Konica Minolta has always been known to take security seriously. Recently, Konica Minolta started to roll out updates for their multifunction printers (MFPs) with the addition of Transport Layer Security, or TLS. While TLS has been available on some of the MFPs, a firmware update will allow for newer and better versions of TLS to be used. But what is TLS?

TLS is a cryptographic protocol that is used to encrypt data sent and received. TLS is a spiritual successor of Secure Socket Layers, or SSL. SSL is also a cryptographic protocol. While they are not the exactly the same, TLS is the modern version of SSL. So why are these important? SSL and TLS both protect against hackers gaining access to information by encrypting it.

For Konica Minolta, this is important as the information being sent to and from a printer could be confidential or personal, and having the cryptographic protocol and the encryption to help prevent hackers from being able to crack or intercept the document or data is important. Konica Minolta has taken steps like this in the past with security, like the fact that they started using solid state drives (SSDs) instead of hard disk drives (HDDs) because they could delete the information of the SSD and allow for better security and privacy.

As the world becomes more digital, the need for information security, also known as InfoSec, is needed. Protecting customer and company data is important, as these can lead to devastating problems if not properly protected. Companies come up with different approaches to protecting information. One way that the different InfoSec solutions are judged is in the Cyber Defense Magazine, which is an industry leader in the InfoSec field providing information and news for those interested in or involved in information security. CDM hands out their InfoSec awards yearly to various companies for InfoSec solutions. CDM looks for the best and most innovative awards that push information security and data protection. Konica Minolta won two awards in this year’s InfoSec awards for the “Most Innovative Cloud Backup” and “Hot Company Endpoint Security.” The awards, who are judged by security professionals, are awarded based on the information and data provided. Congratulations to Konica Minolta for winning both of these awards!

With the world and technology quickly evolving, certain technologies and ways of doing business feel antiqued. Over time new technologies have come along and changed the way of doing business, like VOIP did with landlines. While landlines are still being used today, many
businesses have opted for VOIP. For many businesses, fax machines are a thing of the past as they have opted for different methods of moving documents. However, does this mean the fax machine is going to die?

The main industry that is still using fax machines is the healthcare industry. They have been using them for a long time, and are comfortable with them. The pandemic showed some flaws in the healthcare industry’s technology. It proved to be outdated and because of this many in the healthcare industry are looking to upgrade and move to the future. This is not as easy as it seems, as there are multiple hurdles for the healthcare industry to overcome.

The first issue is cost. For those in public healthcare, the first issue arises when they have to get the money allocated towards this. This is an issue on its own, and even when they do have money that could be allocated to this issue, the choice is not so simple. The switch not only costs a lot of money, but it is a switch that sounds easier than it actually is. Old documents and
records have to become digital and then hospitals have to worry about securing and protecting the digital records.

This is the second issue that occurs. By making all records digital, hospitals have to make sure that the records and charts are always available. If a network is down, then doctors could lose access to the patient’s chart and records. For example, this could cause huge issues if a patient is coding. Furthermore, hospitals become a bigger target for cyberterrorists, as taking down or invading a network could cause bigger issues as now people’s private information can be accessed.

An alternative, as mentioned in one of our previous blogs, is the direct standard. The direct standard is a digital method of sending documents that are encrypted and only gets sent to authorized users. Konica Minolta has worked hard to allow their multifunction printers to have
their direct messaging with a partnership with Kno2. To learn more about the direct standard, read our blog about it. 

Does this mean fax will die? No, not exactly. Fax still has a place in the workplace, as it is a secure way to send documents. Furthermore, many businesses are still using fax; it is still a valuable method of document transfer. Another reason is that fax can still be used during network outages. This means while many businesses are exploring other options to document
transfer, fax has a valuable lifespan

When you run a company that users have an account with you, it is important to protect their data. Securing their email, password, and other personal data is crucial. Recently, it was reported that Facebook was storing 1.5 million Instagram passwords in plain text. This means that the storage of these passwords were basically the passwords in a word document. There was no encryption of the passwords, which means the password is encrypted into ciphertext (which takes the password and uses a method for turning into something that looks random). The way it is encrypted and decrypted is using a key. The only issue with this is if a hacker can get access to the key, they can decrypt it and have the passwords. So, what should businesses do?

First, they can use salt and hashing. What salt does is take the person’s password and adds to it. This is usually a few letters and numbers. Then, it hashes the password to make it random letters and numbers. The strength of this can also be a downside. Hashing is impossible or really difficult to reverse, so what are other options for businesses? One is to force stronger passwords. One way is to not allow common phrases, such as qwerty or 12345. Other ways are to require an uppercase, lowercase, a number and a character. This ensures the passwords are hard to crack. Furthermore, including 2FA, or Two-Factor Authentication, and restricting the use of old passwords ensures a stronger password and security.

Protecting your customers data is important and the right thing to do. Customers put their information in your hands and expect you to protect it. The lack of protection can cause serious  issues. People’s passwords getting taken which could lead to their account being accessed by someone not authorized. Furthermore, it can lead to issues for your company. Lawsuits, fines loss of business and trust are all things that could happen. So being proactive and protecting their information is not onlt the smart thing to do, but the right thing to do.

Many companies are looking towards the future and are aiming at becoming sustainable. Konica Minolta is one of the companies that has been committed to that idea. Back in 2009, Konica Minolta announced Eco Vision 2050. This idea was to reduce CO2 emissions, promote recycling and restoration of the environment. As of 2013, Konica Minolta reduced their CO2 emissions by about 55% from their 2005. These goals have been furthered now with Konica Minolta joining RE100.

RE100 is a global initiative with the goal of having companies use 100% renewable energy. RE100 is led by the Climate Group in partnership with CDP. Over 150 companies have joined RE100 so far, including Apple, Coca-Cola, Nike, and many more. Joining RE100 will further Konica Minolta’s stance of sustainability and becoming environmentally conscious. Additionally,  Konica Minolta’s medium and long-term policies will help accomplish this. They plan to begin with production plants outside of Japan.

In today’s business world, faxing is still a big part of how businesses communicate with each other and with their customers. Fax machines are older technology, and that means the security for faxes are older to. This means that while people view fax as a safe means of communication, they actually are very prone to attack. All it takes is a hacker to send a malicious fax to the fax machine, and then the hacker will have access to the network that the fax machine is on. So what is the solution?

There are multiple solutions for this issue. One way to fix it would be having your fax machine on a different network. So if a malicious fax is sent to the fax machine, then it would not have access to anything because the fax is isolated away from employee or personal computers. Additionally, Konica Minolta machines will block off any communication that is not a G3 protocol.

When reading this, you may have some questions. Those questions could be:

Can my fax machine be hacked into?

Is my network safe?

What steps can I take to prevent this?

Should I be worried?

It is always a good idea to make sure your business’ and client’s information are safe. If you have any other questions, then give us a call and see how PDP can help you.

It happens all too often that small businesses, large corporations, and even government offices overlook gaps in security measures or even ignore them entirely.

A recent audit of Nevada’s Department of Administration’s Human Resource Management division revealed that the state office had personal records and information such as the Social Security numbers of over 145,000 current and former employees stored on unencrypted databases. Former employee computer user accounts had not been disabled, computer operating system security updates had not been performed, and copy machine hard drives were not routinely erased, leaving this information to be relatively open to outside threats. Much of this stems from poor communication between the state office and their IT provider, Enterprise Information Technology Services, who claimed they were unaware of the need for security measures to be enforced as well as a data encryption and erasure routine to be followed. This goes to show how crucial it is to effectively consider and communicate the needs of your business when putting its well-being in the hands of someone else.

As a business grows and changes, the concept of security tends to grow along with it. It is important to take a moment and ask what security means for your business:

“How can I keep personal or sensitive information from falling into the wrong hands?”
“Do we need a full-time security guard?”
“Should employees require key card access to open certain doors, log into computers, or use copy machines?”
“Is my network protected from outside threats?”
“Is my IT provider engaged and aware of my security needs?”

Asking questions like those above is a great start to protecting your company and its client base. Don’t wait for an audit to discover what is happening in your organization, give us a call now to see how PDP can help!

Check out the Review Journal’s article here.

IMG_20150811_115641

All of us who live in this interconnected world are familiar with the password polka. We have files or black books filled with the myriad passwords required for our activities from banking to fulfilling our pets’ medications. We attempt to log into sites which have inevitably required a password change two weeks ago. We try to change our passwords per the requirements of our benevolent policy overlords only to discover that we have already used that password, or we are required to use the special characters !@#&@ and one UPPERCASE.

!@$& is right.

One of the biggest frustrations we experience as both consumers and IT professionals has to do with this !@$&-ing dance. In fact, according to the Gartner Group, password resets consume 30% of all IT call volume. And at an estimated 25$ per call (Gartner estimates this amount to be higher at $70 per call) with an average of 1.75 calls per month per person (META Group), this places the cost to a company of 50 employees for password resets alone to nearly $8,000!

And this is where the frustration for the benevolent policy overlords begins. An aggressive password reset policy will undoubtedly increase this number, but $8,000 is small price to pay for the risk mitigation that comes with strong password rules. In fact the risk of exposure, data loss or other more nefarious problems is more or less limitless.

Using this logic, we as IT administrators should increase the strength of our password policies and consider the cost on the support end just the cost of doing business. I have personally run into sys admins who require insanely complex passwords that reset on very short schedules. These security minded individuals believe that the cost of a breach is so severe that end user frustration and support costs are not worthy of consideration.

–And, they would be right…If it weren’t for a couple of big problems.

The first that we incorrectly assess password strength based on our own fleshy weaknesses. Consider the following “complex” password: 1Dr@g0n!

This passes some of the most complex rule systems out there, but could be cracked by a bot running on a low-grade PC in about 3 days…more sophisticated attacks would demolish this password.

This problem is summed up beautifully by the folks at xkcd.com (a wonderfully nerdy web comic).

password_strength

The other problem with using what we consider to be complex password policies is, as the comic so elegantly shows: we forget them. And when we forget them, we put them in our little black book, save them in a password file…with a password, probably, or simply write them down on a sticky and put it under our keyboard or on our monitor.

The last offense is obviously an unacceptable breach of password protection, but the sys admin would have no one to blame but herself. She created a password policy that broke the end-user thus leaving a huge hole in their security.

How do we get around this as both consumers and IT professionals? Well, here are a few suggestions:

There are many other authentication solutions to fit many applications, but they don’t all belong in the conversation about our some-time friend the password, so please forgive me if I have left your favorites out of the list. I hope this helps all of you dancing the password polka!

With the Clean Power Plan announced, I thought it might be interesting to see the current state of power generation throughout each part of the country. Check out these interactive charts and maps of the US’s sources of electricity.

Tired of waiting in long lines? Google recently added a feature that shows searchers the peak activity hours for millions of businesses.

image1_0

This feature could definitely benefit those of us looking to avoid crazy grocery shopping hours or dining times at our favorite restaurants.