Coffee Briefings deliver our entire audience – the IT administrators and channel partners as well as the C-Suite – the most complete news package with the latest headlines, interviews, and social media chatter. These briefings drop on Tuesday and Friday mornings. If you missed the last briefing, you’re in luck, because you can find it here. Today’s Coffee Briefing is delivered by ITWC editorial director Alex Coop.
What you need to know right now
It’s what you need to know right now in the world of IT and tech – ’nuff said. (Often taken with a side of Hashtag Trending)
Listen to the latest episode of Hashtag Trending
YouTube experiences widespread technical problems playing videos, a new device can apparently inject the music into your head without headphones, and the internet argues over how fast the new Arm-based Macbook Air really is.
Listen to the latest episode of Cyber Security Today
Data breach at Animal Jam, warnings to Minecraft users and Oracle point of sale administrators and login advice from Microsoft. Listen to the full episode transcript here.
Microsoft recommends users stop using phone-based multi-factor authentication
Ditch that telephone-based multi-factor authentication (MFA) solution, such as one-time codes sent via voice calls or SMS, urges Microsoft’s Alex Weinhart.
“These mechanisms are based on publicly switched telephone networks (PSTN), and I believe they’re the least secure of the MFA methods available today,” Weinhart wrote in a recent blog post. “That gap will only widen as MFA adoption increases attackers’ interest in breaking these methods and purpose-built authenticators extend their security and usability advantages. Plan your move to passwordless strong auth now – the authenticator app provides an immediate and evolving option.”
Weinhart reiterated that MFA is essential, and that the blog post is about understanding which MFA to use. “Use of anything beyond the password significantly increases the costs for attackers, which is why the rate of compromise of accounts using any type of MFA is less than 0.1% of the general population.”
He cited several issues with the state of the telephone networks today, adding both voice calls and SMS are transmitted in cleartext, meaning they can be intercepted by resourceful attackers with software-defined-radios, SS7 intercept services, and more. He recommends Microsoft’s Authenticator MFA app, and others in the comments section point out few things beat a traditional physical security key. Read the full blog post here.
Introduction of a new bill
The Minister of Innovation, Science and Industry Navdeep Bains will introduce a bill Nov. 16 to enact privacy legislation in Canada, as well as a bill to introduce a data protection tribunal.
⚠️ Enormous news for privacy law in 🇨🇦: on Nov. 16, 2020, @NavdeepSBains of @ISED_CA will be introducing a bill to enact consumer privacy protection legislation in Canada — including a bill to introduce a data protection tribunal. cc @TeresaScassa @f_mb @CJPiovesan + many others https://t.co/O3pBZDexJu
— yuan (you-anne) stevens 💾 👀 (@ystvns) November 13, 2020
In case you missed it
The recent tech news that we maybe didn’t get to yet, or it’s the news we’ve reported on and feel is worth resurfacing. Sometimes we’ll also feature awesome stories from other publications. We also show love for the IT channel, so expect news that MSPs and resellers care about to pop up, too.
Commissioner issues proposals on regulating artificial intelligence
The Office of the Privacy Commissioner of Canada (OPC) yesterday released key recommendations for regulating artificial intelligence. The recommendations are the result of a public consultation launched earlier this year.
The OPC is calling for legislation that will help to reap the benefits of AI while upholding individuals’ fundamental right to privacy. These include amending the Personal Information Protection and Electronic Documents Act (PIPEDA) to:
- allow personal information to be used for new purposes towards responsible AI innovation and for societal benefits
- authorize these uses within a rights-based framework that would entrench privacy as a human right and a necessary element for the exercise of other fundamental rights
- create a right to meaningful explanation for automated decisions and a right to contest those decisions to ensure they are made fairly and accurately
- strengthen accountability by requiring a demonstration of privacy compliance upon request by the regulator
- empower the OPC to issue binding orders and proportional financial penalties to incentivize compliance with the law
- require organizations to design AI systems from their conception in a way that protects privacy and human rights
The OPC also published today a separate report by Ignacio Cofone, assistant professor at McGill University’s Faculty of Law, which informs the recommendations for law reform. The OPC commissioned this report, which also takes into account stakeholder feedback in the OPC’s consultation.
During the consultation on AI, they received 86 submissions and held two in-person consultations. The OPC consulted and received feedback from industry, academia, civil society, and the legal community, among others.
Google makes you pay
Starting June 1, 2021, any new photos and videos users upload will count toward the free 15 GB of storage that comes with every Google Account or the additional storage they’ve purchased as a Google One member.
“This change also allows us to keep pace with the growing demand for storage. And, as always, we uphold our commitment to not use information in Google Photos for advertising purposes. We know this is a big shift and may come as a surprise, so we wanted to let you know well in advance and give you resources to make this easier.
OVHcloud and Google Cloud announce a strategic partnership
OVHcloud says it will introduce a new hosted private cloud offering by bringing Google’s open source-compatible Anthos technology to its own scalable dedicated infrastructure, fully operated and managed in Europe by OVHcloud teams.
In a Nov. 11 press release, OVHcloud said the companies plan to “build joint solutions that empower customers to draw all the benefits of a multi-cloud and open approach,” adding it will also drive success within its ecosystem of third-party developers.
When asked what benefits Canadian customers and partners will see, an OVHcloud spokesperson had this to say:
“This capability is available worldwide with the exception of the U.S., although in the first place this partnership aims at helping European organizations accelerate their ability to digitally transform their business. Data will be stored and processed on OVHcloud’s own highly scalable dedicated infrastructure, fully operated and managed in Europe by OVHcloud teams. We do not disclose the product availability roadmap at this point and will keep you informed in due time. In Europe and beyond, this partnership aims to bring cutting-edge technologies, built on trusted infrastructure, to organizations to help them meet their growing needs for strict data controls, security, transparency and privacy while deploying cloud native applications. It clearly validates the growing trend towards data sovereignty and the need for more transparency in a multi-cloud environment.”
OpenText’s digital forensics software solutions now available on Microsoft Azure
OpenText EnCase Forensic and EnCase Endpoint Investigator are now certified on Microsoft Azure, the company announced earlier this week at OpenText Enfuse On Air 2020.
OpenText says its EnCase solutions in Azure will benefit law enforcement and enterprise investigators in several ways by allowing them to easily share case data for better collaboration with other stakeholders via OpenText EnCase Evidence Viewer – an application that enables secure access to case data for outside consulting. [Full story]
Separating the modem and router is the best way to get stable Wi-Fi, experts say
When asked about what configuration people should strive for in a home Wi-Fi network, most experts gathered at the Canadian ISP Summit agreed that tacking on an external router to the ISP-provided unit is the way to go. [Full story]
5 habits for successful AI deployments
Nearly half of CIOs say they now employ artificial intelligence (AI) or intend to within the next 12 months. However, many organizations still struggle to deliver AI beyond proofs of concept (POCs) and into production. According to Gartner research, over the past two years, only 53 per cent of POCs have actually made it beyond the lab into production, taking an average of 9 months. Here are the 5 habits of enterprises that are the most successful in deploying AI, that all organizations can learn from to make their own AI projects successful. [Full blog post]
Canada to spend $750 million on developing network infrastructure
Dell Technologies ups its data protection game with new solutions
Dell Technologies has had a busy week, releasing new Dell EMC Ready solutions for genomics, HPC with Bright Computing Cluster Manager, and digital manufacturing on Monday. Today marks the launch of new PowerProtect solutions to protect all that data. [Full story]
Bookmarks of the week
A few bookmarked tweets that we think are worth sharing with you.
Consumers are increasingly concerned about how their personal information is used by organizations and what measures are in place to protect their data.
— Antonio Grasso (@antgrasso) November 11, 2020
— IT World Canada (@itworldca) November 13, 2020
The r/MSP recap
The MSP subreddit community is growing rapidly. It’s also a chatty bunch. With more than 85,000 members as of today, it’s worth taking a look at what they have to say every once in a while. Here are the recent top posts. Click on the posts to view additional responses.