Listen to Jesse Mulligan and Daniel from Vertech IT Services chat about CamScammers and Conditional Access Policies and some handy apps that might save you time!
Jesse Mulligan: Well, good afternoon. Lovely to have you listening today. Time for Tech Tuesday, and I'm joined by Dan Watson, who's the MD of Vertech IT Services. He joins me now. Hi Dan.
Daniel Watson: Hey everyone.
Jesse Mulligan: And you've been putting some thought as always into ways to make people's lives easier through technology. And what have you got first for us today? Something called CamScanner.
Daniel Watson: This is a little app that I've been using for a while and I paid the piffling amount to have it with ad free experience on the phone.
Jesse Mulligan: It's such a mental block actually paying for apps. No matter how valuable they are to you lives. Will I pay a dollar 99? No, I will not.
Daniel Watson: Yeah, but I've had that same app on every phone since my first Galaxy tv.
Jesse Mulligan: Oh, tell me about it.
Daniel Watson: The mental block. I know. If you find that you are using something and your like, oh, this is good, then you might as well pay that two or $3 and then you've got it and you get rid of the ads and you can get better support and that kind of thing. But see, where it comes up really handy for me is because I volunteer a few across various organizations. Invariably I'm going out there, I'm buying something to get the job done at scouts, and then I've got to get reimbursed later. I always lose those receipts. I just find those little paper things annoying. But if I can use the CamScanner to scan to PDF, and usually if an organisation has zero as their accounting tool, you fire it through to a specific email address within the organisation for expenses and it turns up a bill that makes the bookkeeper's life really easy because it automatically ingests it and you're much more likely to get your money back without providing money and your time.
Jesse Mulligan: That's good. Yeah. I had one that I was, think it was called Receipt Bank that I was using for a while, but it was quite a hefty subscription. I think it was $20 bucks a month or something. And if all it's doing is taking photos of, it'd be great for some people, but for me, all I wanted was a record of the receipts and the ability to send them on. So yeah, I was probably over engineering the problem.
Daniel Watson: Yes. And there's another handy thing about once you've got that PDF often, another thing comes up for me is if you're going to the bank and they say, Hey, or you're applying for a grant or something like that, there's always a PDF form. Print this out, sign it, return it tools like foxit, PDF on your pc, it's a free one, it's a free computer amp, but it has a neat little signing function in it. So you can open the PDF, enter text onto the PDF and then click the sign and you can store your signature in there and you just do it roughly with a mouse. I mean, as long as it looks roughly like your signature, you can recognize it. You apply it to the document b bash Bosch, apply your signatures and then send it straight out on the email. So no more of this getting a document off, signing it, and then scanning in one by one.
Jesse Mulligan: Such a pain...
Daniel Watson: They always end up looking pretty dodge in the end. It's gone back. If you ever done real estate transactions where it's like...Facts off account offer, I know some people still do, not many of them left, but hey, if you've got one of these, then you don't need a fax machine.
Jesse Mulligan: A couple of things RNZ does not endorse Dans you that if you wave your mouse around, it looks vaguely like your signature. That's good enough. And also you may come across and my bank manager often asks me to sign something in wet ink, which I guess is her way of saying do it properly.
Daniel Watson: Yeah. Okay. Alright. Well forgiveness and permission...
Jesse Mulligan: 99% of people are not going to care, are they?
Daniel Watson: That's right. If they really insist upon it, they're going to insist that you do it and alright, that's what you got to do. But other people have mentioned that it's useful for getting school permissions and that kind stuff... I.e. that piece of paper out of your kids' hands. Yeah.
Jesse Mulligan: The child's not going to turn up at the bus and the teacher says, no this doesn't match your father's signature that we've got on record. I'm afraid you're staying back at school. There's something else you want to talk about today. Conditional access policies, which sounds like hardcore IT jargon, but it can actually be pretty useful, particularly for people who own businesses.
Daniel Watson: Yes. Okay. So we have had a couple of instances where businesses have had access into their cloud environment, their Microsoft 365 compromised, and even when they had multifactor authentication. Typically how this happens is either the phone being compromised and the access token stolen from it, exfiltrated off the phone, and then reutilised by the bad guys in another location now. Okay. Alright. That is difficult to protect against because phones are harder to secure and often take a bit more effort. However, from a business perspective, it's not too difficult to utilise some of their additional licensing within the Microsoft world to add in conditional access. So what that looks like is if normally you access the office 365 from your office in Christchurch, then it is possible to state that, okay, within the office location, I'm going to say you don't have to do multifactor authentication because you're in a trusted location sitting behind a firewall.
But if you're in Australia, we are going to ask you to do the multifactor authentication because that's not your normal location day to day. But according to the policies of your setup, we recognise that you could travel there on holiday, want to do some work, we're just going to ask you to re-authenticate at that time. But if you try and logging in from Uzbekistan, there's no real reason why that would actually be needed. So we'll just put a blanket block across all of Houston, Europe, etc. And if you do happen to want to travel there, we can make an exception at the time. So that's some of the things that you can do with conditional access. And sometimes it's just a case of adding in one extra license that permits that within your business structure for a relatively low cost, but it eliminates a whole bunch of bypass methods that the bad guys use.
Jesse Mulligan: Yeah, it's funny how often those attempts come from the same part of the world. I mean, China's been in the news today, but it is usually eastern Europe that pops up. I had to woke up the other morning and I had an access code that had apparently been requested by me to get into my LinkedIn account. It was in the middle of the night from Moscow. That gave me a bit of a fright.
Daniel Watson: Yeah. Different time zones. Yes. And in some places that kind of stuff is very nearly state sponsored. It's like in North Korea. It is a source of foreign investment, sorry, foreign capital I should say, into a country that is deeply starved of it. And it is just seen as a way to target easy money, unfortunately in places that are poor.
Jesse Mulligan: Hey, without getting too deep into this second recommendation of yours, conditional access policies, is that something that you can just search around in the Microsoft ecosystem? It'll tell you how to do it...
Daniel Watson: Yeah. If you've got a bit of savagery about you, you can have a crack at it. Although realistically, it's probably a job for your local IT guy to have a crack if you're a business. Generally, that's the kind of stuff that we recommend for businesses because there's so much more at risk if they get into the CEO or the financial controllers or the cheap operating officer. These guys have permissions and authority and access to systems that most individuals don't have. And if you're talking about a payroll that the wrong way for some businesses, that could be a real quick 50k out the window. Right? So it's worth putting the extra layer of protection in because the risks dictate it.
Jesse Mulligan: Ok, well thanks to our local IT guy, Dan Watson from Vertech IT Services, great to chat to you as always. Thanks Dan.
Daniel Watson: No worries mate. Take it easy.