Popular YouTuber ProfessorBlackOps joins The Savvy Entrepreneur to share his top cysecurity tips for startups and small businesses.
He talks about passwords, routers, and printers, and how to avoid the increasingly-sophisticated phishing and vishing schemes. He also shares tips for what you should do WHEN you get hacked. Because as he stresses, it’s a question of WHEN, not IF.
Finally, he shares his predications for future cybersecurity risks, as well as some of the job & business opportunities arising from cybersecurity.
Our interview is full of lots of practical tips that will help individuals as well as small businesses stay safer.
The following is a transcript of that interview, but you can go here if you’d rather listen to the show.
Doris Nagel 0:42
Welcome to The Savvy Entrepreneur Show!
I’m your host, Doris Nagel, and I’ll be with you for the next hour talking about all things entrepreneurship.
My guest this week is talking about a very important topic — data security, some of the issues that are out there, some of the some of the things that can happen, and as I said, ways that you can protect yourself.
If you’re an entrepreneur, this show is for you. I’m a crazy entrepreneur myself. And I’m here because I love helping other entrepreneurs.
The show has two goals.
The first is to share helpful information & resources, like things like how to protect yourself from phishing, and identity theft, other kinds of data security issues.
But the goal is also to inspire, and to maybe make your journey as an entrepreneur a little bit faster and easier. I don’t know about you, but I found that being an entrepreneur sometimes is kind of lonely, kind of confusing, don’t always know where to turn for help.
And so I have guests on the show to help provide information as well as share their stories with us.
My guest this week is named John Hightower, but he goes by the name Professor Black Ops, and he is joining me by phone today from Indiana.
He’ll talk about his business and some of the data privacy and security issues that he and some of his clients have come across, along with some practical ways that you can protect yourself.
So Professor, Black Ops, or PBO, as you’ve said I can call you, thanks so much for joining me on the show today. Welcome to The Savvy Entrepreneur Show.
Professor Black Ops 2:08
Thanks for having me. I’m excited to be here. You’re correct: we’re gonna hit a little privacy, a little cybersecurity. And we know there’s hackers out there and bad people.
So we’re going to help your audience get a little better and just take it out to the baristas don’t be scared of it’s super easy. Let’s make it happen today.
Doris Nagel
By the way, this is really geared for small businesses, one maybe to 10 employees, and that’s a lot of you out there. And so this is really geared for you.
But before we dive into that, Professor, why don’t you talk about how you got into data security and a little bit of your background and how you got to be pretty experienced in this area.
Professor Black Ops 3:35
Sure. I got my bachelor’s in computer science in 1990. I got my MBA in 1995.
After that, I started out as a junior programmer, and I worked in every industry. I probably had 30 jobs. I worked in a Fortune 500 pharmaceutical company, a Fortune 500, in trusts & insurance company, just a myriad of companies.
But my claim to fame is that I actually worked for the Department of Defense, which is one of the biggest agencies in the world. And they’re really about security. That’s how I really cut my chops and got really into cybersecurity.
The government was really getting hacked. I was a consultant there, and they trained everybody. They brought some of the top guys in the world to train us. We made sure retirees got their checks — we wanted to make sure [our soldiers] got paid. The quickest way to get a soldier to come home is if his wife doesn’t get paid or they don’t get their proper benefits.
So I still say that today my number one job was to pay the warfighter we used to say. But on a serious level, I worked out there for 10 years so not there. I probably had 10 different jobs, everything from where Batman database operating system, so I did a myriad of and got trained by the Department of Defence. So that’s really where I got my training.
Doris Nagel
And now, you consult, helping out various organizations who need your help, right?
Professor Black Ops 5:18
100%. I actually work for a small consulting company, and a couple other companies. My current big customer right now is the Department of Revenue for Indiana, another agency trying to make sure that taxpayers don’t get their identity stolen. Tax return fraud is super big in that area.
So that’s one of my specialties. they actually report to the IRS. The Fancy word of that is IRS book 1075 is basically how do you harden a computer system, so the tax sweet parent doesn’t get their tax return or identity stolen. So I usually do big organizations, but we can break it down for the little guy too. But I usually do big organizations for big money. That’s my bailiwick.
Doris Nagel
That’s really serious business, too. A friend of a friend of mine got a notice that they hadn’t made their payment to the IRS. And it turned out that somebody had actually gotten a hold of their return and had changed the return. It was crazy. It was a ginormous mess for them. And I am I’m sure that kind of stuff happens all the time.
Professor Black Ops 6:43
More than you ever thought. It’s a billion dollar industry, which is sad to say. We know in the industry that as soon as it’s the first day to submit tax returns, 10% of those are going to be fraudulent — somebody trying to steal somebody else’s tax return with fraud.
Doris Nagel
You’ve got to be kidding me!
Professor Black Ops 7:03
That’s especially a problem in smaller states, who really struggle because they don’t have the funds to get the top security guys security or implement top programs, and the top software is super expensive.
So yes, it’s a high number. The tax industry has gotten a lot better over the years, but 10 years ago, you could easily steal $100 million.
I was talking to guys, I used to joke that we were on the wrong side. Again, the states have gotten better and there’s an industry out there now to help them, but 10 years ago, it was easy to steal $100 million.
Doris Nagel
Well you can’t see me right now, but my jaw about dropped all the way to my computer here. That’s a huge number. And it’s pretty scary.
So let’s circle back to the small businesses. That’s basically most mainstreet businesses, that’s most of what I would call gig workers, and that’s probably most trades people, right? Not the bigger companies, but the small plumbing companies and electricians and painters and people like that. And it’s certainly most startup companies.
I think for most of us, the first thing that comes to mind is identity theft, right? And I’m sure a lot of us have had personal experience with what that can mean. Somebody makes fraudulent charges on your credit card.
But I’m guessing identity theft for businesses is a potential risk as well. And it What does identity theft look like for a small business?
Professor Black Ops 9:03
That’s actually an excellent point. Identity theft for everybody is number one, not just specifically small business. Because once people steal your identity, they can impersonate you.
So for small businesses, they can go onto your Facebook or LinkedIn account, cut your picture, create a fake ID, then go to the bank and try to drain your personal accounts. And try to drain your business accounts, because most people usually tell what your business is on LinkedIn. So I’m gonna try to get your personal account and all your businesses and drain all your money out.
Doris Nagel
Wow. So what are some of the major ways that identity theft happens?
Professor Black Ops 9:52
The number one thing is I try to fish you. So I send you this fraudulent text or fraudulent email, and then you click on it, you access something called a rat. It stands for Remote Access Trojan, when I get some of your crap
Doris Nagel
Did you say it’s called Rat? A remote access Trojan, and not the little thing with the tail that looks kind of grimy?
Professor Black Ops 10:16
We call it a Rat, because what they’re about to do to your PC is pretty grimy. Once the RAT is downloaded, then I can take over your PC, anything you log in to is gonna get sent to me. Sooner or later, you’re going to put in your password, and then when you leave, I can take over your password.
And a lot of times when I take up your passwords, when I click on your browser history of banks in half the times a lot of those sites just go ahead and allow me on because I’m on your PC.
Doris Nagel
Right, because we all have Chrome or whatever. We can’t remember all our bloody passwords because we have so many of them. So let our system just populate them for us.
Professor Black Ops 10:55
I’d rather have you write them down and put them underneath your computer before you put them in Chrome. Then for me to steal those, I will physically have to break in your house.
I never save any of my passwords in Chrome. But there are pluses and minuses to that. But once again, when they fish you I take over your PC and laugh to time when you click on it on your phone, I take over your phone and half the time I can capture your password to your pay pal, your cash app and your sale. Right. So that’s how I tried to take over your business accounts in your personal accounts. So
Doris Nagel
These phishing emails — I probably got about six of them today alone. And they say things like “There’s a problem with your Amazon account, please click here to verify your password.” But the email doesn’t come from amazon.com. Which I guess is one of the things you should do when you look at those is make sure that even looks legit, because I think you’ll see most of them come from an email you wouldn’t recognize. Or they say things, “Thanks for purchasing Norton AntiVirus. We’re charging your account $260 yearly per your instructions. If you have questions about your purchase or there’s a problem, click here.”
And then I got another one that said, “I’ve been watching you and I’m sorry to tell you I have access to everything. And if you don’t wire me X amount of money in Bitcoin within 24 hours, I’m going to take over your computer and cause terrible havoc.”
So those are three that I seem to get a lot. I don’t know if I’m unique, but I bet I’m not.
Professor Black Ops 13:39
No, you’re far from unique. And that’s why I tell people really look real close — especially those from Amazon, because those links are getting pretty good because they look and sound really authentic and it would fool a lot of people if they’re not careful.
If you think there might really be a problem with your Amazon account, just log on to your account. Don’t click on a phishing link. If Amazon really needs to communicate with you, you’ll see it in your account on the website.
I have a low limit credit card that I use specifically for internet purchases. I can log on my that credit card and see if I’ve really made any purchases or if I may have been attacked. I only use that credit card and it has only a $1,000 limit because if somebody hacks it or steals it, they can’t run it up.
Doris Nagel
Right. So I think that that’s a good strategy. I think the moral of the story is– at least that I’ve read elsewhere, and I’m curious if you agree — if in doubt, never ever click through any of those links.
Professor Black Ops 14:49
100%. Even if you’re pretty sure it’s legit, there are very few links I will click through on my email or my phone. [Instead], I’m going to go to that website. And usually if I do business on the internet, I’m going to use a very large retailer that’s widely known.
Doris Nagel
I think phishing comes in other kinds of forms, or maybe it’s not phishing, but something else.
I got scammed a couple of years ago. I got a message that popped up on my iPhone that said “Someone is accessing your Apple account from [Chinese city name], China. If this is not you, click here to deny access.”
I thought this was legit, because sometimes you log onto phone or other device, and your phone will send a message saying “A new device has logged into your Apple account from Chicago, Illinois. If you don’t recognize this device, do x.” Since I live in Chicago, I would see that, and think, “That’s OK, I know that was me.”
So I saw that message about someone in China accessing my Apple account, and I kind of panicked and through, “Oh, no! That’s not me.”
And so I clicked “Deny Access,” and just like that, they got me. And then they started accessing a bunch of my accounts.
Professor Black Ops 16:23
Yup. We’re getting better, but the hackers are getting better, too.
I still call those phishing, and some of them are really excellent. And they’re going to get a high volume of people to fall for it. So don’t feel bad if you fell for it. They’re getting better and better. I’ve seen some stuff that I almost clicked on. I was like, “Ooh, that was pretty good!.”
Like you said, that was pretty are excellent. But my question is, why didn’t Apple block it, since it appeared to come from Apple, right?
Doris Nagel
Absolutely! And then I started seeing that my Walmart password had been changed. And my Facebook account was changed, and it was completely freaking me out.
Professor Black Ops 17:13
Yes. And I’m sad to say that all businesses — large companies, small businesses — need to practice for when that happens, because it’s going to happen.
So you need to have all your sites written down or in another locatio, so you can easily get on them and change your password. You need to do the two factor authentication, so that even if you get hit and they hack the password, they have to call your phone to verify.
So you need to make sure you have all that set up. As a small business, you are going to get hacked. So you need to say, Okay, these are where all my accounts are, this is where I need to go to change them. These are Help Desks I know I need to call. Sometimes if you take a picture of your driver’s license, they will override the hacker.
So businesses need to go through, write it all down, and have a plan –it’s called incident response. I work with small businesses so they can practice that. Most of them are maybe a little bigger than 10 employees.
But you will get hacked. So you need to know the steps you need to take.
Because like you said, you’re gonna freak out unless you practice and say, “Okay, if my Facebook gets hacked, I know it’s set up for two factor [identification]. And this is what I need to do with my Instagram.”
Most people have a business Facebook, a busines Instagram in addition to their personal ones, so they need to go through a dry run practice. “Okay, if this gets hacked, this is what I need to do to get unhacked? Have I set up two factor identification? What do I do if they call it? What phone numbers should I call? What identification should I have on hand?”
But you need to practice that because you’re going to get hacked,
Doris Nagel
That’s an interesting point that you make there, John: you’re saying when you get hacked, not if, right? I think that’s an important distinction.
Professor Black Ops 18:55
Very true. I work with billion dollar companies. They have incident response plans in place. The government makes us practice that once a year, and they’re a billion dollar companies, they have the best security on the planet, and they practice I tell my people, you need to practice to
Doris Nagel
One of the good things about Google keeping passwords– if you let it or don’t tell it not to — is that they’ll tell you, “You need to change these passwords, because they were recently subject to a data breach”. You don’t know how real it is or not, but you figure Google is telling you that for a reason.
And you’ll realize you have lots of lots of accounts, some of its old stuff. And it’s really not easy to close down some of those accounts, once you’ve created them, you know?
Professor Black Ops 19:56
That’s an excellent point. Google is very efficient at identifying Dark Web activity. So when a password gets released on the Dark Web, the FBI and some of the bigger companies have shields and fake accounts. So those big, large password files go through them, and if they see your domain name in there tell you that we found your username on Dar Web, and let you know that somebody’s probably got your password.
The Dark Web is not a nice place. But yes, that’s one thing the bigger companies are starting to do the help their clientele because they want to want you to still have faith in them and their internet security, so they try to work with you by like letting you know when your password might have been breached.
It’s called Pong, meaning somebody’s gone out to the Dark Web and scoured for your username. And if it’s out there, they have reason to believe your password has been compromised.
Doris Nagel
Wow. I was just astounded, though, because some of these are accounts I may be used once. It makes me really reluctant to set up accounts online. Because once you set them up, they’re mighty difficult to shut down. It’s a lot of work to shut down online accounts.
Professor Black Ops 21:20
True. But that is the sad and good part of the Internet. The Internet makes everything efficient, easier to use.
But people like me were working with the internet in the 80s, when there was no security. Now they try to bolt it on at the end — they’re trying to integrate security into the internet, but it wasn’t really designed for security.
But they’re getting better. And we’re different products and procedures you can do to help because everybody’s now MFA, right? You put your password in it calls your phone, most banks do that. And so somebody’s got to steal your password and steal your phone and get into your account. Right.
Doris Nagel
You’re talking about 2-factor identification, right?
Professor Black Ops 22:09
Yes.
Doris Nagel
We’ve talked about phishing. What are some of the other kinds of risks that small businesses really need to think about?
Professor Black Ops 22:24
Okay, another one is that people call you on your phone trying to get your information. We call that vishing with a V. And a lot of times I’ve seen people tell you there’s problems with you Paypal or your Zelle account. And when you give that person access, they’re going to take all your money out.
You’ve got to figure out that Zelle or Chase Bank or some other certain bank didn’t actually call you. They won’t call you to tell you that somebody withdrew a certain amount of money. If you do that, they’ll take all your money So that’s vishing, with a v.
Doris Nagel
Let’s talk about how that works. Because I will get calls from my own credit card companies, or other companies I work with, and they’ll call me. And the first thing they say, “We need to verify your identify.”
I’m sure companies have to do it. But I’ll bet the legit companies are having a hard time getting people to provide information. Because my answer is always, “You called me. If I’m not the person you want, why have you called me? I’m not giving you any information, because I don’t know for sure who you are.”
And they all say, “Well, that’s our process” Sometimes I guess you have to just believe them, but it’s become really difficult to know who the legit ones are anymore, you know?
Professor Black Ops 23:48
Yeah, that is really bad. And I’ve actually argued with banks, like you do. I’m like, “You called me!” so I try to work together to figure out the best way to resolve that.
And a lot of times I piss my bank off because when they call I just right online. Am I late on a bill or what do you need? I always log onto my online account because if I don’t know who’s actually calling, I don’t really trust them.
The thing is, they shouldn’t really ever call you by phone, unless something bad has happened, and then the call should just be to go to your local branch or log into your online account.
Doris Nagel
Anymore, you have to be really careful because there’s a lot of pretty sophisticated scammers out there.
I’ve read a lot about printers lately. Do you think they are a big security risk? And if they are, what should people do about their printers?
Professor Black Ops 25:23
The risk with printer is very small for a local business. But if you have a MFD, which I guess some small businesses might have — MFD is multifunction – it’s a scanner & a printer, and maybe a fax.
Doris Nagel
I have one of those HP All in One things. It’s a fax, a scanner, and a printer. Is that what you’re talking about?
Professor Black Ops 25:51
That’s exactly what I’m talking about. For a single person, the risk isn’t too bad, but when you put it on a small network in a small office, it’s horrible, because there’s no security.
And most of the times the network they put it on is connected to the internet. So I can dial into that network, and the stuff you scan, I can fax it to my email.
So I can hack your MFD if it’s on your network. I can actually get everything you’ve done on from you drum because it doesn’t get deleted. I agree, that’s a little harder, though, you got to be up in the hacker realm a bit to pull that off.
But you should know that when you copy something, it actually gets saved inside as a hard drive in your printer, depending on your printer. So if I get in, I can probably hack the last couple of days of your work if I hacked into your MFD.
Doris Nagel
So what should people do? I mean, how do they know how big a risk this is, and they have what you’re talking about, what should they do.
Professor Black Ops 26:57
If you have printer network connected to the internet, get your printer off the internet. Two, the way hackers get to your printer is if you fax something, right? So just make sure you look at the number where you fax. Hackers can get into your fax and change the contact, so it looks like the same name. But you actually look at where it’s getting sent, is getting sent somewhere else. And if you’re copying credit cards or some other PII — personal information — just run a couple of copies over top of that after that, because there’s a drum inside, and then it’ll overwrite that. Because when you copy your credit card stuff, it gets saved internally in the printer’s very small hard drive. But if you make a couple of blank copies afterwards, it’s going to erase their hard drive information. So if somebody ever got to it, there will be no information on it.
Doris Nagel
Just so I’m clear: are you saying that with my little all in one printer scanner that I’m better off not connecting it to my wifi? And just connect it via the the old fashioned plug that I stick into my computer?
Professor Black Ops 28:06
Yes. Unless you got a guy that’s making sure can’t be hit from the internet.
But let’s back up. You’re probably not copying super sensitive information. So it depends on what are you running through there. If we’re just talking about from the safety of a hacker, you should just plug it in. Sometimes the internet thing is not all good.
Doris Nagel
That’s an interesting comment. We’re all supposed to want to have this internet of things, where everything’s connected to the internet, right?
Professor Black Ops 28:42
I was just on a panel talking about the pluses and minuses of the internet of things. And a big thing is autonomous trucks, they’re running down south, right? They’re gonna drive your groceries to the top of the highway and somebody is going to get it and drive it to you. You have to be connected to the internet, because it gets the maps from Google Maps. But if [hack that and ]take over that mapping, I can drive that truck through downtown and run it into a building because it’s connected to the internet. Right?
So I always remember there’s pluses and the minus when you connect some to the internet. I always think in reverse. Okay, the convenience of you doing an internet is great. But then what if a hacker gets to it, right?
Take Nest, your thermostat connected to the internet. When you come home, you can change the settings to save money. But what if I hack your thermostat and turn it up to highest it can go? Worst case is gonna blow up. The least case is you’re just gonna have a high heat bill. Yeah, right. So those are pluses and minuses to the internet of things.
So I want people to me on YouTube. Follow us to take help take those risks into account. I want you to own your website and cybersecurity in your house in any your life.
Always think about technology from both side. Yes, it’s convenient. The odds of somebody hacking it is small. But I just want you to think about it. Like you said, as a savvy entrepreneur, we need to be thinking about these things.
Doris Nagel
Professor, I know you mentioned to me, there’s a couple of other big areas, things like Dropbox, or Google Docs, other documents, storage things, emails and routers, let’s let’s talk about each of those a little bit, and the risks they present and what small businesses should do about that.
Professor Black Ops 32:11
Let’s start with the document storage services like Dropbox and Box. Those services are pretty good, but both services have been hacked in the past. I will use it to transfer documents – so, I’ve put some out there so my client can get it, my customer gets it or my boss gets it. But I wouldn’t just leave stuff out there randomly on those services.
Doris Nagel
So don’t put your tax documents out there on Dropbox, right?
Professor Black Ops 32:37
Do NOT put your tax back. Or if you can just drop them for your tax preparer, but then you need to delete them!
Those services are on the web, people know that. If you just Google it, you’ll see most of those services have been hacked. Yes, it’s super rare — probably a 20% chance of happening. But we want to try to make it lowest possible. So once again, I wouldn’t keep anything super valuable out there.
Doris Nagel 33:09
So Mom’s favorite recipes are probably okay to leave there?
Professor Black Ops 33:12
They are great there. For me, that’s what it should be used for — that’s a perfect use case.
Once again, we want people just understand their risk and where it’s at, and the best products to use for the purposes that they’re using it for.
Doris Nagel
So don’t put the list of your password there, for sure.
Professor Black Ops 33:34
For sure do not do that.
Doris Nagel
Does that advice apply to Google Docs too? Or because it’s part of Google, is it a little bit better protected?
Professor Black Ops 33:45
A little bit better, because it’s Google.
But what happens a lot of time is people have those password saved somewhere on their phone or on their PC. So when your PC gets hacked, a lot of times, when you click on that Google Docs, instead of it forcing you to log on, they let anyone auto log on.
So if somebody hacks your PC or your phone, and it’s connected to those why’s that device just opens up, which I don’t like.
But that’s some of the bad things that can happen with Google Docs and Dropbox. Most people put that on auto log on, meaning you put the password in and it saves it so when you click on it automatically opens up.
Doris Nagel
You mentioned routers when we were chatting before the show started. Mine’s from Xfinity. I used to have a Netgear one that I was trying to deal with, but I just realized at one point that I didn’t want to have to keep doing software updates or be worried about that. So I just got the Xfinity one. I pay monthly for it, but I don’t know if that was smart or not.
Professor Black Ops 34:57
I wouldn’t say it’s not smart. But the problem I see a lot of times and I have one of those typewriters from them, but they never update them. So when I check the firmware, it’s like, Dude, this software hasn’t been updated in five years.
Doris Nagel
I thought that if you got your router from XFINITY or AT&T or whoever your provider is that they update the router software automatically?
Professor Black Ops 35:24
I had an AT&T router, and I had to manually have my update mine every year. Maybe that was just the one I had, and I got a new one. I think they have other protections in place. They believe that they can handle that. But I believe you should be updating your firmware on a yearly basis. But I can specifically say that AT&T didn’t update theirs.
Doris Nagel
I mean, it’s extra money that you pay to Xfinity or AT&T or whoever. Are you better off just buying yourself a Netgear one and make sure it’s updated?
Professor Black Ops 36:08
I would get the internet-provided one. And then I would just check on a yearly basis and make sure they’re updating the firmware. I set the column enforcing the push down on update. And I did that like a year ago. So I need you to update that..
But I would update the router, because you may get better speed and might have some extra security features in there.
A lot of people think that this is a minor risk, but it does happen. Butyou usually get hacked with minor stuff. So I just make sure it gets updated.
Doris Nagel
So, you’re telling me even people who pay extra money to Xfinity or AT&T to rent their router into perpetuity are still at risk of getting hacked? How significant is that risk?
And what happens if you’re hacked?
Professor Black Ops 37:03
It’s not significant. And nothing’s gonna happen. The reason why nothing’s gonna happen is is you’re a single person, you’re not gonna sue AT&T because it’s going to be a class action lawsuit.
But as savvy entrepreneurs, checking our routers for software updates is on our checklist. We’re trying to get a little more thorough with cybersecurity and are taking responsibility for our cyber life. That’s what I call it on YouTube. We lead a cyber life, so we’ve got to take it seriously. So we’re gonna do those checks. And if they don’t happen, we’re gonna reach out to the vendor and make sure they happen.
Doris Nagel
Let’s touch on email. And then I want to talk about passwords. How does how often are emails hacked? Beyond the phishing, how often does that happen? And what should people think about or do about that?
Professor Black Ops 38:07
You remember Solar Winds and Colonial Pipeline?
Doris Nagel
Tell us about that.
Professor Black Ops 38:14
If you remember, people were putting gas in trash bags about a year ago, because the East Coast got shut down by one of the big gas refineries. That was because they got hacked through email. It was about the eight large government organization that got hacked through email.
Doris Nagel
I missed that! Holy buckets!
Professor Black Ops 38:38
You probably heard of it. You just didn’t know it was a cyber issue. You thought it was another type of issue.
But year, those happened because of big email hacks, actually, through Office 365, from Microsoft, which I think is the most secure email system on the planet. S
Once again, you’re going to get hacked through email, sooner or later. You’re gonna get tricked by phishing, or somebody is gonna hack your email.
As we talked about, we all need to practice for when it’s going to happen. But it’s gonna happen.
Doris Nagel
You know, I’m a lawyer by training. And so you have to do your continuing legal education. And one of the ones that I did was on cybersecurity for lawyers, and the person who did the seminar was telling everyone they needed to be encrypting your emails.
I really did a double-take. I thought, “Whoa, seriously?! Do I need to be doing that?”
Professor Black Ops 39:40
Well, you mean as a lawyer, you got a client attorney privileges and you just depending on the type of use cases you have, you got a lot of people personal information in your email. I mean, you have everything from horrific crimes to I’m stealing from other companies. So the cool thing though, is it’s easy to click encrypt email now. But yes, you should be encrypting him and I work for large companies that we really encrypt our email.
Doris Nagel 40:06
Well, I guess it’s a risk assessment, right? Because if you’re just chatting with a client about when to schedule a project kickoff meeting, and when everyone is available, that’s probably not a big deal.
But if you’re a personal injury lawyer, and you are transmitting people’s medical records or you’re dealing with financial transactions, where there’s sensitive information, I guess whether you’re a lawyer or you’re just sending that kind of information as a business, email encryption is probably something you need to think about pretty long and hard.
Professor Black Ops 40:59
If you send in any PII, I would encrypt your email. If you work in Office 365 – and even Gmail has encryption – it’s just so easy to do now.
And you as a lawyer know that if you don’t take the proper steps, you’re negligent and your fine could be extra big. So make sure you’ve taken negligence out of the equation by hitting a button to encrypt your email.
Doris Nagel
Is there an easy way if you’re sending something in Outlook to encrypt it?
Maybe you’ve got a YouTube video –speaking of which, we haven’t talked about your YouTube channel, and all the helpful tips that people can find out there.
Professor Black Ops 41:57
I have one coming. It’s funny, you mentioned that. So yeah, we’re gonna do that, especially from small to medium sized businesses, encrypt an email believes should just be straight out the box, you could do a good one, a couple other services, pretty easy. And we should just do that even for non sensitive information and get in that habit, right?
So you just click a button and it’s encrypted, and you just send it just send an email like you regularly do.
Doris Nagel
Tell people about your YouTube channel and some of the resources that are out there, and how they can find you.
Professor Black Ops 42:36
I appreciate that. I have a YouTube channel, and it’s called ProfessorBlackOps – all one word.
I have three phases of my YouTube channel. One part is for regular people, talking about the things we’ve been talking about: encryption on the phone, phishing risks on a phone, making sure before you put your thermostat on the internet that you know what could cause you problems. So, cybersecurity for regular people.
Then I do cybersecurity for mid to large businesses. That includes FedRAMP and other different compliance issues that businesses need to worry, like HIPAA, or FERPA, which is for kids for education. I also help other people get into cybersecurity, to make a decent living. We know it’s hard to find a good job sometimes. So you come to me and I’ll try to get you into cybersecurity by passing various certifications.
And the last [part of my YouTube channel] focuses on big cybersecurity — things,like mass surveillance, bail bonds for people. There are other big societal things that are coming up. Like we’ve talked about autonomous driving. Things like whether you are cool with your government surveilling us so we can catch bad people. All of those are going to be voted on in the Supreme Court soon.
So we talk a little bit about those big security issues. I especially [want to engage] young people because I always tell them that’s the stuff you’ll get to vote on.
I’m done. I got about 10 years and then I’m retired him so I need all of you to figure out what you want to do about mass surveillance and other projects that the government’s planning to do
Doris Nagel
When you talk about mass surveillance, are you talking about something like drones flying overhead looking for my marijuana patch in my back yard?
Professor Black Ops 44:26
No, no. It’s something so small that you don’t even realize that it’s happening.
The biggest surveillance network in this country right now is Ring Doorbell. I know you’re gonna be shocked.
With Ring Doorbell, you get a 50% discount when you sign up. All those video streams go to your local police station. So if you walk past somebody’s house that has Ring Doorbell, your face ens up at the police station.
Then the police can use that for facial recognition. So they can take pictures and go through all our video streams in seconds. So when you go on Facebook, your picture comes up, you type your name, it brings the rest of those pictures up. That’s facial recognition. So when Ring sends your picture to the police station, that’s what they’re doing with those streams of pictures.
So we talked about that on one of my YouTube labs. I wanted people to know about that and whether they cared. I can tell you it was a big discussion.
Doris Nagel
I think a lot of people have it because they want to who was at their front door. Was it an Amazon driver, or someone else?
Professor Black Ops 45:39
I’m fine with that. But it shouldn’t go to the police station. That’s all I’m saying.
You can have your own local, it goes to your little Dropbox, it gets deleted after 30 days, I’m fine with that. But it shouldn’t go down to the police station. And now when the FBI is looking for something, they can go through all those 20 million Ring Doorbell video streams in all of the United States. That’s mass surveillance.
So those are some things we target. It’s weird. It’s usually by age. People over 40 don’t care. People under 35 want to go to war. So it’s really interesting.
Doris Nagel
Well, I don’t want to I don’t want the show to get too political here, but I laugh about some of the myths out there about the COVID vaccine. There are people who are not wanting to get the vaccine because they’re convinced there are nanoparticles in the vaccine that would allow the government to track them.
And I I just laugh. First of all, I have a friend who’s a doctor says, “I’m sorry, we don’t have that technology to do that yet, even if we wanted to.”
But number two, the government already has so much information out there about all of us, right? I know some people like it, but I find it a little creepy that I’m looking at shoes. And then I go off, and I’m looking at the news. And the next thing I know, there’s pop ups all over the place with shoes that I might be interested in. How did that happen? .
Professor Black Ops 47:29
We know, and they tell youthat they track you across the way.
And now, you say shoes, and ads for shoes come up on your phone. So the big debate is, is your phone really listening to you about shoes?
But back really quickly on the politics, I always tell the young people I chat with: the last thing you have to worry about is the vaccine tracking you. Because you never put down your phone. Right?
You take your phone to the bathroom. I always joke with the kids. I’m like, Yeah, Claire when your phone’s got the most tracking on it, even when you cut off tracking the phone systems triangulating your phone. That’s how you get a call, they know where the phone is.
So until you put down your phone, stop worrying about the vaccine. Leave your phone at home first, before you worry about the vaccine.
Doris Nagel
People are never gonna do that. We’re addicted to our phones like crack.
Professor Black Ops 48:19
That’s what I tell them. You need to shut off Google. Their mapping is free. It’s the best mapping on the planet, because people never put down their phones!
Doris Nagel
Right. In fact, Google said they could track pretty closely how much people were actually following stay-at-home orders and social distancing and traffic to restaurants. They know all that because Google was gathering all of it from our phones.
Professor Black Ops 48:52
It wasn’t even just Google. All the kids were like, “Oh, I want to be cool. I’m checking into this restaurant.” Google doesn’t need to do much when you’re telling Facebook and Instagram where you are and what you’re doing. And when you take a picture your food or a selfie, most people don’t realize this that the longitude and latitude is on a picture you took, unless you disable that feature!
Doris Nagel
Yup. 5 million selfies tracking you everywhere you’ve been every place you’ve been to, for the last five years right?
Professor Black Ops 49:19
So I never tell people anything about the vaccine — you can make your own decision, but I do know your phone is a bigger problem than the shot. If you’re really worried about the government tracking you, put down your phone!
Doris Nagel
Put on your future glasses. What do you see as the biggest issues coming over the horizon?
Professor Black Ops 50:04
Man, I got to be careful here. You have to take a deep breath because I get into a lot of debates with people about this.
I think the riskiest thing is the metaverse pacifying the next generation.
Doris Nagel
Are you talking about things like wearables?
Professor Black Ops 50:29
Yes. Metaverse is where you put goggles on and you enter this augmented reality.
And I believe it’s going to be used to pacify the next generation. You’re not going to get the scholars and the intellectual thinking people you need because I believe they’re doing the metaverse and the entire population is being pacified.
Doris Nagel
That’s like “The Matrix” becoming reality.
Professor Black Ops 50:59
It’s more like “Ready Player One,” if you’re a science fiction fan.
So I’ll touch on this real quick for all the entrepreneurs. Machine learning, augmented reality, virtual reality, and robotics are going to take away 30 million jobs in the next 20 years. So you got to be on the right side of that. And we need to make sure that technology is used in an appropriate way, right?
We used to need a lot more people for things. But we know farmers now have automatic combines. There used to be 1000 people in a typing pool, now there’s no such thing anywhere.
So that’s technology moving, destroying jobs and creating new ones. You have to make sure you’re on the other side so you get one of those jobs that are created, not destroyed.
Doris Nagel
Right. And no doubt there will be lots of jobs in data security.
Speaking of lots of jobs, how can people reach you if they’re interested in maybe having you consult, or if they just want to shoot the breeze with you or pick your brain about something? Or maybe they’re interested in a career in data security, because there are going to be a lot of jobs I think in in that area, what’s the best way for folks to reach you?
Professor Black Ops 52:39
I’m ProfessorBlackOps on YouTube, or my email is professorblackops@gmail.com.
Just shoot me an email. And I, I just didn’t respond in 48 hours, but come check out my comm check out my YouTube. And if there’s a section on there with how to get into cybersecurity, a lot of times people don’t want a college degree. So there’s certifications you can get that can kind of ease you in the industry, and start making money without having a huge, expensive college. So those are some of the things we talked about. And one of the big debates is certifications versus degrees. So come check me out on YouTube, and I’m sure we can link up.
Doris Nagel
Thanks so much, John, or PBO, for joining me this week. It was just chock full of great information. Such an interesting and obviously kind of scary topic, and one that I think most of us need to pay a little more attention to and be more mindful about.
So thanks so much for coming on the show and sharing your thoughts and recommendations with me this week.
Professor Black Ops
Thanks for having me.
Doris Nagel
Thanks so much for listening, folks. And again, a special thanks to my guest today, John Hightower, aka Professor Black Ops, talking this week about data privacy and data security things you can do in your small business to help protect yourself.
You can find more helpful information and resources on my website globalocityservices.com, as well as my new website dedicated to the radio show, thesavvyentrepreneur.org. And it’s going to get populated with more and more blog things like blogs, tools, pop podcasts and other free resources.
I’d love to hear from you. My door is always open for comments, questions or suggestions or if you just want to shoot the breeze, email me anytime at dnagel@thesavvyentrepreneur.org. You’ll always get a response back from me, I promise.
Be sure to join me again next Saturday at 11am Central noon Eastern.
But until then, I’m Doris Nagel, wishing you happy entrepreneuring!
Leave a Reply