by Felicien | Jan 30, 2019 | Education
Two subscription-based software programs available from Microsoft are Office 365 and Microsoft 365, both developed for small to medium-sized businesses and even larger companies. There are some similarities and differences between the two to help you decide which one you need for your organization. For even larger organizations there is Microsoft Enterprise that may have some security features that smaller companies should consider.
Office 365 is a cloud service platform that offers familiar Microsoft products like Word, Excel, PowerPoint, and other services either online or on-premises through a subscription plan.
Microsoft 365 is an all-in-one bundle that includes the Office 365 Suite, Windows 10 Pro and Enterprise Mobility+Security for a complete, interconnected experience.
Office 365 Business: This is a subscription-based version of Microsoft Office and is designed for organizations with 300 users or less and includes, 1TB of storage, basic data and app security and device management capabilities using Microsoft Intune and the Office 365 Suite, that includes the following:
Microsoft Outlook: Outlook is Microsoft’s personal information manager used mainly for email management. The program also includes a calendar task manager, contact manager, journal, note taking and web browsing.
Microsoft Word: Word is Microsoft’s word-processing program designed for creating documents like letters and questionnaires, as well as basic desktop publishing for creating brochures, flyers, posters postcards, and more. Word includes many features that make it easy to create professional looking documents and archive them.
Microsoft Excel: Excel is Microsoft’s spreadsheet program that allows users to organize, format and calculate data using formulas. It also features graphing tools and pivot tables. Excel uses a collection of “cells” arranged into rows and columns in order to organize and analyze data that can be displayed as charts, line graphs or histograms.
Microsoft PowerPoint: PowerPoint is a presentation program where users can design multimedia slide presentations. PowerPoint allows the user to attractively arrange photos, images and other graphics.
Microsoft Access: Access is a database management system that allows users to enter, organize and run reports on a large scale. It is used by larger teams and corporations with large amounts of data. Note: Access is only available for PCs, not Apple products.
Microsoft Publisher: Publisher is an easy to use, basic desktop publishing program with extensive tools needed to produce layouts using images, typography and other graphics. Publisher is perfect for creating business cards, promotional flyers, invitations, greeting cards, calendars, and newsletters, to name a few. Note: Publisher is only available for PCs, not Apple products.
Microsoft OneNote: OneNote is a program for taking notes, whether handwritten or typed, drawings, screen clippings and audio and sharing them with other OneNote users. It is meant as a free-form, collaborative program.
There are three tiers of Office 365 Business that include: Business, Business Premium and Business Essentials. Business is the basic level that offers desktop versions of all the office applications, file storage and sharing with one TB of OneDrive Storage. Business Premium and Business Essentials offer other services to not only organize your office but to nurture relationships, connect teams, and manage all aspects of your business. The subscription ranges from $8.25 per month per user for basic to $12.50 per month per user for premium.
Now moving on to Office 365 and what makes it different. Office 365 is an upgraded version of Office 365 Business that offers even more, especially in security. The main difference is all of the security features that are not available on Office 365 Business Premium. The following are Office 365’s security features:
Provides business protection from unsafe attachments, suspicious links, attachment checking and scanning
Provides information protection policies to help control and manage how information is accessed
Provides controls to protect company data on personal mobile devices
Provides archiving capabilities, data preservation and continuous data backup that is accessible from anywhere 24/7
Device management is another upgrade that is not available on Office 365 Business Premium. Subscribers will get upgraded to Windows 10 Pro from Windows 7, Windows 8 or Windows 8.1 Pro. There are also simplified controls to easily manage Windows 10 Pro PCs, self-service PC deployment with Windows AutoPilot and secure management for iOS, Android, Windows and MacOS devices.
The subscription fee is $20 per user (up to 300 users) per month.
Small-to-medium-sized businesses looking to transition to Office 365 need to buy Windows 10 Pro and then subscribe to a security service individually as well as making sure all of their users are properly connected and covered under the security subscription.
On the other hand, when transitioning to Microsoft 365 everything is integrated from the start. This makes it easier from a buying perspective and easier for end users to navigate. Deciding to subscribe to the entire Microsoft ecosystem from the beginning provides businesses the opportunity to have all the tools they need to successfully run their businesses.
There are many things to consider before deciding what is right for your organization. If you can answer, “yes” to the following questions, then Microsoft 365 Business may be for you:
Are you a small to medium-sized business with under 300 users?
Are the majority of your PCs not running Windows 10?
Is your business behind in security and device management?
It is important to note that some of the Microsoft Enterprise E3 security features (the price is the same as Business Premium) may be right for your business needs.
Microsoft 365 has many features to offer businesses that haven’t transitioned to Microsoft Office 365 and need to get set up quickly. Microsoft 365 Business should be especially popular among new small to medium organizations that require a collaborative environment. For more information and guidance to research, compare and decide what is best for your business by referring to the following websites:
Office 365 Business: http://products.office.com
Microsoft 365 (includes video and guided tour): https://www.microsoft.com/en-US/microsoft-365/business#pmg-cmp-desktop
Office 365 Enterprise: http://products.office.com/en-us/business/compare-more-office-365-for-business-plans
Additional Questions: Email: {email}.
by Felicien | Jan 29, 2019 | Education
HIPAA, an acronym of the Health Insurance Portability and Accountability Act was signed into law by President Bill Clinton back in 1996. Initially, HIPAA has meant to reform the healthcare industry for two reasons. One was to ensure employees that were between jobs would still have healthcare coverage (P meaning portability). The second was to ensure the security and confidentiality of health information (the first A meaning accountability). As with any policy, HIPAA has changed throughout the years and has added many new rules that healthcare organizations must follow to protect and inform patients.
Here are some 11 of the most frequently asked questions regarding HIPAA security and compliance.
1. What does our organization need to do to become HIPAA compliant?
Although there is no concrete answer for this, our research indicates that the Office of Civil Rights will consider favorably on organizations who make a “good faith” effort to do the following:
Implemented an active ongoing risk management process
Performed recent security risk analysis
Developed policies and procedures that define how patient information and data is secured
Have signed business associate agreements
Proof that employees are trained annually
Filed HIPPA compliance program documentation evidence of all the above.
It is important to note that according to the HIPAA Journal, “ignorance of HIPAA regulations is not considered to be a justifiable defense by the Office for Civil Rights of the Department of Health and Human Services (OCR).”
2. What Are Explicit HIPAA Requirements?
HIPAA calls these requirements, “safeguards”. There are three safeguard categories, physical, technical and administrative. Physical focus on physical access to information at any location whether it is on site, a remote data center or in the cloud. Technical focus on the technology that is used to protect private information and provide access to the data and administrative focus on the policies and procedures that tie the Privacy Rule and the Security Rule together. Risk Assessments are suggested so organizations can improve and align these safeguards.
3. Do We Need a Business Associate Agreement? A Business Associate is a vendor that needs access to electronic protected health information (ePHI) like technology providers, billing companies, etc. The Privacy Rule lists other activities and services that have access to protected health information where an official agreement is required.
4. Is Annual Employee Training Required? Training employees guarantees that everyone on your team is updated on HIPAA requirements. Training policies should be included and documented in your organization’s Risk Assessment and considered an important, ongoing process. Remember, “ignorance of HIPAA regulations is not considered to be a justifiable defense by the Office for Civil Rights of the Department of Health and Human Services (OCR).”
5. Can Our Organization Send Emails? The majority of ePHI breaches result from unencrypted data and the transmission of unsecured ePHI over open networks. Communicating by email is acceptable only if the email is encrypted or the person signs a release giving their permission to send them emails. The best policy and practice is to communicate with a patient through encrypted email to securely records the communication trail.
6. Should We Report Ransomware? Ransomware, or malware, is a form of cyber attack when the hacker threatens your organization, preventing you from accessing your data.” They demand a ransom (money) to restore it. First and foremost, your organization should take all precautions so this doesn’t happen. Make sure all systems are protected and train your employees to recognize phishing emails. But if a cyber attack does happen, it is possible that an investigation would be necessary.
7. What is the Difference Between a Security Incident and a Security Breach? Anytime the security officer suspects that any ePHI was disclosed by anyone who is not authorized to see the information is a security incident. The security incident must turn into an investigation before a security breach is determined.
8. How Often Should We Perform Risk Assessments? There is no “one size fits all” policy regarding performing HIPAA Risk Assessments. Risk Assessments should be done on a regular basis to ensure ongoing compliance. HIPAA regulations allow organizations to perform them as they feel necessary, but to meet HHS standards, all organizations should perform them on an annual basis.
9. Should We Perform Vulnerability Scans? Absolutely. A vulnerability assessment or scan is an examination of an organization’s technology, equipment, and software to check for weaknesses that could be used by unauthorized people (hackers) to damage the network. Identifying vulnerabilities is a requirement of HIPAA Security rules and states, ” The Security Rule requires entities to evaluate risks and vulnerabilities in their environments and to implement reasonable and appropriate security measures to protect against reasonably anticipated threats or hazards to the security or integrity of ePHI.” The time frame is not specified but is a conversation and policy to plan with your IT provider for your organization’s overall technology security.
10. Should We Encrypt Our Laptop Computers? As mentioned above, encrypting emails and other private information offers protection from hackers and it is recommended as a best practice for all organizations, not just HiPPA covered entities. If an encrypted laptop computer is lost or stolen and you have documentation stating the information was encrypted, then it is not considered a breach.
11. How Should We Train Our Team? Training is an ongoing process to keep everyone in your organization informed and aware. Short, consistent pieces of training we refer to as Micro trainings are helpful. They are short informational videos overviewing relevant topics that can be incorporated into a regular workday policy enforcing that everyone is responsible for safeguarding information. Micro trainings, combined with intentional randomly sent simulated phishing emails from the IT department will reinforce the importance of awareness and policy compliance. Ongoing training prepares everyone in the event of a data breach.
by Felicien | Jan 29, 2019 | Education
As technology improves, so does the way professionals use their programming to increase productivity and efficiency. At one time, emails were the preferred communication between colleagues simply because it was the new form of a written message. Over time, people came to see email as being a bit clumsy for informal messaging, as social media and SmartPhones introduced text messages and chat rooms. You wouldn’t send your roommate a formal email to ask whether to pick up an extra coffee on your way home, likewise, it makes more sense to send a text to ask if there are any specific topics to be addressed in the upcoming meeting.
Why Create Teams
The fact is, teamwork relies on communication, and teamwork is a vital aspect of how an office functions efficiently. The definition of your team might vary over time, as it is on one level the entire office staff, but it might also reference your department, or a group of people within that department who are working together on a project. By using Microsoft Teams in conjunction with Office 365, you can quickly choose who to share information with, whether it’s a quick message or a formal document. Unlike email, you can easily choose the team to share with rather than sending the message to everybody on your contacts list who doesn’t need to know about it, or alternately, accidentally leaving someone out who does need to be informed.
Recommended Settings
Like other software, Microsoft Teams has recommended settings which have proven to work best for most offices. The most common initial setting allows only team members to post to the general discussion. This can allow people outside the team to view what’s going on without cluttering up the discussion by adding their own thoughts to a project they may not be working on. Outsiders can still message individual team members with relevant information, and then the member can decide whether it is important enough to post for further discussion. Another way to keep the conversation crisp without unnecessary clutter is to turn off the “@team” notification. Although not a setting, it is important for the team owner to remove accounts that no longer belong, as they no longer need access to your org-wide team.
Conclusion
Microsoft Teams really is a great new program which is changing the way office communication is handled. Although it is much more than social media, to an extent it uses such a concept to bring the ease of communication such sites have incorporated into a professional setting. It makes it easy to share information with the people who need it, without giving it to people who have no interest or leaving anyone out of the loop who does need to know.
by Felicien | Jan 28, 2019 | Education
There is no better time than Jan. 28 to turn your attention to the importance of data privacy and all that it entails. During National Data Privacy Day, numerous businesses, nonprofit organizations, government entities, and individuals will come together to spread awareness about safeguarding data, protecting privacy, preventing information theft, and other issues that affect managers, owners, employees, and consumers alike.
What is Data Privacy Day?
Data Privacy Day is an international effort held annually on Jan. 28. The purpose is to create awareness about the importance of privacy and protecting personal information. Many people are unaware about how their personal and professional data is shared and don’t take the necessary precautions to protect it, leaving themselves and/or the organizations they work for vulnerable. Data Privacy Day helps spark a necessary dialogue that educates business professionals and organizations, giving them a sense of empowerment as well as practical knowledge about which best practices should be implemented. This year’s theme is “Respecting Privacy, Safeguarding Data, and Enabling Trust.”
The Data Privacy Day campaign was initiated in North America in January 2008 as an extension of the Data Protection Day observed in Europe, also on Jan. 28. According to the National Cyber Security Alliance (NCSA), Data Privacy Day “commemorates the Jan. 28, 1981, signing of Convention 108, the first legally binding international treaty dealing with privacy and data protection.”
In 2014, the 113th U.S. Congress adopted a resolution expressing support for the designation of Jan. 28 as National Data Privacy Day, according to the NCSA. In the states, the National Data Privacy Day campaign is spearheaded by the NCSA, a nonprofit entity founded in 2011 that works with the Department of Homeland Security along with a number of private sector sponsors. The NCSA is advised by a distinguished advisory committee, whose members include experienced privacy professionals that help keep the campaign aligned with the most current privacy issues “in a thoughtful and meaningful way,” according to the NCSA. Although Data Privacy Day is perceived as the signature event sponsored by the NCSA, the organization is involved year-round in a comprehensive effort aimed at privacy awareness and education.
Why be involved in Data Privacy Day?
Any person or entity across any industry can be involved in the Data Privacy Day campaign. This includes businesses of all sizes; government organizations; nonprofit organizations; schools/school districts and other educational institutions; and individuals and sole proprietors.
Participating in this international initiative is a way to demonstrate your support and dedication to the idea of empowering businesses and individuals to take this issue seriously and giving them the tools to be part of the solution. Getting involved is as simple as signing up online. Upon signing up, your name, as an individual, business or other professional entity, will be added to the Champions page. You also will receive resources, such as the #PrivacyAware Toolkit, to help you disseminate awareness and information throughout your organization, as well as the larger community that you serve. The toolkit includes templates for a press release and email; sample social media messages; and digital graphics to use online and in other promotional materials. These items can be used among stakeholders to create dialogue about advancing data protection and privacy.
You can also follow the Data Privacy Day Facebook page to stay abreast of any news or updates.
What does Data Privacy Day entail?
During the day of Jan. 28, the NCSA will provide access to the live streaming of a special Data Privacy Day event, titled A New Era in Privacy, which will be hosted by LinkedIn in San Francisco. During the event, privacy leaders with diverse perspectives will discuss how the technology landscape is rapidly changing and provide insight on what opportunities and challenges are likely to crop up in this new era in privacy. Presentations will come from representatives of the NCSA, LinkedIN, the Federal Trade Commission, Verizon, and other industry leaders.
Data Privacy Day is also a good opportunity to discuss security tips and best practices with your staff and/or IT consultants. Find out if there are any new regulations governing the handling or transmitting of data, discuss any current cyber-security threats, put together a plan for dealing with a data breach, and collaborate on any further steps required to better protect private information.
How are you protecting your data?
Managed Service Providers (MSPs) with an expertise in IT can help you achieve the important mission of protecting your business or organization from unauthorized access to important information, identity theft, data loss and other potentially crippling events. They offer a number of technology-related services to help you with systems analysis, email security and archiving, mobile device management, keeping software up to date, web filtering, using firewalls, and other IT solutions.
Implementing these practices can help you encrypt data, mitigate the risks related to electronically transmitted communications, and comply with laws and regulations pertaining to the use of technology. Additionally, IT management companies and consultants can assist you with network monitoring and maintenance, which prevents smaller issues from causing your organization to lose productivity, experience data loss, or suffer financially in a more significant way.
by Felicien | Jan 28, 2019 | Education
As a business owner, one of your most pressing concerns should be improving the technology that drives your business.
There are so many reasons to care about your company’s IT. Here are just a few:
Your customers and clients will inevitably want better technology
Your employees need it too to do their jobs
Cyber hacking is a mounting threat
The advance of programming and storage services is getting hard to keep up with
Knowing this, you’re saddled with an important question: Will you hire an in-house IT department or will you outsource?
In this article, we’ll be making the case for the latter. Outsourcing IT is simply the way of the future. An increasing number of businesses and organizations are finding that it gives them more freedom, saves them money, and improves their technology by leaps and bounds. There are nearly no drawbacks.
If you still need more convincing, we get it. Below, we’ve listed the top reasons why outsourcing your IT is a wise move for any business. But first, let’s talk about what outsourcing really means and how to find the best IT service provider in your area.
What does outsourcing IT really mean?
As with any other type of outsourcing, outsourcing IT simply means hiring a separate company to handle your business’s IT services. They’ll be there when you need them, and when you don’t — you don’t have to pay them. Often, outsourcing means “on call.”
Furthermore, the business you’ll hire only focuses their services on IT. All of their technicians will work full or part-time providing better IT for other businesses (like yours).
Some IT companies help specific industries. For example, one IT company may focus solely on assisting medical providers with the best quality IT services. They will know the ins and outs of cyber security measures for hospitals, doctors’ offices, and emergency care centers. Other IT companies have an even more specific subset of customers. For example, there might be an IT company who only handles the IT services for dentists.
This specific focus on a unique industry allows these companies to know everything there is to know about the industry. Of course, this benefits you, the business owner, most of all.
Generally speaking, outsourcing is a way for you to only use the IT services that you actually need from a professional IT company. Most of the time, IT service companies provide different tiers of service so that you can choose the amount of care you’ll need for your business. Companies that offer these services are particularly called MSPs or managed service providers. They do not work directly for your company in that they are not on your payroll, nor do they have offices within your business. But they completely manage your business IT services.
As your business grows, you may go up a service level tier. This will be up to you and the contract you form between you and your IT service company.
How do you locate an IT service provider?
If possible, you want to find an IT service provider who caters to your industry specifically. Again, not all IT companies provide services for a particular sub-industry, but this is common in many industries, such as the following:
Law (lawyers and legal practices)
Hospitals and medical practices
Dental practices
Schools, colleges, and universities
Manufacturers
Transport companies
When you find several IT support companies who fit the bill for your particular business, make sure to interview them. Ask them the important questions. Here’s a list to get you started:
How long have you been in business?
What types of businesses do you primarily serve?
How many businesses are hiring you right now?
Can I speak to any of these businesses? Or to past clients who were happy with your service?
What levels of service do you offer?
What do your contacts look like?
What type of service am I going to get if I have a troubleshooting problem and need help immediately?
Will someone specific be managing my account?
What types of service don’t you provide? (Often, it’s better to ask what services are not included.)
Top reasons why outsourcing IT services is a great idea
Hopefully, you’ve already been convinced as to why outsourcing IT is smart for virtually every type of business, but let’s break down the specific reasons below:
1. You’ll save money: You won’t be paying an in-house IT team to do nothing, waiting for you to need their assistance.
2. You’ll have access to the best talent: IT companies only do IT. They hire professionals who love technology and staying up-to-date with the latest advances in cybersecurity, software, and hardware.
3. Ideally, you’ll find a niche company who only serves your industry: Again, if you are in one of the larger industries that IT companies may focus on, you’ll have unique care for your business that you won’t find anywhere else. These companies know everything there is to know about the programs and software that you use internally and with your customers.
4. You’ll improve your security by leaps and bounds: In this day and age, hackers are coming up with all new ways to attack your online stored data, steal your information or hold it ransom, and take down your business. A professional IT service company knows how to combat these hackers and stop a breach of your security, ideally before it starts.
Looking for an IT company in your area?
As you start the search for IT companies and managed service providers in your area, be sure to talk to other businesses and organizations who outsource their IT. You can also search the web and start reading reviews of MSPs or IT service companies in your area. Often, these companies work from a central location in a city, but if you are in the suburbs or the outskirts of a larger city, most managed service providers will include you in their service area.
Doing your research is always wise when it comes to outsourcing. While hiring out your IT services is definitely the way to go, the outcome will also depend on how much effort you put into finding the best company for the job.
