We bided our time, persevered and rode the wave of the paperless office that was unappealing for many law firms; all while gaining those needed muscles that would need to be at the ready to weather the recent pandemic storm. Law firms didn’t have to look far for valued partners who already designed automated workflow solutions capable of pure magic, it seemed. But, there were many law firms who knew that legal scanning tools were the way forward to increase productivity and eliminate many manual processes, all while reducing costs. Suffice to say, going paperless was no longer an option, instead, it’s a reality that is here to stay. We confess that we are happy to not be on the back-burner or at the end of the long list of “nice to haves” or “we still have time.”

Today, I am excited to share a Q&A I had recently with Catherine Brill, Product Manager at our Solutions Engineering Center, about this topic and how Konica Minolta has been at the forefront of providing legal scanning solutions to the legal industry.

(more…)

Digital Transformation (DX), the integration of digital technology into all areas of a business, changes how companies operate, how they deliver value to customers and how their employees work. Accelerated by the pandemic and the sudden need for remote work, DX was undoubtedly one of the top buzzwords of 2020, and we have reached a point where it is no longer an option for companies to resist. If a company was not on the journey to DX prior to March 2020, they most certainly are now.
(more…)

As the United States begins to emerge from the global COVID-19 pandemic, the healthcare landscape that was already undergoing digital transformation (DX) is significantly moving in acceleration mode.  IDC stated that “in response to the global pandemic, healthcare and life science organizations experienced 2 years of DX in 2 months.¹”  The urgency toward a more connected and digital experience in healthcare has accelerated at a staggering pace. Virtual care or telehealth, touchless registration, AI and cloud technologies have all taken their rightful place as the current technology leaders, and are transforming the face of healthcare delivery, as well as healthcare IT, in the US and beyond. Recent goals from the Office of the National Coordinator for Health Information Technology (ONC) and Centers for Medicare and Medicaid Services (CMS) are also driving the industry with key standards for improved interoperability. With all of the recent advances in healthcare technology and updates on policies, however, there is still much to accomplish.

(more…)

The pandemic decidedly accelerated the necessity of a digital transformation strategy, with many businesses taking the opportunity to evaluate how they can improve performance through the use of digital technologies and new business models to drive organizational change. But getting into the details of what setting up a digitally mature business actually involves is not always clear. (more…)

Recently I had the pleasure of participating in a virtual event ‘Securing your Mobile Workforce’ with Gap Intelligence, a business intelligence services company, where we discussed the continuing security pressures facing businesses in 2021, and the different steps that can be taken to help protect a hybrid workforce. As shown by the recent Colonial Pipeline hack, no industry is outside of the danger zone and the impact can be wide-reaching, so here’s my rundown of the key challenges to be aware of, and some of the solutions we shared. (more…)

The last year (and counting…) has shown us more than ever the importance of being able to pivot strategically when external factors force your hand. In fact, there’s been a lot of talk on how to do this logistically, operationally and financially. But one thing I’ve been surprised about is the lack of commentary on how important the right culture is for times of change. (more…)

With the vaccine roll-out underway and cautious state reopening plans being developed for later this year, now is the time for organizations to start thinking about how best to return to a physical central workplace – if at all. Research from Microsoft recently found that 42% of companies plan on moving their workers from on-site to fully remote roles after COVID-19, and the remaining 58% of respondents will be looking to create a partially remote workforce after COVID-19. Based on this research, there is no scenario for an organization to require 100% of its workers to be on-site. (more…)

If there’s one thing we can safely say about the future of work, it’s that we are going through a significant period of change. With technological, social, environmental and generational shifts impacting our priorities, work can no longer be defined as a physical space we go to, neither does it relate to a set schedule of ‘on’ hours each day. And while the events of the past year have brought increased focus on what the future of work or the “next normal” will be, in reality work has been evolving steadily for years. Today we can stay connected almost anywhere, from home, in the office, while in the air or even on a cruise ship!  This capability was critical for organizations to manage through the pandemic, and will continue to be a key priority in the months and years that follow. (more…)

Cryptocurrency is all the rage right now. With amateurs getting in on the hype to learn how to trade it and watching the market escalate day to day, it can be a very exciting endeavor. But what happens when those with huge social media accounts, including Elon Musk and even Mr. Bitcoin himself, are hacked and then advertising bitcoin scams on their platforms? Absolute mayhem, that’s what.

This exact circumstance became Twitter’s worst nightmare last July, and for good reason. Approximately 130 accounts were affected and 45 were actually used to tweet scam messages, and most of the accounts that were accessed in the scam had at least a million followers. The scammers are believed to have received about 400 payments in bitcoin valued at $120,000.

The real kicker is, the “hacker” was not a professional by any means. In fact, he was just shy of becoming a legal adult – which is lucky for him and his impending jail sentence. All of this is to say that it does not take a professional team of adult hackers to take down not only one of the largest social media platforms in the world, but also some of the most influential politicians and celebrities, who we hope would have higher security than us regular civilians.

So, let’s break down the hack to understand how this happened, and talk about how businesses can put measures in their security strategy to ensure it does not happen to them. This “elaborate” plan – put in quotes because while it was elaborate in that it was successful, it was also not difficult at all for this teen to execute it because it was a social engineering scam that happens so often. Social engineering is essentially an attack where the victims are tricked into providing confidential information through very convincing scams.

An example of what the posting on Twitter looked like is below, and as you can see, it came from our former president, Mr. Barack Obama. So you can only imagine how influential and real it felt for the average Twitter user who happened to be scrolling through and is already excited around the hysteria of bitcoin.

Some of the other high profile accounts included Jeff Bezos, Michael Bloomberg, Joe Biden, Bill Gates, Kanye West, Wiz Khalifa, Elon Musk and Kim Kardashian. All 130 of the accounts that were compromised were to promote the same bitcoin scam. The tweets were flying in at such a rapid rate the bitcoin hashtag went viral, again making it seem as though it was even more real than it was.

Just fewer than 400 people fell for the scam, which was less than 13 bitcoins, but the real victim here was Twitter. Thanks to the hack, Twitter’s share value dropped immediately by four percent. Obviously the most detrimental consequences of a hack are the victims that fall for it and lose their hard earned dollars. But businesses really suffer when things like this happen.

In this case, the attacker gained access to the admin tools that Twitter was using in order to recover and reset accounts. Think about when you forget your password on any site – an email is sent to the admin of the site, and a reset password code is sent to your email. That tool at Twitter was the main victim of this crime, because the hacker was then able to go into the most prestigious accounts and change their passwords so he could take full control of what they posted.

But how did he get that far? Well, there could have been a few vulnerabilities at play that gave him the advantage of getting in. Because so many employees were working remotely, some of them were allowed to run internal admin functions from their locations, which were likely not to be the most protected of places. And for many of these employees, they could have been permitted to even run these functions on their own devices, which without the proper security in place, could mean a multitude of vulnerable access points.

According to the Information Systems Audit and Control Association (ISACA), the process by which this teenage mastermind achieved inner access could have been by:

• Pretending to be an internal Twitter support service representative using non-standard authentication due to an email outage.
• Instructing a number of staff to perform certain actions, with those staff granting remote access to their devices – which could be used to either scrape administrative access credentials or simply pivot admin tool access from those devices.
• Rogue access to the internal Twitter tool used to reset and administer Twitter accounts*

While we may not feel pity for Twitter because of their massive presence, any business is just as susceptible to a social engineering hack of this kind. Imagine a small-to-medium-sized business, where employees wear multiple hats and everyone is working their hardest. A person in accounts payable could receive a very convincing email about a wire transfer that appears to come directly from their CEO, which isn’t uncommon in a smaller sized company. Since it appears real, and this employee has a lot on their plate, they proceed with the transfer and within minutes the hackers are in. This has significant implications to the business’ data.

How can any business, regardless of their size, ensure that this will not happen to them?

An end-to-end security approach is a great place to start when it comes to protecting your business. This way, every “end,” or vulnerable place where a hacker could potentially get in is protected.

Security Awareness Training is a great way to educate employees to be on the lookout for phishing emails or anything suspicious for that matter. Security Monitoring ensures that your business is being watched 24/7, 365 days a year, and will make you aware of anything potentially hazardous to your data. And Vulnerability Management is ideal to classify and potentially remediate any threats. Lastly, any access point in your office can create vulnerability, but with MFP protection, you have another added layer of security. No matter what your security needs are, document and data protection, video security, or cyber security, this all-encompassing blueprint was designed to ensure you have security today for stability tomorrow. 😉

*https://www.isaca.org/resources/news-and-trends/isaca-now-blog/2020/the-twitter-hack-how-did-they-do-it

A while ago, ‘disruption’ was a big buzz word in the media. Every innovator was looking to cause disruption with the status quo, and while it was unsettling, this unsettlement was designed to create more attention and thought around the factors of the disruption. (more…)