Microsoft to test blockchain-based self-sovereign ID system

Microsoft is working to create a blockchain-based, decentralised digital identity management platform that would allow users to own and secure access to their online persona via an encrypted database hub.

Over the past year, Redmond said it has been exploring how to use Blockchain and other distributed ledger technologies to create new types of digital identities designed to enhance personal privacy, security and control.

"This new world needs a new model for digital identity, one that enhances individual privacy and security across the physical and digital world," Ankur Patel, a principal product manager with Microsoft's Identity Division, wrote in a blog post.

"Rather than grant broad consent to countless apps and services, and have their identity data spread across numerous providers, individuals need a secure encrypted digital hub where they can store their identity data and easily control access to it."

Last month, the tech giant joined the ID2020 alliance, a global partnership working to create an open-source, blockchain-based digital identity system for people in the U.S. or nations who lack legal documentation because of their economic or social status.

Originally published by www.arnnet.com.au

Click here for FULL article

Number of ransomware attacks in Australia falls while phishing attacks financial loss increases

ARN provides a weekly wrap of the phishing scams, malware attacks and security breaches impacting organisations across Australia.

This week, the Australian Securities and Investments Commission (ASIC) and Suncorp Bank have fallen victim to brand-jacking. A fake notification, purporting to be sent from the Suncorp Bank was sent on Monday, 29 January.

The email with the subject “the wire transfer can not be processed” was detected by email filtering company, MailGuard. This scam tries to get users to click on link within the body of the message, which says that a requested wire transfer could not be processed. The link points to a malicious JavaScript file. The messages were sent from the address: issupport[at]australiantenders[dot]com, which has no connection to Suncorp Bank.

On 30 January, ASIC issued a scam alert letting customers know of a scam using its name to contact registry customers. With the subject “renewal” the fake email asked recipients in the first line of the message to check information regarding the renewal of “your” company. The fake email had asic.transaction.no-reply[at]mtfaustralia[dot]com[dot]au as the sender address. The message contained what looked like a legit address to ASIC’s “ask a question” page.

Scams using ASIC’s brand usually have the intent to infect recipient’s computers with malware.

According to data collected by the Australian Competition and Consumer Commission’s (ACCC) ScamWatch, 4,397 ransomware and malware scams were reported in 2017 with financial losses of $214,000. The numbers from 2017 were lower than 2016. ACCC received 6,210 reports in 2016, 1,813 less than 2017. The total loss for 2016 amounted to $241,000.

However the numbers were not down for all kinds of scams, with phishing having costed Australians $655,000 in 2017 against $373,000 the year before. A report published this week by security vendor, Sophos, revealed that nearly half of Australian businesses (48 per cent) were targeted by ransomware exploit attempts during 2017. The security vendor surveyed 200 Australian IT decision makers from mid-sized businesses.

Originally published by www.arnnet.com.au

Click here for original article

Microsoft bakes more AI into Office 365

Microsoft is simplifying Excel, demystifying corporate jargon and helping users avoid running late to meetings with the launch of new artificial intelligence and machine learning capabilities in its Office 365 productivity suite.

The software vendor wants to help users avoid the "intimidating" challenge of extracting data from Excel with the preview of Insights, which automatically highlights patterns it detects.

Insights is powered by machine learning and helps users identify trends, outliers, and other useful visualisations. The preview will be opened up to Office insiders this month.

Word is getting a new feature, dubbed Acronyms, which helps users understand shorthand commonly used in their own workplaces.

Acronyms, which will roll out to Word Online for Office 365 commercial subscribers in 2018, leans on the Microsoft Graph to find and reveal the definitions of terms from previous emails and documents.

Microsoft is expanding existing functionality within Outlook that helps users detect trips and deliveries, triage email and schedule meetings.

"Today, we’re expanding this set of AI-powered tools by bringing Cortana to the Outlook mobile app to help users stay on top of their day," Kirk Koenigsbauer, Microsoft's corporate vice president for the Office team, wrote in a company blog post.

"When it is time to leave for appointments, Outlook will now send a notification – with directions for both driving and public transit – taking into account current location, the event location, and real-time traffic information. Time to leave in Outlook is rolling out to iOS users this month in markets where Cortana is available."

Other new features include an AI-powered whiteboard app that can recognise freeform drawings and turn them into standard shapes, and an extension of capability within OneDrive and SharePoint to automatically recognise the content within images and automatically extract searchable text.

Microsoft has been baking AI and machine learning capabilities, from document translation to intelligent threat detection, into Office 365, which now has more than 120 million commercial users.

The Office 365 announcements were part of a bevy of news out of a Microsoft AI event in San Francisco, where it also revealed a partnership with Reddit.

Originally published by www.crn.com.au

Click here for original article

'One sloppy team member' could topple a firm under new laws

The impending Notifiable Data Breaches (NDB) scheme has been labelled the “biggest game changer” for accountants in 2018, with new protocols and notification procedures kicking in next month.

The Privacy Amendment (Notifiable Data Breaches) Bill passed last year and will commence on 22 February this year. It will require agencies, organisations and certain other entities to provide notice to the Office of the Australian Information Commissioner (OAIC) and affected individuals of a data breach.

According to the OAIC, “a data breach occurs when personal information held by an organisation is lost or subjected to unauthorised access or disclosure”.

Individuals and corporations that fail to comply with the notifications rules risk being fined up to $340,000 and $1.7 million respectively.

Change Accountants & Advisors chief executive Timothy Munro believes accountants have to get up-to-date with the scheme and start training and informing staff members on the potential ramifications.

“The biggest game changer for 2018 will easily be the new notifiable data breach laws,” said Mr Munro.

“Accounting businesses that haven’t planned for this and updated their security protocols will be absolutely smashed with fines and potentially lose their tax agent licence after February 2018 when these new laws come into effect.

“One sloppy team member who clicks on a link in an email could bring down an entire accounting business – it’s that serious,” he added.

“My urgent message to all accounting firm owners: Take this seriously, research it to understand the new laws, and get started now with new team policies and team training to ensure you are not at risk.”

Earlier, Smithink director David Smith said accounting firms were a “very attractive target” for cyber criminals and warned that “time is not your friend” in preparing for the new laws.

Kamino Cyber Security and Midwinter managing director Julian Plummer further believes the majority of accountants have yet to spend enough time researching or preparing for the upcoming changes to the Australian Privacy Act.

“This means that if at any point, you experience a data breach – you will automatically be increasing the risk of loss of confidence in your business from a client’s point of view, as you are now obliged to tell them directly when and if a breach occurs,” said Mr Plummer.

“Data published by the Ponemon Institute has revealed that the average cost to an organisation for a data breach notification is $88,000, taking into account necessary actions such as creating a new client database, legal costs for the notification, related communication costs associated with notifying clients etc.

“The cost alone should be enough to convince you to take this seriously.”

Originally published by www.accountantsdaily.com.au

Click here for original article

What is Windows Hello? Microsoft’s biometrics security system explained

Windows Hello is a biometrics-based technology that enables Windows 10 users to authenticate secure access to their devices, apps, online services and networks with just a fingerprint, iris scan or facial recognition.

The sign-in mechanism is essentially an alternative to passwords and is widely considered to be a more user friendly, secure and reliable method to access critical devices, services and data than traditional logins using passwords.

“Windows Hello solves a few problems: security and inconvenience,” said Patrick Moorhead, president and principal analyst at Moor Insights & Strategy.

“Traditional passwords are unsafe as they are hard to remember, and therefore people either choose easy-to-guess passwords or write down their passwords.”

It is not uncommon for people to use the same password (or variations) across multiple sites and applications. Windows Hello and other biometric authentication features like Apple’s Face ID or Touch ID are designed to offer an alternative to passwords that is unique and more secure because it relies on technology that’s harder to break.

Originally published by www.arnnet.com.au

Click here for FULL article

Is your practice ready for the new data breach laws?

Accountants have been urged to give “top priority” to the impending data breach laws, with one cyber security expert warning of significant ramifications such as client loss of confidence, compounding monetary loss. The Notifiable Data Breaches scheme will commence on 22 February 2018, requiring all businesses with an annual turnover of $3 million or higher to notify individuals and the Office of the Australian Information Commissioner (OAIC) when cyber security incidents compromise personal information.

According to the OAIC, “a data breach occurs when personal information held by an organisation is lost or subjected to unauthorised access or disclosure”.

Earlier, Smithink director David Smith said accounting firms were a “very attractive target” for cyber criminals and warned that “time is not your friend” in preparing for the new laws.

Kamino Cyber Security and Midwinter managing director Julian Plummer further believes the majority of accountants have yet to spend enough time researching or preparing for the upcoming changes to the Australian Privacy Act.

“This means that if at any point, you experience a data breach – you will automatically be increasing the risk of loss of confidence in your business from a client’s point of view, as you are now obliged to tell them directly when and if a breach occurs,” said Mr Plummer.

“Data published by the Ponemon Institute has revealed that the average cost to an organisation for a data breach notification is $88,000, taking into account necessary actions such as creating a new client database, legal costs for the notification, related communication costs associated with notifying clients etc.

“The cost alone should be enough to convince you to take this seriously.”

Mr Plummer believes accountants should start by studying the new laws to ensure they have a comprehensive understanding of the scheme.

“Ensure you have an Incidence Response Plan in place to manage cyber security. Make sure your IT policies and procedures are up-to-date, that your staff are thoroughly versed in them and adhere to them. From then on, you can begin to plan and prepare your best line of defence,” added Mr Plummer.

“It also may be a good time to review your cyber insurance policies. Cyber insurance offsets many of the costs of potential IT breaches, however we recommend doing adequate due diligence as one size does not fit all.

“Securing your data, will secure your business.”

Originally published by www.accountantsdaily.com.au

Click here for original article

About us:

Established in 2007 and locally headquartered in Brisbane, Smart Business Systems provides IT Services across Australia. We work closely with our clients to get the most out of their IT investment.

SBS strategically plans, implements, manages and maintains IT environments for hundreds of clients, both national and international.

Address:

Unit 2, 32 Boothby Street, Kedron, QLD 4031

P 1300 798 717

F +61 7 3350 3397

info@sbsystems.com.au