Category: Uncategorized

Your stomach knots as you notice the shimmering glass on the concrete beside your car. With a sinking feeling that gets worse with each step, you know what you’ll find. You were only in the store for a few minutes—how could this happen!? And sure enough as you step up to the car, you confirm what you already knew: shattered glass on the passenger-side seat where just moments before your backpack had been. And inside it your laptop, wallet, and smartphone. Gone are thousands of dollars’ worth of electronics…and signed-in access to your email, bank accounts, credit cards, medical records, and who knows what else. 

You immediately run into the store to call the police.

As more and more of our lives are stored on smartphones and laptops, the prospect of being without them can be frightening. They represent convenience, privacy, security, organization, even offloaded memories. All weightlessly and effortlessly digitized and available on demand. Their loss can be stressful, traumatic to the point of “smartphone separation anxiety.” 

So it’s interesting to contrast our collective reaction to the Equifax data breach, in which at least 145 million Americans had their names, Social Security numbers, birth dates, addresses, and, in some cases, driver’s license numbers stolen en masse. That data is no doubt making its way around the dark web, being sold in whole and in parts, today, tomorrow, and forever. After all, data has no expiration date.

The Equifax breach was in the headlines for weeks, covered in-depth by practically every major media outlet. You couldn’t have missed the news. As the scope of the theft became known, there was extensive coverage of what to do and how to check your credit accounts for signs of identity theft. Yet in a post-breach survey of 1,000 Americans, only 22% had initiated a credit freeze on their accounts, one of the key steps recommended by experts. If 145 million of us had our smartphones stolen, would 78% of us decide to stick our heads in the sand?

Comparing these two thefts reveals something really important about where we’re at with privacy and data security today. People just don’t value digital data in the same way we do physical access to our information. But we should. In fact, there’s reason to believe we should be even more concerned about our online information being stolen. According to the Bureau of Justice Statistics, 7% of Americans above the age of 16 were identity theft victims in 2014. There were 1,091 reported data breaches in the U.S. in 2016, and experts predict that this number will jump by 37% to 1,500 by the end of 2017. The odds that you or someone you know has or will be victimized are high. One expert grimly assessed the situation by saying, “It’s a safe assumption that everyone’s Social Security number has been compromised and their identity data has been stolen. While it may not be explicitly true, we have to operate under that assumption now.” 

The identity theft threat 

Identity theft impacts many areas of our lives. Hackers and analog fraudsters use stolen data to steal federal tax refunds, open credit lines and bank accounts, steal money from existing bank accounts, and even use their victims’ insurance policies to receive medical treatment. Even more alarmingly, there seem to be new ways for cybercriminals to steal personal data all the time. High-profile cases like Equifax occur due to database hacks, but phishing and text scams, malware, and “evil twin” Wi-Fi attacks (in which hackers set up malicious connections that mirror legitimate hotspots) are also used to steal information. If you unwittingly log into your bank account through a corrupt connection, you’ve just handed hackers the keys to your financial life. 

Digital hacks are becoming increasingly sophisticated and increasingly worrisome. A series of recent cyberattacks on hospitals and medical organizations highlights the growing problem. In one case, an 85-year-old woman received benefits documentation for a nose job she had never had – someone stole her information to receive the cosmetic surgery under her insurance plan. A Los Angeles hospital shelled out $17,000 in Bitcoin to hackers who were holding its electronic medical records ransom. Such hacks are extremely dangerous because they provide criminals with key pieces of data needed to successfully pull off an identity theft scam. Once you have someone’s name, birthday, and Social Security number, it’s not terribly difficult to begin opening accounts in their name. 

Americans aren’t unaware of cybersecurity risks. The Pew Research Center found that 64% of people surveyed in the U.S. had personally experienced a significant data breach. Roughly 50% expressed a lack of confidence in the federal government’s and major social media sites’ abilities to keep their data secure. With those kinds of numbers, you’d think we’d be more nervous about digital theft than physical break-ins. 

But it seems that the opposite is true. The same Pew study indicated that despite people’s awareness of cyber threats, most practice rather poor digital hygiene. Only 12% used a password management system, which is a best practice cybersecurity experts often recommend. Many simply memorize their passwords or write them down with pen and paper, and they often used the same passwords for multiple accounts – all of which experts advise against. Pew also found that many people are lax in their smartphone security, leaving their phones unlocked or failing to install system updates that contain important security patches. 

Rethinking cybersecurity 

So, what gives? We know that cyberattacks pose substantial threats to our data, yet we consistently fail to protect our digital security in the same way we protect our physical property. One reason for this might be the “free” nature of online content. We’ve become so accustomed to consuming digital content for low or no cost that perhaps we undervalue what’s online. Whether or not we’re conscious of it, we make the calculation that our online information is more disposable, or at least less valuable, than hard copies of our data. 

While that mentality might have made sense 20 years ago, it doesn’t work today. More and more, we share and save important data online, from photos and videos to deeply private data about ourselves. Not being able to hold that data in our hands doesn’t make it less valuable than the property we keep in our homes. As more of our financial, medical, and other personal records are digitized, we should be just as concerned – if not more so – about our online data as we are about information in “real life.”  

There is a war being fought online between people, corporations, governments, and other organizations defending against every “black hat” hacker determined to steal data, profit from ransomware, or any other nefarious act. You could say that victims of identity theft are a casualty of this war, paying a steep financial price when fraudsters use stolen credentials like Social Security numbers and credit card accounts to create false identities. 

If you haven’t been the victim of identity theft, or known someone who was, you’re fortunate because the problem has become widespread and all-too-common. In 2014, the latest year for which there’s data, 17.6 million U.S. residents above the age of 16 reported being identity theft victims. That’s 7% of the population aged 16 or older, according to the Bureau of Justice Statistics’ data. 64% of those victims experienced direct financial loss that averaged $7,761 each.

To get a sense of just how big a number that is, consider this. In 2015, there were 17 million undergraduate students enrolled at a university in the U.S., a number that’s actually 600,000 smaller than the total number of identity theft victims. That’s a grim reminder of the importance of cybersecurity in the modern digital world.

Entefy’s enFacts are illuminating nuggets of information about the intersection of communications, artificial intelligence, security and cyber privacy, and the Internet of Things. Have an idea for an enFact? We would love to hear from you. 

Wael Ghonim helped spark a revolution that toppled Egyptian President Hosni Mubarak. This was 2011, so unlike, say, Che Guevara, Ghonim had access to social media to help organize people and protests. “Social media was crucial for this campaign,” he said. “It helped a decentralized movement arise. It made people realize that they were not alone. And it made it impossible for the regime to stop it.” 

Connecting people is the stated goal of social media, or at least it was. Access to everyone you know or have ever met, right there a tap or two away. Yet over time, the promise of social media has fallen short of its once high-minded standards. Even Ghonim, six years after the Egyptian revolution, concludes: “The Arab Spring revealed social media’s greatest potential, but it also exposed its greatest shortcomings. The same tool that united us to topple dictators eventually tore us apart.” 

Social media platforms today don’t represent unification but division. Instead of bringing all of us together, it brought some of us together. Social platforms are more likely to consist of clusters of like-minded people with largely similar viewpoints and beliefs. The platforms direct our attention away from the people (and viewpoints) in the other clusters, by design exposing us to fewer of their updates and shares. What’s emerging is awareness that social media is leading us to become overconfident in our knowledge, to discredit divergent perspectives, and to make irrational decisions. We’re a long way from social media’s golden promise not too many years ago. 

The data defining social media echo chambers

In the modern economy data is power. With every online interaction, a user provides a small piece of information about their preferences and ideologies. While a single interaction may not reveal a great deal, thousands of them reveal quite a lot. The more a company learns about us, the better they become at predicting how we’ll respond to different types of information. 

Social networks want engagement and interaction. Clicks, likes, comments, and shares ensure people have their attention on the information at hand. When we don’t respond positively to some information, our psychological profile is updated, there’s a change somewhere in the algorithm, and we are shown less of that type of content in the future. When we respond positively, that type of content is reinforced. 

A 2016 study confirmed that these “echo chambers” exist on Facebook, and are made possible through confirmation bias and algorithm updates. “Confirmation bias helps to account for users’ decisions about whether to spread content, thus creating informational cascades within identifiable communities. At the same time, aggregation of favored information within those communities reinforces selective exposure and group polarization.”

The more we rely on social media to get our information, the more our biases will be reinforced. “This attention economy, vying for clicks, eyeballs, pushes people into very confirmatory outlets,” says Alex Krasodomski-Jones, a researcher at the Centre for the Analysis of Social Media, and who led a study that found these same political echo chambers are present on Twitter.

What happens is our social networks turn into a stream of information catered to each individual. The term “news feed” is apt, as more people use social media as a news source, the information they’re exposed to is continually customized for their tastes. It’s a self-reinforcing cycle that whisks us away from bipartisanship and into echo chambers, where everyone shares our opinion and supports our beliefs. 

Social media drives overconfidence in what we know

There is another behavioral impact caused by echo chambers: overconfidence in what we know and what we believe. When someone relies almost entirely on social for news and information, they naturally miss out on the perspectives and opinions of people occupying different ideological domains. A well-rounded understanding does not come from one-sided information.  

One study of how the Internet inflates our understanding of what we know suggests that accessing information online can cause us to become overconfident in our knowledge of it. The researchers asked participants a series of questions with some of them able to look up the answers online, followed by a second set of questions. Those that could look up information overestimated their ability to answer the following questions, even when they were unrelated, and even when their prior searches came up empty.

“We saw that people were more confident that they knew the answers—had the information in their heads—if they had access to search. It’s more like thinking you know how to fix a car if you have access to a mechanic,” says lead author Matthew Fisher in an interview with HBR. “Searching the internet is almost effortless, and it’s almost always accessible. You never face your ignorance when it’s there. Because we’re so deeply plugged into it, we misattribute the connection to knowledge to actually having the knowledge ourselves. It becomes an appendage.”

This builds upon other research into the “Google Effect” showing that when people look up answers online they tend to remember only where they found it, not what the information was. Other research into gut instincts indicates that our evaluation of truth can come from purely intuitive reactions, which value familiarity and ease of comprehension over any rigorous analysis. While these studies focus on the Internet rather than social media itself, it is on these social networks that we consume a lot of our information.

Putting all of these insights together tells us a lot about why we’re seeing the limits—and strains—of social media use. When we become sheltered and uninformed, we grow biased and overconfident in our knowledge thanks to being surrounded by confirmatory information; we either remain ignorant of opposing ideas or they appear to come from a discredited minority. Even the knowledge that validates our ideas often stays online rather than being incorporated into our memory. When it comes time to have any meaningful debate or discussion, we feel assured that we’re right even when we’re unable to support our argument.

We’re right, they’re wrong

People have always drifted towards other people who think and behave similarly. “Homophily, where we hang out with people like us, is an ancient human trait, resulting from our basic psychology. That applies to segmentation of media as well,” says Tom Stafford, a cognitive scientist at Sheffield University. Opposites, in this sense, do not attract. Social networks, while opening up a new world of communication and sharing, have inadvertently given people the opportunity to form insulated communities, and to reinforce an already problematic confirmation bias.  

Throughout most of our history we have formed small coordinated groups that depended on people sharing the same values and beliefs. Whether such cohesion can exist in groups numbered in the billions remains to be seen. What we can be sure of is that more content is going to be published every day, and a big challenge is going to be trying to get the good, truthful, objective information to spread across this network and into the attention of as many people as possible. 

Social media aided Wael Ghonim in making the Arab Spring possible by giving him a platform to organize people around an idea. Since then, people have grouped around many ideas, some of which are beneficial, others based on nonsense and erroneous assumptions. “Five years ago, I said, ‘if you want to liberate society, all you need is the Internet,’” recalled Ghonim. “Today I believe if we want to liberate society, we first need to liberate the Internet.”

Phishing refers to any attempt to obtain a person’s sensitive private data—usernames, passwords, bank account numbers—or plain old cash, usually using a misleading email or other communication. If you’ve ever received an email from a down-on-his-luck Nigerian prince looking for some help, you’ve been targeted in a phishing scam. Believe it or not, people around the world lose $12 billion annually to phishing.

The New Zealand-based Internet safety nonprofit Netsafe has a novel tool for fighting back against phishing, called Re:scam, an AI-powered chatbot that responds to phishing emails. Not once, but again and again, as long as the scammer continues sending emails. Anyone can use Re:scam by sending a phishing email to a dedicated Netsafe email address. You can see the chatbot in action in this article.

Though Re:scam offers some humor, there’s nothing funny about the $12 billion annual loss due phishing scams. Phishing is digital activity we all need to be aware of, on the same list as malware and the unannounced collection or misuse of our sensitive private data. To help keep you informed about what’s going on in personal data security, we’ve assembled 10 examples of hacking and data collection threats to your digital security:

1. Take a closer look at Facebook’s “People You May Know.” Facebook may know way more about you than you ever imagined, or intended. Case in point: a one-time sperm donor received a Facebook recommendation that he should connect with the child born of his donation—despite having no Facebook connection to the child’s parents. “Behind the Facebook profile you’ve built for yourself is another one, a shadow profile, built from the inboxes and smartphones of other Facebook users. Contact information you’ve never given the network gets associated with your account, making it easier for Facebook to more completely map your social connections.” 
2. Entefy has previously examined privacy problems with so-called “Internet of Toys” products. Despite consumer concerns about invasive data collectors masquerading as toys, Mattel attempted to launch an Amazon Echo-style device intended for use by children. Briefly, because they quickly announced it was canceling plans to bring to market a smart device called Aristotle. Aristotle was “aimed at children from infancy to adolescence and was set to hit stores in 2018. The voice-activated Wi-Fi device with a companion camera was billed as a ‘first-of-its kind connected kids room platform’ that was designed to ‘comfort, entertain, teach, and assist during each development state — evolving with a child as their needs change.’” After a consumer safety petition gathered 15,000 signatures, two Congressmen sent a letter to Mattel in which they wrote: “This new product has the potential to raise serious privacy concerns as Mattel can build an in-depth profile of children and their family. It appears that never before has a device had the capability to so intimately look into the life of a child.”
3. A Google Home Mini given to a journalist ahead of the product’s launch suffered from hardware defects that caused the unit to make thousands of recordings without being purposefully activated. Or in his words, “spying on me 24/7.” Google resolved the situation by disabling the malfunctioning features. Nevertheless, the defect reinforces just how potentially problematic an Internet-connected home device can be if hacked or otherwise misused to secretly collect data about you and your family.
4. File this under “potentially worrisome.” Apple’s iOS 11, the operating system that powers iPhones and iPads, has a new feature that provides machine learning functionality that third-party apps can make use of. Called Core ML, it lets developers make use of Apple’s artificial intelligence capabilities so third-party (non-Apple) apps can crunch user data to provide personalization services. Which isn’t itself a problem. But questions instantly emerged about privacy and security: “It’s hard to tell during App Store screening [Apple’s approval of a new app] whether a Core ML model can accidentally or willingly leak or steal sensitive data.”
5. There’s a potentially serious privacy loophole in iOS that could allow any app with permission to access the iPhone’s camera to secretly take photos and videos without you knowing. Some apps might request camera access when starting up to obtain a profile picture of you, or to handle media you want to send to friends. If users grant an app permission to access their device’s camera, that app can now do much more than take a photo of you. What’s worse, there’s no indication of the app’s activity, so you’re none the wiser.
6. Here’s a reminder of just how important software updates and vigilant security practices are these days. One malware research organization looked into the ransomware economy and found that there was a 2,502% increase in the sale of ransomware on the dark web from 2016 to 2017—in just one year. Entefy has covered how blockchain technology can improve cybersecurity, but it may be years before the potential for that increase in cybersecurity is fully realized. Until then, be careful out there.
7. Security software provider Symantec shared some startling findings about malware on the Google Play app store: “We have encountered a new and highly prevalent type of Android malware posing as apps on Google Play and later adding compromised devices into a botnet. So far we have identified at least eight such apps, with an install base ranging from 600,000 to 2.6 million devices. This malware appears primarily targeting users in the United States, but also has a presence in Russia, Ukraine, Brazil, and Germany.” The company notified Google Play of these malicious apps and Google has confirmed removing these apps from the store.
8. In an announcement straight out of a spy movie, security researchers at an Israeli university showed that security cameras infected with malware can receive secret signals and leak sensitive information. According to the researchers, “Security cameras are unique in that they have ‘one leg’ inside the organization, connected to the internal networks for security purposes, and ‘the other leg’ outside the organization, aimed specifically at a nearby public space, providing very convenient optical access from various directions and angles.” Hackers can potentially use this covert communication channel to install malware and steal data from any computing device connected to the same network as the camera.
9. Not even pacemakers are safe from hackers. The FDA issued an emergency firmware patch intended to protect people who have a pacemaker from hackers. The FDA stated, “As medical devices become increasingly interconnected via the Internet, hospital networks, other medical devices, and smartphones, there is an increased risk of exploitation of cybersecurity vulnerabilities, some of which could affect how a medical device operates.” The software patch took just 3 minutes to update and did not require surgical removal and replacement of the vulnerable devices.
10. Another category of security threat plagues the servers that power infrastructure like the electrical grid and banking networks. One such backdoor was found in software used by banks and energy companies. Called ShadowPad, the malicious code allowed hackers to secretly collect data as it passed through infected servers. This particular vulnerability was discovered by a security research firm after 17 days. The potential for a future backdoor malware to go undetected raises the specter of an energy grid shutdown like happened in the Ukraine. 

Entefy regularly covers data trackers and cybersecurity threats, most recently in a presentation highlighting threats to your sensitive private data.

With news outlets breathlessly reporting every time the price of Bitcoin reaches new highs, all the hype around it might suggest that Bitcoin is the biggest thing since cruise control.  

Meanwhile blockchain, the infrastructure technology that makes Bitcoin, Etherium, and other cryptocurrencies possible, garners far less attention in the general media. Scratch just below the surface, though, and you’ll quickly find that new uses of blockchain are emerging daily. And those novel uses of this novel technology may be big or bigger than Bitcoin in the not too distant future.

Let’s start with a non-technical analogy that gives you some context for blockchain and Bitcoin. It goes like this: Blockchain is to paper as Bitcoin is to cash. That is to say, just like paper, blockchain is a foundational technology upon which other capabilities can be built. Bitcoin and other cryptocurrencies are the first examples of a new class of digital currencies that are built using blockchain. But already in development are other blockchain-powered applications like replacing Social Security numbers with a more secure digital alternative, creating securely encrypted yet easily portable medical records, and tracking and auditing government disbursements like tax refunds. 

How can a single technology support all those very different uses? Let’s take a look at how blockchain works. Then dive into how it’s being used.

Blockchain is a distributed, encrypted, auditable record of transactions

A good starting point for understanding blockchain technology is to picture an accounting ledger book, filled with line after line of transaction records. Pretty straightforward. But this ledger book has some interesting properties. First, there are copies of it all over the place, so that no one person controls access to the ledger. Next, anyone who wants to can inspect its contents at any time. Finally, adding a new line item to the ledger only happens after everyone agrees that the record is correct and accurate. There are security aspects as well, but we’ll get to that in a moment.

That’s the blockchain concept in a nutshell. Putting all of those items together gives us a working definition: Blockchain is a digital ledger that is distributed (no central owner of the records), encrypted (highly secure), and auditable (records can be inspected and verified). Let’s look at each of those elements in turn.

Blockchain is a type of distributed ledger technology, an electronic record of information where multiple copies of the ledger exist simultaneously and are always in sync. The information contained on the ledger can be anything, from transaction records to contracts between businesses to medical records. That’s an important point: Bitcoin uses blockchain, not Bitcoin is blockchain.

A blockchain system is digitally distributed across a number of computers in real-time. Being decentralized means that a copy of the entire blockchain record is available to all users via a peer-to-peer network. A peer-to-peer network simply means that computers hosting blockchain ledgers connect directly with each other, and not with one “hub” computer. There’s a key business implication here, which can be explained by looking at the financial services industry. Blockchain’s decentralized and peer-to-peer structure does an end run around service provider intermediaries like banks or brokerage firms. Using blockchain, buyers and sellers of a financial instrument like shares of a stock can transact directly without needing to use (and pay for) a brokerage firm. Big picture, pretty much any business based on collecting fees in exchange for connecting two parties in a transaction faces significant risk of disruption from a blockchain-powered alternative.

That last idea is a key part of why blockchain is considered a disruptive technology. The world’s largest banks are intermediaries that enable pretty much every possible financial transaction: loans, mortgages, capital equipment purchases, IPOs. In exchange for providing the infrastructure that makes these transactions possible, the banks collect fees. Highly profitable fees. So not surprisingly, financial services companies are moving quickly to implement blockchain.

The security aspects of blockchain technology are equally important, but far more technical. Without diving into detail, what’s important is that with blockchain, transparency and security go hand-in-hand. Each block in the blockchain is individually encrypted using a private and public key encryption framework. This creates security at the block level. 

Blockchains are auditable, meaning that anyone can inspect its records. This in turn creates another layer of security in which the blockchain becomes more secure with more participation. This is because more people monitoring the blockchain makes it nearly impossible to alter blockchain data in any unauthorized way. More eyeballs on the data, fewer chances of mistakes or opportunity to do anything nefarious with the records.

That’s the blockchain in a nutshell. Now let’s look at how it is used to enable cryptocurrencies.

Blockchain enables cryptocurrencies like Bitcoin and Etherium

The term cryptocurrency means secure digital money. To date, Bitcoin has attracted the lion’s share of attention, with Etherium a close second. But as of November 2017, there are 1,172 and counting cryptocurrencies each with its own blockchain infrastructure. 

Understanding the blockchain is actually the hardest part of understanding cryptocurrencies like Bitcoin. Because once you’ve grasped how a blockchain works, the only other thing you need to know about Bitcoin is that it’s a currency (and digital payment system) with records contained in its own blockchain ledgers.

Bitcoin has another concept that shines further light on the blockchain: Bitcoin mining. The world’s supply of gold increases as more of the substance is dug out of the Earth and introduced to the market. Bitcoins are also mined, but the mining process looks very different. Here’s how it works. Each Bitcoin block contains a unique, complex mathematical problem that is unsolved. Solving that math problem yields a reward in the form of Bitcoin (or a fraction of a Bitcoin). The people who attempt to solve these equations are miners; the process of solving them is called mining.

But like the millions who chased dreams of free gold laying around in streambeds during the Gold Rush, there’s a catch. Well, two catches. The first is that solving these mathematical problems requires the use of computing power. Lots and lots of computing power. In fact, so much computing power that dedicated computers called Application Specific Integrated Circuits have been designed to enable mining. And not only are these computers expensive, the electricity required to run them is considerable, which adds a steep cost to Bitcoin mining. The electricity being used in Etherium mining, for instance, is equivalent to the entire electrical usage of the country of Cyprus.

The other element that makes Bitcoin mining a risky proposition is built into the original design for Bitcoin. In a bid to prevent Bitcoin inflation (a rapid increase in supply), only 21 million Bitcoins can ever come into existence. Every 4 years, the number of Bitcoins available as rewards is reduced, making Bitcoin mining more difficult as time passes. In 2009, it took Bitcoin miners just a few days to mine 200 coins; in 2014, it took the equivalent of 98 years to mine just one. It is estimated that the 21 million Bitcoin threshold won’t be reached until 2040.

Blockchain beyond Bitcoin

Blockchains are being built by governments and companies around the world, using the advantages of the technology to enable new uses. Here’s a sampling of blockchain at work in a variety of industries:

To address concerns about safety and property damage, sharing economy companies could employ blockchain to provide secure, authenticated user reviews and histories. 

As more homeowners who use solar power find themselves net generators of electricity, a blockchain-powered electricity network could allow homeowners to sell power directly to other users, without paying fees to an incumbent provider.

Businesses can use blockchain for self-executing, self-enforcing smart contracts, for instance between a company that exports fruit and its shipping partner.

As a foundational technology, blockchain provides the raw material for innovation at startups and established companies alike. How will your industry make use of blockchain?

November plays host to three of the world’s biggest online sales days. In China, there is Single’s Day on November 11 (11/11). Then in the U.S., Black Friday and Cyber Monday take place just as the Thanksgiving leftovers are getting cold, on the Friday after Thanksgiving and the next Monday, respectively. Many billions of dollars are spent by many millions of consumers chasing online deals. 

Let’s start with Singles Day, the Chinese retail holiday called the “anti-Valentine’s Day.” Online retailer Alibaba reported Single’s Day sales of an eye-melting $25.3 billion, 39% higher than the previous year. No doubt helped by Nicole Kidman and Pharrell Williams, who were enlisted to entertain shoppers. At the peak of the e-commerce frenzy, Alibaba processed 256,000 sales transactions per second, with 90% of sales conducted on mobile devices. 

In the U.S., Black Friday is traditionally driven by physical retailers, while the newer Cyber Monday is dominated by online retailers like Amazon. In 2016, $3.39 billion in Cyber Monday online sales eclipsed Black Friday’s $3.34 billion in online sales. Which puts into perspective the magnitude of Single’s Day: Black Friday and Cyber Monday online sales together are just a small portion of one Single’s Day.

Entefy’s enFacts are illuminating nuggets of information about the intersection of communications, artificial intelligence, security and cyber privacy, and the Internet of Things. Have an idea for an enFact? We would love to hear from you. 

Recently, Entefyers were treated to a health and wellness seminar called Health 360 presented by our advisor and investor Dr. Farzan Rajput. Known fondly to our team as Dr. Fuzz, Dr. Rajput is a cardiologist and the founder of Southcoast Cardiology in Southern California. He is also one of the masterminds behind Health 360.

The seminar begins with two key insights. First, most diet plans use a one-size-fits all methodology leaving many people dissatisfied with the results. Second, health and nutrition go far beyond balancing calories in and calories out or basic measuring of body mass index (BMI); the most recent nutritional science tells us that metabolism is a far more important factor. In fact, each of us have dietary and exercise needs that are as unique as a fingerprint. 

Through that lens, optimal health depends on factors like how the body processes macronutrients (carbohydrates, fats, and proteins), produces insulin, and activates different muscle groups during exercise. 

The seminar concluded with an informative Q&A focused on tips for making better diet and exercise decisions. As Dr. Fuzz pointed out, working at a fast-paced company like Entefy means getting creative about fitting health and wellness into our lives. Health 360 helps promote wellness in ways that sustain momentum and productivity far into the future. 

Entefy is committed to promoting the health and wellness of its team members, including hosting a previous Health 360 seminar in May.

Innovation. A cornerstone concept in Silicon Valley, but a term that has worn a little thin from overuse. These days the word is trotted out to describe just about any new idea. Recall that the $700 Internet-enabled juicer Juicero was hailed as “the latest Silicon Valley innovation” before failing spectacularly after news broke that anyone could hand-squeeze the company’s proprietary juice pouches without needing the juicer. 

Innovation’s reputation has declined to where economists and tech insiders question whether the age of innovation has passed. As early as 2011, entrepreneur Max Levchin said that U.S. innovation was “somewhere between dire straits and dead.” His PayPal co-founder Peter Thiel agreed, asserting that “If you look outside the computer and the Internet, there has been 40 years of stagnation.” 

Well, yes and no. Every day it seems there’s some new app or service designed to make our lives easier or save us a few minutes here or there. There’s innovation in there somewhere. But aren’t most new startups examples of incremental improvement, and not fundamentally disruptive innovation? 

Despite the flurry of new tech products that have come to market in the past 10 years, innovation’s economic impact has flagged considerably. The Wall Street Journal noted that:

“Economies grow by equipping an expanding workforce with more capital such as equipment, software and buildings, then combining capital and labor more creatively. This last element, called ‘total factor productivity,’ captures the contribution of innovation. Its growth peaked in the 1950s at 3.4% a year as prior breakthroughs such as electricity, aviation and antibiotics reached their maximum impact. It has steadily slowed since and averaged a pathetic 0.5% for the current decade.

Outside of personal technology, improvements in everyday life have been incremental, not revolutionary. Houses, appliances and cars look much like they did a generation ago. Airplanes fly no faster than in the 1960s. None of the 20 most-prescribed drugs in the U.S. came to market in the past decade.”

Economists view this innovation slump as the reason that the standard of living in the U.S. is the same as it was in 2000. Even though there are more jobs than ever in science and engineering and even though patent approvals are at an all-time high, productivity growth is trending downward. Some experts say that the low-hanging fruit in tech innovation has already been captured, and all that’s left to pursue are complex, risky fields that are subject to strict regulation and public scrutiny.  

So, the question becomes, can you still innovate when every idea has been done to death?

Shifting the innovation conversation 

Let’s define what we mean by the term “innovation.” At Entefy, we evaluate innovative concepts according to three criteria:

• Ideas that are novel for their time
• Ideas with clear benefits
• Ideas that are developed and implemented effectively 

In other words, innovative ideas are original, beneficial, ahead of their time, and launched successfully. We also prioritize the concept of courageous innovation, which often involves taking the more difficult path toward finding and developing truly transformative ideas. Ideas that require overcoming major obstacles: financial and technological risks, political headwinds, and the power of incumbents. The market doesn’t demand more incremental lifestyle improvements – after all, how many social sharing apps does one world need? The world’s most interesting and urgent problems require complex-challenging-difficult-to-bring-to-life solutions.

Seen through that light, it’s clear that innovation isn’t dead. The bar is simply much higher than it used to be. And the good news is that there’s reason for optimism. Advances in artificial intelligence, which encompasses a range of groundbreaking technologies, and blockchain are just two examples of foundational technologies that companies can use to create true innovation. Both artificial intelligence and blockchain are notoriously complex, but they offer great opportunities to create new solutions in a variety of industries.  

Finding new paths to true innovation 

Companies that want to innovate have literally limitless opportunities to do so. But they must be bold and resilient enough to tackle real problems. Fifteen years ago, social media platforms were revolutionary. They provided us with new ways to keep in touch with family members, friends, and classmates, not to mention gather real-time news, and amplify the voices of oppressed communities around the world. 

But today unless you have figured out how to build a social network that defies the trend toward ageist design, combats fake news, improves fact-checking, and resists bots and fake accounts, the chances are your idea isn’t all that innovative. Same goes for online delivery services and e-commerce platforms. The innovative ideas of today, and the coming decades, will solve more critical problems, and they’ll do it in groundbreaking ways. 

If you want to innovate for the long term within your company, start with business intelligence. Instead of tweaking existing products or chasing competitors’ latest updates, build something entirely new. By tracking your audience’s digital shopping and behavioral patterns, you’ll get a sense of what their pain points and frustrations are. That’s where you’ll find opportunities to deliver substantial value. 

But as we discussed above, we’re long past the need for better vacation rental apps. Yesterday’s innovators are today’s dominant platforms. Copying or iterating on what they’ve done does not add up to innovation. Instead of playing catch-up to past disruptors, use your business intelligence data to innovate for your audience’s needs several years out. If you can identify the products and services they’ll need in the coming years, you give yourself some lead time to invest in genuinely innovative ideas. 

Sometimes bigger companies find themselves in an innovative rut. As they grow larger, they’re beholden to a greater number of stakeholders, and they become risk-averse. One way to shake up your team’s thinking under these circumstances is to give them constraints. Even if your business is flush with cash, limit their budgets or the types of ideas you’ll accept. Set clear parameters for what counts as an innovative concept, and see what they come up with. 

You might also consider partnering with a company outside your field. Even if your existing product lines don’t have much in common, you can provide a fresh take on one another’s offerings. With shared values and a commitment to finding truly groundbreaking ideas, you’ll likely be able to create a product that sets a new standard in both your respective fields. Better yet, the collaboration could help both brands make inroads into new markets. 

Finally, tap your internal networks for ideas. Intrapreneurship programs could yield innovative ideas from unexpected places. Your product development team might be burned out, but an IT employee or marketing associate could be sitting on the next big thing. By instituting an intrapreneurship policy, you encourage people from across the company to think about your clients’ or customers’ biggest problems. 

Most important, you create a culture in which they feel free to voice those ideas instead of staying silent until they one day strike out on their own. Small businesses are hard to launch and even harder to sustain. With your resources and your employees’ insights, you both stand a better chance of bringing innovative concepts to market. 

At Entefy, we believe that innovation is alive and well. The appetite for truly new, beneficial uses of technology has never been stronger. But we also believe that innovating requires inventors to roll up their sleeves and do the hard work of building and launching complex systems. Those that rise to meet the challenge really will change the world.

Consumers are connecting 5.5 million new Internet of Things devices every day around the world. This despite high-profile, successful cyberattacks like the distributed denial-of-service (DDoS) assault on domain-name service provider Dyn in early 2017. In that attack, hackers took advantage of security vulnerabilities in IoT devices like smart refrigerators and toys to create a massive botnet that temporarily shut down Netflix, Twitter, Spotify, and Pinterest. 

When it comes to a smart home filled with these vulnerable IoT devices, just the risk of being hacked can be nerve-wracking. The convenience of existing and future IoT products are tremendous, and they’ll only become more valuable as their underlying technologies and cybersecurity mechanisms improve. 

For smart home early adopters, the challenge is really the sheer number of vulnerabilities that exist in the Internet of Things sphere. But there are several easy-to-implement security steps you can take to increase the security profile of your smart home.

1. Understand terms of service 

The first step toward securing your data is understanding what you’re agreeing to each time you connect a new IoT device. Read the terms of service carefully, and don’t be afraid to ask questions. A simple web search about an unclear phrase will likely reveal forum responses and blog posts dedicated to your question. 

If you can’t find what you’re looking for, contact the company and ask them to clarify anything that’s making you uneasy. Find out what types of data they collect, how the company uses your information internally, and what they share with outside partners. 

In some cases, you may be able to limit the information a device tracks, and you may choose to use that ability liberally. Some people are willing to trade their privacy for convenience, and that’s their decision. We all value privacy to varying degrees, and one person’s threshold for giving out personal information may be much higher than another’s. But it’s a choice you should make with eyes wide open, and that begins with clearly understanding the terms of service. 

2. Use secure passwords 

Hackers are becoming more sophisticated all the time, but don’t make their jobs easy. When creating new passwords, do not use a common string of numbers and avoid obvious choices such as “admin” or your kids’ names. Assume that hackers have access to personal data about you, and steer clear of any names and numbers associated with you like phone numbers, addresses, family names, and so on. Instead, make complex, tough-to-crack passwords and use different ones for each of your accounts and devices. 

When possible, add another layer of security such as multi-factor authentication or biometric verification. These might include having a code texted to your phone to ensure that you’re the person trying to sign into a device, or using your fingerprint to unlock your phone. It’s well worth adding these to your security protocols to add an extra layer of protection for your home devices. 

3. Update your software regularly 

Yes, it’s annoying to perform software updates, especially when you receive multiple update alerts each week. But software updates aren’t just about cool new features. They often include security updates as well, and you don’t want to expose yourself to hackers simply because you didn’t have the time to run an update. 

If you see that you have several update notifications, batch them. Set them all to begin at a time when you don’t need your computer or when you won’t be on your phone, such as while eating dinner or relaxing with your family. You might even set a reminder to do this at the same time every few days or once a week. Then it becomes routine, so you feel less hassled but are also using the most secure versions at all times. 

4. Secure the perimeter

Because individual IoT devices often contain security vulnerabilities, one strategy is to “secure the perimeter.” That is, focus on improving the security and setup of your home Wi-Fi network. There are several actions you can take to do this:

• Use the strongest Wi-Fi security protocols your Internet router supports. The older WEP protocol offers less security than newer protocols like WPA2. 
• Disable guest network access, which simply provide another potential weak point in your security.
• Give your Wi-Fi network a name that doesn’t reveal information about you, your home, or your location.

Taking these steps presents another layer of defense that hackers would have to compromise. 

5. Secure devices that control IoT devices 

Around 33% of smartphone users don’t password protect their phones, creating another potential point of vulnerability that hackers can use to access your home network and connected devices. Most IoT devices in a smart home are controlled by smartphone app, so protecting the device running the app is a no-brainer.

6. Create two Wi-Fi networks

Another strategy for protecting your home from an online attack is to create two Wi-Fi networks. Limit access to the first network to only your smart devices like tablets, laptops, and smartphones; these are the devices that are storing and accessing important data like online banking and medical records. The second network is used solely by smart home IoT devices. If any one of these devices become compromised by hackers, they are not able to use the network to access your personal devices.

7. Change default usernames and passwords

Here’s another quick and easy step for protecting your smart home from hackers. Most IoT devices are sold with default usernames and passwords. Hackers that access IoT devices already know the manufacturer default settings, and thus can easily take over control of a given device. Changing those defaults takes away that option and makes hacking a device considerably harder.

8. Turn off inactive devices

Here’s a win-win security step. Turn off devices when they’re not in use. A powered down device can’t be accessed remotely, limiting your security vulnerability, and also uses no power, lowering your energy consumption. This won’t apply for gadgets that need to be left on 24/7, like smart blinds and thermostats. But hardware like wireless printers and smart TVs can be safely powered down at night when not in use. Consider plugging these devices into timers that automate this for you—it is a smart home after all! 

Taking these 8 steps will add more cybersecurity smarts to your smart home. And be sure to check out Entefy’s article, Smart homes make smart spies, for additional insights about IoT security.