Coleman Technologies Blog

Let’s explore some of the risks that the IoT can present.

The Security Issues of the IoT

The Internet of Things has added utility to many devices, expanding their potential in ways that would otherwise be impossible. This has only been further augmented by the access to personal devices that many employees enjoy through Bring Your Own Device policies.

However, these benefits have come with an assortment of considerable risks alongside them. Devices that are a part of the IoT are notoriously vulnerable to many cyberattacks, which means that they could potentially be used as a point of access to your business’ network. From there, a cybercriminal has plenty of opportunities to create issues - whether that’s by stealing your data, hijacking your devices to be used in a botnet, or whatever their goal may be.

This problem is only exacerbated by the tendency for IoT devices to go without updates, whether through the negligence of the manufacturer or of the consumer. Without these updates, security flaws go unresolved, and the devices are thereby left vulnerable.

Consider how many devices are now manufactured that connect to the Internet. Smart watches and other wearables, smart speakers and televisions - really, almost anything with the word “smart” in its name - we have more or less surrounded ourselves with the Internet of Things. This includes the time we spend in the workplace, despite many of these devices not being visible on the network to IT. As a result, it has become almost impossible to track all the devices that attach to a network, which has developed into a new issue for businesses.

Shadow IoT

Thanks to the public demand for convenience and advanced functionality, more and more IoT devices are being manufactured all the time. If any of these devices makes its way into your office without the knowledge and approval of IT, you have a shadow IoT problem.

If you do, you aren’t alone.

In 2017, 100 percent of organizations surveyed by an IoT security firm were found to have consumer IoT devices on the network that qualified as shadow IoT. Another report, from 2018, stated that one-third of United States, United Kingdom, and German companies have over 1,000 shadow IT devices on their networks every day. Combine this with the security shortcomings discussed above, and you have a recipe for a cybersecurity disaster.

You may remember the Mirai botnet, which struck back in 2016. This botnet was built up of over 600,000 devices at its peak and focused primarily on IoT devices. Once these devices were identified by Mirai, they would be attacked and infected, adding more computing power to the botnet. Mirai is far from the only example, too… cybercriminals have been known to hack into IoT devices to gain network access, spy and listen in on conversations, and otherwise prove themselves to be a nuisance.

How to Minimize Shadow IoT

Clearly, shadow IoT isn’t a good thing for any organization. There are a few things you can do to help protect your business from the security issues that shadow IoT can cause.

• Accept IoT devices in the workplace. If your employees really want to use one of their devices at work, they’re going to. Instead of shooting down requests to bring in these devices, make it easier for your employees to do so through the proper channels - and make sure your employees are aware of these channels. Openness and cooperation can be effective tools as you try to get your team on the same page you’re on.
• Keep IoT devices separate. To better protect your network, you will want to consider utilizing a dedicated Wi-Fi network for IoT devices, configured to allow them to transmit the information they generate while blocking any incoming calls to them. This will help prevent threats from being transmitted to IoT devices.
• Seek out potential threats. Not all shadow IoT necessarily can be found on an organization’s network, as over 80 percent of the IoT is wireless. This means that you need to be monitoring your wireless signals for shadow IoT devices and networks.

Your business’ security is important - too important to be undermined by an insecure consumer device that was brought in without your knowledge. You need to get out ahead of shadow IoT, as well as the other threats that could do your business harm.

Coleman Technologies can help. Our professionals are well-versed in cybersecurity best practices and how to use them to your benefit. To find out more about what we can do for your business, reach out to us at (604) 513-9428.

Why Effective Communications are So Critical

There are a few reasons that you want your business’ internal communications to be clear and effective.

Fewer Errors

Miscommunication is rarely a good thing, but in the business setting, it has the potential to be crippling to your operations. If the correct information isn’t shared at the right time, with the right people, productivity will suffer. On the other hand, proper communications can help minimize, or even avoid, many potential workplace errors.

Increased Accountability

When an organization keeps its communications open across the board, it is prone to see an associated increase in companywide accountability. From owner to intern, being responsible for (and being held responsible for) certain milestones in a process keeps each member of a team on-task and motivated.

Improved Teamwork

Naturally, when members of a team communicate properly, they are better able to work cooperatively. As a result, problems often become easier to solve, as ideas may more easily flow and develop. Additionally, potential issues between departments are more easily resolved, preventing interpersonal concerns from affecting the work.

Efficient Problem-Solving

The ability to communicate clearly enables a team to better pool their talents to much more efficiently overcome any issues that may arise. Whether a problem is strategic or technical, having the capability to swiftly solve it will only benefit a business’ operations.

Instant Messaging in the Workplace

Naturally, all of the above outcomes can (and often do) result from the use of an instant messaging application… as long as it’s the right one.

You need to make sure that your chosen solution is intended for business purposes, which means you need to use an enterprise-grade instant messaging application. In addition, you also need to be sure that you and your staff are properly leveraging your solution. Try to encourage the following practices and behaviors in your staff to ensure that your instant messaging solution doesn’t turn into an instant messaging problem:

• Keep it in check. You don’t want a solution that is meant to be a productivity booster to actually harm it. There’s a very real difference between your staff properly leveraging instant messaging capabilities, and aimlessly chatting all day. Encourage your staff to keep their conversations pertinent to the workplace and the task at hand (at least as much as possible).
• Remain professional. Again, conversations on your instant message solution should be far and away focused on workplace matters. It is important that your staff knows this, and resists using the solution to share jokes, GIFs, or memes excessively. Moderation is key.
• Don’t rely too much on it. Not all conversations are appropriate for an instant messaging platform, especially those that contain sensitive or overly complicated details. Some conversations are better shared in person, or in an email, where lengthier messages can be sent.

Have you ever utilized instant messaging in the workplace? Share your experience with us in the comments!

Smartphones in the Workplace

Let’s start with the trickiest bit of this first. Smartphones are a distraction, pure and simple. In fact, according to one survey, employees average about 56 minutes per day on their phones while they are in the office. This equates to a massive productivity leak for many businesses, but just when you think it isn’t equitably fair for the employer to pay for time employees spend scrolling through Twitter, Facebook, and Instagram, responding to personal emails, and browsing websites blocked by the company’s content filter, employers aren’t totally innocent in this situation.

The modern employer is the first person to take advantage of the computing prowess of these devices. Since the modern company tries to do more with less, many employers expect their workforce to always be available; and, that means always. Moreover, managers and executives aren’t any different: they are always on their smartphones too!

Some organizations feel the need to try and strategically design policies to keep people from using their personal devices for personal use on company time. These same people don’t have a problem with them using these devices for the benefit of the organization, just not for personal gain. This is where policies go wrong. They create archaic and completely unrealistic policies and are shocked when even their best performers can’t avoid their phones for long. 

If you want your staff to limit their phone use at work, you have to make that clear. Some companies have implemented a policy that provides small breaks in which they can use their phones, but most companies have come to understand that this isn’t a trend and that phone use is part of day-to-day life. Locking down people’s ability to connect with the outside world for eight (or more) hours a day is only going to serve to bring negative reviews from your team, so your best bet is to embrace it, and realize that as long as your expectations have been communicated properly, most employees won’t take advantage.

Smartphones Out of the Workplace

While the smartphone may be a bit of a distraction to your in-house staff, what happens the moment people leave the confines of your business? They use their phone. In fact, I doubt very much if they make it out to their car or onto the train without a full assessment of the messages sent by applications, people, and others. How long do you last without checking yours?

This brings us to the point that needs to be hammered home. The more people use mobile devices, and specifically smartphones, the more they are willing to do off the clock for work. You don’t think this is true? If you are a business owner or manager, try texting, emailing, or messaging a member of your staff outside of work. They may not appreciate it, but more than likely, they will respond. This effectively extends them to “on-call”, a state that was typically reserved for people with jobs that the public depends on like doctors, lawyers, and the like. Now if you have a question about a project that just can’t wait until the morning, there is an excellent chance that you will be able to get the answer you seek directly from the person who worked on a task last. That can have a lot of benefits for your business.

What About Security?

Mobile malware has become much more prevalent than ever before--so much so that it can be a major problem for your business. The best way to mitigate liability from this is to design and enact a Bring Your Own Device (BYOD) strategy that takes advantage of cutting-edge mobile device management tools. Your staff may scoff at first, but if their two options are using their data or using your wireless network, they will opt in, guaranteed. 

If you need some help ensuring that you are doing everything you can to take advantage of your staff’s reliance on their smartphones, we can provide you with all the information, resources, and technology you need to make employee smartphone use work for your company. To learn more, call us today at (604) 513-9428.

Before we get too deep, we want to emphasize that there are two primary categories for threats to your business: external and internal.

External

External threats are those that come from outside your business’ network. The majority of threats will fall into this particular category, and it contains a lot of big names that you have likely heard in the past. Here are a couple of examples of threats to your business, as well as what they can lead to:

• Viruses/Malware: these are malicious bits of code or full-blown software programs that can be customized by hackers to perform a certain role. It would take far too long to list off everything that can be done with these kinds of threats, as the options are literally limitless.
• Ransomware: Sometimes malware will encrypt the user’s files and demand payment for the decryption key. Without access to important files, businesses might crumble under the pressure, losing both money due to the payment and a little bit of dignity in the process. In cases like this, it’s important to never pay the ransom, as it only serves to fund further attacks.
• Spam: Hackers like to send countless emails with threats attached to them, hoping that someone will download them and expose their organization’s network to threats. Spam can be prevented for the most part, but if left unchecked, your business could wind up installing threats on your network by accident.

Internal

Internal threats can come from the most unlikely sources, as even the most well-meaning employees could accidentally expose your business to potential threats. Furthermore, there could even be more sinister forces at work with employees potentially trying to actively sabotage operations. Here are some ideas for threats and what could happen from them:

• Phishing Attacks: Your users are your weakest link. While you might think that you have an understanding of adequate security practices, they may not, leading hackers to utilize underhanded tactics to leverage this to their advantage. Phishing attacks convince users to click links, download attachments, or provide credentials/sensitive information.
• Account Hijacking: Let’s say an employee’s account is hijacked by an external threat. You might see account activity from your employee, but how do you know that it’s not someone else using their account? Data could be stolen, or worse.
• Access Control: Have you ever fired an employee? Have they ever resented you for it? Chances are they may have felt the urge to go into their old accounts and cause some trouble. These internal threats could lead to embarrassing situations, as well as a loss of control over certain types of data. It’s up to you to cut off access as soon as you can.

Does your business need help maintaining security and keeping track of the countless threats out there? Coleman Technologies can equip you with the best security measures on the market. To learn more, reach out to us at (604) 513-9428.

The GDPR

Prior to the implementation of GDPR, individual data privacy was mostly left up to the individual. In non-EU circles, this is still mostly the case, but GDPR has made issues related to this much more noticeable, such as the way this personal information can be used for corporate financial gain. GDPR was a response to these organizations failing to properly utilize user data. This included people having their personal information like names, addresses, email addresses, and even medical/financial information being utilized by advertising companies or worse. The largest corporate technology companies were using the data of individuals to turn a massive profit--a practice that seemed to be unfair to consumers.

EU member states have been legislating their own data protection laws prior to the establishment of GDPR. The United States has yet to jump on board this trend, though. With GDPR, organizations are seeing themselves as members of the global economy with strict new guidelines to adhere to. The GDPR is essentially an amalgamation of the laws that had previously existed, requiring all businesses to report certain types of personal data breaches within 72 hours to a supervised authority mandated by EU member nations.

This case was a landmark in that businesses were forced to remain more cognizant of how important data management is for the people who take advantage of their services. Before GDPR, many organizations failed to protect the data of their customers, staff, and vendors. In a way, GDPR forced them to begin thinking about data management, training staff, and investing in security.

One Year In

The results of GDPR have been mixed, to say the least. Over 59,000 personal data breaches have been identified by companies notifying regulators. The sanctions for failing to comply with GDPR mandates carry fines of up to €20 million, or up to 4 percent of total revenue from the previous year (whichever is larger), leading to a more targeted and strategic approach to data security, as well as more prompt reporting of when data breaches occur. To take a look at the results the GDPR had in its first eight months, download the DLA Piper GDPR data breach survey, here.

Overall, the GDPR provided a substantial boost to data breach reporting speed. The mandate gave organizations up to 72 hours to notify breached parties, so there were fewer instances of breaches going years before being revealed to the general public. The GDPR has also resulted in nearly doubling the amount of reported incidents.

The fines resulting in these breaches being reported, however, is considerable to say the least. Fines totaling up to €55,955,871 have been levied against the companies responsible for the 59,000 reported incidents, with most of this being struck against Google. A French GDPR calls this year as more of a transitional phase rather than an indicator of the long-term effectiveness of the measure.

Effects Abroad

U.S. companies that do business in Europe aren’t safe from the measures initiated by GDPR, but organizations have started to change up their approach to data privacy. Many legislators are pushing for similar measures to GDPR, and CEOs like Apple’s Tim Cook have labeled data privacy a “fundamental human right.”

Unfortunately, this viewpoint seems to be in the minority of major American tech company leaders. Still, this hasn’t stopped states like California from implementing its own data privacy law. Other states like Colorado, Massachusetts, and Ohio were inspired to pass their own data privacy laws. Perhaps the federal government will consider acting to fill in the holes left by these data privacy laws.

What are your thoughts on GDPR and data privacy regulations? Let us know in the comments.

The Internet of Things is essentially a massive network of connected devices. Some of them have not traditionally taken advantage of network connectivity, but now depend on it. The more obscure examples of Internet of Things devices include kitchen appliances and other oddities, whereas the more usable devices include watches, wearables, connected vehicles, smart homes, and more. Some Internet of Things devices can even communicate with others, sending data and using it for a certain functionality. It all coalesces into a security disaster waiting to happen.

To prepare for this, you need to implement what’s called an Internet of Things policy within your workplace. Here are some ways you can keep the Internet of Things from devastating your business.

It’s Impossible to Stop Them All

One of the most valuable lessons of dealing with Internet of Things devices is that it’s impossible to keep tabs on every single device that enters your office. If you assume that each employee has a smartphone, a laptop, and at least one or two other minor devices, it all adds up. Therefore, you need to prepare for the worst by expecting it.

You Need to Do Your Best

The best way to protect against the Internet of Things is to be prepared for them. Implementing security measures is key, and the best ones for this situation include a Unified Threat Management system (UTM) and a Bring Your Own Device policy (BYOD). What this enables is the ability to eliminate threats and keep them from entering your network in the first place, including from your employees’ personal devices. It also helps to have a password-protected network so that passing devices don’t automatically connect to your wireless network.

Working with a managed IT provider like Coleman Technologies can make it easier to manage all of the devices that make their way to your business’ network. To learn more about what we can do for your organization, reach out to us at (604) 513-9428.

To begin, let’s figure out exactly what a data warehouse is.

Understanding the Data Warehouse

A Data Warehouse isn’t to be confused with a Data Center, where you might store your server infrastructure. It is a system for analyzing and reporting on large amounts of data. It helps you predict trends and get a full picture of what’s going on with your business.

In order to understand the purpose of a data warehouse, it helps to look to warehouses in the real world. In short, it’s a place to store stuff.

While this may seem simplistic, it is key to the other functions of a data warehouse. By storing all of a business’ data in a central location, that data can all be referenced against each other - regardless of the original source. This means that you can use this data to generate better analytics than you may have gotten otherwise, simply because you are less limited by the data you have access to.

Selecting a Data Warehouse

Of course, not all data warehouses are the same, and the different types offer different utilities. You also have to consider if the data warehouse itself is sufficient. Let’s go over some of the considerations you will have to make during your deliberations.

What kind of data do you need to store?

For our purposes, data can be split into two types: structured and unstructured.

• Structured data is data that can easily be organized into a spreadsheet. If your data fits the bill, a relational database would likely be a good fit for your needs.
• Unstructured data (or semi-structured data) is data that is presented in less-uniform formats, like geographical data, emails, books, and the like. If you have a lot of this kind of data, you may want to consider utilizing a data lake over a data warehouse.

How immediate does your data need to be?

Your intended use of your data warehouse will have the largest impact on this consideration. Are you looking for business insights, or are you more focused on real-time analytics? If you are looking to find out more about your business, having more data available will give you better answers. If you are using the data warehouse to fuel a predictive analytics platform, you will need less data, as tracking trends can be done with a simple Relational Database Management System (RDMS) and won’t necessarily benefit from access to all of the data your organization stores.

How are the costs structured?

Different data warehouse solutions are priced based on different factors, usually combining the storage used, the size of the warehouse, the number of queries that are run, or the time spent leveraging the solution. Your particular use case will likely influence which solution is most cost-effective for you, whether frequent utilization makes a lower compute cost preferable or a high volume of data makes lower storage costs the logical choice.

Does it work with the tools you use?

Finally, you need to be sure that the solution you are considering is compatible with your business’ other solutions - otherwise, you won’t get the full value from your data warehouse (or create more work for yourself).

Coleman Technologies can help your business manage its technology needs. To learn more about how we can optimize your business processes, call (604) 513-9428.

What is Downtime?

Downtime can mean many things, but it generally means any situation where your business cannot function like it’s supposed to due to drastic issues such as a data breach, a natural disaster, or hardware failure. In many cases, the reason why your business isn’t functioning is irrelevant, as the fact of the matter is that you’re suffering from downtime that could have been prevented with the proper action.

As you may have guessed, it’s not always about what caused your business to experience downtime, but what you can do to keep it from happening in the future. It’s times like these when learning a little bit about your business’ shortcomings and failures can be beneficial. You need to have measures in place to keep disaster from striking.

What Are Some Effects of Downtime?

We can use a simple situation, like an electrical outage, to showcase just how damaging downtime can be. Imagine a situation where your employees can’t get anything done due to a power outage keeping them from using their devices. Maybe they are sitting around and chatting. It’s difficult to put the blame on them, since they’re not the ones that control the weather.

This particular situation shows just how much your organization relies on technology, and it’s incredibly important to make sure it remains functioning. If your technology fails, you lose out on possible revenue, providing support for clients, and being productive as a whole.

Plus, fixing your technology will take a heavy toll on your business’ budget. If you’re replacing a piece of hardware like a server unit, you’ll be forced to shell out just to get back in proper working order. On the other hand, if you were to proactively maintain these devices, you can prolong their lifespan and mitigate costs associated with downtime.

What Should You Do?

Proactive technology maintenance is key to ensuring your organization doesn’t suffer from downtime. With the right solutions, your business can actively prevent IT issues from impacting operations. To learn more, reach out to us at (604) 513-9428.

Talent Acquisition

Consider the way that IT maintenance and management was before modern technology solutions became prevalent. Businesses had to either hire a team to manage their IT or outsource the responsibility to a third party. The key factor here is that both are limited by geographical location; if you can’t find a local business or enough talent to manage your business’ IT maintenance, it might not get done properly (or at all).

On the other hand, with remote technology maintenance and management being more available than ever before, plenty of businesses are finding that they can better maintain their technology infrastructures. What’s more is that these businesses don’t need to have these providers visit the office, meaning they get the maintenance they need without expensive on-site trips and travel costs.

Streamlining of Operations

Depending on the industry your business is a part of, you may have had run-ins with outdated technology or solutions that simply haven’t aged well. Perhaps you’re still using spreadsheets to keep track of inventory, which creates opportunities for user error and produces displacement. Maybe you’re finding that it’s difficult to find enough space for document storage, as filing cabinets are clunky and take up a ton of room. The list goes on and on… if you think of a former inconvenience, chances are there is a technology solution that has been developed to solve it in recent years.

That being said, modern technology solutions have given offices the ability to move past obsolete and outdated technology to make operations more manageable and dynamic. One great example of this is file management software and digitizing documents. It eliminates the obsolete and bulky filing cabinet in favor of a searchable database for storing your documents.

Consolidation of Resources

Your business might take advantage of several services that you think are beneficial for operations, but there is a serious chance that they are counterintuitive to your business’ bottom line. Your business’ phone service is a prime example. A phone system is critical to being in business, but it can come with considerable expenses, including some that can be avoided thanks to modern technology solutions.

The Internet gives your business the opportunity to consolidate resources in a way that wasn’t possible in its infancy. For example, Voice over Internet Protocol (VoIP) utilizes your Internet connection and eliminates the need to go through a telephone provider for this important service. VoIP uses an existing resource to lower your organization’s expenses. Furthermore, the “as a service” model allows your business to take advantage of solutions previously unavailable, and it’s all thanks to the accessibility provided by the cloud.

You might look back on the good old days with nostalgia for a time when technology wasn’t so necessary, but it’s hard to deny the effect that it has had on the business world. You want someone managing your technology that knows a thing or two about how to get the most out of your resources. To learn more, contact Coleman Technologies at (604) 513-9428.

Outdated software is an issue that all businesses have to deal with. The fact that so many organizations don’t routinely update their software solutions is pretty telling. For one, many businesses simply don’t have the resources at their disposal to make sure maintenance is performed on a regular basis. Granted, unless a business has taken substantial steps toward upgrading away from software that has reached its end of support date, they will have to suffer the consequences.

What Does “End of Life” Mean?

End of Life, also known as End of Support, is a term that is used to identify software that is not updated or patched after a specific period of time has passed. Certain Microsoft products can utilize the Extended Security Update, but only for a maximum of three years, meaning it’s more efficient and cost-effective to upgrade away from your old systems before they reach the end of support date.

What You Need to Do

How would your business be affected by a potential security breach? Since you won’t be receiving security patches or updates, you’ll need to consider this possibility. Following a major security breach, you’ll be forced to upgrade your systems anyway, so not only will you have those costs, but you’ll have to deal with the fallout of a data breach. It’s never too early to start taking preventative measures and think about the future of your infrastructure, as well as who will be responsible for the management, maintenance, and upgrading of your business technology.

Before Windows SQL Server 2008’s End of Support date arrives, consult this list of upcoming end of support dates and take the necessary steps to upgrade your technology. It’s better to do so now than wait until it’s too late.

We Can Help

Worrying about your business’s IT infrastructure is something that you simply don’t have time for. A managed service provider like Coleman Technologies can help you achieve affordable and accessible technology support, including the updates and patches needed to maintain network security. We can even help monitor your infrastructure for potential End of Support software that will soon be outdated. To learn more, reach out to us at (604) 513-9428.

Here, we’ll commit some time to examining the enterprise-level technology that SMBs are now leveraging to encourage their business’ forward momentum, and how you can leverage a solution that may not initially seem to be a fit.

The first consideration that any small business decision maker needs to take is how connected people are today. This level of connectivity produces many things, perhaps most of all heightened expectations - a fact that any SMB needs to contend with.

Historically, a small business would never invest in solutions meant to improve the customer’s experience and relationship with the company - they just didn’t have to. However, consumer demand makes it so that investing heavily in software can bring opportunities that simply wouldn’t be there otherwise.

As a result, your SMB needs to have the following solutions in its arsenal:

Customer Relationship Management

It can almost be said that, if your business doesn’t use a CRM, you aren’t really in business. That’s how crucial a CRM system can be nowadays. With hundreds of options out there, there are those that are unquestionably meant for the enterprise user, as well as plenty of options dedicated to a particular industry’s needs. These particular solutions take the benefits of the CRM and integrate different options that are precisely suited to a specific industry vertical.

One of the biggest small-business benefits of a CRM has to be how it can automate a significant amount of tasks that once were handled by multiple employees - a relatively larger chunk of its workforce (and payroll) than a larger competitor would be concerned with. This makes the CRM that much more valuable to a small business, as it reduces the manpower needed to complete business-critical tasks through automation. By integrating your customer relationships with your scheduling, your payroll, and other concerns, a CRM helps to make your business and its operations more streamlined.

Supply Chain Management

The demands of the customer are more crucial than ever to meet, especially for today’s smaller manufacturer. This means that the supply chain (procurement, manufacturing, fulfillment, and distribution) needs to smoothly work in coordination with its different parts. This is made easier by leveraging a single Supply Chain Management platform. Some of the options that these platforms often include, like Enterprise Resource Planning (ERP) software, are the same that are found in a CRM. This makes it easier to combine and consolidate software solutions so that users have that much less to learn to keep business moving.

Marketing Automation

Much like was said regarding the CRM, today’s small business doesn’t really exist without some kind of online presence. Some businesses will have an entire website created, while some stick to social media profiles. If you’re looking to boost your own business’ revenue generation (and why wouldn’t you be), building up your online presence is both an affordable and an effective means of doing so. Pairing this presence with automated systems can help you to nurture leads while simultaneously speeding up business and reducing operational costs.

This is how it works: your website captures leads. Once you have these leads, your marketing automation solution takes your captured information and integrates it with the CRM - saving you from the considerable task of doing it yourself. The end result, more worthwhile conversations that ideally end in more closed sales.

With the tools that are available today, it is amazing that more businesses aren’t leveraging them to cut costs and accomplish more. Don’t you want to get out ahead? The IT professionals at Coleman Technologies can help by deploying the ones that fit your business’ operations. For more information, call us at (604) 513-9428.

Study after study has been performed over the years about the impact of workplace wellness programs, producing various results. Some have indicated health improvements and cost savings, while others haven’t. However, the studies that were performed in the past had a high rate of issues. Whether there was no comparison group, or the chance of personal bias influencing signups, these studies simply didn’t provide reliable data.

Now, however, researchers from the University of Chicago and Harvard have conducted a large-scale study that meets the requirements that such a study is usually beholden to.

The BJ’s Wholesale Club Experiment

This experiment began by selecting 20 of the big-box retailer’s outlet centers to offer an employee wellness program. 140 additional BJ’s locations did not offer any such program. Across the 160 clubs involved, there were almost 33,000 workers employed.

Participants filled out a health risk questionnaire, took health classes, and had basic medical tests performed. After 18 months, their progress was evaluated...and that’s where things got interesting.

Despite the workers who were participating in this program reporting healthier behaviors than they once exhibited, almost all other factors were left unchanged. Blood sugar levels, job performance and attendance, and employer health care spending all were unaffected.

Why This Might Be

There’s a good chance that the results of this study were skewed by the incentives offered to participants. Participants were given gift cards for attending wellness courses, for a total incentive of about $250. According to founder and CEO of Bravo Wellness, Jim Pshock, this may just not have been enough. According to Pshock, any amount less than $400 is only going to be enough to incentivize people to do what they were already going to do anyways. As Pshock put it: “It’s simply too small to get them to do things they weren’t already excited about.”

Another study, published in 2018 by the University of Illinois, essentially debunked the idea of the workplace wellness program, concluding that it neither reduced costs or impacted behaviors - although this study also found that participants of wellness programs were those who were already healthy and motivated. This potentially suggests that the true benefit of these programs isn’t to make their existing workforce healthier, but to attract and retain healthier employees.

There are other potential contributing factors as well. A recent survey indicated that 84 percent of employees saw their wellness programs as “one-size-fits-all,” a concept that doesn’t really work will all of the various factors that contribute to health. Eighty percent of respondents to that same survey claimed that more personalization would contribute to their participation in wellness programs.

Why You Want to Adopt a Workplace Wellness Initiative

Admittedly, we’ve provided a mixed defense for these kinds of activities, but it cannot be denied that anything you can do to promote the health of your employees will only benefit your business - healthy employees tend not to call in sick, after all.

There are other benefits to these programs as well:

• Reduced Stress - The stress management benefits of healthier behaviors have been well documented. By adopting these healthier behaviors, you and your staff can reduce the stress that comes from the office and approach the source issues more effectively.
  
  
• Community Building - As the boss, you want your entire team to work as, well, a team. Unfortunately, if certain departments don’t work together much, this kind of relationship can be hard to develop. However, many activities that would fall under a workplace wellness initiative can help cross departmental lines, drawing your team closer together.
  
  
• Better Moods - Wellness programs allow employees to try out new activities, which can not only add to their wellbeing, but can also keep them engaged and productive. Plus, studies have indicated that employees who participate in these programs were generally happier with their work situation.

What have you done to cultivate a more health-conscious workplace? Share your strategies in the comments!

Profitable Types of Data

Believe it or not, even a small business with a handful of clients has data worth stealing. You’re in business to make money, and by virtue of this fact, you likely collect and store financial information. In fact, you collect a ton of valuable data. The type of data that hackers are looking for.

In addition to all of the financial details you collect, there is also all of the contact information regarding leads, clients, and customers. With so many emails and phone numbers stored on your infrastructure, hackers can have a field day. They will have all the information they need to steal funds, distribute malware, and create unpleasant situations for your business.

The Unpredictability Factor

Not all hackers have any specific goal in mind when they hack you. Sometimes all they want to do is make your life miserable. The unpredictability associated with hackers is one of the most dangerous parts of them, as they can take advantage of any overlooked vulnerabilities to create a problematic situation for you.

The Impact of Security Negligence

If your business falls victim to a hacker, it’s certain to affect your business' operations. In some cases, it could be subject to compliance fines that could break your budget and put your business at greater risk. Furthermore, you could lose access to important data that makes your business work, threatening its future and all but guaranteeing that recovery can never happen. Therefore, the importance of protecting your network can never be overstated.

Coleman Technologies can help your business implement the security solutions needed to maximize protection from threats. To learn more about what we can do for your organization, reach out to us at (604) 513-9428.

Unfortunately, most attacks still come in through email, and can slip by your users. Even the most complex cybersecurity platforms used by massive corporations and governments can be foiled by a simple phishing attack, and your end-users are your last line of defense.

How Can an Employee Fall Victim?

Phishing attacks are designed to look real. An email might come in looking like a valid message from Paypal, a bank, a vendor, or even from another employee or client. Hackers use several tricks to make the email look real, such as spoofing the address or designing the content of the email to look legitimate.

Unfortunately, if the user clicks on the link in the email or downloads the attachment, they could open themselves and your company up to whatever threats contained within.

Commonly, this leads to stolen sensitive information, or installs malware on the device, or grants the hacker the ability to log into the user’s bank account.

While having strong IT security can reduce the amount of these phishing attacks that come in, a percentage can be tricky enough to bypass your firewalls and content filters, exposing your staff to situations that could your whole endeavor in

Educate Your Employees

It’s important to teach employees how to catch a phishing attack. We recommend sharing the following steps with your staff, or even printing them out and posting them around the office:

1. Carefully hover (don’t click!) over links and see if they go to a legitimate URL. If the email is from Paypal, a link should lead back to paypal.com or accounts.paypal.com. If there is anything strange between ‘paypal’ and the ‘.com’ then something is suspicious. There should also be a forward slash (/) after the .com.   If the URL was something like paypal.com.mailru382.co/something, then you are being spoofed. Everyone handles their domains a little differently, but use this as a general rule of thumb:
   1. paypal.com - Safe
   2. paypal.com/activatecard - Safe
   3. business.paypal.com - Safe
   4. business.paypal.com/retail - Safe
   5. paypal.com.activatecard.net - Suspicious! (notice the dot immediately after Paypal’s domain name)
   6. paypal.com.activatecard.net/secure - Suspicious!
   7. paypal.com/activatecard/tinyurl.com/retail - Suspicious! Don’t trust dots after the domain!
2. Check the email in the header. An email from Amazon wouldn’t come in as This email address is being protected from spambots. You need JavaScript enabled to view it.. Do a quick Google search for the email address to see if it is legitimate.
3. Always be careful opening attachments. If there is an attachment or link on the email, be extra cautious.
4. Be skeptical of password alerts. If the email mentions passwords, such as “your password has been stolen,” be suspicious.

Phishing Simulation

Another great tactic is to have regular phishing simulations. This is where we create a series of fake phishing emails (don’t worry, it’s safe), and randomly send it to your staff. When someone falls for the attack, we send them educational information to help them prevent being tricked by a real one.

We’ve found this to be very effective, without taking a lot of time out of an employees already busy day.

Are you interested in helping to protect your staff from falling victim to phishing attacks? Give us a call at (604) 513-9428.

Properly Managing Your Email Like a Professional

Let’s not split hairs here: checking your email throughout the day can be a major waste of time. In order to avoid sinking time you could otherwise spend productively on reading (and re-reading) emails, there are a few habits you could develop.

Impose Rules on Your Email Habits

As we’ve said, repeatedly checking your email throughout the day can very quickly become a waste of your time. To avoid this, schedule times throughout your day to commit to checking your email. Once your time is up, stop until your next scheduled time.

We’ve all also accumulated emails that we simply don’t need to read. As harsh as it may seem, archive these emails, or unsubscribe as they come in to keep your inbox clean based on the subject line or the sender.

Managing Important Emails

Admittedly, not every email that comes in will be a waste of time. However, an overstuffed inbox can make it easy to miss something important. To avoid this issue, utilize folders to file your emails so that your inbox doesn’t become overfilled.

If Time is Left, Return to Your Inbox

If you finish your other tasks, return to your inbox and review your messages in order of importance. If you happen to run out of time, stop your review until your next opportunity. As you review your emails, don’t be afraid to unsubscribe to emails that aren’t important to your tasks.

Don’t Be Afraid to Leverage Filters and Labels

Filters and labels can help you to keep your emails more automatically organized. Your filters/labels should be relevant to their content. One can contain messages from a certain sender or pertain to a certain topic. As a result, you will be able to more easily keep your emails organized.

Rules like these can also keep you from having to deal with automatic replies, like out-of-office autoresponders and similar replies that you don’t need to receive.

What other emails have gotten in the way of your productivity? Let us know… we might cover them in a future blog! For more information, subscribe to our blog!

What Does Your IT Infrastructure Look Like?

Your IT infrastructure consists of all the technology that enables your organization to store and utilize data that it has collected. This includes your network, your storage system, and any hardware and software solutions that are used to access it. Basically, an IT infrastructure is effectively your organization’s central nervous system, supporting operations through the transportation of data.

It’s clear that your IT infrastructure will play an important role in the way your business works. This means that you’ll need to invest time and energy into developing a proper strategy for your IT infrastructure to adhere to.

Determining Your IT Infrastructure Strategy

The same infrastructure won’t work for all businesses, so you’ll have to craft one. To create an optimized infrastructure strategy, consider the following best practices.

Simplification

Make no mistake--your infrastructure today hardly resembles what it looked like just a few short years ago (at least, it shouldn’t). Chances are that your IT infrastructure contains several different types of technology. This complicates the process of improving and updating it.

Be sure to consider the modern standardization of the software and integrations that are possible with your centralized IT platform, as this will maximize access to data and increase how much value you get from your solutions.

Flexibility

IT is always changing and adapting to trends, which means that you will want to build your IT infrastructure in such a way that it can take advantage of these changes. Ask yourself where your organization’s biggest speed constraints are, as well as how they can be rectified. If you can consolidate your existing infrastructure to limit the risks, how would this affect your business processes? These are all factors that must be taken into consideration.

Service-Focused

The biggest advantage that IT provides for your organization is that operations can’t happen without it. When planning out your infrastructure, be sure to consider the fact that your entire business will need to use it for access to services and tools required for each employee’s day-to-day responsibilities. Ask yourself what you can do to make sure your infrastructure can do what must be done both now and in the future.

Why You Should Consider a Managed IT Infrastructure

You might recall the process you used to create your network back when your business was just a fledgling pushing back against the world. Remember that feeling and use it to fuel the process of reexamining your current IT infrastructure. In fact, you may find it more reasonable to outsource this task to a managed service provider.

There are many benefits to doing this, but the biggest has to come from the time you’ll save from doing so. You have a lot on your plate as a business owner. Can you say with confidence that you have the time it takes to design, build, manage, and maintain an IT infrastructure? Of course not--there simply aren’t enough hours in the day. Instead, you hand this responsibility to professionals you trust to ensure that the process goes well.

Coleman Technologies wants to be the MSP you trust to make sure your infrastructure is working for your business and its goals. To learn more about the services we offer, reach out to us at (604) 513-9428.

How Blockchain Has Been Shown to Be Vulnerable

Let’s face it… blockchain technology is a human invention, which means that there are going to be some flaws.

Admittedly, the concept behind the blockchain makes this hard to believe: every transaction made through the blockchain, financial or data-based, is given a permanent, designated “block” in the chain. Before the transaction is completed, the rest of the network needs to approve this new block’s validity. The block is then added to the chain, where it cannot be altered and provides an unchangeable record of the transaction - to undo it, a new block would be created. It is only then that the transaction is completed.

While this method may seem foolproof, even “unhackable”, this just isn’t the case. In March of 2014, cybercriminals managed to steal $450,000,000 worth of Bitcoin through a transaction mutability vulnerability, and in June of 2016, cybercriminals managed to steal approximately $60,000,000 by leveraging a recursive calling vulnerability.

Additional Blockchain Vulnerabilities

Again, as a human creation, there are going to be some flaws in blockchain platforms. One investigation revealed that some blockchain and cryptocurrency platforms had over 40 vulnerabilities.

51% Vulnerabilities

Many of blockchain’s vulnerabilities have more to do with the nature of the platform as well. One such vulnerability is known as a 51% vulnerability, and is associated with mining cryptocurrencies. Let’s assume you are a cryptocurrency miner. If you manage to accumulate hashing power that exceeds more than half of what the blockchain contains, you could leverage a 51% attack to manipulate the blockchain to your own advantage.

Naturally, more popular blockchains, like Bitcoin, are far too expensive to be practical targets, but smaller coins are much more affordable to attack and can be lucrative for hackers. In 2018, 51% attacks were leveraged against less popular cryptocurrencies, netting the attackers approximately $20 million.

Security of Private Keys

Using a blockchain requires a user to have a private key. Naturally, if this key were to be stolen, those cybercriminals who stole it would be able to access and tamper with that user’s blockchain. What’s worse, because the blockchain is decentralized, these kinds of actions are difficult to track and even harder to undo.

Breach Examples

As you might imagine, most breaches involving a blockchain are in some way tied to an end user. In 2017, a fraudulent cryptocurrency wallet service was left up for months as the cybercriminal responsible allowed people to funnel their cryptocurrencies into it before stealing $4,000,000 - out of a reported total of $2 billion being stolen since 2017 began. In January 2018, it was disclosed that hackers stole private keys with malware, taking over $500,000,000 in NEM coins (a now-effectively-worthless cryptocurrency established by a nonprofit).

If hackers are able to steal from a purportedly “unhackable” technology, what’s to stop them from stealing from your business?

Cybersecurity solutions from Coleman Technologies, that’s what. We can set up the security solutions your business needs to protect its data, and monitor your systems to detect breaches preemptively, preventing a security issue from happening. To learn more about what we can do, reach out to us at (604) 513-9428.

Welcome to the on-line version of our monthly newsletter.  

Thank you for your interest in our IT Playbook. It will arrive in your mailbox in a few short days.

Looking to speak someone directly? Call us now at: (604) 513-9428.

Check out our blog to keep up with the latest Coleman Technologies news and information!