Game Over: NBA team losses valuable data

Good cyber security, much like the best NBA defenses, must be strong and able to stop threats from every which way. For the Milwaukee Bucks, their on-court and cyber security defense could both use a little practice. Yahoo! Sports reported that the Milwaukee Bucks sent out the names, addresses, Social Security numbers, compensation information and dates of birth of players as part of a spoofed email attack. Practice these four email security tips and don’t let this happen to your business.

Education is key
There are countless cliches out there promoting the importance of education, but when it comes to cyber security, you might as well embrace them all. In the case of spoofed emails, you need to make sure your employees know what these are and how they can harm your company. They can come in several forms and look to attack your organization in a number of different ways. A good defense starts with trained employees using best security practices when it comes to emails. Knowledge isn’t just the key to success, it’s the building block of a comprehensive email security plan.

Check the sender
The easiest way to determine a real email from a spoofed one is to view who is sending it. While your basic junk mail folder will screen the really lazy attempts at spoofing, you and your employees can’t rely on it to weed out everything. A lot of cybercriminals have gotten skilled at mimicking the look and feel of companies through professional looking graphics and signatures. For starters, you are going to want to ignore email display names as these can be deceptive. The domain name provides the best clues as to who the sender really is. For instance, if an email requesting your company’s financial documents claims to be from the IRS but the domain reads IRSgov.com, it’s a spoof email since that domain is not what the IRS uses. If you ever spot an email containing a domain you consider to be suspicious, delete it immediately. If it is from a legitimate sender, they will send you a follow up email in a couple of days.

Embrace DMARC
Domain-based Message Authentication, Reporting and Conformance (DMARC) can help reduce the risk of spoofed emails being sent internally. For businesses that do not set this up, it is possible for someone to spoof an email account that looks like it is from your business or a current employee and send it from a different server. As we saw in the case with the Bucks, these can appear legitimate to employees who will then in turn do what is requested such as turn off security settings or handover sensitive data. With DMARC in place you can prevent spoofed emails from utilizing your domains by requiring any email sent by your domain to come from your server. This greatly reduces the risk of an internal spoofed email showing up in the inbox of your employees.

Utilize email protections
A lot of companies believe they can get by with the simple protections that come standard with an email client. However, doing the bare minimum is rarely enough to stop spoofed emails, not to mention all of the other threats lurking in your inbox, and high-powered email and spam protection will give your organization the added layer of security it needs. Much like elite-level basketball players need the best coaching and equipment to succeed, the only way to truly reduce the risk of falling victim of a spoofed email is to educate your staff properly and then equip them with email filtering. This ensures they aren’t wasting their time constantly trying to identify legitimate emails from fake ones but are prepared when the situation presents itself.

When it comes to email security, working with us is a slam dunk. We may not have the skills of Steph Curry on the basketball court but when in the realm of IT, competitors say they want to be like us. Give us a call today to find out more.

Published with permission from TechAdvisory.org. Source.

Boost staff productivity with mobile tech

Most business owners are quick to think that utilizing mobile devices automatically leads to more productivity. Unfortunately, this is not always true. A poor mobile device policy can actually lead to burnout and see your employees become overwhelmed by technology. Here’s how to avoid these pitfalls and get the most out of mobile devices in the workplace.

Use the right tool

Some work tasks just aren’t cut out for mobile use. While using a mobile phone or tablet to send emails is an effective way to work on the go, trying to write long form reports on these same devices is a bad idea. As a general guideline, small tasks such as email, viewing documents, using search engines and project management apps are good for mobile work. Anything that is too detailed is probably better suited for a computer or laptop. Lastly, only train your employees to use and learn the mobile devices and programs that make sense for their role. If you want them to be most efficient, you don’t want to overwhelm them with every mobile tool your business uses.

Communicate face-to-face

Email is undoubtedly a valuable communication tool. But it’s also become the bane of existence for many of today’s employees and business owners. Too many emails kills your employees productivity, overwhelming them. And unfortunately, many times email is simply unnecessary. Instead of sending that email about a question concerning an upcoming meeting, simply go and ask in-person. You’ll likely get a response much quicker and you avoid adding yet another message to the email overflow.

Consider adding a face-first policy in your office. This means that every time your employees consider writing an email, they should question if it’s easier to just go talk with that person directly. If that person is located a quick walk away, then the conversation should take place in-person. This especially makes sense if your employee needs an answer within a few hours, as sometimes emails go unanswered for much longer than this. By enforcing an email policy, your employees’ inboxes are less likely to be overflowing and your communication will take place in a more timely manner.

Set boundaries

There’s no question that mobile tech can help productivity, but it can also hinder it. The problem is that many employees who utilize it have difficulty “switching off”. The lines between work and personal life begin to blur as completing work tasks is always right at their fingertips. While on the surface more work output from your employees may sound like a good thing, in reality it’s far from it. Being “always on” can quickly lead to burnout. And even if it doesn’t, if your employees don’t take time to break and recharge, their productivity will suffer. To demonstrate just how many employees fall into this trap of overworking, the 2015 Staples Business Advantage Workplace Index surveyed 2,602 employees and found that a quarter of them regularly worked after standard business hours, and four out of ten worked on at least one weekend a month.

So how can you resolve this issue as an employer? Simply set boundaries. Create time frames for when work platforms and applications can be utilized and for when emails can be sent and responded to. Also, don’t encourage employees to work on off-hours by sending emails during the weekend. If your concern isn’t urgent, then by all means wait till Monday to send it out.

Be flexible

While it may sound a bit contradictory to the last point, being flexible in your work policy can be a smart decision to boost productivity. By being flexible, we mean the ability for your employees to work at hours and locations of their choosing. Most people work better and quicker at certain hours as they are more focused at specific times of the day. And some people will work better remotely than they do at an office space as there can be less distractions. The Staples survey supported this fact as 59% of the employees surveyed said that flexible schedules had a positive effect on productivity.

Cloud tools like Office 365 and Google Apps can help encourage a flexible workplace. But regardless of how flexible your office becomes, be conscious that parameters on work, mentioned in the last section, should still be in place to prevent employee burnout.

Mobile devices in the workplace can go a long way towards making your business more efficient and employees happy. If you’d like to learn more about utilizing mobile devices in the workplace or how you can leverage technology to make your business more productive, call us today.

Published with permission from TechAdvisory.org. Source.

Secure your business with these IT policies

Employees are one of your biggest security holes. There is no foolproof prevention method for human error, and this is why employee mistakes are one of the most common causes of a security breach. So what can you do to prevent it? Well at the very least you need to include policies in your employee handbook, and ensure your employee reads through it and signs off on agreeing to abide by them. Having measures in place drastically reduces the chances of a security breach. Here are four areas to keep in mind when developing your own.

Internet

In today’s business world, employees spend a lot of time on the Internet. To ensure they’re not putting your business at risk, you need a clear set of web policies. Here are three important ones to keep in mind:

  1. Employees should be using the Internet for business purposes only. While this is undoubtedly hard to avoid without blocking specific websites, having a policy in place should at least cut back on employees spending time on non-business related sites.
  2. Prohibit unauthorized downloads. This includes everything from music to games, and even data or applications.
  3. Accessing personal email should not be done on business devices. If employees must access their own email account during the day, they can do so on their smartphone or other personal device.

These are just a few Internet policies to get started, but you should also consider including information on your recommended browsing practices and your policies for using business devices (such as company phones) on public wifi.

Email

Just like with the Internet policy mentioned above, company email accounts should only be utilized for business use. That means your employees should never use it to send personal files, forward links or perform any type of business-related activities outside of their specific job role. Additionally, consider implementing a standard email signature for all employees. This not only creates brand cohesion on all outgoing emails, but also makes it easy to identify messages from other employees, and hence helps prevents spear phishing.

Passwords

We’ve all heard the importance of a strong password time and time again. And this same principle should also apply to your employees. The reason is rather simple. Many employees will create the easiest to crack passwords for their business accounts. After all, if your organization gets hacked, it’s not their money or business at stake. So to encourage employees to create strong passwords, your policy should instruct them to include special characters, uppercase and lowercase letters, and numbers in their passwords.

Data

Whether or not you allow your employees to conduct work on their own device, such as a smartphone or tablet, it is important to have a bring your own device (BYOD) policy. If your employees aren’t aware of your stance on BYOD, some are sure to assume they can conduct work related tasks on their personal laptop or tablet. So have a BYOD policy and put it in the employee handbook. In addition to this, make sure to explain that data on any workstation is business property. That means employees aren’t allowed to remove or copy it without your authorization.

We hope these four policies have shed some light on best security practices. If you’d like more tips or are interested in a security audit of your business, do get in touch.

Published with permission from TechAdvisory.org. Source.