IT Connect Newsletter

by

Psst… What’s Your Master Password?

All of us like to think we are unique. That thinking extends to our passwords too, right? We’re special and distinct, so no one could guess our chosen collection of letters, numbers and symbols. Well, it’s surprisingly easy for algorithms to determine passwords and to do so extremely quickly. So, a password manager is a smart move, as you’ll have more complex, different passwords stored. Still, it’s important that your master password for that manager be 100 percent original.

Sure, your password may be difficult for a human to guess – it would take forever. But, computers can run through the possible combinations in seconds. Password Depot found that a password consisting of five characters (three lowercase letters and two numbers) can be hacked in 0.03 seconds.

Add characters and the volume of possible configurations increases, and that adds time. A seven-character password (one capital letter, six lowercase letters) will take approximately nine minutes. At eight characters (four lowercase letters, two special characters, and two numbers) things get more complicated. Trying all the possible permutations will take 2.6 days.

That’s a data-driven argument for complex passwords with many letters and numbers. But the problem is that they are so much more difficult to remember, and that’s why it’s a good idea to use a password manager.

The power of a password manager

A password manager offers top-notch encryption to protect passwords. You can use a password manager as a vault for all your passwords. When you want to log in online from your desktop, it can prefill your username and password. Often, there is also an app that allows you to do the same on mobile devices.

Industry-leading password managers also notify you if credentials are weak or get compromised. They may also flag that you are repeating access credentials, which is not a good idea.

Don’t forget your master password

Part of the appeal of a password manager is its zero-knowledge approach. They are set up so that they can’t see your stored passwords. The password is encrypted before it reaches the manager’s server and can’t be deciphered.

This means you have to be careful not to forget your master password. The master password is the one you use to access the password manager. Without it, you’ll have to try to recover your account using several stages of authentication.

Make your master password unique, and don’t use it anywhere else. Repeating passwords, as mentioned above, increases your risk of getting hacked. If the other site is hacked, the bad guys could try that same password on other sites, too. It’s low-hanging fruit for them.

The current best practice as far as passwords go is to use a passphrase with a mix of alpha-numeric symbols. This gives you a length of between 20 and 30 characters. You can use a variety of uppercase and lowercase letters, numbers, and symbols. Some examples of passphrases include:

  • My_Fave_Person_is_My_Fish_761
  • Mytrip-2-Paris-Was-Magnifique
  • YouRemindMeoftheBabe!!

The passphrase means something to you, so it is more memorable. Yet it isn’t easy for hackers to crack. Also, you’re not using specific personal details that you may reveal on social media (unless you are constantly posting pics of your fish, and its name is actually 761).

Protecting your online identity

Want to know more about protecting your online identity? Need help with setting up security procedures for your home computer and network? Our tech experts are available to help. Call us today at (416) 645-2469 or (905) 667-0441 or email us.

Want to be notified when our next blog is posted, sign up here.

by

3 Reasons to Avoid Signing in With Facebook or Google Accounts

Nine out of ten times today when you visit a website you’re asked to sign in. To add convenience, many sites offer the ability to sign in using a Facebook or Google account. Sure, it’s simpler, but this article will share three key reasons why you might want to avoid this easy route.

It’s estimated that we each have an average of 100 passwords. That’s a lot to remember, especially as we need unique logins for every site to lower our risk of cyberattack.

At the same time, every website wants us to set up an account. It helps them get to know their users. This can help them to target marketing and product development efforts. They might also share the information with third parties as another source of income.

Still, the website wants to keep its users coming back, so they allow you to sign in with Google or Facebook accounts to streamline the process. Weigh the value of that added convenience against these three considerations.

#1 Youre giving away more data

By using Google or Facebook to sign in on other websites, you are giving the sites greater access to information about you. Now, they not only know what you do on their sites, but you’re also allowing them to build out their picture of you with data insights from the shared sites.

Google and Facebook have powerful tools to dig deeper into your online activity, and other websites can also extract data from your Facebook and Google accounts. If you don’t read the privacy policies, you may not know what sensitive data the platforms share.

#2 You could lose access

You may join those who are deciding to quit Facebook or leave Google in favor of another platform. If you do so, and you have used that account to access other sites, you’ll have to create new logins.

Even if you’re not ever going to do away with your Facebook or Google account, you could still lose access. If there’s a major outage at one of those two sites, you won’t be able to log in at any of your connected sites either. The other websites won’t be able to authenticate you until Facebook or Google is back up and running.

#3 Your attack surface gets bigger

If you have one, unique login credential for a website, you risk your data there only if that site gets hacked. However, if you use Facebook or Google login, and bad actors compromise that account, they can access any shared sites.

Think of it like dominos. The Facebook or Google account is the first to fall, but all those other accounts you “conveniently” login to using those credentials will come tumbling down soon after. Don’t think the attacker won’t bother looking for other connected accounts. All they have to do, once they breach one account is go into your settings to see what you have connected.

Social media accounts are also a prime target. Don’t believe us? Bet you’ve seen a post from a Facebook friend (or ten) telling you to ignore strange activity due to a hacked account.

Protect your online identity

Account compromise is a top cause of data breaches worldwide. Protect your online identity by following best practices for cyber hygiene.

Need help with password security? Our IT experts can set you up with a password manager or provide other online security help. Contact us today at (416) 645-2469 or (905) 667-0441 or email us.

Want to be notified when our next blog is posted, sign up here.

by

How to Spot Email Spoofing

The number of emails we get daily can be overwhelming. We could be excused for not looking at them all closely – well, almost. Except that not taking care to review emails for signs of spoofing could be a real risk to your business. Learn about email spoofing and how to avoid it in this article.

First, what is email spoofing? Don’t confuse this with the foreign prince’s plea for money. Email spoofing is much more nuanced; it’s still a cyber bad guy at work. They try to get you to download malware, enter personal credentials, or give money. Yet now they are mimicking a reputable company or source of an email. The email will, at a hurried glance, appear to be legitimate, and that’s how it works. The spoofer takes advantage of our lack of attention to accomplish their aim.

With email spoofing, the scammer tries to trick you into thinking they are a source you recognize. This might be a supervisor, a colleague, a vendor, or some other entity you work with regularly. Their goal is to get you to take an action you would not otherwise do.

The email will usually look convincing. The would-be attacker will duplicate design elements and mimic the sender’s style. So, you need to be aware.

How to Identify Email Spoofing

There are several signs to look for to identify a spoof email. First, you’ll want to check the email header information. This is a good place to look for tracking information about the message.

To view headers:

  • In Gmail, open the email you want to check headers for. Next to Reply, click the three dots and choose “Show Original”.
  • In Apple Mail, open the email you want to see headers for, and click View > Message > All Headers.
  • In Outlook, open the email you want to check, and then click File > Properties.

Check to see:

  • if the “from” email address matches the name of the person displayed as the sender;
  • that the “reply-to” address is the same as the sender or the site that the email purports to be from;
  • that the “return-path” is the same as the reply-to – you don’t want to think you are replying to “John Doe” when your response will go to “Scammy McScammer”.

The email header is a good starting point, but you’ll also want to ask yourself about the content of the message. If you weren’t expecting a message from that individual or organization, think twice. Also, look out for spelling or grammatical errors. A difficult-to-read message could indicate an unsolicited email from someone with a limited grasp of English.

If the email is pressuring you to act quickly or making an emotional plea for you to do something, be wary. Scammers often rely on urgency or our desire to help. That’s how they trick people into clicking on links or open attachments.

Better Safe Than Sorry

If you aren’t sure about an email’s legitimacy, slow down. Before you act, go to your contact list and send a direct message to that sender’s address to confirm the request. Or call the sender or company the sender apparently represents to verify that the email is a real one.

A managed service provider like CPI Networks can help you better manage email safety. Ask our IT experts to help set up email filtering and monitoring to avoid malware infection. Contact us today at (416) 645-2469 or (905) 667-0441 or email us.

Want to be notified when our next blog is posted, sign up here.

by

How to Prevent Password Spraying Attacks

Bad cyber actors are what the kids these days would call “try hards.” They do everything they can think of to get into your accounts. One tactic is password spraying. In case you don’t know about it, this article gives the basics and shares strategies to prevent this type of attack.

You’re probably familiar with hackers trying many different password combinations with the username. Web security services know about this form of attack, too. That’s why you can get locked out of your site for trying the wrong password too many times.

This brings us to password spraying. The cyber criminals have found a way to get around the-three-tries-and-you’re-out-of-luck defense. Instead of one user and many passwords, they use one password with many different usernames.

Think how easy this could be. Your company database is online for people to contact your employees. The bad actor takes john@yourcompany.com, jane@yourcompany.com, jamal@yourcompany.com, and so on, or they buy a list of usernames on the Dark web. Then, they try common passwords for every one of those individuals.

“Abc123,” “123456,” and … ugh … “password” are still frequently in use worldwide as passwords. So, it’s not that much of a stretch for a hacker to be able to get in with one of these common permutations.

The brute-force attack runs through a long list of users before trying the next “wrong” password. So, by the time it has finished going through the list of users with the password “abc123”, enough time has passed to avoid lockouts, and the hacker tries another password from the user list.

What to do about password spraying

The most obvious thing? Stop using any of the passwords that appear on the most commonly used worldwide lists! Do you think no one would still be using these obvious options? In 2021, there were more than 3.5 million reported uses of the “123456” password. “Password” came in second with 1.7 million reported uses. Both take less than a second to crack.

So, prefer more complicated passwords. This doesn’t have to mean that users add seven numbers, six symbols, and three capitalized letters. The National Institute of Standards and Technology (NIST) guidelines suggest length is more important. So, users can create longer yet easier-to-remember passwords.

IT administrators can also force users to change passwords at their first login to new applications. NIST further recommends checking every new password against a breached password list.

Multifactor authentication helps, as well. This requires the user to verify themselves with access credentials and extra authentication. This might be a code sent via text to a smartphone or could involve an authentication app such as Manage by MYKI .

It’s also a good idea to segment your networks so that users access only what they need to. Limiting user access can minimize the damage done if there is a breach.

Put password best practices in place

Keep your business secure with the help of CPI Networks. We can spearhead the installation of lockout policies and other security measures such as implementing company controlled MYKI Password & 2FA Management system. Our experts also stay current with the latest vulnerabilities to proactively protect your organization.

Call us at (416) 645-2469 or (905) 667-0441 or email us to discuss if CPI Networks is the right IT partner for your business? 

Want to be notified when our next blog is posted, sign up here.

by

How to Choose Home Computer Repair

There’s a lot of talk about the best places to use your laptop. We’ll recap that discussion briefly below, but the real focus of this article is where it’s best to put your desktop PC.

First, why does it even matter? Of course, you care how your workstation looks, but beyond the aesthetics, airflow is important too. Computers cool themselves with fans to suck in cool air and expel hot air out the back or top. If you’re not leaving room for the computer to “breath” it can overheat.

When a computer overheats it can become unstable or suddenly shut down. The hot air can also damage internal components. This is true of both laptops and desktops.

That’s why you’ll hear that it’s a good idea to put your laptop on a raised, slatted service where air can reach the vents. A table over a furnace duct or in direct sunlight should be avoided too.

OK, But Where Do I Put My PC?

You don’t want to put your computer somewhere it is going to get dusty, which is a good reason not to put it on the floor. It’s exposed to more dust, hair, and other junk that way. Since the computer’s fans are sucking in cool air, they can suck in the debris too.

Also, on the floor, you risk accidentally hitting or kicking the PC. Sudden jolts are bad for mechanical hard drives. Plus, USB drives or anything else plugged into the front could be knocked out, which damages the port.

Some desks have cabinets under the desk where you can put the computer. But, these may not have been designed with enough airflow.

It’s best to set up your computer on a stable surface to avoid any bumps or drops. You also want to position it so that the cord is not going to create a tripping hazard. If you fall, you could damage the power connection or, worse, knock the computer off your table or desk.

Since the big thing is airflow, you also don’t want to set the PC too close to the wall. This can damage cables in the back if they bend too much. Or, when the hot air exhausts out the back, it will be harder to expel the heated air.

Securing Your Desktop PC

Putting your PC parallel to the monitor, safely stable on your desk or table, with good airflow and room for the cords is your best option for the safety and longevity of your desktop computer.

Need help setting up your desktop PC or finding the best place to position it in your home? Our tech experts are available to help. Contact us today at (416) 645-2469 or (905) 667-0441 or email us to discuss if CPI Networks is the right IT partner for your business? 

Want to be notified when our next blog is posted, sign up here.

by

Why You Might Wait to Upgrade to Windows 11

Microsoft is rolling out the next iteration of its operating system, Windows 11. Of course, new = better, right? But, when it comes to Windows 11, you may want to consider waiting. Here’s why.

Typically, software updates are something to install as a matter of course. The manufacturer, after all, is delivering the latest and greatest in its upgrade. This can be new efficiencies, improved processes, and increased security.

CNN calls the Windows 11 release “the biggest update we’ve seen to Microsoft PC software in more than half a decade.”

But when it comes to Windows 11, do some research first. You may not want to be an early adopter.

When to Upgrade

There are still people using Windows 7 and Windows 8, even though these systems are no longer supported by the manufacturer. That, we do not recommend. Without support or security updates, these systems are vulnerable to malware attacks.

Meanwhile, the release of Windows 11 indicates Windows 10 is on its way out. Yet Microsoft has said it will support Windows 10 until October 14, 2025. The company typically keeps a ten-year lifespan for its products.

So, you don’t need to upgrade immediately. And for some businesses, it makes sense to wait longer to make the switch from 10 to 11. After all, it is not yet an essential upgrade.

Those on Windows 10 will see some advantages, yes. We’ll talk more about that next. But, unless you’re a heavy multitasker or need a sleeker visual design on your desktop, you can wait.

By waiting, you’ll also get the advantage of others being the ones to discover the launch issues and bugs. The software has been available in beta since June. Still, as more users get access, you can expect more updates on the horizon.

To help you decide if you’re ready to upgrade, you’ll first want to see if you are eligible for the free upgrade. Also, visit Microsoft’s website to see if your PC can run the software (https://www.microsoft.com/en-us/windows/windows-11-specifications).

If you have a custom-built desktop, you’ll want to run a health check to see if you have the TPM 2.0 Windows 11 requires. This is a specific security module, so you don’t want to overlook this!

Why Upgrade to Windows 11

Windows 11 is a redesigned operating system aiming at improved user navigation. Expect:

  • a more Mac-like experience;
  • integration with Android apps;
  • a facelift for Microsoft Teams;
  • streamlined switching from monitor to laptop;
  • direct access to widgets from the Taskbar;
  • a few gaming performance enhancements.

How to Upgrade 

The upgrade is rolling out gradually. Those who recently purchased a new laptop before Windows 11 was pre-installed have access now. 

If you are an existing Windows 10 user, you’ll see the Windows 11 upgrade sometime between now and mid-2022. Most users will go to Settings > Update & Security > Windows Update and click Check for Updates. If available, you’ll see a Feature update to Windows 11. Click Download and install. 

Remember to backup all your important documents before starting the installation process! 

Also, don’t fall for any fake versions of Windows 11. Wait to receive an official notification of a systems update. Do not click on links promising the software on social media or via email. You could end up downloading malware. 

More on Upgrading Your OS 

If you are in the market for a new laptop, make sure you’re getting one with Windows 11 pre-installed. That way, you’ll be sure to get one that will be able to run the new operating system without hassle. 

Want to be sure you’re ready for the upgrade and need it now? We can help verify your eligibility and run a health check. We’ll also help you determine if you can safely continue with the software you’re using right now. We’re here to help. Call us now at (416) 645-2469 or (905) 667-0441 or email us to discuss if CPI Networks is the right IT partner for your business? 

Want to be notified when our next blog is posted, sign up here.

by

Outsourcing to an MSP: Custom-size Your Partnership

When it comes to business technology, there is no one-size-fits-all answer. Managed service providers (MSPs) know this firsthand. That’s why you’ll find they make it easy to partner with them for different levels of outsourced IT. This article outlines the three tiers of MSP outsourcing typically available.

Small and mid-sized businesses share many challenges. They need to manage resources, follow regulations, and combat cyberthreats. At the same time, they grapple with constant changes (e.g. growing workforce mobility). Yet for all these commonalities, the technology used in each business can vary, and so too can the level of in-house expertise to manage and maintain IT.

So, many businesses turn to MSPs to get to know their IT infrastructure. The MSP can act as an IT watchdog, offer specific value-added services, or replace an in-house IT team.

MSP as IT Watchdog

This level of MSP engagement is for the business that wants expert backup support. The MSP watches over the business infrastructure and makes sure everything runs smoothly.

The MSP will use remote monitoring to keep tabs on the IT environment. They won’t make any changes if an issue arises – that’s up to the business – but they’ll help detect concerns to avoid any business disruption.

Many businesses don’t have the personnel for around-the-clock IT monitoring. This basic level of MSP service is a good way to track critical networks, systems, and databases 24/7/365.

MSP’s Menu of Services

MSPs also offer a menu of value-added services on top of the monitoring. The added tasks outsourced can depend on your expertise, budget, and desire to be hands-on with IT.

Value-add services MSPs offer include:

  • taking responsibility for installing software updates;
  • fixing security vulnerabilities as they are detected;
  • suggesting current, reliable, and secure technology solutions to improve your operational performance;
  • handling data backup and disaster recovery;
  • serving as your IT help desk for employees.

Partnering with the MSP for these services can save the business time and money. Consider data backup: The MSP may have its own data centers for all its clients, which might mean a better rate on essential data backup thanks to economies of scale.

MSP as IT Team

Other businesses can benefit from handing over all IT to a trusted MSP. For one thing, this saves the business from having to recruit, train, and keep its own IT team in a tight labor market.

The MSP continues to remotely monitor and manage the IT infrastructure, but they now have full responsibility. It’s not a matter of picking from the services available on the a la carte menu above. All those tasks are the MSPs responsibility.

Many internal IT teams are reactive, as they don’t have the bandwidth to act otherwise. Yet with an MSP in place of an overwhelmed IT staff, you gain a proactive partner. The MSP secures applications and networks, manages mobility, and handles any incidents. They keep your business running by avoiding disruptions leading to revenue loss, customer churn, and reputation damage.

Putting an MSP in charge of IT can concern some business owners who are reluctant to give up control, but an MSP brings the benefits of specialized experience with technology (and, ideally, your industry). They have the tools to provide data analytics, improve cybersecurity and continually better your business.

An MSP Partnership to Suit You

On any of these three levels, you want to work with an MSP that will become an extension of your business. The right MSP becomes a trusted partner looking out for your business’s best interests. Call us today at (416) 645-2469 or (905) 667-0441 or email us to discuss if CPI Networks is the right IT partner for your business? 

Want to be notified when our next blog is posted, sign up here.

by

How Hackers Get Around SMS Two-Factor Authentication

Every time you’re online and a site sends a separate code to check your identity, you’re using two-factor authentication. It’s become the norm. So, of course, hackers have figured out how to get around this, too. This article shows you how they do it and how to stay safe.

With billions of usernames and passwords leaked, access credentials everywhere are at risk, especially if you are reusing your log-in information on more than one site (don’t do it!).

Business websites want to offer a secure user experience, so two-factor authentication (2FA) has become the norm. It’s meant to help stop automated attacks in which bad actors use the leaked usernames and passwords.

Still, if the site you’re visiting uses short message service (SMS) to send a one-time code to your phone, you could still be at risk.

Hackers, using information they have from a data leak, can call your telephone company. They use your name, date of birth, and other identifiers available on the Dark Web, to impersonate you. Then, say you’ve lost your phone, they transfer your phone number to a device with a different SIM card.

That means when the one-time SMS code gets sent your phone number, the message will instead go to their device.

Android Users Also Beware

On Android devices, hackers have an easier time getting access to text messages. If they have access to your leaked Google credentials, they can log into your Google Play account. From there, it’s simply a matter of installing a message-mirroring app on your smartphone.

The app synchronizes notifications across your different devices. It’s for when you really need to be connected, and you’ll be able to see your phone’s SMS alerts on your tablet!

The app won’t work unless you give it permission when prompted to do so, but too many people don’t stop to read alerts from their own accounts: they assume it’s another necessary update and go on with their day. Otherwise, the hacker might call you in a social engineering ploy pretending to be a legit service provider. They’ll be familiar to you, so you’re more likely to listen when they ask you to give permission.

Again, when the one-time SMS code gets sent to your phone, because of the message-mirroring app, the hacker’s device will also receive the code.

What Can You Do to Protect Yourself?

It starts with using unique passwords for all sites you visit. Worried you’ll forget them? A password manager like MYKI can keep all your access credentials in one secure place for you and your team. You should also confirm that your credentials haven’t been compromised. If you use MYKI’s password service, you can  “check passwords” to see if there are any issues. 

Change any passwords that have been involved in a leak!

To avoid the SMS concern specifically, avoid using one-time SMS codes to verify your identity. Instead, you can use a non-SMS authentication tool such as MYKI password manager authenticator, which provides two-step verification services within the app itself.

Need help learning if your credentials have been leaked? Or want assistance setting up more security for your online activity? We can help. Contact our IT experts today at  (416) 645-2469 or (905) 667-0441 or email us. 

Want to be notified when our next blog is posted, sign up here.

by

7 Common Business IT Myths Debunked

MythBuster programs on television never focus on business misconceptions about IT. Too bad, because believing these myths can be both costly and dangerous to your business. This article debunks seven common business IT myths.

Sometimes myths are harmless, but when it comes to business IT myths, not knowing the truth is damaging. Make smarter tech decisions with accurate information and a better understanding of IT.

Myth 1: Consumer PCs are interchangeable with business PCs.

Sorry, this one’s false. Selecting a business-grade computer can impact productivity. Don’t squander your competitive advantage by relying on consumer PCs to get the job done.

Consumer PCs are largely about getting the price point down by using lower-quality materials, whereas business computers are built to last, use higher-quality components, and go through more testing. They have business-appropriate features such as fingerprint readers or encryption tools, and better warranties and support.

Myth 2: Apple computers can’t get viruses.

Microsoft Windows users are targeted more often because there are more Microsoft users, and the payoff is bigger. Plus, Windows PCs run any program requested, regardless of danger, whereas Apple has steps in place to prevent unauthorized malware from running.

This myth is also untrue. In fact, in September, Apple released a security update to fix its phones, tablets, and watches. Victims didn’t even have to click on a malicious file to risk device infection. So, if you’re using an Apple device, go into Systems and make sure you’ve upgraded to iOS 14.8, macOS 11.6, and/or watchOS 7.6.2.

Myth 3: One backup is enough.

In the case of data backups, you are much safer taking a 3-2-1 approach to data backup. Have three data backups available on at least two different mediums, one of which should be off-site.

You might backup your data to:

  • a second hard drive;
  • an external hard drive;
  • a thumb or USB flash drive;
  • a cloud service.

Myth 4: Antivirus software completely prevents infection.

Antivirus software is valuable, yes, and your business should consistently upgrade its antivirus software. But no antivirus is going to protect your business from every threat.

Security programs do their best to keep up with new threats and vulnerabilities, but infections can spread across the internet quickly. Plus, bad guys are getting better at crafting variations to evade antivirus tools. As a result, make antivirus software only one piece of your cybersecurity strategy.

Myth 5: Cybercriminals only target enterprises.

Attacks on enterprises grab the headlines, but nearly half of the cyberattacks hit small businesses. The bad actors know that small businesses are more resource-constrained and don’t have cyberattack prevention plans in place. It is easier to go after the little fish than targeting the enterprises with IT teams as big as a basketball squad.

Myth 6: It’s OK to wait until the computer fails to replace it.

You can wait, but it’s not going to be the best thing for your business. Long before a computer fails it could be slowing down your business. Older PCs disrupt productivity and reduce employee satisfaction.

As the computer ages, you’ll lose time loading applications and dealing with crashes. You may also be leaving your systems vulnerable to cyberattack if you can’t upgrade the software.

Myth 7: IT outsourcing is not effective for small businesses.

Maybe you think your IT systems are too small to need ongoing maintenance or monitoring, or (Myth 5) that you’re not at risk. Yet, IT systems of any size need ongoing, consistent attention, and outsourcing can help free up your IT resources to do more value-add tasks.

A managed service provider (MSP) can monitor hardware and backups, streamline systems for speed, and keep security current. The MSP can also manage firewalls, and identify and protect against threats. Partner with us for business IT support today! Call us now at  (416) 645-2469 or (905) 667-0441 or email us. 

Want to be notified when our next blog is posted, sign up here.

by

Stop Your Tech from Stalking You

Unless you’re a reality television star, you probably don’t like the idea of being watched at all times. So, why would you want your technology to know all about you? With digital technology today, it’s far too easy for our devices to turn creepy. Here are some suggestions to stop the stalker-like tendencies of the technology you rely upon.

Today’s marketing and online communications are all about customization and personalization. If you like a friend’s picture of an Art Deco door in Belgium, you see many more posts featuring similar designs. Or if you view an area rug on a website, you’re suddenly bombarded with ads for rug stores when you next go online.

This can add convenience, but it is also unsettling. What companies online know about you could be more detailed than what your friends know. Take the following steps to regain control of what your computer, phone, and apps know about you.

Review your privacy settings

Whether going online from a phone, laptop, desktop, or tablet, get to know the device’s privacy settings. Some important settings to review include:

  • email tracking – this can let people know if you opened their message or not;
  • location tracking – personalizes recommendations but also tells search engines where you are;
  • voice recordings – manufacturers use these to train virtual assistants, but pause this to keep your conversations to yourself;
  • purchase history – this helps feed the machine so that businesses know how to target you in the future.

Opt out or block ads

Opting out of ads limits the information collected from your browser or device. The site or business still receives basic information about you, but you will no longer receive targeted, interest-based ads any longer. Apple’s iOS 14 allows app blocking, and you can also express your choice on Android devices.

Otherwise, use browser ad blockers, such as AdBlock Plus, or JavaScript blockers, such Ghostery, to limit ad tracking. Also known as content blockers, these software programs prevent ads from showing on websites you visit. You can find ad blockers for Chrome, Firefox, Opera, Safari, and Internet Explorer.

Check your permissions

Watch the permissions you give apps. We have already talked about checking device settings, but you can also limit the permissions you give to apps. For example, social media accounts have privacy settings that allow you to control what’s logged about you.

Plus, check permissions for other apps. Clash of Clans doesn’t need location services, for instance. Or you might not want to give Slack access to your microphone and video recordings.

Use webcam covers

Covering your webcam stops someone from potentially seeing and recording you. If you think you’d see the light come on to show the webcam is in use, know that hackers can disable that. A simple sliding webcam cover closes the webcam when you are not using it to avoid a cybercriminal having access.

Covering your webcam can also come in handy in all those online meetings you’re having. A covered camera means you don’t run the risk of your colleagues catching you unprepared.

Limit information you provide

Social media has created a culture of oversharing. There are probably many things you’ve seen about friends online that you would rather not know. You’re also sharing more than you need to with the companies that you interact with online.

If you’re filling out a form for a download, you might fill out only the required fields. When you add an app, be stingy with your personal details. Think about it from a need-to-know perspective. For instance, that home design game you love to play doesn’t need to know where you went to high school or with whom you bank.

Need help keeping the privacy-busting algorithms at bay? We can help. Our IT experts can configure device settings to limit information gathered about you online.

Contact us today at  (416) 645-2469 or (905) 667-0441 or email us. 

Want to be notified when our next blog is posted, sign up here.