by Felicien | Jun 7, 2017 | Education
While you’re working out your long-term data security plans, here are the steps to take in the meantime.
There are three general responses to a data attack like WannaCry. The first is the immediate, “What do we do to stop this and resume operations again,” the second response is a short-term, “What can we do to shore up data security while we recover and look at our strategy” and the third is a long-term, “What permanent changes do we need to make so this never happens again?”
The first and third responses get a lot of airtime, but we’d like to talk about the second response – the short term, immediate action that you can take once you get your business up and running again. These steps are vital to ensuring customers that you have improved your security and preventing aftershock-like malware created by copycats in the wake of a successful attack. Even if your company hasn’t been attacked, if a data attack has made you a little nervous, these short-term steps are a great idea to increase protection and prevent future problems.
Patching Schedule
One of the notable things about WannaCry is that it could have been prevented with the right patches. Microsoft actually provided patches to fix that particularly vulnerability months before the WannaCry ransomware (which targeted Windows computers in networks, especially older versions of Windows). The reason WannaCry was such a huge problem was that companies had just ignored the patch: Not for any good reason – they had just gotten into the habit of never patching their systems.
It’s puzzling because we know some of those organizations had IT departments, but we can’t figure out what they possibly could have been doing. Patching schedules are IT 101, and these businesses flunked out: Fortunately, it’s never too late to check on your own patching schedule and make sure that…well, that it exists. Your organization needs to be aware of when a patch is released and must mandate that the patch is uploaded to all applicable platforms ASAP. For some adaptable companies, continual awareness and automated “as soon as you get them” updates is the best policy. For other companies, it can be more helpful to set up a schedule of checking for updates, such as a weekly or bi-monthly inspection. Either way, have a plan!
Updated Antivirus Software
Antivirus software is in a curious period of evolution at the moment. Older antivirus software looks at DAT files kept on a malware registry, basically a collection of the information about current malware (sort of like matching fingerprints to a criminal database). However, malware moves so quickly these days that some of the DAT files aren’t updated fast enough to catch the latest attacks.
That’s why the newer versions of antivirus software use advanced tracking technology to find actions and data that appear to be DAT files in the making – and warn administrators ahead of time. Obviously, the latter is more effective than the former, so making the switch makes a lot of sense in the wake of an unfortunate data attack (or fear of one).
Employee Training Session
Yep, it’s time: Call all the employees together for a company meeting. Explain the data threat, why it’s a problem, and what employees need to do to protect their devices and company data. Lay out the requirements in a few clear steps that everyone can understand. Communication is very important at this stage, and a forgetful or confused employee can cause a lot of damage. Educate and reiterate to help prevent problems.
Expired Apps
This point is easy, to sum up: If an app is not compatible with the latest version of your operating system, stop using it. Companies simply can’t afford the risk of using apps that fall behind the latest updates (Windows 10 and macOS in their latest versions, for example). In practice, this is a difficult step to take for many companies, but we encourage you to make it part of a strategy. If an operating system has been updated but one of your apps is incompatible, give that app a month or two to come up with a patch. If it doesn’t, drop the app. This makes it far easier to keep up with the latest security methods and vulnerability fixes.
There are plenty of other short-term steps you can take to improve security and make sure your company is ready, including more careful partitioning and server management. If you have any questions about how to create your own strategy for your {city} business, we can help! Contact {company} at {phone} or {email} to learn more!
by Felicien | Jun 5, 2017 | Education
Cyber insurance helps ensure business profits in case of data attacks: Here’s what you need to know.
Cyber insurance is business insurance that covers costs associated with data attacks, offered by insurers and via plans with certain vendors. When many companies here about that, the automatic thought is, “Yes, that is exactly what I need!”
That may be true – but it’s important to note that cyber insurance is not cyber security. It will not actually protect you, and there are strict limits to what it can do. So let’s go over some facts about this type of data insurance that you need to know about.
Coverage Does Vary Based on the Policy
Cyber insurance isn’t as strictly codified as some types of insurance, and its coverage can vary greatly between policies. What one standard policy covers may be very different from what another insurer or vendor offers (we’ll talk more about this later). In other words, you can’t really count on any particular coverage without reading the fine print, so get ready to put on your glasses. Fortunately, like other types of insurance, you can usually attach various riders and clauses to create coverage for the specific events or costs that you are worried about. This will, however, raise the price of the coverage.
Human Error Is Not Covered
Basically, cyber insurance doesn’t really cover people being dumb, and this can cause a whole lot of problems with making claims. For example, let’s say that one of your employees opens a phishing email and downloads some really nasty malware. Will cyber insurance cover that? Quite possibly your claim would be declined because the problem has its roots in a human mistake instead of an attack that your company couldn’t avoid. It’s even more unlikely to find coverage for poor password management or leaving a computer unattended and logged in. Take this as an important reminder that employee education should be a best practice no matter what type of insurance you have or what you want to protect again.
Known Vulnerabilities are Rarely Covered
Here is where matters of liability become tricky. You see, few cyber insurance policies will cover problems that result from known vulnerabilities. That means that if a security policy is known, and the provider or manufacturer announces a patch to fix it, it is on you to download the patch and fix your security. If you do that, coverage shouldn’t be a problem. But of course, a vast number of data attacks happen because businesses have not patched known vulnerabilities (just look at WannaCry) even though patches have been made available.
There may be additional, customizable add-ons for protection even from known vulnerabilities, but it’s going to be a lot more expensive. So, once again, even with cyber insurance, you still need smart security practices and a strict update policy to protect your company. Are you getting the theme here?
Data Restoration May Not Be Covered, Either
Yeah, this one throws a lot of companies off balance: Isn’t cyber insurance supposed to recovered data restoration? Isn’t that the point? Well no, it isn’t. “Data restoration” is a complex process that may or may not work, no matter how much money you throw at it. It usually relies on things like proper data backup, which is a company responsibility, not an insurer responsibility. It’s not really an area that an insurance policy is well-equipped to deal with. So cyber insurance focuses primarily on interruption costs – on “refunding” you the profit that your company lost while dealing with the data attack. Don’t make the mistake of thinking that all associated costs will be covered.
Third Party Insurance is Different From First Party
Typical cyber insurance covers the first party – that is, your company. And that’s it. If data is lost, mishandled or attacked while with a partner or third party, your insurance coverage won’t touch it. However, there is a second type of cyber insurance that is specifically designed to protect your data when it is in the hands of third parties. This is particularly useful in sectors like the healthcare industry, which finds itself transferring sensitive data to other organizations regularly.
Cyber insurance or not, it’s pretty obvious you will need a robust data security plan in addition to any coverage you may choose (or be required to have). We can help here! {company} provides IT services in the {city} area for a variety of different data goals. Let us know what you need by contacting us at {phone} or {email}.
by Felicien | Jun 5, 2017 | Education
Learn about some of the much anticipated new features Microsoft recently announced for the Surface Pro and Office 365.
Microsoft Office 365 and the Surface Pro tablet have been innovative products since their introduction, but the past month brought the announcement of a slew of new updates for Microsoft’s landmark software and hardware offerings that aim to change the game for users. At {company} in {city}, we want you to get the most out of your Microsoft experience by keeping you up to date on all of the exciting new things you can do with your Surface Pro combined with Office 365.
Redefining expectations for tablet inking
Digital pens are one of the areas where tech innovators still have ways to improve, mostly because users’ hands are so used to the specific experience of using traditional pens and ink that switching to a digital version often still feels artificial. By introducing these new updates, Microsoft is stepping up to the challenge of creating a digital pen and ink interface that feels more intuitive for users and includes a wide array of new features.
It all starts with a more expressive inking experience throughout the Office 365 apps on the Surface Pro that responds to users’ commands more quickly and feels more fluid to the touch. Microsoft has increased the number of pressure points on the tablet surface from just over 1,000 to 4,096, resulting in a more natural feel as soon as you put the pen to the glass.
Other updated features include new dynamic ink effects in Word, Excel, and Powerpoint, and innovative whiteboard tools for enhanced collaboration. The Whiteboard app features enhancements such as geometry recognition and automatic table shading, so you and your colleagues can seamlessly work together and stay on the same page.
Facilitating innovation for commercial customers
Office 365 commercial subscribers will find a lot to get excited about in this new batch of updates as well. Microsoft’s Power BI, the suite of business intelligence tools, is now enhanced with the Office 365 adoption content pack. Office 365 usage reports are displayed in a clear and visually-engaging format, and leaders can seamlessly integrate the data into their BI analysis and decision-making matrices. Office 365 usage reports are a powerful source of data for business users, and companies can use this comprehensive information to make more informed decisions about inter-office communication and efficiency.
Enhanced accessibility provides true data freedom
Microsoft understands that data access, reliability, and security are on everyone’s minds these days. To that end, the OneDrive Files On-Demand feature facilitates access to any files that are stored on the cloud from any connected device at any time. The age of buying mobile devices that are weighed down with extra storage is over. Consumers and corporate users alike are clamoring for agile mobile devices that will provide a seamless transition from the desktop experience, and that they can take anywhere at a moment’s notice.
Since everything these days is stored in the cloud, it should all be accessible directly from the cloud as well. With OneDrive Files On-Demand, all of your files will show up in, and be accessible from, File Explorer, whether or not they are stored directly on your device.
Better SharePoint integration to keep you connected
Sharing is also getting more simple, fast, and intuitive courtesy of a new unified sharing experience for Microsoft OneDrive. You don’t even have to click away from your desktop screen to share files and links with specific contacts. What if you need to quickly grant or revoke editing privileges for certain people on a file? In OneDrive, you can easily modify the permissions settings in an instant, and you have the ability to set time limits on access permissions.
The recent SharePoint Virtual Summit also brought news of the integration of PowerApps with the SharePoint platform. This feature hasn’t been rolled out just yet, but users will soon be able to combine the breadth of data in PowerApps with the customization power of SharePoint to create unique digital experiences.
To learn how to get even more out of these exciting new updates for Microsoft Office 365 and the Surface Pro, contact us at {email} or {phone}.
by Felicien | Jun 5, 2017 | Education
Marshmallow operating systems, candy-colored computers, and other sweet innovations for national candy month.
June is national candy month, and to celebrate, we’ve decided to share some of the sweetest moments in candy-related IT history. Each of these cultural tidbits is paired with a little lesson or a few tips on how to integrate the sweetness of innovation into your company.
1. Candy-Colored Computers
In 1998, Mac released the iMac G3. This candy-colored computer was arguably the first technology to tie style so closely with function. Buyers got a great home or work computer, but they also got the fun of picking a color to match the personal style—the iMac G3 came in thirteen flavors from lime to flower power to ruby.
This computer didn’t offer a floppy disc drive, a main staple since the Commodore 64 and even further back, and Apple was criticized for the decision. Instead, the iMac G3 integrated the newly emerging USB port, and ultimately, the computer was a successful seller for the next five years. For small business owners, the moral of the story may be to take a risk, pursue innovation and find a sweet, stylish way to sell it to customers.
2. Cupcake-Flavored Mobile Phones
In 2009, Android released the Cupcake. The first in a long line of sweetly named operating systems, this was the first cell phone operating system to support keypads from third parties. As a result, whether users were on email or social media, a keypad appeared on the screen, allowing users to finally say goodbye to the pull out keyboard.
That shift helped usher in the age of the small, tablet-esque smartphones, and it also helped position the smartphone as an essential work tool. Eight years later, Android has brought out operating systems named after eclairs, gingerbread, honeycomb, marshmallows, and jellybeans to name just a few, and smartphones have become an essential part of most businesses.
When setting up properly, they can streamline everything from tracking receipts to communicating about group projects, and small business owners should find strategies to sync smart phones to office computers as needed.
3. Candy Crush
In 2012, Candy Crush released a mobile app version of its browser game. Entertainment and gaming companies quickly realized that the adults of today will download and play games on their phones, and in fact by 2014, over 93 million people (the equivalent of nearly a third of the United States were playing the game), and the company was raking in hundreds of millions of dollars per year.
This surprise also brought changes to the world of business, and many businesses finally began embracing apps. Now, you can get everything from accounting software to virtual time clocks in an app, and it’s even becoming easy for small businesses to download templates and create apps to market their services or facilitate consumer engagement.
4. Full-Sized Candy Land
In 2014, Google moved its set of foam candy-shaped sculptures to the front of the Google headquarters, and the statutes became a popular tourist attraction. Google had been erecting the statues in front of its Android development offices as each new system was developed, and over the years, kit kats, lollipops, and ice cream sandwiches were added to the ranks.
These full-size foam renderings of sweet operating systems underscore how people engage with a brand. As a business owner, it’s critical to think about your own brand. For instance, if you want reliability to be part of your brand image, you need to work with an IT managed service provider that keeps your site up and that helps ensure your staff has working computers and a minimum of delays.
5. Easter Eggs
Although it’s last on the list, this sweet bit of tech history actually took place first. The first tech Easter egg appeared in 1979. For those who haven’t heard the term, an Easter egg is a hidden joke or feature in a computer program or video game, and the first one appeared in the Atari game Adventure.
Google, in particular, has lots of Easter eggs. For instance, if you google the phrase “do a barrel roll”, the window will turn before your eyes. Similarly, if you google “askew”, everything will appear slightly slanted.
Is there a lesson in Easter eggs? Yes, and it’s the importance of having a bit of fun. Whether you’re dealing with employees, customers, product development, tech issues, or anything else, try to mix it up with a little fun.
Ready to shed some of your IT burdens so you can focus on productivity and fun. Then, maybe it’s time to indulge in the sweetness of a managed IT service provider in {city}. To learn more, contact {company} at {email} or give us a call at {phone}.
by Felicien | Jun 5, 2017 | Education
Undeniable Link Between Strategic Tech Implementation and Sustainable Business Practices
Now more than ever, business professionals in every industry are looking for the most sustainable and cost-efficient ways to reduce their environmental impact and drive sustainability. In an increasingly fast-paced and digital-based business environment, technology is playing a larger role in the effort to develop and maintain a business that is wholly sustainable.
Taking advantage of technology to drive sustainability isn’t just about saving paper or setting timers for light switches. Modern tech resources offer the capacity to optimize the whole of business practices while putting an end to downtime traps and costly procedural inefficiencies. However, for busy professionals who are focused on their core business, sustainability-minded technology can often take a back seat. That’s likely the reason that outsourced managed IT services, from a strategic provider, is becoming an increasingly popular way for business owners to kill two birds with one stone – technology and environmental sustainability.
Initially, our clients come to us looking to get their technology situation under control. However, what they often realize afterward is the many ways in which optimizing technology can reduce the overall environmental impact of business practices.
{company} helps business clients of all kinds make sustainable technology decisions including:
Recycling old servers, computers, and printers to make way for new, power-friendly replacements
Switching from paperless documentation systems to digital or cloud-based platforms
Expanding communication capabilities like Skype and remote access solutions that minimize the need for unnecessary business travel
There’s a lot of misconceptions about technology and sustainability. Making environmentally friendly technology decisions does not have to mean an impact on a business’ bottom line. We help companies of all kinds make the right technology decisions to maintain environmental sustainability and business prosperity.
WithWorld Environment Day falling on June 5th, 2017, {company} wants to remind local business professionals that getting on top of environmental sustainability doesn’t have to mean an increase in cost or a vast array of new and expensive resources.
