Been going over the final plans for our new office.  We are more then excited and if everything goes well we will be moving into our new spot by the end of the year.  Everyone at Aperio IT is thrilled for their new spaces.  This has been an exciting year and this will be an amazing transition for the new year.

In June of this year (2016), Microsoft purchased LinkedIn for the $26.2 billion. Although the deal won’t officially close until the end of this year, the purchase is prompting considerable speculation about how Microsoft will use and change LinkedIn.

LinkedIn CEO to Remain

For those concerned that Microsoft might be planning to make sweeping changes to LinkedIn, there’s good news. Microsoft does plan to retain Jeff Weiner, LinkedIn’s CEO. This may indicate that Microsoft plans to stick with most of LinkedIn’s current objectives.

Microsoft Mining LinkedIn’s Data

Examples of the data Microsoft may gain access to include résumés and possibly location information. Obviously, being able to analyze data regarding résumés is of value to recruiters. Additionally, analyzing location information (not often seen by users as a threat) could allow Microsoft to sell access to focused business-to-business (B2B) data. “Insights like where to build the next hotel and more information about business routes to add or hubs to build out could be mined… through this kind of data.” Dennis Dayman, ReturnPath.com.

Naturally, this leads to privacy concerns for LinkedIn users. As explained by Nick Wingfield, “LinkedIn will give Microsoft access to a lot of potentially sensitive information that it will have to be careful about guarding – for example, when LinkedIn users are talking to job recruiters.” nytimes.com. Users will need to be aware of privacy issues, and understand how Microsoft plans to protect their interests.

LinkedIn As Microsoft’s Professional Social Media Presence

Frequently described as merging Microsoft’s professional cloud with LinkedIn’s professional network, the purchase has the potential to allow Microsoft to use LinkedIn to develop a social media presence, an area they currently lack. “…LinkedIn represents a kind of B2B social intelligence that Microsoft only had in the form of usage data through Outlook 365. They knew how people worked with their products, but they didn’t know what they were saying about their products and what those conversations meant.” Len Shneyder, TechCrunch.com.

Additionally, acquiring LinkedIn could give Microsoft an opportunity to provide professionals with a way to collaborate on projects. LinkedIn has never functioned as a place for enterprise collaboration. According to Matt Kapko, while LinkedIn does have “a large, motivated community of 433 million users… its business tool are lacking.” Microsoft, on the other hand, “… had the tools but lacked the community and deep profiles.” CIO.com.

While there are certainly risks involved – consider Microsoft’s failed attempts with its purchases of Nokia and aQuantive – LinkedIn may well provide Microsoft with additional means to secure and expand its position.

Thanks to everyone for another successful Lunch and Learn event we hosted at Seasons 52.  Cameron Tousley of ESET did an amazing job presenting his material and we are very glad he made it out so thank you.  Season’s 52 staff of course did another amazing job catering our event.  The food was amazing and of course we had a really good turn out so thank you to everyone that showed up.  This was another successful event and we look forward to leading some more next year so stay tuned.

Aperio IT is expanding our offices and moving into a new building.  We are really excited for all recent growth we have been going through and all the new employees we have been adding to our roster.  Everyone has been doing such an amazing job finding their niche and we are looking forward to the successful road ahead.  December 1st is our move in date so we will keep you updated with construction along the way up until the move.  Thanks for being apart of our success.  You’re the driving force that help keeps us on our toes.  Here is to another 15 more successful years.

In their report on the top connected device threats in 2016, Pwnie Express Surveyed over 400 respondents in the areas of information technology and security. Their results are a warning to all businesses:

• 86% of information security professionals are concerned with connected device threats, with most being more worried about these threats than they were a year ago.
• 40% report that their organization is “Unprepared” or “Not Prepared At All” to find connected device threats.
• 37% cannot even tell how many devices are connected to their networks.

(The Internet of Evil Things)

What is the Internet of Things?

In our recent post on Ransomware and the Internet of Things, we briefly discussed what the “Internet of Things” (IoT) is, and how we expect it to become increasingly vulnerable to ransomware. Examples of the IoT include any electronic device that is connected to the internet: cell phones, pacemakers, electronic components in factories, thermostats, cars, and more.

And we can expect the IoT to grow over the next several years. According to a 2016 report on internet security from Symantec, “In the USA, there are 25 online devices per 100 inhabitants, and that is just the beginning. Gartner forecasts that 6.4 billion connected things will be in use worldwide in 2016, and will reach 20.8 billion by 2020.”

What Kinds of Threats Can Be Expected?

According to Pwnie Express’s report, the major IoT device threats in 2016 will be related to:

• Unauthorized, accidental, or misconfigured access points;
• BYOD and the personalization of (formerly) corporate hardware; and
• Insecure, misconfigured, and vulnerable IoT devices.

Wireless access points can present several vulnerabilities, such as failure to modify default configurations. “Routers, switches, operating systems and even cellphones have out-of-the box configurations that, if left unchanged, can be exploited by individuals who stay abreast of such things.”  Brad Casey, Techopedia.com.

BYOD (Bring Your Own Device) policies can also leave your organization vulnerable. In addition to making a tempting target for hackers, users of mobile devices are often not as careful as they need to be when downloading apps. Even more worryingly, according to the report The Internet of Evil Things, “Most security professionals are not ready to monitor or detect less-common RF and off-network IotT devices, 87% cannot see Bluetooth devices, and 87% cannot monitor 4G/LTE devices in real time. Additionally, 71% cannot monitor off-network WiFi devices in real-time and 56% cannot monitor on-network IoT devices in real-time.”

Preparing to Protect Against Vulnerabilities

While many information security professionals seem to be aware of the threats they face from working with mobile devices and the IoT, surprisingly few seem to be prepared for it.

For example, The Internet of Evil Things states that 35% of respondents say that their organization has no BYOD policy in place. Further, while 65% of the respondents report that they have a BYOD policy, only 50% of them actually have a way to enforce these policies. Obviously, unenforced policies are an invitation to non-compliance and do not provide real protection.

While connected devices offer advantages in terms of flexibility for organizations, they also come with great risks. And with attacks still on the rise in 2016, protecting your business is more important than ever.