Tech Republic

Over a million NHS employee records — including email addresses, phone numbers, and home addresses — were exposed online due to a misconfiguration of the low-code website builder Microsoft Power Pages. In September, researchers with the software-as-a-service security platform AppOmni identified a large shared business service provider for the NHS that was allowing unauthorised access to sensitive data through insecure permission settings on Power Pages. Specifically, the permissions on some tables and columns in Power Pages Web API were too broad, inadvertently granting access to “Anonymous” users or those who aren’t logged in. The misconfiguration has since been disclosed to the NHS and resolved. However, AppOmni’s authorised testing also uncovered several million other records belonging to organisations and government entities which were exposed because of the same misconfigurations. Data included internal company files and information, as well as the information of registered site users, like customers. Such an exposure not only violates patient privacy but also opens businesses up to compliance risks, as data privacy laws like GDPR require strict protection of personal health information. SEE: Research Eyes Misconfiguration Issues At Google, Amazon and Microsoft Cloud Aaron Costello, chief of SaaS security research at AppOmni, told TechRepublic by email: “These exposures are significant — Microsoft Power Pages is used by over 250 million users every month, as well as industry-leading organisations and government entities, spanning financial services, healthcare, automotive, and more. “AppOmni’s discovery highlights the significant risks posed by misconfigured access controls in SaaS applications: sensitive information, including personal details, has been exposed here. “It’s clear that organisations need to prioritise security when managing external-facing websites, and balance ease of use with security in SaaS platforms — these are the applications holding the bulk of confidential corporate data today, and attackers are targeting them as a way into enterprise networks.” Must-read security coverage Common Power Pages misconfigurations Within Power Pages, admins specify which users can access different elements of a site’s underlying Dataverse, the Power Platform’s data storage layer. One of the main benefits of using Power Pages over traditional web development is its out-of-the-box role-based access control. However, this convenience can also lead technical teams to become complacent. AppOmni identified the following primary ways that business data was being exposed: Allowing open self-registration: This is the default setting when a site is deployed and allows Anonymous users to register and become “Authenticated,” a user type that typically has more permissions enabled. Even if registration pages are not visible on the platform, users may still be able to register and become Authenticated through associated APIs. Granting tables with “Global Access” for external users: If Anonymous users are given “Global Access” permissions on a certain table, anyone can view the rows. The same is true if Authenticated users have this permission and open self-registration is enabled. Not enabling column security for sensitive columns: Even if the table has some access controls, attackers may find certain columns lack column-level security, allowing data to be viewed without restriction. Column security often isn’t applied consistently, especially in tables where access is configured at a broader level. AppOmni says this could be related to the tedious setup process or the fact that it was not intended to be done by the public. Not replacing sensitive data with masked strings: This is an alternative to applying column-level security that would not hinder site functionality. Exposing excessive columns to the Power Pages Web API: AppOmni often sees organisations allowing all columns of a single table to be retrievable by the Web API, opening up more information than necessary to possible exposure if a bad actor gains unauthorised access. Ensuring your Power Pages site is secure Know the warning signs Microsoft has enabled several warning signs for when it detects a potentially dangerous configuration, including: Banner on Power Platform admin console pages: This warns that if a site is public, any changes made will be visible immediately. Message on Power Page’s table permissions configuration page: This tells admins that data visible to the Anonymous role means that it can be seen by anyone. Warning icon on Power Page’s table permissions configuration page: This is displayed beside any permission granting Global Access to Anonymous users. Audit access controls Power Pages admins must, ideally, avoid giving excessive levels of access to external users by analysing the site settings, table permissions, and column permissions. AppOmni suggests re-evaluating how the following are configured: Site settings: Specifically: Webapi/<object>/enabled Webapi/<object>/fields Authentication/Registration/Enabled Authentication/Registration/OpenRegistrationEnabled Authentication/Registration/ExternalLoginEnabled Authentication/Registration/LocalLoginEnabled Authentication/Registration/LocalLoginDeprecated Table permissions: Any table that has the “Access Type” set to “Global Access” and is associated with external roles. Column permissions: Any columns belonging to tables that are accessible to external users, which do not have column security enabled and an appropriate mask. Column Security Profiles: Any column security profiles that include external roles. If changing these would break site functionality, AppOmni recommends deploying a custom API endpoint to validate user-supplied information. source

The U.S. has struggled with a worker shortage in semiconductor chip making, and even educating people about the field’s existence has proved challenging. In response, Apple and other companies have dedicated considerable money and time to addressing the skills gap and broken pipeline. Apple began the New Silicon Initiative, a series of grants to tech-focused universities nationwide, to develop more skilled workers in designing and manufacturing chips. The initiative funds education and training in microelectronic circuits and hardware design. Eight universities participate, chosen for their engineering savvy and commitment to scaling up courses in creating integrated circuits. One participant is Georgia Tech’s School of Electrical and Computer Engineering. ECE School Chair Arijit Raychowdhury spoke to TechRepublic about how Apple’s support has changed the school’s offerings and students’ potential places in the changing field of computer chip engineering and fabrication. What is NSI at Georgia Tech? In October, Georgia Tech celebrated the beginning of its NSI involvement, representing an expanded collaboration based on a successful chip tape-out course already offered at the university. “We’re thrilled to bring the New Silicon Initiative to Georgia Tech, expanding our relationship with its School of Electrical and Computer Engineering,” said Jared Zerbe, director of hardware technologies at Apple, in a press release. “Integrated circuits power countless products and services in every aspect of our world today, and we can’t wait to see how Georgia Tech students will help enable and invent the future.” The full partnership will kick off in January 2025. Apple engineers will present guest lectures, review projects in several IC design courses, give feedback to students, and participate in mentorships and networking events. Apple also funds teaching assistants. Those mentors can answer students’ questions about what jobs will be available to them once they acquire chip design skills. Georgia Tech students listen to presentations from ECE faculty members and Apple engineers during the NSI kickoff event in October. Image: Georgia Tech A highlight of the program is that the tape-out course offers students the opportunity to not only design their own chip but also have it fabricated and tested for bugs. This allows them to gain experience in revising and troubleshooting in conditions similar to those found in the real world. Graduates of the computer architecture, circuit design, and hardware technology courses at ECE can go on to be integrated circuit design engineers, chip design engineers, and analog designers. SEE: Apple’s M4 chip powers AI features in upcoming devices. “There was a huge interest among the students,” said Raychowdhury. “In the first semester, they designed a RISC-V microprocessor with some accelerators — and realize that these are seniors. These are not grad students. These are senior undergraduate students.” Those designs were manufactured on TSMC’s 65-nanometer process node and shipped back to the students. Then, the students could write test modules for their own chips. “Apple ended up hiring a bunch of the students from this first inaugural class,” Raychowdhury added. More about Innovation Training a workforce for tomorrow’s economy The success of the initial tape-out class led to Apple getting even more involved in coordinating with the school to meet its workforce needs. Raychowdhury said the school has had similar arrangements with companies like Texas Instruments, GlobalFoundries, and Absolics. Otherwise, “it’s very hard to find students who have that kind of expertise” in chip design, he said. When companies have a hand in the curriculum, some of what would normally be on-the-job training could be done in the classroom. “That reduces the ramp-up time of the students when they join any of these companies,” Raychowdhury added. Meanwhile, students will see that they are getting skills that lead directly to in-demand jobs. They have the space to “figure out whether this is something that they’re really passionate about,” said Raychowdhury. “Even in this huge area of semiconductor jobs, what exactly are they interested in? Whether it’s a design, whether it’s working in the fab, whether it’s packaging, and so on.” Research projects explore cutting-edge uses of AI One of the components students build in the tape-out class is a RISC-V microprocessor with an accelerator. Designed to solve linear algebra problems faster, this accelerator could be students’ first step into the hot field of designing the hardware behind generative AI. Georgia Tech and Apple’s efforts don’t focus on generative AI unless they pursue it as a more advanced research project. “There are some advanced research topics — they are not in a classroom setting yet — where students are actually pursuing ways to use AI, particularly language models, to design chips, including writing RTL,” Raychowdhury said. “That is one area which is growing in popularity.” Georgia Tech’s Professor Sung-Kyu Lim is working on using AI to accelerate backend processes for chip design, such as layout generating and routing, to reduce the time to market. Some graduate students have the opportunity to work collaboratively on that project. Providing the resources to cross the skills gap At Georgia Tech, up-and-coming engineers can work with technologies similar to the advanced manufacturing and processing tools they would use in everyday life as a chip designer. Georgia Tech’s AI maker space, launched in collaboration with NVIDIA, gives students access to H100 and H200 GPUs. That, in turn, gives them more processing power to figure out difficult chip design problems. Ultimately, the plan is to produce enough skilled workers to cross the skills gap. McKinsey found in 2024 that the number of people working in the semiconductor manufacturing workforce in the U.S. has dropped 43% from its peak in 2000. The country may need 88,000 semiconductor engineers by 2029, but only about 1,000 new technicians join the workforce yearly. As Raychowdhury explained: “We need a lot more engineers who can work in the fab, who can work in design, who can work in testing.” source

Learn key strategies for IT budgeting, from asset evaluation to prioritizing projects, to maximize resources and drive tech investments. source

NordPass and 1Password are among the best choices when it comes to top password management solutions. While both solutions share similar functions—to help internet users create, save, manage, and use passwords across different online services—their features and capabilities differ. NordPass is great for individuals and families with an option for free and budget-friendly long-term plans, an easy-to-use interface, and full mobile features. 1Password offers tools such as tags and categories for organizing passwords, plus Travel Mode for on-the-go security and Watchtower for actionable alerts. Given their similarities, how do you make a choice between the two? In this article, I compare NordPass vs 1Password to help you choose the best password manager for you and your organization’s needs. Dashlane Employees per Company Size Micro (0-49), Small (50-249), Medium (250-999), Large (1,000-4,999), Enterprise (5,000+) Micro (0-49 Employees), Medium (250-999 Employees), Enterprise (5,000+ Employees), Large (1,000-4,999 Employees), Small (50-249 Employees) Micro, Medium, Enterprise, Large, Small Features Automated Provisioning ManageEngine ADSelfService Plus Employees per Company Size Micro (0-49), Small (50-249), Medium (250-999), Large (1,000-4,999), Enterprise (5,000+) Any Company Size Any Company Size Features Access Management, Compliance Management, Credential Management, and more NordPass vs 1Password: Comparison table The table below summarizes and compares the key features offered by both password managers. NordPass 1Password Our Rating 4.6 stars out of 5 4.3 stars out of 5 Self-hosted authenticator app Yes, with NordPass Authenticator, currently available for NordPass Business and Enterprise members on iOS and Android devices. No. It requires external authenticators like Authy, Microsoft Authenticator, etc. Two-factor authentication Yes Yes Passkey support Yes Yes Single Sign-on (SSO) Yes Yes Free plan available Yes, but only on one device per session. No VPN Yes No Starting price Starts at $1.89/month (annual) Starts at $2.99 (annual) Free trial 30-day free trial for Premium plan users and 14-day free trial for all Business plan users except Enterprise 14-day free trial across all plans but Enterprise Money-back guarantee Yes, offers 30-day money-back guarantee No Dark Web monitoring Yes, uses NordPass Data Breach Scanner. Yes Number of devices Unlimited (paid plans only) Unlimited Passkey support Yes Yes Alerts and reporting Yes Yes Encryption type XChaCha20 encryption algorithm (future proof) 256-bit AES encryption NordPass and 1Password: Pricing NordPass has two usage tiers, each with three subscription plans: Personal & Family and Business. Personal & Family Free Plan: Restricted features for one user per session and includes a 30-day Premium trial. Premium Plan: $1.89/user/month billed annually or $1.59/user/month for two years; includes a 30-day money-back guarantee. Family Plan: $3.69/user/month billed annually or $2.79/user/month for two years; includes a 30-day money-back guarantee and supports up to 6 users. Business Teams: $1.99/user/month billed annually or $1.79/user/month every two years for up to 10 users. Business: $3.99/user/month billed annually or $3.59/user/month every two years; supports 5 to 250 users. Enterprise: $5.99/user/month billed annually or $5.39/user/month billed every two years. It includes six extra months when subscribed for either of the billing cycles; supports unlimited users. 1Password has four subscription tiers: Individuals, Families, Teams Starter Pack, Business, and Enterprise. Individual: Starts at $2.99 per user per month when billed annually; $3.99 for a monthly plan; supports one user on unlimited devices. Families: $4.99 per user per month when billed annually; $6.95 for a monthly plan; supports up to five users. Teams Starter Pack: $19.95 per user per month when billed annually and monthly; supports up to 10 users. Business: $7.99 per user per month when billed annually; $9.99 for a monthly plan. Enterprise: Contact 1Password for quote. NordPass vs 1Password: Key Features NordPass and 1Password both offer a comprehensive set of features for secure password management. Let’s see how they compare. Encryption Winner: NordPass NordPass and 1Password excel in security offerings. Both offer strong encryption and multi-factor authentication. NordPass uses XChaCha20 encryption, which supports two different lengths of keys, with the 256-bit encryption being the strongest. 1Password offers AES-256 encryption, which encrypts data in fixed-size blocks (128 bits in the case of AES-256), using a complex algorithm to transform the data. I appreciate how both NordPass and 1Password offer a zero-knowledge structure and prioritize user privacy in their respective services. In my view, however, NordPass has an edge with its innovative encryption choice. 1Password security breach check Image: 1Password I give NordPass the point for its implementation of XChaCha20 — a newer and more modern encryption algorithm. While AES-256 in 1Password is certainly secure, I appreciate NordPass going the extra mile in making sure their password management service is future proof, especially as threat actors and hackers continue to evolve. SEE: NordPass Free vs Premium: Is it Worth the Upgrade? (TechRepublic) Monitoring Winner: 1Password NordPass uses a Breach Scanner, which is a built-in NordPass Premium feature that automatically scans leaked databases and compares them to items saved in your vault. If any of my email addresses, passwords, or credit card details had been leaked, NordPass would list them, highlighting which breaches could affect me the most. NordPass breach monitoring Image: NordPass In comparison, 1Password employs Watchtower, a feature that enables you to see if any of your passwords have appeared in data breaches. It also flags weak or duplicate passwords and websites where you can turn on two-factor authentication. 1Password’s Watchtower password health feature. Image: Luis Millares Of the two, I slightly prefer 1Password’s Watchtower feature. This is due to it having both data breach scanning and convenient password health functionality. To NordPass’ credit, it also has a dedicated Password Health feature in a separate tab. However, I like how 1Password conveniently integrates both breach scanning and password strength scoring into a single, integrated dashboard. SEE: Top 1Password Alternatives for 2024 (TechRepublic) Password sharing and history Winner: NordPass Looking at its password sharing and history capabilities, I give NordPass the win. NordPass and 1Password both offer secure password sharing in encrypted vaults. 1Password facilitates password sharing through vaults and links available on Teams and Business plans. NordPass offers free link-based sharing for 24 hours and allows paid users to share passwords and passkeys within their

The increase in the number of people shopping online in the past few years has fueled a significant growth in global ecommerce. In today’s market, with an annual growth rate of 9.49% set to drive a market volume of $6,478 billion by 2029, expanding beyond borders has transformed from an opportunity into a critical driver of growth. However, for ecommerce businesses like Shopify merchants, dealing with complex tax regulations across different countries and regions can be challenging. You need to stay on top of constantly changing regulations to avoid costly errors and ensure tax compliance. The Complexities of Global Tax Compliance Cross-border tax compliance can quickly become overwhelming for several reasons. Here are some of them: 1. Variability in Tax Laws Many businesses already consider tax compliance tedious and challenging. When you expand globally, this becomes more daunting with how much international tax regulations vary. Each country has its own set of tax rules, rates, and reporting requirements that can differ significantly. For example, in the United States, there are different sales tax rates and requirements for every state, county, and even city. As the merchant, it is up to you to figure out what you need to collect and where. On the other hand, the European Union operates under a value-added tax (VAT) system, which requires sellers to charge VAT based on the buyer’s location and remit it accordingly. This complexity grows further for merchants involved in dropshipping, a business model where the manufacturer or another business fulfills orders directly, creating multiple transactions between the seller, customer, and manufacturer. Each step can affect tax calculations, as taxes depend on two sales—manufacturer to seller and seller to customer. These differences create a constantly shifting landscape where the rules in one country might not apply in another. Suppose you’re a Shopify merchant expanding internationally. In that case, this means adjusting your tax calculations and reporting practices for each market you enter—a task that can become resource-intensive and error-prone. 2. Risk of Miscalculations The variability in tax rates and regulations increases the risk of errors in tax calculations and delays in compliance. Unfortunately, these may lead to fines, penalties, and even reputational damage. Manually handling different tax calculations is time-consuming and increases the chances of errors. Even minor mistakes can result in hefty penalties or disrupt business operations, further leading to delayed payments, disputes, or unexpected audits. 3. Resource Constraints All the complexities brought about by managing cross-border transactions can be a strain on resources. You will need to delegate staff for researching, calculating, and reporting taxes for multiple regions. This takes time and energy away from other critical tasks, slows down your business operations, and makes it harder to scale efficiently. How Avalara Simplifies Cross-Border Compliance A tax automation solution like Avalara can help you overcome the challenges that come with cross-border compliance. As a built-in integration for Shopify Markets, Avalara AvaTax seamlessly integrates with any Shopify store and provides a frictionless online shopping experience for your customers. Here are the key benefits of using Avalara for automated tax management: Real-Time Tax Calculation and Automation Avalara, with its industry-leading artificial intelligence engine and global content database, accurately calculates any taxes, as well as landed cost estimates at the point of sale. Its acquisition of 3CE Technologies in 2021 has allowed Avalara to automate its HS code classification services, a global product classification system used for product exports. This integration with 3CE’s HS code classification automates the process of identifying and mapping tariff codes to products. As customers shop online, Avalara automatically calculates applicable duties and taxes based on their location and the items in their cart. This allows you and your customers to see all associated costs with the transaction and provides a better checkout experience. Staying Up-to-Date with Global Regulations To ensure correct calculations, Avalara’s robust platform continuously monitors and updates tax rules, rates, and regulations as they evolve. This means that you can confidently sell in multiple markets without worrying about outdated compliance information. Seamless Remittance and Reporting In addition to calculating taxes, Avalara simplifies the remittance process by automating the filing and payment of taxes to the appropriate authorities. You may also generate reports to get detailed insights on your tax obligations to help you maintain tax compliance. Best Practices for Managing Tax Compliance Managing tax compliance across different regions and countries can be challenging but following best practices can help streamline the process and minimize negative impact on your business. Here are some key strategies you can use: Keep your product catalog updated: Different products and services have different tax rates depending on region. Maintaining an up-to-date product listing will contribute to accurate and timely tax classification. Integrate automatic tax solutions early: Using a tax automation tool like Avalara at the start of your business expansion will help make the transition smoother. It will also ensure that your tax obligations are accurately managed from the start and that your business is tax-compliant. Stay informed of regulatory changes: With the constantly evolving tax regulatory landscape, it is essential to stay informed about changes to ensure continued compliance. Leverage resources such as tax automation tools that constantly update their database with new tax rules, like Avalara. Conduct periodic compliance audits: Regular compliance audits can help identify potential gaps in your tax management process. This will allow you to address any issues before they become costly to fix. Maintain transparent records: Whether for tax compliance or other purposes, keeping transparent records is good business practice. This will simplify any reporting process and provide you with better insights into your business. Avalara Case Studies and Real-World Examples To understand how Avalara’s tax automation solutions simplify cross-border compliance, it’s helpful to look at real-world success stories. These case studies highlight how Avalara has supported businesses of different sizes and industries to overcome tax compliance challenges and scale their operations. Iconic London: Enhancing International Growth Founded in 2015, ICONIC London is a prominent brand known for its glamorous makeup and luxury skincare

Dialpad’s fast facts Starting price: $15 per user per month Key features: Unlimited calls and meetings. Multi-level auto attendant. Built-in call analytics. Real-time AI call transcriptions. HIPAA/BAA compliance. Dialpad is a feature-rich business communication platform with a clean dashboard and modern user-experience. The company invested heavily in AI and machine learning, long before they were the hottest contact center trends — and the payoff is that even the cheapest Dialpad products are infused with the latest AI capabilities. While the entry-level plan comes at an attractive price point, Dialpad’s contact center solutions are fairly average for the space in terms of price. Dialpad is best suited for contact centers and sales teams looking to automate and boost productivity. Small businesses looking for basic calling features will get a better value elsewhere. 1 RingCentral Office Employees per Company Size Micro (0-49), Small (50-249), Medium (250-999), Large (1,000-4,999), Enterprise (5,000+) Medium (250-999 Employees), Enterprise (5,000+ Employees), Large (1,000-4,999 Employees) Medium, Enterprise, Large Features Hosted PBX, Managed PBX, Remote User Ability, and more Dialpad’s pricing Dialpad has four main product offerings, each with its own pricing and plan tiers. Business Communications Standard: Starts at $15 per user per month Pro: Starts at $25 per user per month Enterprise: Custom pricing Good For: Smaller businesses that need calling, texting, team chat and video meetings. AI Meetings Free: $0 Business: Starts at $15 per user per month Good For: Hosting video meetings for up to five hours with up to 150 participants (with the Business plan). Otherwise, the business communication plans have enough for basic video meetings at the same price. AI Contact Center Essentials: Starts at $80 per user per month Advanced: Starts at $115 per user per month Premium: Starts at $150 per user per month Good For: High-volume inbound customer service and customer support teams. AI Sales Center Essentials: Starts at $60 per user per month Advanced: Starts at $95 per user per month Premium: Starts at $150 per user per month Good For: Outbound sales teams that need to reach more leads, boost productivity and maximize efficiency. Also great for sales managers that want to improve agent training and provide live coaching. Dialpad’s key features Dialpad has invested heavily in AI call center technology for many years, making it one of the first to adopt it across the platform. Aside from that, it comes with a wide range of basic and advanced functionality. Most of the platform’s top-tier capabilities are only available on more expensive plans and with its contact center and sales center solutions. Here’s a look at some of Dialpad’s standout features. Unlimited calls and meetings Dialpad’s business phone system supports unlimited calling. You’ll be able to dial out and field as many domestic calls as you need without having to worry about usage costs. You’ll also benefit from: Visual voicemail. Custom call routing. Call forwarding to other devices. Three-way calling. Call recording. Ability to flip calls between devices. All of these are standard features that come with every plan. In addition to calls, your team can also collaborate internally with unlimited meetings. You’re limited to just ten participants per meeting unless you add on a Business Video plan. But ten should be more than enough to accommodate most teams — especially since team chat and business messaging is also for collaboration. Take calls from anywhere with Dialpad. Image: Dialpad Multi-level auto attendant Dialpad’s auto attendant is ideal for inbound call handling. You can fully customize the way calls get routed depending on day, time, agent skills, caller intent and so much more. You can start by customizing your business hours and agent hours, and define the exact times you want to activate your auto attendant. From there, you can create a custom queue to prioritize calls and they will be routed to specific departments or teams based on your settings. For example, a 24/7 plumbing business may want to prioritize emergency water leaks. Or some businesses may choose to prioritize new customer payments and billing over general support questions. Dialpad AI Contact Center and AI Sales Center plans come with a full Interactive Voice Response (IVR) system — taking your auto attendant one-step further with even more advanced options that allow callers to control their own routing path. Sign up for a free 14-day trial with Dialpad. Image: Dialpad Built-in call analytics Every Dialpad plan comes with strong analytics features. Even on the entry-level plans, you’ll benefit from real-time call transcriptions and reporting. It’s easy to keep track of your most important metrics from one screen. You get instant visibility into vital call center metrics, like abandoned call rates, heat maps of your highest call volume times, missed calls, what percentage of calls are forwarded to another number, and more. At higher tiers, the analytics get even more powerful. You can unlock advanced reports for things like live caller sentiment analysis, compliance measurement and even workforce management capabilities for forecasts and scheduling. Overall, Dialpad’s analytics provide a richer, more customizable perspective than many of its peers, especially when you compare entry-level plans. View call analytics in the Dialpad interface. Image: Dialpad Call coaching The call coaching features are only available if you’re on a Sales Center or Contact Center plan, but the entire set — call monitoring, whispering and barge — are available as standard features for both of these products. This means you won’t have to upgrade to a higher plan tier as long as you’re choosing a subscription within these two categories. Live monitoring allows managers to listen-in on calls whenever they want, which makes it easier for managers to monitor the quality of agent conversations, and coach them in real time if necessary. It’s an easy way to ensure reps are sticking to the script and support your quality assurance efforts. The whispering feature is great for coaching new agents in real time or helping anyone on your team navigate difficult circumstances. If necessary, managers can barge in and take over the call altogether.

Multifactor authentication (MFA) is one of the most effective ways to enhance security, and with the rise of apps such as Google Authenticator, the authentication method has become easier to deploy. However, whether due to privacy concerns, a lack of updates (especially when it comes to open-source options), or preference, many choose to avoid Google Authenticator. Fortunately, there’s no shortage of competitors on the market, each with distinct advantages. Here are some of the top Google Authenticator alternatives. Dashlane Employees per Company Size Micro (0-49), Small (50-249), Medium (250-999), Large (1,000-4,999), Enterprise (5,000+) Micro (0-49 Employees), Medium (250-999 Employees), Enterprise (5,000+ Employees), Large (1,000-4,999 Employees), Small (50-249 Employees) Micro, Medium, Enterprise, Large, Small Features Automated Provisioning ManageEngine ADSelfService Plus Employees per Company Size Micro (0-49), Small (50-249), Medium (250-999), Large (1,000-4,999), Enterprise (5,000+) Any Company Size Any Company Size Features Access Management, Compliance Management, Credential Management, and more Top Google Authenticator alternatives: Comparison table Product name Pricing Key Features Microsoft Authenticator: Best for a “big-name” option Free Two-factor authentication (2FA)/MFA support Passwordless sign-in Push notifications Twilio Authy: Best for backups and multiple devices 5 cents per successful verification plus standard fees per channel 2FA/MFA support Multidevice sync Soft token and backup Time-based one-time password (TOTP) Cisco Duo: Best for enterprises Free up to 10 usersEssentials: $3 per user, per monthAdvantage: $6 per user, per monthPremium: $9 per user, per month Risk-based authentication Single sign-on (SSO) Passwordless authentication Complete device visibility Yubico Security Key: Best for a physical security key Yubico security keys are available in different models and configurations, each with varying prices. The pricing depends on factors like the model, connectivity―such as USB-A, USB-C, and near-field communication (NFC)―and features of the security key 2FA support FIDO2 and U2F support Multiprotocol support Physical security FreeOTP: Best for an open-source alternative Free 2FA Open-source software TOTP Hash-based message authentication code (HMAC)-based, one-time password (HOTP) Microsoft Authenticator: Best for a ‘big-name’ option Image: Microsoft Authenticator For those looking for a recognized and well-known provider, I recommend Microsoft Authenticator. Available for both Android and iOS, Microsoft Authenticator offers a similar experience to Google’s, working with both Microsoft and non-Microsoft accounts. No passwords are required. Accounts are accessible using a PIN code, fingerprint, or face recognition. I personally like how there’s an option to back up credentials to the cloud, but this requires a personal Microsoft account, with iOS users also needing to link to an iCloud account. Recent notable improvements Microsoft has made include the ability to now display the name of the service, website, or application being accessed. This serves as an additional layer of security you can use to confirm the authenticity of an MFA request. Why I chose Microsoft Authenticator As a large, established company, I feel Microsoft and the Microsoft Authenticator team can provide a robust level of support for users who have questions or issues with the product. It also can provide a consistent level of updates to provide new features and patch bugs with the software. Pricing Free and available for download from Apple Store or Google Play Store. Features Provides 2FA. Provides passwordless sign-in. Supports push notifications. Supports MFA. Microsoft Authenticator pros and cons Pros Cons 2FA and MFA provide an extra layer of security. Not all services support Microsoft Authentication for 2FA or MFA, which limits its usage. Easy to use with Microsoft accounts and other supported services. Users must have the app installed on their mobile device to use 2FA or MFA, which creates complications if the device is lost or unavailable. User-friendly interface with push notification approval for MFA. Supports various authentication methods, including biometrics and phone sign-in. Twilio Authy: Best for backups and multiple devices Image: Twilio Authy If you want support for multiple devices, I suggest Twilio Authy. Although it isn’t as big or widely known as Google or Microsoft, Twilio’s Authy app is one of the most impressive and feature-rich Google Authenticator alternatives. Twilio takes pride in the fact that its app can be used anywhere Google Authenticator can be used, meaning that those making the switch won’t hit any unexpected compatibility issues. SEE: Authy vs Google Authenticator (TechRepublic) It offers its own distinct advantages with some major quality-of-life features that make it easier to securely access your data. The app is available on multiple platforms, including iOS, Android, and Chrome, with the ability to synchronize your 2FA tokens across them so they’re always there when you need them. I appreciate how it enables users to view and edit their devices at any time and create securely encrypted backups in case any of them are ever lost or stolen. Twilio provides regular updates for its Authy app, with the most recent improvement involving the delivery method of one-time passwords (OTPs). Beginning in February 2024, the company stated that OTPs would be sent via rich communication services (RCS), a more secure method than the default short messaging (SMS) channel, as it’s able to utilize Wi-Fi and cellular. Why I chose Twilio Authy Depending on the MFA solution, users could be locked out of their accounts if they lose their phone or other device. This is where I find Twilio really succeeds. It allows users to back up all 2FA tokens and restore them in the event that they lose their primary devices. Twilio also provides features to manage multiple devices, including the ability to sync and disable future installations for added security. Pricing Twilio charges 5 cents per successful verification plus standard fees per channel for its basic version that includes 2FA, but custom pricing is offered for more advanced features. Features 2FA. Multidevice sync. Soft token and backup. MFA. TOTP. Twilio Authy pros and cons Pros Cons 2FA and MFA support for various authentication methods. Advanced features and customization require the paid plan. Soft token feature eliminates the need for a physical hardware token. Easy setup process and user-friendly interface. Multidevice sync means users can access 2FA codes on different devices. Cisco Duo: Best for enterprises Image: Cisco Duo

Artificial intelligence-based art generation technology is gaining traction, as the solutions introduce new possibilities for creative expression and can help businesses stay ahead of the curve, for example, when it comes to marketing materials. SEE: How to Make AI Art: A Complete Guide Indeed, investing in AI art generators can provide competitive advantages to businesses both in and out of creative industries. If your company has a website, it is important that it stands out of the crowd visually, and AI tools can provide unique designs or just help with the brainstorming process. Read on to learn more about AI art generation technology and the top AI art generators available. Top AI art generators comparison AI art generators enable users to experiment with different styles, techniques, and aesthetics, pushing the boundaries of traditional artistic expression. Below is a comparison of some of the best AI art generators on the market. Software Text-to-image generation Editing and upscaling of imported media Art community access Free software version Pricing DALL·E 3 Yes Yes No Yes $20 a month as part of ChatGPT Plus Midjourney Yes Yes Yes No Starting at $10 per month Craiyon Yes No No Yes Paid plans starting at $10 per month Jasper Art Yes No No No Starting at $39 per month NightCafe Yes Yes Yes No Starting at $6 per month DeepAI Yes Yes No Yes Paid plans starting at $4.99 per month Runway Yes Yes No Yes Paid plans starting at $12 per user per month Image: OpenAI Best for user-friendliness It seems like everybody is talking about DALL·E 3, and it’s no wonder why. This web-based tool is handy for generating high-quality, copyright-free AI graphics from text cues. What people enjoy about this AI model is its user-friendliness, making it accessible for anyone to use, even beginners. DALL·E 3 was developed by OpenAI and is the third generation of its original image-generating model, DALL·E. You may be familiar with OpenAI’s other popular AI product, ChatGPT. Like ChatGPT, the DALL·E 3 interface is simplistic and self-explanatory, providing a foolproof resource for people looking to create AI images. So, whether you’re looking to create a photo-realistic image or transform an existing image into a specific style, just describe your wishes in natural language and let DALL·E 3 do the rest. DALL·E 3 lets users generate images using natural language queries. Image: DALL-E 3 Pricing DALL·E 3 can be used with ChatGPT Plus, which costs $20 per month, and the OpenAI Developer API, where prices start at $0.040 per image. You can also use its functionality with the free version of ChatGPT, by asking the chatbot to create an image. . Features Free version available. Easy-to-use interface. Ability to combine attributes, styles, and concepts. Image editing. Ability to alter image quality and size. Image editing/inpainting. Generating variations of existing images. Supports many integrations through Zapier. Pros and cons Pros Cons Generates art from text descriptions written in natural language for easy use. The model was trained on at least 650 million image-text pairs sourced from the internet that were filtered to remove harmful content and support safe generations. OpenAI developed safety mitigations to prevent harmful generations and curb misuse. Best used for generating art quickly and simply, thanks to its user-friendly interface. Although the tool can produce many different images based on the text input, the simplistic nature of the model makes it unable to provide as many customization options as other AI image generators. No image expansion/outpainting feature, like there is for DALL·E 2. Image: Midjourney Best for generating photo realistic art Midjourney is among the best resources out there for creating photorealistic AI art, making it ideal for image upscaling. However, the factor that sets the tool apart the most is definitely its Discord-based interface. Users must access the image generations by requesting them from a Discord bot via a Mac, Windows, Linux (deb, tar.gz), iOS, or Android device. For anyone out there who is unfamiliar, Discord is a social messaging platform and the only way to utilize Midjourney. But once you make a Discord account and begin requesting images from the robot using specialized commands, you’ll get the hang of the process. Midjourney’s Discord-based interface offers a novel way for users to interact with AI art generating technology. Image: Midjourney From there, Midjourney allows users to request image generations and learn tips and tricks from other program users within their Discord public channels. This solution makes it easy to create stunningly realistic generations and integrate yourself among a community of other AI digital artists. Pricing Basic Plan: $10 billed monthly or $8 per month, billed yearly. Standard Plan: $30 billed monthly or $24 per month, billed yearly. Pro Plan: $60 billed monthly or $48 per month, billed yearly. Mega Plan: $120 billed monthly or $96 per month, billed yearly. Features Ability to upscale and edit imported images. Graphic generation based on text description. Stylize function to improve artistic quality and realism. Zoom-Out, a tool to expand on original images. Tile parameter feature for creating repeatable images. Pros and cons Pros Cons The pricing model is ideal for people who are looking to generate a lot of AI art images. The platform makes it easy to join a supportive community of other Midjourney users and AI artists. The social aspects of this one-of-a-kind tool make it a top AI art generator, especially for users seeking to converse and collaborate with other users. Midjourney no longer offers a free version of the tool, and subscription plans may be too costly for members that rarely use the product. Users have reported difficulty in generating realistic images of hands and teeth. Only Pro plan members can generate images privately. Otherwise, users’ AI generation prompts are visible to all members within the public Discord channels. Midjourney’s user interface relies on the use of Discord, which may cause an initial learning curve for those unfamiliar with the platform. Image: Craiyon Best for free access As its name would suggest, Craiyon is

Digital Enhanced Cordless Telecommunications (DECT) is a standard used for creating wireless voice communication systems. The most common examples of DECT devices include cordless phones and wireless headsets, though the technology is also used in devices like baby monitors and remote controls. DECT communications are used in call centers, hospitals, job sites, and other workplaces where wired communication isn’t feasible. The reliability of DECT makes it a relevant player among competing wireless technologies like Bluetooth. Let’s go through how DECT works, its advantages, disadvantages, and how it compares to using Bluetooth devices in a call center. 1 RingCentral Office Employees per Company Size Micro (0-49), Small (50-249), Medium (250-999), Large (1,000-4,999), Enterprise (5,000+) Medium (250-999 Employees), Enterprise (5,000+ Employees), Large (1,000-4,999 Employees) Medium, Enterprise, Large Features Hosted PBX, Managed PBX, Remote User Ability, and more DECT systems and unique frequency A DECT system typically has two components: a base station and a portable handset or headset. Base stations can be connected to a PBX or VoIP phone system as you would other types of phones. Base stations are fixed in one location and connected to the telephone network. The major function of the base station is to establish and maintain communication between the headset and the network. You can think of them as mini cellular network towers that also function as a charging base. Meanwhile, the headset can be connected to a computer or desk phone through the base station. Normally, you need to pair a DECT headset to a base station before it can be used. During pairing, a secret authentication key is shared and stored on both devices. Only paired headsets can have access to the DECT network. Unauthorized devices will be blocked if they attempt a connection. When a headset is within range, it picks up the signal that’s continuously sent by the base station. This signal contains all of the information needed by the headset to connect with and send data through the base station. Multiple headsets, up to five or six depending on the model, can be paired with one base station. During an active call, the DECT headset converts analog voice signals into digital data and transmits it to the receiving unit via the base station. In the case of inbound data, the base station receives the digital data and converts it back to its original analog state before sending it to the headset. DECT is designed specifically for voice communication and works on its own frequency range, between 1.8GHz and 1.9GHz, so there’s no interference from other wireless technologies like Bluetooth and Wi-Fi. DECT manages its available frequency with TDMA (Time Division Multiple Access). Multiple DECT devices can share the same frequency without overlapping because it’s divided into time slots — every call uses a different channel. DECT can cover a range of approximately 50 meters inside buildings and up to 300 meters in open space. Similar to other wireless tech, its coverage area can be affected by thick walls and certain weather conditions. Advantages of DECT in call centers DECT may not be as popular as Wi-Fi and Bluetooth, but it still offers a few potentially useful benefits in a call center. No interference with Wi-Fi As I mentioned, DECT works on a specific frequency range, 1.8GHz to 1.9GHz, which is separate from Wi-Fi’s range of 2.4GHz and 5GHz. This separation is beneficial in a call center because it makes DECT less susceptible to interference that can lead to voice distortions and dropped calls. The only possible sources of interference to a DECT headset are other DECT headsets, and there would have to be a lot of them in the same space before this can happen. If there were only Wi-Fi headsets in a call center, there would be a lot of interference from the headsets themselves, as well as other devices sharing the same frequency like Bluetooth, internet routers, wireless mice, and even microwave ovens in the break room. Interference can lead to call agents hearing conversations from other agents, choppy audio, and dropped calls. Secure communication Calls need to be protected against eavesdropping. DECT provides highly secure voice communication using authentication and encryption to minimize the risk of unauthorized access during calls. DECT uses the DECT Standard Authentication Algorithm (DSAA) that is only accessible to DECT manufacturers. DECT authentication begins with the base station sending a random “challenge” number to the headset. The headset uses the algorithm to generate a response calculated with the authentication key from the initial pairing and the challenge number. The base station uses the same algorithm to generate its response. It then compares both responses to see if they match, and the call will be allowed to go through if so. Meanwhile, any intruder looking for a way into the system needs physical access to both devices because the authentication key is not transferred over the air. The second layer of DECT security is encryption, for which it uses the DECT Standard Cipher (DSC). With it, voice data is scrambled before being transmitted to a receiver by using a cipher key that’s calculated during authentication. The receiver can decipher the data using the same key. Again, the cipher key is not transmitted with the data, as it’s stored on the devices instead. Greater wireless coverage DECT devices can work up to about 150 feet from a base station inside, and more than twice that when used outdoors. Class 2 Bluetooth devices are limited to about a 30 feet range. The vast majority of Bluetooth devices are Class 2, like VoIP headsets commonly used in call centers. Call quality The basic expectation with DECT is that calls will be as clear and crisp as they would be over traditional copper wire phone lines. With Bluetooth, the call quality expectations are lower because the connection isn’t as stable as DECT. Were you to invest in really high-quality Bluetooth equipment, you can get the call quality pretty close to DECT. Some people might not even notice the

TL;DR: Get lifetime access to 2TB of secure FileJump cloud storage for just $89, complete with future updates and no recurring fees. For business owners and professionals, managing data securely and efficiently is critical. That’s where FileJump can really deliver — a powerful and affordable cloud storage solution that offers 2TB of lifetime access for just $89 (reg. $467). What’s included With this one-time purchase, you’ll not only have a hearty cloud storage platform at your disposal but also benefit from future updates. This is a great way to ensure you always have the latest tools and features without ever paying a subscription fee. FileJump guarantees 256-bit AES encryption, providing the highest level of security for your data. Whether you’re on the go or working from your desk, you’ll be able to access, sync, and share your files from anywhere with the confidence that your information is protected. Unlike some cloud storage solutions, FileJump is incredibly easy to use. The intuitive drag-and-drop interface makes uploading and managing files seamless — no need to navigate complex systems. With unlimited downloads and no transfer speed restrictions, you’ll have complete freedom to access and share your files whenever needed. This storage solution is all about making your workflow easier. Preview images, videos, and Excel documents directly on the platform without the need for downloads. When it’s time to share, simply provide access via links or set up free accounts for team members or clients. Collaboration has never been easier. Whether running a small business, managing multiple clients, or working on large creative projects, FileJump’s 2TB of storage allows you to keep your data organized and secure. And with future updates included in the deal, FileJump will continue evolving to meet your storage and collaboration needs. Don’t miss lifetime access to 2TB of secure FileJump cloud storage for just $89 (reg. $467). Prices and availability subject to change. source