Securing your business data is twofold. The first part entails having the right security software and security policies. The second is providing the right user training to your employees, making them more aware of the different scams and ploys used in socially engineered cyber-attacks. One of the things many people fail to realize is that securing business data from malware and other sorts of cyber-attacks doesn’t stop with implementing the right security software. These days, cyber-criminals also use all sorts of tricks to bait unsuspecting employees into being catalysts for malware entering your system. Reports cite that as much as 60 percent of cyber and malware attacks on businesses are done through social engineering – meaning that instead of a direct attack on your system, hackers are using ploys found on email and social networks to get people in your organization to unwittingly introduce malware into your IT infrastructure. This is why it’s equally important to put emphasis on training your employees to recognize common cyber-attack strategies such as phishing, or how to use proper virus scanning software so any external or thumb drives they plug into their computers are malware-free. Remember, it only takes one mistake from a gullible employee to open the gates of your system to keyloggers and other sorts of malware and viruses. Keeping your company’s IT system safe is an investment. Getting the right security protocols and then training your employees to not only use and respect these protocols but also be more aware about security risks goes a long way in keeping your data safe and your operations stable.
Continue readingNo Viruses for the Mac? The MacDefender virus will set you straight
MacDefender is the name of a newly discovered malware program that targets Mac OS X users. Disguised as an anti-virus program for Macs, it dupes – and if that fails, bullies – users into entering credit card information to pay for fake anti-virus software. It is a widely held belief that one of the reasons Macs are superior to other systems is because of their ‘invulnerability’ to viruses, malware, and similar threats. All well and good, except for the fact that a recent rogue anti-virus malware that specifically attack Mac OS X systems has been discovered. So much for the ‘Mac = no virus’ myth. Called the ‘MacDefender’ and also known as Mac Security and Mac Protector, this malware tricks users by having them think that their system is under attack. It begins when users visit a malicious website where the program automatically downloads itself to the computer. If you have the “Open safe files after downloading” option selected, it automatically installs itself onto the system. The original installation package is then also automatically deleted. Next, a new menu item appears on the Mac OS X menubar. You’ll see a small orange shield that becomes red, which supposedly means that there are viruses in your system. You’ll then be prompted to “register” – which involves giving out your credit card information – to a website to clean the virus. If you don’t, the malware will then direct your browser to porn sites to ‘encourage’ you to register and pay up. To know more about how MacDefender works, check out this video . While Macs are certainly targeted less than Windows systems, the threat of getting infected by viruses and malware is very real, especially if myths like Macs being impervious to viruses persist. To know more about protecting yourself from threats like these, please contact us so we can draw up a plan to keep your system safe and secure.
Continue readingMobile and Online Payments Now Possible with Google Wallet
Google is testing the waters of the electronic wallet with retail and online shopping industries by introducing a new service called Google Wallet. Google Wallet allows users to make purchases and earn loyalty points and coupons – all from a single smartphone. Smartphone technology has grown by leaps and bounds these past few years, and having a smartphone these days is almost synonymous to being online all the time. Software giant Google has decided to tap into this phenomenon with a new service called “Google Wallet”, which enables users to make purchases and payments from their smartphones. Partnering with Mastercard, Macy’s, Subway, American Eagle, Citibank, and Sprint, Google assures users that their e-wallet service is safe. The service requires that smartphones have a special chip that allows the user to simply “tap” or “swipe” the phone at participating stores to pay for merchandise or services. When you swipe your smartphone’s e-wallet, you also earn coupons and points for rewards. The technology is also designed so that the user can turn the chip off when Google Wallet is not being used, making it safe from hackers. If the smartphone is lost, the data can also be wiped remotely. A similar system to Google Wallet has been operational in some countries including Japan for some time now, but its use is limited to only certain areas and stores there. While the concept of Google Wallet has great potential, there are still several limitations to the system as Google continues to look for more partners for the enterprise before its official launch, which is slated for within a month or two.
Continue readingSimple Online Security Tips
As more and more incidents of online identity theft are reported, it’s important that users become more aware of how they can prevent themselves from becoming the next victim of identity theft. Following some simple tips can help you make your online experience a much more secure one. Security experts are seeing a rise in the incidence of cyber-crime these days as more and more people use the web for their day-to-day needs. No one is spared – both businesses and private individuals have become victims of opportunistic cyber-criminals who take advantage of loopholes in security systems and a lack of foresight and alertness on the part of users. One common cyber-crime is identity theft, in which hackers steal and assume the identity and personal information of someone else. Under the guise of the usually unknowing victim, these unscrupulous individuals commit fraud or other crimes. While there is no 100% guaranteed way to be safe from identity theft when online, there are a number of steps you can take to protect your identity and your data. Have the right security software. One of the keys to keeping your identity and data secure is having the proper security software in place to protect your system. Also make sure to update the software regularly. Know the modus operandi. It’s also important to be aware of the different scams and techniques hackers use, such as phishing, which involves duping the user into clicking a legitimate-looking (but fake) link that has the victim enter personal information or download a file that introduces malware into the system. The rule of thumb is that if an email is unsolicited, there is a high probability of it being a scam or phishing email. Be stingy with your personal information. Be sure to only fill out personal information on sites that are legitimate and that you trust, and even then, only if you absolutely need to. Check and double check things like the URL or the company’s tag line to know if a site is what it says it is and whether it is secure. Phishing sites also look legit – but a careful look should be enough to tip you off that something’s amiss. Create unique passwords. The more complicated your passwords are, the harder they are to guess or hack. So don’t pick generic passwords like “password” or “12345″ or things like your birthday or wedding anniversary. The best passwords are alphanumeric – a combination of both letters and numbers. Secure wireless networks. It’s important to allow only the right people to have access to your wireless networks. Besides saving bandwidth, this also prevents leechers and hackers from using your connection to tap into your system or use it for unscrupulous activities. To know more about keeping your identity and data secure, please give us a call and we’ll be happy to discuss a custom security solution that meets your specific needs.
Continue readingReady for a Data Loss Disaster? Eight Questions to Find Out
Losing data to a natural or man-made disaster can be devastating – but the protective actions you can take are not. What would happen to your business if you had a major data loss? The possibility is definitely there; this can’t be denied. Data loss disasters come in many forms, ranging from simple human errors to “acts of God” that cannot be controlled. However, you can control how you prepare for them. Here are eight questions you can ask yourself to test your disaster preparedness. First: Do we back up our data? It’s amazing how many small businesses do not have a backup system in place. It’s so easy to assume disaster won’t strike you. But data loss doesn’t always come from huge, cinema-worthy disasters. They can result from simple everyday errors – yet have huge disastrous results. Don’t let this be you. Do we back up all of our account information? Many small businesses tend to keep their accounts data on one employee’s PC, instead of the network which is on their backup schedule. But what if you lose your customer database? Be sure it’s included in the files to be backed up. Do we back up our email files? Ever wish you had that one email from a few months back, in which a customer gave you the “go ahead” – but now they’re refusing to pay for your work? These days, email is increasingly used as legal evidence of agreements or notices to proceed. If they’re included in your backup, you can easily pull up even deleted emails – received or sent. Is our Calendar and Contact information backed up? What if you came to work one morning and your online calendar and address book was gone? What appointments and communications would you miss, and at what cost? Most of the time, by default your Outlook Contact and Calendar files are stored on the individual PCs. Make sure these files are included in your backup set. Do we back up folders and files from each computer? In addition to important information that is stored in shared networks, think about the files that each of your employees create and use on their own hard drives. Spreadsheets, letters, memos, databases – wouldn’t it be a shame to lose all that work? Are we always saving our files to an area that will be backed up? Consider where each and every file your work on is being saved. Will it be included in your backups? Develop policies and educate your employees on where to save their work so it’s included in your backup schedule. Do we back up data frequently enough? This answer to this question is – how much work are you willing to risk? Say you complete an important contract on Tuesday morning, and an employee accidentally deletes it that afternoon. But you only run backups on Monday, Wednesday, and Friday. Bye-bye contract! A more frequent backup schedule would have saved the day. Do we know where our backups are and how to use them? If you use USB drives, external hard drives, or backup tapes for your backups, are you storing them offsite in a safe place? Even if your files are backed up to the cloud, do you know how to recover them in case of an emergency? Knowing your backup system and keeping it safe will ensure you can get back to business quickly and efficiently. Even if you already have a backup system in place, take a few moments to think about your specific business. If the unthinkable happened, exactly what data would you need to get back up and running? What could you not operate without? Once you identify these things, simply make sure they are included in your backup. Need help? We’re experts in guiding small businesses in setting up a backup system that meets their unique needs. Give us a call today to discuss the options available to keep your business data safe and sound.
Continue readingThe ROI Series, Part 4: Measuring ROI
The ROI Series: Calculating the ROI of a Technology Investment—Part 4. Cost savings are usually important to small businesses even in the best of times. New technology solutions may be necessary for survival and growth, however — and they may not be as expensive as you think when you consider their return on investment (ROI). In this four-part series, we’ll explain what ROI is, help you understand indirect ROI, and provide guidelines for predicting and measuring the ROI of a technology investment. Part 4: Measuring ROI If you’ve been following this series, you’ve already learned what ROI is and how you can use it to make sure your technology implementations are profitable. But the process doesn’t stop there: it’s important, once you’ve implemented a new technology solution, to track its benefits. There are many direct and indirect benefits of implementing new technology, as we’ve described — but in most cases, companies don’t know what they are. In many cases, what you measure is clear. Consider a service company that implements customer service software designed to help phone representatives more quickly resolve customer issues. To determine ROI, the company simply measures the number of calls per employee before and after implementing the software. In other cases, companies don’t measure what we call the relevant “value drivers.” Some companies don’t know what to measure; others know what to measure but don’t know how to do it. The end result: only 17 percent of CFOs measure ROI for outsourcing projects, according to Hewitt Associates. As an example of how this could happen, consider a manufacturing company that implements software designed to reduce errors in a product line, thereby improving quality. While the company may be tracking the increase in quality (in the form of fewer returned goods, for example), it may not be considering other value drivers. How about waste? We can assume that quality has improved, fewer products have been scrapped — but the company doesn’t have a business process in place that can track costs incurred from waste. How do you identify value drivers? Follow the workflow. IT will always impact your business processes in some way. For example, it might eliminate, create, or change a business process. So to identify value drivers, look at the results you hope to achieve from these business process changes. As an example, consider the service company we referenced previously. As a result of its new customer service software, the company might reduce its customer service employees from five to four. This change in business process shows that one value driver is the reduction in labor costs due to increased efficiency, resulting in a direct ROI. Another value driver might be improved customer service, resulting in an indirect ROI. As another example, consider a company that implements software to track employee performance against objectives. In the past, it has paid bonuses randomly; now it has a methodology. This change in business process shows that one value driver is the savings in bonuses not paid due to non-performance, resulting in a direct ROI. Another value driver might be improved employee morale and effort, resulting in an indirect ROI. Generally, a year of data collection should be sufficient to determine the changes in costs and revenues that will drive both direct and indirect ROI, providing you with solid data to determine just how effective your IT investment has been.
Continue readingSmall and Medium-Sized Businesses Make Big Targets for Cyber-Attacks
Security experts are discovering an emerging trend in cyber-crime these days as more and more SMBs become attractive targets for cyber-thieves because of their inadequate security measures. Reports have shown that cyber-criminals can siphon off as much as $70 million worth of accumulated resources. There is a misconception among many SMBs that they are small targets for would-be cyber-attacks. “We’re too small a company to be of any worth” is the mindset of many. However, there is an ongoing trend in which smaller companies actually find themselves victims of the most elaborate and vicious cyber-attacks. Why? Security experts are discovering that SMBs tend to have less or inferior security protocols in place to counter cyber-attacks. While this was of little consequence in the past, cyber criminals are now starting to take notice of the fact, and are exploiting it to their advantage. And it’s profitable too – an attack on one SMB might not amount to as much as a larger organization, but given the greater ease through which hackers can attack smaller businesses, they more than make up for the difference in the volume of companies they target. According to several news reports, these cyber-thieves can make off with as much as $70 million. The more unfortunate fact is that smaller companies are less able to counteract the effects of losses from cyber-attacks. This is why you should stay one step ahead of cyber-thieves by updating your security systems. Short term or long term, it’s a practical solution to keep information and data safe, and your operations stable. Give us a call today – we can help.
Continue readingIs Your Data in the Cloud? Can You Get It Back?
Are you concerned about the safety of your data if it’s stored “in the cloud”? Cloud computing is a relatively new trend among businesses today, and with the right preparation and knowledge it can be an economical and effective solution to data management challenges. You just need to know the right questions to ask when selecting a provider. A few weeks ago, Amazon suffered several days of outage in its EC2 and RDS service, bringing down dozens if not hundreds of services along with it — including such high-profile sites as Reddit, Heroku, Foursquare, Quora, and many others. Although the cause of that outage has been analyzed extensively in many forums, the discussion is interesting and relevant because it brings attention to the lesson that wherever or whomever you entrust your data to—be it in the “cloud” or to a big company like Amazon — it pays to be smart about how you manage your data, especially if it’s critical to your business. Understand your options. When someone else is managing your data, it’s easy to leave the details to them. However, making sure that you at least have some understanding of what your options are in what different service providers can offer you will pay dividends later if something goes wrong, since you’ll be better equipped to make an informed decision on the spot. Things you should look at include: Who is the service provider? What is their history? Who is behind them? What is their track record? Where do they store your data? Do they own the servers where your data is stored or do they rely on someone else? Is your data stored within the local area (i.e., a drive away) or is it distributed all over the map? Do they provide a mirror of your data within your own server, or is everything in their data centers? What measures do they employ to make sure your data is safe? What methods do they employ to ensure you can get to your data when you need it? Do they provide service level assurances or guarantees to back up their claims? These are just some of the basic questions you should be asking of your service provider. Do a test drive. Often you will not know exactly how a service works until the rubber hits the road, so to speak. Ask your service provider for a demo or a trial period. Test how fast it is to back up your data, but more importantly how fast you can bring it back when you need it. This is especially important if you’re talking about gigabytes of data. Understand that doing backups in the cloud can be hampered by your bandwidth and many other components of your system and theirs. Don’t put all your eggs in one basket. Some service providers give users the option of storing data in multiple sites, to ensure that your data is safe if one site goes down. But why rely on just one service provider when you can get the services of multiple providers instead? Or perhaps better yet, why not manage some of your data on your own? While it may be complex and costly to reproduce what many service providers can provide today, it is relatively easy to set up a simple system to keep at least some of your really, really important data locally by using an unused computer or a relatively cheap, network-attached storage device or secondary/removable drive that you can buy at your local store. Create a plan and write it down . Unforeseen occurrences can and will happen — not only from your side but from your service provider’s as well. When they do happen, you will need to have a contingency plan ready, often referred to as a Business Continuity Plan. Make sure to document your plan in writing, and communicate it to everyone in your organization so they will know what to do in case disaster strikes. With its promise of unprecedented efficiency, reliability, scalability, and cost savings, cloud computing and storing your data in the cloud is the topic du jour these days. However, it’s sometimes easy to overlook the basic due diligence that’s necessary regardless of how or where your data is stored. Ultimately, it is your business on the line—and being prudent and proactive about how your data is stored, managed, and (most importantly) recovered in times of need will save you much grief when you actually need it.
Continue readingThe ROI Series, Part 2: The Indirect Benefits of Technology Implementation
The ROI Series: Calculating the ROI of a Technology Investment—Part 2. Cost savings are usually important to small businesses even in the best of times. New technology solutions may be necessary for survival and growth, however—and they may not be as expensive as you think when you consider their return on investment (ROI). In this four-part series, we’ll explain what ROI is, help you understand indirect ROI, and provide guidelines for predicting and measuring the ROI of a technology investment. PART 2: The Indirect Benefits of Technology Implementation It’s easy to see the direct benefits of new technology, such as reduced headcount or increased revenues. That’s because they show up as line items on financial statements. But it’s also important to consider the indirect benefits: an ROI that cannot be easily quantified but is nonetheless realized. A good example of an indirect ROI is employee productivity. When you implement new technology, employees can perform their jobs better and faster. For example, an application that facilitates better communication between attorneys and clients at a law firm may not generate a direct return by reducing head count, but it can significantly improve the quality of service clients receive while giving attorneys more time to focus on value-added tasks, such as sales. That, in turn, will increase clients and profits—a very clear indirect return. All technology generates some indirect returns, but how much is direct and how much is indirect? One research firm found that direct returns account for only half of technology ROI. Less than 50 percent of companies that implemented a document management system saw a direct ROI, while 84 percent saw an indirect ROI in the form of measurable increases in employee productivity. To determine how much of a proposed implementation’s ROI is indirect, you must consider three key factors: the kind of technology being implemented, the areas in which it will be implemented, and your current IT environment. The kind of technology being implemented. While all technology provides some indirect ROI, some technology generates more. For example, supply chain software can improve productivity, but most of its ROI is direct, in the form of reduced inventory and transportation costs. On the other hand, collaboration software may have a huge impact on worker productivity by reducing the time it takes to execute group-oriented tasks, such as sharing information and coordinating meetings. Likewise, content management systems tend to generate significant indirect ROI by leading to faster filing and decreased retrieval times. The areas in which technology will be implemented. Where and how you deploy technology will also impact the portion of its ROI that is indirect. As an example, consider a business intelligence dashboard. Depending on how it is used, ROI could be more direct or indirect. If it is used to give a logistics manager the ability to better monitor and control transportation costs, the ROI is primarily direct. If it is used to provide financial analysts with quicker access to monthly metrics, the primary benefit will be time savings, an indirect ROI. Your current IT environment. Finally, the extent to which a new technology’s ROI is direct or indirect may depend on how much change the technology leads to. Consider an application that tracks employee hours. A company that has manually collected time will see significant direct ROI in a reduction of the number of timekeepers needed. On the other hand, a company that already has an automated attendance process will see more indirect ROI in the form of efficiencies through time savings. Indirect ROI may not be readily visible, but it is critical to driving business value. A business that ignores indirect ROI, choosing not to improve its technology because there is no direct ROI, will not be able to keep up with competitors. In the next part of this series, we offer specific tips for predicting ROI.
Continue readingThe ROI Series, PART 1: ROI Basics
The ROI Series: Calculating the ROI of a Technology Investment—Part 1 : Cost savings are always important to small businesses — but that doesn’t mean you should skimp on technology. New technology may be necessary for the survival and growth of your business, and may not be as expensive as you think when you consider its return on investment (ROI). In this four-part series, we’ll explain what ROI is, help you understand the types of ROI, and provide guidelines for predicting and measuring the ROI of a technology investment. PART 1: ROI Basics There are two ways to look at the value of technology: total cost of ownership (TCO), which quantifies only the cost of a project, and return on investment (ROI), which quantifies both the cost and expected benefit of the project over a specific timeframe. Traditionally, businesses have used TCO when analyzing the cost of internal infrastructure projects such as upgrading an e-mail system. But even with internal systems, ROI can be a better method. If your old e-mail system goes down, for example, your sales team can’t contact customers electronically and must spend more time making phone calls. If your employees spend two more hours on calls than they would on e-mails, you’ve actually lost money by not upgrading your e-mail system. As an example of how ROI works, consider the case of a small, high-end electronics boutique. The current point-of-sale (POS) software is beginning to show strains from the company’s expansion and increasing inventory, and customer service issues are arising — a problem since the company’s mission is to provide exceptional service. The company’s owner believes implementing a new POS software program will help address these issues, but deploying it will be costly. The key question is which will cost more in the long term: spending the money to provide a solution, or the losses the boutique will incur by not doing so? That question may be easier to ask than to answer. As important as determining ROI is, there is still little consensus about how to measure it accurately. That’s because ROI has many intangibles — things that don’t show up in traditional cost-accounting methods but still maximize the economic potential of the organization, such as brand value, customer satisfaction, and patents. In the next part of this series we’ll discuss these intangibles
Continue reading