Blog

Notable features of Windows 10

Over the years there have been many versions of Windows such as Windows 8, Windows Vista, and Windows XP. Windows 10, the latest update from Microsoft, has many unique features that distinguish it from its predecessors. While the previous versions ran mainly on laptops and desktops, Windows 10 is designed to run on tablets equally as well. One of the best features of this update, which is also known as Spring Creators Update, is that takes very little time to install – just under thirty minutes. While the previous updates used to take a lot of time, this new version is very time effective.

Notable Windows 10 Features

Windows 10 has many other distinctive features that are very useful for many small businesses.

Cortana on Desktop

Windows 10 brings voice-controlled digital assistance in the form of Cortana to computers. Now you can interact with or give commands to your computer without lifting a finger. You don’t need to type – just tell your computer if you want to launch a PowerPoint presentation, need a specific file, or want to look at specific photos. Your PC can do all this while you work on, say, an interdepartmental email.

Timeline

Timeline has replaced the Task Viewer icon beside the Windows taskbar. This new feature allows the user to view the activity history of their desktop. If you are looking for a file that you were working on last week, Timeline will help you find it quickly. Just click on the Task View button on the taskbar, and you will be able to see all your open files and applications. It is a convenient way to see what applications are running. Windows will display photos, folders, and documents according to the date that they were last used.

Privacy

Another security feature of Windows 10 is the new Windows Diagnostic Data Viewer. This feature allows you to view the amount of information that Microsoft can access from your computer. You can keep your data safe by fine-tuning privacy settings which concern application usage, browser history, web permissions, and connected devices.

The Start Menu is back!

In the previous update the Start Menu was eliminated, but in Windows 10 we can see its revival. The bottom left shows the Start Button, and when you click on it, two panels appear side by side with the left side showing the most used applications. The right side displays a list of live tiles that you can resize, reorganize, and customize. There is a power button at the top similar to Windows 8 for features such as Standby, Hibernate, and Shut down.

Nearby Sharing

Another simple feature that makes office work so much easier is Nearby Sharing, which you can enable from the Control Panel. Select the computer you want to send the file to and then click on the Share button in the Photos app or the Edge browser. The computer will receive a notification asking it to accept or decline the file. This ensures that file transfers can happen without unreliable network folders, beat-up USB devices, or empty email messages.

Snap Assist

In this update, the Snap View feature has also been updated which allows users to open multiple windows side-by-side without being limited by your screen’s resolution. This feature also suggests different apps that you can open to fill the available space.

Swift Pair

This feature allows you to connect to a Bluetooth device within the desktop’s range. You will automatically receive notifications whenever there is a connection opportunity. With Windows 10 you can use wireless headphones to make a call or try out a wireless keyboard by just clicking connect.

Microsoft Edge

The new browser called Microsoft Edge has replaced the old Internet Explorer. This browser has many impressive features such as Cortana integration, which allows you to pull up contextual information without having to search through emails. It has an annotation tool which lets you write anything and share it with your friends on social networks without leaving the browser, and PDF support which makes reading easier by improving the layout of long articles.

Tablet Mode

Windows 10, unlike Windows 8, makes a clear differentiation between tablets and desktops. In Windows 8, if you happen to be using a mouse and keyboard, by default, you will be in desktop mode.

Action Center

The Action Center in Windows 10 has been expanded to allow easy access to frequently used settings such as tablet mode and Wi-Fi connectivity. It also shows all essential notifications as soon as your computer receives an update.

Windows 10 has many impressive features which were missing in the previous update. It is faster, provides invaluable security protection and makes multitasking much easier. Update your computer today to enjoy all the benefits of this new operating system.

Posted in: Tech Tips for Business Owners

Leave a Comment (0) →

Data Breaches and Credit-Card Fraud Can Destroy Your Small Business

Most business owners are cognizant of the prevalence of fraud in the digital world today. According to Experian’s Global Fraud and Identity Report 2018, almost three-quarters of businesses believe fraud is a growing concern, and nearly two-thirds reported fraudulent losses over the past year.

Credit Card Fraud

What is Fraud?

Fraud occurs when an individuals’ payment information is used without their authorization. When hackers breach your network and access your customers’ or clients’ sensitive cardholder information, they have many opportunities to commit fraud numerous times. Anytime someone falsifies an identity and “tricks” a system into thinking the person making a purchase is someone other than who they actually are, this is considered to be fraud.

Fraud is Pervasive in Today’s Digital World

This is because the majority of business and consumer data remains vulnerable. As the value of digital information grows, so does the hacker’s motivation to develop methods to avoid detection from the latest technologies.

The existing account setup process requires consumers to provide extensive amounts of personal information along with passwords and secret questions. And data breaches provide this information to cybercriminals. When this data is stolen, it’s often used for fraudulent activities.

Fraud is a moving target just like the hackers. New tactics are evolving where criminals combine real and fake information to create new identities.

Most business owners just don’t have a handle on this – and they lack confidence in their ability to protect their customers and their companies from fraud.

One of the reasons for this is that their initiatives are mostly reactionary rather than proactive as many continue to use legacy cybersecurity technology rather than investing in new, more sophisticated data protection solutions. As a result, every month that goes by increases their vulnerability and exposure to data breaches and fraud.

Fraud is an ever-present and growing risk

For businesses in e-commerce, managing the risk of fraud is a delicate balancing act between providing an ease of use for customers vs. fraud protection. They struggle with mitigating fraud and providing a positive customer experience. Unfortunately, the customer experience wins out in most cases, and businesses are willing to risk fraudulent losses over losing customers to their competition. Ironically, they are setting their businesses up for reputational damage where they will end up losing customers anyway, fail to gain new ones, and possibly face financial penalties and litigation costs.

The 2017 Cost of Data Breach Study from the Ponemon Institute, sponsored by IBM, puts the global average cost at $3.6 million, or $141 per data record. That’s a reduction in the average cost in 2016, but the average size of data breaches has increased. It’s also worth noting that the average cost of a data breach in the United States is much higher at $7.3 million.

More than 50 percent of businesses say they still rely on passwords as their top form of authentication.1 And business leaders know that using passwords isn’t the most secure option. But customers are used to them, and business owners want to please them. They also complain that they lack the financial resources to adopt more advanced authentication methods when this would save them legal fees and penalties if/when their customers’ accounts are breached–not to mention their reputation and the future existence of their business. This, of course, is very shortsighted.

How data breaches and fraud are connected

Data breaches and fraud don’t usually occur at the same time and place. Cybercriminals won’t steal a customer’s information and turn around and use it for a purchase from the same business. So. it’s not easy for a business to detect when a breach occurs.

Data breaches are typically detected by using specific security tools that monitor all payment activity. Merchants should follow PCI/DSS Standards to identify and prevent breaches and remain compliant. PCI-DSS audits will help you find vulnerabilities in your system and reveal inadequacies that must be eradicated.

A successful case of fraud spreads like cancer

If a hacker can get one password, they may have the keys to other password-protected accounts. The more online accounts people open, the greater their risk. And most people have quite a few. If the hacker can figure out the password to someone’s email account, they may also have the key to their credit card and banking accounts as well.

You must remain vigilant to prevent data breaches and fraud.

What to do if you suspect fraud

A key indicator of evidence of fraud is in chargebacks where a customer disputes a charge on their credit card, and where you aren’t paid for the service or product. If your chargeback rate increases above a 1% margin, this is a good indication that you’re experiencing fraud.

In this case, you should hire a third-party auditor like an IT Managed Services Provider (MSP) to help bring you back into compliance and stop the thieves. They will detect where the problem(s) exist and if what they find indicates a data breach. PCI-DSS compliance requirements mandate that you do this to stop the fraudulent activity.

Of course, you should contact the card processor as well. They will connect you to the card providers who can often identify the point of access or detect a suspicious pattern of activity.

What You Can Do to Reduce Fraud and Data Breaches.

Use EMV Technology.

EMV (Europay Mastercard Visa) is the global standard to authenticate payment cards. EMV technology can help you protect your business from fraud. It ensures the card is legitimate and that the person using the card is the authorized user.

EMV chips are microprocessors that store and protect cardholder data. They use a unique cryptogram that’s validated by the card issuer. This makes it more difficult for hackers to break the code and steal card information to commit fraud.

Today, if you don’t use an EMV-capable terminal, and the transaction turns out to be fraudulent, you can be held financially liable for that transaction.

EMV has been used in the United Kingdom since 2004, and card-present fraud has gone down by 80% as a result. By comparison, without EMV in the U.S., fraud increased during this time by nearly 70%.

Protect Data in Transit by Using Encryption.

When credit card data is stolen, it’s considered a data breach. Considering the number of card payments your business processes in a month, hackers may view you as the “Pot of Gold at the end of a Rainbow.” In other words, your business is a prime target.

You can help stop the hackers from accessing data in transit by using end-to-end encryption (E2E) and point-to-point encryption (P2PE).

The advantages of end-to-end encryption are:

  • That you don’t need a separate key for the decryption of the data.
  • You have flexibility in deciding what data to encrypt.
  • You can choose specific configurations for more functionality.
  • The file size is small, and the processing time is minimal.

Point-to-point encryption encrypts transmitted data as it goes through a designated “tunnel.” This is used most often for credit card information that’s encrypted from the point-of-sale (POS) to the credit card processor.

With encryption, if a breach does occur, and data is stolen, it will be useless to cybercriminals in its encrypted state.

Protect Data at Rest by Using Tokenization.

Tokenization breaks up a sequence of data into pieces such as words, keywords, symbols, phrases, and elements called tokens. Tokens can be words, phrases or even whole sentences. In other words, tokenization keeps cybercriminals from using data by replacing it with meaningless characters. Tokenization is helpful for businesses that store sensitive card data for re-billing. It’s also one of the most effective and affordable ways for businesses to protect their customers’ confidential card data.

Combining encryption and tokenization is one of the best ways to protect your business from the devastating effects of a data breach.

Secure Your IT Environment

  • Ask your IT Managed Services Provider (MSP) to set up a next-generation firewall, anti-spam, and anti-virus solutions.
  • Ensure your POS and router are on different networks and separate from other systems that access the Internet.
  • Don’t use your business POS for surfing the Web. This can expose it to viruses and result in vulnerabilities that can be breached.
  • Assign separate login credentials for each user.
  • Forbid sharing of login credentials and enforce this.
  • Keep your user list up to date and disable accounts that are no longer needed.
  • Only provide remote access for users with a clearly identified need.
  • Don’t leave remote access software turned on when unattended.
  • Keep all software and anti-virus, anti-spam programs up-to-date.
  • Regularly run and review scans for malware.
  • Regularly have your MSP run vulnerability scans.
  • Ask your MSP to train your staff on the latest security threats and what to do if they come across one.
  • Train your staff how to detect unauthorized skimming devices that could be installed on POS or credit-card terminals.

Have Your MSP Train Your Employees on Cybersecurity Awareness.

Teach your employees about password security and make sure you enforce this behavior:

  • Don’t use words from the dictionary.
  • Don’t use names of family members.
  • Don’t reuse passwords from your other accounts.
  • Don’t write down your passwords or put them where others can see them.
  • Consider using a Password Manager (e.g., LastPass or 1Password).
  • Use password complexity (e.g., P@ssword1).
  • Create a unique password for work separate from your personal use.
  • Change passwords at least quarterly.
  • Use passwords with 9+ characters.
    • A criminal can crack a 5-character password in 16 minutes.
    • It takes five hours to crack a six-character password.
    • Three days for a 7-character password.
    • Four months for eight characters.
    • 26 years for nine characters.
    • centuries for 10+ characters.
  • Turn on Two-Factor Authentication if it’s available.

Teach employees about ransomware and phishing threats. These appear to be from an official like the IRS or FBI. If a screen pops up that says you’ll be fined if you don’t follow their instructions, don’t! If you do, the criminal will encrypt all your data and prevent you and your employees from accessing it. Teach them to:

Beware of messages that:

  • Try to solicit your curiosity or trust.
  • Contain a link that you must “check out now.”
  • Contain a downloadable file like a photo, music, document or pdf file.

Don’t believe messages that contain an urgent call to action:

  • With an immediate need to address a problem that requires you to verify information.
  • Urgently asks for your help.
  • Asks you to donate to a charitable cause.
  • Indicates you are a “Winner” in a lottery or other contest, or that you’ve inherited money from a deceased relative.

Be on the lookout for messages that:

  • Respond to a question you never asked.
  • Create distrust.
  • Try to start a conflict.

Watch for flags like:

  • Misspellings
  • Typos

Ask Your MSP to Help You with PCI Compliance.

PCI Compliance is not a one-time event but should be a continual process to ensure your IT systems are appropriately transmitting and storing sensitive data. It mandates that network and business practices are secure.

Failing to maintain compliance with the Payment Card Industry Data Security Standards (PCI DSS) can ruin your small business if you get hit with a data breach.

It’s not always easy to do this on your own. Your MSP can help by:

  • Performing scans of your network to identify and eliminate vulnerabilities that can lead to data breaches.
  • Monitoring network activity and blocking malicious activity before it can lock down or steal your data.
  • Providing you the tools and resources to promote compliance.
  • Implement data-breach protection solutions.
  • Help you sign up for a breach assistance/cyber insurance program that provides for reimbursement of certain card brand fees that are charged if data is compromised. Some cover the costs of a data breach, which can be upwards of $100,000 or more.

Protect Your Business from Data Breaches, Fraud, and the Resulting Consequences

When you take all of this seriously, you’re not just protecting your customer’s confidential information; you’re also protecting your business from fraud.

Most companies that experience a data breach will see a rise in cost to retain existing customers. And, they will also see an increased cost to acquire new customers. When you add these increases in cost to the loss of revenue from customers that choose take their business to your competitors, you’ll soon see how your damaged reputation dramatically affects your company’s bottom line.

You don’t have to face this alone.

The right IT Managed Services Provider can be your best ally against security threats. From helping you with integrated and compliant POS systems to implementing technologies like encryption and tokenization, and providing compliance and breach assistance, the right IT Partner is worth every cent when it comes to helping you secure your business against the devastating effects of credit-card fraud and data breaches.

Posted in: Tech Tips for Business Owners

Leave a Comment (0) →

Using Yoast SEO to Write Effective Meta Descriptions

The term, “meta description” may seem foreign to some but we all see these descriptions each time we search for something online. The meta description can contain up to 320 characters and should be an interesting summary of what your website is all about. It shows up in the search results as those first few words/lines that explain the essence of your website or post.

Yoast SEO Descriptions

How Meta Descriptions Work

Each time we type a search term in the browser, a number of results will come up. For each one, there’s a 320 character description of the site or page. People usually decide which site to click on based on what these meta descriptions say. That means it has to be snappy and fresh. The wording needs to grab your attention. It has to sound enticing. Think of it as a short, but powerful sales pitch. Potential customers are far more likely to visit a site that sounds unique, interesting or entertaining than one that sounds boring.

Though search engines make it clear that there’s no direct advantage from writing good meta descriptions, there is a very strong indirect benefit. If you’ve written a good meta description, then this will improve your click-through-rate (CTR). As visitors click-through to your site, the search engine uses that information as a way of determining that your site was aptly and well described. This will improve your position in the search results.

It is important to point out here that Google will not always show your unique meta description. Sometimes they generate their own description of your business based on factors like the search term and type of business it is. This is where keywords come into play. Most business owners now understand at least the basics of keywords and how they work. If your content is well-optimized, then it should reflect that by serving as a great meta description.

Google changes the way their search engine works at times and this can certainly throw a wrench in all your good plans. However, that should not stop business owners from doing sound keyword research and creating unique content with those keywords. It goes without saying that keyword stuffing is bad and should be avoided at all costs. Always observe the current standards for keyword density in a page of text, which usually runs around 2 to 2.5 percent.

Yoast Free or Premium?

Yoast offers a free and a premium SEO service. With the free service, you get one keyword for each page of content. The premium service allows five keywords for each page. The premium service also does a readability check using the Flesch Kincaid test which measures the grade level of your writing. Since the world wide web is filled with people from all backgrounds and educations, Flesch Kincaid usually recommends writing copy that would be easy reading for a third to fifth grader.

Use short concise sentences. Avoid big words that are not readily understood unless you are writing technical information for a specific audience, like IT experts. Try to use action verbs instead of passive verbs. Use subheadings and catchy taglines. Whatever you can do to make your site more attractive, unique and fun, will help. You can count on getting more traffic and higher conversion rates.

How to Use Yoast SEO to Write Meta Descriptions

If you don’t write a unique meta description, Yoast will produce one. Usually, it simply takes the first three lines of content on your page or post and uses that. If you’d like to edit that, then click on the “edit snippet” button. This opens the snippet editor. There are fields there to edit the SEO title, slug and meta description. As you type, your new meta description will show up. You can make changes until you feel it’s just right. The snippet editor has an orange bar at the bottom that will become green once you’ve typed enough information.

Many site owners use the first few lines of content on their page or post as the meta description. If your site has good, professionally written content on it, then there’s nothing wrong with that. However, if you feel you could improve the text, then, by all means, do so. If you can get the hang of this and really write powerful meta descriptions, it can greatly improve your click-through rates.

How to Write a Superb Meta Description

Once you’ve decided that this is something worthwhile that could improve your bottom line, it’s important to put your best foot forward. In order to write effective meta descriptions, you may need the help of a good copywriter. Copywriting is all about utilizing words to persuade searchers to click on your page. With only 320 characters or about two to three lines of text, it’s important to make every word count. Below are two writing examples to show you the difference between professionally written text and that of an amateur.

Good Meta Description:

Apple

https://www.apple.com/

Discover the innovative world of Apple and shop everything iPhone, iPad, Apple Watch, Mac, and AppleTV, plus explore accessories, entertainment, and expert device support.

The above meta description from Apple does contain some good keywords but it doesn’t feel awkward or forced. It’s informative. It’s also important to note that this meta description was written using the older rules where 155 characters were the rule. Today, we’re seeing longer snippets that contain more information to help searchers decide what to click on.

Bad Meta Description:

Mary’s Bakery

https://www.marysbakery.com/

Get some good donuts and cakes at Mary’s Bakery located in downtown Minneapolis. We cater and deliver. Our baked goods are tasty and made with quality ingredients.

Though the above meta description does contain some valuable information, it’s boring. The shop owner wastes valuable space here to tell consumers where they’re located. This is something that many searchers will not care about in their initial search. Use this space to talk about delicious pastries, cakes, and donuts. Talk about your award-winning cupcakes with buttercream icing. This is how you get people to visit your site and look around.

Caution!

Be sure that your meta description accurately describes your page or post. Yes, the wording can be flowery, powerful, strangely attractive, etc. But it should also be truthful. If you make promises you can’t keep, then searchers will quickly hit the “back” button. This can cause your site to fall in the search listings.

As mentioned above, avoid keyword stuffing. Just about all web visitors today understand what keyword stuffing is and most don’t like it. The reason? Keyword stuffing makes a section of text read awkwardly. It is typically not well-written content and it doesn’t make sense to your human visitors. Remember to write your meta description for humans, not for search engines.

Instead, focus on writing interesting descriptions and unique content for your human visitors. In the end, search engines will not be purchasing your products and services. Humans will, so cater to their needs, wants, desires, whims—and you’ll be rewarded with higher click-through rates and stronger sales.

Posted in: Tech Tips for Business Owners

Leave a Comment (0) →

8 Intruder-Hating Tips For Home Office Security

Your Devices Are A Target For Online Prowlers. At Your Peril Do Not Ignore!

Home Office Security

Be Aware of Your Surroundings – Takes On a Whole New Meaning

When you were a child, your mom or dad reminded you, be aware of your surroundings. They wanted you to avoid getting hurt by a stranger. This sound advice also rings true when using your company’s computer, tablet or cell phone devices at any public Wi-Fi hotspot. Anytime you log onto a non-encrypted hotspot, you increase your device’s vulnerability to data hacking. Also, if you chose not to log on through a work-based VPN connection, you invite easy access to your company’s device. If you travel for business, you practice keeping your devices safe, especially in airports and train stations. But if you can avoid doing sensitive work at public hotspots, you’ve reduced your vulnerability and increased your awareness of your online surroundings.

 Company Security Policies Are For Your Protection

Let’s say you work from home. Or maybe you travel and work remotely. Once you leave the company’s secure environment, your vulnerability increases. The organization is entrusting; you won’t expose them to unwanted malware and a hostile environment they have no control over. It’s for this reason; your company institutes a mandatory security policy. The terms of the policy state when any staff member, works away from the office, they must use the company’s devices. Should your device be compromised, your IT Security department can contain the risk immediately. But using a non-issued device, a friend or spouse has, you’ve exposed your company to a possible cyber-attack. You’ve also left the IT Security team to pick up the pieces which could have prevented. No need to stick your neck out. Follow your company’s security policies and reduce your risk and exposure.

Not Some, But All Systems and Applications Must Stay Up To Date

We know. You hate being reminded. Security managers are updated zealots. But their sage advice is the simplest and easiest step a home office user has at their disposal. When running your updates, remember you are updating your operating system, all applications, and Microsoft Office. The updates are not just for the latest versions. Updates are for your stronger security-related measures. When your computer reminds you to update your system, take those extra minutes and update. Finally, don’t forget your once a week security scans and your once-a-month full system scan. You might be surprised what your system digs up.

You Can Trust Me – I Am Your Network, or Are You?

Let’s say a security application, you’ve never seen, pops-up and prompts you to do a security scan, would you click it on? We hope you’d say no and here’s why. Some applications appear harmless and legitimate, almost friendly and helpful. But underneath they are programmed for sinister activity and why you must stay vigilant and know in advance if an unfamiliar network should be trusted. Granted you will be suspicious of public Wi-Fi hotspots, but at home, that same caution must continue. Downloading an app, your IT Support hasn’t cleared, puts you at great risk. If you’re not sure you logged into the correct network, stop and contact your IT Security Support department right away.

Remove The Cache Sludge From Your Computer

Have you noticed lately, your computer or browser are taking just a little longer to boot-up or respond these days? With virus updates, software patches, surfing the web, emailing, and working from your home computer, you will build up digital muck. For starters, your cache is your catch-all. It doesn’t matter what it is; something is going to drain down into your cache. And it keeps a record of it. So, if you want smooth sailing internet browsing and peak performance, clean out your cache. Why horde piles of digital yuck, for months, in your cache, where malware has been known to hide out? Once you clean out your cache and reload your browser, it rewards you with the updated version of the website you’re visiting. Also, if the site owners keep their security up-to-date, your visit is secure.

These Cookies Are Not Your Friends Nor Are They Tasty

According to Webopedia, “a cookie will contain a string of text that contains information about your browser. To work a cookie does not need to know where you are from; it only needs to remember your browser.” Some Websites use cookies to store more personal information, about you, and you may not know it. You must find out who has data about you. With bad press surrounding social media sites, it’s becoming more important to check your browser for cookies and delete them selectively or delete them entirely.

Still Using Passwords – Multi-Factor Authentication Gives You New Security Powers

In the early years, you were trained how to use passwords to protect your sensitive material. Something easy to remember. But with progress came security breaches. Easy passwords were out. Next password level was using numbers and symbols in the place of vowels in your password. Now passwords are out, and passphrases are in. Here’s how it works. No confusing password with symbols or numbers to remember. What you create is a phrase you will easily picture in your mind, like the address at your best friend’s house. Instead of a password like this: #152@Bobs, you create a passphrase like this: AddressAtBobsPlace. Now you have an easier way to remember and beefed-up security powers to protect your sensitive information.

Will Your Router Pass A Security Examination?

Finally, are you still using the original router password that came in the box? Does anyone else have access to that password? In some home offices, passwords get shared with family and close friends. If you do not remember the last time you changed the router’s password, or who has access to it, the time to replace the password is now. But if that same router has reached 24 months, ask your provider to swap it out and get a new dual-band router. With newer routers come five enhancements. They are faster to respond, data transmission is reliable, the latest security firmware is updated, comes with a warranty, and you receive a new password.

For more Intruder Hating Home Office Security Tips gives Network Essentials a call at (416) 490-9019 or email us sales@ittoronto.com to speak to one of our Home Office Security Specialists

Posted in: Tech Tips for Business Owners

Leave a Comment (0) →

How Much Is Your Medical Data Is Worth?

Believe it or not, your medical record has the potential to be sold for thousands of dollars. And due to the digitization of health records, it’s now more prone to theft.

Medical Technology

As more patient health records have gone digital over the years, they’ve become vulnerable to hackers—and far more valuable than credit-card data or other forms of confidential data.

Why? Because they contain insurance information that poachers can use for fraudulent billing and illegal prescriptions. These thieves can falsify insurance claims and collect checks and obtain hundreds of thousands of dollars in free care on someone else’s insurance.

The healthcare industry wasn’t prepared for this, and they are trying to play catch up to secure protected health information (PHI):

“The U.S. has a huge shortage of highly qualified cybersecurity people across all industries,” says Rod Piechowski, a senior director at the Healthcare Information & Management Systems Society, or HIMSS, a Chicago-based nonprofit with more than 50,000 members. “Being late to the game, health care just can’t compete.”

Health IT professionals, although they are in great demand, haven’t been able to play a major role in employer’s’ software procurement decisions. This is unlike banking and the financial industry where their option is regularly solicited before a major IT system is implemented. And until recently cybersecurity wasn’t prioritized in healthcare the way it has been in financial services. The result is that IT professionals had no influence when it came to software security standards for medical care, and now they’re having to oversee systems that are difficult to safeguard.

If your PHI is breached, hackers have the information they need to blackmail you for the rest of your life. That’s because your EHR contains information like conditions you suffer from such as depression, anxiety or other psychological conditions, sexually transmitted diseases, or heart conditions. If released to the public, these might be an embarrassment to you or even keep you from obtaining a particular position.

How Bad Is It?

EHRs (electronic health records) are being used by over 96 percent of critical-care facilities, and 83 percent of all hospitals. While the digitization of health records enables easy access to patients’ information, if not properly safeguarded they’re also available to hackers. This poses a real threat to patient privacy.

In the year 2016, there were 450 data breaches where 27 million EHRs were affected. Of these, 120 came from the outside, while 200 (more than 65%) came from the inside.

In 2017, there were 477 healthcare breaches reported to the U.S. Department of Health and Human Services (HHS) or the media, which affected a total of 5.579 million patient records.

With major hospitals and healthcare organizations paying higher fines for lost patient data, the challenges of maintaining EHR security remains a huge concern. And because of this, the benefits of using them must be weighed against the risks of theft and misuse.

Presence Health in Chicago was fined USD475,000 by the U.S. Health and Human Services (HHS) because they didn’t report a 2013 breach in a timely manner. Advocate Health Care had to pay HHS a whopping USD5.5 million for a breach of patient privacy–the most ever by a single entity.

Compounding the issue, now physicians who are frustrated with the bogged down systems try to design their own workarounds to speed up processing of healthcare data. These ad hoc “shadow IT” systems are insecure and rely on unencrypted data and personal emails. It’s only a matter of time before a sophisticated hacker breaks in to steal their data.

How do hackers obtain medical records?

One of the ways they do this is through spoofing where the facility is fooled into thinking that the person accessing the information is legitimate. Plus, Microsoft researchers warn that many types of databases used for electronic medical records are vulnerable to leaking information despite the use of encryption.

Hospitals and healthcare organization use methods like data encryption and the scrambling of PHI (de-identification) to disguise data so hackers can’t read it.  However, the hackers simply steal the data and replace the encryption keys with their own to demand ransoms to unlock the data. This is called ransomware, and it’s very effective against healthcare facilities and hospitals that need ready access to patient data for their everyday operations.

Who are these hackers?

They’re not who you think they are. When we think of hackers, in our mind’s eye they are guys in hoodies working on computers in their parents’ basements. What’s hard to believe is that most attacks and data breaches don’t come from external hackers, but from the inside of an organization, where doctors, nurses or accounting personnel are negligent, abuse the system as disgruntled employees, or steal patient data for financial gain. In 2017, employee error affected 785,281 patient records and insider-wrongdoing affected 893,978.

One Promising Solution

Robert Lord, a former analytics systems designer, joined forces with Nick Culbertson, a former Special Forces operator when they were students at the John Hopkins University of Medicine. They created an Artificial Intelligence (AI) system to combat hacking of EHRs. They co-founded a cybersecurity company Protenus, to help the healthcare industry use artificial intelligence to prevent the theft of Protected Health Information and Electronic Health Records.

Lord explains:

“Your EHR contains all of your demographic information–names, historical information of where you live, where you worked, the names and ages of your relatives, financial information like credit cards and bank numbers…The medical record is the most comprehensive record about the identity of a person that exists today. We recognize that EHRs are living documents, so we’ve built an AI that is able to monitor how individuals interact with the EHR and associated systems, building a unique profile of every workforce member’s clinical and administrative workflow.”

The folks at Protenus are working on a solution that can tell the difference between routine access to EHRs or possible illegal attempts to retrieve this data. They do this by detecting unusual patterns and anomalies using AI that are then escalated to security officers. Over time, the solutions get “smarter” and learn exponentially as the customer base grows.

We’re Behind the 8 Ball When It Comes to Protecting EHRs.

Health care has lagged far behind banking and other industries when it comes to implementing security protocols. Until EHR records were mandated by Obamacare, many healthcare providers still used paper, faxes and handwritten charts. And once EHRs were finally implemented, the hackers were already a step ahead, and the medical industry is still scrambling to find ways to protect them.

Cybersecurity experts tell us that the seriousness of this can’t be overstated. The frequency of threats has taken off in the past 10 years as EHR data is increasingly networked between healthcare entities. And as we continue to struggle to secure our EHRs, increasingly savvy thieves are finding more ways to steal them.

Posted in: Tech Tips for Business Owners

Leave a Comment (0) →

If You Don’t Know About These 3 Ways to Use Outlook 2016 More Efficiently, You’re Wasting Lots of Time

Microsoft Outlook is a professional email and calendar program that’s been used by businesses for over 15 years. It’s had many iterations over the years, but with 2016, and its integration with Office 365, Microsoft has taken Outlook to the next level. Today, small and medium-sized businesses that couldn’t afford the enterprise-level application can now benefit from Outlook 2016.

The following are 3 ways to help you use Outlook 2016 more efficiently.

1. Keyboard Shortcuts

Using keyboard shortcuts in Outlook on Windows will help you work more efficiently. It’s also handy for those who have mobility or vision disabilities because using keyboard shortcuts can often be easier than using a touchscreen or mouse. Here are some popular keyboard shortcuts you should try.

And there are more. Here are popular keyboard shortcuts for NAVIGATION:

When searching, try these handy keyboard shortcuts:

 

To create an item or a file keep these shortcuts in mind.

Shortcuts in Mail.

To see more Outlook 2016 Shortcuts go here.

2. Use Quick Steps

Right-click any email, choose Quick Steps and choose from the list.

We’re going to choose Team Email. The first time we use this, Outlook asks you to name your team and enter their email addresses.

Then create a Keyboard Shortcut for this. So, the next time you hit Control Shift 1, an email to your entire team can be composed.

You can also create new Quick Step. Simply choose Create New Quick Step.

Here are some other Quick Steps to try: 1

  • Move to Folder: This is essentially the same as Move To.
  • Categorize & Move: This moves the selected message to a specific folder, marks the message as read, and assigns a category color and name to the message.
  • Flag & Move: This moves the selected message to a specific folder, marks the message as read, and assigns a flag to the message.
  • New Email To: This opens a New Message form with the To field already filled out with a particular recipient.
  • Forward To: This is essentially the same as To Manager.
  • New Meeting: If you often send meeting invites to the same group of people, use this Quick Step to open a New Meeting form with the To field already filled in with the invitees.
  • Custom: This opens the Edit Quick Step dialog box so that you can create your own custom Quick Step.

3. Use Conditional Formatting

This is used to change the look of a particular email. You do this in the View Menu.

Here, we just click on Conditional Formatting and create an email called Microsoft.

Next, we choose a condition, where the word Microsoft appears anywhere in an email.

Then, we ask it to appear in a bold red font.

Now, any new email we receive with the word Microsoft in it will show up in red. This is a great way for us to recognize the importance of an email. You may want to do this for any email with your boss’s name in it!

And, there are more ways you can get the most from Outlook 2016. Here are a few ideas:

EMAIL

  • Change the color and contrast of Outlook: You can also use a picture or color as the background, add a text watermark to your emails.
  • Customize emails with the fonts you prefer: Change the default font for various email messages you send, or a particular font for messages that you forward or reply to.
  • Create signatures for your different email accounts: Create personalized signatures for your email messages: include text, images, your electronic business card, a logo, or even an image of your handwritten signature. Signatures can be added automatically to all outgoing messages, or you can choose which messages should use a particular signature.
  • Setup sound alerts when new emails come in: A sound can play when a new email message arrives. The default sound is a short .wav audio file, but you can change it to any .wav file of your choice.
  • Establish tracking options with delivery receipts: A delivery receipt confirms delivery of your email message to the recipient’s mailbox.
  • Use Outlook’s templates for your messages or create your own: Use email templates to send messages that include information that rarely changes from message to message. You can also insert icons, photos, and tables into your messages.
  • Embed voting buttons in your email to survey your recipients about a particular topic (such as, “When’s the best date and time for a meeting?”): Voting buttons are an excellent way to poll people, especially when communicating with large groups.
  • Use Quickparts to insert a standard set of words you often use: Use the Quick Parts Gallery to create, store, and locate content, including AutoText, document properties such as title and author, and fields.
  • Clutter: This is where you can place low priority emails you want to read later. Clutter helps you filter these low-priority emails saving time for your most important messages. Office 2016 remembers “Clutter” emails if you want.  If Clutter isn’t for you, you can TURN IT OFF.
  • Create folders and subfolders: You can base these on topics, senders, organizations, projects, etc.—Whatever works for you and organize your emails under the subjects you choose. Use folders in Outlook to move email messages, add a folder to your Favorites, and set a rule to move specific emails out of your inbox.

CALENDAR

Outlook 2016 calendars have all the tools and functionality you’ve relied on in the past, with improved features to help you manage your time. 

  • Set up multiple calendars (e.g., personal, business, health, etc.).
  • Create appointments quickly and share them with your contacts.
  • Scheduling assistant lets you access others’ calendars that you’re authorized to view (and vice versa).
  • Set reminders, reoccurring appointments/meetings, alerts, and more.
  • View your calendar by day, week, month, and year.

CONTACTS

  • You can also import contacts to Outlook from other email providers using the Outlook Import/Export wizard. Import a CSV file, Excel spreadsheet, or vCard.
  • Your contacts are linked to your email accounts, so you can simply key a name in the “To” field, and your contact’s email address will appear.
  • Set permission for a particular contact (delegate) to view your emails while you’re on vacation. Plus, you can give this person access to your calendar, tasks, and so on, as appropriate. One delegate can take care of your email, another your tasks, etc.

TOOLS

  • Always know how much space is left in your account.
  • Notify those emailing you that you aren’t available during a particular period with Out of Office. You set up a special message you want others to see.
  • Even set up different messages for people inside or outside your organization. (Outlook will remind you that the “Out of Office” message is turned on, so you don’t forget when you return.)
  • As mentioned above, similar to having an assistant help you manage your incoming paper mail, you can use Microsoft Outlook to allow a delegate, to receive and respond to e-mail messages and meeting requests and responses on your behalf.
  • You can also grant additional permissions that allow your delegate to read, create, or have more control over items in your Microsoft Exchange Server mailbox—And, set more than one delegate and permissions for various tasks.

TASKS

Outlook 2016’s task management helps you accomplish to-dos faster and easier.

  • Categorize your tasks with color codes.
  • Ping reminders for tasks.
  • Check-off tasks when complete.
  • Create tasks for others as well. Outlook integrates tasks with your emails so that you can assign a task to a recipient.  The task will show up on their task list.

To learn more about how you can get the most from Outlook 2016 contact us.

Posted in: Tech Tips for Business Owners

Leave a Comment (0) →

Big Changes For Google

If You Want to Be First on Google Searches, Be Sure to Employ Best Practices for Mobile-First Indexing

Google Changes

On March 26th, 2018, Google announced that after over 18 months of testing they will now begin migrating sites that follow best practices for their mobile-first indexing. This means that Google will now use the mobile version of content to index and rank all websites. Before now, they used the desktop version of a webpage’s content to evaluate how relevant it is to users’ Google searches.

NOTE: You won’t have to change anything if you have a responsive site or a dynamic serving site where the main content and markup is the same in both. However, if your site configurations are different on your mobile and desktop site, you should make some changes to your site. You can check the structured markup across your desktop and mobile versions by typing their URLs into the Structured Data Testing Tool and comparing them.

We’ve been getting a lot of questions about this, so we’re providing some answers for you below.

Why is Google doing this?

Today, most of us search on Google using our mobile devices. Yet, their ranking system is still based on the desktop versions of websites. This creates issues if the mobile pages contain less data than the desktop pages. In this case, the Google algorithms can’t properly evaluate the actual page that’s seen by the mobile device user.

So, to make their results more accurate, Google started experimenting with their index mobile first initiative. And now that it’s been launched, it will be the primary way Google will search for content, show snippets and rank pages.

How does this work?

Google’s Googlebots (or crawlers) search and index web pages. Crawlers are robots or spiders that automatically locate and read websites by “crawling” from one link to another.

Last summer (June 2017) Google advised website owners to switch their m-dot domains to “responsive” before the Mobile-First Indexing launch. If you didn’t do this, then Google will fully index your m-dot content and URLs. This means that the migration for your site will take longer than it should because Google will have to update the content on your pages.

If you have separate desktop and mobile content for your website, this means that you have a dynamic-serving or separate m-dot site specifically designed for mobile devices.

It’s good to have an m-dot site because you can use it to enhance the mobile experience on your site without compromising your desktop or mobile experience.

Ensure you follow Google’s best practices if you want your sites to rank well now with their mobile-first indexing.

Should our mobile content be different than our desktop content? No. It should be the same. And don’t limit it either. This could cause your ranking to decline. If your mobile site contains less content than your desktop site, it’s time to update it. Plus, be sure you include all of your photos, images, and videos in their original indexable and crawlable formats.

What about the structured data? Should we include it on both of our mobile and desktop versions? Yes. The URLs in the structured data on the mobile versions should be updated to the mobile URLs. If you use Data Highlighter for this be sure to check your dashboard regularly for any extraction errors.

How about the metadata? Do we need it on both versions? Definitely. Make sure that titles and meta descriptions are identical across both versions of your site.

Things that you should verify to meet Google’s new Mobile-First Indexing:

  • Verify both your mobile and desktop sites in Google’s Search Console. Now that Google has switched over to mobile-first indexing your sites may have experienced a data shift.
  • Make sure your mobile site’s hreflang points to the mobile URL and the desktop hreflang points to the desktop URL.
  • Make sure your website server has enough capacity for the potential increased crawl rate on your mobile version.
  • Use the robots.txt testing tool to be sure that the Googlebot can access your mobile version.
  • Be sure that your robots.txt directives work properly on both your mobile and desktop sites.
  • Ensure that you have the correct rel=canonical and rel=link elements between your mobile and desktop versions. However, Google says that you shouldn’t have to make changes to your canonical links because they will continue to use them as guides for users who search on either on desktop or mobile sites.
  • If you add structured data to your mobile site, don’t add a lot of markups that aren’t relevant to the information.

The Finer Details

  • To allow or block Google’s crawlers from accessing any of your content, be sure to specify Googlebot as the user-agent.
  • To block pages from Google, blocking the user-agent Googlebot will also block all Google’s other user-agents.
  • You can also get more fine-grained control, like having all of your pages show up in Google Search, but not the images in your personal directory. You can use robots.txt to disallow the user-agent Googlebot-image from crawling the files in your personal directory (while allowing Googlebot to crawl all files). Go here for more details on how to do this and for other examples.

Three important points to remember:

  1. If you only verified your desktop site in Search Console, you must do so for your mobile version as well.
  2.  If you only have a desktop site, Google will continue to index your desktop site but use the mobile agent to do so. This should be fine.
  3. If you are still in the process of constructing your mobile version, it’s better to keep using the functional desktop site rather than trusting an incomplete mobile version of the site until it’s ready to launch.

To Summarize:

Google’s ranking, indexing and crawling systems used to use desktop versions of a page’s content. Now, because this may cause problems for mobile searchers they’ll be using the mobile version of a page instead. Google will be showing the mobile version of pages in their Search results and Google cached pages. You should also expect to see increased crawl rates from the Smartphone Googlebot.

You don’t have to worry too much because Google will always present the URL that is most appropriate no matter if it’s a mobile or desktop URL. While their index will be built from mobile documents, they say they will continue to build a great search experience for all users, whether they come from mobile or desktop devices.

If you have any questions, feel free to contact us. Or you can always contact Google via their Webmaster Forum.

Posted in: Tech Tips for Business Owners

Leave a Comment (0) →

Tired of Sending Marketing Emails That Go in the “Trash”?

Here Are The 10 Things You’re Doing Wrong

Email Marketing

Email is a very effective marketing tool. However, it’s also tough to execute properly. If you don’t plan correctly, understand what you’re doing wrong and how to remedy this, you’re simply wasting your time and money.

You aren’t getting new subscribers.

If you can’t entice new subscribers, you are simply spinning your wheels. Without an ever-increasing pool of subscribers, your open rates will suffer. If you want to grow your email list, you must clearly state the benefits of subscribing to it. Clearly state what you can offer, and how you can address people’s concerns. Your prospects need to know why they should sign on. Consider offering something for free that you believe will be of value to them like a free trial, sample product or document with relevant information.

Your subscribers keep leaving.

The best way to ensure that your current subscribers stay with you is by sending out relevant emails to the right audience. You must correctly identify your target audiences and segment your email list accordingly – this way you can address the various pain points for different subscribers. By segmenting your list, you can not only retain more subscribers but increase your click-through rates as well. All too often, an email strategy is more focused on the company’s needs rather than the customers’. Receiving too many irrelevant emails is the main reason subscribers opt out. If you want to keep subscribers, stay focused on your target audience and their needs, rather than yours.

Your email subject lines aren’t eye-catching.

This is one of the biggest challenges you’ll face. People are overwhelmed with the amount of email they receive and will only open the messages that catch their eye. You must grab their attention in the subject line. Craft a message that is short and to the point. Personalizing the message in your subject line and keeping your message to fewer than 30 characters should help. A carefully written subject line will entice recipients to read the rest of your email.

You’re understaffed.

Performance always suffers when resources are limited. If you’re understaffed and “burning the midnight oil” just to stay afloat, your quality will suffer. Streamline your email process and look for bottlenecks and obstacles that slow your workflow. Take advantage of software automation tools that help your email team design and code emails more quickly. If necessary, you may need to hire more staffers, both full-time and part-time, or contract with freelancers. Freelancers can also offer expertise that your team may lack.

Your deliverability suffers.

You may have the best emails and subject lines, but if they are being sent to the junk inbox, you’re doomed to failure. Your emails must get through any spam filters. When your deliverability rate suffers, you can get blocked altogether by Internet Service Providers (ISPs). How do you fix this? Don’t use spam words in your subject lines. Phrases such as “make money,” “earn cash,” “save $” will go directly to spam mail. And, of course, ensure that your prospects’ email addresses are accurate. Consider asking people who visit your website to re-confirm their email address when signing on to your list. This way you can make sure you have their correct email address from the start.

You need a new ESP.

You need an Email Service Provider that works for you. Some focus more on larger enterprises or certain verticals like e-commerce. You need an ESP that fits your brand. Try using more than one to see if this is the problem. Measure your success rates with each one. You can employ analytics tracking with multiple ESPs. Some businesses use up to four different ones to increase the odds that their emails will be delivered. Use the ones that provide you the best rates for delivery.

You need to cull your list.

You may need to remove contacts that have been inactive for a long time or those who never open your emails or go to your website. If you know that a lot of the emails on your list are no longer active, delete them. They just cost you money. You must maintain your list. You can also do this by letting subscribers manage their preferences (to opt-out if they want). Set up a way for them to change their communication preferences like what kind of information they want to receive or how often they want to receive them. This helps to build the sense of trust that they require to stay with you.

Your team is sabotaging your efforts.

You may be doing everything right, but other departments aren’t. If customer service is lacking, you’re sure to lose subscribers. If your website or mobile application isn’t easy to use, subscribers will get frustrated and go to a competitor. Keeping customers happy requires teamwork. Get together regularly with other departments in your company to share experiences, concerns, successes, and insights. Ensure your team members are onboard with your email strategy, measure your results and work together to fix what’s broken. Set up read-only access to your marketing emails for team members so they’re kept apprised. Everyone must be on the same page and working in unison.

You’re not measuring results and adjusting your strategy accordingly.

Measuring the performance of email campaigns is imperative. Unless you know what works and what doesn’t, you’re leaving money on the table. Implement a closed-loop marketing strategy to achieve the results you’re looking for. This means following a subscriber from the initial point of contact to their conversion as a paying customer. Be sure to leverage the available data from your ESP and feed your data back to them to get more visibility into your results. When making adjustments based on data, do so in increments and prioritize your changes. This way you can continue to measure the results of your changes one by one until you get it right.

You aren’t using the right process.

Not having a plan will make your job so much more difficult. Your email process should be designed to speed up your email production and improve quality control. You need an extensive pre-sending plan. Here’s one to go by. You fill in the blanks according to your goals.

  1. Plan your marketing strategy
  2. Collect data on your target audience
  3. Construct your database
  4. Define your email plan
  5. Define your content
  6. Setup your emails
  7. Send your emails
  8. Measure your results

Goal setting is crucial to your email marketing success. It will help to guide the direction of your campaign, make it easier for you to measure results, and increase the odds that you’ll ultimately succeed in the end.

Posted in: Tech Tips for Business Owners

Leave a Comment (0) →

From Unaware Interns To Evil Executives: How To Say Sayonara With Skill

It’s never easy to terminate an employee. The skill of firing with flair is a sensitive but necessary process that everyone should learn!

Firing an employee

It happens to the best of us. We post an advertisement for an available position on job boards across the Internet. We scour through the thousands (and thousands) of submitted resumes. We painstakingly choose the best candidates (on paper) to bring in for an interview, and we try to pose the questions that should result in the most thought-provoking and inspired responses, giving us the deepest insight into their soul – in about 30 minutes or less. We thank each interviewee dutifully for their time, wonder if we’ll get the perfunctory thank-you note or if their manners will go remiss, and try to decide who makes the cut and gets the job offer. Fast forward to the day we discover the candidate doesn’t stack up to the promises made during the hiring and onboarding process – and it’s time for the HR team to tactfully terminate.

We’ve all been there. The goal is always to build a team that is dedicated, loyal, and earnest – but too many times we encounter flaws with one of these characteristics, and the relationship is no longer, as the saying goes, mutually beneficial. Is your termination process thorough? What steps do you need to take to protect yourself and your business from retaliation in preparation before a potentially hostile departure? Read on to cover all your bases, but leave the exit details to the HR team.

First Things First

Once you have a full grasp of the outstanding projects and deadlines that still need to be met, you can move on to the most pressing matters.

Access: All login credentials

  • For global enterprises, there are large IT teams that oversee just logins and passwords alone – but since you’re reading this, you don’t work for IBM or Apple with a department of staff dedicated solely to current credential maintenance.
    • Network
      • Most organizations require a username and password to access anything related to the organization itself: email, file storage, etc. and this is the first of many credentials that should be addressed to ensure swift and secure measures to protect the company after a termination.
    • Email
      • First, change the password. The terminated party likely has their work email on their smartphone and thus can access their email immediately upon departure from the office. This offers the chance for damage or sabotage, such as deleting emails from their inbox or sending damaging emails to contacts.
      • Maintain the email account by having another party monitor incoming messages. Consider setting up an auto-reply feature to notify senders to the recipient that further communications should be directed to another email address for attention in the future.
      • One task that tends to be overlooked in the immediacy of a departure is the removal of the terminated party from internal distribution lists and notifications.
      • Lastly, if the individual has suspected termination was imminent, they may have deleted emails before the action taking place. There is a brief window when email recovery is still possible, but the standard time frame is 30 days.
    • VPN or remote access
      • If your company allows remote network access, likely through a Virtual Private Network (VPN) or a service like LogMeIn, a team member likely only needs to have this access set up one time and store their login and password at the remote point of access. The simplest way to prevent future access with this is by changing the affected password. If a platform like LogMeIn is the primary connection method, the administrator will need to be the one to change the user’s access settings.
    • Intranet
      • Typically, an organization uses an Intranet portal to store internal communications or Human Resources information like health insurance details, company directories, staff handbooks, forms and processes, office calendars and holiday schedules, and any other pertinent documentation related to operations. Access removal or password change to a network will often serve to prevent further access to this area, but a quick verification of settings here is still wise.
    • Cloud Storage
      • To prevent anyone from accessing files after termination, and for similar reasons as above – sabotage or deletion – change any access passwords for this portal. It’s very likely that proprietary information on projects, clients, or other sensitive information is stored here.
      • If termination is pending for an individual, it’s wise to preemptively make a back-up of these files and store them elsewhere for later access.
      • If your company uses cloud providers like Dropbox for Business, Microsoft OneNote or SharePoint, your administrator will need to lock the account for security, likely by resetting the password.
    • Data Recovery
      • Files
        • If after the termination and departure is complete you notice files are missing and suspect deletion, time is critical for data recovery.

What else can you do?

Aside from the items listed above, any organization should take every precaution possible to protect themselves in any situation. At some point, a termination is inevitable, and proper handling of the process can be what defines the outcome.

  • Enact security protocols that limit or prevent the use of external devices like hard drives or thumb drives.
  • Prevent team members from removing any proprietary data from the premises. This is almost impossible in the case of a distributed workforce, but you can require all files to be stored in a central repository to minimize risk.
  • It’s worth taking the time to review the terminated party’s outgoing email in “Sent Items” to verify if any messages were forwarded to a personal email address.
  • It’s always challenging to decide if a note to other team members is a good idea, alerting staff to the departure of an individual. Privacy policies typically protect the terminated party, and a perfunctory statement of “Sally Smith is no longer with the company as of April 1, 2018. We wish her well in future endeavors. Any questions, concerns, or communications may be directed to her supervisor, Billy Boss, moving forward” or something very similar, so long as it’s kept generic.

Handling a termination is never easy. The most important aspect of any termination is to protect the company – it sounds harsh, but it’s a fact. Preventing someone who is being fired from stealing information and using it to damage a company or sabotage a brand or person is a challenging task.

With the proper processes in place, anyone can minimize the risk to the company, ensuring survival after saying sayonara!

Posted in: Tech Tips for Business Owners

Leave a Comment (0) →

Is Your Business Hemorrhaging Money?

Hint: It Will If Your IT Network Goes Down.

You’re lying in bed, almost asleep when, “Oh no! Another lightning strike -that means the power probably went out in the office!”

Computer Network Down

Does the sound of thunder keep you awake at night wondering if your IT network will be up and running the next morning? It can happen to the most successful of businesses. That is unless you’ve planned to ensure it doesn’t.

IT downtime is a reoccurring nightmare for small and midsize businesses (SMBs) today.

Technology is Great – Until It Stops Working

This is the “Catch-22” of today’s technology dependence. With a reliable, secure and stable IT network, your small business can compete with the “Goliaths” of the world. You can reach across oceans, mountains, and continents to serve customers almost anywhere, 24/7. You couldn’t do this 10 years ago, but with today’s technology, the opportunities are endless. You can really make some money now – unless your network goes down.

The “big guys” you compete with can absorb a few IT failures, but you can’t. They have the resources and backup IT infrastructures to keep operating and profiting. For you, an IT failure could result in a real drain on your bank account, and ultimately, the end of your business.

Some Alarming Statistics:

The National Archives & Records Administration reports that 93% of small and midsize businesses file for bankruptcy within 12 months of experiencing data loss and prolonged downtime for 10 or more days.

The Aberdeen Group revealed that the annual cost of downtime for a small business with fewer than 100 employees amounts to $25,806. Furthermore, midsize businesses with 100 to 1,000 employees lose $880,600 annually due to IT failures.

Most IT Downtime Can Be Prevented.

That is if you’re prepared. So, what should you do?  Ask a professional IT company (a Managed Services Provider) to conduct a Risk AnalysisVulnerability Assessment, develop a Disaster Recovery Plan, and implement Next-Generation Firewalls and Defense-in-Depth Cybersecurity for your business.

Unfortunately, many SMB managers and owners prefer to put this off until a disaster hits, or when the “hiccups” in their IT system become unbearable. In the meantime, every “hiccup” costs them money, and the major downtime events cost them more than they can afford.

50% of SMBs don’t have a Disaster Recovery Plan in place, and 41% haven’t even thought about it.

This is like gambling with your livelihood every day- and you know that when you gamble, the odds are usually against you. Maybe you know that this could eventually prove to be a costly mistake, but do you know that if you aren’t properly prepared that it’s already costing you money every day?  If you’re relying on break/fix IT services, you aren’t properly prepared. These companies don’t provide the proactive, preventive service your business requires today.

Many businesses just like yours are hemorrhaging money by relying on high hourly rates, extra charges and long wait times for IT support.

Greater Dependence on Technology = Greater Risk

It’s a paradox – technology serves you well, and your business probably wouldn’t be here today without it. However, the more you depend on it, the greater your risk of failure.

If your small dental practice has to pay $25K to recover from a phishing scam, and you had to cancel appointments for the next 10 business days, would you be able to afford to open your doors in two weeks?  Or if your legal practice has to shell out $45K for data recovery and IT repairs, could you make payroll next week? Not to mention the fines and litigation you could face for HIPAA and other regulatory infractions. This could put you out of business entirely when your patients and clients find out.

Did you know that nearly 40% of SMBs will have their network compromised by a hacker? Most won’t even know their IT system fails.

How Much Can You Afford to Lose?

It’s time for a reality check – the fact is that unless you’re properly prepared, your data can be compromised, your IT system can fail, or both. Take the time to ask a few questions to determine if you can afford this risk.

  1. Based on the statistics we’ve revealed, how much downtime do you think your business can afford to put up with?
  2. How much time in productivity do you lose each day due to IT interruptions or unreliable Internet access?
  3. How fast can your current IT company respond to emergencies?
  4. Is your critical data backed up every day both onsite and in a secure cloud?
  5. Can you quickly access your data in the event of a theft, flood, fire or other damage to your IT system?
  6. Do you know if your backups are truly reliable?
  7. Is the data on your mobile devices backed up every day?
  8. Is your network safe from hackers?
  9. Are your employees fully informed about cybersecurity tactics?
  10. Do you have IT professionals conduct Vulnerability Audits on a regular basis?

Downtime Can Be Prevented, But Disasters Can’t

Here’s another question for you: Are you taking advantage of today’s managed cloud solutions? Smart business owners and managers know that cloud-based and virtualized backup solutions mitigate damage from downtime. It allows them to access their data quickly and securely from wherever they have an Internet connection. It’s a cost-effective method that provides business continuity capabilities in the event of an IT disaster. Virtualization allows for business servers to be grouped into one software bundle. This means all your operating systems, applications and data are safely stored in the cloud for quick restoration if required.

Server virtualization involves the partitioning of your physical server into smaller virtual machines (VMs), so you can also maximize your IT resources. With Cloud and Virtualization Services, you can migrate your data to another server during repairs or other required tasks. You’ll no longer need to shut down your servers and deal with downtime. Your data will always be available, and your capacity for business continuity will be greatly enhanced.

Important! Migrating your infrastructure to the cloud takes preparation and expertise. Only a certified IT provider should be trusted to handle this.

With the right cloud solution and virtualization, you’ll no longer need to shut down your servers and deal with downtime. Your data will always be available, and your business continuity will be greatly enhanced. By heeding the advice we’ve imparted here, your business can thrive and your bank account can grow.

Posted in: Tech Tips for Business Owners

Leave a Comment (0) →
Page 2 of 26 12345...»