Blog

February 18th, 2015

Security_Feb18_BWe have become acclimatized to ever-present threats to the security of the information and files we share and store online. But we all still want our data to be as secure as possible and, following high-profile breaches such as the celebrity photo leaks of 2014, if anything the issue of online security is even more prominent in our minds. Since those leaks took place, the security of Apple platforms has in particular been the subject of public scrutiny - it is therefore good news that Apple has now extended its two-step authentication feature to popular applications FaceTime and iMessage.

After the fall-out from the celebrity photo leaks, Apple extended the two-step authentication process (also known as two-step verification) to iCloud, the online storage platform at the center of the scandal. The feature was initially introduced only to the user IDs for access to Apple accounts; the motivation for the launch of that extra security measure was the hacking of a journalist’s data back in 2013. But what is two-step authentication and how does it work to protect your data?

The premise behind two-step authentication, which experts recommend all businesses implement as part of their security strategy, is actually pretty simple. Usernames and passwords are all too easily stolen by malicious parties, whether by phishing emails or a more sophisticated hacking attack. So, rather than typing just your username and password to access your account, the password is teamed up with a four-digit verification code which is newly and uniquely generated each time you attempt to access your account.

The verification code is delivered by text message (meaning that to use the two-step verification feature, you’ll need to have a cellphone to receive the SMS on). As a result, even if a hacker manages to get hold of your password, unless they also have your phone by their side then they won’t be getting into your account. This authentication method is already used by organizations around the world including banks, mobile service providers and other companies who recognize the added layer of security that it brings. And now you can give yourself the same level of protection to ensure that only you can FaceTime your family and send iMessages to your friends.

Fear not, there’s a backup plan to ensure that you can still access your accounts if you happen to forget your password or if something happens to your phone so you can longer receive authentication codes. Apple also provides you with a 14-character recovery key that will get you back in if all else fails. To enable two-step authentication for your FaceTime and iMessage applications, login to your Apple ID account, select Password and Security and then click Get Started under Two-Step Verification.

To find out more about using two-step verification and other security measures to protect your business, contact us today.

Published with permission from TechAdvisory.org. Source.

Topic Security
February 13th, 2015

BC_164_BDisasters, whether man-made or natural, can happen to anyone. While most people will admit this, a lot of us still have the mindset of “it won’t happen to me.” However, according to one study, storms and extreme weather alone have personally affected one-third of small business owners. And that doesn’t include other disasters such as earthquakes, fires or theft. So if you don’t want your business disrupted in the event of a catastrophe, it’s time to prepare for the worst. Here are a few ideas to get started with a business continuity plan that will ensure you are ready.

The difference between disaster recovery and business continuity

While it’s easy to overlook the differences between a disaster recovery and business continuity plan, there are actually some key variations you should be aware of.

Disaster recovery is the restoration of business operations and IT infrastructure after a disaster has already occurred. Business continuity, on the other hand, is focused on maintaining business operations and profits throughout a disaster. While disaster recovery is mainly focused on the slice of time immediately following a disaster (how you replace your equipment and restore IT infrastructure asap), business continuity looks at the bigger picture - the continuity of the company as a whole. It ensures you can run your business and maintain profits during the process of recovering from a catastrophe. It generally includes a disaster recovery plan as part of it.

Creating your business continuity plan

The first step in creating your plan is to identify which of your IT assets are vulnerable to disaster. To do this, you need to ask yourself some important questions, starting with what might happen if you were to lose the functionality of a specific asset for a day, a week or even longer. Answering this question will help you identify your most critical IT assets; the ones that are integral to your business operations.

Here are some other important questions to ask when drafting your business continuity plan:

  • What is the purpose of my business continuity plan?
  • What disasters can affect my IT infrastructure?
  • What are my key business areas?
  • Which different business areas, assets and departments depend on each other?
  • What is the longest amount of time I can go without functionality of IT assets?
Once you can answer these, it’s time to start planning. Write down your thoughts, and then contact an IT provider like us for assistance. We’ve helped countless businesses just like yours prepare themselves in order to remain operational throughout catastrophes. We can also help you identify potential problems that you may not have thought of.

Need help creating your business continuity plan? Contact us today to see how we can help you stay running and turning profits when disaster hits.

Published with permission from TechAdvisory.org. Source.

February 12th, 2015

SocialMedia_Feb12_BIf you thought your Facebook feed already contained enough pictures of funny cats and other wacky memes, then you’re in for a treat. Fueled by increasing consumer concern about the impact of social media usage on individual privacy - which has already led to the growth of self-destructing image sharing apps like Snapchat - a new arrival on the app scene wants to take things in a different direction to guarantee your privacy. Its secret tool? Cat photos - specifically, bombarding Facebook with lots and lots of them.

But there is more to it than that: the team behind social messaging app Wickr aren’t looking to post images of our furry friends just for the fun of it. In fact, the feline factor is just one feature of the app, known as the Wickr Timed Feed. Wickr actually promises to offer greater security and privacy controls than similar apps like Snapchat - but whereas Snapchat simply lets you set your images to self-destruct once they have been seen by the recipient, Wickr takes an alternative approach.

As well as allowing only pre-approved friends to see your photos within your Wickr feed, the app lets you share each photo through Facebook and control which of your friends can see it. So where do the cats come in? Well, when you first share to Facebook, no-one will see your photo - instead, they’ll see a decoy image of a funky-looking cat. However, Facebook users then have the option to click through to Wickr and, if they are one of up to 151 people you have pre-approved to have access to your real photo, it will be unlocked and the cat will disappear - at least, until the photo automatically self-destructs 24 hours later, as do images on your feed in the Wickr app itself.

If it all sounds a bit like security overkill, then that’s probably because it is. Sharing Wickr photos to Facebook also sounds a little cumbersome, and even more so the process for unlocking a cat-guarded photo, and this could have an adverse effect on widespread take-up of the feature. But it does address genuine concerns surrounding the far and often uncontrollable reach of images and information we post online. What’s more, it appears to be a way to prevent Facebook from claiming ownership of the photos we upload - as much a concern for professional photographers and companies using Facebook for marketing purposes, as for individuals using the platform to keep in touch with friends. Wickr claims that, because the cat photo is all that will be publicly visible unless the bona fide picture is unlocked, that will be the only thing to which the social network could claim to have ownership or reproduction rights.

Whether it catches on or not, the emergence of apps like Wickr is telling of the growing pressure for the usability of social media networks to be balanced with protection for their users’ privacy. It acts as a reminder to businesses to be aware both of potential issues with usage rights for corporate images shared online, and of the need to keep consumer concerns about data misuse in mind when designing social media marketing strategies.

To learn more about how to effectively put social media to work for your business, get in touch with us today.

Published with permission from TechAdvisory.org. Source.

Topic Social Media
February 10th, 2015

Virtualization_B_164Virtualization...the very sound of the word may have you excited about the new opportunities it holds, or your heart pounding in fear of a foreign technology that sounds far too scary. Whatever the case, virtualization isn’t going anywhere. Thousands of businesses are taking advantage of its ability to cut costs and free up office space. If you’re thinking about taking your first step into the exciting world of virtualization, read on. We have some tips that will make the transition easier.

The key to successful virtualization is to not virtualize too much too quickly. Choose one or two items you’d like to test out, and then give it a go. By only focusing on virtualizing a few assets, you’ll be able to accurately measure how much your business is benefiting from virtualization.

Once you’ve decided to make the jump into virtualization, here are a few tips to keep in mind.

Don’t virtualize for the sake of virtualizing

If you have 20 PCs running on an older operating system, but they are still producing results you’re happy with, it may be best to save your money and hold off on virtualization until you really have a need for it.

On the other hand, if you’ve been thinking about buying a new server, it may be smarter to consider getting a virtual server instead since the need is already there.

Understand the risks and challenges of virtualizing individual assets

Server, desktop and application vendors have unique and evolving licensing rules concerning virtualization. With vendor licensing audits becoming more and more frequent, you may be in for a major financial penalty if you’re not following the rules.

It’s been reported that one company saved $4 million in hardware expenses through virtualization. However, they lost $52 million for not remaining in compliance with the software licenses.

Try virtualizing more than one asset

If you start out only virtualizing your server and it doesn’t show immediate benefits, that doesn’t mean you should just give up on virtualization completely. The fact of the matter is that virtualization does save businesses millions of dollars every year in IT expenses, giving them a productivity boost in the process.

You can virtualize many physical assets of your business besides servers. This includes applications, laptop hardware, operating systems and more. All the virtualization process does is deliver these assets to you via the internet instead of having the physical product in your office. So if the server virtualization doesn’t work for you, maybe virtualizing another asset will.

Or it could simply be that your IT service provider is the real problem. Maybe you haven’t found the right virtualization vendor that works best for your business. The only way you’ll ever find out is if you don’t give up the first time you encounter a failure.

For more information about virtualization and how to effectively integrate it into your business, contact us today.

Published with permission from TechAdvisory.org. Source.

February 6th, 2015

BusinessValue_Feb6_BNowadays, the advancements of mobile technology emphasize just how crucial mobile marketing is in boosting any company’s profitability. People are increasingly using smartphone devices for everyday tasks, from checking the time to making online payments. As a small business owner, you might want to adjust accordingly, and jump into the whole mobile approach to reach a wider audience. To get you started, here are four tips to promote your business on mobile devices.

Use QR codes

As far as mobile marketing tools go, QR coding is among one of the most powerful. With QR codes you can set up announcements about special events, coupons, newsletters, updates on your latest products, etc. Your potential customers can simply scan the QR code with their mobile devices and see what you have to offer.

The real benefit of QR codes is they can be put virtually anywhere to lead people anywhere online. Imagine putting a QR code on a T-shirt and having it lead to an online coupon for special deals. While the possibilities for placing QR codes are endless, it’s probably not very useful to put them somewhere that doesn’t make sense, like on a street billboard; people can’t scan your QR code while they’re driving.

Buy Facebook mobile ads

Facebook currently has over 700 million active mobile users. Even if that number’s not increasing at the moment, it’s still huge. Many businesses that are competing online have a Facebook page and advertising plans already. But with the majority of mobile visitors on Facebook, all your content and ads should be easy to read and engage with.

Facebook mobile ads display better than normal ads on the right column on Facebook’s news feed. If you don’t make use of this feature, you might be missing out on a large audience.

Make your website responsive

Back in the old days all websites were static, meaning that content was fixed unless you edited the HTML files. Later came the dynamic website, where content was changeable once you refreshed a web page. Now we have responsive websites, which conveniently adjust themselves to different browser sizes or a mobile device’s screen size.

Responsive websites are the future of the web. Imagine how high the bounce rate is likely to be if a potential buyer visits your website on a mobile device, scrolls around to read your content with difficulty, gives it up as a bad job and finds your competitor’s website that is mobile-friendly. That’s why your business website is better off on a responsive design.

Mobilize your E-mail

There are many up and coming marketing tools, but email is still one of the best ways to get great results for businesses. As with Facebook, most people check their emails on a smartphone or tablet. Make sure your message reads well on mobile devices, or your customers might ignore and delete it or, even worse, unsubscribe from future emails.

There are plenty of mobile marketing tools out there. Before implementing them get in touch with us to find the best solution that works for your business.

Published with permission from TechAdvisory.org. Source.

February 4th, 2015

BI_Feb4_BWe’re all familiar with Excel. It’s safe to say that it’s a great tool for tracking data. But what if there was a way to keep track of information from not only Excel, but a multitude of frequently used applications and services? And what if you could find this information by typing a simple phrase such as, “sales for [new product name here] 2014”? Microsoft has made this possibility a reality. And not only may it help save your business time, but it’s also free.

What is Power BI?

Power BI is a Cloud service which mainly functions as a self-service data analysis tool. What makes it unique is its use of advanced visualization options (graphs, charts, etc.) and the ability to find data by using natural language to ask questions and get answers. For example, you can simply type, “which department had the lowest sales profits last month?” and then get a chart that will visually display the sales from the different departments.

Another distinct characteristic of Power BI is its ability to collect and analyze data from various applications and services. These include Salesforce.com, Marketo, Excel, Zendesk and more.

And lastly, being a Cloud based service, the data is easily shareable, and employees can access it whether they’re in the office or on another continent.

Do I really need data analysis for my business?

It’s easier to get ahead of the competition if you know where you’ve been. With knowledge of your past failings or successes, you’ll know what methods and strategies are working and which ones aren’t. Then you can make appropriate business decisions based on facts and not assumptions.

For some, Excel may give you the ability to track all the Business Intelligence you desire - if the data you need is relatively simple and is kept all in one place. But if you have large amounts of data over various applications, then a product like Power BI can be a huge time saver since you won’t have to waste hours finding and organizing it.

If Power BI is so awesome, why is it free?

Power BI comes in two versions: the free one and a pro version for $9.99 a month. The pro version will feature more support for streaming data, quicker scheduled data refresh, and more storage. But light to medium data analysis users will still gain much from the free version.

Likely the real reason for the free version of Power BI is to capture market share from Tableau software, which currently dominates the self-service analytics market. Microsoft appears to be trying to create a simpler data analytic system that will be less complex than Tableau and more appealing to non-tech users.

And once they get sign-ups, Microsoft can then use this as a gateway to sell other Microsoft business products.

Want to discover how Microsoft’s Power BI or other Business Intelligence products can give your business an edge? Contact us today to see how we can help.

Published with permission from TechAdvisory.org. Source.

January 29th, 2015

Security_Jan28_BMost of us have suffered the horrors of a computer virus at some point, and we know the damage that can be caused by these security infections. Our work gets disrupted as IT systems go down and, if we’re really unlucky, sensitive and valuable data might be lost or even leaked. But there’s a silver lining to most viruses, worms and other such malware, in that they can at least be tracked down and removed. Well, not always - enter the invisible Poweliks, which even your most sophisticated anti-virus software might not be able to protect you against. So, what do you need to know and how can you protect yourself?

What is Poweliks?

Security firm Symantec describes Poweliks as a trojan horse that performs malicious activities on the compromised computer. But it’s no ordinary trojan - unlike the majority, which infect your computer with malicious files, Poweliks is a silent and invisible threat that hides away in the memory registry of your system. It’s not entirely new for a virus to seek to cover its tracks by making itself "file-less" but, in contrast with Poweliks, most are wiped when you restart your computer and its memory is cleared. Worse still, Poweliks hijacks the legitimate processes and applications running on your network, inserting its code into them where it can largely evade detection.

First discovered back in August 2014, Poweliks has therefore created something of a headache for firms behind conventional security solutions like anti-virus software. Symantec and others have admittedly managed a number of updates to their protection in response to the threat posed by Poweliks. But although very minor records of the presence of the trojan are left behind by way, for instance, of registry logs, the signs of its destructive presence are much lower key than the computer world is used to, meaning Poweliks is unlikely to show up on most system scans.

Poweliks has links to Kazakhstan, the home of two servers the malware connects to once it is up and running from within your computer. The servers in Kazakhstan then send commands to the bug to tell it what to do next. In theory, this then makes way for the tool to be used to download other undesirable programs that could infect your system without your knowledge. It could equally be used to steal and disseminate data from your network.

How can I best protect myself?

As well as the anti-virus updates that have gradually been released - but which are still likely to have only a limited impact on threats of this type compared with those of the past - a number of Poweliks removal guides are now available online. Nevertheless, prevention as ever, remains better than cure. One method reported to have been employed in the distribution of the Poweliks infection is embedding it in a Microsoft Word document, which is then sent as an attachment to spam emails, and which the attackers hope your curiosity will lead you to open. Among the senders that these spam messages have masqueraded as being from are the United States Postal Service and Canada Post. Of course the best advice remains to be suspicious of any and every email attachment you open, particularly if you weren’t expecting mail or it's from someone you don’t know.

Should I be concerned?

In fact, revisiting your everyday security precautions is probably pretty good advice all round, since experts predict that this type of threat is likely to become ever more common as attackers seek to exploit the techniques of Poweliks in order for their infiltration to remain unnoticed for as long as possible. Sure enough, a number of copycat threats have already been detected by security specialists as of the start of 2015.

General awareness around web sites you choose to visit is also recommendable in particular, since others have also reported the bug making its way onto their systems thanks to so-called ‘drive-by download attacks’ - whereby simply visiting a malicious web site is enough to trigger the infection, and actively downloading a file isn’t even necessary. As a result, organizations may wish to consider more comprehensive filtering of internet access, or at the very least reactive blocking of known malicious sites, in order to prevent employees from inadvertently infecting a company network.

To find out more about IT security solutions and protecting your technology from attack, contact us today.

Published with permission from TechAdvisory.org. Source.

Topic Security
January 22nd, 2015

socialmedia_Jan20_BIn today’s digital world, social media has become a vital tool that effectively helps accelerate business development and the relationship-building process between different organizations. And with solid communication being at the core of business development, let’s take a look at how social media can help drive partnering processes for the better.

In most cases, a business development manager already has an idea of the kind of company with which to partner. Their next step is to contact that company via a phone call or email. However, this can be an unreliable way to reach out, especially when your potential partner has never heard of you. Social media speeds up this process by identifying the best person to contact, as well as determining if you have any mutual connections.

Simply put, social media lets you understand the background of different companies and gives you an idea of the different players involved, before you even engage in a dialogue. With this in mind, let’s take a look at four ways you can utilize information available on social media to enhance your business development success.

  1. Social media is an extra pair of eyes Social media allows you to see first-hand what potential partners, competitors, and customers are doing, which is a major asset when it comes to your business development and performance. This can also reveal business-relationship possibilities or even warn where it is best to stay away. It’s crucial to position yourself and your company as industry experts by sharing mind-blowing content as well as highlighting recent successes.
  2. There’s no universal message in social media The way people behave and connect across different social media platforms varies, therefore it is important to adjust accordingly. For instance, you might use Twitter to promote ongoing marketing campaigns, share content, and direct customer service requests. You may use Facebook for larger marketing initiatives, such as showcasing a company’s culture and resources. It’s important to remember that there’s no universal rule to utilizing social media and that it is beneficial to be flexible. Think about what your individual goals are and work out which social media platform is the best avenue to explore.
  3. Leverage employee relationships If you’re looking to connect with an individual in a specific company, make it a habit to check and see if anyone in your company has a pre-existing relationship with that person. Social media channels like Facebook and LinkedIn make it fairly easy to spot mutual connections, so it is a good idea to get into the habit of checking. Whether you ask your colleague to help make an introduction or to arrange a meeting, a mutual connection gives you the competitive edge in effective business development.
  4. Use social media as a touchpoint Social media is not only essential to business development, but also complements other more traditional practices, such as when you’ve sent an email or voicemail to a business prospect that has gone unanswered. It’s understandable that people get so busy they can delay, forget or pass over an inquiry, but instead of passively waiting for a reply, why not make it standard practice to follow up separately via LinkedIn or other social media platforms? This way you can build additional opportunities with potential partners, increase the likelihood of a response, and even forge a future business relationship.
The fundamentals of business development are strong relationships with a partner or companies with a good reputation, who will have a positive impact on your business, such as marketing an initiative collaboratively. Social media can get this whole process started, so the next time you’re looking to contact a business prospect or potential partner, start by visiting their social media channels to get the heads up to help you in your quest.

Looking to learn more about the benefits of social media in business? Contact us today.

Published with permission from TechAdvisory.org. Source.

Topic Social Media
January 14th, 2015

Security_Jan12_BAny business can become the victim of security breaches on a mass scale, as shown by the debacle which recently eclipsed Sony and forced it to temporarily cancel the release of blockbuster movie The Interview. Beneath the dramatic headlines are lessons for small business owners everywhere in how simple errors in IT security management can have grave consequences. These tips will help prevent your firm being the next to suffer Sony’s fate.

Don’t let basic security habits slip

Our modern-day instinct tells us that the answer to potential security breaches is to install new layers of Antivirus software, firewalls and further encryption systems. While these are all worthy additions to your company’s armor of security shields, they will do little to help if good old-fashioned protective habits are allowed to slide.

Instill a disciplined, security-conscious mentality in your organization, and keep the messages simple so that staff remember and follow them. Focus on regularly changing passwords and keeping them secret, being vigilant about avoiding unexpected links in email messages, and limiting network access for the likes of external contractors to that which is absolutely necessary.

One of the ways hackers made their way into the Sony network was by tricking administrators into thinking they had a legitimate need for access: teach your staff to be careful, and praise cautiousness even if it turns out access is warranted. Encourage staff to flag up potential security lapses, and make sure they know that reports will be followed up and loopholes closed.

Take a flexible and agile approach to IT

IT changes, and so do the ways best suited to keeping it safe. This means it is vitally important to keep your IT systems up to date, and where necessary to do away with outdated practices that could leave your business technology exposed. This involves more than just ensuring that your network is running updated Antivirus software to catch the latest bugs and worms - it means staying abreast of emerging methods to mitigate potential threats from hackers worldwide.

All of this uses staff and resources that your small business might not have - which is where outsourced managed services come in. Using a managed service provider as an add-on to your own IT team can give you extra flexibility and the ability to keep abreast of industry security developments, even when you lack the time to do so yourself.

Equally, know when it is time to ditch data - think of emerging social networks like Snapchat, which set messages to self-destruct after a set time, as your cue to make your data retention policy less permanent, particularly in relation to email. If you no longer have a business need or a regulatory requirement to retain information, then delete it - in the process you can limit the possible damage even if the worst should occur and you fall victim to an external attack.

Backup, backup, backup

The last thing you want in the event of a security breach is for it to hit your day-to-day operations - the potential damage caused by the hack itself is likely to give you enough to worry about. But that is exactly the situation Sony found itself in after its latest hack, with its email system down and staff forced to return to the days of pen, paper and even the fax machine.

As well as ensuring alternative means of communication remain open to your business in the aftermath of a possible attack, it is also vital to make sure that you retain access to the information most critical to your work. Regular, secured backups help ensure that, whatever happens, the show is able to go on and your firm’s productivity and revenue are not unduly hit. Engaging professionals to undertake your backups on a managed service basis also means this can happen routinely and without fail, while you stay focused on running your business.

Want to learn more about how to reduce your IT network’s vulnerability to attack? Get in touch with us today.

Published with permission from TechAdvisory.org. Source.

Topic Security
December 31st, 2014

security_dec24_BTake some time and research how companies are hacked and you will quickly come to realize that there are a wide variety of methods at a hackers disposal. One of the increasingly common, and effective strategies being employed is spear phishing. In early December 2014, a new spear phishing attack was uncovered, one that has proven to be quite effective against large businesses, and could possibly target small companies as well.

What is spear phishing?

Spear phishing is an advanced form of phishing where attackers troll the Internet for relevant information about you and then create a personalized email that is sent to you. This email is usually developed so that it appears to be coming from a friend or trusted partner and contains links to a site or program that can initiate an attack or steal information.

More often than not, these links are to websites where you enter account information, passwords, and even bank account details, or any other personal information which can be used to break into computers and even steal your identity.

What is this latest spear phishing attack?

This new form of spear phishing, being carried out by an organization who calls themselves FIN4, has actually been around since as early as mid 2013. When they attack Wall Street listed companies they are doing so to steal valuable plans and insider information.

What we know is that they send highly savvy and targeted emails to people at a company, trying to harvest Microsoft Outlook account information. Once they have this crucial data they then target others inside, or connected to, the organization, with the same email, while also injecting the code into ongoing messages. This method can spread the attack quickly, leading to a potentially massive security breach.

In the email examples of this phishing threat, the attackers write mainly about mergers and other highly valuable information. They also include a link to a forum to discuss the issues raised further. These emails come from people the recipient already knows, and the link is to a site that asks them to enter their Outlook account and password before gaining access. When this information is entered, it is captured by the attacker and used to launch more attacks.

What can we do to protect our systems?

From what we know, this attack is being carried out largely against law firms, finance companies, and other large organizations. While this discounts many small businesses, there is a good chance that the attackers will turn to small businesses operating with larger companies at some point.

Because this is an email-based attack, you need to be extra vigilant when opening all emails. Be sure to look at the sender's address, and read the body of the email carefully. While hackers generally have good English skills, they aren't fully fluent, which means you will notice small mistakes. Also, keep in mind previous emails sent by the recipient. If the tone and style is off, then the email may be fake.

It is important to always look carefully at all links in email messages. If a link looks suspicious, then ask the recipient for more information or to tell you where the link goes. If you come across any site asking you to enter account information, be extra careful. Look at the URL address in your browser, if it doesn't sat HTTPS:// before the address, then it may be a good idea to avoid this.

If you have any questions on spear phishing and how you can prevent it, contact us today to see how we can protect your business.

Published with permission from TechAdvisory.org. Source.

Topic Security