by Felicien | Jun 26, 2018 | Education
New Office app is a scheduling game-changer for managers and employees
If there’s one thorn in the side of every business, it’s mastering an efficient and functional schedule for the whole team. Between various levels of employees, diverse job types and differing time allotments, making a consistent and easy-to-access schedule can be a huge challenge.
Of course, in the increasingly tech-based work world, countless companies are arriving on the scene claiming to have the newest and best scheduling solution that your company MUST take advantage of. Listen, there are some great stand-alone solutions out there, but often the big promises offered don’t measure up. Even worse, what good is a scheduling solution if it isn’t integrated with all the other applications you already use for calendar tracking and communication?
That’s why business professionals of all kinds are excited about the latest app from Microsoft, called StaffHub. StaffHub is truly changing the game for scheduling in the workplace and the best part is, the application is designed with Microsoft’s familiar and functional signature touch.
Tell Me More: What Exactly is StaffHub?
StaffHub is the latest productivity application released for Office 365. The application is designed specifically to better connect staff and managers to the critical scheduling data they need each day. The application is all about easy access, easy modification and easy communication to ensure that the team is always on the same page and scheduling conflicts are put to rest.
Check out some of the BEST features that StaffHub provides:
Easy Schedule Creation and Sharing
Managers are able to easily create schedules and share the content with their employees seamlessly. The StaffHub app and its data can be accessed from any mobile device through the Office 365 app. Gone are the days of the printed schedule on the wall of the office. With StaffHub, workers can simply open the app to see their upcoming scheduled shifts.
Supreme Schedule Display and View Options
Not only is the schedule easier to create and access in the app, StaffHub makes it look better too! Say goodbye to scratched out times and names on your paper schedule. The StaffHub schedule appears on an attractive and organized grid that can be color-coded for ease. There are also many different viewing options. Users are able to switch between monthly, weekly, or daily views and tapping on an individual shift shows more details. There’s even an option to view the total scheduled hours for each employee.
Streamline Shift Switches
Ah, a manager’s worst nightmare. You spend hours creating a schedule only to get three different employees at your door requesting changes. With StaffHub, this nightmare ends now. When scheduling conflicts come up, StaffHub makes it easy for workers to request a switch. Simply tap the shift in question, select the person to switch with and voila! A request is sent directly to the manager for final approval. This way, you stay in constant control of your schedule while keeping your team happy and organized.
Integration and Communication
As mentioned, there are a lot of stand-alone apps that promise a revolutionary scheduling solution. However, StaffHub is unique in that it is entirely integrated and compatible with Office 365 apps – making communication and collaboration a breeze. Employees can exchange messages and access other content through the StaffHub app. Even better? StaffHub is compatible with Azure Active Directory, meaning managers can add and remove team members as necessary.
Streamlined Success: StaffHub Makes for Happy Managers and Content Staff
Overall, StaffHub is a great tool for streamlining processes and keeping your entire team on the same page. When team members are able to easily understand what is expected of them and access the critical data that they need, jobs get done quicker and employees are more motivated to work. While countless providers are on the market claiming to be the productivity powerhouse, it’s a good idea to peek at what you may already have included in your Microsoft Office 365.
By taking a look at your existing infrastructure before you commit to any applications or solutions, you’ll have a better idea of what specific features you need and how to revamp your tech solutions accordingly. Microsoft has been on the scene for decades – working constantly to keep up with the times and give business users the solutions they truly need.
For Office 365 users, StaffHub is hands down, the no-brainer solution for scheduling. Integration, ease of use, productivity and presentation—what more could a scheduling manager ask for?
Looking to get on top of your scheduling practices? Tired of shift-change nightmares and hardcopy schedules taped up in the breakroom? Reach out to a local team of IT experts for consultation on your best options for schedule management. A team of professionals can help get you on the right path to choosing apps that work better for you and your team.
by Felicien | Jun 25, 2018 | Education
Ohio Fire and Police Departments Latest to be Hit by Ransomware Attack
US Secret Service investigates after second ransomware infection in a month
In April of this year, news broke of a devastating ransomware attack at Riverside Fire and Police Department in Ohio. The attack halted operations and over ten months’ worth of data relating to active investigations was encrypted by criminals. The emergency service department’s server was said to be infected through malicious correspondence, disguised as a legitimate email fax.
Luckily, in response to the first attack, the Riverside Fire and Police Department did not pay the ransom, setting a great example for other ransomware victims across the country. The emergency service departments managed to recover most of the critical data from existing backups and public court records. However, the extent of the attack left the Fire and Police departments unable to restore their systems completely.
Doubling Down: Riverside Fire and Police Department Gets Hit by Second Virus
Even worse? The cybersecurity trouble didn’t stop there for the Riverside Fire and Police Department. Less than a month after the initial attack – just as the departments were getting their bearings –cybercriminals struck again and infected Fire and Police servers with a second ransomware outbreak. However, since the departments were on guard from the first attack, their team was more prepared to respond to the second infection.
News of the second attack broke in early May when the US Secret Service was summoned to Ohio to lead a cybercrime investigation. Luckily, department officials had learned from the first attack and had begun backing up data daily. Thanks to this proactivity, the second attack was only able to hold about eight hours of work hostage and the Fire and Police Department was able to recover quickly and fully after the second attack.
However, just because the second attack wasn’t as bad, doesn’t mean it didn’t have a negative effect on productivity at the emergency services department. City Manager, Mark Carpenter claims that though more proactive backup measures had been taken, rebounding from the attack still resulted in redundancies.
“Everything was backed-up,” Carpenter said in an interview. “But we lost about eight hours’ worth of information we have to re-enter. It was our police and fire records, so we just need to re-enter the reports.”
US Secret Service agents are taking the attack very seriously, commencing an extensive investigation. Secret Service agents hope to determine specific points of entry – not just for this attack but for the initial attack as well. The investigation will hopefully uncover critical clues that will help officials track down and stop the hackers once and for all.
A Startling Reminder: No One’s Digital Data is 100% Safe!
These repeat attacks on the Riverside Fire and Police Department serve as a critical reminder that emergency service departments are increasingly becoming victims of ransomware attacks and data loss. In fact, many recent ransomware attacks on emergency service departments have been more devastating than this year’s attack in Riverside. Last year, the Cockrell Hill Police Department in Texas was hit with a massive ransomware attack, resulting in the loss of nearly eight years’ worth of investigation data and evidence.
It doesn’t stop there either. Recent attacks on emergency service departments have been reported across the country. Most recent reports include attacks in Illinois, Massachusetts, Oregon, South Carolina, as well as additional attacks in Ohio and countless others from coast to coast.
However, it must be noted that there’s no evidence to suggest that cybercriminals are specifically targeting emergency service departments. Rather, these attacks do suggest that the bad guys are attempting to deploy more enormous and wide-reaching phishing campaigns in hopes of hitting as many targets as possible. Using manipulative social engineering strategies on a large pool of potential victims, improves the chances of duping targets and infecting as many servers as possible.
If Cyber Criminals Can Breach a Police Station, How Safe is Your Company Data?
While emergency service departments are often able to bounce back quickly – thanks to reliable backups or quietly paying off ransoms – this increase of ransomware attacks emphasizes the need for security awareness training, even for the most seasoned of investigative departments. More importantly, these attacks also serve as a crucial reminder for everyday business professionals. If police and fire departments are falling victim to ransomware attacks, even with the best firewall and cybersecurity measures in place, regular business owners should be on much higher alert.
No matter how extensive your company’s cybersecurity efforts may be, phishing attacks are increasingly being designed to sneak past filters and firewalls. Therefore, getting proactive must be prioritized in your cybersecurity toolkit. Phishing scams are now the most common and effective mode of malware attack and in turn, training your frontline workers to identify these attacks right away and respond to them effectively is critical to keeping your data safe.
Security awareness training is often cited as the best means of preparing front-line tech users to identify and respond to malicious cyberattacks. After all, an informed and vigilant team is a business’ best defense in an increasingly hostile and sophisticated cybercrime climate.
Preparing for the Worst-Case Scenario: What is Security Awareness Training?
Security awareness training isn’t just about reading up on the latest attacks and teaching your team the definitions of phishing, malware, and ransomware. Truly proactive security awareness training involves detailed and interactive modules that help users get a hands-on experience. This includes throwing your team into realistic attack simulations to help them identify red flags and respond with finesse.
So how do you ensure the training you’re providing to your team is up to snuff? Consult or partner with an expert in cyber security. Today’s managed IT service providers are current on the latest cyber-threats. They can assess your current security to see if it’s powerful enough to stop all attacks. In addition, a good IT professional will recommend customized security solutions that can fortify your organization against the ongoing attacks. As the world moves forward, protecting our priceless data is fast-becoming a number one priority.
by Felicien | Jun 25, 2018 | Education
Cyber Hacks on DNA-Testing Companies Raise Fears about Genetic Data Privacy
DNA-testing companies the latest to be targeted by cybercriminals
Stories of businesses getting hacked by cybercriminals are pretty much par for the course nowadays. Increasingly, companies who collect and store large amounts of user data are prime targets for malicious and greedy hackers. From social networking sites to ride-share companies, large stores of user data are one of the hottest commodities on the cybercrime market.
MyHeritage hack: Over 90 million users affected
One of the most recently reported attacks saw the email addresses and passwords of roughly 92 million users hacked. MyHeritage – an international company based out of Israel – is a DNA testing provider that offers customers the unique experience of determining the specific makeup of their ethnic ancestry and lineage. The MyHeritage hack stands out among others for the very obvious fact that the company doesn’t simply collect basic user info like emails and passwords – it collects and stores mass amounts of genetic DNA from subscribers.
Now, it must be noted that the MyHeritage attack only saw the theft of user emails and passwords. According to the company, none of the genetic data and DNA information provided by customers was compromised. Nonetheless, the attack serves as a critical reminder that nearly any kind of data stored on servers is at risk of being hacked.
The hack – which occurred in October of 2017 – was only identified and reported to the company by a security researcher seven months later in early June of this year. With about 92 million users affected, MyHeritage has been in damage control mode ever since. While representatives for the company claim there is no evidence to suggest the attack was malicious, they’ve admitted they can’t know for sure.
No genetic data affected, but can it be protected?
It’s important to remember that none of the genetic data collected by MyHeritage was hacked. In fact, most genetic data is stored separately and organized anonymously using a numbered barcode system. However, as cybercriminals continue to become more sophisticated and as user data becomes more valuable, companies will be required to work harder to keep even seemingly secure data safe. Especially when the data being collected includes genetic profiles of users.
MyHeritage has been taking steps to tighten cybersecurity protocols and increase user-controls and account security settings. A forced password change for the nearly 100 million affected users arrived by email. Additionally, the company has facilitated two-step verification controls to ensure user logins are better managed. However, some experts argue that this could have been set-up proactively to mitigate hack risks ahead of time.
Rob Verger, the Assistant Tech Editor at Popular Science Magazine raised a valid point in a recent interview. “If they can’t protect user data,” Verger said, “what makes them able to protect the genetic data?”
Going digital: Balancing benefits with risk in the modern marketplace
There’s a balancing act to be done when considering cases like these. There’s no denying that the electronic storage of data has been an asset – especially to the health and sciences industry. Doctors across the nation are making moves to paperless Electronic Medical Record (EMR) systems that make the patient experience more efficient and organized. Genetic testing companies have been revolutionary in their ability to efficiently and privately connect customers with priceless genetic information.
So how do you know when to draw the line? How can individual consumers reap the benefits of these technologies without leaving themselves open to invasions of privacy? According to Verger, the best strategy when giving out personal data is caution and a second thought.
“People should be careful about the types of information they give these services,” Verger said. “If your biggest nightmare is having your email address all the way to your ethnic history being hacked, then you shouldn’t subscribe to these companies or provide data.”
At the end of the day, what matters most is how the users were affected and how MyHeritage responded. When it comes down to it, users have a right to be wary. Not only about the attack, but also about the incredibly long time it took for the hack to be identified and disclosed to users.
Identification by a security researcher, seven months after the fact is hardly what anyone would call a vigilant cybersecurity effort. While MyHeritage is doing their best to rectify the situation and beef up security efforts, the doubt caused by the hack is understandably unsettling for affected users and potential consumers everywhere.
Walking the tightrope in an increasingly digital world
It’s no secret that today’s cyber-climate is more populated, dynamic, and personalized than ever before. The efficiency and customization that the online market offers are unparalleled. However, there is an underside to all this innovation that must be remembered. Service providers and their advertising teams are constantly looking for the most dynamic and personalized ways to advertise to their target markets in these online spaces.
This means collecting as much data on their consumers as possible and at whatever cost. Consumer’s digital fingerprints are increasingly valuable to companies across the digital market. If a company wants to get a consumer’s attention on the information highway, they know they need to personalize the experience as much as possible. This means that all the bits of data entered into your browser become fingerprints to help identify and sell to you.
In this competitive climate, genetic testing companies face an increased risk simply because of the personal nature of the data they collect. Having the genetic makeup of over 90 million consumers is an advertising goldmine, not to mention other potentially dangerous motivations of more malicious hackers. The bottom line? Users need to think twice and be vigilant about the data they choose to share.
“It’s a double-edged sword – EMR and genetic testing can help medicine,” Verger reiterates. “However, nothing out there is perfect,” Verger claims. “Things kept on servers can possibly be hacked or compromised and we need to remember that.”
Trying to find the right balance of technology risks and benefits? Wondering how to keep your organization current without succumbing to increased risk? Reach out to a team of seasoned IT security professionals.
A strategic IT partner will help improve your IT while managing and mitigating risk at the same time. You can have the best of both worlds – you just need a strategic partner, willing to walk the tightrope with caution and creativity.
by Felicien | Jun 25, 2018 | Education
Taking Data Visualization and Collaboration to the Next Level: Excel and Power BI Integration
Data visualization tools are all about helping to make it easier for people to work with their data. An even more important aspect of data visualization is to be able to get real actionable insights into the data you’re working with. The more easily a tool can satisfy both aspects, the better it is for both data handlers and data consumers.
Microsoft Excel is king in this regard. For most users, no other tool comes close to Excel as far as data management is concerned.
If you’re using Microsoft Office 365, you have access to yet another gem: Power BI. This suite of business analytics tools allows you to analyze data, and obtain and share insights in ways that no other tool can.
In essence, this suite of tools is designed to provide users with a 360-degree view of data, with the most important metrics all in one place. Even more amazingly, Power BI updates information in real time and makes it available across all devices.
If you’re using this tool, you can explore the data behind your dashboard with just a single click. Everything is intuitive and guides you to find the answers you need with ease.
Pooling the strength of Excel and Power BI together
While most people think they have to choose whether to use Power BI tools or Excel, the two can be used together to create a powerful combination for any range of data visualization needs.
Notice that the whole idea of Office 365 is to enhance collaboration within the organization. A complete cycle of content creation and collaboration would typically look something like:
Get data,
Analyze the data,
Visualize the data,
Publish the data, and;
Collaborate with other teams based on the data.
Normally, teams that use Excel tend to only involve Power BI when it comes to publishing their data. In essence, you can choose to work in the tool you love when using Excel and Power BI together. You can build your data or models, analyze and visualize them using either Excel or the Power BI tools – whichever works better for you – then publish out to Power BI where you can then build really beautiful reports to share with everyone in your enterprise.
Modern BI with Office 365
The modern BI available on Office 365 provides for efficient integration of Excel and Power BI Pro and Power BI Desktop. Different interactions between Power BI Desktop, Power BI Service, Excel Online and Excel Desktop exist that bring all these together in a common interface.
Each component in this interface has a function that complements that of the other.
Excel allows for data analysis in a familiar environment
Unlike most Power BI tools, the majority of the people within organizations are familiar with Excel functionalities. As such, Excel provides not only the flexibility and freedom to connect, shape, and model your data to fit your business needs, but also the familiar interface with which to visualize data for your organization’s teams.
Power BI Pro allows for publishing of reports
These are the BI tools available online that allow you to publish your reports securely to your organization while ensuring their accessibility from anywhere on any device.
Power BI Desktop is handy in building advanced models
This is the desktop-based interface of Power BI that lets you build advanced models, queries, and reports that help visualize your data in a way that can be consumed easily by anyone in your organization. Power BI Desktop is designed to enable visual data exploration and interactive reporting capabilities powered by a freeform canvas for drag-and-drop examination.
With this interface, you can build data models, create reports based on them, and share your work by publishing it out to the cloud-based BI services.
Office 365 brings everything together
This Microsoft service provides the platform that glues all these tools together into a single fabric and makes these interactions possible. On a broader scale, Office 365 allows solid team collaboration at the enterprise level; with real-time teamwork and compliance.
Here’s a sample demo showing a typical flow of data across this Excel- Power BI interface on BI Office 365.
The essence here is to see where each of the tools: Excel, Power BI Service and Power BI Desktop come in – with the SharePoint management tool as a necessary addition.
So, from the demo, different sales teams are working directly on various excel files, putting them together. Analysts then pull in all that data and add their input (behind the scenes/including adding data from other sources) before publishing it to Power BI where the data model will sit.
From there, a designer uses Power BI desktop to create final, typically actionable reports out of the model from the cloud.
Wrap Up
Well, as you can see, this is just a sample demo of what you can achieve by integrating Excel and Power BI tools together. Nonetheless, the key takeaway is the demonstration of just how using these tools in combination can serve to enhance collaboration within your organization.
by Felicien | Jun 25, 2018 | Education
Have you ever been in a position where you are supposed to work on an assignment or important document but you forgot your laptop or cannot access your desktop? That can be frustrating, but thanks to Microsoft, as long as you can access the internet on your phone or even tablet, you can easily resume working on your assignment. Microsoft 365 is an excellent business tool that provides you with lots of options when trying to access a saved document on another device.
A closer look at Microsoft Office 365
Office 365 is Microsoft’s global offering designed to provide users with access to the company’s top-of-the-line cloud-based tools for collaboration and productivity. The service is complete with web conferencing and high definition (HD) video, calendars, business-class email, online Microsoft office suite, as well as file storage and sharing.
When you stay connected to the Microsoft Cloud, you can be sure that all programs are up-to-date and available for users on a 24/7 basis. Below is a simple outline of just a few of the Microsoft 365 apps that enable us to work from any location or device.
Using Outlook App on your phone to work on the go
When you open your Outlook Application, you will see a calendar function, a file function, and a mail function. When you tap on the calendar function, you can see how similar it is to the one that is on the desktop, which means it will be easy for you to use. The files function will help you view all recently accessed documents on OneDrive and even some of the recently shared files—very convenient!
When accessing the mail function, this is where you are able to see all files, documents, and links shared with you. You can also share a file via OneDrive.
Accessing information shared via a link
Simply click on the link and it will open into SharePoint, which will allow you to view the file. If you need to edit the file, open it in the word App and as soon as you start editing, anyone who has access to the file will see your edits right away. Such an incredible feature! This is great because, after editing, you don’t have to keep sending final copies of the same document to everyone on your team. Documents are updated in real time, which is a real time saver!
Accessing the same information on different devices
It’s frustrating to lose devices such as phones, tablets, and even your laptop. If you travel a lot, you may even damage your laptop or phone. Though this can be expensive, it’s also devastating to lose important documents. Retrieving data from a damaged phone or computer usually requires an IT expert. Data retrieval used to be such an expensive ordeal and sometimes unsuccessful. The good news is that on Microsoft 365 you don’t have to worry if you find yourself in any of the above predicaments. Here is a simple outline of how you can access your information from any device.
Open any browser and type the words office.com, then log in. A page will come up with various Microsoft 365 Applications such as Word, Excel, Outlook, and services such as OneDrive. Click on the OneDrive service, which will immediately take you to all files located on OneDrive. You will then be able to access all files that have been saved to OneDrive.
These files are all live so this means that any changes made, such as editing by anyone on your team, will be there. You can view, share, or edit these files. Let’s say you wish to edit a file that you recently shared with someone. Just open that file and you will see an editing option on the top right. You can do all your editing in the browser. This works with all files including Word, Excel, PowerPoint, and other Microsoft applications. All updates will immediately show up on any shared documents.
There are so many other noteworthy features in Microsoft 365 that can help make your work easier. If you want to learn more about these helpful features, just visit this page: www.Microsoft.ca/GetItDone
Wrap Up
Losing or damaging your phone or laptop is always stressful, but you don’t have to lose any of your important documents when you work with Microsoft 365. You may be home sick for a few days, but you don’t necessarily have to get behind on your projects. It’s possible to work from anywhere using any device with Microsoft’s helpful range of products.
Remember that you can work from home and even share updates in real-time with your colleagues. As long as documents are stored to Microsoft’s OneDrive, they’ll always be right at your fingertips. That’s the epitome of convenience!
by Felicien | Jun 22, 2018 | Education
eFail flaw leaves encryption users on guard and encryption providers in ‘patch’ mode
Security researchers announced this week that a significant flaw exists among popular encryption tools that are used for encrypting correspondence and digital signatures. Any and all email encryption services that use OpenPGP standard and rely on GnuPG to encrypt their data and create digital signatures are subject to this wide-reaching security flaw.
Break Down: How the Encryption Security Hole Leaves Users Vulnerable
After a nearly month-long investigation, researchers have publically announced a series of security holes that have been dubbed ‘eFail.’ The eFail flaws were identified in PGP and S/Mime encryption tools and the glitches give cyber criminals the ability to uncover encrypted correspondence. The overall scope of this security flaw is hard to estimate, as most mainstream email providers – including Outlook, Apple Mail, and Thunderbird – have been impacted by the eFail glitches.
Even worse? The investigation revealed that eFail includes an input sanitization vulnerability, dubbed SigSpoof by software developer Marcus Brinkmann. This particular vulnerability allows hackers to forge digital signatures with stolen user ID data. Again, the impacts of these vulnerabilities are wide-reaching, affecting countless popular encryption applications including GnuPG, Enigmail, GPGTools, and python-gnupg. All of these providers have included patches for the vulnerability in their latest software updates.
According to experts, the vulnerabilities were made possible thanks to an OpenPGP protocol. Regularly, when a message arrives to the intended recipient, decryption occurs by separating the information and verifying a valid signature. This process occurs through the strategic separation of information using a file name system.
However, the investigation led by security researchers uncovered that the file name entry port allows for up to 255 characters, meaning it doesn’t get adequately sanitized in the decryption process. This makes it easier for cyber criminals to modify and alter file names and fraudulently gain access to confidential data. Once they’re able to gain access, cyber criminals can read encrypted messages in plain text and send fake messages via the application in hopes of spoofing digital signature verifications.
Patch Mode: Providers Scramble to Patch Flaw and Avoid Disaster
This widespread loophole can have hugely devastating impacts on affected users. Besides the obvious risks of data breach and forgery, the investigation uncovered that the flaw holds the potential to maliciously infect enormous parts of a user’s core infrastructure. In addition to email encryption, GnuPG tools are used for backups and software updates; the extent of negative consequences is difficult to estimate.
The investigation wasn’t just speculation either. Researches demonstrated three pieces of evidence to establish just how easily encryption and signature data can be hacked and forged thanks to the loophole. So far, the best and only solution is for affected users to immediately implement the latest available software updates. Since patches have been created, updating to the latest software versions is the only concrete strategy for ensuring the loophole doesn’t continue to leave users vulnerable.
Check out this list of platform-specific update prompts:
Upgrade to GnuPG 2.2.8or GnuPG 1.4.23
Upgrade to Enigmail 2.0.7
Upgrade to GPGTools 2018.3
Navigating the Digital Business Force: Vigilance and Proactivity are Critical
The bottom line is that operating as a business professional in an increasingly digital workforce means having to think about countless potential threats to data security – even in places one wouldn’t expect. It seems a new story is making headlines every week about some scary security flaw or devastating hack. But the reality is, with a proactive and level-headed approach, maintaining strong IT security standards for your organization doesn’t have to be a long and painful battle.
The first step, however, does involve accepting that there are simply some things out of your control. Hacks happen. Security holes happen. What matters most is that you and your team are prepared to respond and that you have a detailed plan for responding efficiently and effectively. It’s no secret that the worst time to think about cybersecurity planning is when you’re already in the midst of an attack. Proactivity is the key.
Being proactive involves more than reading about the latest hacks and telling your team to be on the lookout. It means getting emergency response plans on paper and providing detailed security awareness training for your team. It also may mean upping your network monitoring and management tools and delegating some IT responsibility to the professionals.
Does your team rely on some of the encryption tools mentioned in this article? Has your team updated all software with the latest patches? Do you often wonder about the vulnerabilities that are lurking in your company network? Are you overwhelmed trying to stay on top of seemingly endless cyber threats?
Stop thinking and take action. Maintaining a secure network doesn’t have to be expensive or overwhelming. Reaching out to a team of IT security veterans is the first step in taking control of your cybersecurity efforts. Today is the day to empower your business by reinforcing your security network instead of becoming the next victim of cybercrime.
