Coleman Technologies Blog

A business’ compliance with the regulations it operates under is a huge issue that many inside your organization won’t understand but has to draw some attention. Let’s look at some of the variables that go into compliance to outline just how important it is.

Regulatory Requirements

Governments and regulatory bodies create various laws and regulations to ensure the security, privacy, and ethical use of technology. Compliance with these regulations is absolutely mandatory, and failure to meet them can result in significant fines, legal penalties, and reputational damage.

Data Security and Privacy

As businesses collect and store sensitive data, ensuring the security and privacy of this information has to be a priority. Compliance frameworks, such as GDPR, HIPAA, and CCPA, set standards for protecting personal data and require organizations to implement robust security measures.

Risk Management

The process that goes into successful technology compliance helps organizations manage risks associated with cybersecurity threats. Building strategies that adhere to compliance standards can minimize the risk of incidents that could disrupt operations or harm customers.

Trust and Reputation

Doing everything you can to stay compliant demonstrates a commitment to ethical practices and protecting customer data, which builds trust with customers, partners, and stakeholders. Non-compliance, on the other hand, can lead to a loss of confidence and damage to the organization's reputation.

Operational Efficiency

Compliance frameworks often include best practices and guidelines that can improve the efficiency and effectiveness of technology operations. By following these standards, organizations can enhance their overall performance and reduce the likelihood of error.

To follow technology rules, you need to know the laws, use strong security, be proactive in managing risks, and follow ethical guidelines. For help with this, contact the IT experts at Coleman Technologies today at (604) 513-9428.

Would you feel safe staying at a hotel that, instead of unique locks, each door used the same key as all of the others? Probably not—because if someone got in, they could take whatever they wanted. That’s similar to how old-school cybersecurity worked. Once someone got into a company’s network, they could access almost everything, making it easy for hackers to steal information. But today, many businesses use a better security framework called zero-trust security. In today’s blog, we discuss what zero-trust security is and why it’s safer.

What Is Zero-Trust Security?

Zero-trust security is all about being extra careful. It means that nothing and no one inside a company’s network is trusted automatically. Instead, everything has to prove it has permission to be there, even if it’s already inside the network.

Returning to our hotel example, imagine that the hotel used a unique lock on each room's door instead of using a marginally better version of the honor system. Even if someone managed to find your floor, they still can’t get in the room unless they have your room’s access code. Zero-trust security works the same way by adding multiple layers of security to keep data safe.

How Does Zero-Trust Security Work?

For zero-trust security to work, companies need to focus on these seven things:

• Users - The company needs to know who is trying to get into its network and make sure each person only sees what they need for their job. For instance, people in sales wouldn’t have access to financial records, and engineers wouldn’t be able to see private HR documents.
• Devices - Every computer, tablet, and phone connecting to the network needs to be safe. Companies make sure devices have the latest updates and security settings, and they check to see if each device is allowed to connect.
• Networks - Different parts of the network are locked down, so only people who need to use them can access them. Firewalls and other tools help block out anyone who shouldn’t be there.
• Applications - Companies keep all the software they use up-to-date and secure. This ensures no one uses unsafe programs that could let hackers in.
• Data - Data is super valuable, so companies protect it with encryption (which turns data into code) and other strong security tools to keep it safe from people who shouldn’t see it.
• Automation - Computers can help by watching the network for unusual behavior, like a hacker trying to get in. This helps companies stop threats faster than if a person had to notice on their own.
• Analytics - By tracking everything happening on the network, companies can spot warning signs early and stop problems before they become big issues.

Why Zero-Trust Security Matters

Zero-trust security is all about being cautious and making sure every user and device proves it’s allowed to be on the network. By checking everything—even what’s already inside—companies can ensure their information stays safe.

Want to know more about keeping your business secure? Give the IT professionals at Coleman Technologies a call today at (604) 513-9428 to learn more.

Monitoring Employees Without Their Knowledge

We figured it would be most appropriate to discuss the no-go option first, which would be to start monitoring your employees without their knowledge or consent. As you would imagine, this is the shadier side of the monitoring spectrum, and is actually illegal in most cases. Unless you have reason to believe an employee is actively acting out and are investigating them, you are not allowed to use monitoring software to keep an eye on your team without telling them.

So, as much as I hate to have to say it, don’t do that. Instead, inform your team of your intention to monitor their systems, what you will be monitoring, and—most crucially—why. This is the real key. Transparency is the most important thing to have with your employees. Studies have even shown that this kind of transparency makes your team more comfortable with these kinds of arrangements.

Monitoring Employees While They Aren’t Working

Again, with so many employees working remotely, it may be tempting for many employers to just continue monitoring these devices even after work hours have ended. It’s one less thing to worry about that way, right?

Wrong. 

What if the employee ends their day or takes a break, and decides to log into their bank account to check in on their finances? You could easily capture sensitive information without meaning to, putting you on the hook in the legal sense. To avoid this, you have a few options you can exercise. Your first option is to simply ban employees from using work technology for personal matters. Your second option is to enable your team members to turn off the monitoring software when they are not actively working.

Not Making Use of Your Monitoring Data

A big part of ethically monitoring your employees comes down to your intent, your motivation for doing so. Are you looking to improve productivity by identifying inefficiencies and bottlenecks? Great. Are you ensuring that there are no data leaks that need to be mitigated? Fantastic. Are you simply using it to make sure that your employees are at their desks working? There are better ways to account for that.

Employee monitoring should always be a means, not the end. Whenever you implement it, it needs to be in service of a specific goal. When used in this way, and not just because you want to keep a closer eye on your team, it can bring some significant benefits.

Coleman Technologies can help bring these benefits and more to your operations. To find out how our team can help you implement and manage the technology your business needs supporting it, give us a call at (604) 513-9428 today.

Password changes, multi-factor authentication, and countless changes in policy and procedure can make daily workflows more and more complicated. Cybersecurity can truly be a pain—a necessary pain, granted—but a pain nevertheless, and one that can gradually lead to burnout if you aren’t careful. Let’s go over how to mitigate the likelihood of it.

Understanding Security Fatigue

Let’s put yourself in the shoes of one of your employees for a moment—although, if we’re really being honest, the following scenario could easily apply to anyone in your organization, including you.

How often have you sighed when asked to create yet another new password, or groaned when a multifactor authentication prompt pops up, when all you’re trying to do is your job? Does news of the next security training make you roll your eyes?

You aren’t alone. Not by a long shot.

The truth is, modern cybersecurity—for all its importance—is a balancing act. While the human element is consistently one of the weakest elements of the average business’ security, the numerous policies, procedures, and protections intended to help mitigate the vulnerabilities your team members contribute to can backfire.

For instance, how would you feel if it consistently became more and more challenging for you to complete the same tasks you had always been responsible and accountable for, without the tasks themselves changing at all? Pretty frustrated, I’d assume, and motivated to do whatever you could to streamline these challenges…going so far as to cut corners or overlook whatever requirements you could get away with neglecting.

This is the phenomenon known as security fatigue—where there is so much emphasis put on security and the safeguards intended to ensure it, that your team becomes disinterested and behaves less securely as a result.

Some Signs that Security Fatigue Has Set In

You’ll want to be on your guard so you can spot some of the warning signs in both your own behaviors and those of your team members. For instance:

• Have you or your team members grown more lax with your password practices?
• Are you or your team members prone to connect to insecure networks without the added protection of a virtual private network, even when accessing sensitive accounts and data?
• Do you and your team keep an eye out for signs of phishing, or are most messages taken at face value?
• Are work devices commonly used for personal activity?
• Is IT kept apprised of incidents and issues promptly, or are such things only reported when the circumstances are severe?
• Do you or your team members frequently use workarounds to bypass your security?
• Are work devices kept appropriately up-to-date, or have updates been somewhat neglected?

If any of these sound familiar, you may have a bit of onset security fatigue.

How to Correct Security Fatigue

Fortunately, there are a few ways that you can counteract this phenomenon in your business. While we in no way are attempting to minimize the importance of security of all kinds for modern businesses, it is important to also keep in mind that too much apparent security can easily hurt your team’s productivity. Therefore, by helping to take as much off your team members’ plates as possible, through things like automatic patches, remote management, and password management systems, you can better strike a balance between productivity and security without short-changing either.

Coleman Technologies is here to help you do just that. Let us shoulder your cybersecurity needs so your team can focus more on your productivity, without worrying that you’re left vulnerable as a result. Give us a call at (604) 513-9428 to learn more about what we’ll do, and how you could benefit.

It’s true that there are a lot of businesses that rely on their workforce to show up every day. Many of these businesses were forced to shut down or operate at limited capacity during the pandemic but are just now getting up to speed. Outside of operations, there are a lot of administrative uses of technology, some of which involve protecting employee and customer information. Let’s get into some of the strategies that businesses can use to get the most out of their workforce at this time. 

Remote Operations

Ironically, until this whole COVID-19 mess is over with, the most prudent decisions are going to be made using technology that supports remote work, even if you’ve mandated employees to work at your place of business. Not only does it remove physical interaction of your staff to protect them from contracting potentially dangerous viruses, it protects clients as well.

This strategy includes the use of internet-based tools and substantial training initiatives. According to an IMB survey just over half of remote workers during the pandemic were actually trained to protect work-related resources, so making employee training a priority makes sense. 

Hybrid Operations

There’s a saying, “You have to crawl before you walk.” It means that you have to work up to something. If you already have a remote workforce and you are looking to get them to move back to the office or the workplace, you should start implementing a strategy that gets people in waves. The most important thing is to prioritize employee health during this time, as any COVID-19 outbreak could make it difficult for you to conduct business at all. 

In regards to the IT deployment, this strategy is probably the most resource intensive because you have to both be cognizant of your network security inside your business, while also keeping abreast of how your remote workers are using your computing resources. 

Onsite Operations

Getting back to “business-as-usual” will be nice, and if you can accomplish it now, that’s great. It’s just not a strategy many businesses can support at this juncture, especially if they feature open office spaces and shared bathroom facilities. IT management is simpler for IT administrators when everyone is in one location and on the same page. 

Regardless of what your plans are for your human resources, you need to ensure that everyone understands how to mitigate the numerous types of threats your business faces each day. To talk to one of our security professionals about your business’ situation, call us today at (604) 513-9428.

If you want your organization to be efficient, you must increase productivity. However, this is often easier said than done, as plenty of obstacles, communication challenges, and resource allocation issues can stymie even the most well-thought-out plans. Let’s look at how you can improve productivity for your business by considering these common issues.

Why Team Productivity Can Impact the Workplace

Your team’s productivity will directly impact how your company works toward a common goal. If you can optimize productivity, you can ultimately achieve better results, profits, and employee satisfaction. Once you establish the importance of this fact, you can start to take deliberate action to work toward it.

Challenges to Team Productivity

Here are some of the major factors that can influence team productivity:

• Poor communication - When team members aren't clear about their roles or tasks, productivity suffers.
• Lack of clear goals - Without a shared vision, team efforts can become disjointed.
• Inadequate resources - Ensuring your team has the necessary tools and support is vital for high productivity.

Set and Work Toward Clear, Measurable Goals

Without clear and measurable goals, your organization might struggle to unify and work toward the same ends. If you offer goals, your team can follow them like a roadmap toward the objective.

Your goals should be SMART, an acronym that stands for Specific, Measurable, Achievable, Relevant, and Time-bound. Use this framework to ensure that all goals you implement are realistic and possible within the scope of your project.

Leadership Can Promote Productivity

If you want to maximize your team's efforts, give them an effective leader. They will have an immense impact on motivation and morale. A leader must be able to offer constructive criticism and build a work environment that is conducive to productivity. If the leader wants their team to be productive, they must lead by example and set a strong standard.

Track Your Team’s Productivity

Goals mean nothing without tracking progress toward them. There are various methods you can choose, but we recommend the following:

1. Time tracking - Measuring the time spent on tasks using productivity tools.
2. Output-based tracking - Focusing on the results achieved rather than the time spent.

If you’re unsure which best suits your needs, feel free to reach out to us for more recommendations.

Implement Project Management Tools

Project management tools can streamline workflows and allow for increased communication, facilitating productivity. Your team can leverage these digital workspaces to great effect, working together while sharing information in real-time.

Promote a Great Workplace Environment

A great work environment can go a long way to create the motivation to sustain long-term success. It also creates an environment free of negative kinds of stress. You can encourage this type of work environment by promoting open communication. While your employees don’t always need to get along, they should at least respect each other’s professional experience and be cordial enough to work together.

Let Us Help Your Team’s Productivity

Coleman Technologies can help your organization maximize team productivity. To learn more, call us at (604) 513-9428.

Windows Defender is Microsoft’s own antivirus solution, and it comes bundled with Windows, so it’s confusing to think that a business would need to pay for it, right? Well, there are actually two separate products called Defender, with a big difference between them.

Sometimes, the most challenging part of picking solutions for your business is deciphering their often-obscure naming conventions. We’ll admit, Microsoft’s naming conventions for some of their products are a little confusing, so let’s try to make sense of one of their products, Microsoft Defender.

Of course, confusion is the last thing you want for your network security, which is what we’re getting into with today’s article. Consider the difference between Windows Defender and Microsoft Defender for Business as a perfect representation of this.

Explaining Windows Defender

Windows Defender is an antivirus software that comes with your Windows 11 operating system. It’s also preinstalled on Windows 10 PCs. It’s so under the radar that most users likely don’t even know it’s there. Microsoft has started to refer to this tool as Microsoft Defender, just so you are aware.

Of course, you get what you pay for with network security tools, but even the quality of free cybersecurity software has varying levels of “bad” to consider. We’re happy to report that Windows/Microsoft Defender is at least usable from the average user’s perspective. It’s better than not having any protection at all and definitely better than some other free tools that bombard you with advertisements and subscriptions.

Windows Defender is perfectly good enough for the average user who doesn’t use their computer for business purposes. It’s fine for a college student’s laptop to do their homework on, and it’s fine for most people who use their computer for simple tasks like watching videos and sending emails. 

But it’s not ideal otherwise. Windows Defender doesn’t do much to stop phishing attacks or ransomware; it also doesn’t cover other web browsers, like Firefox or Chrome, sticking you with Edge if you want to take advantage of the most protection possible. That said, Windows Defender has a firewall that can block malicious URLs and run malware scans. It’s a fine solution for free but not the best you can do. Why not?

The reason is simple: it’s not designed for businesses.

Microsoft Defender for Business

Microsoft Defender is meant for use by consumers, whereas Microsoft Defender for Business is designed for businesses. It can support organizations of up to 300 users, after which Microsoft has higher-end enterprise solutions like Defender for Endpoint, Defender XDR, and Microsoft 365 for Enterprise.

As you might expect, Defender for Business has more power to it than your average consumer version. It works on various platforms, including Windows, Mac, Android, and iOS/iPadOS. You can also protect Windows or Linux servers.

Microsoft Defender for Business has central controls for admins to adjust security as needed. With these controls, an admin can ensure that all systems are properly protected, run scans, or change settings for the entire network.

Unsurprisingly, this solution is more all-encompassing than the consumer version, so if you’re dead-set on Defender, we recommend going for the business-grade version. It works to protect your organization from cybersecurity attacks, including malware and viruses that home users need to worry about, while also covering the more advanced threats that target businesses. It also covers remote employees, which is a huge benefit in today’s ever-flexible work environment.

Microsoft Defender for Business offers the comprehensive protection you expect from a business-grade solution, whereas the consumer-grade product does not.

Don’t Use Consumer-Grade Products for Your Business

The big takeaway we have for you here is that businesses should not use consumer-grade products. They do not offer the same level of service, scope, and security necessary for business-level operations. This statement applies to all business-grade products, whether you’re looking at a security solution or a productivity suite.

Coleman Technologies can help you make the right decisions regarding the security of your network. Learn more by calling us today at (604) 513-9428.

If there’s one thing that helps businesses establish consistent policies and strategy, it’s a good framework. You can use a framework for anything, including network security. Today, we want to walk you through the cybersecurity protection standards as they are outlined by the National Institute of Standards and Technology so you can better protect your business.

The NIST framework has five parts: identify, protect, detect, respond, and recover.

Identify Threats

You can’t protect against a threat you don’t understand, period.

Businesses must first identify threats and how they might strike against various assets and resources. For example, you need to understand the hardware and software that keeps your business running, as well as how the supply chain impacts acquiring these resources. Furthermore, your business needs to adhere to regulatory guidelines, and you must take steps to ensure that your supply chain is not interrupted by potential threats.

It might not seem useful to know in the context of cybersecurity, but knowing what you need to protect, as well as what you are protecting against, helps you determine risk and the appropriate steps forward.

Protect Against Threats

Now that you know what your cybersecurity situation demands, you can implement the following preventative solutions:

• Access controls help minimize the risk of unauthorized access to your data and infrastructure.
• Similarly, data security helps keep critical information available to those needing it while maintaining its confidentiality otherwise.
• Establishing regular and proactive maintenance practices to ensure all updates are in place and devices experience optimal uptime.
• Training staff as appropriate based on their level of permission.

We’ll add our two cents to the conversation by recommending something not on the radar of the NIST—business continuity—as it’s important to know your business' bare minimum operating standards.

Detect Threats

It’s not a question of if you get targeted by cyberattacks, but when.

While you can protect your business as much as you want, sooner or later, you’re going to have to be ready to handle an attack aimed right at your business. The solutions you implement should be able to send you warning signs and alerts so you can take action in the moment. Furthermore, these alerts help you ensure that your solutions are actually working as they should be.

If you don’t detect threats as they target your business, you’re asking for trouble.

Respond to Threats

The goal of cybersecurity is to catch, detect, and respond to threats so they have a minimal impact on your operations.

Naturally, this is a high-stress event, so you want to have an iron-clad policy to turn to just for situations like these. Not only do you need to mitigate the issue in question, but you also need to be ready to respond to the many other residual threats and the problems they might invite. Throughout the entire process, you’ll want to remain in touch with anyone who might be impacted, such as customers, vendors, or employees, as well as your local law enforcement.

Following an attack, you’ll want to take a look at your network and collect as much information on the attack as possible, as arming yourself with this knowledge can help you better protect it in the future.

Recover from Threats

The challenge continues long after you’ve eliminated threats as you work to recover from the incident.

For one, you need to get your interrupted services back in operating order with the help of a business continuity plan. You’ll want to have clear, actionable steps in place that you can follow to get your company back on track following a cybersecurity incident. Be intentional about using this backup strategy to recover your critical systems, then improve them so that another issue doesn’t occur later down the line.

Keep your stakeholders informed of the recovery process, too, as your customers, staff, and other partners will want to know how it’s going.

Take Your Security Seriously

Five steps might seem like a lot, but this should serve to showcase just how important this is to your business’ longevity.

Rather than react to a cybersecurity crisis, you should have solid strategies and systems in place beforehand. This will help to ensure you’re not caught unawares. Keep in mind that you have trusted IT resources at Coleman Technologies whom you can rely on for any and all security needs.

To learn more, call us today at (604) 513-9428.

Admittedly, it can be easy to roll your eyes at statistics like these. If a method works consistently for a business, why go through the trouble of changing it? Why is it that you have to adjust how you do business, just because someone else has?

Well, there are a few reasons.

First, I want you to consider why we use computers today, rather than typewriters, or send emails and instant messages instead of carrier pigeons. It isn’t that the more traditional alternatives were inherently bad, it’s just that the technology that replaced it is better.

The technology that we all use today is still improving - becoming faster, more powerful, and more capable than what was introduced not all that long ago. 

Technology follows something called an s-curve - gradual improvement as a new method is introduced, sudden acceleration in the improvements that are made, and then it peters out as the technology reaches its limits. At this point, a new technology is presumably introduced, and the process resets.

Each time a new improvement is introduced, you have the opportunity to use a better tool than your competition does… but the same can go the other way, too. If your competition pulls too far ahead of you in its capabilities, your customer service capabilities won’t matter when compared to a service that is just better.

Using up-to-date technology solutions makes your business more efficient. When you’re dealing with a business, how long are you willing to wait to receive your promised services? 

Not only do inefficient services wear down a client’s patience, longer operations are inherently more expensive - so, in a way, you wind up spending more money to deliver a less satisfactory product or service.

Not good - but again, easily fixable with more recent solutions, like automation. Automation makes operations a lot quicker by eliminating rote processes, accomplishing this as your employees work on other things. 

Finally, you have to consider your business’ security. When so many cyberattacks are now run almost completely self-sufficiently, the protections that your business relies on will have to work far faster than any human being could.

On the other side of the coin, an increasing amount of cyberattacks are relying on human fallibility in order to take root. When phishing attacks (think the Nigerian Prince scam, but more refined and directed to your users) targeted a reported 76 percent of businesses in 2018, you need to know that you and your employees can spot them. By helping you implement the security solutions you need to protect your business on the digital side of things, and by educating your employees on how to spot threats and issues, Coleman Technologies can help keep your business safe and competitive.

Our team would be happy to talk to you about implementing the IT solutions your business really does need to remain competitive. We can also remotely maintain it for you, allowing you to go about your business without having to worry about it. Please, reach out to us at (604) 513-9428 to learn more.

Businesses are prioritizing cybersecurity more than ever. Many insurers now require companies to meet specific cybersecurity standards before offering coverage, with one key requirement being the implementation of multi-factor authentication (MFA).

Here’s what you need to know and how we can help.

What is MFA?

Multi-factor authentication (MFA) is a cybersecurity measure that adds additional layers of security beyond the traditional username and password system.

While the classic username and password combination has been a standard since the advent of networking, it is relatively easy for cybercriminals to compromise using methods like phishing, keylogging, and network snooping.

MFA mitigates these risks by requiring additional authentication steps that are much harder to replicate or steal.

How Does Multi-Factor Authentication Work?

MFA enhances security by requiring users to provide extra proof of identity.

Initially, a user presents their identity with a username, requesting access. Traditionally, this identity was authenticated with a password. However, MFA requires more proof before granting access, such as an additional authentication factor.

What Can Be Used as Authentication in Modern MFA Systems?

Modern MFA systems require additional proof of identity, which can be categorized into three types:

• Something you know: A password or passcode.
• Something you have: An access token, account, or application.
• Something you are: Biometric data.

While some options are more secure than others, any MFA implementation significantly enhances security, which is crucial for insuring your business.

Emailed Codes

This method involves sending a code to the user’s email during an access attempt. The user must then provide this code to gain access. It’s simple but effective for businesses willing to check their email before logging into a secured resource.

SMS Codes

Some platforms send a code via text to the user’s phone, which must be entered to gain access. Despite its simplicity, SMS-based MFA has some downsides, such as issues if the phone is lost, upgraded, or if the phone number changes.

Authentication Applications

Dedicated MFA applications like Google Authenticator, Microsoft Authenticator, and Duo offer a secure way to generate and access MFA codes. When choosing an app, ensure it supports device transfers and backups.

We’re Here to Help

Business insurance is essential, and if it helps make businesses more secure, it's a win-win. If you want to learn more about implementing MFA or have any other IT or cybersecurity questions, we’re here to help. Call us at (604) 513-9428 to learn more.

Simple passwords are just not an effective security practice, so if you’re still using credentials like Password, 123456, Guest, or Qwerty, listen up. You need better password hygiene practices before you suffer from a data breach. Here are some ways you can make a better password to protect your business from threats.

For passwords, it also helps to know what is ineffective in addition to what is effective.

What Does a Bad Password Look Like?

A bad password is, to an extent, always going to be a bad password because passwords are not generally good for account security. While they are certainly better than nothing, they are far from the best way to protect an account, despite being the most popular and most common methods of doing so.

It’s remarkably easy to create a bad password, as well as have bad password practices. Whether it’s a case of the password not being complex enough or too easy to guess, or if it’s used for more than one account, they repeatedly hold businesses and individuals back from achieving the level of cybersecurity they need and deserve.

To help you better leverage good passwords, we’ve put together a list of things you’ll want to do to make them better and stronger.

What Does a Good Password Look Like?

Here are some best practices for password use and creation.

Don’t Repeat Your Passwords
If you use your password for multiple accounts, then all it takes is one of them falling victim to a data breach or phishing attack for all of them to be exposed in the same way. You should be using different, complex passwords for each of your accounts with no repeating passwords.

Always Make Them Complex
Complex passwords are easy to remember, but difficult to guess, which is easier in theory than it is in practice. You can make it much easier through the use of a passphrase rather than a password. Your passphrase should be a random string of words that utilize upper and lower-case letters, numbers, and symbols.

Don’t Use Personal Details
Personal details have no place in passwords for two main reasons: it makes them easier to guess for hackers, if the information is something that they can find publicly on the Internet or on social media, and it places more danger on you in the event that the password is compromised.

Use a Password Manager
To remember all of your complex passwords is impossible, so we recommend using a password manager to help secure them all. A password manager uses one master password to call upon a secure vault of passwords when they are needed. It’s the best way to use passwords without putting yourself at risk.

How are Your Password and Cybersecurity Practices?

If you could use a hand crafting better passwords or protecting your infrastructure, Coleman Technologies has got you covered. To learn more, call us at (604) 513-9428.

First of all, it’s important not to panic. Many organizations have been offering work-from-home perks for years. Not only is it entirely possible to keep business running, but many businesses see a boost in productivity. A two-year Stanford study shows that in general, remote workers are as productive, if not more so, than those confined to an office.

Double Down on Good Communication Habits

Although we’re all supposed to be social-distancing ourselves to prevent our friends and loved ones from spreading and catching COVID-19, communication is still incredibly important. Managers and supervisors need to be kept in the loop from both sides: team members need to report up to them, and company updates need to be communicated downstream. Regularly scheduled department meetings and staff meetings should still all happen. Department heads should check in with their teams regularly.

Of course, business owners may get the intuition to check to make sure their staff is “on seat” and working, but if possible it’s better to show you trust your employees, and address problems with specific staff, have managers focus on them instead of the entire workforce as a whole.

Fortunately, there are plenty of applications available to make communication easier. These range from instant messaging tools like Google Hangouts and Slack, to video conferencing solutions like Zoom, Webex, and GoToMeeting. For businesses that utilize Microsoft 365, Microsoft Teams is a solution included with each license. G-Suite users can use Google Hangouts for group chatting and internal conferencing. Coleman Technologies can help you set any of these up with your staff.

One final thought: remember that many of your employees may be feeling pretty isolated, and even lonely. Keeping that structure with regular staff and department meetings can help keep people feeling connected.

Staff can Make and Receive Work Calls from Home

Beyond communicating internally, you’ll likely want your workforce managing the phones even from home. Fortunately, with many VoIP systems, this is relatively easy to do. Every VoIP solution is going to vary a little, but most offer the ability to make and receive business calls from any computer, laptop, or smartphone. It doesn’t require additional hardware (other than perhaps a good headset) and it gives your staff the ability to make calls from their work number instead of a personal one. 

They still get the same capabilities they would at the office: call recording, forwarding, voice mail, conferencing, and more. The key is they can handle it all from their personal device. Of course, traditional desktop phones and handsets are available too. On top of that, VoIP can often save a little money when compared to traditional phone systems.

If your business isn’t using VoIP, it’s time to consider making the switch. 

IT Security is More Important Than Ever

Let’s say you have 25 users and 25 workstations. You control those workstations; you have them monitored and maintained, and you have network policies pushed to them to prevent things from getting out of control. If those 25 users start working from home, suddenly you are contending with at least 25 endpoints that you don’t control. 

There are a lot of variables at play here. Who uses the computer at home? Are kids on it? Is it the family computer? What kind of security does it have? It’s impossible to say, but it’s more than likely things aren’t as sterile as they are at the office.

Secure Remote Access via a VPN
A VPN (Virtual Private Network) is one of the best ways to protect your company’s data, and it is useful in a lot of scenarios besides just working from home. A VPN allows users to remote into the work network securely from anywhere with Internet access. It encrypts the traffic so data sent to and from the office can’t be intercepted. The VPN also gives users access to all of the applications they would normally have while they are at work. 

Upgrade the Free and Consumer-Based Antivirus
Home antivirus solutions aren’t as hardened as centralized enterprise-level solutions. Sure, they do the trick when a family member picks something up while surfing the web, but if your business is trying to meet industry compliance standards, you’ll need something better suited.

You might want to consider extending your company antivirus to home systems that will be accessing the network. This may also include rolling out firewalls to ensure each user has the same security they would normally have while at the office. You’ll want to talk to the IT security experts at Coleman Technologies to determine what you really need to do.

Issue Out Company Hardware
You might even want to consider giving certain individuals (or your entire staff) work devices. This may sound like a drastic, costly move, but many organizations supply mobile employees with a laptop that the company controls and manages. We’ve seen organizations offer compensation if an employee buys their own personal device and allows the business to set it up like a work device.

This might not be a great option for the pandemic that we’re in the middle of, but something to consider for the future, if working remotely is something you want to offer for the long term.

Security Education is Critical
Your staff will still run into the same pitfalls at home as they would in the office. This includes spam and phishing attacks, poor password hygiene, and traditional user error. Make sure your workforce understands the threats out there and how to circumvent them. No amount of security infrastructure is going to stop a user from reusing a password or falling for a phishing email other than training, training, training.

This Pandemic Is a Disaster That Your Business Needs to Overcome

We talk about disaster recovery and business continuity all the time. We always use examples like floods and fires to represent a disaster, but COVID-19 fits the definition as well. It’s disrupting work and putting a huge strain on business in general. Business continuity is more important than ever.

It’s critical that you take preventative measures to minimize any additional risk to your business. That includes ensuring that your data is backed up and stored both onsite and offsite and is tested.  

In fact, being able to send your employees home to work is part of a solid business continuity plan. The whole idea behind a business continuity plan is to keep the lights on during any type of unforeseen disaster, and being able to walk away from it intact. 

Equipping your workforce with the tools and best practices to keep operations running is critical, and we are here to help. Give Coleman Technologies a call at (604) 513-9428 and ask how we can help equip your workforce to safely, securely, and effectively work remotely.

We’re not shy about sharing how important it is for a business to have comprehensive cybersecurity throughout its entire infrastructure. That’s why we wanted to share what some recent data has shown about the importance of having visibility into your infrastructure.

Spoiler alert: it’s really, really important.

Data Shows that Enterprises Suffer from Considerable Vulnerabilities

Compiled by Sevco Security, the State of the Cybersecurity Attack Surface report took data from over 500,000 IT assets. This data, compiled from enterprise-level businesses, revealed that a substantial number of the assets these businesses rely on are missing critical endpoint protections or aren’t being actively patched.

According to Sevco Security’s research, the businesses they surveyed were lacking endpoint protections at a rate of 12%, while 5% of them were lacking enterprise patch management. Compounding these issues, 19% of Windows servers were missing endpoint protections.

Furthermore, “stale” IT—assets that are present in the security control console and register as installed on a device, but haven’t checked back in for a few weeks—is a small but serious issue for these enterprise organizations. 3% of the IT assets have stale endpoint protections, while 1% have stale patch management. However, since they are supposedly accounted for, these risks are harder to spot and more likely to create issues.

Of course, these findings were all based on research into enterprise-level companies, with enterprise-level capabilities. Now, just consider what that suggests about the small or medium-sized businesses and their comparative capabilities.

Trust Us to Help Prevent These Vulnerabilities from Presenting Themselves in Your Business

Part of our proactive remote monitoring and maintenance services is to catch these kinds of issues before they result in larger problems for your business. To learn more about how we accomplish this, give us a call at (604) 513-9428 today.

What Should My Documentation Include?

Basically, your documentation should be a complete inventory of all the technology you have, first divided between your hardware and software solutions.

Hardware

There’s a lot of information regarding your hardware solutions that you will want to keep a record of, as it will make a lot of processes a lot simpler moving forward.

Serial/Model Numbers – These will help you to ensure that the device you are working on is the one you think it is, in addition to simplifying things for your support team.

Purchase Dates – If any of your decisions are going to be based on the age of the device (i.e. whether to repair or replace), knowing how long you have had it will help you to evaluate if you got the value from your investment.

Warranty Information – On a related note, knowing the terms of an item’s warranty can help you make the best decision for your business while taking this into consideration.

Installation Dates – Let’s say that one of your workstations is acting up. If you knew that it was installed the day before an extended brownout hit your office, this information could help you narrow down the issue.

Physical Locations – It is important to know where a device is supposed to be. This makes it easier for the service team to keep it maintained, as well as boosts your security somewhat.

Device Names – Having a name for a specific device, aside from the one the manufacturer assigned, adds another level of differentiation.

IP Addresses – If you need to find something on your network, knowing the IP address will help immensely.

Software

Just as is the case with your hardware, there’s a lot of information about your software to carefully record and track. Make sure you’re establishing the following in your documentation:

Product Licenses – Similarly to the serial number, keeping track of your product licenses ensures you are aware of how many copies of a given title you have available to use.

Purchase Dates – Again, as with your hardware, knowing when you acquired something helps you find out of your purchase is still under warranty, along with other pertinent details.

Install Dates – Once again, if you know when a given software was installed on a system, you’ll know a lot more about it through inference and deduction.

Subscription Details – If you maintain a subscription to a software suite or similar tool, keeping track of your subscription details can ensure your ability to use that title.

Usernames or Registration Emails - Knowing who in your organization is associated with your various software titles can help you log in to a vendor’s website or otherwise receive support later.

Version History – Finally, keeping up with your software’s current version in your documentation can help you keep track of where updates are needed, and where you may be susceptible otherwise. Of course, your documentation should outline the proper update procedures as well.

Why Bother with All This Documentation?

Simplicity. Security. Peace of mind.

Maintaining your technology will be so much easier with these details recorded for future reference, allowing you to get the maximum value for your investments into IT. For assistance in establishing these processes, or for insights about what we track, give us a call! Our professionals can be reached at (604) 513-9428.

Happy New Year! It’s officially that time when we all make resolutions meant to help improve ourselves, so why not include your business? Better yet, why not make business resolutions that you’re more likely to keep?

Let’s explore some of the ways that you can design your business’ resolutions to maximize the likelihood that you’ll keep them and benefit from them in the long term.

Design Your Goals Intelligently

“Work smarter, not harder.” It’s solid advice, and especially could show its utility as you try to make changes in the new calendar year. Are your processes clear, and crucially, are the outcomes they are designed to reach optimized for success?

This is where something known as SMART goals are useful. The SMART goals framework is a formula by which the most effective goals can be created, because these goals are designed to be specific, measurable, attainable, relevant, and timely. What is it that you intend to accomplish, by exact guidelines, and is possible to accomplish in a set time that will ultimately benefit your business?

By framing all of your goals in this way, you can prime yourself and your team to accomplish them more effectively.

Involve Your Team

Speaking of your team, you may want to commit some focus to bringing your team more into the fold as you strategize your goals. This will help you create goals that ensure that they remain engaged and comfortable while they work.

One way to do this is to promote the idea of shared responsibility in the workplace. Try to create resolutions that everyone can take part in, working together to collaboratively accomplish a goal. For your part, you should also resolve to readily provide employees with opportunities for professional growth and development. The more your team is able to do, the more your business can do… and the more engaged your team members will be, especially when there’s a clear path for them to improve.

It also benefits you and your business to provide your team with various wellness benefits and work/life balance-based perks. Providing opportunities to your team will make them more likely to stick around and enjoy them.

Break Down Your Goals into Steps

So, you’ve figured out a goal.

Now what?

While having a goal is an important part of improving your business, it’s only going to get you so far without a strategy that helps you progress toward that goal. Analyzing your objectives and determining how to accomplish them will make it easier to do so.

Try subdividing some of these larger tasks into their smaller parts, making an overwhelming prospect much more manageable and approachable. This also makes it easier to adjust different parts of your plan to improve the outcome that results from it.

Keep Track of Your Progress

On the topic of adjusting your strategies over time, it is much easier to do so when you have historical data to rely on. Make sure that you are keeping records that describe the progress you’ve made and the challenges you’ve encountered. Having this information will put you in a better position to improve your overall performance. Plus, it enables you to keep up your team’s motivation by celebrating the successes this data brings to light.

It also helps to seek out feedback from various parties in order to get the benefit of numerous perspectives. One person’s role—for instance, your own—may not give you a critical insight that strongly impacts the end result of your efforts. Crowdsourcing viewpoints from your team can give you a fuller, more accurate picture of whatever it is you are trying to accomplish, allowing you to more effectively make any changes or improvements.

Use Technology that Supports Your Goals

When you consider that Coleman Technologies is one of the most dedicated managed service providers in British Columbia, it was only a matter of time before we referred to your business’ IT. However, that doesn’t make it any less true that utilizing the right technology makes it far easier to accomplish your objectives, including those related to your New Year’s resolution.

You wouldn’t use a hammer to measure how big a piece of furniture was any more than you would use a tape measure to set some nails. The same goes for the information technology that your business puts to use—matching its purpose to the objective you’re trying to meet will make your job (and by extension, your life) much simpler.

We Can Empower Your Business Resolutions with Our IT Services

Let’s face it: New Year’s resolutions are hard to stick to. Fortunately, you don’t have to commit to your business’ new strategies without help. Coleman Technologies can be there to provide the IT services and solutions that can help with all of the steps we mentioned here, as well as any others your business may require. Give us a call at (604) 513-9428 to learn more.

Do you have an old Google account that you created years ago, only to replace it later with one that is more on-brand and less filled with spam messages? You’re not alone, but as you might expect, these accounts can create more problems than they are worth if you let them sit around unused for too long. Perhaps that is why Google is planning to shut down any old Google accounts that have remained dormant for the past two years.

The change is scheduled to start sometime in December of 2023 (although it’s possible that Google is already taking some action on older accounts), and it could impact users of Gmail, Google Drive, YouTube, Google Calendar, Google Docs, Google Meet, and Google Photos. YouTube accounts with videos shared are exceptions to the rule, as are accounts with open subscriptions. Furthermore, this change will impact only users of personal Google profiles, not those tied to workplaces or educational institutions.

If you want to save your old Google account from being deleted, then you need to do one simple thing: log into it. This activity will show Google that your account is being used and, therefore, should not be deleted. Just about any activity you perform in your Google account will constitute using it, too, such as performing a Google search while signed in, opening an email, watching a YouTube video, etc.

The reasoning behind this change makes sense, too, as Google hopes that this mass deletion of unused accounts will help make security easier. Considering that these accounts are old, their credentials have not been updated in years. This means that they could very well be susceptible to security concerns and breaches. These accounts are also less likely to have two-factor or multi-factor authentication implemented for them.

So, we recommend that you consider your Google accounts and whether or not they have anything important stored in them… before it’s too late to do anything about it.

As for password security on your current accounts, we recommend that you work with complex, unique passwords or passphrases that are easy to remember and difficult to guess. Furthermore, a password manager can be used if you’re concerned about remembering the many passwords that are expected of you. There are plenty of options out there to choose from.

Additionally, multi-factor authentication—utilization of something you own (a smartphone); something you know (a password or passphrase); and something you are (biometrics)—can be remarkably helpful for account security.

For more assistance with business account security, be sure to contact us at (604) 513-9428.

It’s not hyperbole to suggest that many people in business these days prefer digital communication over the alternative. Smartphones have evolved over time and adapted to this need. That said, using a smartphone to communicate does still have its fair share of unwritten rules to follow. Let’s discuss some of the dos and don’ts of smartphones.

Do Practice Proper Etiquette

Yes, there is an etiquette to using a smartphone, just like any in-person interaction that you might take part in throughout the day. Although smartphone use is so widespread that it has become a bit synonymous with informality, there are still opportunities where you should focus on the formal, so to speak, and get your etiquette in order (like, say, during a phone interview or talking to a prospective client). After all, that first impression might be your only shot at closing a deal or securing your desired outcome.

Don’t Use the Speakerphone

Using your speakerphone for a business call is just not a good look. You run the risk of background noise, and there is always the chance that someone might overhear or interject at an inopportune moment, making you look unprofessional as a result. Truth be told, most smartphones do not offer the same kind of sound clarity that you might expect from a headset or microphone, anyway. It might sound okay to you, but it’s usually not as pleasant for the other end.

Do Control Your Smartphone Notifications

Smartphones, for all of their benefits, are distractions as well. Therefore, it makes sense that you do all you can to limit the amount of distractions that your smartphone thrusts upon you. You can do this through your notification settings, turning on and off notifications based on your particular needs. This will keep you from checking it more often than necessary, leading to greater productivity (and happiness, too, probably).

Don’t Use Social Media While You’re in a Mobile Meeting

It’s often tempting to scroll through social media while you’re using your smartphone, but it’s not a good idea to get accustomed to doing this during actual work-related meetings. A lot of this is because virtual meetings make it too easy to check out and do other things, and people might not see as big of a need to pay attention (after all, they’ll get the meeting minutes from someone else, right?). Remember that it’s important to stay focused on your meetings and save social media for your downtime where it is less disruptive.

How does your business use smartphone technology in the workplace? With a mobile device management tool from Coleman Technologies, you can ensure that your team is using their devices in a way that supports your company’s mission. To learn more, call us today at (604) 513-9428.

Businesses of every size need to prioritize their security. This fact has not changed and will not change anytime soon. What has changed, however, are the recommended ways to approach this security.

Today, we wanted to review the history of today’s predominant cybersecurity advice and explore how the zero-trust security model applies.

Meet John Kindervag, the Godfather of Zero Trust

Once an apprentice to be a typewriter repair specialist before transitioning into the role of broadcast engineer and then diving into the world of computer animation (and building his own high-end computers in his spare time), Kindervag ultimately credits the video game Doom for his interest in networking.

How a Game Inspired Today’s Most Effective Network Security Strategy

Under the pretense of using it to transfer animated files (which were too large to be shared in this way at the time), Kindervag convinced his bosses to allow him to build an ethernet network to more effectively support the after-hours multiplayer LAN (local area network) parties that were held in the office.

He wasn’t the only one, by the way… many advancements in computing and networking were initially made in the interest of playing Doom (no word on whether they were primarily using it to play the cooperative multiplayer campaign or the player versus player deathmatch mode).

However, as he worked on these networks, Kindervag realized they were inherently insecure, with little attention paid to their security in favor of routing and switching. With the only protection being a firewall to keep threats out, there was little stopping users from removing data from the network. The trusted, internal network that the business maintained could easily allow data to be shared to an untrusted, external network… like the Internet.

John saw this as “insane”—his word for it—and concluded that all interfaces should have zero inherent trust. Hence, the zero-trust framework.

How Zero-Trust Works

To create a zero-trust system, there are five critical steps that an organization must take:

Step One: Defining the Protect Surface
As Kindervag puts it, “Zero Trust inverts the traditional problems of cybersecurity. Instead of focusing on what's attacking you, it focuses on what I call the Protect Surface. What do I need to protect?”

In other words, you need to identify all the data you have that needs to be protected, whatever form that data takes. Only then will you know the scope of your data protection needs and be able to cover them adequately.

Step Two: Mapping Your Data
So, once you know what data you possess, you need to fully understand how the rest of your business and its IT infrastructure interact with it. Which users need access to what, which applications regularly access this data, and how is your infrastructure set up to store and transfer it? This information is critical to the next step.

Step Three: Designing an Architectural Framework
With all these insights in mind, you must then create a framework that meets all of the above needs and requirements, explicitly considering your IT infrastructure and its construction. While some frameworks may ultimately look similar, any zero-trust strategy needs to be customized to the individual business—hence, all the audits and mapping.

Step Four: Creating Your Zero-Trust Policies
With your network designed to be more security-focused, you need to identify and dictate who can access what, how and when they can, from where, and for which purpose. This goes for every user, role, device, and network, as any of these could be used to access information without authorization.

Step Five: Monitoring and Enforcing Compliance
Finally, you’ll want to actively monitor your network to identify any oversights or loopholes in your zero-trust implementation. This will allow you to make corrections that resolve security issues and potentially optimize your business network's performance.

Some Pieces of Advice from Kindervag

First and foremost, Kindervag reminds us all that security issues like ransomware and other attacks—the kind that zero-trust actively helps mitigate—are not prejudiced against any kind or size of business. As a result, everyone is a target, and the impacts of a cyberattack can easily have severe real-world repercussions in our highly digitized society… and not always the kind you might expect. 

Kindervag refers to a ransomware attack targeting a Swiss Alps dairy farmer and his milking machines. While the farmer could still manually collect milk from his livestock, he couldn’t access the telemetric health data that may have prevented one of his cows from dying.

Emotional losses from losing an animal aside, that’s potentially a few hundred dollars of profit each year, just gone.

Kindervag also points out that many large businesses are still about as prepared as this farmer was to deal with ransomware, even though computer systems and their processes directly impact a modern business’ success. Therefore, according to Kindervag, the most intelligent and cost-effective approach is to be proactive in fighting cybersecurity threats.

We Agree, and We Can Help

If you’d like advice and assistance in keeping your business secure and productive in the face of modern cybersecurity issues, call Coleman Technologies at (604) 513-9428 to find out what needs to be done to implement a zero-trust approach.

Today, we aim to fix that. We will review why a Google account is so important to keep secure, as well as a few means and methods of doing so.

How a Google Account Can Be So Valuable
The purpose of the Internet has evolved greatly in the relatively few years it has been around. Today, the Internet is largely used as a communications and information sharing tool - true to its roots. This is where the name Internet comes from: inter (reciprocal or shared) and network (a system of connected things). However, as new purposes for the Internet emerged over time, circumstances changed, and the view of the Internet shifted.

The Internet was always meant for sharing information, from the very first inklings of an idea. In 1962, J.C.R. Licklider of MIT wrote up a series of memos that illustrated a system of interconnected computers, intended to share programs and data the world over, that he coined the “Galactic Network.” This idea of sharing information was also the driving force behind Sir Tim Berners-Lee’s development of the World Wide Web. As Sir Berners-Lee said:

“Had the technology been proprietary, and in my total control, it would probably not have taken off. You can’t propose that something be a universal space and at the same time keep control of it.”

In many ways, these ideals are retained in today’s environment. Online sharing is at its peak, social media and collaboration fulling leveraging a network that is, for the most part, still free of control by any central source. These are ideals that have developed into the demand for net neutrality and open-access information. However, while these ideals have been largely upheld, there are a few notable caveats that give us a more accurate view of today’s Internet.

As the Internet grew in capability, it also grew in utility… many of which featuring the need for greater security and privacy. With the confidential information that only select users should be accessing growing in popularity within Internet-based communications, this spurred a balance to the Internet that both individuals and businesses can appreciate, and that Google has shaped its offerings around.

From its beginnings as a dissertation project by two Stamford doctorate students, Google has grown into the dominant force online today. Businesses use its G Suite applications every day, as private users leverage some of their other services to their own benefit. Many people, both for business and personal use, leverage Gmail. Let’s face it, Gmail is just useful, whether you use it for work, or just maintain an account to open accounts with other web services.

It is this last point that makes your Google account’s security so important to maintain.

How many of your online accounts are accessible by Google? On the subject, how many of your accounts would be compromised if your Google account was first?

The Impact
This is the double-edged sword of a Google account. On the one hand, it only makes sense to use a Google account to create others, either using your associated Gmail address or linking it directly. The convenience is inarguable, and Google does equip these resources with reasonable security standards. So why not use a Google account?

Unfortunately, there’s one critical consideration that doing so adds into your security equation, that many overlook:

Linking an account to your Google account ties your Google account’s security to it directly.

This means that, if your Google account was to be compromised, all of the accounts you had connected to it are also compromised by association. Depending on what you had saved in this way, that could have some devastating ramifications.

Finding Out How Devastating
If you’re on your desktop right now, you can access your Google account by clicking here. In the Security section, you can review all the devices that your Google account has been active on, all the third-party applications with access to your account, and all the websites that are utilizing Google Smart Lock.

Is this list longer than you would have expected? Does it include your bank?

If it does, all it would take for someone to defraud you would be to access your Google account--or even lock you out of your own bank, resetting your bank credentials by using your Gmail account to activate an account recovery process.

A Solution
Again, this creates a conflict between two priorities: convenience against security. While the convenience could make anything that you use online more efficient in both your professional and personal life, nothing is worth compromising the security of either. So… where do we stand?

Like any conflict between two interests, the ideal place to meet is in the middle. In this case, it is the conclusion that you can have the best of both worlds--you just have to make sure that your Google account is secured properly.

While it would be great if there was, there just isn’t an option somewhere in Google you can select to make everything perfectly secure, just like that. Having said this, it is just a matter of taking a few precautions.

Securing Your Google Account
The first thing to securing any account is to understand that it isn’t a one-time activity and will need to be revisited periodically to make sure that everything remains secure. You should keep an eye out for news stories that discuss breaches among any of the organizations you have an account with, as you will still need to alter your credentials for these accounts.

Once this is set, there are a few best practices that it would be in your best interest to follow.

Passwords and Account Security
While all of your accounts should have the protection of a strong password, the fact that your Google account serves as a repository for your others make it only more crucial to implement one to its authentication measures. To accomplish this, make sure the password or passphrase you select is well in keeping with best practices, and that your Google account is the only account secured with it.

You should also be careful about what you are using to access your account. Any device that is available to the public should be avoided, as they are not only magnets for viruses and other digitally-based cyberthreats, but a cybercriminal could potentially retrieve your credentials from the device you used and thereby gain access to your account. Public Wi-Fi signals can have very similar issues, so use a secured, private connection whenever possible.

Two-Factor Authentication (2FA)
There is also the option to make your Google account ask more of someone trying to access it, a secondary code sent to you in a text message, delivered in the Google Authenticator application, or dictated through a direct call to your mobile device. By enabling 2FA, you can greatly decrease the likelihood that a cybercriminal will have everything they need to get in, assuming they don’t have access to your phone as well. We generally recommend that you utilize Google Authenticator, as it is the most secure of those three options.

You can also use your Google account to access a list of one-time authentication codes that you can print out and keep with you. This way, if you need to access your account and don’t have your phone handy, you can reference these to get in. If you run out of codes or lose the list, you can easily reset them and start over.

To set up these features, log in to your Google account.

At the end of the day, you don’t have to sacrifice the convenience of Google, as long as you have protected it responsibly. Coleman Technologies has the expertise to help you manage this security, as well as the rest of your business’ IT solutions and infrastructure. Call (604) 513-9428 to learn more.

Most people are familiar with Santa Claus, the jolly gift-giver who delivers presents to all the children who have kept the Christmas spirit in their hearts all year. Lately, many people have also become aware of Krampus, Santa’s dark shadow who—as the legend goes—takes a similar trip to visit the naughty children and turn the worst into a midnight snack.

However, one has to wonder: what about all the adults who might also be naughty?

Let’s find out about what happens to them.

What If Someone’s Job Parameters Changed Over the Centuries?

Hannibal Rowe sat in his office on December 24th, alone and frustrated. 

Glancing at the clock, he rolled his eyes and sent the message his HR team had drafted up for him. It was nonsense about leaving work early to enjoy the holiday with their families… something along those lines, at least. He heard his team start celebrating and chatting about traditions and whatnot as they hustled to close out their days and get home.

Rowe didn’t move from his seat until long after the door had closed behind the last of his team as they left—it was Thomas, excited about being able to read his kids to sleep or whatever—and even then, he was in no hurry to get out of there for himself. He poked at his keyboard, read some emails, and was just getting to the point where even he was considering going home before hearing the telltale ding that said a customer had walked into the office.

Hannibal smirked. Those idiots lost out on what might have been a really valuable commission. He stood, ready to walk out and greet the visitor, only to see the visitor had already found their way to his office. That was surprising in itself, but the visitor’s appearance quickly overwhelmed that factor.

The visitor was huge, taking up most of the doorway, but he gave off the impression of being lighter than air. He was very sharply dressed, with a suit that must have been custom-made for him based on his size and the apparent quality of the materials. He was very pale, a fact that his dark suit only accentuated. His eyes, however, were the oddest that Rowe had ever seen.

His eyes seemed dead, devoid of any twinkle or sparkle. Even more odd, however, was the color. His irises were so dark that it looked like the pupil never seemed to end.

The visitor smiled, politely asking, “Hello. Am I correct in assuming that I’m speaking to Hannibal Rowe? That’s what the sign on the door said.”

Hannibal nodded, reaching out a hand. “Yes, sir, that’s me.”

The strange man smiled, accepting the handshake with a shockingly cold hand. “I’m so glad I caught you in time. When I saw the empty office, I thought someone forgot to lock the door on their way to their families.”

Hannibal couldn’t help but roll his eyes. The visitor’s smile grew as he took note of the reaction.

“Not a fan of Christmas?”

Hannibal shook his head.

“Honestly, it all seems pretty silly to me. What, the fact that some people put so much weight on one day means that I have to jump through hoops and deal with all their traditions for a whole month? Man, if I told you all the time I waste dealing with time off requests… it’s ridiculous.”

The visitor chuckled. “I see I’ve come to the right place.”

At that, the visitor raised one of his ice-cold hands and snapped his fingers. The door slammed behind him, the lock engaging loudly with a definitive clunk.

Hannibal staggered back at that, startled by the sound, and started shaking as he realized what just happened.

“What… how…?”

The visitor nodded.

“Why don’t you sit down for a moment, Hannibal?”

The visitor snapped again, and suddenly, Hannibal felt the familiar cushion of his office chair behind his legs. He collapsed into the seat, staring in horror at the figure before him.

“Who…?”

“That’s the question I was waiting for!” The visitor nodded enthusiastically. Snapping again, the visitor suddenly had a simple chair in front of him. He sat as well, his strange eyes never leaving Hannibal’s.

“To answer that, you may have heard of me, but I can’t blame you for not recognizing me in this shape. My name is Krampus.”

As he said the words, Hannibal could have sworn that the visitor had horns, but they vanished as quickly as they appeared. Krampus continued:

“Now, you may be thinking of all the stories that have been told about me, and that was once how I operated. However, times change, and I eventually realized that many naughty kids will grow up to be fine human beings if given the time and opportunity to mature a little bit.”

Krampus sighed, rubbing his temples where Hannibal realized his horns must be.

“I was more than okay with this, but it suddenly became very clear that adults—some of them, anyways—were so much worse than any child I had ever dealt with.

“So I decided to change my tactics. Why go after kids who had the potential to be better when I could just wait until they were all grown up and stuck in their ways? There are plenty of people who do turn out just fine, which I prefer. Then again, some good kids wind up being pretty crappy adults.”

Krampus looked at Hannibal meaningfully.

“Wait, I’m crappy?” Despite the situation, Hannibal could hardly believe what he was hearing.

Krampus laughed, a true hearty laugh. He had to wipe away a tear before answering.

“Of course you are! Here it is, Christmas Eve, and you would have your team working well into the night if you didn’t know it would create a ton of trouble for you. I might be a little sensitive to the fact that it’s Christmas, but your team members are doing their best with the tools you’ve given them.”

“So, what now?”

Krampus sighed. “Well, here’s the issue. I need to know that you’ve learned a lesson, without punishing your team for their hard work. So here’s what we’re going to do:

“You’re going to suffer a cyberattack. You, personally. None of your staff will be impacted, and it will be clear that you were the one at fault, so nobody else can be blamed. I’m telling you this because you aren’t going to remember any of our conversation tonight, of course.”

Hannibal gulped. It would almost be better if Krampus still did things the old-fashioned way.

“But wait, we work with Coleman Technologies. They usually stop all this stuff from happening, right?”

“Oh, absolutely… but there’s only so much they can do to stop people from making mistakes.”

Hannibal blinked and suddenly found himself looking at an empty room. He blinked again, and all memory of his conversation with Krampus was gone. He turned back to his computer and opened his email again, finding a new message…

All of us here at Coleman Technologies want to wish you a very happy holiday, ideally one free of the impact that Krampus could have on it. If you want to make sure that your business is safer and more efficient for the new year, make it your resolution to give us a call at (604) 513-9428.