Procrastination avoidance tips include:
Tip courtesy of www.attorneyprotective.com
Integrity First Corporation sends emails with encrypted ShareFile attachments for our clients’ protection. We want to protect YOUR personally identifiable information, or PII, for short. The email will say “This message contains attachments delivered via ShareFile” as shown below:
If you receive an email from INF with an encrypted attachment from Sharefile, DON’T PANIC! Just follow these 4 simple steps and you can retrieve the attachment in a snap:
Step 1 – The email will contain a link to the attachments that says “Download the attachments by clicking here”. Click on the “clicking here” link.
Step 2 – This will take you to the INF ShareFile portal via your browser. As seen in the image below, all of the attachments are selected for download by default. Make sure that only the attachments that you want to download have a check in their checkbox.
Step 3 – Click “Download” and your browser will download the selected files into your “Downloads” folder. Most browsers will show the download file in the bottom menu screen on the left as well.
Step 4 – Open your “Downloads” folder and retrieve your attachments!
Bonus Step 5 (If there are multiple attachments) – When there are multiple attachments, they will download as a zip file. To open the zip file, right-click on it and select “Extract All”.
This will create a pop up window, where you select “Extract”, and the individual attachments will then be available.
But wait! What if I don’t know how to find my “Downloads” folder?
To find your “Downloads” folder, follow these 3 easy steps:
Step 1 – Click on the Windows “Start” button
Step 2 – In the “Search programs and files” search box, type “Downloads”
Step 3 – Click on the “Downloads” folder that it finds.
Your downloaded files will be located within that folder.
With the onslaught of data breaches that happened in 2015 (about 65,000 according to the Verizon Data Breach Investigations Report), INF presents this multi-part blog series about keeping your data safe in the digital age.
Accessing Your Password Database on Different Devices
The last blog post of this series covered setting up a password database in KeePass and accessing it on your personal computer. This blog post will cover accessing your passwords on multiple devices.
Storing your Password Database in an Accessible Place
If you only want access to your passwords on your laptop or desktop, storing the database file (*.kdbx file) locally is fine. However, if you want to be able to retrieve your passwords from your phone, tablet, etc., the file needs to be stored in a cloud. If you already have a cloud account, you can store it there. If you do not have a cloud account and you won’t be using it for large files, Dropbox is great free option to consider (https://www.dropbox.com/). It takes about 3 minutes to sign up and you get 2GB of space for free. Your *.kdbx file won’t even use 1% of that amount.
Once you have your Cloud account set up, move your password database file to the cloud. This benefits you in multiple ways. First of all, you can access your passwords from all of your devices. Secondly, your password database will now be backed up on a regular basis. In fact, Dropbox keeps all deleted and updated versions of your files from the last thirty days. So, if you accidently delete your file from anywhere, you can restore it from dropbox.com.
Retrieving Passwords on your iPhone or iPad
If you want to access passwords on your iPhone, you need to download the app for the cloud that you are using onto your device. In the case of Dropbox, you will download the Dropbox app from the app store and use your account information to sign in. You will then need to download the app “MiniKeePass”.
To load your password database into MiniKeePass, open the Dropbox app (or your Cloud app) and click on your *.kdbx file. The cloud app will not be able to show a preview of the file, which is expected. Click on the icon of the square with an arrow pointing up, which should give you a menu with multiple options. Click the “Open in…” option and select “Copy to MiniKeePass”. This has now stored a copy of the password database in your MiniKeePass app. This is important to note as it is just a copy. If you make changes to the file on another device, you will have to go through the process of loading your password database again.
The actions above will open MiniKeePass and display the database file. To open it, click on the filename. The app will ask for the database password. Enter your password and your database will display. You can browse by folder or you can use the “Search” box. To use the passwords, click on an entry and click on the username or password. This copies that text to the clipboard. You can then paste it wherever you would like.
Retrieving Passwords on your Android
If you want to access passwords on your Android, you need to download the app for the cloud that you are using. In the case of Dropbox, you will download the Dropbox app from the app store and use your account information to sign in. You will then need to download the app KeePass2Android from the app store. Launch the newly downloaded app and click the “Open File” button. You can browse to your password database file in your cloud and open it with your password. You will then be able to search for the password that you want and copy/paste it any location.
Retrieving Passwords on your Chromebook
If you are using a Chromebook, there is a strong possibility that the cloud that you are utilizing is Google Drive. Place your *.kdbx file in your Google Drive cloud and install the KeePass Chrome app. Open your new app and select “Open File”. Browse to your KeePass Database and enter the password. KeePass Chrome will open the file and you can use the passwords as needed.
I have read several articles and blog posts on cyber security and privacy data breaches but few pertained specifically to law firms. Fewer still provided information on actual breaches or cyber-attacks on law firms. The blog written by attorney Paul Lafayette on the Professional Solutions Web Site does a good job addressing this issue. Follow the link to read more………. www.psicinsurance.com/posts-articles/attorneys/risk-management/what-do-data-breaches-mean-for-client-confidentiality.aspx
It all starts out innocently enough. You decide to stop into your favorite coffee place. You order a drink, sit down, and pull out your laptop or other mobile device. You don’t want to use your precious data from your wireless plan, so you think “No worries, they offer free wifi here.” You connect to the free wifi and start browsing. You check your email, your bank account and then online shop while you finish your drink. A perfectly innocuous afternoon…or so you thought. Little did you know that the person sitting across from you, seemingly having a day similar to yours, was capturing all of your online movements and information. They were then able to check your email, access your bank account and shop online using your PayPal and Amazon accounts.
They were able to gather all of your information using a fairly simple program called a packet sniffer (or packet analyzer). These programs are easy to install and use, but best of all, some of them are free, or so a hacker would say. Because it is so simple, this exploit is used all of the time with free wifi.
When you go online using a wireless connection, you communicate via packets with the router. Packets contain all of the information for the web page that you are using, including any text that you may type, such as your credit card information or passwords. One web page can consist of multiple packets. A packet sniffer can connect to the same wireless network and collect copies of these packets. It then will put the packets together like you would piece together a puzzle. Once the sniffer has put the pieces back together, the person implementing the sniffer has the information of everyone on the network for the entire time that they were there.
The reason that packet sniffers work with free wifi is because there is no encryption algorithm in place. If the wireless router employs an encryption technique, the packets become encrypted, and thus, unreadable to the sniffer. They can still collect your packets, but they can’t do anything with them. It would be like someone having a puzzle where none of the pieces fit together. With encryption, the router knows how to decrypt your packets, but no one else can.
If you are required to enter a password for the wireless network, that normally means that it is encrypted. However, if the password is known to everyone, then the packet sniffer knows as well, and you are back where you started. Therefore, you want to connect to a network that has a protected key.
Before connecting to a network, look to see the encryption type. You want to make sure that it is WPA2. Two types of networks that you want to stay away from are WPA and WEP. These are easily hacked and thus, should never be used. If you are on a WIndows machine, to see the encryption type, click on the wireless indicator and select your network. The encryption type will be displayed under “Security Type”.
But wait, I still want to be able to use free wifi…is that even possible?
It is possible to save your data plan and still make use of the free wifi when you employ a virtual private network, or a VPN. When you use a VPN, it encrypts the packets for you only, thus making your packet puzzle impossible for a packet sniffer to solve. Using a VPN is easy, as you just sign up for a VPN account with one of the many VPN providers. The cost is normally less than $50 per year.
You can use your VPN account with all of your devices. Generally, tablets come with the functionality for a VPN connection built into the settings. You will need to consult the VPN service that you signed up with for specifics. If you want to use the VPN on a laptop or desktop, you will generally need to download an executable program from the VPN service and install it. Then, every time you want to connect to a free wifi network, you will launch the VPN program first, sign in, and then feel free to safely browse the internet in obscurity.
I don’t want to sign up for a VPN and I don’t mind using my data.
If you don’t mind using your data in your phone plan, then connecting to your phone or tablet’s personal hotspot is the most secure option. Simply turn on your hotspot and connect your device. You may be using your data plan, but you can do so knowing that your data is safe.
Don’t give informal legal advice to friends or family.
Don’t give informal legal advice to friends or family. It can be tempting at a party or family event, but it could be harmful to both yourself and the receiver of the advice. Your advice, given casually, may be less well thought-out than usual, or not backed by needed research. Also, you could be creating a conflicts issue for yourself by giving advice to a person who has not been through a conflicts of interest check first.
Tip courtesy of www.attorneyprotective.com
INtegrity First Corporation attended the Westmoreland County Bar Association Bench Bar at Nemacolin June 8 – June 10, 2016.
Don and Mark attended the Golf Event on June 8 and shot a great round!
Everyone attended the Vendor Fair on June 9th. It was great to see all of our clients from Westmoreland County and the event was excellent! It was nice to celebrate our 10th anniversary with the Westmoreland County Bar Association.
Wow, 10 years!
It doesn’t seem possible that it was 10 years ago that we opened our doors as a start up agency with no clients, no carriers and yes no revenues. Talk about a scary proposition. My friends and collegues looked at me with skeptical smiles and that “really, are you sure look?” I learned from Day 1 (about 3600 days ago) that it wasn’t going to be easy, romanticized or an instant success. It was going to be hard work, long days that turn into long nights, stressful and at times crazy. Crazier, I would do it all over again.
We have had many successes and some disappointments too but we are not finished building the INtegrity First dynasty! We have many more long days and long nights ahead to get to where I/we want to be as an agency! To take a lyric from a favorite singer we want to be king of the hill, top of the heap A#1!
It has been a wild ride, I have said many times, “it is the most excited I have been and at the same time the most scared I have ever been.” Kind of like raising children. I have two so I know! Something else I know; We would not be here for 10 years without the support of our clients. I truly appreciate the loyalty, support and the encouragement that our clients have provided through the years. Our clients have many choices when it comes to choosing a broker and the fact that they choose us and remain with us is very humbling. My thanks go to each of our clients past and present. I look forward to serving them for another 10+ years.
Thanks again,
Don
Unfair or not, lawyers have to be more careful than the average person when posting online. Don’t be casual. Don’t post anything about a specific legal matter or client. Include disclaimers. Remember that the Model Rules of Professional Conduct apply to your actions online.
Tip courtesy of www.attorneyprotective.com
With the onslaught of data breaches that happened in 2015 (about 65,000 according to the Verizon Data Breach Investigations Report), INF presents this multi-part blog series about keeping your data safe in the digital age.
Password Management Programs
As promised in Part 1 of this series, this blog entry will cover setting up and using a password management program. There are many good password management programs available, such as LastPass, KeePass and 1Password, and the cost of the program varies anywhere from free to around $100. If you are like most users, you need a password management program to:
Fortunately, there are multiple free programs that fit the above criteria. KeePass does all of the above and more. It is free and open source, which means that there is no chance of a security issue, because there are thousands of developers that have reviewed the code. In this article, we will cover the installation, setup and a few highlights of this program.
How to Set Up KeePass
To download the latest version of KeePass, go to: http://keepass.info/download.html. We recommend downloading the most recent version of the “Professional Edition”. The download link will take you to Sourceforge, which is where the download is stored. Save the setup file and then run it. Select your language and accept the agreement. Most people allow the program to be installed on the C drive. Install the program, keep “Launch KeePass” checked and click “Finish”.
KeePass will launch, as shown below:
The first thing to be done is to create a new database file that will store all of your passwords. Go to File > New. This will bring up a dialog box, asking you the location to save your password file. We recommend saving it in a cloud, such as Dropbox or Microsoft OneDrive. This way, you will be able to access your database from any device that has access to your cloud account. Take note, the file extension will be “.kdbx”. Name your file, then click “Save”.
This will bring up the dialog box to create the master key:
The master key is simply the password that you need to open the database file. This will be the only password that you need to remember from now on, so you need to make it secure. See Part 1 of this blog series for tips on creating a secure password. Enter your master password twice and click “OK”.
This brings up the next dialog box, which specifies the settings for the password database:
The default settings are adequate, so no need to change them. Press “OK” and you are done with the setup. KeePass will be opened to your new database.
Creating a New Entry in KeePass
To create an entry in KeePass, click the “Add Entry” button (the yellow key) or press Ctrl + I. The “Add New Entry” dialog box will appear:
The title field should be a description of the username and password that you are going to enter, such as “Susan’s PNC Bank Account” or “Andrew’s Chase Visa Credit Card”. The username field should be your username, which is normally an email address. By default, KeePass provides a 20-character alphanumeric password. To display this password, click on the button with three dots to the right of the password field. If you would like to change the character set or length, click on the “Generate a Password” button (it looks like a key with an orange burst) and select “Open Password Generator”.
This will open the Password Generator window:
Select the character set checkboxes that you would like the password generator to use. You can also change the length of the password. Once you have the settings to your liking, select “OK”. The password will now use the settings that you selected.
The other option is to enter your own password. You can delete the one that is generated and enter your own. Fill in the URL field with the web address of the sign-in page that corresponds to the username and password. You may choose to put in an expiration date for the password as well as set a reminder alarm. Finally, if you have any notes that go with this entry, such as a security question/answer combo, you can enter it in the “Notes” section. Once the password entry is to your liking, select “OK”. You will now see your entry in the main right-hand window pane.
To edit the entry, double-click on the title and the “Edit Entry” dialog box will pop up:
Make any necessary changes and press “OK”. To save your database, click on the “Save” button, which looks like a blue disk. You will want to create an entry for every password that you have.
To help you organize your passwords, KeePass provides categories on the left-hand side of the main window. Simply drag and drop your entries into the categories that they belong to. You can also add categories, if the existing ones do not fit your needs.
Using your KeePass Database
Now that you have populated your database, the next step is using it! To open your browser to the sign in page of an entry, double-click on the “URL” field in the right-hand window pane or highlight the entry that you want to use and press Ctrl+U.
Your browser window should automatically open to the sign-in page corresponding to that username and password. If the page has both the username and password fields on it, put your cursor in the username field and then go back to KeePass. Make sure that entry is highlighted and press Ctrl+V. This will automatically fill in the username and password in the browser.
Alternatively, if you want to enter the username and password yourself or if they are on separate pages, you may do the following:
Please keep in mind that KeePass only keeps the fields copied for 12 seconds, so you must do the steps above fairly quickly.
Part 3 of this series will cover accessing your password database on different devices.