Log in


Connect with TECH NEWS and discover emerging trends, the latest IT news and events and enjoy concrete examples of why Technology First is the best connected IT community in the region.

LOOKING FOR MORE WAYS TO CONNECT?

Subscribe to our newsletter

Contact Us

Submit a Blog Article


<< First  < Prev   1   2   Next >  Last >> 
  • 1 Jan 2021 2:49 PM | Kaitlin Regan Quellhorst (Administrator)

    Tim O'Connor, Manager, Knowledge Services (vCISO), Cadre Information Security

    As a business professional, why should you care what your employees post on social media?

    Even before COVID-19 caused the mass migration to a remote workforce, many successful hacks into organizations originated from an employee’s personal device (e.g. cell phone, tablet, laptop) or from information leaked from a personal social media account. I am NOT suggesting that organizations play “big brother” and attempt to police the personal affairs of employees online, but I am going to make a case for education, awareness, and due care.

    While we can’t (and should not want to) dictate what our employees share about their personal lives on social media, we also can’t escape the fact that poor social media “hygiene” is a risk to the organization. Employees will forward emails between work and home accounts and use similar passwords for personal accounts and work accounts.

    The most effective way to mitigate the risk of users “taking malware to work” is a good Security Awareness Program designed with the help of a trusted advisor. In this article, we are going to cover a few of the worst kinds of behavior that your employees will hopefully avoid, once they receive proper training. When sharing this information it is critical to let the employees know that good social media hygiene helps protect not just the organization but also themselves, family, and friends. You may wish to convey the information in this article to your staff and partners.

    It’s All Fun and Games Until Someone Gets Hacked

    Games are fun and one of the attractions of social media is sharing personal trivia with friends and family. I am not going to ask you to stop playing games, but it is important to recognize that some of the games on social media have been designed by evil hackers.

    Many of these games look innocent and don’t SEEM to give away any information to hackers, but hackers are a crafty lot. Many of these games, like the popular “what is your elf name”, ask for your birthdate or a part of your name as part of the process. Others ask about your favorite pet or your phone number. What could be wrong with these games?

    The way it works is that evil hackers simply reverse your post to find out pieces of your birthday, phone number, and/or favorite things (people often use favorite things like pet names as passwords). After you answer one or more of these quizzes, enough of a profile is built to allow the evil hacker to guess likely passwords or forms of authentication such as the last digits of your phone number. With this information, for instance, they could steal your pharmacy prescription:

    A legitimate question upon seeing the hackers game shown here is, “why would knowing only the last two digits of my phone number be a risk?” The answer is that knowing this is a gold mine to a mentalist or an evil hacker as this reduces the possible remaining numbers to a manageable sum. The evil hacker can use another game or source to get the other digits or might just use them to CONFIRM other information that can be found publicly as they build a profile on you. In the social media post above, we found people even offering up remaining digits as part of the fun of the game. You can find out more about the “Elf Name” hacks and the relationship of mentalism to Social Engineering here.

    What is Amen farming and what harm could it possibly do?

    “Amen Farming”, also known as “Like Farming”, is a social media hack that tries to compel people to quickly post a one-word comment about a compelling subject. On the surface, it would seem that this is no different than sharing any other meme and making a comment. It turns out on further examination though that this is a powerful psychological tool that can exploit the privacy settings of respondents.

    As a security professional, I am extremely fascinated by the many ways Amen Farming can be exploited. I ALMOST don’t want to warn my friends just so that I can track the methodology of the hack. There are almost a dozen ways these posts can assist evil social media hackers. The first is that many more people will respond to these one-word memes than would respond to a regular discussion. When a long chain of shares and comments are built, this allows the original posting account to mine information from the replies that would normally be blocked by privacy settings. We don’t know all the ways this information can help evil hackers but we do know it assists them in profiling accounts and building up the reputation of an account that they will later use for friend invites and misinformation campaigns.

    This practice has become such a gold mine for evil hackers that they often don’t even bother to make up their own memes. They just find a popular one and photoshop “say amen” or another phrase into the meme graphic as in this example.

    The best thing to do is to NOT SHARE these memes and of course don’t type “amen”. When you see someone sharing these kinds of memes let them know it might be a scam and point them to this article or the one from “That’s Nonsense”: (https://www.thatsnonsense.com/facebook-like-share-photo-scams-dont-make-scammers-rich/).

    If you MUST share the meme, don’t share it from the original account. Download the graphic and then reshare it as your own content and also make sure your social media privacy settings are set to “friends only”.

    Fact-Checking Hoaxes

    If you are reading this article I suspect you already know that spreading hoaxes on social media is a bad thing and should be avoided. Therefore, I won’t be going into much detail but I would be remiss if I did not include this in our list.

    An interesting new development in the “fake news” wars is that scammers are now doing their best to discredit fact-checking outlets. This makes perfect sense as the ploy to “shoot the messenger” goes back long before social media. You should not take the word of a fact-checker until you verify the contents of the article and the sources used for fact-checking. While statistics show only a very small number of fact-checking articles from well-known sites ‘get it wrong,’ it still can happen. In practice, however, it seems hard to get your crazy uncle to do ANY fact-checking much less use additional due diligence. For yourself, some fact-checking is better than none and I would urge you to read the entire write-up from the fact-checker.

    If your crazy uncle does not believe any fact-checkers, try going to the sources in the fact-checker article and posting those directly.

    “Watch Out For This Hacker” Warnings

    Several times a year instant messaging hacks show up warning people to not befriend some ‘famous’ evil hacker. A recent example is the “friend request from Jayden K. Smith” hoax. Since Jayden K. Smith is not a real person and she won’t actually send anyone a friend request, what is the harm?

    The harm from these kinds of messaging scams is similar in some ways to Amen Farming. The evil hackers are building profiles and networks and as an aside, they are helping to muddy the water and discredit real notifications about social engineering. The principal difference is the media used, in this case, instant messaging services.

    Accidental Information Leakage in Social Media

    Never post your phone number, address, age, or passwords on social media. While I think most of us know that, you should know that this information can easily be shared inadvertently, often through photos.

    A good example happened last year when a photo of a government emergency worker was posted but on the monitor behind him was a post-it note with a government network password.

    Now that many of us are working from home, this kind of information leakage becomes much more common. Check to make sure any photos you post do not include shots of the desk where papers might be in sight or calendars on the wall. When you post a photo of that new item that just arrived in the mail, can you see your mailing address?

    Screenshots are particularly dangerous and should be examined and edited closely before sharing. Many people now use multiple monitors at home and don’t realize that a screenshot includes BOTH screens. Screenshots from phones and tablets are also possible sources of information leakage.

    Knowledge is Power

    I hope this article has helped you to become aware of some of the top common exploits that happen with social media sharing and that you will pass this information on to others.

    If your organization would like help in developing policies, Security Awareness Programs, or other related issues please let us know. We have lots of services, workshops, webinars, and direct help to you.


  • 1 Jan 2021 2:46 PM | Kaitlin Regan Quellhorst (Administrator)

    Paul Moorman, Technology First Board of Directors

    We wish our dear friend Steve Hangen the very best as he transitions to a well-deserved retirement after a remarkable career in Information Technology, leading teams at some of the Dayton region’s largest and best-known companies including NCR, Reynolds and Reynolds, WinWholesale (now WinSupply), and Mike-Sell’s.  We asked folks who knew him well to provide us with some recollections, and the words that flowed back included “admire, smile, leadership, consummate professional, consistent, calm, supported, mentor, wisdom and quiet confidence.”  He will be remembered above all for his caring and helping of others.  Steve wrote on his LinkedIn page that “the biggest blessing of my career has been the fantastic people that I have been privileged to work with across the years!”  Steve, the privilege has truly been ours.

    Ryan Kean, Kroger’s VP of Technical Strategy and Architecture, recalls Steve’s leadership style with the quote, “I had the opportunity to work in Steve’s organization at Reynolds and Reynolds.  He was very consistent in his communication and leadership.  He was calm, clear, and cared for his teammates.”  Don Kennedy, Practice Lead at Smart Data, adds, “I admire not only his “professionalism with a smile” manner but also how he has attracted and retained IT talent around him over the years as well as his ability to give back to our community with his time.”

    Steve was a guiding light for over sixteen years and one of the most important change leaders for Technology First, volunteering as Vice-Chair and Board Chair, serving many years on the Executive Committee and Board of Directors.  He was personally responsible for revamping the CIO Council into an attendee-driven group that delivers relevant, timely information and assistance to local IT leaders, and his is the format that all Special Interest Groups (SIGs) follow to this day.  His impact is best spoken in the following words from his peers. 

    Jim Bradley, VP of Information Technology at Tecomet, sums it up with, “Steve has been the consummate professional and a huge contributor to both Technology First and to me personally.  He modeled the CIO Council to make it what it is today, and countless IT Leaders have learned much through the years because of what he established and developed.  Steve also taught us all the value of peer connections and relationships.”  Bryan and Barbara Hogan, owners of Afidence, chime in with “Your work and leadership have truly built something that will stand the test-of-time!”   John Huelsman, IT Director at Hobart Services, relays, “Steve’s been a mentor for me for many years both professionally and personally.  His wisdom, experience, and quiet confidence inspire me to this day.  He has impacted me in profound ways through the years and I will be forever in his debt.”

    To our friend, all our best, and we hope our paths cross again soon as you continue to mentor our IT community in a new way!



  • 1 Jan 2021 2:39 PM | Kaitlin Regan Quellhorst (Administrator)

    Melissa Cutcher, Executive Director, Technology First

    Dear Friends,

    2020 has been the year of “you’re on mute”, “I forgot my mask” and wine with DeWine. I am grateful to close chapter 2020 and welcome 2021 with a great big socially distanced hug! 2020 wasn’t all bad. It’s been an outstanding learning experience for me both personally and professionally. I had the opportunity to meet Steve Hangen, Ann Gallaher, and many other great IT thought leaders in our region. Each one has demonstrated great leadership and grace during a year of stress, confusion, and uncertainty.

    As an organization, Technology First faced our own unique challenges. Pivoting from all in-person events, like SIG’s, Board and CIO meetings, to all virtual by April was no small task. In November, we produced our first virtual conference, Taste of IT. We hosted speakers and attendees from all around the United States! We will continue hosting events virtually until the Governor says we can go back to in-person. Until then, I look forward to “seeing” you at the next Technology First event.

    We have great plans for 2021! Look for:

    • §  Two new special interest groups: developers and cybersecurity
    • §  The Technology First web site will have a new look and updated features for our members
    • §  Expansion of our workforce development efforts
    • §  Continuation of building partnerships with other associations such as, The Circuit, Ohio-X, Ohio IT Association, SOCHE, DDC, JobsOhio and Dayton Area Chamber of Commerce

    The vision of Technology First is to develop our region’s future by engaging, expanding, and connecting the IT community. We plan to accomplish this vision by being the conduit for IT advancement in the region.

    Yes, 2020 was a challenge. But as a community, we are stronger, because we are together! We have virtually, gone into each other’s homes, connected on a deeper, more personal level seeing each other’s workspaces, meeting family members, both two and four legs.

    If you haven’t already, get involved in Technology First. Join us on social media, sign up for the newsletter and event email lists, make a donation before the year ends, volunteer at an event, and respond to our latest workforce survey.

    2021 – here we come!


  • 1 Jan 2021 1:11 PM | Kaitlin Regan Quellhorst (Administrator)

    Mardi Humphreys, Change Agent, Rainbow Data Systems, Inc. & Integration Edge

    I’ve disappointed Rick Springfield. He told me not to talk to strangers, but I lean more toward young Forrest Gump’s philosophy of business development. Remember the first time he got on the bus to school? There are plenty of services that allow your sales team to send hundreds of emails extolling the virtues of your products/services to strangers. There are even companies with the technology to make hundreds of cold calls for you and when the prospect answers the phone, transfer the call to a sales rep waiting to pitch. I’m usually a big fan of automation, but why would a company reveal their pain points to you when they don’t know, like, or trust you yet? This is why Relationship Marketing is so important.

    What Is It?

    Relationship Marketing is simply building long-term, trusting relationships with strangers; essentially, developing clients into friends. When your friends face challenges, you want to be the first person they contact for a solution. You should feel the same way about your clients. People need to know you’re authentic in order to trust you. You must be the same person to your clients as you are to your cousins. Unless you’re Tom Hanks, you can’t act like different people in your relationships. Being inauthentic is exhausting and counterproductive.

    How Does It Work?

    Mom is right. If you want to make a friend, be a friend. Take the initiative. Network. Communicate. Be curious. Provide value without an agenda. Businesses are run by people. Go where the people are. Get personal. Do your homework. There is so much information at your fingertips (e.g., company websites, LinkedIn, business newspapers/websites), find out what their business does and their role in it. Figure out how you can help. The companies you want to partner with need revenue to survive. How can your company help them either attract customers or save money on their operations? Do they have a problem your company doesn’t fix? Do you know someone who does? Introduce them. While this doesn’t bring you revenue now, proving you want what’s best for their business demonstrates you can be trusted to put their interests before your own. Having a mindset of their success means your success. We get further together than we do on our own.

    Why Does It Work?

    Giving your clients great experiences differentiates your company from your competition. You have to go beyond persuading them to believe in your brand. Your clients want to be seen. They want you to help them solve their unique issues. They want to give you permission to be on their team. They do not want content forced on them. They want to learn what your company has to offer and what you can do for them in their own time using the communication channels they favor. I can’t think of one business owner who enjoys having their day interrupted by a cold sales call or sifting through all the cold emails they receive daily. However, I can think of several who appreciated a congratulations-on-your-latest-success LinkedIn message.


  • 1 Jan 2021 1:02 PM | Kaitlin Regan Quellhorst (Administrator)

    To provide additional resources for our members, we have formed a new Partnership with Info-Tech Research Group.

    Through this relationship, Info-Tech is offering our community complimentary access to specific research and services as an additional benefit to members of Technology First.

    Info-Tech Research Group produces unbiased and highly relevant research to help CIOs and IT leaders make strategic, timely, and well-informed decisions. Partnering closely with your IT teams, they provide everything from actionable tools to analyst guidance.

    This month’s exclusive content for Technology First Members includes:

    Benchmarking

    2021 Tech Trends

    Disaster Recovery

    Ensure your IT team delivers measurable results for your organization. Explore these new complimentary resources for your team here!

    What should you do next?

    Technology First is participating in an association-wide benchmarking program.

    CIO Business Vision Diagnostic

    Value: 6k – Complimentary for Technology First members!

    The most important thing an IT leader can do is understand the business' needs and actively measure that the business is satisfied.

    Stakeholder management is a critical aspect of running a successful IT department.

    Info-Tech's CIO Business Vision program is a low effort, high impact program that will give you detailed report cards on the organization's satisfaction with IT’s core services.

    Use these insights to understand your key business stakeholders, find out what is important to them, and improve your interactions. View a sample report and begin the diagnostic through our partnership page!


<< First  < Prev   1   2   Next >  Last >> 



Technology First

1435 Cincinnati St, Ste 300, Dayton Ohio 45402

Info@TechnologyFirst.org

© Technology First, All Rights Reserved