by Felicien | Aug 26, 2017 | Education
Nonprofit leaders are seeing how enterprise-level tech can amplify social impact.
See how creative financing can make world-class tech affordable.
Non-profit organizations around the world often have a love-hate relationship with technology. Business leaders can see the value of enterprise-level software for effectively driving their organization forward, but tight budgets can make it exceptionally difficult to justify a large investment in technology. Whether it’s websites, social media, email, driving search results or business process optimization, there are any number of ways that not-for-profit entities can leverage technology to drive growth — which in turn results in an enhanced social impact. However, funding these technology initiatives requires some creative financial structuring.
Hot Tech for Nonprofits
Creating the nonprofit of the future involves strengthening internal management capabilities, with the majority of nonprofits finding success when they’re able to get outside their walls and effectively engage the public with their mission. Not-for-profit organizations define success differently; instead of sales growth, the metric to shoot for could be the number of individuals or families supported or gallons of fresh water provided to a specific locale. High-impact nonprofits have learned that smart technology is critical to their success, and are becoming creative at determining how best to approach these in-depth projects.
From inspiring evangelists by creating a high-performance social media network to organizing thousands of conversations with networking software, nonprofits are finding ways to leverage technology to create community and grow from a grassroots level. Sometimes this technology is very cost-effective, but customized computing requirements often mean that not-for-profits have all the challenges and complexities of an enterprise-sized organization with only a small fraction of the budget.
Levels of Complexity
Today’s technology integrations require a high level of complexity and personalization, and managers in the nonprofit sector may struggle to balance support of an aging infrastructure with pushing the envelope towards the most impactful technology options available in the marketplace. Many technology leaders have found that by outsourcing ongoing, low-level technology tasks their teams are able to focus more of their energy on solving business challenges creatively and in a way that will help the organization to continue to grow their impact on the world.
As nonprofits scale up their digital operations, it’s likely that services that have been managed internally — such as website hosting, Exchange servers or email hosting and server upgrades — may be falling by the wayside and causing operational challenges that reduce overall organizational efficiency. When this happens, the impact may be much greater on a lean-running not-for-profit than in a corporation, where there’s likely more redundancy.
Financial Challenges
While many nonprofits start with a shoestring budget, technology needs and budgets grow as the organization scales. However, technology investments can often be a difficult sale — especially when an organization is actively looking for ways to grow services to the community. Nonprofit technology leaders need to be able to make the pitch that the tech investment will support and further the overall mission of the organization. One of the best ways to do this is by quantifying the opportunity cost of not making the technology investment: fewer potential donors reached, reduced organizational effectiveness, or operational inefficiencies that can be resolved through smart tech investments.
Budgeting within the nonprofit sector can be quite challenging, too. Once the decision has been made to go in a specific direction, then the dance for funding begins. Is there a small budget surplus that allows for a one-time purchase, or is the operational budget strong enough to support ongoing services and maintenance fees? When IT leaders work closely with vendor partners to define which investments provide the greatest ongoing value to the organization, it’s often possible to avoid nasty financial surprises. It’s critical to the success of nonprofits to form long-term partnerships in the technology sector with organizations that can provide best-practices and be a true partner in the drive to take advantage of the latest tech advances.
Role of Managed Services
While working with a managed service provider is not a new concept, nonprofits have not historically moved in this direction. However, as long-term budgets tighten and leaders clamor for new tools to drive social change, managed service providers are becoming even more attractive to not-for-profit organizations. The rapid pace of technology change can stretch even the most well-staffed organization, and nonprofits have a long history of under-investing in infrastructure costs. Having a collaboration partner allows nonprofit managers the ability to essentially rent technology, providing for quicker upgrades and the ability to be more nimble in their business moves.
Managed service providers are able to quickly scale to meet business demands, with real-time monitoring and security that can provide immediate alerts and a higher level of cybersecurity support. As businesses shift towards the flexibility of allowing employees to BYOD, it is even more important that end-to-end security solutions are available. Finally, the fixed price for technology management allows nonprofits to budget more effectively on an ongoing basis while still having the benefit of regularly-scheduled upgrades for security and functionality that are critical to their success. Quick access to a team of professionals in the event of a physical or cyber emergency, as well as the easy availability of backups, means nonprofits are able to focus on their core competencies instead of on day-to-day technical operations.
Advances in technology offer nonprofits the ability to further their mission; while the managed services sector provides an implementation and ongoing maintenance model that truly works with their flow of business. From cybersecurity to data storage and hosting, finding the ideal mix of services allows your not-for-profit technology leadership to focus on future advances instead of dealing with daily infrastructure challenges that take time and focus away from your core business needs. Contact {company} today at {phone} or via email to {email}. Our {city} professionals will work with you to define the ideal balance that will provide your organization with the technology you need to be successful while creating a budget that will work for business leaders.
by Felicien | Aug 24, 2017 | Education
As an employer, it’s essential that you understand the responsibility you have when managing your employees’ social media use.
How should you regulate the social media activities of your employees? You’ve probably heard this question before – It’s been an issue since social media first became popular.
Unsure Of What Social Media Sites Your Staff Frequently Visit?
Have {company} conduct a network security review and let’s unearth hidden secrets deep in dark corners of your company network.
Call {phone} to book your no cost appointment.
However, as social media keeps evolving, so do your responsibilities to protect your employees’ privacy, your customers’ data, and your business.
Tough issues for sure – But, to help out, here are some important facts to know.
Understand the Security Risks of Social Media
There are two sides to the social media question – How to view employees’ social media activity, and how to regulate it while on the job.
Let’s start with an answer to the first question: As an employer, you must understand how employee use of social media can pose a risk to your security. This includes the danger of them accidentally giving out (or being tricked into providing) sensitive employee or customer information. This could be as innocent as them falling for a phishing scheme.
Additionally, malware circulates on social media in the form of corrupted links that can infect your devices if employees click on them. This would be disastrous for your organization.
Understand Employee Privacy Concerns
On the other hand, you must understand how employees view their own social-media privacy. It’s not realistic to say, “Well, you can never use Facebook, Twitter, LinkedIn, or other social media sites.”
This also goes as well for other modes of communication. For example, if employees use their phones for work purposes, can IT monitor their calls? What about their texts? The organizations that have adopted this type of oversight end up regretting it, because it leads to a tense workplace environment. So where do you draw the line?
You Must Know and Adhere to Local Laws
Social media privacy rules are evolving at a fast rate. This makes decisions even more complicated for businesses when it comes to social-media policies for their employees. Not only are these laws highly politicized, they are often far removed from workplace realities.
As part of your social-media strategy, review the current social media laws in the states where you do business. Keep in mind that there are a lot ongoing changes in regard to these rules. So keep an eye on legislative developments in the future as well.
Create HR Rules for Accessing Social Media Information.
After you’ve done your research, it’s time to establish basic rules when accessing employees’ social-media use. There are two general parts to these rules:
Social-media use prior to employment. Reports indicate that around 70% of companies “Google” potential employees before hiring them. About 61% do a social-media screening as well. They are typically looking for either noinformation (a major warning sign) or signs of the employee being irresponsible. We already warned about the potential issues of viewing all public information on a social media account, but in this case, recruits can reasonably expect a certain amount of scrutiny. If your business is investing in respecting privacy, then you should consider limiting these searches to confirm resume details only.
Social-media connections after hiring. Where do you place employee rights, not only according to law but according to company policy? Are employees fully aware that you’re watching them on social media? There are circumstances where reviewing social media can be invaluable – such as when investigating an employee for lying about activities or sharing confidential information.
You Must Create Employee Rules for Using Social Media at Work.
HR rules are typically employer-focused. However, you should also consider employee-focused guidelines. Make sure everyone knows whether they can post company information on social media, and if so, specifically what. Also, specify what social media platforms can be used on break times at work (on personal accounts). Banning all social media activity is rare these days. Remember, employees can act as valuable brand ambassadors. Yet, for this to be effective, you should have specific guidelines in place in a formal written policy.
Provide Professional Alternatives.
Your employees need a place to exchange information and communicate with clients (and each other) at work. Some companies say, “All right, you can use LinkedIn for communications, and here’s how.” Other companies set up a more private social network and instead, say, “All right, we’re using Yammer (or other professional social tool) to talk between ourselves and plan out projects. Don’t use anything else for these purposes.”
Either way, it’s important to give employees vehicles to communicate in a professional environment. Otherwise, you’ll restrict their productivity. (Obviously, this can vary by industry and trade. But, as social communication becomes more ingrained in society, it affects nearly every job, today).
Don’t Be Afraid to Make Changes.
We started by saying that social media is always changing, and we’ll end with this reminder: It’s tough to predict just how tomorrow’s employees will use social media, or what new platforms they’ll adopt. Social media policies must be reviewed at frequent intervals, and compared to the currantlandscape of social behavior. Certain policies should be phased out, and new guidelines adopted based on risks and productivity data.
Have concerns? We can help. {company} provides data and IT security services to companies in city. Let’s talk about your concerns. Contact us at {phone} or {email} for more information.
by Felicien | Aug 24, 2017 | Education
Cybercrime is an ever-present threat to modern businesses.
Without up-to-date and varied IT security measures, successful hacks can compromise your customers’ and employees’ sensitive data and harm your systems, resulting in costly downtime, and worse.
Email is the primary tool that companies like yours use for daily communications in the modern business world. It’s simple, it’s easy, and it’s effective, but it’s also the main source of malware and spam that could threaten your business. If you’re not careful, your email could be the key for cybercriminals that are trying to exploit you:
Viruses and malware disguised as regular attachments from familiar sources.
Phishing schemes from cybercriminals posing as familiar companies and contacts in an attempt to convince employees to give up sensitive information.
Spam and junk email clogging up your inbox and blocking real, important emails from your clients and partners.
So what can you do? One of the surest ways to protect your business from a range of threats is to learn about them!
Need To Speak With An Email Security Expert Right Away?
Call In Your Local Email Security Experts at {company} For A No Cost Consultation Of Your Email Systems.
Call {phone}.
No matter how “bomb-proof” we make your network, you and your employees can still invite a hacker in if you click on a link or open an attachment in an email sent by a cybercriminal. Some spam is obvious, but others are very cleverly designed to sneak past all the filters and trick the recipient into opening the door.
Known as a “phishing” email, this still is the #1 way hackers circumvent firewalls, filters and antivirus, so it’s critical that you and your employees know how to spot a threatening email.
Here are four types of email ploys you should be on high alert for:
The Authority Email
The most common phishing emails are ones impersonating your bank, the IRS or some authority figure. The rule of thumb is this: any email that comes in where 1) you don’t personally know the sender, including emails from the IRS, Microsoft or your “bank,” and 2) asks you to “verify” your account should be deleted. Remember, ANY important notification will be sent via old-fashioned snail mail. If it’s important, they can call you.
The “Account Verification” Email
Any email that asks you to verify your password, bank information or login credentials, or to update your account information, should be ignored. No legitimate vendor sends emails asking for this; they will simply ask you upon logging in to update or verify your information if that’s necessary.
The Typo Email
Another big warning sign is typos. Emails coming from overseas (which is where most of these attacks come from) are written by people who do not speak or write English well. Therefore, if there are obvious typos or grammar mistakes, delete it.
The Zip File, PDF Or Invoice Attachment
Unless you specifically know the sender of an email, never, ever open an attachment. That includes PDFs, zip files, music and video files and anything referencing an unpaid invoice or accounting file (many hackers use this to get people in accounting departments to open emails). Of course, any file can carry a virus, so better to delete it than be sorry.
The good news is that there are many steps a small business owner like yourself can take to secure their business’ IT. Some of the most effective ways to combat security breaches are simple tasks that you can perform without having to hire a security expert.
Keep the following in mind:
Keep Link Clicking to a Minimum: Clicking on links that appear in random emails just isn’t safe. Hyperlinks are commonly used to lead unsuspecting employees to phishing and malware websites. Be sure to only click links when they’re from a confirmed, expected source, and when they aren’t part of a sales pitch, or an attempt to get information from you.
Manage A Safe Sender’s List: No matter how new, or costly, or flashy your current spam filter is, it won’t keep unwanted spam out of your inbox forever. Whenever you see that a spammer’s email has made it past your filter, take a moment to block it so that it won’t happen again.
Do Not Open Unsolicited Email Attachments: This is a crucial email security practice. Suspicious email attachments from unknown or untrustworthy senders are the most common source of malware, ransomware, and other digital threats. Even if it’s from a friend or colleague, consider the message they send along with it; is it worded properly? Does it sound like it’s from them? It’s always a smart move to call the sender or speak in person if possible to confirm that they sent the email. Otherwise, simply delete it until you can be sure of its authenticity.
Diligently Scan for Viruses and Malware: Another way to double check a suspicious email is to run a malware and virus scan on it. Even though you may have to do so more often than is convenient, it’s always better to be safe than sorry.
Reach out to our team to find out more about the most effective email security practices that can help you keep your business safe. Contact {company} and our IT security professionals at {phone} or {email} today.
by Felicien | Aug 23, 2017 | Education
As an employer, it’s essential that you understand the responsibility you have when managing your employees’ social media use.
How should you regulate the social media activities of your employees? You’ve probably heard this question before – It’s been an issue since social media first became popular.
However, as social media keeps evolving, so do your responsibilities to protect your employees’ privacy, your customers’ data, and your business.
Tough issues for sure – But, to help out, here are some important facts to know.
Understand the Security Risks of Social Media
There are two sides to the social media question – How to view employees’ social media activity, and how to regulate it while on the job.
Let’s start with an answer to the first question: As an employer, you must understand how employee use of social media can pose a risk to your security. This includes the danger of them accidentally giving out (or being tricked into providing) sensitive employee or customer information. This could be as innocent as them falling for a phishing scheme.
Additionally, malware circulates on social media in the form of corrupted links that can infect your devices if employees click on them. This would be disastrous for your organization.
Understand Employee Privacy Concerns
On the other hand, you must understand how employees view their own social-media privacy. It’s not realistic to say, “Well, you can never use Facebook, Twitter, LinkedIn, or other social media sites.”
This also goes as well for other modes of communication. For example, if employees use their phones for work purposes, can IT monitor their calls? What about their texts? The organizations that have adopted this type of oversight end up regretting it, because it leads to a tense workplace environment. So where do you draw the line?
You Must Know and Adhere to Local Laws
Social media privacy rules are evolving at a fast rate. This makes decisions even more complicated for businesses when it comes to social-media policies for their employees. Not only are these laws highly politicized, they are often far removed from workplace realities.
As part of your social-media strategy, review the current social media laws in the states where you do business. Keep in mind that there are a lot ongoing changes in regard to these rules. So keep an eye on legislative developments in the future as well.
Create HR Rules for Accessing Social Media Information.
After you’ve done your research, it’s time to establish basic rules when accessing employees’ social-media use. There are two general parts to these rules:
Social-media uses prior to employment. Reports indicate that around 70% of companies “Google” potential employees before hiring them. About 61% do a social-media screening as well. They are typically looking for either no information (a major warning sign) or signs of the employee being irresponsible. We already warned about the potential issues of viewing all public information on a social media account, but in this case, recruits can reasonably expect a certain amount of scrutiny. If your business is investing in respecting privacy, then you should consider limiting these searches to confirm resume details only.
Social-media connections after hiring. Where do you place employee rights, not only according to law but according to company policy? Are employees fully aware that you’re watching them on social media? There are circumstances where reviewing social media can be invaluable – such as when investigating an employee for lying about activities or sharing confidential information.
You Must Create Employee Rules for Using Social Media at Work.
HR rules are typically employer-focused. However, you should also consider employee-focused guidelines. Make sure everyone knows whether they can post company information on social media, and if so, specifically what. Also, specify what social media platforms can be used on break times at work (on personal accounts). Banning all social media activity is rare these days. Remember, employees can act as valuable brand ambassadors. Yet, for this to be effective, you should have specific guidelines in place in a formal written policy.
Provide Professional Alternatives.
Your employees need a place to exchange information and communicate with clients (and each other) at work. Some companies say, “All right, you can use LinkedIn for communications, and here’s how.” Other companies set up a more private social network and instead, say, “All right, we’re using Yammer (or other professional social tool) to talk between ourselves and plan out projects. Don’t use anything else for these purposes.”
Either way, it’s important to give employees vehicles to communicate in a professional environment. Otherwise, you’ll restrict their productivity. (Obviously, this can vary by industry and trade. But, as social communication becomes more ingrained in society, it affects nearly every job, today).
Don’t Be Afraid to Make Changes.
We started by saying that social media is always changing, and we’ll end with this reminder: It’s tough to predict just how tomorrow’s employees will use social media, or what new platforms they’ll adopt. Social media policies must be reviewed at frequent intervals, and compared to the currantlandscape of social behavior. Certain policies should be phased out, and new guidelines adopted based on risks and productivity data.
Have concerns? We can help. {company} provides data and IT security services to companies in city. Let’s talk about your concerns. Contact us at {phone} or {email} for more information.
by Felicien | Aug 23, 2017 | Education
There are some changes coming you should know about.
Though Microsoft’s Windows 10 operating system was received better than its predecessors (especially Windows 8), it’s still generated a fair amount of criticism—the worst? —that it lacks privacy.
Issues began even before people started using the new operating system, including with those who felt that they were being “forced” to upgrade. Because Windows 10 was a free upgrade, files downloaded automatically, and, seemingly at random times. Plus, when the upgrade executed, it caused annoyances and troubles for many.
To their credit, Microsoft seems to have heard these criticisms and is doing whatever it can to address them. The 2017 Creators Update this past spring (which is still in the process of rolling out) brings a variety of new privacy-specific settings.
Administrators Will Have More Control.
The Windows 10 Creators Update is a product resulting from the collaboration between Microsoft and some of its most trusted users. Based on this, it should come to no surprise that many of the new privacy settings focus on allowing IT professionals and administrators more control over their environments.
The most immediate (and welcomed) new feature is an all-encompassing dashboard, giving admins at-a-glance visibility over their company’s privacy settings. The dashboard also reveals usage, and what’s being reported to Microsoft (something that was another cause for concern).
It’s no secret that Windows 10 collects a great deal of information about its users and what they’re up to. With this new dashboard, Microsoft seems to be saying: “We’re going to keep collecting information and there isn’t anything you can do about it. But, at least we’re going to tell you what we’re doing.” It’s not the most effective “mea culpa,” however, at least it’s one small step in the right direction.
One of the major criticisms that people have with Windows 10 isn’t just that data is being shared, it’s that they don’t know who has access to it. Microsoft regularly trades information with companies for advertising purposes.
When you’re talking about taking a home user’s app usage regarding the songs they love, that’s one thing. When you’re talking about an enterprise with gigabytes of sensitive (and protected) client information, that’s something totally different!
Windows 10 Privacy Settings: Breaking Them Down
When administrators set up new group policies for their enterprise, they can now choose how much data they’re comfortable sharing with Microsoft. They can select from three tier levels:
Basic—For those who aren’t using the Creators Update this collects basic information like application usage, hardware and software configurations, current security settings, crashes and more. Once the Creators Update goes live on a machine, the “Basic” tier will only collect data on error reporting, device capabilities, and what software is installed on specific machines.
Enhanced—Prior to the Creators Update this tier collected all of the information outlined in the “Basic” level, with additional data like hardware performance and Microsoft application usage statistics. Once the Creators Update goes live, this option will be eliminated.
Full—With the Creators Update this tier is largely unchanged. When selected, it sends Microsoft all information they say they need to adequately resolve issues. This includes information on, not only, app usage, but also emails sent and received, SMS text messages, website visits, search terms and more.
Many people agree that the level of data Microsoft collects in Windows 10 is concerning. However, the visibility they now offer is a welcome gesture. (Applications like web browsers are always collecting information about what we’re doing. Yet, most aren’t aware that anything is going on in the first place.)
To Microsoft’s credit, this seems to be an earnest effort to show enterprise partners that they’re aware of our concerns, and that they are willing to do what they (reasonably) can do ease them.
Even though Microsoft doesn’t allow us to completely restrict data going to them, industry experts hope that Microsoft sets a better example in their future platforms.
Privacy is a major concern in today’s digital world. Knowing as much as you can about what your operating system does is key ensuring your organization is protected. If your business is in {city} and you’d like to learn more about the new Windows 10 privacy settings—Or if you have any other IT questions or concerns, don’t delay. Contact {company} by phone at {phone} or by email at {email}. We’ll work with you to protect your data.
by Felicien | Aug 22, 2017 | Education
Dropbox’s New Mobile Two-Factor Authentication Is a Step in The Right Direction—Or Is It?
Cybersecurity is a massive concern in today’s world of hackers and malware—And cloud-based storage platforms are certainly not immune to attack. While two-factor authentication is prevalent in a variety of spaces, Dropbox only recently rolled out an update to their mobile app that includes this enhanced security feature.
People have accepted two-factor authentication because it’s an easy way to validate a login on a website–And in today’s busy world, we loath any additional steps that require effort on our part.
Unfortunately, the paradox is that the easier two-factor is for us, the more likely hackers will be able to crack the code and maliciously access our accounts.
What is Two-Factor Authentication?
Two-factor authentication can be especially helpful when you’re logging in from a new device or one that you’re only using for a short period of time. With this updated functionality, Two-factor authentication employs SMS text messages with a verification code.
Dropbox provides us with a simple and highly secure mechanism for authentication that doesn’t require an active cellular connection. Instead of generating their own authentication, Dropbox has elected to use several well-known selections, including Google Authenticator for iPhone/Blackberry/Android, Duo Mobile for iPhone/Android and Authenticator, found on Windows Phone 7. You can quickly activate this added security measure by scanning a barcode or entering a time-based token into the apps.
Cross-Platform Validation
Dropbox’s implementation of two-factor authentication slightly differs from others in that you use your mobile app to validate access from a desktop platform. Along with in-app notifications and SMS text messages, it offers a backup option that allows the flexibility to add backup phone numbers as insurance against the loss of the primary device.
Dropbox enabled a new option— If you lose your phones or otherwise can’t receive codes via SMS, voice call, or Google Authenticator you can use backup codes to sign in. The codes will be sent to you in sets of 10, and you can generate a new set at any point, automatically making the old set inactive. In addition, after you’ve used a backup code to sign in, it will become inactive.
Cybersecurity Risks
It’s important to note that two-factor authentication isn’t a single technology. It’s simply a way of referring to a class of authentication options that varies greatly in its ability to protect accounts. There are true limits to the power of this technology, as dedicated hackers find it relatively easy to bypass a poorly implemented or weak two-factor authentication.
Hackers continually look for ways around two-factor authentication. They infiltrated Bitcoin’s security in 2014 by intercepting software tokens to recover account information. There are plenty of other examples of failed two-factor authentication—One of the most recent when Russian groups targeted U.S. voters by harvesting confirmation codes.
One of the limiting factors for the success is the wireless carrier themselves—If hackers can penetrate providers such as AT&T, Sprint and Verizon, they can hijack or spoof-text messages directed to that phone.
While introduced in 2012 as an effective method to prevent account takeovers, two-factor authentication is still a controversial topic. This technology is one of the most-used options for securing personal accounts—However, it still may not offer the level of security that we would expect.
The Benefits for Dropbox
The security key used for two-factor authentication is only supported in Google’s Chrome browser. Dropbox hopes that it will bolster security and foil would-be attackers by bypassing spoof sites and phishing schemes to gather a user’s login, password and verification codes. When hackers use this information to access your account, they’re gaining full access to your digital life.
The tendency for individuals who use cloud-based storage to maintain everything in one location is a lodestone for unscrupulous individuals— They can steal enough personal information to create unapproved accounts, file fraudulent tax returns, and execute many nefarious deeds.
By providing a more secure sign-in mechanism, Dropbox is clarifying their focus on security to individuals and businesses alike.
Dropbox is one of the many technology options available in the market today that can make your digital life more flexible and portable –However, keep in mind that there are definite trade-offs in security with some of these platforms.
Even the best security platforms can be compromised. Ensure that your organization’s data stays safe by working with {company} in {city} to ensure your cybersecurity meets today’s stringent standards. Contact us today at {phone} or via {email}.
