All posts by admin

2FA or MFA – That is the Question

Keeping your company’s cyber safe and training your people to follow suit is a bit unnerving for a small to mid-sized business. The good news is that there are ways to simplify keeping your company’s cyber safe that will make a world of difference for your IT folks.

Asking your employees to make long, complicated passwords that “cannot be guessed” is no longer the best way to safeguard your data.

In today’s digital business world, a great defensive method to stay clear of potential cyber threats and cybercrimes is with two-factor authentication and multi-factor authentication.

 

Two-Factor Authentication

You’ve certainly seen it and encountered it on applications and social media accounts that we all use. Twitter, Facebook and Gmail have begun using two-factor authentication, otherwise known as 2FA. It can also be referenced as a “two-step verification” process.

Think of it like when you call your credit card company and are asked for pieces of information that only you would know, providing evidence that you are, in fact, YOU.

When two-factor authentication is utilized, it requires two forms of identity verification prior to having access to an application. When both factors are verified, the end user has access. For example, you may be sent an SMS code that is valid for a short time and must be entered correctly in order to gain access to an application.

2FA is an added layer of protection for your data and is certainly more secure than just one single factor, such as a complex, long password with numerous unique characters that, despite the user’s best efforts, can easily be stolen or hacked.

With the two-factor authentication, the cyber attacker or imposter would need not only your password, but would also need your second factor as well to gain access to an application on your behalf.

 

Multi-Factor Authentication

Multi-factor authentication, or MFA, combines what you are, what you know, and what you have. When multi-factor authentication is enabled, the administrator defines a second factor in addition to a password that a user must validate in order to gain access. Multi-factor grants access to your company’s applications through multiple data points.

While MFAs seem great, there are organization that are not adopting this security measure as to not disrupt or irritate their end users or customers. However, this should not be the case. The key is to keep a flexible policy alongside your MFA so that users are not compromised or annoyed while gaining access to your application.

 

2FA or MFA: Which is Better?

As always, choosing if a 2FA or MFA is better for your company’s security is not a one size fits all answer. To analyze this for your company, keep in mind that there are three possible ways that a user can validate that it is in fact them. They are knowledge, possession, and inherence.

Knowledge is what he or she knows, which would be like asking for a password and requesting answers to security questions.

Possession would be what supplies the person has on them, such as a mobile device, a one-time password or even a YubiKey.

Inherence, on the other hand, is based on a unique characteristic that the user has. This can be items such as voice recognition, a retina scan, or a fingerprint.

Two-factor authentication is just that, it relies on two factors as described above. Multi-factor can be two of the above factors or it can possibly involve all three, even inherence. If you think about it, iPhones use a fingerprint for access – and are increasingly moving towards MFA for financial applications.

Whichever authentication you choose for your company’s application, 2FA or MFA, it is better than asking users for one long, complex password – which can be easily forgotten and, year by year, more easily cracked.

Simply adding one more factor can be your best defense against cyber attackers and cyber criminals.

Eight Anti-Phishing Tricks for Your Company

With the ever-changing digital economy and its global impact, small to mid-sized businesses are on guard and on careful watch. With so much news on cyberattacks and with cybercriminals becoming increasingly creative with their methods, companies are looking for ways to out-clever the fox, so to speak.

 

First of all: What exactly is a “phishing email?”

Phishing emails are messages that appear to be official but are in fact fake. The goal is to trick your staff into supplying information or providing access to your systems, such as entering a password or clicking on a site that is infected.

They say in some sporting events, defense is everything. Which begs the question, what is a good anti-phishing defense? The easiest method to avoid a phishing email scam is to think about it BEFORE you click.  Only click on websites that are trustworthy. Only respond to e-mails when you are sure of the source.

>> The majority of cyber attacks HigherGround has seen so far in 2018 originated from phishing e-mails.  It is important to be vigilant here, which is why we often suggest your company deploy a tool like MailControl.

When working with numerous departments and many different employees, it can be hard for IT to control and question every email that comes in, though.  So it’s up to the users to help you defend the organization.

 

Tip One: Have All Machines Install an Anti-Phishing Toolbar

Have your staff use Internet browsers that have the ability to be customized with anti-phishing toolbars. These types of toolbars can run a quick check on the site the user visits and will match them to lists of known phishing sites. The toolbar will alert the employee if the site the person lands on is malicious.

 

Tip Two: Don’t Let Employees Trust a Pop-Up

While pop-ups can be okay for websites to include, it is also a common phishing tactic. Most browsers allow users to block pop-ups. If a pop-up does appear or slips past the block setting, train your staff that they should not click any “cancel” or “close window” buttons on the screen. This might take them to the phishing site. Instead, tell your staff to click on the “x” at the top corner of the pop-up.

 

Tip Three: Test Your Staff and Phish Yourselves

Will your people fall victim to a phishing scam? It’s hard to manage users all the time and predict their judgement.

An undercover test is a great way to find which employees may fall prey. If any of your people get caught, then it is a good thing to reiterate some basic security and IT training when it comes to managing emails and avoiding cybercriminals.

 

Tip Four: Users Should Keep Up to Date Browsers

Popular browsers often release security patches in response to current trends. This includes loopholes that phishers and hackers find and exploit. Don’t ignore messages about updating your browsers. When an update is available, install it right away and inform your staff to do the same.

 

Tip Five: Leverage Firewalls to Stay Safe

Firewalls are made to protect your company. It will serve as a buffer between your device and the potential intruder. There are different kinds, so keep in mind that your IT team should have a desktop firewall and a network firewall. One is a software and one is a hardware. When both are utilized together, “teamwork makes the dream work” by dramatically reducing the odds of falling victim to phishing scams.

 

Tip Six: Verify a Site’s Security Before Engaging

Businesses often need to supply sensitive financial information and make payments online. If a website is secure, however, you’ll be fine. A couple of items to check for before submitting information include checking for the “https” in the URL address. There should also be a closed lock icon near the address bar. Look for the website’s security certificate.

 

Tip Seven: Encrypt Your Company’s Data

Cybercriminals are hiding the shadows, on the prowl, waiting to attack and that can be for any type of data you have lying around. Hackers look for data like banking information and social security numbers. Wherever a small to mid-sized business is keeping important, sensitive data, the IT department must ensure that is encrypted.

 

Tip Eight: Companies Should Back Up Daily

If you back up your data on, at least, a daily basis, you can revert to the back-up files if your computers or servers get locked.  This eliminates the need to pay a cybercriminal to get the data (or access to it) back.

 

There is no way to keep your company and your data 100% safe, but you can and should reduce your company’s vulnerabilities. A few simple cost-effective measures can make a big difference in decreasing both the likelihood and the financial effect of getting hacked.

What an SMB Should Expect from their CIO

Great Chief Information Officers are invaluable resources for any organization. They are also expensive, and for good reason. It’s a high-profile job with a lot of responsibility. They create business value through technology and plan strategically for business growth. They ensure that the company’s technology systems and processes are aligned with business goals.

Some of the other critical items that a CIO is responsible for are security and risk management, customer service platforms, IT architecture, vendor negotiations, supplier management, budgets and more.

According to PC Magazine, small businesses with basic technology can temporarily survive on cloud-based tools and “gumption.” But, there comes a time when someone other than the CEO is needed to oversee long-term IT initiatives.

The key goal in every organization is not just surviving, but thriving. SMBs want to grow the business. A major tool for growing the company is the technology it utilizes. When an SMB does not invest in its technology correctly or sufficiently, it will likely lose customers and market share to competitors. It is the CIO’s job to make sure that doesn’t happen.

 

The Benefits of a CIO

While the Chief Information Officer has a very demanding job, it is important to have a highly skilled professional handling these responsibilities. With limited C-Level executive oversight, the SMB needs a reliable partner to count on to make  informed decisions. The CIO has a thorough understanding of the needs of the business. This also lends itself to someone who is considered “centralized” across departments and company initiatives.

If your SMB is fragmented and departments do not collaborate, the CIO brings it all together, which in turn, lends itself to a better overall business strategy. A CIO’s strategy reaches across business goals and objectives as a company whole.

Chief Information Officers often have a long-standing history of professional excellence and with a large base salary, and, while they are critical to the success of an SMB, it can weigh heavily on the annual budget, not leaving room for other important items too, like lead generation, talent development/succession planning and sales initiatives.

 

The Case for a Fractional CIO

There comes a time when all growing companies should invest in a Chief Information Officer – so the leader can focus on their best and brightest use, as well as have an experience IT leader ensuring the organization reaps the rewards of growth-aligned technology.

When a small to mid-sized business is looking to get the benefits of a CIO without breaking the bank, outsourcing a “fractional” CIO (often called “vCIO”) can be a better option and more feasible.

The reasons for this are the same as for a full time CIO…

  • Having a fractional CIO still means that your SMB can expect technology and innovations to align to business objectives and growth plans.
  • A fractional CIO, just like a full time CIO, will build a strategic information technology
  • They will oversee technology initiatives, vendor selection, technology adoption, including any needed internal training.
  • They will oversee security and compliance and partner with risk management for the organization.
  • They will plan for disaster and recovery, helping assess your business continuity plan.
  • They will attend all important business meetings, as well as board meetings.
  • They will also build and test the role of the potential future full-time CIO, once you have the scale to require (and better afford) that position.

… with one exception: You will not incur the risk, time and cost of a full-time hire. An additional benefit of a fractional CIO is that they often come with the technical and process support of the greater organization that provides your company with the service offering.

For many organizations, the fractional option could very well deliver the best return on investment, provide a perfect transitional solution, as well as better define the role as you grow to a place where a full time CIO makes sense financially.

5 Reasons Your Inside “IT Guy” Is Becoming a Relic of the Past

There is a change in organizations across the US and globally. Remember the IT person? The one who walked through the office halls, arriving at cubicles and offices to help colleagues, fixing technical issues, as well as checking computers and machines like the ones in the server room? For most companies, that’s now a thing of the past.

Nicholas Fiorentino, Chief Executive Officer of CrediReady says, “…the IT professionals who patrol your office are becoming less and less relevant in today’s workforce.”

Particularly for small to mid-sized businesses, it just makes more sense to outsource the information technology department.

SMBs can get instantaneous benefits from outsourcing their IT needs, such as:

 

  1. Cost Savings and Better Budget Control

When small to mid-sized businesses outsource their IT, they gain better control over the IT budget. The organization can identify their needs and pay for IT “as needed.” Meaning, they do not have cover annual salary (or salaries) with vacation time and benefits, unrelated to the workload the IT person may, or may not, have.

With outsourcing, SMBs can isolate their budget to pay for technology services and projects solely (read: value and solutions) and move away from IT being a cost center. Not to mention, organizations can eliminate costly human capital management dollars for items like recruiting, hiring, training and onboarding while running the risk that a new hire and/or full-time employee may not work out and ultimately will leave the organization.

 

  1. Experienced Professionals for Every Project

While certifications are great to have as an IT professional is looking for a career, experience in the field is much more valuable. When organizations have in-house IT departments, it doesn’t necessarily offer a variety of work to those individuals with limited project scopes. They can become isolated in those type of environments, meaning that they might not have the ability to learn, grow and get the on-the-job experience that they could have from working with many companies on many types of projects.

As IT gets more complex and specialized, it’s harder and harder to find the journeyman IT person who can solve all the IT issues that arise. Outside firms, on the other hand, have experienced “been-there-done-that” resources who can solve these specialized issues as and wen they occur.  Or, better still, provide proactive counsel on how to avoid these issues.

 

  1. New Technology Can be Implemented Right Away

When embarking on a new IT project like an updated CRM, automated reporting, etc., outsourcing to experts reduces the time to complete and implement the new system. In-house IT staff may not have a lot of experience in that particular area and planning can take weeks or months. It may require hiring more people – even these same outsourced experts.

When SMBs outsource their IT projects, it reduces the typical challenges faced with implementing new technology.  Outsourcing new technology projects to experts will save time, dollars, and headaches. In short: SMBs can expect a smoother transition when outsourcing.

 

  1. More Bandwidth to Focus on the Main Business

Small to mid-sized businesses only have so many personnel they can afford to keep on staff. When you outsource items like IT needs, it leaves time and resources to focus on making other parts of the business better.

A quick rule of thumb here: If you have enough IT staff to fully handle the day-to-day, as well as all your IT projects (including the ones that pop up ongoing) then you are likely overstaffing your IT team.

 

  1. Minimizing Risks with Security and Compliance

When was the last time your SMB audited workstations? How about the servers? What about your back up recovery plan? Are you concerned about cybersecurity? (If not, you should be.) In fact, SMBs predict an increase in the security budget in 2019.

With so many threats, viruses, check points, and things to do to make sure that your organization has a solid and secure IT foundation, it’s gets daunting, even for a full-time in-house information technology department. Lessen the burden on your employees and protect the IT systems already in place by utilizing a robust, sophisticated, outsourced IT department. The investment will pay in spades when the security is never jeopardized due to in-house inexperience.

10 Ways to be More Efficient When Using Microsoft Outlook

Make your average workday a better day and save some time on your email communications with these Microsoft Outlook tips.

Tip 1: Use the “Search” Feature

While maintaining folders and filing your emails in those folders will help keep organized, it can only help so much when you start looking for items that happened months or years ago. The most efficient way to find an email in any folder, or across your entire account, is to go to the “Search” box at the top bar and enter a keyword that would be located somewhere in the email you are attempting to locate. The more keywords that you know the email would contain and the more that you enter in the search box, the better your results will be with a targeted list. Try adding the sender’s or recipient’s name as one of the keywords, to more tightly filter any results.

Tip 2: Turn Off the Notifications

If your notifications are on, that can be a major distraction, especially if you are in the middle of completing a task. Staying focused and keeping your attention to any project that you may be working on is key to getting it completed fast and without errors. When a notification appears, it can derail your train of thought. In this case, it is best not to have any Outlook notifications appear.

Tip 3: Create a “Rule”

If you often receive emails that you immediately file away in a folder, create a “Rule” at the top bar. It’s easy. Enter who the email is coming from, who it is sent to, what the subject line contains and what folder you want it moved to.

Tip 4: “Ignore” Emails You Don’t Need

If there are emails you receive often that you don’t want to see and you don’t want filed, try the “ignore” feature. Instead of deleting it every time, go to the top left or click Control>Delete. Emails regarding that subject will go to your deleted folder automatically.

Tip 5: Set up Your “Out-of-Office” Email and Set it up as Early as Possible

When you know that you will be out-of-office, you can set up an email message that will automatically reply to new inbound email messages, letting the sender know that you are away and not likely to respond. Make sure that in your message, you let senders know when you plan to return, so that they know when to expect that you will be checking your emails.

You can set the date and time well in advance, so as soon as you know you will be out-of-office, go ahead and set up your out-of-office reply with the verbiage you would like. You can (and should) also suggest an alternate contact in case of emergencies or if a response is needed right away.

Tip 6: Change the Default Font Face and Size

Do you have trouble reading your Outlook? Is it the style of the font or do you need the text to be bigger? You can do that by changing the typeface settings in your Outlook. There are many free fonts to choose from. Simple, stylish, large, bold, serif, sans serif, whatever you would like, you can set it!

Tip 7: Schedule Your Emails to be Sent…Later

Is there an email that you know you will need to send, but not for a few hours or a few days?

You can set your Outlook to delay the email send for any day or time, instead of always opting for right now or saving it in drafts and, perhaps, forgetting about it.

Tip 8: Create Templates for Outlook Email Messages

For the emails that you send often with similar content, save yourself time by creating a template. When you draft the message, before you click the “send” button, save your message as a template so that you can reuse it over and over and over.

Tip 9: The Fast Method for Undeleting

It happens to all of us. You start to read an email and click delete too quickly. You didn’t want to delete the message and you need it back right away. The simple keyboard short cut is Control-Z to undelete. If there is a more than one message, you can continue to hit Control-Z many times to keep undoing the last action, and the action before and the action before that.  You can also shake your iPhone to “Undo Trash” to quickly retrieve that last few undeleted message … or messages if you continue to shake it.

Tip 10: Find Help When You Need It

At the top right of your Outlook application is a question mark icon where you can find help. A quicker route is the keyboard shortcut F1. Or, you can locate a dropdown from the top bar with a title of “Help.” It’s easy to find answers to your questions in Microsoft Outlook. Simply type what you need help with and search results of related topics will appear right away.

What “Digital Disruption” Means for your Growing Small Business

Digital disruption is affecting every type of company out there, regardless if you’re small, mid-sized or large. Companies must respond quickly to new and improved demands for digital technology. If your company does not act and stay on top of digital transformation trends, then your company will lose valuable business and revenue.  Once a customer is lost to someone who is doing it better, it’s hard to get them back.

First, Some Statistics on Digital Disruption in 2018

Over half of the world’s population is online with 4.1 billion internet users. During the past 12 months, there was one quarter of one billion new users. The average person using the internet reports spending about 6 hours each day online.

The cloud continues to gain momentum. By this year, 60% of enterprise IT will be in the cloud versus off-premises. Also, this year, 90% of the population will have data storage in the cloud that is both free and unlimited.

Good news comes in spades when it comes to companies keeping up with digital disruption. A recent article from Converge Technology + Business says that 65% of businesses feel positive about change. They feel that, in the next 3 years, they can adapt to disruption. What’s even better is that almost half of company’s digital transformation efforts are being led by CEOs or Board Members. Most companies, 2 out of 3 in fact, report to being capable of making the change for digital disruption.

Digital Disruption Offers Many Challenges to SMBs

Small and midsize businesses need to consider multiple departments beyond IT. While the information technology department must be working on efficiency, customer service and other client-facing departments also are a big part of customer experience. The way that your people interact with your customers, organization wide, needs to be efficient, top-notch, seamless and flawless. People are judging your business not only by others in your industry, but by the best-case examples they see any time they open a browser window or click an app.

The biggest challenge for departments to overcome barriers to today’s digital transformation is being on the same page.  Small and midsize businesses may have difficulties integrating with one another. Misaligning objectives and lacking resources create obstacles. To be competitive in today’s digital market, SMBs must finds ways address these challenges.

What’s an SMB to do?

It starts with one word: innovation. Using the same model, “making patches” and “tweaks” no longer works. Technology professionals and small and midsize business leadership must understand what challenges are being faced, both in the present as well as down the road, and find ways to handle it. From application development to new systems, procedures and approaches, recycling old assets won’t win the digital disruption race. Companies must throw out old solutions and create new ones, from the ground up.

They needn’t be wholesale changes, just new ones.  Ones that speed up a process, combine workflows from other applications they use, or remember key information so the customers only have to enter it once, or not repeat it on the phone when they call you. And they needn’t be new to the internet, simply new to your industry.  Efficiency and being nimble is what gives SMB companies an advantage over the enterprise level.

While AI technology may seem like an old topic, with Alexa, Siri, and customer service chatbots being around for some time, it doesn’t mean that it won’t continue to play a big part in the future of digital disruption. There is a lot of power to be seen in artificial intelligence for SMBs, from customer service, to robotics, to analytics and not to mention marketing. AI has the power to surprise and amaze customers. Artificial intelligence can connect and communicate your business with its customers in a way that they may not expect, but will certainly appreciate. From email to content generation, this can be faster, cheaper and smarter automation for your business. When technology professionals are innovating ways for better customer service, make sure to leverage AI.

Further, to conquer digital disruption challenges, once technology professionals create or find new innovative solutions, think API or application program interface. By definition, according to webopedia, API is a set of protocols, routines, and tools for building software applications, specifying how software components should interact.  By making your technologies interface better with the other technologies your customers use, you can increase their satisfaction and the ‘stickiness’ of your solutions.

The ability to connect applications and data – and help your customers interact with you more efficiently – is the difference between surviving and thriving versus being left behind.

HigherGround Managed Services Announces Company Expansions

CHICAGO (August 24, 2018) – HigherGround Managed Services (HigherGround), one of Chicagoland’s leading full-service IT and consulting firms, today announced the addition of Jerry Seyffert as Chief Financial Officer (CFO) and the company’s move to a new office space.

Seyffert, a Chicago-native, has close to 30 years of financial, accounting and leadership experience. Prior to joining HigherGround, Seyffert was the CFO for Erehwon Mountain Outfitter based in Arlington Heights, Ill. Seyffert helped transition Erehwon from a small family owned retailer to a premier outdoor retailer throughout the Midwest region. As CFO of Erehwon, Seyffert was responsible for all operation and financial related aspects of the company, corporate level human resources responsibilities for over 100 employees and most IT-related operations.

“The addition of Jerry to HigherGround’s leadership team will help us further our mission to be a true strategic partner that provides growth-focused IT solutions,” said Brian Brammeier, CEO of HigherGround.

In his newly appointed role as CFO of HigherGround, Seyffert will oversee the financial well-being of the organization. He will also take on the role of Director of Human Resources for the growing firm.

“I can’t think of better time to join HigherGround and couldn’t be more excited to be part of their leadership team, which has done an incredible job assembling a talented staff,” said Seyffert. “I’ve always enjoyed developing small to mid-sized companies, and I hope to have an immediate impact on optimizing HigherGround’s growth potential.”

In one of his first duties as CFO, Seyffert managed the logistics of HigherGround’s office move. HigherGround has signed into a 3-year lease agreement at 5400 Newport Drive, Unit 19 in Rolling Meadows, Ill. The new space is double the previous location’s square footage, and allows for a better working environment, both internally and with clients, with collaborative meeting spaces.

Prior to his time with Erehwon, Seyffert managed sales and programming for BASIC Computer Systems in Oakbrook, Ill. Seyffert graduated from Northern Illinois University with a Bachelor of Science in Business. He is an avid outdoorsman and spends his free time hiking and camping.

About HigherGround Managed Services

HigherGround Managed Services (HigherGround), headquartered in Rolling Meadows, Ill., is a full-service IT and consulting firm that partners with owners, entrepreneurs and leaders of small to medium-sized organizations – ensuring they spend more time managing their core businesses and less time worrying about their IT infrastructures. Founded in 1998, HigherGround has 20 years’ experience and its forward-looking services include managed serviced, managed cloud, managed security, application development and fractional CIO/CTO solutions. HigherGround also provide technology logistics and relocation support.

How to Make Your Company Culture More Cyber Aware

The biggest problem companies face when it comes to cybersecurity is often not the technology; it’s the people.  And hackers (often called “bad actors”) know this. That’s why it takes more than strong IT to keep your company safe. It “takes a village.”

Beyond technology, the best way to protect your business from cybercriminals is with a trained and educated cyber aware company culture. It may seem like a large and daunting company initiative, but it isn’t.  There are a few corner stones that continue to build up, along with continuing education and strong corporate communication.

 

Set the tone from the top; Let people know that cybersecurity is everyone’s job

Leadership is always where a company culture starts. Employees and contractors, from entry-level to senior management, need to feel that cybersecurity is important to the company. If the executive leadership team values cyber safety, it will trickle its way down to all corners of workplace.

Cybersecurity should be more than just the responsibility of the Information Technology department. A statement by leadership must be delivered that it is up to everyone, beyond IT, to keep cyber criminals out of the company’s network.

Management shouldn’t be the exception to the rule.  Management most often have the highest privileged accounts.  Allowing management to bypass those safeguard not only put the organization at risk but sets a bad tone from the top.

 

Train and test your staff; Hack your staff before the hackers do

Posters, employee newsletters, training sessions and regular meetings are avenues to communicate across the organization about how everyone can be more cyber aware. Regardless of what methods you choose, you should train staff on a regular basis. Monthly training is highly suggested. It can be via email or face-to-face. Or both.

Beyond training, it is good to see that employees are understanding and retaining the cybersecurity information. While you can trust that the staff is paying attention, it is recommended to test your staff as well.

>> Send a mock phishing email a little while after a training session or communication. It would be interesting to see who, if anyone, falls prey to the false hack.  This shouldn’t be a gotcha for those employees but a change for the organization to focus on more advanced training.

 

Teach your team that the inbox is the bad actor’s favorite target

Based on current trends, cyber attackers are finding email to be the best route for penetrating a company’s security defenses. Trends Labs reports that 91% of targeted cyber-attacks use email as their way to breach networks. Likewise, Ponemon reports that 78% of targeted email cyber-attacks use malware embedded in an attachment.

Addressing targeted email attacks from leadership and your technology department is an essential piece of puzzle when creating a cyber safe culture. This should certainly be a topic addressed in employee training and even onboarding.

 

Have a password update plan; Avoid weak or universal/default passwords

According to Verizon’s 2017 Data Breach Investigations Report, as many as 81% of hacking-related breaches were caused by leveraging stolen or weak passwords.

Often, employees are not aware of the risks. That is why password education is a great topic to include in cybersecurity training. Require complex password structures and explain the reasoning behind it.  Do not allow people to use the default password for more than the first login.

 

Have a formal cybersecurity plan; Get advocate from each department

Your technology team should contribute significantly to a cyber aware culture and with cybersecurity training. Have the IT folks develop formal cybersecurity training with a documented plan to accompany it. The plan should be reviewed and updated often. Too many companies create cybersecurity plans and teams only to find that the plan becomes dusty and the teams include staff that’s no longer at your company.

Ask for a cyber security advocate from each of your functional teams (E.g. HR, Finance, Sales & Marketing, Etc.) since this casts a wider net to learn about targeted phishing and helps show that cyber security isn’t just for IT anymore.

No matter how great your CIO or CTO might be, one person alone cannot fight cybercriminals. Create a cyber aware culture and get everyone at your organization involved.

Using Technology Trends to Fuel Your Business-Aligned IT Strategy

In today’s digital economy, where all businesses are now tech-enabled, organizations globally are well-aware of how vital technology is to future success. To keep up with industry standards and stay ahead of competitors, businesses must make investments in their information technology.

One way to begin budgeting and strategizing your IT goals is by looking at current trends. Here a few tech trends to consider for your technology strategy and how they breakdown in terms of simple solutions for your organization.

 

Big Data is Erupting

Business technology strategy is becoming largely centered around all things data including collection, storage, security, sharing and more. Keep in mind for your IT budget that while the importance of data and intelligence is on the rise, the actual cost data and storage is decreasing, as described by Information Week.

When it comes to big data, the latest trends are with in-memory analytics and real-time analytics. In-memory analytics processes information stored in RAM versus on a hard-disk. This delivers faster results because RAM can typically read and write information quicker than a disk.

Real-time analytics, also known as streamlining analytics, is in hot demand because it is no longer sufficient to analyze data a week after it was produced, let alone even a day or an hour later. Businesses today need real-time, data-based decisions to stay competitive in the marketplace.

 

Clarification on Blockchain

BitCoin may be to blame for some of the confusion regarding blockchain. Blockchain, in its truest form, is an amazing invention. Don & Alex Tapscott, authors of the Blockchain Revolution (2016) describe the technology as this:

“The blockchain is an incorruptible digital ledger of an economic transaction that can be programmed to record not just financial transactions but virtually everything of value.”

At its core, blockchain is about trust as it is uneditable information that is secured and held by a distributed ledger. With blockchain technology, the reality is that data is not from one single entity alone, but rather made by many.  Think of it as the game of telephone, but everyone must agree when a change is made.

 

Mobile Device Management (MDM) Solutions

Employees today are using their own mobile devices such as tablets and smartphones in order to access not only personal data, but corporate as well. This is commonly refereed to as BYOD or Bring Your Own Device.  BYOD means that technology professionals must make new plans about connectivity, security, privacy and management.

This is what has brought MDM solutions to the table, or mobile device management solutions. MDM is software for technology departments to monitor, manage and secure everything that employees use in the workplace from laptops, tablets, smartphones and other electric devices. You can’t stop BYOD, however, with security and data breaches being so costly and damaging to the organization, you can be proactive and prepared to keep your organization safe.

 

The Year of 5G

Mobile is a top technology trend with no end in sight. 2018 is the year of 5G. It is up to 100x faster than 4G. Further, this is crucial because it infuses Artificial Intelligence (AI), Internet of Things (IoT), and big data all of which are working to automate daily technological experiences. This means that a much greater bandwidth is required in today’s business. To keep up with industry trends, and ensure your teams have the bandwidth to be as productive as possible, your businesses needs more speed.

 

Cloud Computing Platforms

This growing IT trend often provides businesses with faster and greater access to services and applications at a lower cost. It’s no longer an ‘if’ or even a ‘when,’ but a ‘what.’ That is, the platform IT chooses for cloud computing can vary based on public, private and hybrid. It’s also not an all or nothing proposition. Some systems and workflows are best suited to remain on your physical (in-house) servers.

Private clouds are single-tenant and generally internal. Public clouds are multi-tenant and you have less control of the underlying enviroment. Hybrid cloud computing has both public and private as components. Public clouds are often offered at more flexible pricing, which can be a more cost-effective solution for a small to mid-size business.

In an ever-changing technology landscape, it might seem like an overwhelming sea of information. But there’s no need to do it all today.  Evaluate emerging technology breakthroughs, assess which ones are right for your growing business and create a roadmap to roll them out to stay ahead of your competition.

Companies are Bullish on Growth, But Fearful of Cyber Attacks

Recently, Treasury Secretary Steven Mnuchin reported to CNBC that he believes gross domestic product can sustain, at minimum, a 3 percent growth in late 2018. “We are well on our way,” Mnuchin states.

He also tells the Squawk Box, “You combine this with tax cuts, and I think we’re looking at very strong GDP growth for the rest of the year.”

Despite companies feeling bullish on growth, Chief Executive Officers understand that cyber-attacks are a top risk facing organizations. CEOs in the US, particularly, are the most vigilant when it comes to cybersecurity.

In fact, 68% of U.S. CEOs report that a cyberattack on their business is “inevitable” according to a recent KPMG article. The article goes on to mention that cybersecurity risk is at the top of the list when CEOs are asked what poses the greatest threat to the growth of an organization – at a whopping 33%.

When it comes to being prepared for cyber attack, however, some are more mature than others. Some have only basic fundamental elements in place, while other companies are preparing for the long haul to mitigate cyber risk.  92% of U.S. CEOs feel prepared to identify cyber threats while only 41% consider their organization well prepared to deal with them.

If you’re looking to safeguard your organization, here are few areas to take notice of in a rapidly changing landscape of threat:

Emails with Malicious Attachments are up 300%

Ransomware was at the top of a Proofpoint Q4 2017 Threat Report. Emails containing ransomware accounted for 57% of malicious emails. Ransomware is a malicious software that will either threaten to publish the data from their victim or block a person’s access to the data until a ransom is paid.

The Dangers of Cryptocurrency: Cybercriminals Follow the Money

When the price of bitcoin and other cryptocurrencies increase, so does phishing attacks. This correlation cannot be ignored. Cybercriminals will pay attention to fluctuations in the market.

Social Media is Vulnerable to Cyber Threats

There is also a rise in customer support accounts or “angler phishing.” Angler phishing get its name from the anglerfish, using its bioluminescent lure to attract and then attack small prey. The bright glow that’s shining in this case is fake customer support promising to help clients and customers while secretly stealing their credentials. Phishing links in general on social media is on the rise.

Mobile Malware Surges on 2018

Symantec reports blocking an average of 24,000 malicious mobile applications daily in 2017. A good practice for cyber security hygiene is to update to the latest operating system, which, unfortunately, is not a consistent practice for many SMBs. Only 20% of Android operating system devices are running the latest version. Further discouraging is that only 2.3% are on the very latest release.

Grayware apps offer mobile users a troublesome privacy risk. In 63% of these cases, grayware apps will capture the device’s phone number. Grayware got its name as it is a “gray area” in category of software. A no-man’s land. It is between outright malware and legitimate conventional software. Common types of grayware include spyware and adware.

Even if you’re feeling a bit bullish about your company’s growth these days, don’t lose focus over the risks that can harm your organization. Keep your guard up and mitigate risk by planning ahead for cybersecurity threats.