by Felicien | Jun 24, 2019 | Education
While technology teams are often found reporting to the CFO, that role may not be the first one that comes to mind when you’re discussing digital business transformation. There may be a perception that CFOs are the ones requiring justification for expenses instead of the leaders who are dreaming the big dreams required to fundamentally remake the business. Today’s CFOs are stretching in new directions as their role evolves to be a more visible part of process growth, technology and visioning for the future. With the massive investments that are required to implement new technology solutions, a critical success factor for these projects is to have the full buy-in of finance — and the layer of accountability for results that comes as part and parcel of a CFOs tight involvement in these initiatives.
Businesses Are Spending $6 Trillion on Digital Transformation
That’s right — trillions of dollars are being leveraged to drive digital initiatives from artificial intelligence to IoT (Internet of Things) and augmented reality. The costs of hardware and storage may be negligible, but the never-ending changes to software platforms drive a significant portion of the costs associated with major change. This puts technology leaders in a tenuous position in terms of justifying the spend because these are sunk costs from the perspective of the CFO. Deriving ongoing value from an asset can be challenging when it’s likely to be deprecated in only a few years and has negligible resale value.
Data is a Vital Strategic Asset — and a Risk
The capture and storage of customer data is no longer the realm of marketing folk, as technology leaders and finance professionals alike are scratching their heads in an attempt to keep up with morphing regulations and cybersecurity challenges. Consolidation information into centralized databases is more crucial than ever before due to the shifting climate around privacy regulations in the U.S. and abroad. Leveraging this data to drive advanced personalization can become the competitive advantage that businesses need, but it doesn’t come cheap — or quickly. CFOs are a needed point person between financial activities, the data flowing throughout the organization and are also able to keep their fingers on the pulse of the operational needs of the organization.
Providing Operational Support for Key Digital Initiatives
CFOs can help step in on projects that are floundering and push teams to define core deliverables and stick to the solutions that have the greatest promise for the future. As the head of finance, it’s imperative that CFOs have a handle on where and how data is stored or the organization risks excessive fines and public exposure in the event of a cyber attack or even loss of data access due to a disaster event. In this new and expanding role, CFOs are best able to align the strategic initiatives of the organization with the funding required to drive them forward.
CFOs Taking the Lead in Digital Business
According to McKinsey, CFOs are increasingly pushed to the forefront of digital finance initiatives but are often still struggling to find how they can effectively work with other executives to drive transformative activities. Digitization in finance is a growing trend and one that is being actively embraced by leadership and staff members alike due to the added efficiencies that can be realized with solid technology implementations. Unfortunately, it’s just as easy to have a miss as a home run when it comes to digital finance operations — requiring a strong partnership between technology leaders and financial executives to determine where the priorities should lie for business transformation.
Whether or not they are leading digital transformation within the business, CFOs are feeling the disruption that is rippling throughout the organization with the introduction of new technologies and business requirements. “Digital technology is disrupting the role of the CFO. It is fundamentally changing the way organizations approach finances and how they interact with customers,” explained David Axson, managing director at Accenture Strategy. With all of the focus on digital transformation of the business, CFOs will have more than their share of challenges over the next decade.
by Felicien | Jun 24, 2019 | Education
As managed IT services have grown in popularity, you’ve probably heard the concept touted often as the answer to your business’s IT woes. Still, there can be plenty of mystery on the topic. What is managed IT services, exactly? How do organizations integrate managed IT services into their existing business and workflows? Also, who provides these services? In today’s business blog we’ll answer these questions and more.
What Is Managed IT Services Exactly?
Managed IT services is a broad term describing any scenario in which a company (that’s you) partners with a vendor, called a managed service provider (or MSP), to handle some or all IT responsibilities for the company.
The exact services that MPSs offer range pretty widely. Companies, too, vary widely in terms of their IT infrastructure and needs, as well as exactly which IT responsibilities they choose to outsource to an MSP. Some firms may contract with an MSP to handle absolutely everything about their IT infrastructure. More commonly, companies will outsource only certain portions of their IT workload.
It’s a little easier to understand the concept of managed IT services by looking at some examples of how they are currently being used in several types of organizations.
How Do Organizations Utilize Managed IT Services?
Businesses implement managed IT services in a whole host of ways. Here are a few examples.
Some companies look to a managed service provider to handle all or nearly all its IT needs. Growing small businesses, for example, may not have much (or any) in-house IT presence. They need capabilities that they don’t have, and they find it simpler and more affordable to contract with an MSP than to build out their own in-house IT team.
On the other end of the spectrum, a medium or large business with an established in-house IT team might look to a managed service provider to alleviate some stress on that team. A larger firm might outsource helpdesk-level support, for example. In doing so, the company would empower its in-house team. Free from the distractions of troubleshooting workstations and managing software installs, the in-house IT specialists can focus their attention on the higher-level tasks they were hired to do.
Businesses of any size can also look to an MSP to fill a specialized need. Some areas of IT have unpredictable costs, and others are simply cost-prohibitive for many smaller businesses to build on their own. Some areas can be difficult to hire for, too. Examples of specialized needs that can be met through managed IT services include cyber security, information security and compliance, and cloud services.
What Are Reasons to Choose a Managed Service Provider (MSP)?
Businesses who have embraced the managed IT services model do so for a wide variety of reasons. Some are unique to specific industries, but many are universal. Here are a few reasons it likely makes sense for your business to choose a managed service provider for your managed IT services needs.
Scaling for Growth
Scaling your IT infrastructure has real costs when you do it in house. You need additional equipment, additional floor space to house the equipment, and additional personnel to install, run, and monitor the equipment. Managed service providers, on the other hand, already have the equipment. They’re running servers for dozens of businesses, so they have automatic capacity when you need more. They can leverage the economy of scale in a way you can’t.
Growth isn’t just measured in headcount, either. Device count continues to increase, too. Employees expect to be able to interact with systems using their work computer, laptop, tablet, and phone—both on site and off. Your in-house team doesn’t have the time to support all these device issues. A managed service provider does.
The Talent Gap Is Real
If you have an in-house team, are you having trouble keeping it fully staffed with well qualified people? You’re not alone. One reason is that the US has reached full employment, making domestic hiring more difficult than ever before.
Another more serious reason is the digital talent gap. In 2017 (that’s before we reached full employment), 54% of companies were having difficulty finding workers with the right digital skills. It’s not gotten better.
Fill your business’s talent gap by partnering with an MSP. The right MSP will have the specialties you’re missing and will be able to work in harmony with your in-house team.
Who Provides Managed IT Services?
If your business is looking into working with a managed service provider, you may be asking who provides managed IT services. The good news is you have plenty of options. There are quite a few local providers offering managed IT services in every metropolitan area, and there are a few global players as well. We’ll get to that distinction, but first, a word on services offered and specialization.
Services Offered and Specialization
The first question businesses should ask is whether an MSP offers the services they need. Not every MSP has exactly the same offerings or experience, so don’t be afraid to ask pointed questions. Don’t just ask whether they offer a given service; ask how many clients they’ve served with it.
Some industries, like healthcare or finance, have developed specialized IT needs. Accordingly, some MSPs specialize in specific industries or technologies. In short, look for niche players if you’re in a niche industry.
Local vs. Global MSPs
Choosing a local firm means getting local, boots-on-the-ground support. The best local firms offer a wide spectrum of services, including extended hours, and have the infrastructure and personnel depth you need. You’ll get individualized attention and you’ll support your local economy.
Choosing a global firm like Amazon’s AWS gives you access to more raw power and, often, innovative technology others can’t match. Customer service, on the other hand, can be a bit impersonal, and fixing on-site problems can take time.
Conclusion
If you’re looking for a quality local managed services provider, we’re here for you. Contact us today to get started.
by Felicien | Jun 24, 2019 | Education
When it comes to watching videos online, no name comes to mind more often than YouTube. They host nearly 2 billion users each month. 60% of people now prefer watching YouTube to watching TV. 80% of people under 49 are watching videos on YouTube.
It’s popular. We get it. Everyone is on it. And there’s a huge variety of content from funny cat videos to videogame walkthroughs to guided meditation. And the fact is that regardless of whether or not you have any reason to hide what you’re watching, it’s no one’s business what you watch on YouTube as long as it’s not illegal. And even that can be a gray area.
Despite this fact, you should know that everything you do on YouTube is very carefully monitored by the company. And you have to ask yourself, just how many of your personal preferences does YouTube have a right to? According to the privacy policy, they have a right to everything. But you do have the option to go incognito. And we’ll show you how.
But first, what does YouTube do with your viewing history?
A.I., Automation & Analytics
YouTube is owned by Google, one of the biggest and most powerful tech companies in the world. Through Google’s many tech assets, they can gather endless amounts of data about you. While we don’t believe Google has any nefarious intentions for this data, we do know that Google puts this data to work to expand the empire they’ve built, primarily by enhancing their ad platform.
In a practical sense, they use this data to learn about individual and demographic behavior. What ads do you click? What makes you click? How long do you watch videos? What do you watch? All of this information helps a company like Google show you more relevant and targeted ads that may be hard not to click because they’ve been engineered with such precision.
Modern analytics allows Google to glean endless amounts of data and aggregate it into a useable form. Using artificial intelligence (A.I.), they can automate this entire process. Each time you visit, it learns something new and continually adjusts the algorithm to deliver more targeted ads.
In YouTube specifically, they can also use viewing data to make relevant recommendations to you.
This technology is actually great. It has opened the doors for personalization and relevancy in advertising that can’t otherwise be achieved. And people love that. 57% of people say they’re willing to share more data for a more personalized experience. But you have a right to control this flow of information.
How to Set up Incognito in YouTube
These instructions are the same whether you’re on Apple or Android. In order for this to work, you do need to log into your YouTube account. And before we go any further, let’s get one misunderstanding out of the way. Just because you don’t log in doesn’t mean they don’t track you. They put cookies on your device to track every visitor.
Follow these steps.
Open the YouTube app.
Tap the profile icon
Tap “turn on incognito”.
Check to see that your profile icon is replaced with the “incognito symbol” to know you can privately watch YouTube videos.
Whenever you go into YouTube, check for this icon first to know that it’s active.
When you finish private viewing, we recommend that you turn this feature off.
Tap the profile icon again.
“Turn off incognito”.
YouTube is again tracking what you do.
Switch back and forth, as needed. It’s so easy to do so.
But you may still have a pressing question. We’d like to address it.
Why Would You Want YouTube to Track You?
Personalization is pretty cool. YouTube can very quickly figure you out and recommend things that you weren’t even thinking to search for but would love to view. YouTube’s personalization is kind of like having your own personal assistant that knows you so well that they can always recommend the perfect thing.
Sometimes that you might want to consider privately watching include:
If you’re viewing something somewhat embarrassing. Seriously, it’s no one’s business.
If you want to view something without seeing ads for it later.
If you’re letting your child, spouse, etc. watch on your account. This way they don’t see recommendations intended for you, which may not be appropriate. And their viewing on your account doesn’t mess with the algorithm. Otherwise, YouTube is recommending children’s cartoons for a month after you let your 4-year-old use your phone.
Remember, You Have the Power
Yes, YouTube and their parent company Google are collecting a lot of data about you. They use this data to enhance your online experience. And most of the time, personalization is awesome. But you may not always want this data collected. And you have the power to say when you’d prefer not to share. Use incognito to watch YouTube videos privately when you want to and turn it back off to get the best recommendations.
by Felicien | Jun 24, 2019 | Education
How Can You and Your Employees Avoid It?
The Cybersecurity and Infrastructure Security Agency (CISA) is warning about an email phishing scam that tricks users into clicking on malicious attachments that look like legitimate Department of Homeland Security (DHS) notifications.
The email campaign uses a spoofed email address to appear like a National Cyber Awareness System (NCAS) alert and lure targeted recipients into downloading malware through a malicious attachment.
CISA says that users should take the following actions to avoid becoming a victim of social engineering and phishing attacks:
Be wary of unsolicited emails, even if the sender appears to be known; attempt to verify web addresses independently (e.g., contact our helpdesk or search the internet for the main website of the organization or topic mentioned in the email).
Use caution with email links and attachments without authenticating the sender. CISA will never send NCAS notifications that contain email attachments.
Immediately report any suspicious emails to our helpdesk.
What Is A Phishing Attack?
Phishing attacks use email or malicious websites to solicit personal information by posing as a trustworthy organization. For example, an attacker may send email seemingly from a reputable credit card company or financial institution that requests account information, often suggesting that there is a problem.
When users respond with the requested information, attackers can use it to gain access to the accounts. Phishing attacks may also appear to come from other types of organizations, such as charities. Attackers often take advantage of current events and certain times of the year, such as:
Natural disasters (e.g., hurricanes, earthquakes)
Epidemics and health scares (e.g., H1N1)
Economic concerns (e.g., IRS scams)
Major political elections
Holidays
Why Can Email Attachments Be Dangerous?
Some of the characteristics that make email attachments convenient and popular are also the ones that make them a common tool for attackers:
Email is easily circulated. Forwarding email is so simple that viruses can quickly infect many machines. Most viruses don’t even require users to forward the email—they scan a users’ computer for email addresses and automatically send the infected message to all of the addresses they find. Attackers take advantage of the reality that most users will automatically trust and open any message that comes from someone they know.
Email programs try to address all users’ needs. Almost any type of file can be attached to an email message, so attackers have more freedom with the types of viruses they can send.
Email programs offer many “user-friendly” features. Some email programs have the option to automatically download email attachments, which immediately exposes your computer to any viruses within the attachments.
How Do You and Your Employees Avoid Being a Victim?
Be suspicious of unsolicited phone calls, visits, or email messages from individuals asking about employees or other internal information. If an unknown individual claims to be from a legitimate organization, try to verify his or her identity directly with the company.
Don’t provide personal information or information about your organization, including its structure or networks, unless you are certain of a person’s authority to have the information.
Don’t reveal personal or business financial information in an email, and don’t respond to email solicitations for this information. This includes following links sent in an email.
Don’t send sensitive information over the internet before checking a website’s security.
Pay attention to the Uniform Resource Locator (URL) of a website. Malicious websites may look identical to a legitimate site, but the URL may use a variation in spelling or a different domain (e.g., .com vs. .net).
If you are unsure whether an email request is legitimate, try to verify it by contacting the company directly. Don’t use the contact information provided on a website connected to the request; instead, check previous statements for contact information.
Ask us to install and maintain anti-virus software, firewalls, and email filters to reduce some of this traffic.
Take advantage of any anti-phishing features offered by your email client and web browser.
Get New School Security Awareness Training
You must train your employees to be constantly vigilant to identify attackers’ attempts to deceive them. New-School Security Awareness Training will provide the knowledge they need to defend against these attacks.
What Is New-School Security Awareness Training?
More than ever, your users are the weak link in your IT security. You need highly effective and frequent cybersecurity training, along with random Phishing Security Tests that provide several remedial options in case an employee falls for a simulated phishing attack.
With world-class, user-friendly New-School Security Awareness Training, you’ll have training with self-service enrollment, completion logs, and both pre-and post-training phishing security tests that show you who is or isn’t completing prescribed training. You’ll also know the percentage of your employees who are phish-prone.
And with the end-user training interface, your users get a fresh new learner experience that makes learning fun and engaging. It has optional customization features to enable “gamification” of training, so your employees can compete against their peers on leaderboards and earn badges while learning how to keep your organization safe from cyber attacks.
With New-School Security Awareness Training You’ll…
Have Baseline Testing to assess the phish-prone percentage of your users through a free simulated phishing attack.
Train your users with the world’s largest library of security awareness training content; including interactive modules, videos, games, posters and newsletters, and automated training campaigns with scheduled reminder emails.
Phish your users with best-in-class, fully automated simulated phishing attacks, and thousands of templates with unlimited usage, and community phishing templates.
See the results with enterprise-strength reporting that show stats and graphs for both training and phishing, all ready for your management.
New-School Training…
Sends Phishing Security Tests to your users and you get your phish-prone percentage.
Rolls out Training Campaigns for all users with automated follow-up emails to “nudge” incomplete users, as well as point-of-failure training auto-enrollment.
Uses Advanced Reporting to monitor your users’ training progress, and to watch your phish-prone percentage drop.
Provides a New Exploit Functionality that allows an internal, fully automated human penetration testing.
Includes a New USB Drive Test that allows you to test your users’ reactions to unknown USBs they find.
Plus, you can access Training Access Levels: I, II, and III giving you access to an “always-fresh” content library based on your subscription level. You’ll get web-based, on-demand, engaging training that addresses the needs of your organization whether you have 50, 500 or 5,000 users.
Keep your business from being victimized by phishing attacks.
We can tell you more about New School Security Awareness training for your employees.
by Felicien | Jun 24, 2019 | Education
Local Guides have contributed content about hundreds of thousands of businesses. They get together and have held meetups and conducted projects in Europe, India, South America, North America, Australia, and Asia.
How Are Google’s Local Guides Different From Google Users?
People have been contributing reviews, photos, and videos to Google for years. Google Local Guides are part of a program that offers benefits provided through Google Maps.
The Local Guides provide a way for Google to improve its maps and local business information. Local Guides can post photos, reviews, and answer questions about businesses — all tied to Google Maps.
What Do Google Local Guides Get From Contributing?
The Local Guides program offers a rewards program for participants. The points-based program offers a way for guides to get points for contributing nine different kinds of information based on their local area.
The types of information and points include:
Answers: 1 point
Edits: 5 points
Fact Checks: 1 point
Photos: 5 points
Places: 15 points (for places and roads)
Q & A Answers: 3 points
Ratings: 1 point
Reviews: 10 points, plus additional 10 points for reviews over 200 words
Videos: 7 points
Guides advance through the point system. They start at Level 1 and can achieve Level 10. People using Google Maps can see the Guide’s level and use it to decide the trust level and authenticity of the information.
What Other Benefits Do Local Guides Get?
Local Guides have access to perks from Google’s partners and also get early access to Google features. They can also get badges and recognition from other Google Maps users.
Google Local Guides have profiles that display badges and recognition. Recognition from users shows next to the Guide’s level on their profile.
How Do Local Guides Level Up?
Local Guides advance through Levels by accumulating points from their contributions. Level 1 Guides are just starting out. They have 0 points. By Level 2. guides have achieved 15 points.
Here are the other Local Guide levels and points needed to achieve them:
Level 1: 0 points
Level 2: 15 points
Level 3: 75 points
Level 4: 250 points and a badge
Level 5: 500 points and a new badge
Level 6: 1,500 points and a new badge
Level 7: 5,00 points and a new badge
Level 8: 15,000 points and a new badge
Level 9: 50,000 points and a new badge
Level 10: 100,000 points and the highest badge
Level 10 is a high level of achievement requiring many contributions over a significant period. As of 2018, members of the Local Guide community identified over 500 Level 10 Local Guides around the world. The number of Local Guides of different levels in each area shows on each Local Guide’s profile.
How Do You Become a Google Local Guide?
Anyone with a Google account can visit the Local Guides page and choose “Join Local Guides” to get started. Provide your home location and confirm the details, and then sign up.
by Felicien | Jun 24, 2019 | Education
The NDB scheme, or Notifiable Data Breach scheme, is a requirement that was developed by the Australian government for all agencies and organisations regulated under the Privacy Act 1988. These entities are required to notify affected individuals and the Office of the Australian Information Commissioner (OAIC) when a data breach is likely to result in serious harm to individuals whose personal information is involved in the breach. First commenced on 22 February 2018, the NDB scheme outlines exactly how an organisation should proceed when a breach occurs.
Available Guides
The Australian government has created two guides for action in the occurrence of a breach.
Data breach preparation and response guide – Provides guidance for entities to prepare and respond to data breaches
Data breach guidance for individuals – Provides information for individuals in the case of a data breach, lost or hacked personal information
History and Overview
The NDB scheme was established by the passage of the Privacy Amendment (Notifiable Data Breaches) Act 2017. The scheme applies from 22 February 2018 to all organisations and agencies with existing personal information security obligations under the Privacy Act. It obligates these entities to notify anyone whose personal information has been involved in a data breach that is likely to cause serious harm. The notification must include recommendations about the steps individuals should take in response to the data breach. The Australian Information Commissioner must also be notified.
In order to comply with the NDB scheme, agencies and organisations must prepare themselves for the possibility of a data breach, and how to respond quickly to reduce and contain the resulting harm. To notify the Commissioner, entities should use the Notifiable Data Breach form.
Section 6 of the Privacy Amendment (Notifiable Data Breaches) Act 2017 says that the scheme applies to incidents where personal information is subject to unauthorised access or disclosure, or is lost.
Who Must Comply?
Agencies and organisations that the Privacy Act requires to secure specific categories of information are required to comply to the NDB scheme. This list includes the Australian Government agencies, not-for-profit organisations and businesses with an annual turnover of $3 million or more, health service providers, credit reporting bodies, and TFN recipients.
When is Compliance Required?
A data breach occurs when personal information stored by an organisation is lost or subjected to unauthorised access or disclosure. Not every data breach requires compliance. Only those data breaches involving personal information that are likely to cause serious harm require NDB scheme compliance. The NDB scheme calls them “eligible data breaches.”
Examples of a qualifying data breach include:
A database with personal information is hacked
Personal information is provided to the wrong person by mistake
A device containing customers’ personal information is stolen or lost
There are a few exceptions that don’t require notification outlined in the Data breach preparation and response guide. If a data breach is suspected, agencies and organisations are required to assess quickly if it is likely to cause serious harm.
How to Notify
If an eligible data breach has occurred, individuals at risk of serious harm must be promptly notified. The Commissioner must also be notified as soon as practical. Notification must include the following information:
Name and contact details of the organisation
Description of the data breach
Types of information affected
Recommendation of steps that individuals should take in response to the data breach
The Commission is notified using the Notifiable Data Breach form.
Role of the OAIC
The Commissioner has several roles under the NDB scheme.
Receiving notifications of data breaches
Encouraging compliance through handling complaints, taking regulatory action and conducting investigations
Offering guidance to organisations, and information to the public about the scheme
