Blog

June 23rd, 2017

The benefits of Office 365 have totally changed the way most businesses operate, and it’s hard to believe anything else could have been added to make it even better. But lo and behold, Microsoft has added another excellent feature for getting a better return on your productivity software investment.

What is Power BI?

Released in the spring of 2016, Power BI is Microsoft’s business analytics platform. Regardless of whether or not data is stored within a Microsoft platform, connecting Power BI to a database allows you to create detailed graphs, charts, maps, and more. For example, if you upload sales records, dragging and dropping two columns is all it takes to map out where your product sees the most demand.

Recently, Microsoft announced a brand new feature for business owners who want to get more value out of their software subscriptions. The Office 365 adoption content pack collects information about how your employees use Microsoft productivity software, and feeds it directly into Power BI’s analytics. There are four types of insights you can work with:

Adoption

These metrics give you visibility into how much each O365 platform is being used. You may be paying for OneDrive accounts for the entire organization, only for Power BI to reveal that less than a quarter of your team is using it. Compare enabled users and active users to get a clearer picture of your investments.

Communication

You can also see exactly how employees are using communication solutions. If nearly everyone on the team is accessing Skype for Business from a mobile data connection, it might be time to reduce your investments in cellular-based minutes.

Collaboration

Microsoft has several collaboration platforms, and without proper guidance, employees are likely to use the easiest one rather than the best one. Power BI shows you how much time users spend time in their own Word, PowerPoint, and SharePoint documents compared to the time they spend in documents from colleagues. This shows you which platforms encourage the most collaboration and which ones are struggling.

Activation

- The activation insights give you under-the-hood visibility into which versions of O365 users are running, and what devices they use to access them. That may seem like trivial information, but it can have huge impacts on cyber security.

Power BI comes in three different plans: Desktop, Pro, and Premium. Best of all, both the Desktop plan and the Office 365 adoption content pack are totally free. If you like what you see, consider enlisting us to set up and optimize either a Pro or Premium Power BI deployment -- we’re only a phone call away!

Published with permission from TechAdvisory.org. Source.

Topic business
June 16th, 2017

Virtualization technology and container technology are confusing topics in their own right, and comparing and contrasting them is even harder. Before you can really get into the weeds about how containers differ from virtualization, it’s best to clear up some of the misleading information surrounding how the two technologies work.

Containers are made up of the bare minimum hardware and software requirements to allow a specific program to run. For example, if you want to give employees access to a single Mac-based server application, but everything else you run is in Windows, it would be a waste to build a new machine for just that program. Containers allow you to partition just the right amount of hardware power and software overhead to run that Mac program on your Windows server.

Misconception #1: There is only one container vendor

Traditional virtualization technology -- which creates entire virtual computers rather than single-application containers -- has had two decades for vendors to enter the market and improve their offerings. Containers, however, didn’t break into the mainstream until a few years ago.

Fortunately, there are still more than enough container vendors. Docker dominates the industry and headlines, but there are at least a dozen other programs to choose from.

Misconception #2: Containers require virtualization

In the early days, containers could only be created and managed in the Linux operating system. This meant complicated and sometimes unreliable improvisation was required to benefit from container technology on Windows and Mac servers.

First, you would need to virtualize a full-fledged Linux install on your Windows or Mac server, and then install container management inside of Linux. Nowadays, container management software can run on Windows and MacOS without the confusing multi-layer systems.

Misconception #3: You can’t create and manage containers in bulk

Separate programs, known as Orchestrators, allow you to scale up your use of containers. If you need to partition more hardware power so that more users can use a container, or if you need to create several identical containers, orchestrators make that possible.

Misconception #4: Containers are faster than virtual machines

Obviously, virtualizing an entire operating system and the hardware necessary to run it requires more management and processing requirements. A lot of people tend to think this means containers are faster than virtualized machines. In reality, containers are just more efficient.

Accessing a container is as simple as opening it and using the application. A virtualized machine, however, needs to be booted up, a user needs to log in to the operating system, and then you can rummage through folders to open an application. Most of the time containers are faster, but there are instances when that's not true.

Virtualization and containers are complicated technologies. For now, just remember that 1) Virtualization and containers are separate technologies, each with pros and cons; and 2) you have plenty of software options to manage containers (sometimes in bulk). For anything more specific than that, give us a call!

Published with permission from TechAdvisory.org. Source.

June 12th, 2017

Many small- and medium-sized businesses are abandoning traditional marketing methods in favor of social media platforms, and for good reason. Take Pinterest, for example, whose latest product “DIY Promoted Pins” allows businesses to promote their Pins to increase click-throughs, improve reach, and potentially drive more website traffic. But wait, there’s more.

Know your audience According to a study conducted by Ahalogy and AcuPOLL Precision Research, Inc., Pinterest is largely used by women, mostly “Millennial Moms.” If your typical customer demographic is predominantly male, your marketing efforts would probably be better spent elsewhere. But if your business caters to women between the ages 15-29, you should consider creating an online presence on Pinterest.

Think like a content marketer Users are looking for engaging content, which is why 59% of active Pinterest users go for Pins that lead to blog posts, articles, and even photos. The most popular topics on the platform are more visual (e.g., food, fashion, decor, etc.), so if you don't have highly visual content, then infographics, images from blog entries, and even photos of staff members also do the trick.

Look for inspiration Getting stuck in a creative rut happens to the best of us, so check out the boards that are saving your Pins to get some fresh insight. There's a good chance that people saving your Pins have related content that can help you gain insight into what your typical customer is interested in. Not only that, it also helps you identify trends and come up with new ideas for a marketing campaign.

Categorize your boards By creating and properly labeling multiple boards -- one for each of your products or services -- your users are able to engage not only with your general content but also with content they’re more interested in.

Determine posting frequency Excessive pinning might overwhelm or simply annoy your audience, but not pinning enough might cause followers to lose interest. Create a posting schedule and gauge audience reaction before making any changes to the frequency of Pins.

In order to surpass the stiff competition, you’ll need all the help you can get, and that includes social media marketing. If you have any questions about Pinterest and how it can help your business grow, don’t hesitate to give us a call.

Published with permission from TechAdvisory.org. Source.

Topic social media
June 9th, 2017

Aside from overseeing your business’s network security, IT security staff are also adept at fixing personal computers. However, that doesn’t necessarily mean they should. In fact, such occurrences ought to be minimized, if not avoided altogether. Your security personnel should be focusing on more pressing issues. But if they’re toiling over PC repairs, not only is your staff’s energy drained, but your IT budget plummets, too.

Cost of fixes

According to a survey of technology professionals, companies waste as much as $88,660 of their yearly IT budget as a result of having security staff spend an hour or more per work week fixing colleagues’ personal computers. The ‘wasted amount’ was based on an average hourly salary of IT staff multiplied by 52 weeks a year. Other than knowing how much time is wasted, what makes things worse is that IT security staff are among the highest paid employees in most companies.

The fixes have mostly to do with individual rather than department- or company-wide computer problems that don’t necessarily benefit the entire company. The resulting amount is especially staggering for small- and medium-sized businesses (SMBs) whose limited resources are better off spent on business intelligence tools and other network security upgrades.

Other costs

All those hours spent on fixing personal computers often means neglecting security improvements. The recent WannaCry ransomware attacks, which successfully infected 300,000 computers in 150 countries, demonstrate the dangers of failing to update operating system security patches on time. It should be a routine network security task that, if ignored, can leave your business helpless in the face of a cyber attack as formidable as WannaCry. It didn’t make much money, but had it been executed better, its effects would have been more devastating to businesses, regardless of size.

Profitable projects could also be set aside because of employees’ PC issues. For SMBs with one or two IT staff, this is especially detrimental to productivity and growth. They can easily increase their IT budgets, but if employees’ negligible computer issues keep occurring and systems keep crashing, hiring extra IT personnel won’t do much good.

What businesses should do

The key takeaway in all this is: Proactive IT management eliminates the expenditure required to fix problematic computers. Bolstering your entire IT infrastructure against disruptive crashes is the first step in avoiding the wasteful use of your staff’s time and your company’s money.

Even if your small business has the resources to hire extra staff, the general shortage of cyber security skills also poses a problem. Ultimately, the solution shouldn’t always have to be increasing manpower, but rather maximizing existing resources.

Having experts proactively maintain your IT eliminates the need to solve recurring small issues and lets your staff find a better use for technology resources. If you need non-disruptive technology, call us today for advice.

Published with permission from TechAdvisory.org. Source.

Topic Security
June 7th, 2017

This year, the National Oceanic and Atmospheric Administration (NOAA) predicts up to four unusually active hurricanes. With that in mind, there’s no better time to test your disaster recovery (DR) plan. But to avoid data loss and expensive downtime from such catastrophes, there are several things that need to be accounted for.

The NOAA forecasts 11 to 17 tropical storms in the Atlantic, the Caribbean Sea, and the Gulf of Mexico. Hurricane season has officially begun and is expected to last until the end of November. The four allegedly active hurricanes are presumed to be Category 3, 4, or 5 on the Saffir-Simpson Hurricane Wind Scale (Category 1 is the weakest and 5 the strongest).

But don’t panic just yet; here are five steps you can take to protect your business during hurricane season.

1. Schedule a DR drill

Despite having a DR plan, many companies don’t test their plan, at least not as often as they should. So if you’re one of those companies, it’s crucial to conduct a DR drill now. A lot can change in the months or years since you have last tested your plan -- systems updates, infrastructure upgrades, employee turnover and more. By scheduling a drill, you’ll be able to make sure everyone knows their roles and that all critical systems are covered.

Note that you should try to perform desktop walkthrough exercises, operational tests, and simulated recovery exercises on a regular basis.

2. Make sure your staff are prepared

All your staff should know what the evacuation procedures are as well as their responsibilities in the DR process. If not, coordinate with HR to make sure everyone in your company understands what the plan of action is for hurricane season. Staff with specific responsibilities need to get the documentation needed to effectively manage their roles in the event of a hurricane.

Set meetings with your DR team and schedule training for new team members. Your DR team should be able to quickly mobilize other employees to the DR site before bad weather hits. Don’t forget to touch base with any providers you are supposed to work with in case of an emergency, too.

3. Secure your backup site

In addition to a secondary location for data storage, your DR plan should also include another backup site so that you can continue your operations. In the event of a hurricane, dedicated space is imperative since your backup sites will likely be occupied with employees.

You should also consider the redundancy of utilities at your DR site, making sure you have enough power feed, fiber carriers, and anything else you’ll need to remain operational.

4. Check for amenities at your DR site

Whether your DR site is in the hurricane zone or in the nearest city, chances are hotels will be overbooked as people fight for a place to stay. This means your staff will likely be stuck onsite around the clock, so you need to make sure there is enough amenities to get them through this hectic period. Is there a place for employees to shower and sleep? Is there enough food and water to last them for at least a couple of days? These amenities will help your staff pull through as they restore your operations.

5. Update your DR plan’s appendix

Your DR plan should have an appendix with contact information, SLAs, and systems inventories information. More importantly, this information needs to be up-to-date; the last thing you need is calling your IT vendor when a server goes down only to reach the wrong number.

Go through all critical information in your DR plan and add any other information as needed. Vendors and shipper's contact information are a must as they will guarantee that you get hardware and power supplies backup without any hassles.

Unlike a fire drill which can be conducted on a yearly basis, your business continuity and disaster recovery plan needs to be tested regularly to meet your company’s changing needs. If you don’t already have a DR plan, or have any further questions, don’t hesitate to give us a call.

Published with permission from TechAdvisory.org. Source.

Topic business
June 2nd, 2017

When buying a technological device today, whether it’s a smartphone, a speaker, a keyboard or a smart watch, one of things people look for is Bluetooth compatibility. And who could blame them when Bluetooth has become a ubiquitous feature of technology that everyone can’t live without. But just like any technology, convenience can quickly turn into chaos when fallen into the wrong hands. With that in mind, here’s what you need to know to guard against cybercriminals when using Bluetooth.

Google paid a settlement fee of $7million for unauthorized data collection from unsecured wireless networks in 2013. While their intention likely wasn’t theft, many disagreed and called them out for Bluesnarfing, a method most hackers are familiar with.

What is it?

Bluesnarfing is the use of Bluetooth connection to steal information from a wireless device, particularly common in smartphones and laptops. Using programming languages that allow them to find Bluetooth devices left continuously on and in “discovery” mode, cybercriminals can attack devices as far as 300 feet away without leaving any trace.

Once a device is compromised, hackers have access to everything on it: contact, emails, passwords, photos, and any other information. To make matters worse, they can also leave victims with costly phone bills by using their phone to tap long distance and 900-number calls.

What preventive measures can you take?

The best way is to disable Bluetooth on your device when you’re not using it, especially in crowded public spaces, a hacker’s sweet spot. Other ways to steer clear of Bluesnarfing include:
  • Switching your Bluetooth to “non-discovery” mode
  • Using at least eight characters in your PIN as every digit adds approximately 10,000 more combinations required to crack it
  • Never accept pairing requests from unknown users
  • Require user approval for connection requests (configurable in your smartphone’s security features)
  • Avoid pairing devices for the first time in public areas
Bluesnarfing isn’t by any means the newest trick in a cybercriminal’s book, but that doesn’t mean it’s any less vicious. If you’d like to know more about how to keep your IT and your devices safe, give us a call and we’ll be happy to advise.
Published with permission from TechAdvisory.org. Source.

Topic Hardware
May 31st, 2017

Corporate smartphones and tablets store a significant amount of valuable data. Combine that with their mobile nature and they’re particularly vulnerable to being compromised or stolen. Everyone, including the National Security Agency (NSA), is looking for the next big thing in mobile security, and it might just be virtualization.

US government approved

The NSA maintains a program named Commercial Solutions for Classified (CSFC) that tests and approves hardware to assist government entities that are optimizing security. For example, if a public sector network administrator is deciding which mobile devices to purchase for office staff, CSFC has information about which devices are approved for various government roles.

Offices in the intelligence community usually require virtualization hardware and software as a minimum for laptops and tablets. But until now, no smartphones that included the technology have passed the tests. However, a recently released model of the HTC A9 phone includes mobile virtualization functionality that got the green light.

What is mobile virtualization?

Virtualization is an immensely complicated field of technology, but when it comes to mobile devices the process is a little simpler. Like any mobile device management plan, the goal of mobile virtualization is to separate personal data from business data entirely. Current solutions are forced to organize and secure data that is stored in a single drive.

Essentially, current phones have one operating system, which contains a number of folders that can be locked down for business and personal access. But the underlying software running the whole phone still connects everything. So if an employee downloaded malware hidden in a mobile game, it would be possible to spread through the entire system, regardless of how secure individual folders are.

With mobile virtualization however, administrators can separate the operating system from the hardware. This would allow you to partition a phone’s storage into two drives for two operating system installations. Within the business partition, you could forbid users from downloading any apps other than those approved by your business. If employees install something malicious on their personal partition, it has no way of affecting your business data because the two virtualized operating systems have no way of interacting with each other.

Although it’s still in its infancy, the prospect of technology that can essentially combine the software from two devices onto a single smartphone’s hardware is very exciting for the security community. To start preparing your organization for the switch to mobile virtualization, call us today.

Published with permission from TechAdvisory.org. Source.

May 25th, 2017

By now, you must have heard of the WannaCry ransomware. It ranks as one of the most effective pieces of malware in the internet’s history, and it has everyone worried about what’s coming next. To guard yourself, the best place to start is with a better understanding of what made WannaCry different.

Ransomware review

Ransomware is a specific type of malware program that either encrypts or steals valuable data and threatens to erase it or release it publicly unless a ransom is paid. We’ve been writing about this terrifying threat for years, but the true genesis of ransomware dates all the way back to 1989.

This form of digital extortion has enjoyed peaks and troughs in popularity since then, but never has it been as dangerous as it is now. In 2015, the FBI reported a huge spike in the popularity of ransomware, and healthcare providers became common targets because of the private and time-sensitive nature of their hosted data.

The trend got even worse, and by the end of 2016 ransomware had become a $1 billion-a-year industry.

The WannaCry ransomware

Although the vast majority of ransomware programs rely on convincing users to click compromised links in emails, the WannaCry version seems to have spread via more technical security gaps. It’s still too early to be sure, but the security experts at Malwarebytes Labs believe that the reports of WannaCry being transmitted through phishing emails is simply a matter of confusion. Thousands of other ransomware versions are spread through spam email every day and distinguishing them can be difficult.

By combining a Windows vulnerability recently leaked from the National Security Agency’s cyber arsenal and some simple programming to hunt down servers that interact with public networks, WannaCry spread itself further than any malware campaign has in the last 15 years.

Despite infecting more than 200,000 computers in at least 150 countries, the cyberattackers have only made a fraction of what you would expect. Victims must pay the ransom in Bitcoins, a totally untraceable currency traded online. Inherent to the Bitcoin platform is a public ledger, meaning anyone can see that WannaCry’s coffers have collected a measly 1% of its victims payments.

How to protect yourself for what comes next

Part of the reason this ransomware failed to scare users into paying up is because it was so poorly made. Within a day of its release, the self-propagating portion of its programming was brought to a halt by an individual unsure of why it included a 42-character URL that led to an unregistered domain. Once he registered the web address for himself, WannaCry stopped spreading.

Unfortunately, that doesn’t help the thousands that were already infected. And it definitely doesn’t give you an excuse to ignore what cybersecurity experts are saying, “This is only the beginning.” WannaCry was so poorly written, it’s amazing it made it as far as it did. And considering it would’ve made hundreds of millions of dollars if it was created by more capable programmers, your organization needs to prepare for the next global cyberattack.

Every single day it should be your goal to complete the following:

  • Thorough reviews of reports from basic perimeter security solutions. Antivirus software, hardware firewalls, and intrusion prevention systems log hundreds of amateur attempts on your network security every day; critical vulnerabilities can be gleaned from these documents.
  • Check for updates and security patches for every single piece of software in your office, from accounting apps to operating systems. Computers with the latest updates from Microsoft were totally safe from WannaCry, which should be motivation to never again click “Remind me later.”
  • Social engineering and phishing may not have been factors this time around, but training employees to recognize suspicious links is a surefire strategy for avoiding the thousands of other malware strains that threaten your business.
Revisiting these strategies every single day may seem a bit much, but we’ve been in the industry long enough to know that it takes only one mistake to bring your operations to a halt. For daily monitoring and support, plus industry-leading cybersecurity advice, call us today.
Published with permission from TechAdvisory.org. Source.

Topic Security
May 23rd, 2017

This month, ransomware has taken center stage yet again. WannaCry has already infected thousands of users around the world. In true ransomware fashion, WannaCry holds user data hostage until the victim decides to pay the ransom. What’s more alarming, however, is that the global success of this malware will likely spawn even more potent variants. To protect your business from ransomware attacks, consider these tips.

Update your software The first (and probably best) defense against WannaCry ransomware is to update your operating system. New research from Kaspersky shows that machines running Windows XP, 7 and outdated Windows 10 versions were affected by the ransomware. To check whether your systems are up to date, open your Windows search bar, look for Windows Update, click Check for Updates, and install any major updates.

Also, don’t forget to download the latest security patches for your business applications and security software.

Run security programs Many antivirus programs now have mechanisms for detecting and blocking WannaCry malware; so when you’ve fully updated your security software, run a full system scan.

Keep in mind that antivirus isn’t a foolproof security solution. Instead, run it alongside other security applications like intrusion prevention systems and firewalls.

Use data backup and recovery tools If WannaCry does infect your computers, only a solid data backup and recovery solution can save your business. Before ransomware strikes, periodically back up your files in both an external hard drive and a cloud-based backup service.

External hard drives will serve as your local backup solution for quick recovery times. However, we recommend keeping the external drive disconnected when it’s not being used and plugging it in only when you need to back up files at the end of the day. This is because when ransomware infects a computer, it will usually look to encrypt local backup drives as well.

Cloud-based backups, on the other hand, allow you to store files in remote data centers and access them from any internet-enabled device. When selecting a cloud services provider, make sure they provide the appropriate cloud protections to your files. For example, your backup vendor should provide reporting tools to keep track of any anomalies in your files. Document versioning features are also important. This allows you to recover older versions of a document in case the current version is encrypted.

After your local and cloud backups are set up, perform regular tests to ensure your disaster recovery plan works.

Stay informed Finally, it’s important to stay on guard at all times. WannaCry is just one of many ransomware strains affecting businesses today, and in order to stay safe you need to be constantly up to date on the latest cybersecurity- and business continuity-related news.

For more ransomware prevention tips and services, call us today. We’ll make sure hackers don’t hold your business hostage.

Published with permission from TechAdvisory.org. Source.

Topic business
May 19th, 2017

By their very definition, servers are tasked with managing significantly higher burdens than the average desktop workstation. If your business has a server onsite, there are so many things you need to consider to get the most out of your investment. Read on for a few of them:

Mount your servers properly

Small businesses are usually forced to prioritize the here and now over long-term planning. Not for lack of caring, it’s just a fact of working on tight budgets and with small teams. This is especially evident when it comes to server planning. When your business first sets up shop, it’s tempting to plug in a server right next to your workstations -- but doing so puts your hardware in harm’s way.

Mounting servers in a rack protects them from the accidents commonly associated with highly trafficked areas: spills, crumbs and tripping hazards. Server racks keep your most essential hardware safe by organizing everything in a space that is more accessible for cleaning and management but less exposed to the day-to-day wear and tear of your office.

Server planning is all about leaving room for the future. When choosing your rack mount, make sure to leave room for the hardware you will need to expand in the future. Unless office space is a serious concern, it’s better to have a half-empty server rack than to be forced to tear the whole thing down and redesign it the moment you need to expand.

Keep servers separate from the main area

Depending on what type of servers you are running, they can create quite a bit of noise. This coupled with the fact that they are comprised of valuable hardware means that you should do everything in your power to keep your servers physically separate from your working space. If you don’t have room for a server room, consider investing a little extra in a secure rack mount with built-in sound reduction.

Never skimp on cooling

Even when your business first opens its doors, server cooling is a crucial consideration. These computers are designed to work at peak capacity and need optimal conditions to do so efficiently. Even if your equipment seems to be performing just fine, too much heat can drastically reduce its lifespan.

Make sure that your cooling solution operates outside the confines of your building’s infrastructure. If the central air gets shut off at night, or if your office experiences power outages, you need a cooling solution that switches over to backup power with your servers.

Keep wiring neatly arranged

For anyone without hands-on experience with server hardware, the number of wires going into and out of your setup is shocking. Getting the whole mess organized isn’t just about cleanliness, it also affects the performance of your current setup and the viability of installing future upgrades. Any time you are installing, removing, or rearranging your server cables, check that everything is neatly labeled and safely grouped together.

Managing any type of hardware comes with dozens of important considerations, and that goes doubly so for servers. The best way to guarantee your IT investments are getting the care they require is by partnering with a managed IT services provider. To learn more about our services, give us a call today.

Published with permission from TechAdvisory.org. Source.

Topic Hardware