7 Ways Small Businesses Can Take Full Advantage of Office 365

Comment

7 Ways Small Businesses Can Take Full Advantage of Office 365

ea31b3092bfd073ecd0b470de7444e90fe76e7d71eb0194397f9c9_640_computer-laptop.jpg

If you subscribe to Office 365 Business Premium or Microsoft 365 Business, you have access to seven apps designed for small companies. They are part of your subscription, so there are no additional costs to use them. Here is what you can do with these apps.

With little fanfare, Microsoft has been rolling out new tools designed to make it easier for small businesses to find and keep customers and run operations more efficiently. These apps are part of Office 365 Business Premium and Microsoft 365 Business. Four were released in November 2017, which means there are now seven apps available to subscribers at no additional cost. Here is what you can do with them:

1. Microsoft Listings

If you want to increase your company’s online presence, Microsoft Listings might be able to help. From the app, you can create business listings on Facebook, Google, Bing, and Yelp. Creating them in one place helps ensure that your company’s information and branding are consistent across these sites.

After you create the listings, you can use the app’s dashboard to monitor views and reviews of your business on the four sites. If you need to change some information in the listings, you only need to enter the changes once in the app. Microsoft Listings will then automatically make the changes in Facebook, Google, Bing, and Yelp.

2. Bookings

With the Bookings app, you can create a customized web page that your customers can use to check availability and schedule appointments. The scheduled appointments appear in your private Bookings calendar.

You can sync the Bookings app with your Office 365 work calendar. That way, when you add an appointment to your Office 365 work calendar, the Bookings web page will show that time as unavailable for appointments. Similarly, when a customer uses the web page to schedule an appointment with you, the appointment appears in your Office 365 calendar as well as your Bookings calendar. Appointment reminders are automatically emailed to both you and your customers.

Bookings has many other features designed with companies in mind. For example, it automatically creates a customer contact list for you. Plus, there is a mobile version of the app if you often travel for business.

3. MileIQ

Using your smartphone’s GPS service, MileIQ automatically tracks and logs the miles you spend driving for business, creating a record of your tax deductible/reimbursable mileage. The mobile app works in the background, so you do not have to remember to press a start or stop button. At the end of each drive, you just need to classify the trip as business or personal.

To avoid having to constantly classify trips as personal during off hours, you can enable the “Work Hours” feature. After you specify your work hours, the app will automatically classify all trips taken outside those hours as personal. If you happen to travel for business during off hours, you can reclassify the trip using MileIQ’s online dashboard.

You can also use the dashboard to create reports detailing your business mileage. By default, the app uses the US Internal Revenue Service’s standard business mileage rate (54.5 cents per mile in 2018) to calculate deductible/reimbursable costs, but you can customize the rate if needed.

4. Outlook Customer Manager

This tool lets you quickly access information about your company’s customers from either your Outlook inbox or the Outlook Customer Manager mobile app. For example, suppose you want to know more about a customer, Bob, who just sent you an email. If you click his profile, Outlook Customer Manager will display information about him, such as previous email exchanges, tasks completed for him, and logged calls.

You have the ability to share customers’ information with other staff members. Doing so helps ensure that your customers will get good customer service even when you are on vacation or out sick.

5. Microsoft Invoicing

With Microsoft Invoicing, you can generate professional-looking estimates and invoices using predesigned templates that are customizable. For example, you can insert your company’s logo, change the color scheme to match your branding, and add a “Pay with PayPal” link.

Using either the online or mobile version of the app, you can track pending and partial payments, mark invoices as paid, and see if any payments are overdue. If you use Intuit QuickBooks, you can have Microsoft Invoicing automatically transfer invoicing information to QuickBooks.

6. Microsoft Connections

Microsoft Connections lets you stay in touch with current customers and attract new ones via email. You can use either the online or mobile version of the app to create and send newsletters, announcements, and other marketing materials. You can even set up referral offers that give discounts (or another type of incentive) to existing customers who bring in new clientele.

After you send out a marketing campaign, you are able to track its effectiveness. Available metrics include the number of emails opened and how many people signed up for a particular promotion.

7. Office 365 Business Center

The Office 365 Business Center provides a central location from which you can manage the six other business apps. For instance, you have the ability to control which staff members can access them.

The Business Center’s dashboard gathers and displays key business metrics from the six apps. That way, you can keep track of the metrics without having to open each app. However, if you need more information, you have the ability to open any of the apps from the Business Center. The Business Center is available as an online and mobile app.

Comment

5 Emerging Trends in 2018 Budgets

Comment

5 Emerging Trends in 2018 Budgets

Spiceworks and Tech Pro Research have released reports exploring how companies are planning to allocate their 2018 IT budgets. Here are five budgeting trends these surveys have brought to light.

Comment

4 Security and Privacy Dangers Businesses Might Encounter in 2018

Comment

4 Security and Privacy Dangers Businesses Might Encounter in 2018

Data breaches and ransomware are not the only dangers your business might face in 2018. Here are four predictions you should be aware of when developing your security and data privacy strategies.  Data breaches and ransomware took center stage in 2017. Not surprisingly, they will continue to cause concern for companies worldwide in 2018. However, these types of attacks are not the only ones you need to consider when developing your security and data privacy strategies. Experts are making some alarming predictions on what companies might have to face in 2018. Here are four predictions you should be aware of:   1. Cybercriminals Will Scam Businesses Out of $9 Billion Using Nothing More Than Emails   Posing as executives, suppliers, and other trusted contacts, cybercriminals use highly personalized emails to scam businesses out of money. The U.S. Federal Bureau of Investigation (FBI) refers to these attacks as Business Email Compromise (BEC) scams.  Trend Micro  predicts that losses from BEC scams will exceed $9 billion in 2018.  In a BEC scam, cybercriminals first obtain the information they need to carry out the attack. They might send out phishing emails that try to trick employees into divulging details about the business or the individuals within it. Alternatively, the phishing emails might install malware that obtains sensitive business data, such as financial account records. Social engineering techniques are also used to get information. For example, cybercriminals might call the company or visit social media websites (e.g., LinkedIn, Facebook).  Once the cybercriminals have the information they need, they create a BEC email that looks like a legitimate email from that business or from an organization it does business with (e.g., a supplier). They spend a lot of time creating each email in the hope that its legitimacy will not be questioned. There is a lot at stake — the average payoff of a successful BEC scam was $67,000 (USD) in 2017, according to  Statista .   2. IoT Attacks Will Surge, Thanks to Hackers’ Greed and Devices’ Poor Design   In the past, hackers typically conducted Internet of Things (IoT) attacks to cause mayhem. For example, in  April 2017 , hackers unleashed malware that damaged the systems of Internet-connected devices —better known as Internet of Things (IoT) devices — so extensively that the devices became useless.   Forrester researchers  believe the focus of IoT attacks will change in 2018. Rather than trying to create chaos, hackers will increasingly use vulnerable IoT devices to access networks in order to steal sensitive data and spread ransomware. Once hackers know there is money to be made, there will be a surge in the number of IoT attacks.  Also fueling the increase in the number of attacks is the fact that many IoT devices are not secure by design, according to  Trend Micro researchers . Plus, patching IoT devices can be difficult if they are in hard to reach locations (e.g., security camera mounted on a wall) or built into machinery. All it takes is one vulnerable device to become an entry point to a network.   3. Not Taking GDPR Noncompliance Seriously Will Cost Some Companies Dearly   Starting on May 25, 2018, companies that conduct business in the European Union must adhere to the General Data Protection Regulation (GDPR). However,  Gartner analysts  predict that more than 50% of companies affected by the GDPR won’t be in full compliance with its requirements by the end of 2018, let alone the May deadline.  GDPR is designed to protect EU citizens from privacy and data breaches. Noncompliance with this legislation can result in hefty fines. The maximum fine, which is reserved for the most serious violations, is €20 million (around $24 million USD) or 4% of a company’s annual global turnover (whichever is greater). The fine structure is tiered, so companies with less serious infractions will incur smaller fines.  There are several reasons why companies might not be in compliance with GDPR. For starters, they might not realize that they need to comply. Even businesses located outside of the European Union fall under GDPR’s jurisdiction if they have customers who live there. Any organization that processes or holds the personal data of EU citizens is required to comply.  There is also confusion as to what constitutes personal data. A  2017 Trend Micro survey  of more than 1,000 businesses worldwide revealed that 64% are unaware that customers’ birthdates are classified as personal data. Similarly, many companies do not consider customers’ physical addresses (32%) and email addresses (21%) to be personal data.   4. Hackers Will Increasingly Use Cryptojacking to Steal Computers’ Processing Power   When people visit websites, their web browsers run scripts provided by those sites. These scripts enable the visitors to see, hear, and interact with the sites. Some scripts, though, have a more sinister purpose. They hijack the computers’ processing power without the visitors’ knowledge or consent. This power is used to mine (aka earn) cryptocurrencies such as Monero and Bitcoins. This type of attack is known as cryptojacking.  Cryptojacking activity increased significantly at the end of 2017, according to  researchers at Malwarebytes . They expect there will be a lot more of this activity in 2018. While cryptojacking started as a way for website owners to earn more money, cybercriminals have now jumped on the bandwagon. In addition to adding these scripts to their own malicious web pages, they hack into legitimate sites and insert the scripts in them.  Although cryptojacking is not used to steal data from computers or extort money from their owners, it can be detrimental to businesses. The extra load on the processors can make the computers sluggish, which can hurt productivity. It can also cause processors to overheat, which might lead to computers freezing or crashing. Plus, cryptojacking can result in a higher utility bill.  One experiment  found that it can add as much as $5 a month per computer in the United States.  Be Prepared for What 2018 Might Bring  Which of these dangers your company might face depends on many factors, such as where your customers are located and the extent to which your employees use email and web browsers. We can assess your organization and help you develop effective security and data privacy strategies to mitigate the risks.

Data breaches and ransomware are not the only dangers your business might face in 2018. Here are four predictions you should be aware of when developing your security and data privacy strategies.

Data breaches and ransomware took center stage in 2017. Not surprisingly, they will continue to cause concern for companies worldwide in 2018. However, these types of attacks are not the only ones you need to consider when developing your security and data privacy strategies. Experts are making some alarming predictions on what companies might have to face in 2018. Here are four predictions you should be aware of:

1. Cybercriminals Will Scam Businesses Out of $9 Billion Using Nothing More Than Emails

Posing as executives, suppliers, and other trusted contacts, cybercriminals use highly personalized emails to scam businesses out of money. The U.S. Federal Bureau of Investigation (FBI) refers to these attacks as Business Email Compromise (BEC) scams. Trend Micro predicts that losses from BEC scams will exceed $9 billion in 2018.

In a BEC scam, cybercriminals first obtain the information they need to carry out the attack. They might send out phishing emails that try to trick employees into divulging details about the business or the individuals within it. Alternatively, the phishing emails might install malware that obtains sensitive business data, such as financial account records. Social engineering techniques are also used to get information. For example, cybercriminals might call the company or visit social media websites (e.g., LinkedIn, Facebook).

Once the cybercriminals have the information they need, they create a BEC email that looks like a legitimate email from that business or from an organization it does business with (e.g., a supplier). They spend a lot of time creating each email in the hope that its legitimacy will not be questioned. There is a lot at stake — the average payoff of a successful BEC scam was $67,000 (USD) in 2017, according to Statista.

2. IoT Attacks Will Surge, Thanks to Hackers’ Greed and Devices’ Poor Design

In the past, hackers typically conducted Internet of Things (IoT) attacks to cause mayhem. For example, in April 2017, hackers unleashed malware that damaged the systems of Internet-connected devices —better known as Internet of Things (IoT) devices — so extensively that the devices became useless.

Forrester researchers believe the focus of IoT attacks will change in 2018. Rather than trying to create chaos, hackers will increasingly use vulnerable IoT devices to access networks in order to steal sensitive data and spread ransomware. Once hackers know there is money to be made, there will be a surge in the number of IoT attacks.

Also fueling the increase in the number of attacks is the fact that many IoT devices are not secure by design, according to Trend Micro researchers. Plus, patching IoT devices can be difficult if they are in hard to reach locations (e.g., security camera mounted on a wall) or built into machinery. All it takes is one vulnerable device to become an entry point to a network.

3. Not Taking GDPR Noncompliance Seriously Will Cost Some Companies Dearly

Starting on May 25, 2018, companies that conduct business in the European Union must adhere to the General Data Protection Regulation (GDPR). However, Gartner analysts predict that more than 50% of companies affected by the GDPR won’t be in full compliance with its requirements by the end of 2018, let alone the May deadline.

GDPR is designed to protect EU citizens from privacy and data breaches. Noncompliance with this legislation can result in hefty fines. The maximum fine, which is reserved for the most serious violations, is €20 million (around $24 million USD) or 4% of a company’s annual global turnover (whichever is greater). The fine structure is tiered, so companies with less serious infractions will incur smaller fines.

There are several reasons why companies might not be in compliance with GDPR. For starters, they might not realize that they need to comply. Even businesses located outside of the European Union fall under GDPR’s jurisdiction if they have customers who live there. Any organization that processes or holds the personal data of EU citizens is required to comply.

There is also confusion as to what constitutes personal data. A 2017 Trend Micro survey of more than 1,000 businesses worldwide revealed that 64% are unaware that customers’ birthdates are classified as personal data. Similarly, many companies do not consider customers’ physical addresses (32%) and email addresses (21%) to be personal data.

4. Hackers Will Increasingly Use Cryptojacking to Steal Computers’ Processing Power

When people visit websites, their web browsers run scripts provided by those sites. These scripts enable the visitors to see, hear, and interact with the sites. Some scripts, though, have a more sinister purpose. They hijack the computers’ processing power without the visitors’ knowledge or consent. This power is used to mine (aka earn) cryptocurrencies such as Monero and Bitcoins. This type of attack is known as cryptojacking.

Cryptojacking activity increased significantly at the end of 2017, according to researchers at Malwarebytes. They expect there will be a lot more of this activity in 2018. While cryptojacking started as a way for website owners to earn more money, cybercriminals have now jumped on the bandwagon. In addition to adding these scripts to their own malicious web pages, they hack into legitimate sites and insert the scripts in them.

Although cryptojacking is not used to steal data from computers or extort money from their owners, it can be detrimental to businesses. The extra load on the processors can make the computers sluggish, which can hurt productivity. It can also cause processors to overheat, which might lead to computers freezing or crashing. Plus, cryptojacking can result in a higher utility bill. One experiment found that it can add as much as $5 a month per computer in the United States.

Be Prepared for What 2018 Might Bring

Which of these dangers your company might face depends on many factors, such as where your customers are located and the extent to which your employees use email and web browsers. We can assess your organization and help you develop effective security and data privacy strategies to mitigate the risks.

Comment

Why You Should Take the Meltdown and Spectre Vulnerabilities Seriously

Comment

Why You Should Take the Meltdown and Spectre Vulnerabilities Seriously

IT-BLOG-Spectre.JPG

Most of the computing devices in use today have two security vulnerabilities in their chips. Learn how this situation evolved, why you should be concerned, and what you can do to protect your business’s devices.

“I need it now” is a common mindset, especially when it comes to computing devices. People want apps to respond immediately, web pages to load quickly, and messages to be delivered instantly.

To meet this need for speed, manufacturers have been designing computer chips that use advanced technologies to optimize chip performance. However, it appears that this high performance has come at a high cost to security. In January 2018, researchers revealed that they found two security vulnerabilities in most of the chips being used in computing devices today.

The vulnerabilities — dubbed Meltdown and Spectre— are not trivial. Hackers could exploit them to steal data from apps installed on a device. Even worse, they could access more sensitive data such as encryption keys and passwords.

To date, there has not been any documented cases of hackers exploiting Meltdown or Spectre. However, the serious nature of the threats and the chips’ widespread use has prompted an alert by the U.S. Computer Emergency Readiness Team (US-CERT), a division within the U.S. Department of Homeland Security. Perhaps more telling is that, despite there being no known attacks, chipmakers have been working with each other and with other companies such as Microsoft and Apple to fix the security holes.

Affected Chips, Devices, and Operating Systems

There is a long list of Intel, AMD, and ARM chips that have been confirmed to have the Meltdown and Spectre vulnerabilities. This means that most types of computing devices are susceptible, such as smartphones, tablets, desktop computers, and servers. Similarly, most operating systems are affected, including:

  • Windows

  • MacOS

  • iOS

  • Android

  • Chrome

  • Linux

All the affected chips have one thing in common — they use a technology known as speculative execution. To optimize the speed of computer processes, the affected chips speculate what data the computing device will need to perform the next task. During this process, data — including sensitive information such as passwords — is temporarily made available outside of the central processing unit (CPU). Hackers could potentially access the exposed data by exploiting the Meltdown and Spectre vulnerabilities.

While speculative execution is at the heart of both vulnerabilities, Meltdown and Spectre are found in different areas of the chip. Meltdown exists in the chip’s software. If exploited, hackers could access higher-privileged parts of a device’s memory. Spectre exists in the chip’s architecture. Hackers could take advantage of this weakness to steal data from the memory of any app running on the device. Researchers found that they could exploit both Meltdown and Spectre by running a malicious JavaScript file in devices’ web browsers.

How to Protect Your Business’s Devices

 The best way to protect your business’s devices from Meltdown- and Spectre-based attacks is updating them. Chipmakers and other affected manufacturers (e.g., Microsoft, Apple) were notified about these vulnerabilities in mid-2017 to give them time to create the necessary patches before information about the weaknesses was officially released. As a result, many patches are already available.

You will need to make sure that the hardware and software of each device is updated. This includes firmware, operating system, and web browser patches, some of which might need to be manually installed. If you have Windows computers that are running third-party antivirus programs, those apps might need to be updated before any of the other patches can be applied.

There are two important points to keep in mind regarding these updates:

  • The patches will likely do a good job at mitigating the Meltdown threat because it is a software-based weakness. However, some analysts are not as confident that the Spectre patches will work well because that vulnerability exists in the chip’s architecture. They fear that a chip redesign might necessary to eliminate the problem. Only time will tell if the Spectre patches will work.

  • The updates will likely slow down your devices’ processing speed. The extent of the slowdown will depend on many factors, such as a device’s operating system, the size of the workloads being run, and the chip’s model and age. In general, devices with higher workloads, older chips, and older operating systems will see greater hits in performance.

Another way you can help protect your business is to provide employee training. To exploit the Meltdown and Spectre vulnerabilities, malicious code needs to be installed on a device. Cybercriminals often use phishing emails for this purpose. Thus, it is important to let employees know about the dangers of clicking links and opening attachments in emails.

Even if you had this discussion with your staff already, it would be a good time for a refresher. In the meeting, you can warn them about the possibility of getting phishing emails urging them to install a Meltdown and Spectre patch on their computers. If they fall for this ruse, they will likely be installing malware.

The Stakes Are High

There is a good chance that every computing device in your business has the Meltdown and Spectre vulnerabilities designed into their chips. Since exploitation of these weakness could lead to highly sensitive data being stolen, it is important to update your devices. We can help you determine the updates needed based on the devices’ chip types and take care of any patches that need to be manually installed.

Comment

What Keeps Us Up at Night

Comment

What Keeps Us Up at Night

2017 will be the year we remember the large number of coordinated network attacks across all sectors of business. Ransomware like Wannacry, NotPetya, and Bad Rabbit led the assault. But there are other infections taking hold as well without detection, and are hiding in plain sight. 

Comment

The Value of Proactive IT Support

Comment

The Value of Proactive IT Support

GOLD.JPG

 When we walk into a potential client’s office, there are 4 specific things we look at. What is the cost of downtime for the client? How much is this currently costing the organization each month? How many hours is the staff losing due to inefficient IT systems each month? What is your average per hour salary cost? When we look at these items together, we get a true picture of what the company is "bleeding" out in IT dollars. When I ask the question "How much do you currently pay each year in IT costs?", the answer varies but it’s always a much smaller amount than the real number which can be staggering. 

     The fact is, business owners only see a very small percentage of what they think they are paying in IT "costs", when they are only seeing the tip of what may be a very large iceberg under the water. What is not taken under consideration most often is the cost of "vendor management". For example, in a CPA firm you rely on QuickBooks as your line of business software - and usually one of your accountants is on the phone with support when something goes wrong. The same can be said with a medical practice that relies on electronic medical records database programs. When the database goes haywire and the nurses and providers can't enter in patient data, it's usually the office administrator that's on the phone with support trying to get a technician to remote in and fix the issue. The problem with these scenarios and many others like them, is that these employees are now tied up doing something that is not their primary job. The owner is paying for all of this while nothing they need these employees to be doing gets done. Every moment these employees are detained doing something other than their primary function is money out the window.

     Executives, CEO's, Office Managers and office workers all have important tasks to complete during the work day. We have all been there at one point or another. You are trying to get something out the door to your client or your supervisor, but it seems like everything on your computer is crawling at a snail’s pace. Nothing makes you want to rip out all your hair like a slow machine, and that aggravating little blue "spinning doughnut" in Windows. As we all know time is money and when you have 10 machines that are all in that kind of shape, you will lose both.

    When we look at the current hardware supporting a business, we look at what software and functions it's supporting. We look at the age of the systems, processors, memory, hard drives, anti-virus programs etc. What we look for is "bottlenecks" in performance, weaknesses in the current infrastructure that lead to down time. Inefficient IT systems, poorly maintained workstations and servers, and malware infections all lead to down time which equals money lost. A business that has a gross revenue of $1,500,000 per year with 9 employees, and an average down time of 3 hours per year can lose over $10,000 in lost productivity. This number is before you add in any outsourced IT support costs. Almost all the lost revenue from down time is preventable by using the type of proactive IT support that Cardinal Technology Solutions (CTS) provides. Proper preventative and proactive measures deployed on a network can almost eliminate down time entirely.

     At Cardinal Technology Solutions (CTS, Inc.) we have saved all our clients not only time but most importantly money with our management techniques. A recent study of one of our largest clients revealed an annual savings of over $45,000 per year, and a 99.6% uptime ratio. This is a direct result of how we proactively manage their IT infrastructure. We enhance performance where we see the need, either by making changes to existing hardware and software - or replacing it if need be. We actively manage the environment in real time, and prevent issues from impacting business operations. Put simply - we sell "up time" because that’s the only thing that matters to our client’s bottom line. Your business network powers everything that you do, you rely on it every day to work so that you can grow your business. And we will be there every day to ensure that happens. The support CTS provides our clients empowers them, it doesn’t impact them. The next time you look at the cost of an IT support firm, ask yourself - is it a cost, or a savings?

Comment

7 Ways You Might Be Sabotaging Your Productivity When Working on Your Computer

Comment

7 Ways You Might Be Sabotaging Your Productivity When Working on Your Computer

IT Blog

 

You sit down at your computer to complete a quick task, but what should have taken only a few minutes takes much longer. Sound familiar? If it occurs often, you might be sabotaging your productivity without realizing it. Bad habits, old technology, and not taking advantage of your applications' features can eat away your workday a minute at a time.

Here are seven ways you might be hurting your productivity and what you can do about each of them:

1. Immediately Reading Each Email That Arrives in Your Inbox

Immediately reading each email when it arrives can hurt your productivity, especially if you get a lot of emails. Although it might not take you that long to read an email, it disrupts your concentration. A better approach is to set aside a block of time once or twice a day to go through all your emails.

2. Not Disabling Notifications

To avoid the temptation of reading emails as they come in, you should turn off email notifications. Even if you are able to resist the urge to look at an incoming email, seeing the notification pop up or hearing an audio alert can be distracting in and of itself.

Notifications for social media and newsfeed updates can also divert your attention. Silence your mobile devices and turn off notifications on your work computer to eliminate these distractions.

3. Manually Performing Tasks When There Are Better Alternatives

You might be wasting valuable time if you are not taking advantage of your applications' features. Business applications often have features that handle common tasks for you. For example, most email programs let you set up filters or rules. Rather than manually sorting the emails in your Inbox, you can use filters to automatically sort your emails into folders based on criteria such as who sent them and keywords in the subject lines.

You might also be able to save time by taking advantage of free or inexpensive applications. For instance, if you often create lists or write notes, a free application like Evernote or Microsoft OneNote will make it easier for you to organize and store them for quick retrieval.

4. Not Using Keyboard Shortcuts

Sometimes time drains away a mouse movement at a time. You can gain some of that time back by using keyboard shortcuts for actions you often perform. For example, pressing Ctrl+C to copy items in Microsoft Word documents is quicker than maneuvering your pointer over the Copy button and then clicking it.

There are many online guides that tell you the keyboard shortcuts for Windows and Mac applications. The keyboard shortcuts might look intimidating, but they are straightforward. In Windows applications, they are typically represented with a plus sign. So, for instance, Ctrl+C simply means you need to press the Ctrl and C keys at the same time. In Mac apps, a hyphen is used instead of the plus sign. For example, Command-C means you press the Command and C keys simultaneously to copy items.

5. Putting Up with a Slow Internet Connection

If you regularly use the Internet for work and your Internet connection is slow, you probably waste a good deal of time staring at your computer screen, waiting for a web page to load or a file to transfer. Many issues can cause a slow connection, including an incorrectly configured router, old hardware, or malware that is secretly using your Internet bandwidth. Your IT service provider can help you determine why your connection is slow. If they find that the problem lies with your Internet service provider, you might consider getting a new one.

6. Using a Small Computer Monitor

A small computer monitor can hurt your eyes and your productivity. Having a large computer monitor (or dual monitors) can make you more efficient in two ways. First, you will be able view more on your screen, which means you will have to scroll less. Second, you can have multiple windows open and readable at the same time on the screen. This makes it easier to copy and paste between documents, for example.

7. Working at Your Desk for Hours on End

Although it might seem counterintuitive, working nonstop at your desk for hours at a time is not conducive to high productivity. It is important to periodically get up and walk around for a few minutes. This will reinvigorate you both mentally and physically, which will improve your productivity.

Comment

Cyber Attack Gone Global - Again. Here's What We Know

Comment

Cyber Attack Gone Global - Again. Here's What We Know

Cyber Attack

     

Another cyber-attack has swept over the world again today, starting in the Ukraine and quickly moved across Europe and into the United States. The virus is like the WannaCry ransom ware that infected more than 300,000 computers worldwide last month. It also displays links and characteristics indicating that it may have been derived again from the "Eternal Blue" program, widely believed to have been stolen from the NSA. It encrypts all the files on your hard drive or overwrites them silently, and renders most computer systems useless once completed. Banks, medical facilities, credit lenders, ATM machines, and point of sales computers are just a few of the early victims that were reporting the attack as of 12 PM EST. Heritage Valley Health System in Pennsylvania reported the attack early today (Tuesday), and according to local media reports in their area was completely shut down. The largest advertising firm in the world WPP was infected, employees were told to shut down their computers and the building and work "is at a standstill".

What Has Changed:

     We know now that the virus / ransom ware last month had a weakness that was discovered by a British security researcher. By registering the website that was being used and taking control of it, the attack last month was effectively slowed down. It was hailed as the "kill switch" for the WannaCry attack. The attack that has emerged today (June 27th) does not appear to have a "kill switch". Also, this attack seems to have started from Email with infected PDF and Word file attachments. The WannaCry outbreak largely relied on the Microsoft implementation of the SMB (server message block) protocol, for which a security patch was released in March 2017. 

How to Protect Yourself:

     First and foremost, ensure that you and your employees do not open any unsolicited or "suspicious" looking email especially ones that contain attachments. If you don't know who it’s from or you are unsure about any part of an email sent to you, contact your IT department or personnel without opening it so that they can review it. Do not open it, forward it, or click on any links or attachments contained in the email.

     Make sure that your workstations and servers are completely patched and up to date with the latest security updates from Microsoft, and also third-party vendors like Adobe Flash. Microsoft released an update that effectively blocked the WannaCry virus in March 2017. But because companies are simply not keeping up with security patches (among other things) it went rampant. Keep your systems patched, and if you can't do it on your own then you need to hire a firm that will ensure this happens.

     Ensure that you have an industrial firewall with digital defense systems in place. CTS recommends SonicWALL firewalls. If you have a firewall in place that has Intrusion Prevention Systems, Gateway Anti-virus, and Gateway Anti-malware with effective screening rules in place you will save yourself a lot of grief.

     Have an effective Anti-virus in place system wide that is updated and running. Anti-virus alone will not protect you. Only 4 in 61 antivirus systems detected the attack on systems today, and by detected I mean it was too late. Anti-virus is meant to be part of your layered defense system, not an impervious shield against everything. 

     Use web filtering systems as part of your defense. A good web filter will stop users from unintentionally going to malware or malicious sites. And it can be used to block a host of other threats including phishing websites that may also be spreading the latest outbreak. 

     If you have these layered systems in place, and you know that your workstations and servers are patched with the latest updates you have a good chance of getting through this unscathed. If you have questions or concerns about the status of your network, please call us today. We will come onsite and do a free evaluation and consultation with you of your network

 

 

Comment

Europe Under Siege by Virus Attack Again

Comment

Europe Under Siege by Virus Attack Again

Apparently a new ransomware attack is spreading across Europe today, similar to the Wannacry attack last month. The situation is still developing but we are monitoring and relay any information we can as the details become more clear. Right now according to The Verge website, banks, telecom, airports, point of sale terminals and ATM systems have been brought down. It is a form of the Petrwrap virus (Petya ransomware). It is unclear still how it is spreading. As soon as we are aware of any protective measures that you may need to take we will be posting them here and in other places. Be wary of email communications and clicking on links you do not trust as always. Its likely that this infection is using one or the other. Only 4 out of 61 antivirus services have been able to detect this virus as of this morning. More to come...

Comment

How to Keep Your Business Network Secure

Comment

How to Keep Your Business Network Secure

IT Blog

How secure is your company's network? Protecting your information assets is one of the most important steps you can take toward long-term stability. Smart companies take a multifaceted approach to IT security, building layers of defense between themselves and hackers.

Here are four steps you can take to safeguard your company's most important assets.

Network firewall

The most basic line of defense against network intruders is the firewall. Consumer-grade routers use Network Address Translation (NAT) to address the problem of limited IPv4 routable addresses. Companies have several options for implementing firewalls.

DMZs (demilitarized zones) are a popular choice these days. In this setup, Internet-facing servers are placed within the DMZ so that they are encumbered by fewer restrictions and less monitoring than the internal corporate network.

At a minimum, an effective firewall should offer packet filter technology, which allows or denies data packets based on established rules that relate to the type of data packet and its source and destination address. CTS recommends using SonicWALL an industrial grade firewall for all small businesses, as these provide a multitude of digital defense systems needed to help prevent attacks like the WannaCry outbreak.

Malware detection

The next line of defense to check off your list should be a solid program for malware detection. Performing a malware scan on client devices relies on the processing capabilities of individual devices to check for threats. But, business-centric versions feature some form of central management used to push out new definition updates and implement security policies.

Most malware problems result from user action, so the typical anti-malware package has evolved into comprehensive suites that offer protection against multiple threat vectors. These packages may include a component to scrutinize a URL link prior to launching it, or a browser plug-in that checks file attachments prior to opening them.

Virtual Private Network

In today's mobile world, employees need to access company resources from remote locations that may not be secure (for example, public Wi-Fi hotspots). These workers can benefit from a virtual private network (VPN) connection to protect their network access. VPNs channel all network traffic through an encrypted tunnel back to the safe corporate network.

However, a VPN can be complex to deploy, and it is costly to support due to the overheads of processing and bandwidth. And, stolen or lost company laptops with preconfigured VPN settings can serve as potential gateways for intruders.

IDS and IPS

Finally, a thorough security strategy requires both an intrusion detection system (IDS) and an intrusion prevention system (IPS). An IDS involves monitoring traffic for suspicious activities that show that the company network has been compromised. For example, an IDS may detect port scans originating from within the network of multiple failed attempts to log into a server.

An IPS is typically deployed in-line to actively prevent or block intrusions as they are detected. For example, a specific IP address can be automatically blocked, with an alarm sent to the administrator when an attempt is made. Again a SonicWALL firewall is capable and designed to do this and is recommended as part of your overall defense strategy. 

These are just some of the steps you can take to safeguard your company's network. Other security options for businesses exist including 24/7 monitoring and safety checks for workstations and servers, but the previous four measures are a good starting point for keeping your network secure.

Comment

Why Businesses Are Still Suffering from Exploits Like WannaCry

Comment

Why Businesses Are Still Suffering from Exploits Like WannaCry

     As the largest Internet attack recorded in history unfolded last week, I was left with the same question I keep asking myself every time this happens. Why haven't business leaders learned anything? As of May 18th, more than 200,000 computers were affected in 150 counties and another 800,000 attacks were tracked and intercepted according to SonicWALL. The how and why this attack was even possible is long, and deep rooted in years of flawed security practices and procedures. It is speculated that part of the exploit can be attributed to a large cache of NSA documents leaked onto the Internet from a group called the "Shadow Brokers", a hacking group that somehow obtained the NSA documents and programs like Eternalblue and used them as part of the WannaCry outbreak of last week. What followed was a blood bath for any business, large or small that had any systems that were un-patched. Many thousands of business machines were rendered useless, their data encrypted, servers, workstations, databases, all destroyed in hours. Hospitals around the globe were infected as well, rendering X-RAY machines, MRI systems, and EMR systems useless. 

     I have been in the IT industry for over 20 years, and every time this happens I am just at a loss for why business leaders continue to bury their collective heads in the sand. This is not the usual wake up call, its a slap in the face. Wake up. Your business is a target, and a valuable one at that. This attack was only successful for 5 reasons, and they are the same 5 preventable reasons that have been around for years now.

  • Your Windows systems were not patched on a regular basis

  • You don't have monitored and tested backup systems

  • You use older Windows systems and technology (like XP of VISTA)

  • You don't have a firewall with proper IPS (intrusion prevention system) and rules / filters set up

  • You do not have proper anti-virus that is installed updated and active

     This is the case over and over again, yet not many SMB's seem to learn. Your business network powers everything that you do, and some of those systems not running literally can mean life and death in the case of hospitals that were affected - not to mention the death of your company. An IT network is a complex system not unlike a clock, that needs constant oversight and maintenance to run well. You need managed IT and proactive IT services, to ensure that your business network is well maintained and protected. This is a call to arms, and maybe if you made it through unscathed - your last chance. Don't think because you made it through without having done anything proactively to defend yourself beforehand that you are safe, you were just lucky. As a good friend of mine said the other day, the time will come when luck will only go so far. Having proper oversight, maintenance and patching of your Windows systems and networks is not an option, it's a must and may now be a legal responsibility for you as well. You have to know beyond a shadow of a doubt that you have done everything in your power to protect yourself, your employees, and most importantly your clients. I'm including a link to our document on defending yourself from Internet threats. Download it - read it - and take action now. It may just save you from the next wave of attacks, which I assure you is coming and with greater destruction.

http://www.cardinaltek.com/9ways

To learn more about Cardinal Technology Solutions, Inc. visit us online at WWW.CARDINALTEK.COM or call us at 540-431-4161

Comment

5 Ways to Declutter Your Hard Disk

Comment

5 Ways to Declutter Your Hard Disk

As businesses grow, so do the number of files they generate. Presentations, proposals, correspondence, contracts, spreadsheets, and other types of business documents can quickly accumulate and fill up a hard disk. Fortunately, freeing up disk space on Windows computers is relatively easy.

Comment