researchers who discovered the barrage of attacks in September believe that the cybercriminals accessed the sites through outdated WordPress plugins and themes. Once the hackers gained access, they modified the sites’ code for malicious purposes. For example, in some cases, the code sent site visitors to tech support scam pages. The cybercriminals also planted backdoors in the sites so they could easily access them in the future.

Don’t Become the Next Victim

Many small and midsized businesses use WordPress because it is free yet full-featured. If your business is one of them, you need to protect your WordPress site. A good place to start is to:

  • Keep the number of plugins and themes to a minimum. Each plugin and theme you use increases your site’s attack surface, so only use the ones your site needs.

  • Keep your site’s plugins and themes updated. It is important to install any updates released for your site’s plugins and themes. Besides providing new and improved features, the updates often patch any recently discovered security vulnerabilities. Outdated plugins and themes can give hackers the opening they need to access your site.

  • Update the WordPress CMS software. Although the hackers exploited outdated plugins and themes in the September 2018 attacks, they sometimes exploit vulnerabilities in the core WordPress software instead. Thus, you need to keep the core software updated.

  • Make sure your hosting service is doing its part. Your hosting service needs to keep its security measures up-to-date and regularly update its infrastructure. Failure to do so will leave your site vulnerable to cyberattacks.

There are also other measures you can take. For example, if visitors log in to any part of your WordPress site, you should implement a password policy or possibly use a two-step authentication system. We can evaluate your site and devise a customized plan to protect it from hackers.

How to See Which Files Are Taking Up the Most Space in Windows 10
Technology October 3, 2018
How to See Which Files Are Taking Up the Most Space in Windows 10

The longer you have your computer, the more files you will accumulate on it. Here is how you can find out how much space you have left on the hard drive of your Windows 10 computer and which files are taking up the most space.


Although large hard drives are the norm nowadays, it is still a good idea to know how much space you have left on your hard drive and which files are taking up the most space.

You can quickly find out how much room you have left on your hard drive using Windows 10’s File Explorer, but it does not give you any clue as to which files are hogging all the space. The “Storage” page in the Settings app provides both pieces of information. It specifies the amount of free space available and lets you explore how much space your documents, pictures, and other types of files are consuming. Equally important, it lets you drill down to the file level, so you can view and manage those files.

How to Access the “Storage” page

Getting to the “Storage” page in the Settings app is easy. Follow these steps:

  1. Open the Start menu by clicking the Windows button.

  2. Click the gear icon in the lower left corner of the Start menu to open the Settings app.

  3. Choose “System” in the Settings app.

  4. Select “Storage” in the left pane.

  5. Click “This PC (C:)” in the “Local storage” section.

You will see a list of file types, ranked by the amount of space they consume, as Figure 1 shows.

While many of the categories are self-explanatory (e.g., “Mail”, “Pictures”, “Music”, “Videos”), some are not. For instance, the “Other” category is vague. If you click that category heading, you will be taken to a page that notes the category is a catchall for files and folders that Windows 10 couldn’t characterize.

Each category page lets you view and manage the files in them. The only exception is the page for the “System & reserved” category. It just briefly describes the types of files found in this category because removing them would harm your computer. It does, though, give you the option to manage the system restore process.

What You Can Do If You Want to Free Up Space

If you want to free up space on your hard drive, you have several options, including:

  • Deleting unused and duplicate files.

  • Moving files you seldomly use to the cloud (or another storage medium).

  • Uninstalling apps you do not use.

  • Using the “Free up space now” option on the “Storage” page to reclaim space.

Deleting unused and duplicate files is fairly straightforward. The other options are more involved. If you need help moving files to the cloud, uninstalling unwanted apps, or using the “Free up space now” option, let us know.