IT assessment, planning, execution, monitoring and preventative maintenance LEARN MORE

Author: Fred

iPhone X and 8 vs Samsung Galaxy S8 – Is there a Clear Winner?

Unless you live in a cave, you have probably heard that Apple recently introduced two new iPhone models (iPhone X and 8).  While the iPhone 8 (and 8+) is available at retail stores, the iPhone X may not be available until mid November.

Because the holiday season is rapidly approaching and many people may be thinking about upgrading or replacing their existing smart phone, we decided to compare the new iPhones to one of their chief competitor’s smart phone: Samsung Galaxy S8.  We realize there are other great smart phones like the Google Pixel and upcoming LG V30.   We will take these up in a future post.

Apple iPhone X (and 8) Versus Samsung Galaxy S8 Comparison

iPhone X and 8

Galaxy S8 vs iphone X
Samsung Galaxy S8 and S8 Plus

 

To compare these smart phones directly, we put together a chart which shows their features in a simple, easy to understand manner.

iPhone 8iPhone 8 PlusiPhone XSamsung Galaxy S8Samsung Galaxy S8 Plus
Release Date9/22/2017 9/22/2017 Pre-orders start 10.27.17 4/17 4/17
Price$699 for 64GB model; $849 for 256GB model $799 for 64GB model; $949 for 256GB model $999 for 64GB model; $1,149 for 256GB model $724.99 unlocked; $1149 for 256GB model $724.99 unlocked; $1149 for 256GB model
ColorsGold, silver, space grey Gold, silver, space grey Silver, Space grey Midnight, grey and silver Midnight, grey and silver
Screen Size4.7 inches 5.5 inches 5.8 inches 5.8 inches 6.2inches
Display Resolution1334 x 750 pixels, 326 pixels per inch 1920x 1080 pixels, 401 pixels per inch 2436 x 1125 pixels, 458 pixels per inch 2960 x 1440 pixels, 570 pixels per inch 2960 x 1440 pixels, 529 pixels per inch
Display FeaturesRetina HD, True Tone, 3D Touch Retina HD, True Tone, 3D Touch Super Retina, new OLED, True Tone, 3D Touch Quad HD+ Super AMOLED Quad HD+ Super AMOLED
Dimensions138.4 x 67.3 x 7.3 mm 158.4 x 78.1 x 7.5 mm 143.6 z 70.9 x 7.7 mm 148.9 x 68.1 x 8.0 mm 159.5 x 73.4 x 8.1 mm
Weight148 grams 202 grams 174 grams 155 grams 173 grams
Storage64GB/256GB 64GB/256GB 64GB/256GB 64GB - Expandable 64GB - Expandable
ProcessorApple A11 Bionic, M11 co-processor Apple A11 Bionic, M11 co-processor Apple A11 Bionic, M11 co-processor Qualcomm Snapdragon 835/Exynos 8895 Qualcomm Snapdragon 835/Exynos 8895
Memory2GB 3GB 3GB 4GB 4GB
Rear Camera12-megapixel, f/1.8, 5x digital zoom, quad-LED flash 12-megapixel wide-angle, f/1.8, OIS and 12-megapixel telephoto, f/2.8, 10x digital zoom, portrait mode 12-megapixel wide-angle, f/1.8, OIS and 12-megapixel telephoto, f/2.8, 10x digital zoom, portrait mode 12-megapixel OIS, f1.7, 1/2.5" sensor size, 1.4µm pixel size, Autofocus, touch focus, face/smile detection 12-megapixel OIS, f1.7, 1/2.5" sensor size, 1.4µm pixel size, Autofocus, touch focus, face/smile detection
Front Camera7-megapixel FaceTime HD, f/2.2 7-megapixel FaceTime HD, f/2.2 7-megapixel FaceTime HD, f/2.2 8MP with autofocus, f/1.7 aperture, Auto HDR 8MP with autofocus, f/1.7 aperture, Auto HDR
Video4k at 24/30/60 Frames Per Second (FPS), 1080 pixel video at 30/60 FPS 4k at 24/30/60 FPS, 1080 pixel video at 30/60 FPS 4k at 24/30/60 FPS, 1080 pixel video at 30/60 FPS 4K video @30 FPS, 1080p HD video recording at 30/60 FPS 4K video @30 FPS, 1080p HD video recording at 30/60 FPS
Biometric SecurityTouch ID Touch ID Face ID iris scanner, fingerprint scanner, face recognition iris scanner, fingerprint scanner, face recognition
Battery Capacity1,821mAh 2,691 mAh 2,716mAh 3,000mAh 3,500mAh
ChargingFast battery charging, Wireless Fast battery charging, Wireless Fast battery charging, Wireless Fast battery charging, Wireless Fast battery charging, Wireless
WaterproofYes (IP67 Certified) Yes (IP67 Certified) Yes (IP67 Certified) Yes (IP68 Certified) Yes (IP68 Certified)
ConnectivityWi-Fi, 4G/LTE, Lightning connector Wi-Fi, 4G/LTE, Lightning connector Wi-Fi, 4G/LTE, Lightning connector Wi-Fi, 4G/LTE, USB-C Wi-Fi, 4G/LTE, USB-C

 

iPhone X (and 8) vs Galaxy S8 Review

In reviewing these phones, we find that which smart phone wins depends on the feature you look at.  The Galaxy S8 costs less, starting at $724.99 unlocked.  Also, many cellular providers have attractive trade in offers of $200 – $300 for older phones.  On the other hand, if you want to add to the Galaxy S8’s limited internal storage, a separate micro sd card runs about $125, which adds to the overall cost.

We prefer the Galaxy S8’s design to any of the new iPhones’ design.  Its bezel-less infinity display with curved glass edges on both sides creates the optimal viewing experience.  Also, it has a higher resolution display with more pixels per inch than any of the iPhone models, resulting in a better viewing experience.  The new iPhone X has a notch at the top of the screen, which disrupts the viewing experience and can take some getting used to.

Also, the Samsung Galaxy S8 has larger battery capacity, which should lead to more time between charges.  In addition, it has a headphone jack, which makes it easier to plug in typical headphones.  Because the new iPhones do not have a head jack, you have to buy a separate cable which connects to the lighting connector at the bottom of the phone or wireless bluetooth headphones.  This jacks up the iPhone’s overall cost.

While we like the Galaxy S8, the new iPhones excel in certain areas.  The new phones come with the built-in option of 64 or 256GB of storage.  The Samsung Galaxy S8 only comes with 64GB of storage.  To expand the phone’s capacity, you have to purchase a separate micro sd card, which costs $125 plus for 256GB.

Because of their A11 processors, the new iPhones have performed significantly faster than the Galaxy S8 in some tests.  They seem quicker when doing certain tasks, like copying files and multitasking.  People who use their phones to surf the web, check emails and run several apps all at once may be better with an iPhone.

The new iPhones also excel in the ability to offer 3D touch and augmented reality features for apps.  Imagine being able to look at constellations or play a video game in 3D.  Finally, the new iPhone X also is rumored to be more secure, because of its 3D Facial scanner.  The Galaxy S8 has a 2D sensor, which is less secure and more error prone.

Conclusion

If you choose one of the new iPhones or the Galaxy S8, we believe you will be pleased with your decision.  They are great phones in their own right.  One of the biggest influencers is the ecosystem you are tied to or prefer.  If you are used to the iPhone interface and iOS operating system, use iTunes, iCloud and other Apple related apps, you will be likely to stick with their products.

The same goes for the Samsung Galaxy S8 and its Android operating system.  If you like the Samsung Galaxy line, it may be best to wait.  Rumors are circulating that the new Galaxy S9 may become available in March 2019.

Either way you decide, good luck with your purchase!

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Related References:

  1. Macworld.co.uk “iPhone X vs. Samsung Galaxy S8.” October 2, 2017. Link to Article
  2. Techradar.com “iPhone X vs Samsung Galaxy S8.” September 28, 2017. Link to Article
  3. Knowyourmobile.com “iPhone X vs. Samsung Galaxy S8 – Two Epic Phones Compared.” September 28, 2017. Link to Article
  4. Forbes.com “iPhone X vs iPhone 8: What’s the Difference?” September 17, 2017. Link to Article
  5. Techradar.com “Samsung S9 release date, news and price rumors.” September 20, 2017. Link to Article

 

 

 

 

Top 5 Email Scams of 2017

Email Scams  Email Scams

By now, you have probably heard about the different email phishing scams going around, especially if you listen to the news.  We decided to review some of the most popular ones, so that you could be better prepared.

Phishing is defined as “the attempt to obtain  Email Phishingsensitive information such as usernames, passwords, and credit card details (and, indirectly, money), often for malicious reasons, by disguising as a trustworthy entity in an electronic communication.”1 

Basically, criminals pretend to be someone you trust in order to steal important financial and personal information.  They can use this information to log into peoples’ accounts, like bank accounts, to transfer funds.  Also, they can sell it to other criminals.  Phishing can be done through phone calls, emails, texts and other communication forms.

Below, we cover the top 5 phishing email scams, which we saw last year and expect to continue this year.   Many of these emails include a link you are expected to click on and enter your credentials.  For instance, you may get an email from Facebook, indicating that your password will expire, if not updated.  Usually, the link is to a fake website the criminal created.  The cyber criminal uses this info to access your account.  Because many people use the same login, the criminals can access other online accounts, like financial ones.

 

Top 5 Email Scams

Account Disabling or Suspension

You may receive an email (see example below) from a bank, e-commerce or social media site about an account suspension or closing.  For instance, a criminal pretending to be from Amazon may send you an email saying that your account will be suspended, unless you click on the included link and update your security info.  This creates a sense of urgency, because it makes people feel they have to respond quickly.

Account Suspension

Suspicious or Unusual Account Activity

Like the first scam, you may also receive an email that your online account was compromised or they detected unusual activity.  You will need to click on a link to login and secure the account.

Google Email Scam:

Suspicious Account Activity

Tax Related Scams

During the tax season, these scams increase significantly.  A criminal, who poses as an IRS representative, may send you an email about owing money or receiving a refund.  Please note: the IRS will never contact you by email or phone.  They do things the old fashion way.  They only send notices through regular snail mail.

IRS Email Scam:

IRS Scam Emails

Employer Related Scams

Usually, criminals find these scams are very lucrative.   By taking advantage of human error or insecurities, they can get valuable information about a company’s employees or clients.   One example of this type of scam would be an HR representative receiving an email from what appears to be the company’s CEO or COO asking them to put together a report with employees’ information.  Naturally, the recipient wants to respond quickly to the executive’s request and doesn’t suspect it’s a scam.

In 2016, this happened locally at Main Line Health, when an employee replied to a scam email with personal information on 11,000 of the health system’s employees. 2

Malware and Ransomware Scams

Like all of the email scams above, malware scams have the same objective: to make money.  How do the cyber criminals do it?  They trick the email recipient into clicking on a link or opening an attachment.  When they do, malware starts to load on their computer.  If they are really unlucky, they may get ransomware which will install, lock up important files and demand a payment to unlock them.  Other forms of malware will track computer users’ keystrokes and activity to collect valuable personal information and passwords.

An example of an email which may have a malware attachment:

Malware Scam Emails

How Can I Avoid These Email Scams?

If they educate themselves, people can avoid these scams.  If you know what to look for, you will be prepared.  A good rule of thumb is to never open an email or link from someone you do not know or recognize.  Also, you can ask yourself a few basic questions like have I ever been contacted by the IRS or Microsoft before?  Do they contact people this way (email, call, text, etc.)?

If you look at an email carefully, you can often see signs that it’s not legit.  The senders may misspell words or include poor quality images.  Also, you should carefully check the sender email address.  If you get an Fedex email from maryfedex@gmail.com, you know it’s not legit.  Also, criminals often shorten the website links they include in the body of their emails.  Without clicking on them, you can hover your mouse over them and see the complete link.  If an email is supposed to come from Amazon, but asks that you click on some weird looking link, you should avoid it.

Finally, to check whether or not an email is legit, you can go directly to the source.  If you receive a notification from Google, look up the company’s support number and call them about the notification.  If you get email from a company executive which looks suspicious, then contact them.  They may not be happy you called, but at least you avoided a large disaster.

 

 

 

 

 

References

  1. Wikipedia “Phishing.”  Link to Article
  2. ABC 6 “Main Line Health employees’ information compromised in email scam.” March 3, 2016. Link to Article
  3. FTC.gov “Scam Alerts.” Link to Website
  4. Fortune “Email Security: Beware These Top 10 Phishing Lures.” Link to Article
  5. NBC News “Massive Phishing Attack Targets Gmail Users.” Link to Article

 

 

 

Smartphone – Five Ways to Protect Your Device

Smartphone Hacking on the Rise

Smartphone

Do you know that there are about 230 million US smartphone users and over 2 billion worldwide?  Do you know that U.S. smartphone users spend about an hour and half each day on their phone?  For many of us, smartphones have become integral part of our daily lives.  Besides using them for email and making calls, we use them to do just about anything: banking, accessing social media and taking photos.  This means that smartphones can hold some really important personal and financial information.

Because the smartphone market is so large and these devices hold such valuable information, hackers have become increasingly focused on breaking into them.  Recently, there has been a large increase in smart phone hacking.  In the future, we expect the attacks to only get worse.

Recognizing these threats, we wrote an article about the five ways individuals can make their phones more secure and reduce the chances of being hacked.

Google Play StoreApplication Download and Installation

The first step you can take to better protect your smartphone is to be extremely careful about what you are downloading and installing.  The best rule of thumb is to only download apps from the Apple App store or the Google Play Store and not unofficial sites.

Apple does a great job of screening which apps become available through its App store.  You can be confident that the applications you install on your iPad or iPhone are free of malware and viruses.  The apps on the Google Play Store are more likely to have malware or viruses, but usually you can be confident when downloading from their store.  Google has a scanner which scans its Play Store for malicious apps.

Also, it is important to check the permissions a new app is requesting when you download it.  If a flashlight app is asking for permission to access your contacts, this should be a red flag.

 

Disable Bluetooth Bluetooth smartphone

When you can, we recommend that you disable bluetooth. Some hackers have used bluetooth to break into smartphones.  There are different bluetooth versions with varying levels of security.  The older versions have more security holes, while newer versions have become more secure.  In general, it is best to disable bluetooth when you don’t need it.

 

Find my iPhoneEnable Device Finder and Remote Wipe

If your smartphone is stolen, you want to be able to remotely track it and to delete it.  On the iPhone, you can enable “Find my iPhone” under the “iCloud” settings.  If your device disappears, you can put it in lost mode.  This locks your screen with a pass code.  You can display a custom message to help you get it back.  You can also delete everything on your iPhone, so your personal information cannot be accessed.  For Android devices, you can remotely locate, lock and wipe your phone by using the Android device manager and third party apps.

 

EncryptionEnable Encryption

While the iPhone comes with full-disk encryption automatically enabled, you will have to enable encryption on Android phones.  Basically, the encryption protects your data by requiring a password for someone to be able to access your information in a usable form.  Without that password, it would be extremely difficult to hack it.

To set up encryption on an Android, you would need to go into “Security” in the Android settings and select “Encryption.”  It may take an hour or two to encrypt the device.  Then, after this you will be asked to enter this password every time your Android device boots up.

 

smartphone Pass codeUse a Pass Code

Your phone should be set to immediately lock when not in use.  It is very important to set a pass code or biometric (finger print, face recognition, etc.) security to protect it.  If you are using a pass code, the longer the better.  If your code is six digits long, this will make it 100 times more secure than a usual four digit one.

There are locking settings you can change to increase your smartphone’s security.  For instance, immediate locking will ensure that it will be hard to access your important information.  Don’t set your phone to lock after one minute or so.  Also, you can set your phone to erase all data after a certain number of failed entry attempts.

Related References:

CNBC.com “Your Smart Phone could be hacked without your knowledge”: Link to Article

The New York Times “With Wikileaks Claims of C.I.A Hacking, How Vulnerable is Your Smartphone?”: Link to Article

Cnn.com “WikiLeaks CIA hacking claims: How worried should you be?”: Link to Article

 

 

 

 

 

 

 

Ten Ways to Protect Your Important Business Data

 

 

cyber-crime

Cyber Crime’s Rapid Growth

Did you know that cyber crime costs are projected to grow to $2 Trillion in 2019?1  That is almost four times the estimated costs of breaches in 2015. According to a new report by Hewlett Packard and the U.S-based Ponemon, hackers cost the average U.S. business $15.4 million per year2.

While large corporations have sizable IT departments, budgets and resources available, recent attacks on Target and other corporations show that they are still very vulnerable.  Because they have limited resources, including less IT support, small to mid-size businesses are especially exposed to attacks and cyber criminals know this.  These businesses often do not put formal security procedures and policies in place and do not properly train their employees on security issues. They are ripe for attack.

For more information about the business of cyber crime, please view the following video:

 

Cyber Crime Types

 

Cyber crime can include viruses, malware, hacking of websites or networks, phishing & social engineering, Botnets, Denial of services attacks (DoS), stolen devices and malicious insiders.  As the most common type of attack, viruses, spyware and malware may be unknowingly downloaded when an employee opens an attachment from a malicious email or visits websites with embedded viruses or malware while at work. They can cause computers to slow down and become unstable, track user keystrokes or can sometimes spread through the company’s network scrambling any data they run into.

Phishing is becoming an increasingly common way to gain access to important business and personal information.  Typically, it happens in a business when an employee receives an email which appears to be from a higher up and asks for employee or customer information.  Thinking it is a legitimate email, the employee replies with the requested information.

Phishing Example:

 

paypal_phish_example

Cyber Attacks Could Never Hit My Business

 

Some business owners don’t think that they could ever become victims of a cyber attack.  They say the chances are very slim.  Are they really?

Of the 252 businesses surveyed by the HP and Ponemon report, 99% reported being hit by virus and malware attacks, 62% were affected by phishing schemes, 45% had stolen devices and 35% experienced attacks by malicious insiders3.

You don’t have to look far in the Philadelphia area to find recent attacks.  In March 2016, an HR representative sent the personal information of about 11,000 Main Line Health System employees to a cyber criminal4.  This representative replied to a phishing email which appeared to be from a manager.

The point is that any individual and small to mid-sized business is vulnerable to intrusion by cyber criminals.  Therefore, it is extremely important to take steps to reduce this exposure and limit the damage, which could result from an attack.  Below, we will outline some of the basic steps business and personal users can take to protect themselves and their critical data.

Ten Ways to Protect Your Critical Business Data

 

Conduct a Security Audit

 

network_security1

Before your company can put certain security policies and procedures in place, it needs to assess the current state of its IT infrastructure.  An IT services company or professional will conduct a security audit where they will look at your network setup and configuration.  They will also closely examine all of the devices and software your company uses.  Finally, they will examine your website.

The main focus will be on the vulnerabilities which exist and eliminating those.  Could someone easily hack the wireless network?  Is there any firewall to prevent malicious traffic from entering or leaving the business’s network?  What email service is the business using?  Is it secure?

One of the most important parts of the audit is identify the company’s critical data and where it resides.  Knowing this information, you can design policies and procedures meant to protect and backup up this vital information.

Set and Communicate Company Security Procedures and Policies

 

While this may seem obvious to do, a lot of small to mid-sized companies do not have formal IT policies and procedures in place.  Even if they do, they may not have communicated these clearly to their employees.

These should be clearly defined and as detailed as possible.  Should every company computer lock up and require a password to log in after 30, 60 or 90 seconds?  Who should have access to which data?  What happens if an employee leaves or is fired?

Mobile devices, like smart phones and tablets, have added to the complexity of designing a plan.  There need to be specific rules related to what information employees can access using theses devices.  There also need to be plans as to what will be done if an employee’s laptop, phone or tablet is stolen or hacked away from the office.  Some companies require that their employees’ smart phones are set up so that they can be remotely wiped, in case they are stolen.

Install a Hardware Firewall

 

firewall-networkA hardware firewall is the first line of defense for a company’s network.  It will protect a company from suspicious traffic entering and leaving the company’s internal network.  It can also limit content and websites employees can access, which will prevent malware and viruses loading onto computers.  A firewall should have an active anti-virus subscription to screen any files or traffic entering.  For specific brands, Nucleus recommends Sonicwall or Cisco firewalls.

Separate Guest and Company Wireless Networks

 

Some businesses let visitors connect to their wireless network by giving them the network key.  This is an invitation for disaster.  Once someone gets this information, they can easily access important company information.

Businesses should set up a guest wireless network which is completely separate from their own wireless network.  Also, they should avoid using a Comcast or Verizon provided router.  These routers lack the security and configuration features of enterprise grade routers.  Also, they tend to transmit a weaker wireless signal which travels less distance.

Use Strong Passwords on Every Device

 

This may seem very obvious, but unfortunately when given complete freedom to set up their own passwords, employees often choose ones which are very easy to hack.  All you have to do is look at the 2015 top login passwords to see this.  “123456,” “password,” and “12345678” were the top three5.  It doesn’t take much imagination to guess these.

In general, passwords should be at least eight characters in length and require a capital letter, number and symbol to be secure.  Employees should not use the same password across all accounts.  If a hacker figures out an employee’s email password, then he or she will be able to get into all of the employee’s banking, file sharing and social media accounts.  Think of the damage that can be done!

Regularly Update Your Operating Systems and Software

 

Windows7Update_UpToDate

This seems like a simple practice, but many businesses fail to pay attention to updates.  Recently, we saw a server which had not installed any Windows or software updates for over a year and a half.  When you are in the middle of work, it is annoying to see a pop up asking you to do an update and restart the computer.  They always seem to come up at the worst time.   It is understandable that you might ignore or close out these popups to continue working.

It is very important to do Windows and software updates, because they will help your system to be protected from malware and virus exploits.  Operating Systems and software, that have not been updated leave a door open for these exploits.  At the very minimum, you should install Windows, Adobe and Java updates on a regular basis.

Install a Reputable Anti-virus on Every Device

 

While a hardware firewall provides an outer barrier for your company’s network, an anti-virus on a PC will provide a second layer of protection in case something was able to penetrate.  An anti-virus can prevent employees from downloading or running malicious files.  While many people think that their Macs and smart phones will not get viruses, the truth is that they can be infected.

Recently, Nucleus has seen more Macs getting infected.  As the number of smart phones in the world increases rapidly, cyber criminals are looking to infect and hack them.  Therefore, it would be smart for businesses to have antivirus installed on all smart phones and Apple devices.

Limit Remote Access to a Virtual Private Network (VPN)

 

Employees are increasingly working from home or remote locations and need access to important company information.  Smart businesses limit the amount of company data employees’ have on their devices, including smart phones and they centralize their data. If employees need to access company information, they should do it through a Virtual Private Network (VPN).  This is the most secure way to create a remote connection.

Encrypt Data and Emails

 

security-and-computer

Encryption adds another layer of protection to a company’s data.  It makes it nearly impossible for cyber criminals to access information.  If an encrypted laptop were to be stolen, it would be worthless to a criminal, except as a large paper weight.  Encrypted emails are transmitted in a way that the cyber criminal has no way to decipher the message.  There are many solid encryption software products, like VeraCrypt, DiskCryptor, Folderlock and Kryptos 2.

Backup and Disaster Recovery

 

While it is important to take steps to prevent any cyber attack from happening, it is impossible to protect your business 100%.  New and more complex malware and viruses are created each day.  For this reason, it is important to have a disaster recovery plan and data backup in place in case a cyber attack happens.

Your disaster recovery plan is the overarching plan which outlines how your business will respond when hit by a number of disastrous events.  These include fires, floods, hurricanes, power outages, terror attacks, virus and malware infections, hackings and harmful employee acts.   In the case your business location(s) is(are) completely destroyed or unusable, you want to have an alternative offsite location to conduct business.  You want to designate who will communicate with everyone in the business about the next steps and which employees will be expected to show up at the alternative location.

Your data backup is a critical part of the disaster recovery plan.  We have been able to save several clients by restoring backups when their systems have been encrypted by the Cryptolocker virus and other “ransomware.”   Typically, we recommend both onsite and offsite backups.  Your backup should be frequent and automatic, so it is not dependent on anyone remembering to do it.

Final Thoughts

 

Today, cyber crime attacks are happening more frequently and causing more damage to individuals and businesses every day.  Because of a lack of resources, small to mid-sized companies are especially susceptible.  Owners and employees have only a limited amount of time to dedicate to IT security issues before their daily focus is pulled away from operations.

Cyber crime’s growing threat makes it increasingly important that businesses better protect themselves.  In order to give businesses a starting point, this blog post has covered some of the basic protective steps every owner, manager and employee should take.  After these steps, there is much more that can be done.  Our future posts will touch on these next steps.

Stay tuned!

References:

 

1 Juniper Research “Cybercrime will Cost Businesses over $2 Trillion by 2019:  Link to Article
2 Ponemon Institute “2015 Cost of Cyber Crime Study”: Link to Download the Study
3 Ponemon Institute “2015 Cost of Cyber Crime Study”: Link to Download the Study
4 ABC 6 News “Main Line Health Employees’ Information Compromised in Email Scam”: Link to Article
5 Gizmodo.com “The 25 Most Popular Passwords of 2015”: Link to Article