There is an ongoing debate in the business world when it comes to deciding whether or not to pay a ransom demand when critical data systems are locked up in a successful ransomware attack. As a rule, technology and security professionals recommend against paying the ransom, but often times the business leaders will calculate the loss and potential risks against the ongoing and future harm the current lockout is causing, and decide to pay the money to get back to work quicker. This is a calculus that the attackers also weigh – how much is too much? What sort of threat does the ransomed data represent to the company?
What happens when they don’t pay?
Most of the time when the victim refuses to pay, the hackers move on to their next target, leaving their victim to pick up the pieces on their own. In the case of Clark County School District, critical school systems were compromised 3 days into the new school year. Despite threats by the attackers to leak the data they were holding hostage, CCSD choose to not pay the ransom, prompting the hackers to post some non-sensitive data as a warning that they meant business. When the CCSD continued to stand tough, the hackers apparently shrugged their shoulders and called the district’s bluff by posting the stolen data on both the regular and dark web, free and unprotected for anyone to download. The 25 gigabytes of data included employee social security numbers, addresses and retirement paperwork, as well as the PII of presumably the entire student body, including names, addresses, birth dates, grades and schools attended.
Previously, ransomware attacks seemed to be focused on businesses, allowing most folks to just shrug their shoulders (even if their own information was possibly compromised) as the impact was far removed from home. In this case, what if an organization over which you have very little influence made a decision that results in very real risk to your child’s future (and present!) livelihood? Clark County wasn’t the only school district to be targeted this year – Hartford, CT and Athens, TX school districts were targeted by similar ransomware attacks, resulting in closures and ransoms paid. As you might guess, schools are attractive targets – the stakes are high, and IT is typically not a high-priority budget item, making them easy targets. Even if the school systems had been backing up their systems (unlikely, see budget or lack thereof) it takes several days for systems to be restored even with a highly-trained and prepared IT team (unlikely), and meanwhile, the phone system is being lit like an angry Christmas tree by parents wondering what the heck is going on.
The reason ransomware attacks continue to be an extremely effective criminal activity is because how effective and profitable they can be. As is evidenced by their tactics and continued success, it’s very clear that ransomware campaigns are now an established weapon of organized crime. Unlike the stylized depictions of the “honorable mob” by Hollywood, today’s crime organizations seem to have no problem targeting our most vulnerable organizations, and aren’t squeamish about casualties along the way.
Image courtesy of Stuart Miles at FreeDigitalPhotos.net
A little while back, I wrote about a very disturbing trend in 2017 where something was gaming YouTube’s content algorithms with what appeared to be AI-generated content and metatags. If the last part of that sentence made little sense here’s the concept put another way. Someone was (and probably still is) using computer algorithms to build and publish content based purely on what would get to the top of YouTube’s search results. “Great,” I can hear you say, “How do I hire these guys?” That’s the thing – a lot of the content appeared to be completely artificially generated and automatically published. Basically someone built a robot and turned it loose on YouTube, and it actually worked.
Now it’s happening on Spotify
Chances are that you are a Spotify user – according to the company’s Q1 2020 report they have 286 million active users and 130 million premium subscribers. One of the primary draws of Spotify is creating your own playlists, whether based around a genre, artist or mood. You probably started on Spotify with a list of artists, songs and albums that you used to create your first playlists, but the other, wildly popular feature of Spotify is the ability to “discover” new music by searching its vast collection and having it generate playlists for you, as well as seeing what others, especially your friends, are listening to via their shared playlists. As you have probably guessed by now, Spotify drives this discovery process via search algorithms that are, of course, now being gamed like YouTube’s back in 2017. Any summarization I could put together would not do proper justice to just how strange the mushroom is that has grown in Spotify’s garden, instead I would recommend reading the article if you are at all curious as to why Spotify has made certain “odd” choices when recommending music to you. (Note: Medium is a subscription based website that limits story views).
As a wanna-be musician and as someone who deeply enjoys music, I’m not sure how I feel about the path that music is taking on Spotify. On the one hand I find it heartening that the platform allows for a wider swath of musicians to not only have their music be heard by larger audiences, but that they stand to make some money from it (as long as they know how to leverage the Spotify algorithms). On the other hand, audiences are losing track of the artist in sacrifice to search engine optimization, which prevents the artist from building a following. I’m pretty sure that most musicians don’t create purely in service to profit, but for the enjoyment of others. Being able to make a living is (usually) a happy product of this, but if the only objective is profit, I’d like to believe that particular product won’t endure…as long as Spotify doesn’t completely commodify musical tastes.
Though you might not know it, you’ve probably seen at least one TikTok video, and if you spend any significant amount of time on other social media platforms like Face-behemoth you’ve definitely seen one. If you live with teens that have access to the internet, you have more than likely seen them spending hours consuming and producing Tiktok content. Not quite sure what it is? Well, don’t go downloading the app and creating an account without knowing that there are some serious security and privacy concerns about this Chinese social media platform. These concerns are so serious that the US Government threatened to shut down the app altogether unless it sold its US operations to an American company.
“A finger on the Monkey’s Paw curls up…”
Instead of closing a deal with software giant Microsoft with whom they have been huddling since the start of the trouble, TikTok announced over the weekend that US operations of the social media app would be “acquired” by Oracle. Once the initial shock had worn off the announcement and details were revealed, the reasoning behind the agreement became immediately evident. Where Microsoft had been proposing to completely take over TikTok US by completely severing from Chinese firm ByteDancer, Oracle has positioned itself in this deal as TikTok’s “trusted technology partner” which suggests instead of taking over, Oracle will be “partnering” with ByteDancer. Larry Ellison is a vocal and staunch supporter of the Trump administration, and this move allows Oracle to neatly deescalate a thorny problem for the White House as it headed to an ugly legal showdown with TikTok. It doesn’t hurt that this will also allow Oracle to tap into some serious capital, and gain them possible access to ByteDancer’s highly sophisticated AI algorithms that power the app.
At the moment, the deal still needs to be approved by the White House, but given the players and how neatly it ties off the issue for the politicians and business people, it’s hard to see this deal failing. Unfortunately, there are still plenty of questions about what role Oracle will play in answering many privacy and security concerns that still remain with the app. For now, our recommendation is for our clients to keep an eye on TikTok and to enjoy the content via something other than the app itself.
A good portion of you have probably gotten yourself and your family more or less situated to working and learning at home, and unless something dramatic happens in the medical community (experts say this is unlikely), we are probably going to need to carry on in this environment through the end of the year. This means that those hastily assembled home offices/classrooms might be less secure than what would be considered safe by industry standards, especially for what is typically the most private part of your life. Cyber criminals know that home networks are weak, but have largely ignored them as business targets are more lucrative. At least they were more lucrative pre-Covid, but now that a large part of the workforce is home, they know that your defenses there are much weaker, and sometimes non-existent.
Bolster your home defense!
You’ve probably built several pillow forts during quarantine already (even if you don’t have kids), and now you can try building your own network fortress. It’s not nearly as comfortable as the pillow fort, but can provide an extra layer of coziness, knowing that you’ve put some barriers between you and the hackers.
- That family computer you are using to remote into the office needs malware protection. So do the computers your kids are using to attend class – virtually or in-person. There are literally at least a dozen different companies selling security bundles, and more than a dozen free malware providers, but we only recommend the following: Webroot, TrendMicro, BitDefender, and with some caveats (we’ve found it to cause performance issues on occasion), Norton. All of these companies offer multiple packages with different levels of security that include various aspects of identity theft protection, content monitoring, password management, etc, and all of them have moved to a subscription model that will require a credit card on file with them. Expect to pay between $60-100/year to protect all the PCs in your house (if you aren’t the Brady Bunch).
- You may need to upgrade from the ISP-provided router to a custom firewall. The devices provided by ISPs are typically fairly simple, and even if they have advanced features, they are not designed to be managed by the average homeowner. If you need content monitoring to make sure younger family members are safe, or advanced features like VPN tunnels, or Quality of Service (QOS) capabilities to make sure business calls aren’t overrun with non-business traffic, you may have to consider purchasing your own router. Though the sellers would have you believe otherwise, this type of upgrade is not for the technically inexperienced. Make sure you consult with a professional before buying and installing anything, especially if you need to factor in better WIFI as well.
- Use better passwords for your home devices. This includes your WIFI password, and if your home machines don’t have passwords for logins, consider adding them as well, especially if they are being used for business purposes. Change your router password if it’s using the default. Don’t know if it’s the default? If you’ve never changed it and your router is more than few years old, it may be using a default that is well known on the internet which means it may be easily hackable as well. Consider using a password manager to keep track of your growing list of passwords – that little notebook or Excel spreadsheet is just as dangerous as using the same password over and over. We can recommend password managers Dashlane, LastPass or 1Password as affordable solutions that offer family subscriptions.
- Back up your data. I’m still surprised how many folks aren’t backing up their personal home computers. Yes, many of you are using cloud-based services like iCloud or Google Photos, or Dropbox, but a good percentage of my clients who do use those services aren’t 100% certain what is being backed up by those services. If you’ve been collecting years of digital photos, prior to owning a smartphone, it’s also highly probable that older media is living in a corner of your hard drive not even touched by a cloud-syncing service. Know what is backed up and by what, and if you are relying on USB attached hard drives or thumb drives for back up, you are living on borrowed time. We can recommend Backblaze and Carbonite as family-friendly solutions that are very affordable and relatively easy to set up and manage.
- Don’t share computers. Especially if you work with client data or financial services. Kids definitely don’t have the same stakes as you do, and even if they are well-trained, are more likely to make poor decisions that could compromise your security. The technology to separate your home network also exists, and is affordable if you want to go the extra-mile, but if you share equipment like printers, this may make things a little more complicated.
Note: all of the products we mention here are not sponsors, nor do we receive any sort of compensation from them if you decide to purchase their services. C2 Technology does offer a line of services that can be extended to your work-at-home PC’s but we do not provide managed services on personally owned devices other than your primary work-at-home device in consideration for your household’s privacy.
Image by Gino Crescoli from Pixabay
In case you haven’t see one yet, you can find a great example of a “deepfake” video in one of our past postings. While the example I use of Bill Hader impersonating Arnold Schwarzenegger is humorously entertaining, the context makes the manipulation much easier to spot than in this video of Mark Zuckerberg, which was completely faked to make a point about Facebook’s lackadaisical policy towards policing misinformation. Despite this highly publicized broadside, it took Facebook six months to change their policy on allowing this type of content on the world’s biggest media platform, and even then the policy has loopholes that allow many fake videos to continue to thrive, especially content posted by politicians, who are given a pass on Facebook’s fact-checking guidelines.
What’s a regular person to do?
While it’s clear that waiting for Facebook to do something is not going to resolve this problem, other major players are taking steps. Twitter has finally found some courage and has been policing demonstrably fake and harmful content, and now Microsoft is developing two platforms that can arm consumers with more ways to spot fake content. Microsoft’s “Video Authenticator” was announced Sept 1, 2020 as a way to detect manipulated videos, particularly deepfakes, by using technology to spot edits that would normally be undetectable to human eyes. Realizing that they will always be chasing improvements to deepfake technology, Microsoft has also announced its participation in an initiative called “Project Origins“, founded by the BBC. Project Origins aims to provide digital content with authenticity watermarks (among many other things) to hopefully curtail the harmful spread of misinformation through unapproved appropriation of legitimate news content.
Unfortunately, the use of these tools actually requires active and willing participation from the general public – if one doesn’t know they are being manipulated or think to question the source of their information, the previously mentioned platforms are not helpful. This is where the concept of “media literacy” is becoming increasingly crucial to navigating the flood of information we receive daily. Microsoft has created an interactive quiz at www.spotdeepfakes.org in partnership with the University of Washington, USA Today, and Sensity as just one way of increasing awareness about this growing threat. The only way we can combat the tide of misinformation is to encourage everyone around you to think critically and to reasonably question information sources, especially during the upcoming election season.
Image courtesy of Stuart Miles at FreeDigitalPhotos.net
As I mentioned in last week’s blog, certain companies, like C2, were well positioned to continue operating business-as-usual despite the Covid-19 pandemic and resulting lockdowns. And some businesses are thriving, especially the ones that facilitate remote work and learning like Zoom. Even before the lockdowns forced videoconferencing into the spotlight, Zoom was making significant inroads against previous champion Webex. Zoom’s stock price has doubled in 2020 thanks to the pandemic lockdown despite a variety of negative publicity about glaring security holes and privacy issues, and new ones are being discovered on a regular basis.
“Who’s zoomin’ who?”
According to a recent lawsuit filed by Consumer Watchdog on behalf of Washington D.C. consumers, Zoom marketed its platform as having “end-to-end encryption” (E2EE) despite the fact that at the time it had no such thing, and even now does not have this feature. According to Zoom, E2EE will actually only be available to it’s paying customers (at some point in the future – Zoom hasn’t released the feature yet), and here’s the rub: implementing E2EE for videoconferencing actually curtails certain features like the ability to dial into a videoconference from a land line or cell phone, stream the call to YouTube, or save the meeting to a cloud recording. I don’t know how many of you are streaming your Zoom content to YouTube, but at least one out of every 2-3 Zoom calls I’m on, someone is phoning into the meeting, and many of my clients find the cloud recordings invaluable.
Keep in mind, none of Zoom’s market competitors have E2EE – not Microsoft Teams, Google Meet, Blue Jeans nor Webex, and the ones that do – Facetime and Signal – aren’t really comparable in terms of business features. The more important question is this: Do you need E2EE? If you are working in a regulated industry and regularly exchange protected and/or sensitive information (medical, financial, legal/criminal matters to name a few) via videoconference, your calls should be fully encrypted. That being said, I can guarantee you that before any of Zoom’s shortcomings came to light plenty of folks probably had no idea that their videoconferences weren’t completely encrypted, nor were they cognizant of the fact that they should have been from the start.
For the rest of us that aren’t required by law to encrypt our communications, should we still insist on having it? We may not need it, but it should always be available to anyone who wants it. There is still plenty of debate as to whether privacy is a fundamental human right, or a privilege. Make no mistake, controlling someone else’s privacy is all about power, and as we can see from plenty of examples lately in social media, it doesn’t take much to abuse that power. Don’t be so quick to trade privacy for cost savings – it may not be easily bought back with any amount of money or convenience saved.
Image courtesy of Miles Stuart from FreeDigitalPhotos.net
After a few hours of mild panic when the lock-down was first announced here in L.A., I came to realize that while C2 was likely to encounter some new challenges and hazards, we were probably one of few companies that were operating in a fashion that left us relatively unaffected by work-at-home mandates, and our services positioned us to assist other companies to survive (and thrive, in some cases) in this new pandemic world order. Unfortunately for many others lockdown life is shining a harsh spotlight on the technology divide that is affecting wide swaths of our population in new and challenging ways.
More than physical isolation
Work at home, learn at home, and limits on physical gathering and traveling put a painful, merciless and indiscriminate emphasis on technology, and the bar is set fairly high for the average family. Distance learning requires each student have access to a computer and internet for several hours each day at minimum, and in households with only one computer and multiple kids and working parents, that is essentially unsustainable without endangering everyone’s sanity, and is a large, unspoken motivation for the push to send kids back to school, Covid-or-no. Most districts can barely afford to equip their schools with proper equipment, let alone send a decent laptop home for every child and properly train faculty who have been teaching traditionally for decades. Buying more computers is a nice thought, and they are cheaper than they have ever been, but how do you add to a budget that is probably already constrained and maybe even limited because of Covid-related employment issues?
Other populations that are also highly impacted:
- The Elderly – even though they may be able to afford the technology needed to survive in a locked down society does not mean that they can make effective use of it. When things break or don’t function as they should, they are working with service providers that cannot (or won’t) visit in person and who expect a certain level of knowledge and (let’s face it) enthusiasm that this population just wasn’t prepared to achieve. Substituting physical interactions and everyday transactions (like grocery shopping!) with complicated devices and bewildering service choices puts our older generations at a significant disadvantage (and risk!) in what was already a challenging situation pre-pandemic.
- The Differently-Abled – there are large swathes of our communities that don’t have the capacity to limit their livelihoods and entertainment to internet-enabled devices, and who relied upon physical socializing as their primary form of engagement. Maintaining a mobile or internet account requires a certain amount of financial independence and consistency that is difficult to achieve in group homes, which were already running on shoestring budgets prior to Covid. Now they have to contend with residents who are bored, have limited access to their usual outlets, and sometimes incapable of understanding why can’t go out like before. Services like Social Security and MediCal don’t pay for smartphones and data plans – food and shelter come first, and there usually isn’t much afterwards.
- The Homeless – I’m sure all of us have spotted at least one homeless person with a smartphone. Being homeless doesn’t mean you can’t have stuff, and let’s face it, if you are trying to overcome homelessness, having a phone is non-negotiable. But how do you afford to have one if the menial jobs you were working to try and get over the hump have dried up? Even if you were qualified to work at a job that could be done at home, where would you work, and on what computer with what internet connection? The bandwidth-capped hotspot on your limited mobile plan that gets devoured within days of each new month because everything in life requires the internet now?
What can you do?
Some of these problems are way bigger than any of us individually. Even together, before Covid, we didn’t seem to be making much progress on solving the wealth gap that drives such a heartless wedge into our increasingly technology-reliant society. But that doesn’t mean you shouldn’t try – here are some things you can do:
- If you can afford it, and were on the fence about buying a new computer or phone, factor into that decision whether donating your old device may be useful to someone less fortunate, or whether by giving that device to someone in your family allows them to pass along a device to someone who really needs it. If you are donating any device, make sure you remove your personal data, or have a professional do it for you. Keep in mind that most mobile devices, video game consoles, and even computers, require some form of internet service to be truly useful. Giving your devices to someone who may not be able to afford to use them effectively or maintain the necessary data plan may end up being an unexpected burden.
- Volunteer your time, expertise, or both to a non-profit focused on serving your community or locality. Even if you can’t participate physically right now because of social distancing restrictions, helping them achieve goals that are literally close to you will be satisfying even as we are surrounded by frustrating circumstances. Also never forget that you likely know someone else that can help. All non-profits can benefit from expanding their human networks!
Image by thedarknut from Pixabay
Despite some absolutely astounding head-in-the-sand approaches from our country’s leadership for “opening” America back up for business, Covid-19 is stubbornly refusing to just give up in the face of American bravado and continues to rampage like a bull in a china shop through our population. One of the hottest points of contention right now is the struggle that parents face as the Fall school year looms and they have to decide between sending their kids into hot zones or shouldering the decidedly heavy burden of part-time teacher/hall monitor on top of putting food on the table. I don’t have guidance for what seems to be a top contender for the Sophie’s Choice of 2020 – but I can provide some guidance on how you might be able upgrade your hastily improvised home classroom/office space into Work-Learn-At-Home 2.0.
Your Next Quarantine Project(s)
To do #1: Upgrade your internet speed. I’m still surprised how many people are still subsisting on DSL or relying on their cell hotspot. This may have been fine pre-Covid, but if have more than one person living in your home, you need to upgrade to broadband speeds. At minimum, you should be aiming for 50Mbs download and 10Mbs upload, though for larger, more technically-savvy households, upgrading to 300 x 25 or higher will likely result in an overall better experience. The fastest service Spectrum offers for most homes is 1Gbs X 35Mbs, and if you are fortunate enough to have access to ATT, Verizon or Frontier Fiber for an affordable price, always choose fiber if you can afford it. If you run your business from your home, consider ordering “business-class” service, which costs more for the same speed as the comparable “residential-class” tier, but provides better technical support and response to outages.
To do #2: Hardwire all critical devices. Though it may not be convenient, easy or aesthetically pleasing, if you are having issues while on Zoom calls, or experiencing frequent disconnects while using a VPN and remote access and you are using WiFi, switching to an Ethernet cable will most likely resolve many issues. Even though your WiFi signal appears strong, it is subject to too much variability to be 100% reliable. If your online audience is complaining that your voice is garbled or dropping out, or your kids are losing connection to their virtual classrooms, WiFi might be part of the problem. If getting a physical wire from the router to your computer is just not possible without tearing holes in your wall, you can try power-line network extenders like this. Depending on the model, you might be sacrificing some overall speed in trade for improved reliability. They are cheap enough and easy to install to at least try them as an alternative to weak or unreliable WiFi. Or you could try…
To do #3: Upgrade your WiFi. Most houses are making do with a single access point for their home WiFi, and in some cases, using the same router they got from their ISP oh-so-many years ago. What you might not realize is if your WiFi router is more than 3 years old, your signal strength is probably considerably weaker, slower and more unreliable than when it was first installed as the equipment degrades with age and use. Most consumer-class WiFi routers are built with antenna amplifiers that start to lose strength on year 3, even though the core electronics continue to work without an issue. If you are using an ISP-provided router, call them first to see if you can get them to replace/upgrade your device for free, and if not, you may need to replace your router WiFi with a mesh system from Google, Amazon (Eero) or Netgear (Orbi). Depending on the size of your home, each of these platforms offer bundles from 1 to 3 devices that you can use to improve your WiFi network.
To do #4: Get everyone their own PC. I know that sharing is caring, but when it comes to kids and your work PC, you are better off getting them something they can call their own without you having to worry about whether it will be functional after every virtual classroom session. Most of you are already at your limit in terms of sharing space – giving everyone their own PC will help you reclaim some mental/virtual space and sanity. New PC’s have come down considerably in price, and many of our clients have been buying refurbished PC’s from Amazon that are perfect for younger family members without breaking the bank.
To do #5: Give everyone their own space. I realize that not everyone has the space to set up a dedicated room for an office, or a desk and private corner for attending classes, but understand that even though you may be perfectly fine conducting work in the middle of a busy room, your children haven’t developed the focus you have honed from years in the office trenches. Though it may seem silly, even using some jimmy-rigged curtains/sheets to create dedicated spaces will help everyone stay focused. If you’ve ever considered setting up that patio workspace so you can be one of the fancy cats Zooming from their beautiful backyards, don’t let your dreams be dreams. Which leads to…
To do #6: Get some good headphones with a mic. Even if you’ve managed to give everyone their own space or are fortunate enough to even dedicate a room with a door for your activities, if you or your kids spend any time online speaking and listening to others, having a good headset with a dedicate mic will improve everyone’s experience. The built-in mics on webcams or laptops are designed to be omni-directional which means they will pick up sound from all directions, including your gardener’s leaf blower, your kids teach lecturing in the next room, even your air conditioning or your spouse’s phone conversation on the other side of the house. A good mic will allow you or your kids to speak at a reasonable volume and be understood better on the other end, and the headphones will keep the overall noise level in the house down to a dull, tolerable roar.
To do #7: Get battery backups for important computers. If your home power is unreliable, consider adding a $90 uninterruptible power supply (UPS) to critical equipment, including your router and each computer. While it may feel expensive or overkill, that $80 will be well spent if it allows you or your kids the precious few minutes to save hours of work when the rest of the neighborhood falls into darkness.
Image by thedarknut from Pixabay
It’s clear that we are not going to be able to control our outside environments to a point where everyone feels healthy and safe without someone’s sense of entitlement getting hurt, but we can definitely control our home office environments, especially how we work. And seeing as I am typing at you with dual wrist braces (aggravated by some light DIY home construction, not computer work!) it seems timely that I should share with you some important things to pay attention to as we continue our work at home journey together for at least several more months.
A list that should not be ignored!
I don’t know that any one of these is more important than another. None of these should be disregarded, but depending on your situation and state of physical health, certain things may have a higher priority. As always, if you have a medical condition that may be impacted by one or more of these recommendations, please consult with your physician before making any changes or decisions.
- Your feet should be flat on the floor, thighs and forearms parallel to the floor. Your upper body and neck should be straight and head neither tilted forward or back to look at the monitor, the top of which should be more or less level with your eye-line, which, again, should be parallel to the ground. If the height of your workspace does not allow for your feet to rest on the ground, use a foot rest to achieve this rather than compromising on the parallel lines. This article from the Mayo Clinic has a good illustration of proper body placement/positioning.
- Your keyboard and mouse should be at a height that allows your hands and wrists to be parallel to the ground, and as you are typing or mousing, the back of your hand, wrist and forearms should be completely straight – you should not have to flex up or down to perform either of these tasks. It’s also acceptable for your typing position to be slightly below the level of your elbows, but not to the point where you have to flex your wrists to type. Your head, shoulders and torso should not need be rotated to work, which means that your main monitor and keyboard should be directly in front of you.
- Make sure your office is properly lit – don’t just rely on the light of your monitor. This can cause eyestrain, which can lead to poor posture as you compensate for tired eyes. Also make sure your monitor brightness, size and distance is at a comfortable level where you can easily read text on screen. If you find yourself hunching forward to read the screen, adjust the screen, magnification or distance so that you can comfortably view your typical work screens without sacrificing ergonomics. If you wear glasses or contacts for day to day activities but are having trouble comfortably viewing your screen, you may need glasses designed specifically for computer viewing, a new monitor, or even both.
- Keyboard and mouse choice can have a great impact on wrist and hand health. If you regularly type on a smaller laptop and have large hands, consider using an external keyboard and mouse to avoid awkward typing angles and finger cramps from using the touchpad. Don’t cheap out on the peripherals. Get a mouse that is comfortable to use for your hand size, and a full-sized keyboard with appropriate spacing between the keys. If you do a lot of number crunching, a full number pad will be indispensable.
- If you are using a laptop as your only computing device, consider purchasing a laptop stand and external keyboard and mouse, which will allow you to place the monitor at a proper viewing height and your typing/mousing surface at an ergonomically correct angle – flat or at a slight decline from the elbow. Do not attempt to use the laptop keyboard while it is propped up on a laptop stand. Remember – straight line across the back of your hands to your forearms.
- If you are still one of those people who cradles the phone on their shoulder – stop it! Get a headset or use the speakerphone.
- Wrist rests are helpful if you spend long hours on the computer, but make sure they stay clean and dry, and don’t change the angle of your typing position, especially if they force your wrists and forearms out of alignment with the backs of your hands. When I type I rarely rest my wrists on my wrist rest, but that is because I frequently use my mouse or key combinations that move my hands out of the traditional “home” position on the keyboard. Your usage and preference will differ, but never sacrifice the straight lines.
- If possible, position your monitor in front of something other than a wall, such as a window or open space in your office. This allows you to change your focal point throughout the day – essentially letting your eyes “stretch”. If that’s not possible, see #9.
- Stand up or stretch at least every 15-20 minutes, especially if you are likely to be in front of the computer for several hours. Let your eyes rest by closing them, or focusing on something other than a computer screen (not your phone!).
- If you are considering a standing desk, all of the above still applies except for the leg positioning (obviously). Make sure you use something that can switch between standing and sitting easily, especially if you are new to standing while working, as you will want to start slow. Even though I’ve been doing it for years now, I rarely stand for more than an hour or two at a stretch before switching to a seated position, and regardless of position, I try to stretch or move every 15-20 minutes. If your office has hard floors (thin carpet or hardwood), make sure you are standing on a pad, even if you have proper footwear. If it’s something very rigid like concrete or stone, the pad will be crucial.
While I think we can all agree that as far as years go, this year is definitely going down in the history books as a bad year, the week of July 13, 2020 should have its own footnote in what will assuredly be a voluminous chapter on 2020. Depending on your usage of the internet and technology, you might not have even noticed, but for those of us in the trenches of IT support, July 15th will live in infamy.
I’m being a little dramatic…but only a little.
There is a stereotypical scene that is used frequently in movies where something disastrous happens off-camera while a bunch of people are in the same room. Simultaneously, all of their phones/pagers start going crazy and the scene explodes into frantic activity. That was July 15th around 9am when everyone tried to launch Outlook to read their email and instead they were greeted with an error and crash. Everyone at C2’s phones and email started lighting up with frantic calls and texts. “My Outlook is crashing and today is not a good day for that to be happening,” was one of the more polite calls I received from a client. Turns out, Microsoft issued an update to recent versions of Outlook that just outright broke the application, and thanks to Windows 10’s unavoidable update cadence, millions of people woke up to Outlook not working. Through some sort of miracle, Microsoft actually managed to fix this colossal cock-up around noon Pacific, but for several hours it was quite tense at Chez C2.
A few hours later, we get the somewhat humorous news that several high-profile Twitter accounts have been hacked, and not only that, but that the hack had been used to push one of the oldest cons in the book. While the victims probably don’t find much to laugh about, when Bill Gates, Elon Musk and Barrack Obama offers to double any amount of Bitcoin sent to them, and you just (barely) lived through the Outlook debacle not 2 hours prior, you are going to have a good chuckle. The hackers chose chaos instead of outright villainy, but they still took in over $100k in Bitcoin before Twitter regained control of the accounts in question. We’re 20 years into the new millennia and suckers are still being born every minute.
And in case your week wasn’t fun enough, domain name service provider Cloudflare broke half the internet two days later. Literally. Cloudflare provides domain name services for a very large number of websites and services, including those that provide status on things like DNS and internet outages, leading many people to believe there was an active attack on the internet. Sadly, it wasn’t that exciting, but a self-inflicted wound delivered to a key router somewhere in Atlanta, Georgia causing a cascading failure similar to what happens to power grids when a critical transformer blows. Supposedly the problem was fixed within 30 minutes of it being identified, but as you are all now painfully aware – 30 minutes without internet (or email) feels like an eternity during the middle of a work day.
Is it 2021 yet?