Mobile Devices: The Next Target for Cyber Criminals

By: Anders Erickson, CISA, CISSP, CRISC

In the most recent Threat Intelligence Report publish by Nokia, researchers found that software viruses or malware infecting mobile devices (e.g., cell phones and tablets) had increased 83 percent in the second half of 2016.  The report suggests that this increase represents a shift from hackers targeting traditional computers to going after mobile devices.  One of the most common methods of infecting mobile devices is through “Trojan” apps.  Like the Trojan Horse of Greek mythology, these apps look like a game or something harmless but when they are installed on a mobile device, they execute malware that allows a hacker to access or steal data from that device.  One thing users can do to protect themselves from these types of viruses is to avoid downloading apps from locations other than the Apple or Android app store.

Many nonprofits allow their employees to access organizational data through their mobile devices.  Whether that’s emails, files, or the corporate directory, the access they provide to their employees represents a significant business risk.  If not properly protected, malware infecting an employee’s mobile device can place our client’s data in jeopardy.  Eide Bailly’s Cyber Security team can assist your clients in protecting their data on mobile devices by:

  • Helping establish a secure mobile device policy;
  • Implementing mobile device management (MDM) software, which allows our clients to safeguard corporate data on their employees’ mobile devices; and
  • Educating employees on the dangers of mobile devices and how they can help protect themselves and their organization.

If you have any questions about these services or would like to better understand how we can help our clients feel more confident about their cyber security, please contact Anders Erickson, Director of Cyber Security Services, at or (208)383-4731.

What You Need to Know Before Upgrading Your Operating System

Mike ArvidsonBy: Mike Arvidson

By now, everyone should be aware that Windows XP is an unsupported, unsafe operating system for business and personal use in 2016. Perhaps lesser known is that Windows 7, XP’s rightful heir in many organizations, entered end of mainstream support last year. In fact, all support options for Windows 7 from Microsoft have expired except for extended support — offered through January 2020 — which only offers security updates, pay-per-incident system support, and access to Microsoft’s Knowledge Base resources.

With this in mind, many organizations today need to be considering their OS contingency plan. After all, 2020 is not far off.

Those businesses aiming to be proactive with their OS migration may also be interested to know that Microsoft’s free upgrade offer for Windows 10 expires on July 29, 2016.

Now, not every organization will have access to the free offer; Windows 7 and 8/8.1 Professional editions are eligible, but Enterprise versions are not. Whether or not your business is able to take advantage of the free upgrade depends on your particular Windows licensing agreement. As a general rule, if your business purchases your software licenses as you add PCs, you should have the ability to upgrade for free. If, however, your organization practices volume licensing, you will likely not be eligible. Check out Microsoft’s FAQs resource for more information on upgrade qualifications.

Regardless of if you can upgrade for free, Windows 10 is a practical and proven platform for businesses today, particularly for those organizations already operating on the Windows platform.

There are, of course, key considerations when weighing a move to a new operating system — Windows 10 or otherwise. To help, we’ve compiled our list of the priority questions to be asking internally to ensure your environment is prepared for an upgrade.

Key Considerations

  • Will your current hardware meet or exceed the new operating system requirements?

RESOURCE | Windows 10 Specifications

  • Do your line of business (LOB) applications work on the new OS? Does the vendor for each business-critical application confirm that they will support their application on that operating system?
  • Does your current endpoint protection software — antivirus, et al. — operate on the new system?
  • For Windows 10 upgrades in particular, are there any web based applications you use and do they support Microsoft Edge or Internet Explorer 11? Are there any browser plugins that need to be supported by a newer edition of IE?

READ ON for the final three questions to ask before upgrading your business’ OS and gain some helpful tips for moving forward.

Creating a Technology Plan – Overcome the Fear

TechnologyMany nonprofit organizations create strategic plans, but not as many include technology into their long-term plans. Often a fear of technology is a barrier to effective technology planning. Organizations don’t know what they don’t know and that fear can cause them to make poor decisions or to avoid making decisions.

To alleviate that anxiety, management needs to become educated. This isn’t to say they need to become experts in technology, but attending workshops and seminars related to technology is helpful. Learning the terminology and understanding the basic concepts make navigating the process more comfortable. It is also helpful to reach out to similar organizations to discover how they use technology and what processes they have in place to plan for future technology needs.

There are a number of websites devoted to the use of technology in nonprofit organizations and creating technology plans. Assign someone with an interest in technology the task of reviewing options and summarizing opportunities. This can then be the starting point for an effective technology plan.