Blog

May 17th, 2017

Virtualization is becoming so popular that businesses are finally seeing the technology being packaged with the solutions they already know and love. The Windows operating system is a great example of a solution that grants you access to features like containers and software-defined storage.

A brief history of Windows Server

The Windows Server operating system has been around for decades. As an advanced option for onsite servers, this operating system grants access to high-level access management settings, DNS customizations, and network configuration management. In fact, it’s such a complicated solution that Microsoft offers certification courses for each version of the operating system.

The most recent iteration of this operating system is Windows Server 2016 (WS16). Released on October 12th, 2016, Microsoft’s latest server software included countless improvements to its networking and user management features. Where it really shines however, is in the ways it handles virtualized computing.

Virtualization in Windows Server 2016

As with just about anything in the virtualization world, containers dominate the WS16 conversation. Containers use software to aggregate the bare minimum requirements that one application needs to run -- hardware, software and operating system -- and deliver that package across a network to computers that lack one or more of those requirements. For example, if you want to run a Mac application that requires a huge amount of processing power on a bare-bones Windows workstation, you can create a container with the necessary components on your server and let the workstation access it remotely.

WS16 users have access to two types of container deployments: Hyper-V and Windows Server containers. To the average business owner, the differences between these two options is minute, but what is important is Microsoft’s commitment to compatibility. If virtualization is important to you, choosing WS16 is a great way to ensure that you’ll be ready for whatever develops among the disparate providers.

Another great virtualization feature in WS16 is software-defined storage (SDS). It’s a complicated solution, but it essentially allows you to create hard drive partitions outside of the confines of hardware limitations. You can create a single drive by pooling storage space from three different servers, or you can create several separate drives for virtualized workstations to access.

Obviously, managing a server is no easy task -- regardless of whether or not you implement a virtualized infrastructure. That complexity comes with some compatibility issues; if your business relies on old software, it may not have been updated to run with WS16. For everything from creating a transition plan to managing your virtualized framework, give us a call today.

Published with permission from TechAdvisory.org. Source.

May 15th, 2017

Have you noticed how your G Suite applications have been making smart suggestions to you lately? Relax, you’re not being spied on by cyber criminals; it’s just G Suite’s machine learning algorithm making task suggestions based on data gathered from your most frequent activities. Machine learning capabilities are integrated into Google apps not only to strengthen security but also to improve workflow and increase productivity.

What ‘machine learning’ does

Like a trustworthy assistant, machine learning anticipates logical next steps to your tasks. For instance, it might suggest Docs or other apps, launch apps, schedule meetings, or manage your email based on your habits.

For example, if you're using Google Sheets to track employee performance, the "+Explore" button in the bottom right of the screen can help reveal subtle trends. The machine learning that powers this function doesn't just analyze written data, it can also help you find the best image layout and settings. Aside from providing you with useful insights, this function also helps format and design your file.

Increased productivity

Working on an office productivity platform that is capable of suggesting apps may not seem like much. But since the average worker allots plenty of time doing routine tasks -- such as launching apps, searching and downloading files, and sorting email -- having a smart tool that makes sensible suggestions never hurts.

The machine learning-enabled Quick Access function predicts the file you want to open based on your recent activities and interactions within the Google environment. Google Drive’s search function is a good way to locate a file you need to work on, but as many users know, searching unsorted files and messy folder structures can cause an inconvenient amount of delay.

Greatly reduced spam

Managing email is a tedious task that demands a couple hours of your day, every day. There are many email management apps you can use, and although they’re worth your money and effort, sometimes all you need is a highly efficient spam detector.

Because of its machine learning capabilities, Gmail spam detection currently has an accuracy rate of 99%. This means virtually no spam in your inbox and a reduced exposure to malware-laden email. Another way Gmail users can save time is through Smart Reply, a feature that suggests possible responses to emails you receive. Google is currently working to improve Smart Reply’s responses so that they’re more accurate and less generic.

Google applications are handy office tools perfect for businesses that require anywhere, anytime access to their files and apps, as well as constant collaboration with colleagues. There’s more to learn about G Suite and similar platforms that might just be what your business needs. Call us today for recommendations.

Published with permission from TechAdvisory.org. Source.

Topic google
May 12th, 2017

With the increasing sophistication of cyberattacks, businesses need even stronger security tools to defend their sensitive documents. Fortunately, Office 365 subscribers now have more advanced security tools to stay ahead of the ever-evolving threat landscape. If you are concerned about security and compliance, these new Office 365 features could help.

Threat Intelligence Threat Intelligence for Office 365 gathers data from Microsoft security databases, Office clients, email, and other recorded security incidents to detect various cyberattacks. This feature gives users in-depth knowledge about prevalent malware strains and real-time breach information to analyze the severity of certain attacks.

What’s more, Threat Intelligence comes with customizable threat alert notifications and easy-to-use remediation options for dealing with suspicious content.

Advanced Threat Protection (ATP) upgrades In addition to Threat Intelligence, Office 365’s ATP service now has a revamped reporting dashboard that displays security insights across a company. This includes a security summary of what types of malware and spam were sent to your organization, and which ones were blocked. According to Microsoft, these reports will help you assess the effectiveness of your current security infrastructure.

ATP also has a new capability called “Safe Links” which defends against potentially malicious links in emails and embedded in Excel, Word, and PowerPoint files. If suspicious links are discovered, the user will be redirected to a warning page to avoid an infection.

Advanced Data Governance The newly released Advanced Data Governance feature is also a much needed enhancement for highly-regulated companies. It classifies files based on user interaction, age, and type, and recommends general data retention and deletion policy recommendations. If, for example, your business has retained credit card data for longer than necessary, Advanced Data Governance will alert you of the possible data governance risks.

Data loss prevention enhancements Last but not least, the Office 365 Security & Compliance Center is also receiving data loss prevention upgrades. With it, you can easily access and customize app permissions and control device and content security policies. So if someone in your company attempts to leak sensitive customer information, Office 365 will notify your administrators immediately.

Although all these features are available only for Office 365 Enterprise E5 subscribers, security- and compliance-conscious companies definitely need these upgrades. Get the right Office 365 subscription by contacting us today.

Published with permission from TechAdvisory.org. Source.

Topic Office
May 10th, 2017

If employee training and education isn’t an integral part of your cybersecurity strategy, a recent scam might force you to reconsider. Instead of relying on complicated programming code to steal and destroy data, hackers are increasingly relying on human errors to get the job done. Even well-trained users are falling for the most recent ploy, take a look.

Broadly defined, “phishing” is any form of fraud in which an attacker tries to learn information such as login credentials or account information by masquerading as a reputable entity or person in email, IM or other communication channels.

These messages prey on users who click links, images and buttons without thoroughly investigating where they lead to. Sometimes the scam is as simple as an image with a government emblem on it that links to a website containing malware. Just hovering your mouse over the image would be enough to see through it. But some phishing schemes are far more difficult to recognize.

The Google Defender scam

Recently, an email spread to millions of Gmail accounts that almost perfectly imitated a message from Google. The text read:

“Our security system detected several unexpected sign-in attempts on your account. To improve your account safety use our new official application “Google Defender”.

Below that was a button to “Install Google Defender”. What made this scheme so hard to detect is that the button actually links to a totally legitimate site...within Google’s own framework. When third-party app developers create Gmail integrations, Google directs users to an in-house security page that essentially says, “By clicking this you are giving Google Defender access to your entire inbox. Are you sure you want to do this?”

Even to wary users, the original message looks like it came from Google. And the link took them to a legitimate Google security page -- anyone could have fallen for it. The Gmail team immediately began assuring users that they were aware of the scam and working on eradicating it and any potential copycats.

There’s no happy ending to this story. Although vendors and cybersecurity experts were able to respond to the crisis on the same day it was released, millions of accounts were still affected. The best way to prepare your business is with thorough employee training and disaster recovery plans that are prepared to respond to a breach. To find out how we can protect your business, call today.

Published with permission from TechAdvisory.org. Source.

Topic security
May 8th, 2017

In today’s competitive business environment, SMBs are constantly finding new ways to outdo one another. Recently, social media and content marketing strategies have become increasingly popular. But because many of your competitors are utilizing the same platforms as you are, it’s essential for you to find new methods to make your business stand out. These tips might help:

Come up with and implement a media crisis management plan It’s normal for businesses to go through a crisis or two. Avoid embarrassing public relations nightmares by having a social media crisis management plan in place and ready for implementation.

Create buyer personas Social media data is a great tool to gather information about your potential customers, and in doing so, create buyer personas. Buyer personas are comprised of generalized characters that help build an ideal picture of your business in the market. Key demographic information includes age, location, and even reasons for buying and product-related concerns.

Track the impact of your content marketing When it comes to content marketing efforts like blogging and social media, it’s essential to have a system to measure results. You can measure how these efforts impact your brand awareness by using metrics such as social media reach, brand mentions, media mentions, and branded searches.

Integrate user-generated content on social media Businesses can utilize social media as a way to interact with consumers. This includes sharing some of their content on your own channels. Not only are user-generated content more cost-efficient, they also shorten the customer’s path to purchase.

Use Hootsuite to manage Twitter chats A Twitter Chat happens when you use Twitter to talk about a common interest with others during a preset time. It's like an online chatroom where you add to the discussion by tweeting. Efficiently managing tweets and responses is integral. Fortunately, applications like Hootsuite simplifies the whole process. It easily monitors, searches, and saves Twitter Chats onto the Hootsuite dashboard for future reference.

Create better live broadcasts Livestreaming on social media platforms such as Facebook, Periscope, and Instagram is quickly gaining popularity. Before starting a livestream for your business, take time out to practice and prepare an outline before you roll the cameras. Don’t forget to promote it prior to the broadcast, and make sure you come up with a short and catchy video description.

All small- and medium-sized businesses are fighting for the same thing: the consumer’s attention. Business owners can’t afford to just blend into the background; if you don’t make a good, lasting impression, you might lose out on an opportunity to make money. And if you’re relying on social media and content marketing strategies to help you, make sure you are doing it right. If you have further questions, feel free to contact us!

Published with permission from TechAdvisory.org. Source.

Topic social media
May 5th, 2017

We are taught never to judge a book by its cover. But in this superficial age, looks are everything, especially for websites. Your website is a customer’s first impression of your business, and if your site has poor graphics, illegible content, and other website no-no’s, that could end all chances of establishing a relationship and driving revenue. Go through these key indicators so you don’t end up in such a situation:

A variety of clean photos Always take photos under professional lighting to really get the best images of your products. When customers are browsing, it’s normal for them to want to see as much detail as possible, so try to include as many photos, from as many angles your prospects might want.

Clear descriptions The last thing you want to do is to confuse your customers. That’s why it’s important to include all of your products’ technical information and dimensions before creating simple and straightforward product descriptions.

Establish policies Returns and refunds are an inevitable part of online shopping. In fact, a large percentage of online shoppers make purchase decisions based solely on how streamlined the returns policy is. Make sure to establish clear policies for returning and refunding items that are easy to find for customers.

About page Customers unfamiliar with your brand need a story they can relate to on your website. In your About Us page, include information on who you are and what you do that sets you apart from the competition. Whatever you write, make it accessible from any page on your site.

Navigation Fix broken links, make navigation straightforward, and remove outdated pages. You can’t sell 404 pages to customers, and if your site doesn’t make it easy to find what they’re looking for, game over.

Design Not everyone is a web design expert, luckily you can always hire one. If your budget is tight, there are DIY site builders specifically geared toward small businesses. Or with a relatively low monthly expenditure, you can hire a managed website provider.

With more revenue originating online, small- and medium-sized-business owners can’t afford to overlook the importance of creating a fully functional eCommerce website. Prior to going live, it’s essential to go through your entire site and resolve any mistakes before consumers see them. For further information on completing eCommerce websites, feel free to call us today!

Published with permission from TechAdvisory.org. Source.

Topic business
April 28th, 2017

Malware is becoming more sophisticated every day, and we recommend several solutions for dealing with it. One of the most interesting of these is achievable via cutting-edge virtualization technology. Often referred to as sandboxing, this solution is a great way to quarantine and test suspicious applications before exposing them to your entire network.

What is sandboxing?

Sandboxing is one of the rare concepts in virtualization that the average person can usually grasp in just a couple short sentences. Essentially, sandboxing is the practice of tricking an application or program into thinking it is running on a regular computer, and observing how it performs. This is especially useful for testing whether unknown applications are hiding malware.

Obviously, it gets far more complicated once you delve into the details of how you implement a sandboxing technique, but the short answer is that it almost always involves virtualized computers. The program you want to test thinks it’s been opened on a full-fledged workstation of server and can act normally, but it’s actually inside of a tightly controlled virtual space that forbids it from copying itself or deleting files outside of what is included in the sandbox.

An effective way to quarantine

Virtualization is no simple task, but the benefits of sandboxing definitely make the effort worth it. For example, virtualized workstations can essentially be created and destroyed with the flip of a switch. That means:
  1. You aren’t required to manage permanent resources to utilize a sandbox. Turn it on when you need it, and when you’re done the resources necessary to run it are reset and returned to your server’s available capacity.
  2. When malware is exposed inside a sandbox, removing it is as simple as destroying the virtual machine. Compare that to running a physical workstation dedicated solely to sandboxing. Formatting and reinstalling the machine would take several hours.
  3. Variables such as which operating system the sandbox runs, which permissions quarantined applications are granted, and minimum testing times can be employed and altered in extremely short periods of time.
This strategy has been around for nearly two decades, and some cybersecurity experts have spent their entire careers working toward the perfect virtual sandbox.

Containers: the next step in this evolution

Recently, the virtualization industry has been almost totally consumed by the topic of “containers.” Instead of creating entire virtual workstations to run suspicious applications in, containers are virtual spaces with exactly enough hardware and software resources to run whatever the container was designed to do.

Think of the metaphor literally: Older sandboxes came in a uniform size, which was almost always significantly larger than whatever you were placing into them. Containers let you design the size and shape of the sandbox based on your exact specifications.

Quarantined virtual spaces fit nicely into the sandbox metaphor, but actually implementing them is impossible without trained help. Whether you’re looking for enhanced security protocols or increased efficiency with your hardware resources, our virtualization services can help. Call us today.

Published with permission from TechAdvisory.org. Source.

April 26th, 2017

Microsoft Word is a staple business application. But since so many people use it on a daily basis, hackers work tirelessly to expose and exploit flaws in the system. In fact, cybercriminals stumbled upon a Word vulnerability that puts your sensitive data at risk. Read on to learn more about the exploit and what you can do about it.

The attack On April 10, cybersecurity firm Proofpoint discovered scammers running email campaigns to trick people into clicking malware-ridden Word attachments. The fraudulent emails, simply titled “Scan Data,” included attached documents that were named “Scan,” followed by randomized digits.

Although the emails seem harmless, clicking on the documents triggers a download for Dridex malware, a Trojan virus designed to give hackers direct access to your banking information. From there, they can simply log in to your online account and make unauthorized transactions under your name.

In 2015, the distribution of Dridex allowed cybercriminals to steal approximately $25 million from European accounts. And if your business fell victim to this malware, there’s a possibility your company might not be able to recover from the loss.

The solution Fortunately, two days after the discovery of the bug, Microsoft released a security update to disable the dangerous documents, urging users to install the patch as soon as possible. But even though Dridex was inoculated relatively quickly, employees continue to be the biggest problem.

Like most malware attacks, Dridex was distributed via phishing campaigns that preyed on a victim’s trust and curiosity. Hackers added barely any text to the email, yet people were still fooled into clicking on dangerous links.

To make sure Dridex never reaches your company, you must provide comprehensive security awareness training. In your sessions, encourage employees to practice safe computing habits, which include being cautious of online links, setting strong passwords, and avoiding downloads from untrusted and unknown sources.

Much like updating your software, keeping your staff’s security knowledge up to date on the latest threats is also imperative. Ultimately, your goal is to have employees with a security-focused mindset when browsing the web.

Of course, if security training and cybersecurity solutions are not your company’s specialties, you can always rely on a trusted managed services provider like us to protect your business. We can update and secure your systems regularly, and make sure your staff are actively doing their part to reduce security risks. Contact us today!

Published with permission from TechAdvisory.org. Source.

Topic Office
April 24th, 2017

You pay close enough attention to the links you click to avoid clicking on something like goolge.com or evrenote.com...right? Because if you’re not, you could end up exposing your computer or smartphone to a host of malware. The newest phishing attack strategy is the worst of all, and can catch even the most astute users off guard.

What are homographs?

There are a lot of ways to disguise a hyperlink, but one strategy has survived for decades -- and it’s enjoying a spike in popularity. Referred to as “homographs” by cybersecurity professionals, this phishing strategy revolves around how browsers interpret URLs written in other languages.

Take Russian for example, even though several Cyrillic letters look identical to English characters, computers see them as totally different. Browsers use basic translation tools to account for this so users can type in non-English URLs and arrive at legitimate websites. In practice, that means anyone can enter a 10-letter Cyrillic web address into their browser and the translation tools will convert that address into a series of English letters and numbers.

How does this lead to phishing attacks?

Malicious homographs utilize letters that look identical to their English counterparts to trick users into clicking on them. It’s an old trick, and most browsers have built-in fail-safes to prevent the issue. However, a security professional recently proved that the fail-safes in Chrome, Firefox, Opera and a few other less popular browsers can be easily tricked.

Without protection from your browser, there’s basically no way to know that you’re clicking on a Cyrillic URL. It looks like English, and no matter how skeptical you are, there’s no way to “ask” your browser what language it is. So you may think you’re clicking on apple.com, but you’re actually clicking on the Russian spelling of apple.com -- which gets redirected to xn—80ak6aa92e.com. If that translated URL contains malware, you’re in trouble the second you click the link.

The solution

Avoiding any kind of cybersecurity attack begins with awareness, and when it comes to phishing, that means treating every link you want to click with skepticism. If you receive an email from someone you don’t know, or a suspicious message from someone you do, always check where it leads. Sometimes that’s as simple as hovering your mouse over hyperlink text to see what the address is, but when it comes to homographs that’s not enough.

In the case of homographs, the solution is unbelievably simple: Manually type in the web address. If you get an email from someone you haven’t heard from in 20 years that says “Have you checked out youtube.com??”, until your browser announces a fix, typing that URL into your browser’s address bar is the only way to be totally sure you’re safe.

For most, this trend feels like yet another development that justifies giving up on cybersecurity altogether. But for small- and medium-sized businesses that have outsourced their technology support and management to a competent and trustworthy IT provider, it’s just another reason to be thankful they decided against going it alone. If you’re ready to make the same decision, call us today.

Published with permission from TechAdvisory.org. Source.

Topic security
April 20th, 2017

2017April20Business_CIt makes a lot of sense for electronics firms to pack a variety of functions into mobile devices and expand their usefulness. Instead of confining their use to communications, companies such as Apple, Samsung, and others have turned mobile phones into mini-computers that can serve as a substitute for your laptop, or as a storage device. If you’re using mobile phones as a communications and storage device, backing up now would be a wise move.

Malware on mobile

More than 50% of the world’s adult population use a mobile phone with internet connection, so dangers in these handy devices are to be expected. Scarier than the thought of being offline is being online and exposed to malware.

If you use your mobile devices as an extension of your work computers, backing up is a must. Mobile phones have become as vulnerable to malware as laptops and desktops have, especially if you consider the fact that many professionals and business owners use them for emailing confidential documents and storing business-critical files.

Device disasters

Other than malware, other types of disasters can happen on your device. Because you carry it wherever your go, your device can easily be stolen, misplaced, or damaged. They may be easily replaceable, but the data contained in them may not. Having completely backed up data on your devices helps prevent a minor inconvenience from turning into a disastrous situation.

Backup options

Performing backups in iPhone and Android devices is a seamless process. Their operating systems require only minimal effort from users, and backing up entails nothing more than logging into their Apple or Google account. However, other users have different devices with different operating systems, slightly complicating the process.

Mobile devices’ safety is essential to business continuity plans. So whether your office users are tied to a single operating system or prefer different devices, there are options to back up all your organization’s mobile devices. There are cloud backup services that enable syncing of all devices and that back up files, contacts, photos, videos, and other critical files in one neat backup system. These mobile backup tools are offered on monthly or lifetime subscription schemes, which provides small businesses with enough flexibility to ensure protection.

Mobile phones have become so ubiquitous to how people function that many feel the need to have two or more phones, mostly to have one for personal use and another for business. With all these options on hand, there’s no excuse for not backing up data on your mobile devices.

Our experts can provide practical advice on security for your business’s computers and mobile devices. Call us for mobile backup and other security solutions today.

Published with permission from TechAdvisory.org. Source.

Topic business