Secure Your Email With Two Step Verification

Occasionally hackers are able to take control of an email account at the firm.  Typically, the hacker will send emails to everyone in the user's address book, trying to get them to click on a link that will infect the user's computer or steal that user's password.  A hack also gives the hacker the ability to read and delete all of your existing emails.

Basic security requires that you should never share your passwords with anyone outside the IT Department.  Your password should ideally be at least eight characters, contain both letters and numbers (and other types of characters if you wish), and should not be the same thing you use on all your other accounts.  You should never enter your Gmail password on any site that asks for it outside of Google.  If a site looks suspicious and asks for such information, you can always check with the help desk for a second opinion.

Caution alone, however, may not be enough.  To better secure your Google data, you may want to try using Two Factor Authentication (2FA).  Google make 2FA available to all of our users.  We have not made it mandatory because it can result in some rather significant inconveniences.  If, however, you wish to add this extra level of protection, you may do so.

The 2FA protocol essentially blocks hackers from accessing your Gmail account or other Google features by requiring a second step beyond entering your password.  You can associate a telephone number with your Google Account.  After you enter your Google name and password, Google will call or text your phone with a second random six digit number.  You must then enter that number in order to access your Google account.  

Once you have done this on a computer, you can tell Google to trust that computer for 30 days, meaning you will not have to go through that second step every time, just once per month.  You will also need to set up a special App Password on any device you use, such as a phone, tablet, or third party software package that accesses your Google account.  The App Password is a long randomly generated password from Google, a unique one for each device you use, in order to access your Google account from that application.

This additional security makes it virtually impossible for a hacker attempting to log into your account from another location.  It does, however, make life more complicated for you, since it regularly requires you to take extra steps to verify that you really are you.

I have been using myself as a test case for 2FA on my own account.  I find it mildly annoying to go through the extra steps on occasion.  Every time I log in from a new computer, I need to have my phone handy for authentication.  That said, it has not been a major problem or impediment for me, and seems to work as advertised.

The important thing to remember if you turn on 2FA is that you will need your phone with you at all times in order to receive a text message with the random pin number.  If you are one of those people who does not view their cell phone as an appendage which never parts from them, then 2FA may become a real impediment to getting to your email.  If you are on the road and lose or forget your phone, you will not be able to check messages through some other place, such as a hotel computer.  Also, if you plan to use other programs to access your mail, such as Outlook, or the mail program that came with your iPhone or Android (something other than the Gmail App) you will need to go through a separate setup process for each of these applications.

If you find  yourself unable to get into your account after turning on 2FA, please note that the help desk will not be able to help you gain access to your messages, nor check  your messages for you. The IT Administrator will need to go through a more cumbersome process of turning of 2FA which is not an easy or immediate thing.

With all that said, if anyone is interested in turning on 2FA on your Google account, you may do so via this site:

https://www.google.com/landing/2step/

Using Gmail Categories

Many months ago, Gmail rolled out "categories" to the Gmail inbox.  I have not written about it sooner, because I did not particularly like it myself.  But some users have found it useful, so I thought I should discuss it further.

Categories tries to to organize your inbox better into up to five separate categories.  Instead of a single inbox, you will see up to five tabs at the top: Primary, Social, Promotions, Updates, and Forums.  You do not have to select all five, but you don't have the ability to change the names or do much else to control them.

Once enabled, Google will decide on its own what incoming emails belong in which categories.  The idea is that less important email, e.g. stuff from vendors, newsletters, notifications from Facebook or Linkedin, will not clutter your inbox (which is the "primary" tab).  Instead, such items will go into one of the other tabs.  These are emails that you don't consider spam, but don't also consider a top priority.

I am not a fan of categories, primarily because I don't have much of any control over what Google considers important.  As a result, I just have to spend more time going through all five tabs rather than looking at everything in one place.  You do have the ability to create filters, i.e. rules that will force an incoming email into a particular tab.  They work pretty much the same as using filters to force mails into a particular label (i.e. folder) rather than going into your inbox.

Another limitation of the Categories is that if you use another program, say Outlook on your computer, or the built-in mail program on your iPhone or Android, then Categories will not work in those places.  All the stuff is dumped into your inbox.  Therefore, your Gmail inbox and the Gmail inbox on your phone may have different contents.

If, however, you get a great deal of automatic mail that is not quite spam but also is not as important as other things, you may find Categories useful.  You can set it up in Gmail simply by going into "settings" then "inbox".  Select the categories you want to use, and then save.  Gmail will take it from there, auto-sorting all the messages in your inbox.  If you decide you don't like it, just turn it off and everything returns to one inbox.

Office 365

The firm is planning to start a pilot group of users for Office 365.  The Pilot will likely last for about a month.  We are only looking at the component that uses MS Office, not the component that works with MS email.

For the pilot, we are looking for people who

1. are already experts in use of MS Office (at least MS Word and Excel, possibly Powerpoint)
2.  have a need to use MS Office for work when outside the office. 
3. tend to use their phones or tablets for a great deal of their work
4. are willing to experiment with the MS Office cloud platform, and
5. are willing to take the time to provide me with feedback about your experience.

Space is limited in the pilot trial, so I cannot guarantee everyone who wishes can participate.  If you don't make the pilot, you certainly can get access once we go live, assuming the pilot is successful.

If you are interested in participating in the firm's pilot project, please send me an email.  If you want to help your chances, you can feel free to explain why your input would be particularly valuable based on how you plan to use the system.

If you want to learn more about Office 365 for Business, check out Microsoft's web site.

Thanks,

Mike Troy