(888) 208-0020 prs@auaus.net

We can advise you on remote user apps and providers

Here is an article I found that may interest you re. remote workers. It is a generic article… I hope it helps you better understand the Cloud.
https://hbr.org/2020/03/a-guide-to-managing-your-newly-remote-workers
 

 

  • Remote Desktop Software for your Windows, Chromebook, and Mac computers
  • Fast, simple, and secure remote access. Have complete access to your computers, apps, and files from home, the airport, or anywhere else in the world.
  • Access from any Windows, Mac, iOS, Android, or Chromebook device. Fast connections with HD quality and sound. Work-anywhere, https://www.evolveip.net/virtual-desktop, is easy to use with no lag. Starting at just $ 25.00/month. Save up to 80% compared to other products.
  • Evolveip is one of our 75 channel partners that can offer IT /telecom/and internet solutions
  • Contact Us and we will help you determine which is the best path for you

Passwords are not fun and this guy got it wrong

https://www.popularmechanics.com/technology/security/news/a27676/

the-man-behind-your-password-requirements-admits-he-was-wrong/ the-man-behind-your-password-requirements-admits-he-was-wrong/

Man, Behind Password Requirements Admits He Was Wrong
Those annoying password requirements like ‘must have at least one special character?’ They do more harm than good.

BY AVERY THOMPSON
AUG 8, 2017

It is tough to create a good, secure password. It is tough to even agree on what makes a password strong in the first place, but most of the websites you will visit probably recommend numbers, capital, and lowercase letters, and probably a random symbol or two. This was the recommendation of Bill Burr, who created those password guidelines while working for the National Institute of Standards and Technology back in 2003.
Now, almost 15 years later, Burr finally admits he made a mistake. In an interview with the Wall Street Journal, Burr expressed his regrets for giving advice he now realizes was flawed.us Viday Next Video
Unmute
rent Time 0:03
Loaded: 44.96%
Remaining Time -1:31
Captions
Fullscreen
The problem is not that passwords with random numbers and symbols in them are not secure. They can be, especially if a random password generator is used to create secure passwords. The problem is that humans suck at remembering passwords filled with random numbers and symbols, so they typically create simpler passwords that are easier to guess.
If you have ever had to come up with a “secure” password, you probably did the same thing as almost everyone else—pick the first word that comes to mind and substitute a few numbers and symbols for letters. An O becomes a zero, a 1 becomes an exclamation point, and now you have what looks like an impossible-to-crack password.
But you are not the only one doing this, which means that hackers routinely try to guess these common substitutions. These simple instructions double as a handy guide for attack by password crackers. Ironically, Burr’s password security guidance ended up making passwords less secure.
Burr’s admission comes at a time when “secure password advice” is becoming mostly irrelevant. There are several services like LastPass and OnePass that will generate secure passwords for you and remember them so you don’t have to. And hopefully in a few years we will have replaced passwords entirely with some other sort of tech all together.
Of course, all of this is pointless if you don’t care about having a strong password in the first place.
Source: Wall Street Journal via The Verge.

Solving the password problem article from popular mechanics
https://www.popularmechanics.com/technology/security/how-to/a8650/solving-the-password-problem-14993917/

SOC 1 and SOC 2 compliance Our vendors go above and beyond to meet the SSAE 18 requirements. acginfo.biz

SSAE 16, SSAE18, SOC 1, SOC2: What they are and why you should care
Editorial Team
July 11, 2017 by Editorial Team (39posts) under HIPAA Compliant Hosting
0 Comments
1
Cloud computing has revolutionized the world of software licensing, but it has also opened the gates to new security risks. In the past, if a company wanted to add new software, it had to endure long installation processes on local servers. This gave companies the opportunity to verify the reliability of their systems, while local hosting gave them more control over their data. However, it was also immensely time-consuming and costly to set up and maintain.

Risks and Opportunities of Third Party Hosting – How SSAE 16, SSAE 18, SOC 1, and SOC 2 Help
Today, adding software to your organization can be as quick as logging into an online platform. It offers a major competitive advantage, especially when coupled with flexible payment plans. Engaging a service provider enables your organization to become more efficient in record time. There is no need to reinvent the wheel and create security protocols and software installation from scratch. You can be up and running within weeks or even days. Need to host an app? Find a cloud hosting provider who already has servers set up so that your team can focus on building the app and prepare it for launch.

However, hosting in the cloud means that you have limited control over your data and knowledge of its location. This lack of control can become a significant liability to your company, especially if the data in question belongs to your end users. In the event of a data breach committed by the provider, you will be the one held accountable to your end users. Therefore, ensuring the security, integrity, confidentiality, and privacy of your sensitive data should be of paramount importance.

Question of Reliability
If you are a company that chooses to store and process your end users’ personal or confidential information with a third-party provider, you have a list of concerns to address. It is your responsibility to verify that the third-party provider is dependable, their system is functional and has proper safeguards in place.

You may think that hosting your data locally seems to be the wiser choice. The reality is the cost of building a system that integrates a variety of functions, which is what most businesses need to remain operative, can be extremely high and a headache to maintain. (See our article How to Become HIPAA Compliant to assess the scope of creating a secure HIPAA hosting environment.) It makes more sense to outsource.

The key is to employ the services of a provider that is properly certified and meets the demand for confidentiality and privacy of information. This is what you’ll need to guarantee your users’ trust, especially if you are dealing with financial or health-related personal data. To obtain this assurance, you are entitled to require from the service provider a proof that it has proper controls in place, as verified by a third-party accounting firm. This proof comes in the form of SOC 1 and SOC 2 reports.

Finding the Right Kind of Provider
SOC (‘Service Organization Control’) reports were created by the AICPA in order to set compliance standards and keep pace with the rapid growth of cloud computing and businesses outsourcing their services to third-party providers.

Before AICPA drafted the SSAE 16 standards and the SOC reports, it had a single examination for Service Providers based upon Statements on Auditing Standards (SAS) 70. This standard was launched to ensure that third-party providers had the proper controls in place to prevent the service provider from having an errant material impact on its customer’s internal control over financial reporting (ICFR). With the development of cloud computing and an increase in the number of companies entrusting third-party providers with their customer data, a need emerged for a standard that expanded beyond financial controls to also include security and confidentiality of the entrusted data. To clarify the new set of standards and include new business practices, the AICPA replaced the SAS 70 report with the SOC framework.

What Is SSAE 16?
SSAE 16 stands for Statements on Standards for Attestation Engagements No. 16. Effective in mid-2011, this new auditing standard superseded the SAS 70 standard. According to AICPA, the SSAE 16 requires companies, like data centers, to provide a written report that describes any and all controls at organizations that provide services to customers when those controls are likely to be relevant to user entities internal control over financial reporting. In May of 2017, SSAE 16 was super-ceded by SSAE 18.

What Is SSAE 18?
In the Spring of 2016, the AICPA’s Auditing Standards Board (ASB) completed the clarity project, the result of which was the issuance of SSAE 18, “Concepts common to all Attestation Engagements”. As the SOC 1 is an attestation engagement, the SSAE 18 standard will apply to SOC 1’s and supersedes the SSAE 16 standard. The SSAE 18 standard will go into effect for reports dated after May 1, 2017. It is important to note that the SSAE 16 standard was specific to service organizations and the SSAE 18 is for all attestation engagements which essentially means that referring to a SOC 1 as an SSAE 16 examination will go away and will not be replaced by the term SSAE 18 examination but will be referred to simply as the SOC 1.

What Is SOC 1?
The SSAE 18 SOC 1, sometimes just stated as SOC 1, is the report you get when you are audited for SSAE 18. The SOC 1 Type 1 report focuses on a service provider’s processes and controls that could impact their client’s internal control over their financial reporting (ICFR). The examination helps ensure that both the system and personnel responsible for these controls at the third-party provider are doing their job in a manner that will not adversely affect their client’s ICFR. This report is key with respect to services such as payroll and taxation since when performed by a third-party provider, such services will have a direct impact on a client’s ICFR. For example, if you outsource payroll management to a provider that doesn’t have the proper controls in place, you risk payroll errors in your internal data. This will come with problematic consequences since, in the end, you will be held accountable for those errors.

What Is SOC 2?
The SOC 2 is a separate report that focuses on controls at a service provider relevant to security, availability, processing integrity, confidentiality, and privacy of a system. It ensures that your data is kept private and secure while in storage and in transit and that it is available for you to access at any time. This is a crucial report for any type of data that you entrust with a third-party provider, whether it includes large video files or confidential medical records. The latter case falls under strict compliance rules that require extensive controls. (To learn more, see our blog: The Beginner’s Guide to HIPAA Compliance.) If you use a third-party CRM provider, for instance, the SOC 2 report will verify the provider’s ability to keep the records online and the identity of your customers secure and in line with your own Privacy Policy.

The SOC 1 and SOC 2 reports come in two forms: Type I and Type II. Type I reports evaluating whether proper controls are in place at a specific point in time. Type II reports are done over a period of time to verify operational efficiency and effectiveness of the controls.

TEAMS can help your co, but you need the right telecom system as well

MICROSOFT OFFICE 365, TEAMS, and THE RIGHT VoIP CLOUD-BASED TELECOM SYSTEM WILL ELIMINATE YOUR PHONE BILLS, REPAIRS, and REPLACEMENT. More below
Call us for details. 877 208 0021
Text 941.900.6220
What can Office 365/TEAMS do for your business? The rise of the always-connected, multi-device consumer coupled with the proliferation of data and resources available online has resulted in a transformational shift in the workplace.
Today we are all faced with rapidly changing business requirements and need a platform that adapts quickly.
Office 365/TEAMS offers the ability to quickly build, test, deploy and manage applications through a global network of data centers.
NEXT GENERATION TECHNOLOGY FOR YOUR BUSINESS –
•Your Office – when and where you need it
•Work together – collaborate with others in real-time
•Built around you – just sign in and pick up right where you left off.
Whether you’re looking for cost-effective storage, scalability with your data or disaster recovery security, we’ll help you get there. resulted in a transformational shift in the workplace.
Today we are all faced with rapidly changing business requirements and need a platform that adapts quickly.
Office 365/TEAMS offers the ability to quickly build, test, deploy and manage applications through a global network of data centers.
NEXT GENERATION TECHNOLOGY FOR YOUR BUSINESS –
• Your Office – when and where you need it
• Work together – collaborate with others in real time
• Built around you – just sign in and pick up right where you left off.
Whether you’re looking for cost effective storage, scalability with your data or disaster recovery security, we’ll help you get there. Text or call 941.900.6220