Find the latest news and information here.
Why managing your IT infrastructure is crucial to driving business performance
By: Jake Schulte, Networks Plus IT Manager
Because Information Technology (IT) is always evolving, hardware manufacturers and software developers are always coming out with something new to replace what exists today. Consequently, hardware gets old and outdated, and software running on the machines needs updated.
If you don’t have a plan in place to maintain your IT infrastructure, now is the time. Instead of being caught unaware and not being sure what to do next, your company will be in the position to allow IT to drive your business forward.
What is considered IT infrastructure?
IT infrastructure refers to the mechanisms required to operate and manage the IT environment. This includes both infrastructure within the organization’s facility and cloud infrastructure. A few examples include Active Directory servers, App servers, firewalls, switches, wireless, computers, backup services, operating systems, and software. While each component of IT infrastructure has its own unique role, they all work together to deliver performance, efficiency, and uptime to drive business functions.
When it comes to managing business IT infrastructure, companies need to take a holistic approach and think about the big picture, rather than having tunnel vision and only focusing on individual components, such as improving performance. Without all the essentials in place, companies make themselves more susceptible to risks that could halt all business functions.
My recommendation when it comes to setting up and managing IT infrastructure is to consult with an experienced IT Team who can provide the proper guidance and support that’s needed.
Infrastructure’s Role in Business Performance
There are many ways IT infrastructure plays a role in how a business performs by making sure the necessary equipment and software are in place to drive business functions. For example, if a server doesn’t have adequate computing power and storage to fit the requirements of the software applications running, performance will suffer. Each line-of-business application that is used by a company requires resources to operate. If the business fails to meet the system requirements and does not have the needed resources, operating system, or software to make the application work, it can be extremely costly and business performance will be negatively influenced.
Another example is security services that protect your data. If your company is hacked and your data is compromised, the situation can dramatically impact the company’s ability to perform job functions– not to mention its reputation. Businesses need a layered approach to security that includes both a firewall and advanced endpoint security software on their computers.
Leveraging Infrastructure to Drive Business Performance
With IT infrastructure, technology has significantly evolved in recent years. A business shouldn’t continue making decisions today based off of what made sense 5 or 10 years ago. There are likely better, more cost-effective options available. Explore all the options, both on-premise and cloud solutions, prior to making IT decisions.
Take time to assess all your options. Just because an infrastructure solution works well for one company, does not mean it’s the right fit for your organization. It’s best not to rush into any decisions when considering purchasing or replacing existing infrastructure.
Furthermore, do not make decisions based off of up-front costs alone. Consult with an IT Team that can give the proper guidance to make sure you’re getting the infrastructure you need to run your business, while also not overspending on things that are not needed.
Networks Plus provides services for all aspects of IT Infrastructure. We recognize that every organization is unique in what they have to offer, and we treat IT infrastructure the same way. There is never a “one-size-fits-all” solution. We consult with our customers to put them in a position to make well-education decisions for what makes the most sense for them. Our role is to identify all possible solutions, the costs and benefits associated with each one, the risks associated with each solution as it relates to the customer’s business, and share that with the customer so they know what they’re getting and what to expect of it.
When it comes to IT Infrastructure, my recommendation for all businesses is to plan ahead and budget appropriately. IT budgets are not solely for enterprise organizations. All small and medium-sized businesses should have a plan in place to understand what they need, why they need it, and the budget resources to make it happen.
Choosing the Right Internet Browser for You
By: Nathan Brown, Managed Services Lead/Advanced IT Technician
Web browsers are the gateway to the internet. You are likely familiar with the most popular browsers, but you may not know their differences. Let’s take a look at the pros and cons of some of the more well-known web browsers.
- Probably the most popular browser on the market, Google Chrome has thousands of extensions, which are small software programs that add new features to your browser and personalize your experience. One such extension allows Chrome to automatically translate pages that are not in the native language specified by the browser.
- Another advantage of Chrome is its ability to load Web pages faster than other browsers.
- Chrome’s tabs allow you to work on several tasks at the same time.
- Chrome is compatible on all major operating systems and devices. It also synchronizes easily across multiple devices and platforms.
- The primary drawback of Chrome is that it is very RAM intensive. To give the user the benefit of more tabs and extensions, Chrome uses more memory.
- Over the years Mozilla Firefox has made several upgrades and is one of the faster browsers out there with an easy-to-use interface.
- Firefox is compatible with Windows and Mac OS, as well as Android and iOS devices.
- Allows users to get pretty specific when managing privacy and security settings.
- It is more privacy-centric than Chrome, but not quite as expansive.
- The landing page can contain a lot of recommended links and ads, which users may not appreciate.
- Perhaps the biggest – and only – pro for IE is that many people are familiar with it, as it hasn’t changed much over the years.
- IE is not getting any more major upgrades because it has been replaced by Microsoft Edge.
- It is SLOW.
- Bottom line: don’t use IE unless you absolutely have to.
- Safari works very well with Apple devices as the native browser built into MacOS and iOS.
- It does not record any user data and thus, is very good at protecting the end user’s information.
- Safari works across all Apple devices seamlessly.
- There is no Windows or Android support.
- Safari offers very few add-ons.
- With very few updates, Safari is not as secure as other major browsers.
- Microsoft Edge is built on Chromium, which is essentially an open source version of Google Chrome.
- This is the default Windows 10 browser and is very well-integrated with the operating system.
- Edge is much faster than its predecessor and may consume less memory than Chrome.
- Edge lacks available extensions because it is essentially in its infancy.
- It is not backwards compatible with older versions of Windows.
Which browser is best?
In my opinion, there is not really a clear winner for “best” browser when it comes to business or personal use. Personally, I swap between Chrome as my primary browser, and Edge as a secondary browser on my computers. When it comes to my iPhone, I actually prefer Firefox. When it comes to what’s “best”, I say it’s a personal preference based on how easy the user finds a browser to use and navigate.
Try out all browsers compatible with your operating system and see which one you prefer. My only caveat to that advice is to steer clear of Internet Explorer because it is effectively retired by Microsoft. And did I mention how much SLOWER it is compared to other browsers?
While I can’t tell you exactly which browser you should use, I will tell you that no matter the browser, be sure to install an ad blocker. This will minimize your risk of exposure to malicious pop-ups. It’s not full-proof, but it will make your life and your friendly IT people’s lives better.
Networks Plus offers managed IT service, IT consulting, and a host of other services to help keep your systems running smoothly and your business performing at the highest level. Give us a call to see how we can support you.
How a Local Business Fell Victim to a Cybersecurity Breach and What You Can Do To Keep It From Happening to You
By: Adam Boyle, Business Account Consultant
Data is both the lifeblood of 99% of businesses today, and a valuable commodity for cyber security attackers.
Phishing and password attacks aren’t the only way hackers try to get to your company’s information. Sometimes they simply call and convince you to give it to them without realizing what is happening.
A local business recently received a call from a person claiming to be a member of the QuickBooks support team. The hacker was connected to an employee in the accounting department.
The caller told the employee that they noticed an issue with the business’ QuickBooks system and needed access to their computer to make the necessary fixes. To do this, the caller told the employee to visit a specific web address, which the employee did, giving the caller access to the employee’s computer. The phony QuickBooks caller was able to get into the business’ security protocols and remove nearly every security measure they had, which left the business unprotected.
Unbeknownst to the employee on the phone, the undercover attacker then exported all their QuickBooks information off-site, including client names, addresses, credit card information, and social security numbers. The caller deleted all the information locally and encrypted it, then told the employee the problem was fixed and got off the phone. The employee was none the wiser. A short time later, the office received an email from the attacker letting the business know what they had done: the attacker now had the business’ information and it was no longer on the company’s site. As proof, they screenshotted some of the information they’d stolen and demanded the business pay a certain amount of bitcoin for the return of the client information. Bitcoin is a common demand in ransomware because it is untraceable.
Cleaning Up After A Cybersecurity Hack
The business called Networks Plus to explain what happened and ask for advice on what to do. The good news is that the business had invested in an off-site backup service with Networks Plus, so they were able to restore the data that was lost.
The bad news is that the damage was done; the bad guys had their clients’ information and the cleanup from the attack was extensive. The business had to notify clients of the breach, handle certain legal requirements as a result, and the incident delivered a blow to the business’ reputation.
How do you help keep your business from becoming a victim of one of these attacks?
The first, and arguably most important, step to cyber safety is to prioritize employee education. Unfortunately, the #1 target of any cyber attack is employees. This makes employee education a key component of any business’ cyber safety. It’s so important, we even wrote a blog about why companies should make education part of their cybersecurity strategy. (Check it out.)
Knowledge is power. In situations like this one, the employee should have told the caller that before they did anything, they were going to verify with the caller’s company (i.e. QuickBooks) that the call is legitimate. The employee should have called QuickBooks directly to confirm. Most of the time, companies like QuickBooks will not reach out to a business directly about an issue. Generally speaking, users need to call them when an issue is detected.
It’s also important to understand the security measures your business has in place and what they do. Because this particular example was not of a software attack, it would not have been noticed by antivirus software, which is what this business had. This type of attack is known as spear-fishing: a targeted attempt to steal sensitive information through voice solicitation.
The attacker knew they wanted the accounting department and that they wanted to use QuickBooks as their point of entry. This type of attack is difficult to protect against. Other than employee education, your best bet for protection may be Advanced Endpoint Security. This software offers real time threat detection and response by learning user behavior. In the example above, the advanced security software would have known that this particular employee does not usually get into security settings and it would have stopped the action once it detected security protocols were changing. This red flag would have sparked a call from Networks Plus and could have prevented the attacker from exporting client data.
Food for Thought
Don’t get stuck in the trap of thinking your business is too small or that something like this couldn’t happen to you. We see small businesses get hit all the time with things like this. Five to ten years ago, hackers were targeting big companies, but those companies are better guarded. Today, hackers realize smaller businesses may not have the budget to protect themselves against this kind of attack, making smaller businesses an easier target.
Another lesson learned from this experience is to make sure your data backups are sufficient. Had this company not had a best-practice solution in place, the damage inflicted would have been even worse since there’d have been no way to retrieve up-to-date data. It’s important to verify that you’re saving and backing up current information.
For businesses that aren’t sure what protection they have or if current protections are adequate, I recommend a free security best practice assessment.
Call Networks Plus and we’ll discuss your current structure, strategy, and worries, etc. After that conversation, we can make recommendations for what we believe the business could or should be doing. From security awareness training for office staff, to layered security and data backups, to Advanced Endpoint Protection, Networks Plus offers a wide range of ways to help keep your business and its data safe and secure.
Firewalls: What They Do and Why Every Organization Needs Them
By: Brad Jepsen, Master IT Engineer
What protects you from hackers, viruses, malicious or unsavory content? Have you ever wondered what it takes for the doctor’s office to keep your online medical information protected, or your favorite online retailer to keep your credit card information from being stolen?
The first line of defense is a firewall.
Firewalls provide security for a network, monitoring traffic coming in and out of an organization, determining the type of traffic, and whether or not it’s allowed to pass through. I liken firewalls to a lock on the door of your home. It may not prevent a break-in, but it will deter someone driving by testing door knobs. In short, a firewall’s purpose is your first defense to keep those “bad guys” (i.e. hackers and viruses) on the internet out of your network.
How it works
Firewalls work similarly to a security checkpoint for your network. Imagine you are entering an airport to board a flight. All of the potential passengers, such as yourself, represent different IP addresses: from websites to emails to applications. Before you get to your flight gate and board the airplane (our hypothetical network), you must go through security, where they will check a variety of information before determining whether or not you’re allowed to pass through. A firewall will analyze the data of incoming traffic and keep out any that carries information that has been pre-determined to be worthy of blocking, or unsecure. This includes certain words or phrases, known malicious websites or IP addresses, viruses, and even applications (i.e. Pandora or Spotify). Many employers do not allow social websites, like Facebook, to be accessed on their network and can have them blocked by the firewall. Your firewall vendor can also group blocked content by category, with keywords like “gambling” or “lottery”.
The level of control depends on what type of firewall you choose. Networks Plus can help you determine what the best fit is for your needs.
Perhaps as important as choosing the right set-up is managing it. Setting parameters can be tricky, and obviously not fool-proof. Say you block “gambling”, but eventually that leads to blocked communication on a new project or client. Parameters would need to be adjusted. Ideally, a firewall would be monitored daily, but at minimum monthly or quarterly check-ins suffice for most users. These check-ins will show if there’s questionable inbound and/or outbound traffic, and where more attention may be necessary. This also helps ensure, in most cases, that a problem doesn’t go on for too long without detection.
It can seem daunting for some organizations to add this process to their workload, so Networks Plus offers a managed firewall solution to help take care of monitoring the firewall and making adjustments as needed. Using either a software firewall program or firewall hardware – or both – you can really monitor network traffic in a variety of ways.
Why it’s important
A firewall is your first basic step of security in monitoring what’s allowed in or out of the IT side of your organization. Without a firewall it would be pretty easy for someone to steal data, for example. It also helps mitigate viruses, which could easily cause a pain for the organization, not to mention a loss of productivity.
How do you know if your current set-up is reliable? Knowing you have a firewall is a good first step. Knowing everything it’s doing can be difficult if you’re not monitoring it day-to-day. It’s a good idea to call a professional, like Networks Plus, to look at your current firewall and give you the details on what it is and what it’s capable of, then they can make recommendations from there.
For those in need of setting up a firewall from scratch, have a company that knows what they’re doing come in and set it up to ensure optimal security. Networks Plus partners with network security vendor WatchGuard to offer award-winning, easy to deploy security solutions.
Why Educating Employees On Cybersafety Should Be Part of Your Cybersecurity Strategy
By: Craig Williams, Master IT Engineer
As quickly as companies find ways to fend off a cyber threat, cybercriminals find new ways of launching an attack. And many times, the employees are their target.
For a business, there are multiple layers of protection that need to be put in place. This includes a strong firewall, data back-ups and other forms of protection.
But educating employees is one layer that is often overlooked.
At Networks Plus, we believe the best defense against hackers and other cyber threats is an educated employee. They are the most dynamic part of your business, so it’s important they are alert and aware of what an attack can look like. It’s the organization’s responsibility to ensure their employees know how to keep the network and data secure.
Keep Current With The Latest Threats
Because of the ever-changing nature of cybercrime, giving one cybersecurity training during new hire orientation isn’t going to cut it. The most common cybersecurity threats to employees change frequently.
Right now, phishing is the greatest threat observed, because the payoff can be high. But as security measures adjust to stop these threats, attackers change tactics.
Threats can come in any form of communication: email, phone calls, text messages, and even calendar invites.
One new scheme that’s emerged is cybercriminals sending you an invite and to get an appointment on your calendar. Then you click the link and “calendar invite” installs malware on your PC.
This is just one of the newer methods being used. It’s important to stay updated and aware of what threats exist, and make sure your employees are aware as well.
All of the cyber protection technology in the world won’t help you when an employee receives a phishing phone call and unknowingly gives sensitive information to an attacker. Educate your employees to help keep your organization more secure.
How Networks Plus helps organizations train employees on cybersecurity.
- Expertise – We use our experience, leveraging what we have seen in regards to cyberattacks and vulnerabilities, to help education how employees should be protecting their accounts.
- KnowBe4 – We partner with KnowBe4, the world’s largest security awareness training and simulated phishing platformto test your employees. Once the test is complete, an actionable report can help cater training based on an organization’s vulnerability risk.
- Lunch & Learns & Webinars – Networks Plus offers these informal training opportunities to give customers a look into potential emerging threats and how they can protect their information from such attacks.
- Personalized Training – Bring our Technology Director, Jerry Horton, right into your staff meeting with personalized training to meet your needs. We offer personalized training via an online interactive webinar format, or even on-site as needed. Contact your account consultant at email@example.com for more information.
Remote Work: Not Your Parent’s Work Environment
By: Kelly Gillespie, Business Account Consultant
As many of us have experienced recently, the traditional brick-and-mortar office isn’t the only viable option for performing our jobs these days. In the wake of the pandemic, business leaders have needed a more open approach to remote work, and the IT/Cybersecurity folks have made a mad scramble to have the right equipment, security, and applications to make the experience feel seamless.
So now you need to be prepared for more remote work. The gear you hurriedly assembled to get it done during the last few months sufficed under the circumstances, but might not be the best long-term solution. Not to worry – we have guidance on the “what” and “how” to set up a remote or a mobile office! Let’s start with the basics: equipment.
What are you using and why?
This sounds so obvious that you will roll your eyes (at first), but it is the very essence of setting up remote access. Examining the functions of your job will help you determine your equipment needs. Allow me to expand…
While a desktop PC is the most powerful and least expensive option, it is not necessarily the right one, especially if you are a road warrior in sales or field service. If you’re a power user who does database work or graphic design, for example, you may need a desktop.
Everyone loves the laptop, but is it the right tool for the job all the time? Since laptops are essentially miniaturized versions of desktops, they generally lag behind in processing power and storage technology. They can have significant limitations, such as memory, input/output ports, operating system support, and power. If you are a field service engineer, a laptop is usually a must-have, but many other jobs don’t require the full function of a laptop.
With the rise of Software-as-a-Service (SaaS) adoption, a tablet can typically cover the bulk of most job functions – email, productivity suites, and web interfaces, including remote desktop access, to most SaaS line of business applications. The downsides are lack of support for dashboard accessories, such as secondary monitors, full size keyboards or mouse, and enhanced security software.
A few essentials for the home/mobile office
Here are a few items you need in order to make your remote work life much easier. Let’s assume that you have a dedicated workspace with a decent desk, chair, and lighting – all important and essential items – and focus on the gadgets and more to round out your remote office.
It should go without saying, but your home internet connection may not be sufficient to the needs of supporting a home office. Check with your IT folks to see what kind of bandwidth you need to operate remotely.
Regardless of your computing platform, monitors are key to being able to do it without ruining your eyes or happy thoughts. At a minimum, desktop or secondary monitors should:
- Be at least 21” diagonal screen
- 16×9, high definition (at least 1080 pixel) configuration
- Support HDMI connection as most newer laptops have native HDMI ports
You should have at least two monitors (one can be a laptop screen). Productivity software works best when you have extended screen real estate to work with, not to mention using multiple web browser windows.
You also may want to consider a monitor mounting system to improve your viewing angle and ergonomic comfort, not to mention gaining some of your desk space back.
If you are using a laptop or tablet, one of the essential accessories should be a docking station. This will provide multiple ports, including connections for monitors, USB, and even Ethernet. Otherwise, you will need to buy separate adapters for each device type you want to connect and you will likely only be able to use one at a time on ultra-slim laptops or tablets.
Extra Power Supply/Cable/Charger
Who hasn’t gotten to the client meeting or presentation and realized their laptop/tablet was almost out of battery and the power supply wasn’t in the bag? Keep one on your desk and one in your bag. Same with your phone charger. ‘Nuff said.
As we have all experienced over the last few months, video web meetings are the new norm. Most laptops and tablets have a decent webcam for a single person, but the built-in microphone is not of the highest quality for the best audio experience. Use a USB microphone and headphones if you are doing video meetings with more than just the person seated directly in front of the laptop. An external webcam is also a good investment when displaying a meeting room or larger group.
External Hard Drive/USB Drive
For backups and nothing else. And like your Mom said, don’t ever take USB drives from strangers. You don’t know what has been on that drive and could inadvertently find yourself with a virus.
You may want to consider a few other items to make your life easier.
- Cable organizers – Because who wants to have to fight cables for desk space?
- Printer – Yep, people still read things on paper and occasionally even send them via postal mail.
- Surge protector/UPS – Even though laptops and tablets run on batteries, you probably want to plug more than one thing into that impossible-to-reach outlet behind your desk. Also, both of these devices can offer some protection against electric spikes to your laptop or tablet.
- Notebook – No, I’m not talking about anything electronic, just plain old paper and pen. Having a pad of paper to jot down the odd note or phone number is just indispensable.
Software you will need, but probably haven’t thought about yet
You have your remote/mobile office all set up and you are feeling pretty smug about it because you can check email, share documents, check inventory, etc. That’s great, but what happens to all of that information when you click a suspicious link or visit the odd website only to find that you are the unhappy recipient of malware?
Virtual Private Network (VPN)
Don’t leave home without it. In fact, use it at home, too. Your IT department may have a specific VPN application that you need to use, so check with them first, but on laptops, tablets, and smartphones, having and using a VPN is essential.
Anti-Malware/Advanced Endpoint Protection
You wouldn’t dream of leaving your house unlocked while you are away, so why would you leave your data unguarded? A good anti-malware program is essential, especially for mobile devices. Check with your IT department first, but make sure all of your mobile devices, including your smartphone, have security software installed.
Your best line of defense, especially against ransomware or theft of a device, is a regularly scheduled, secure and tested backup. Not only should you backup your laptops/tablets/smartphones, but what about all of that data in the SaaS cloud? You guessed it: that needs to be backed up as well.
Some stuff that doesn’t have anything to do with security
Here are some miscellaneous pieces of software/websites you may find useful when working remotely:
- Binaural Beats – atmospheric music that enhances your creativity, relaxes you, and promotes general wellbeing
- Dragon Naturally Speaking – Tired of typing? Use Dragon’s dictation software!
- IFTTT – Want a way to automate mundane tasks or connect separate calendars? If This, Then That (IFTTT) is your answer.
- RescueTime – This is an app that helps bring some discipline and sanity to your remote work by tracking your screen time between productive and distracting apps and websites, even blocking the distracting sites when you need to focus.
The Tax of Remote Work
Finally, working remotely isn’t just about technology, it is about how you can efficiently and effectively operate outside of the traditional workspace. Here are a few tips.
- Structure your workday just as if you were in the office, no matter where you are.
- Have a definitive start and stop time.
- Take breaks, just as if you were in the office.
- Keep a daily ‘diary’ of your workflow using OneNote, a calendar program, or even a giant old legal notepad.
- Minimize distractions and set boundaries
- Ditch the personal social media accounts and email during work hours.
- Roommates, spouses, family, and friends need to clearly understand that even though you are home, you aren’t “home”. Set clear expectations for your workspace and interruptions.
- Plan your work and work that plan. Lay out the day’s tasks and items that need to be complete, and work through them.
- Use appropriate music as a background. Instrumental music works best for most people.
- Interact with co-workers on a regular basis. Possibly the most difficult hurdle for remote work is a sense of isolation. Make a conscious effort to connect with coworkers via phone or video.
Defense In Depth
Buying and Selling Online: Keeping Your Money and Information Safe
By: Jerry Horton, Technology Director
We are all shopping online more today, whether we are making purchases or being purchased from. While it is convenient, it can also put you in danger of having personal and financial information stolen. Cyber attackers are always at work, but take full advantage of situations like the current pandemic. Both consumers and businesses need to ensure they are taking the proper safety precautions.
On the Attack
When it comes to online shopping, the internet gives attackers multiple ways to obtain your personal and financial information. Once they have it, they will use your information to make their own purchases, or sell it to someone else. They may target their potential victims through fraudulent websites and emails, including fake shops and charitable organizations. Just remember the old adage, if a deal looks too good to be true, it probably is.
Another way attackers are able to get your information is through intercepting. If a vendor does not use encryption during a transaction, your information is at risk.
Attackers also prey on vulnerable computers. Consumers and businesses alike need to take steps to protect computers from viruses and other malicious code that attackers may use to access personal and customer information. Keep your devices up to date and protected.
Keep Your Info Safe While Shopping
Perhaps the most important way to protect yourself is by doing your due diligence. Here are some ways to keep private information secure:
- Do business with reputable vendors.
- Ensure a secure website – If you are a consumer, make sure you are purchasing from a secure site, which should have a URL that begins with “https” instead of “http” and a closed padlock icon.
- If you are a business that sells to consumers, ensure that your site has been secured and that you are using the proper web security (i.e. web app firewalls, full blown security commerce suite), and maintain PCI DSS compliance in store or online.
- Do not provide sensitive information through email. No reputable business will ask for private or sensitive information via email.
- Use a credit card or prepaid debit card, which, by law, offers some level of fraud protection.
- Use a Virtual Credit Card – How it works: you own a credit card account with the institution that offers the card. When you make a transaction, your account generates temporary, random numbers in place of your actual credit card number. This offers one more layer between you and attackers. Some cons to this method include difficulty returning or denying a purchase, they’re not accepted by all merchants, and not every purchase offers the same fraud protection as with credit cards. There are three major companies offering virtual credit cards: Bank of America, Citibank, and Capital One.
- Check your app settings – Shopping apps should tell you what they do with your data and how they keep it secure. There is no legal limit on your liability with money stored in a shopping app or gift card. Read the terms of service. The pro to shopping through store apps is that it can help avoid clicking a “bad” link to one of those legitimate-looking, but fake, websites.
- Check your statements and accounts – Compare receipts and purchase copies with bank statements for discrepancies. If you think this is a small point, read your neighborhood cybersecurity guy’s personal fraud experience.
Collecting Payment as a Business
The same security rules apply for businesses as with consumers: make sure there is a layer of protection in the transaction. I recommend all businesses that are selling to consumers do the following:
- Be set up to take credit cards and debit cards – Look at services like PayPal, Square, Amazon Pay, Google Pay, Apple Pay
- Work with your financial institution – They will help support all that goes into conducting electronic transactions and have knowledge of industry policies.
- Set up with reputable companies that will advocate for both the buyer and seller. PayPal, Amazon Pay, Google Pay, Apple Pay, for example, meet the necessary standards. Check that your organization is PCI DSS compliant. PCI DSS is a stringent set of standards created and policed by the industry itself.
Use Solid Business Accounting Practices
Setting up your transactions for optimum cyber security is one step. Another step businesses must take for their added protection is to set up solid accounting practices. Be sure to have a clear “chain of evidence” – a clear process in place about where an invoice came from, how much it is, and what it’s connected to. Accounts should be charted and set up with vendor and accounting codes. And be sure to separate duties; one person should not be responsible for the entire process. Just as you would frequently check your personal bank statements, keep solid records and look through details, understanding that attackers can steal enough information to make it look like an invoice came from a company.
Unless you’re an enterprise level business, don’t attempt to go at this by yourself. Utilize a reputable dealer and make sure to have a discussion with your financial institution.
The COVID-19 pandemic has accelerated a process that was already in place with attackers/ hackers using their best tricks and tactics to steal consumer information. Something else to consider while online shopping at this time is how to be a socially responsible shopper. if you’re making purchases, support local when possible. Don’t engage in panic buying. And if you see someone else in need, give.
The Microsoft Office 365 Rebrand, Explained
By: Jake Schulte, IT Manager
Late last month, Microsoft unveiled the rebrand of their subscription service, Office 365. Now called Microsoft 365, there’s no price or service change associated with the new brand, but subscription packages also received new names. The new branding simplifies the catalog of product options for individual consumers and businesses, with better descriptions of their features.
The Office suite applications themselves are also not changing –for example, you won’t notice any difference when you open Microsoft Word. Microsoft is simply renaming their packages of program offerings to bring them in line with the types of features they provide, and to help customers determine which subscription is the right choice.
The history of 365s
Office 365 launched in June 2011, replete with the applications that are central to the brand’s identity – Word, Excel, PowerPoint, Outlook, and more.
In 2017, Microsoft launched Microsoft 365, designed for use by large enterprise companies, generally employing over 250 people. Over time, Microsoft 365 evolved to accommodate the needs of small and medium-sized businesses. The software as a service program now includes capabilities to host meetings online in Microsoft Teams, store files in the cloud, easily access information remotely, and protect data with innovative security solutions.
All these features are crucial components for businesses under the “enterprise” threshold, so as Microsoft’s product line has evolved, so too has their packaging of those products to make it easier for budding businesses to best select their subscription.
What’s in a name?
The new names for subscription packages include:
- Office 365 Business Essentials is now Microsoft 365 Business Basic.
- Office 365 Business Premium is now Microsoft 365 Business Standard.
- Microsoft 365 Business is now Microsoft 365 Business Premium.
- Office 365 Business and Office 365 ProPlus are now both Microsoft 365 Apps.
The features once labeled as “premium” are now considered part of the standard product line Microsoft provides. “Premium” is reserved for businesses requiring a higher level of intricacy or access from their subscription, making it easier for new and prospective subscribers to select the arrangement that best serves their needs.
What differences will users see?
Current users of 365 subscriptions will only see a difference in what’s listed on their invoice – the name of the package of features they receive. The price of the subscription and the features themselves won’t change. This may, however, invite an opportunity for current subscribers to look at what their package offers and determine if it’s still the right fit for them.
Evolution from a software program to a productivity suite
With the rebrand, Microsoft is officially naming the expansion of the role it’s already started occupying in the function of the businesses that subscribe to its services. Microsoft is confidently promoting the Microsoft 365 line as “the world’s productivity cloud” and moving away from the mindset that 365 is only the applications we recognize. It’s also an email server, a file-sharing service, an online meeting hub, and more.
This shift also makes it easier for users to grow into their product line, with a clear path forward for customers seeking to upgrade the features of their package.
For example, if you begin by only needing Outlook to access email stored on a Microsoft exchange server, there’s a product for that. As your business grows, you may find you have an increased need for sharing files across multiple computers in different locations; there’s a package that can accommodate both needs, one step up the ladder. With the rebrand, its name better reflects what it has to offer.
As Microsoft shared when announcing the rebrand, “these changes represent our ambition to continue to drive innovation in Microsoft 365 that goes well beyond what customers traditionally think of as Office.”
Networks Plus can help you manage Microsoft 365
A Microsoft 365 subscription is a great choice for any business seeking to increase productivity. Networks Plus is a proud Microsoft partner, and helps businesses of all sizes set up their Microsoft 365 suites. We provide subscription options on a monthly basis, help with full implementation of the suite, and ensure the products are working.
We also provide a third-party backup service, another fail-safe in addition to the redundancies Microsoft has in place to prevent unintended loss of data: files, emails, contacts, and other vital business information. Microsoft can protect against data loss to an extent, but for user-end error such as deletion or corruption of files or contacts, data recovery is more difficult without additional backup measures in place.
Networks Plus is the partner you need to keep your business productive and secure. Call to find out how we can help you.
Keeping Your Information Safe: WiFi Tips for Secure Remote Work
By: Jerry Horton, Technology Director
Having WiFi at your house makes the work at home life many of us are living right now more convenient than days of ethernet or–perish the thought–dial-up. But WiFi by its very nature comes with its own security risks. Make sure your work is secure by practicing safe WiFi usage.
A WiFi network connects devices together using radio waves, as opposed to a physical medium such as cable or fiber. Whereas fiber is immune to hacking (outside of physically splicing a device into the fiber strand), WiFi is comparably easy to hack because it’s a radio transmission designed to remotely connect multiple devices simultaneously. Once someone is “inside” the network, it becomes easy to gain access to any equipment sharing that network – allowing hackers to control devices, steal data, and implant viruses where and how they see fit.
A Cautionary Tale
In October 2016, the entire Eastern seaboard lost internet for 16 hours in what is called a distributed denial of service attack, which disrupts service by consuming all available bandwidth to knock users offline. Called the Mirai botnet, the attack was initially designed by an undergraduate student at Rutgers trying to profit off of Minecraft players. The botnet–somewhat more successfully than anticipated–implanted malware in all manner of wireless devices it encountered and proceeded to transmit and clog traffic. Any unsecured devices are susceptible to this kind of compromise.
Methods of Securing WiFi
You may be familiar with networks using open authentication. As the name implies, this method allows a device to join a network as soon as it sees the SSID – Station Set Identifier without requiring a password.
Another method is WEP – Wired Equivalence Privacy – which has somewhat fallen out of favor as it offers minimal security, but is still available on most routers. WPA – WiFi Protected Access – encrypts traffic, making it a bit more secure than WEP.
WPA2 is the best WiFi option because it uses algorithms and advanced encryption systems to make traffic on the network harder to infiltrate and disrupt. Don’t worry if you feel like you’re floating in alphabet soup–we nerds love our acronyms.
Getting to Work
Cyber criminals, like most criminals, are looking for low hanging fruit. If you’re working remotely with access to sensitive information, don’t use an open public network, because these are highly unsecured.
Disabling automatic connections to WiFi on your devices will give you more control over what networks they access. Always use a VPN – Virtual Private Network – when connecting to a business network from any remote location such as your local coffee shop. Your IT team should ensure you have this precaution in place.
Never operate as an administrator of your device when joining a business network remotely; use personal user credentials with lower clearance levels to limit the information available to potential hackers, and encrypt any files stored locally on the device.
When securing your personal WiFi network, use WPA2 and a long, unique password. If you’re not tech savvy, not to worry; router manufacturers are making your life easier with prebuilt passwords at different security levels. Visit the router manufacturer’s website for directions on how to make security changes; most devices are managed from a web app where you can personalize your network settings.
Tips from the Experts
For personal devices, we recommend turning on your local firewall, installing an anti-malware program, and investing in a VPN software and network. When browsing the web, if a site offers multifactor authentication, turn it on.
Multifactor authentication consists of one of four things – something you know (password or PIN), something you have (token), something you are (biometrics), or somewhere you are (geolocation). And of course, never give out your account passwords to anyone, including (anyone claiming to be) IT personnel – anything they need to access, they can access without asking your credentials.
Wrapping it up
Without a doubt, WiFi makes our lives easier, providing connectivity without cables in almost every home, business, and point of interest, but it is not without security flaws. It is up to you to make sure you are maintaining good cybersecurity practices by using WPA2, personal firewalls, good anti-malware, multi-factor authentication, and a VPN whenever it is possible.
Stay safe and healthy!