Coleman Technologies Blog

Ransomware

Imagine trying to access your computer (or your network as a whole), only to find yourself locked out and presented with a demand for payment in exchange for your files to be decrypted. This is precisely the scenario that ransomware puts its victims into, usually with a deadline to pay up under threat of the destruction of the encrypted files. If you’ve heard about Cryptolocker, WannaCry, or Petya, they are what we are referring to.

In 2019, a business was infected with ransomware once every 15 seconds, racking up a total of $11.5 million in total losses. Spam and phishing attacks were responsible for infecting 66 percent of affected companies, and in 2017, almost half of companies surveyed were affected by ransomware.

Denial of Service

Denial of Service (DoS) attacks, and their more-popular offshoot, Distributed Denial of Service attacks are the most common form of cyberattack. Using automation, an attacker has resources batter a target with the aim of taking it down. The rise in Internet of Things-enabled devices now allows an attacker to take over these devices and turn them against a single webpage. Naturally, this takes the website down.

The biggest DDoS attack on record happened on March 5, 2018, but was fortunately unsuccessful in taking down the targeted ISP… despite clocking in at 1.7 TB/s. On average, one of these attacks costs somewhere between $20K-to-$40K each hour, or in other terms, just under the average American worker’s annual salary. In the UK, businesses lost £1 billion to cybercrime in 2019.

Man-in-the-Middle

A Man-in-the-Middle attack compromises any communications between a business and their contact. Any and all data can be interfered with, allowing cybercriminals to have their way with personal data, business correspondence, or financial data that is transmitted. It can be intercepted, altered, or redirected, potentially causing more problems than can be counted. The worst part: because Man-in-the-Middle attacks are relatively easy to carry out, they are rising in popularity on a daily basis. They are most commonly used to extract information, whether personal or professional, that otherwise wouldn’t be available. This includes things like login credentials, banking information, or payment card data.

Okay, that wasn’t the worst part. The worst part is that the majority of servers are still vulnerable. As in, 2016 saw 95 percent of HTTPS servers still at risk.

Phishing

Believe it or not, phishing attacks are ranked as the biggest threat to businesses out there today. Phishing is a kind of social engineering where an attacker will reach out to the victim through some format, from email to instant messaging and beyond, in order to gain access to a secure system by fooling their victim into erroneously trusting them. While phishing emails have been around the block a few times, today’s attacks have grown to be quite sophisticated.

Many statistics surrounding phishing emails demonstrate how effective this relatively simple attack has proved to be. Phishing is involved in 93 percent of all social engineering attacks, and was directly responsible for 70 percent of government network breaches. In the last 12 months, 64 percent of organizations had first-hand experience with phishing, notably, 82 percent of manufacturers. The aforementioned ransomware relies on phishing for 21 percent of its delivery. As recently as 2016, 30 percent of phishing messages were opened.

SQL Injection

Abbreviating a structure query language injection, an SQL injection attack does what it says on the box - it injects malicious code into a target’s SQL servers and feeds the database information back to the attackers. While this is another “golden oldie” of an attack, web-based applications that call for database access have given new life to SQL injection attacks and allowed attackers to extract very valuable info.

It should then come as no surprise that 65 percent of all web application attacks are performed through SQL injections. So, if your organization draws information from a database for an application, you could easily be victimized to a significant degree. Even gamers need to be concerned, as 12 billion out of 55 billion detected SQL attacks that Akamai security experts found were leveled at the gaming community.

Malware

If only these other attacks meant that attackers didn’t have time to try anything else, but unfortunately, that isn’t the case. Malware attacks still rank among both the worst, and most common, attacks against businesses. Of course, there are many types to consider, including:

• Trojan horses - Malicious code will be concealed within other files and applications and allow an attacker a point of access to a computing system or network.
• Worms - Malicious and self-replicating applications that travel along and infect networks and individual devices.
• Viruses - Samples of malicious code that infect applications for a variety of motives, including sabotage and theft of data and other resources.
• Spyware - Code that, while it seems harmless, piggybacks to software and gathers information about how a device or network is used.

There are many ways for malware to be introduced into a system. Again, phishing messages can be responsible, but many attackers will use something called “droppers.” Droppers are specialized programs that will install a virus after bypassing cybersecurity solutions. Since there is nothing inherently malicious about the dropper, protections usually don’t flag them.

Fortunately, there are ways to protect your business’ resources, network, and infrastructure from the millions of different versions of these attacks - and you need them, as your business is actively targeted by these attacks. To learn more about putting these protections into place, reach out to the professionals at Coleman Technologies by calling (604) 513-9428.

1. Adopt Technology Solutions

Regardless of your industry, who your business serves, or even where you operate, there are some universal changes that technology has brought to how the average small-to-medium-sized business functions. Methods of collaboration have shifted to digital formats, “coming to work” is no longer a prerequisite to working, and the filing cabinet has been rendered woefully obsolete by other, better options. Cloud solutions are a major contributor to this. I want you to take a moment and consider something: why were any of these changes made in the first place?

It is for the same reason that the assembly line process was adopted, or why we cook our food before eating it: it provides greater benefits than the old way. It is the same with business technology, and you will see this as a common theme throughout these tips. Don’t disqualify yourself from competing by removing your ability to do so.

2. Don’t Shortchange Email

Email is now the gold standard for business communications, for numerous reasons. While a small business might find it redundant to email an announcement, doing so can prove useful to their operations. For instance, let’s say Mary manages a small office with four or five employees. She could easily just announce an important message to the room, but what if James was at the dentist that day, or Rob had excused himself to the bathroom just before? What if Ellen had just connected for an important phone call?

Email provides an easy way for you to communicate with others in your workplace that ensures everyone gets the message, without disrupting operations too much.

3. Go Mobile

While we’re on the subject, let’s consider Ellen for a moment. In the past, making a phone call would tie her to her desk, so any distractions in the office would be an unavoidable issue. Nowadays, there are many ways that Ellen could hypothetically remove herself from the situation while still fulfilling her responsibilities. For instance, a Voice over Internet Protocol solution could allow her to make and take calls from anywhere she could establish a connection, so she could presumably find a quieter area to work without sacrificing her ability to do so.

Other solutions also offer some form of mobility, assuming they are backed up with enough security. For instance, if James was unable to get to the office after his dental appointment, he could still work on his assigned tasks from home with the right cloud-based solutions.  Again, this helps eliminate his reliance upon getting to the office in order to produce.

4. Don’t Underestimate the Cloud

We’ve already touched upon how the cloud has shifted businesses, primarily focusing on how useful it is for hosting and storing data. However, this isn’t the only thing the cloud can do. Cloud technology enables today’s businesses to make use of tools that would ordinarily be out of reach. Yes, its storage capabilities can help make data more accessible to team members who need it, but it can also assist you in preserving your data in case of some disaster, give you access to computing resources that you couldn’t procure yourself, and provide you flexible access to your business applications.

5. Improve Your Security

A small business’ size once protected it from cybercrime, but nowadays, all businesses are fair game. In order to remain secure against these attacks, the right defenses need to be put in place. Things like firewalls, spam blockers, antivirus, and assorted other solutions help to reduce these risks. Additionally, any employee could potentially let in a significant threat, so all need to be educated on how to spot them, and the proper procedures to dealing with them.

Coleman Technologies is here to assist you in implementing these modern IT essentials, as well as maintaining them for you through our remote monitoring and access capabilities. To learn more about how else we can help your growing business, give us a call at (604) 513-9428.

How to Minimize General Exposure in the Office

Based on what is currently known about the coronavirus, the Centers for Disease Control and Prevention have some recommendations as to how to keep the potential impact of coronavirus to a minimum:

• Encourage employees who are ill to stay home. This will help to minimize the spread of infection within your business. Make sure that your employees are aware of this policy by reiterating it verbally, and by posting notices around the office encouraging them to stay home if under the weather.
  
  Emphasize hygiene and etiquette. Properly stifling coughs and sneezes and keeping hands clean are surprisingly effective ways to keep your workplace healthier. Rather than using their hands to catch a cough or sneeze, your employees should use a tissue or--if unable to do so--use the upper part of their sleeve.
  
  The CDC recommends that tissues and alcohol-based hand sanitizer should be made readily available. Make sure your employees are washing their hands with soap and water for the recommended 20 seconds.
  
  

• Engage in keeping the workplace clean. There is a chance that coronavirus (and other illnesses) could be spread via infected surfaces. Make sure that all surfaces that are touched frequently, like desks, workstations, and doorknobs, are kept sanitized. Provide your employees with disposable wipes so they can proactively disinfect these surfaces before use.

If you find that one of your employees is confirmed to have been infected with coronavirus, make sure that you inform their coworkers of their possible exposure while still maintaining the confidentiality that the Americans with Disabilities Act requires. These employees and those who are living with a sick family member should assess their risk of exposure using the CDC’s guidelines.

Coronavirus as a Cyberthreat

Unfortunately, coronavirus will also require you to also keep an eye on your network security, particularly if you operate within the healthcare industry. Hackers and cybercriminals have taken advantage of the widespread concern that the disease has caused. For example:

• Scammers have phished healthcare providers with updates that appear to have come from the World Health Organization or hospitals local to their area, but actually introduce keyloggers into their systems.
• Those involved in the medical supply chain have been targeted with emails referencing the coronavirus that install malware to steal information.
• Ransomware has been introduced into consumer systems by promising recipients of an email information about COVID-19’s spread.

While the current climate may not make it easy, these emails and other threat vectors can be overcome through the same best practices that foil other cyberthreats. In addition to comprehensive digital protections, training your employees to spot these threats will be crucial.

Of course, you should also maintain a comprehensive backup in case you need to recover from a successful attack.

How to Maintain Productivity with Your Team at Home

With today’s technology, sending an employee home sick doesn’t necessarily mean that you will be sacrificing that employee’s productivity. We now have many ways that your team can work effectively from home, still contributing to your organizational agenda without exposing their coworkers to their illness.

Equipping Your Employees

Remote access solutions, paired with virtual private networking technology, can allow your employees to securely continue their work from home, safely accessing the applications and data their tasks require through an encrypted connection. As collaboration will certainly be necessary, you will want to be sure that your employees are also equipped with the communication tools that facilitate this collaboration as well.

Network Protections

You will also want to thoroughly secure your network infrastructure to help prevent threats like phishing attacks and other methods from being successful… as well as preparing for a potential breach or emergency with data backups and disaster recovery policies and procedures (including contact information for your employees) to help mitigate a worst-case scenario.

Employee Awareness

Finally, make sure your employees are on the lookout for any suspicious activity that could be a cybercriminal’s attempt at using the coronavirus as a means to an end. Not only should your employees know how to spot these attempts; they should also know the proper procedures for reporting and handling them.

Is the coronavirus scary? At this point, it is safe to say that it is, but does it have to interrupt your business operations entirely? Not if you are properly prepared.

For more assistance in preparing your business for any kind of disaster, reach out to the professionals at Coleman Technologies by calling (604) 513-9428.

What is COVID-19?

COVID-19, better known as coronavirus, is a respiratory illness that first appeared in Wuhan, China, and was reported in the United States on January 21st, 2020.

As of March 3rd, 12 states have reported 60 total cases of coronavirus and six confirmed deaths, with no vaccines or specific antiviral treatments for the illness. Symptoms of the virus include fever, shortness of breath, and a cough, while those with complications from the virus can experience pneumonia in both lungs, failure of multiple organs, and death. 

Admittedly, it can be easy to roll your eyes at statistics like these. If a method works consistently for a business, why go through the trouble of changing it? Why is it that you have to adjust how you do business, just because someone else has?

Well, there are a few reasons.

First, I want you to consider why we use computers today, rather than typewriters, or send emails and instant messages instead of carrier pigeons. It isn’t that the more traditional alternatives were inherently bad, it’s just that the technology that replaced it is better.

The technology that we all use today is still improving - becoming faster, more powerful, and more capable than what was introduced not all that long ago. 

Technology follows something called an s-curve - gradual improvement as a new method is introduced, sudden acceleration in the improvements that are made, and then it peters out as the technology reaches its limits. At this point, a new technology is presumably introduced, and the process resets.

Each time a new improvement is introduced, you have the opportunity to use a better tool than your competition does… but the same can go the other way, too. If your competition pulls too far ahead of you in its capabilities, your customer service capabilities won’t matter when compared to a service that is just better.

Using up-to-date technology solutions makes your business more efficient. When you’re dealing with a business, how long are you willing to wait to receive your promised services? 

Not only do inefficient services wear down a client’s patience, longer operations are inherently more expensive - so, in a way, you wind up spending more money to deliver a less satisfactory product or service.

Not good - but again, easily fixable with more recent solutions, like automation. Automation makes operations a lot quicker by eliminating rote processes, accomplishing this as your employees work on other things. 

Finally, you have to consider your business’ security. When so many cyberattacks are now run almost completely self-sufficiently, the protections that your business relies on will have to work far faster than any human being could.

On the other side of the coin, an increasing amount of cyberattacks are relying on human fallibility in order to take root. When phishing attacks (think the Nigerian Prince scam, but more refined and directed to your users) targeted a reported 76 percent of businesses in 2018, you need to know that you and your employees can spot them. By helping you implement the security solutions you need to protect your business on the digital side of things, and by educating your employees on how to spot threats and issues, Coleman Technologies can help keep your business safe and competitive.

Our team would be happy to talk to you about implementing the IT solutions your business really does need to remain competitive. We can also remotely maintain it for you, allowing you to go about your business without having to worry about it. Please, reach out to us at (604) 513-9428 to learn more.

First, let’s delve into what ITAM actually covers.

Understanding ITAM

Consider all of the internal resources that your business uses, with the exception of your living, breathing employees. Everything that’s left can be considered an asset. ITAM narrows this down further into specifically the assets that pertain to your comprehensive IT infrastructure. This includes:

• Hardware (like workstations, servers, printers, etc.)
• Software (antivirus, productivity titles, etc.)
• Any Peripherals (Keyboards, computer mice, other devices)

With these assets identified, ITAM assists you in tracking their purpose, how they interact, and other crucial details. This means, as you’ve likely realized, ITAM covers a considerable breadth of your resources, which makes it important that you keep it organized.

How ITAM Helps

A well-organized ITAM can help you save time and hassle by streamlining your processes, simply by keeping the data you need in a manageable and accessible record. As a result, you can make a variety of processes easier through improved data. This data can also help inform you of potential issues, or of the minimum requirements you have to meet to implement change.

Making the Most of ITAM

As promised, here are a few ways that you can optimize your use of IT asset management practices.

• Make it a proactive process. Managing your technology assets needs to be something that you start before you are required to do so, and that isn’t abandoned after reaching a certain milestone. This will help keep you prepared for a wider range of circumstances.
  
  
• Leverage automation. While Excel used to be an invaluable tool for asset management purposes, there are better options now that don’t require you to contend with spreadsheets that extend into the thousands of rows. Not only are automated solutions easier to manage, they come with a valuable set of added features to make your work life that much easier.
  
  
• Track your assets. This one especially applies to your software. There is often a difference between what an agreement says can be deployed, and what can be deployed practically. Keeping your agreements and receipts helps you pass audits by proving compliance.

Coleman Technologies can assist you with your IT assets. To learn more, reach out to us at (604) 513-9428.

Create Procedures for Both Routine and Emergency Patches

Many patches are released on a predictable schedule, so as to make it easier to keep up on patches - after all, if you know that a patch is going to be released on a certain date, you can set aside time to apply that patch. There are also emergency patches that are released when a vulnerability is discovered and remediated.

As you might imagine, both are important to maintain - one, to keep your business as free as possible from vulnerabilities, and second (and perhaps more obviously), to keep your business secure in the face of an impending threat. That’s why you need to make sure you have set processes in place to ensure that all patches are tested and applied. While it may not always be a pressing security issue, it is better to be prepared for anything that the vendor is concerned about.

At Coleman Technologies, we always build out and update our procedure, and test updates before they are applied to prevent downtime and other issues. It’s all about working smarter, not harder.

Have a Controlled, but Realistic, Environment for Testing Purposes

Let me ask you a hypothetical question: someone comes up to you on the street and offers you a pill that would make you immune to the common cold, but with no peer reviews by any medical board or the FDA. So, do you take it?

I would hope you would say no, simply because you have no idea of the effectiveness of the pill without it having been tested. Patches are the same way. Without any testing, you simply don’t know how well the patch will work, or if it will interfere with another process. Before you apply any patches to your primary infrastructure, you need to have made these evaluations in a reasonable approximation of it. An effective means of doing so is to spin up a virtualized environment and stress-test the patch there, before actually applying it - just make sure you give your tests enough time to produce trustworthy results.

Keep Track of When Patches Are Released

Depending on the hardware and software you use, patches are going to be released on a different schedule. This is because different manufacturers and vendors manage their schedules differently. Just look at Microsoft and their famous Patch Tuesday (typically the second and sometimes the fourth Tuesday of each month). In order to properly keep your patches up-to-date, you need to know when to expect them.

For assistance with your business’ patch management, you can always turn to Coleman Technologies. Give our professionals a call at (604) 513-9428.

Shake to Minimize

Sometimes when you are working in any Windows platform, you will have too many windows open and you just want everything out of your face except the thing you are currently viewing. Well in Windows 10 there is a cool little feature you can use to make that happen very quickly. Just take your mouse (or your finger if you have a touchscreen) and click-and-hold the title bar of the app you are working in and shake it back and forth. This will minimize all other open applications. To get them back, simply repeat the action.

Choose Folders on Start Menu

The start menu is extremely useful in Windows 10, but sometimes it can get cluttered. To choose which folders you want to see on your Start Menu go to Settings > Personalization > Start then click on the “Choose which folders appear on Start” link at the bottom of the screen. From there you can toggle the folders you want to see in your Start menu. 

Find the Original Control Panel

The settings options in Windows 10 are far and away easier to use, but if you are one of those people that likes working with tools they know, the old Control Panel is still available in Windows 10 as it is still the go-to option for customizing advanced options. The easiest way to access the control panel is by clicking on the Cortana icon on the taskbar and typing in “control panel”. It will give you immediate access to all user settings. 

Selectively Sync Folders with OneDrive

One of the best parts of using Windows 10 is the integration with OneDrive cloud storage. Windows 10’s OneDrive integration provides users a lot of flexibility. To sync folders with data stored in OneDrive, make sure OneDrive is running and right-click on the OneDrive icon in the notification area. Select Settings and then navigate to the Account tab. Under the Account tab you will see the option to “Choose folders”. Click on choose folders and you will see a list of the folders you have in OneDrive, select the ones that you would like access to through Windows 10 and select OK. Now you have access to this data through your File Explorer in Windows 10.

Customize Your Application Notifications

Having too many notifications is one of the most frustrating parts of modern technology. To keep from being bogged down with too many notifications, you can customize which notifications you see in Windows 10. To do so, click on Start > Settings > System > Notifications & action. Once there all you have to do is scroll down and select the notifications you want on, and which ones would be better served not notifying you.

Windows 10 has hundreds of options for any user to customize their experience. Check back next week when we provide some more advanced tips on how to best experience the OS.

The first considerations you need to make are fairly straightforward.

Cost

You really do get what you pay for. Rather than settling for a cheaper system with plans of replacing it later, make sure you select a system that can be upgraded and expanded (yes, there is a difference). That way, you can avoid doubling your costs by eliminating the need to procure more than one system. It also helps to seek out a vendor that can supply all the needs your business has - like additional hardware for your POS, or enhanced software to power it - to simplify your processes.

Integration and Implementation

As mentioned before, your POS system should have the ability to grow as your needs of it do. For instance, while you may want to implement customer pagers at some point, it is probably wiser to focus on the essentials - like receipt printers and cash drawers. However, you will also want to make sure that your POS system has the capability to be upgraded to incorporate more advanced features as your business grows.

Tracking

Although this isn’t too far off from integration, you may want your POS to integrate with your inventory system, your quoting system, your CRM software, or any other business app on your network. Depending on your needs, you might even want your security cameras to pull a feed from your POS system to record purchases.

Support

Let’s face facts… you don’t want to find your POS system experiencing technical difficulties without anyone available to help you resolve them. Whether its complications with the software itself or a hardware issue, you need to be sure that support is always available to you.

When running a business, it is crucial that you have the technology to properly take payments. Coleman Technologies can help ensure that you are prepared to do business with reliable solutions. Give us a call at (604) 513-9428 to get started.

Fortunately, there is: password management systems.

What Are Password Management Systems?

A password manager is effectively what it says on the box: it’s a program that keeps track of your passwords for you. While these are available for individual users, we are more concerned with those that are meant for businesses to leverage.

These solutions have a reputation for being complicated and time-intensive to set up. However, this no longer has to be the case, and it is now more important that you find a solution that offers the features that every business needs to prioritize.

What to Look for from a Password Manager

During your search, you will want to make sure your chosen password management system offers the following features:

Security

While this may seem obvious, not all of your password management options will necessarily offer the same protections or follow the same practices. For instance, standalone password managers are inherently more secure than those tied to another solution, like a built-in one in your browser of choice.

These separate solutions usually have additional features to assist your security as you use them. Good password managers will remind you of best practices if too many saved passwords are the same or too weak and will require multi-factor authentication to be accessed in the first place. It also wouldn’t hurt to find one that also notifies you when you’re due to update some of the passwords you have saved.

It should also never save one password: the master password used to access the solution itself. That is still the user’s responsibility.

As far as behind-the-scenes security is concerned, you should find a password manager that is itself protected by a variety of security features, like encryption, role-based access, and secure cloud storage.

Storage Considerations

Determining where your credentials are kept by the password manager is another important detail to keep in mind, largely as an extension of your security considerations. Does your password manager save your passwords to the cloud, or are they kept natively on the device? Either approach has its pros and cons.

If the cloud is leveraged, your credentials will be available to you on any of your devices… but this does put your credentials in the crosshairs if that cloud solution was ever breached. If you keep your credentials stored locally, you won’t risk losing them in a cloud storage breach, but they are still vulnerable. For instance, if that device fails, there go your passwords.

Generally, this won’t have much impact on the solution you choose, as most enable either option, if not a combination of both.

User Friendliness

As difficult as your password manager should make things for cybercriminals, it should make simple for your legitimate users - starting with adding and removing them to the business’ accounts. They should find it easy to change their password as needed, and your password manager should automatically log a user into a website or application. If it senses that there are not currently credentials for that site, it should offer to save them.

Coleman Technologies has plenty of experience dealing with password security, which means we’re familiar with password managers and maintaining them. If you’d like assistance with selecting, implementing, and utilizing one in your business, let us know! We’re just a call to (604) 513-9428 away.

Password DOs
Password security doesn’t have to have a nuisance. Here are some of the easiest best practices to follow when building a password.

• The longer the password, the better: Long passwords are better for security than short passwords, but only if the password contains a varied-enough string of characters. You should aim for at least 16 characters.
• Special characters, numbers, and symbols are great for security: A strong password will contain both forms of letters, numbers, and symbols.
• Alphanumerics are ideal: If you’re trying to improve security, use alphanumeric passcodes. Try replacing a lower-case “i” with an exclamation point, or an “a” with the “@” symbol.
• Passphrases work wonders: If you find passwords are hard to remember, a passphrase might help. Use a short phrase that is easier to remember, but difficult to guess. A good example is, “iL0veW@ffle$2much” instead of “ILoveWafflesTooMuch.”
• Password variety is key: It might seem counter-intuitive to use multiple passwords that are difficult to remember, but it’s much more secure to use different passwords for each of your accounts. If the same password is used for each account, all it takes is one breach to expose multiple accounts to risk.

Password DON’Ts
Of course, best practices are more than just what you practice; it also includes what you don’t practice. Here are some pointers.

• Avoid words like “password”: Some of the most common passwords out there include “password” and “notapassword.” You should avoid using these whenever possible, as they are often the first ones to be cracked.
• Avoid key strings like “qwerty”: Strings of characters with consecutive keys, like “qwerty” and “12345678,” should be avoided at all costs.
• Don’t include sensitive information: You wouldn’t believe how easy it is to find sensitive or personal information about an individual--especially if you are the target of a hacker. To make sure a hacker can’t use any information contained in your password against you, avoid using anything like this in your password altogether.

Coleman Technologies can equip your business with a password manager to improve network security and better manage account passwords. To learn more, reach out to us at (604) 513-9428.

Stay Organized Whenever Possible

Any business owner receives countless emails on a daily basis, and when they all collect in one place, they can quickly become overwhelming. The issue with this is that, when you have to focus on too many messages at once, it’s more likely that you’ll miss important messages, focus on the wrong tasks, or even respond to messages thinking they are different ones, creating some messy confusion. If you can’t determine what’s important in your inbox, how can you even be productive? We recommend placing filters on your inbox so that you can determine a message’s importance, sender, topic, and even more to navigate and sort your inbox in the most efficient way possible.

Allocate Time to Your Inbox

You should always set aside a specific amount of time every day to deal with the emails you receive. If you don’t, chances are that you will get sidetracked by a task and possibly miss out on responding to important emails. One thing to keep in mind when considering how quickly you should respond to emails is that messages that are the most important aren’t going to come in your email inbox. The ones that are critical will likely come in other forms, such as someone within your organization knocking on the door or giving you a phone call to make the issue known.

Use Alternative Communication Methods

If you find yourself stuck with a perpetually full inbox, perhaps you could benefit from sending or receiving fewer messages. If the message is short or a simple notification, perhaps it would be better to use alternative means of communication, such as an instant message. This is particularly great, as it cuts down on the back and forth required for a quick conversation, as well as takes the urgency out of a situation.

Make a Quick Phone Call

Sometimes a matter is too important to leave to an email. In cases like this, making a phone call is the most prudent. Furthermore, meeting in person can take this advantage one step further, as you eliminate the possibility of intent being misconstrued altogether, making it much easier to be as clear as possible.

To learn more about how you can eliminate the pains of email, reach out to us at (604) 513-9428.

Before we go into depth about network and cybersecurity, we’d like to point out just why they are so important. You invest a lot of time and money into making your business what it is. You pay a lot of money for hardware, software, services, and time to give your business a chance to succeed. The act of protecting your business, its staff, vendors, and clients is one that should be taken seriously, because if any are compromised, your business is in trouble.

The Protection of Business Computing

Today’s business uses a computing infrastructure that is much larger and complex than most and includes considerations outside the physical confines of the network. Cloud services have become a very popular product for businesses and individuals alike. Cloud services are hosted in some other place, and by companies that have taken great diligence at securing their solution. For obvious reasons, you can’t guarantee that your cloud-hosted data is 100% secure, but logic suggests that a company offering computing services over the Internet would be in serious trouble if they were to have their security compromised.

These services all have dedicated access control systems that are designed to only let authorized users in. Some organizations also require their staff to utilize two-factor authentication to secure the solutions further.

This brings us to the perimeter of the network. Regardless of a company’s ineptitude with cybersecurity, there is typically some form of firewall that stands between the Internet and the company’s network. If the firewall is properly maintained with threat definitions, it will stop a good amount of unwanted traffic. It’s just not enough. With the immense amount of attack vectors threats are coming from nowadays, a stand-alone firewall is like a single sheet of flypaper in front of a window.

Going the Extra Mile

In order to keep their business’ data and infrastructure safe, many organizations have begun to utilize Intrusion Prevention Systems (IPS). These systems include Intrusion Detection Systems (IDS), software that attempts to block determined threats, and logs network traffic so that IT professionals can go in and see the current state of the network.

For years, this would have been enough technology to keep most threats out. Nowadays, however, it’s really just getting started being vigilant. If you consider your network to be like an onion, you need to understand that each layer needs to have its own set of security protocols that typically come in the form of a dedicated access control system and a firewall.  This way, every “layer” is protected from its perimeter, to the applications, to the databases that hold all your data. This tiered access control system is designed specifically for your needs and is in place to do one thing: protect your assets.

It also works to protect your business against the biggest digital threat on the Internet: phishing attacks.

A phishing attack is where someone outside your network tries to infiltrate it by passing off some form of correspondence as legitimate. It’s all a fraud. Verizon, who does an annual study of cybersecurity, found that around 90 percent of all network attacks are the result of successful phishing attacks. Unfortunately, there is no piece of software out there that will make phishing attacks completely benign. That is why training is so important.

Training Your Staff

Training your staff about phishing (and cybersecurity in general) has to be a priority. You’ve spent a lot of capital and time building what you have, and the thought of losing it because you bullheadedly forged ahead without getting your staff trained up properly could be thought of as shortsighted.

A phishing attack is now the preferred method of hacking. Since security systems have evolved to be hard to crack, hackers now look to use your staff’s legitimate credentials to gain access to your network, applications, and databases. By training your staff about phishing, specifically what to look for, how to react when they come across phishing attacks, and what the consequences of a phishing attack can mean for your company, you should be in a better position to protect your network, infrastructure, and data against the onslaught of outside phishing threats.

To learn more about how to secure your network, train your staff, and acquire the technology you need to protect your business, reach out to Coleman Technologies today at (604) 513-9428.

Need #1: Security

In order to be successful, a business needs to have the security necessary to protect its resources. The first step to accomplishing that, is to identify any weaknesses in its infrastructure through a preliminary IT evaluation known as an IT risk assessment. This assessment can reveal where a business is the most vulnerable. At that point, these flaws can be mitigated using tools like firewalls, antivirus, and multi-factor authentication - tools that either SMBs or enterprises can (and do) use.

With SMBs increasing their use of cloud services, a large portion of this process should be fulfilled by the cloud provider. However, the business leveraging the cloud provider needs to make sure that the provider they have selected is able to uphold what they have promised as part of their service-level agreement. If this is the case, the SMB could find themselves in the position to leverage enterprise-caliber security solutions, for a cost that fits their budget.

Need #2: Data Storage

While their budgets put enterprise businesses in a much more favorable position to create an infrastructure that can contend with their operational needs, this is not to say that SMBs are left without any options. Any good data storage solution will perform well based on a few benchmarks: how well it works, how often it works, how easily it can be accessed, and how easily its contents can be searched.

The enterprise business has quite a few options to leverage, such as data tiering (where data of differing importance is stored on different servers) and higher-performing data storage solutions. If this is starting to sound expensive, it is - but again, thanks to the cloud, SMBs aren’t left without options, either. With scalable Infrastructure-as-a-Service and Platform-as-a-Service being available for a much more affordable rate, SMBs are able to leverage the advanced tools that would otherwise only be available to corporate-level businesses.

Interested in leveraging some of these capabilities in your business, or want to find out more? Reach out to the professionals at Coleman Technologies! We have the experience necessary to bring your information technology to the corporate level. Reach out to us at (604) 513-9428 to learn more.

Operations change over time. It’s likely that your business’ operations don’t even remotely resemble what they were in previous years. For example, mobile technology first became more popular for computing around the year 2013, and “unified communications” was a hot commodity in the business world. Nowadays, productivity and collaboration solutions using mobile devices are some of the most basic solutions out there.

Many organizations fall into the trap of believing their past successes guarantee their future, but this isn’t necessarily the case. The reverse could be true. Here are some questions to ask if you suspect that your organization could be falling into complacency:

• Are any potential changes or growth opportunities avoided or rebuffed through the use of highly selective facts?
• Do conversations amongst your team skirt around topics like new markets, possible competition, or other developing business opportunities?
• Are failures used to postpone new attempts instead of as learning moments?
• Do meetings frequently end in a holding pattern?

Any of the above questions indicate whether or not a business has gotten too comfortable, preventing them from making sound decisions. Thankfully, once you’ve identified this complacency, it becomes easy to resolve it. Try asking these questions about your business, its policies, and its culture:

• Is there any way that your processes could be made more efficient?
• Does your business plan reflect the goals that your business is currently striving for?
• Is your service offering a good fit for your current audience? What needs will they have in the near future?
• Are there any technologies that could soon cause a disruption in your market, or could be used as an invaluable tool?
• How engaged are your employees?

Answering these questions will give you all the ammunition you need to put together a solid understanding of what your business needs to do on both a local and industrial level. Of course, this can be challenging as well, as you might encounter issues that need to be resolved before you can make progress as a business.

Coleman Technologies can help your business implement IT solutions designed to keep your business running efficiently while still maintaining the status quo. To learn more, reach out to us at (604) 513-9428.

It Gets the Job Done
You can’t share information about your goods, services, or business if you can’t get the consumer’s attention. Digital signage has the potential to outperform other traditional media types to catch the viewer’s attention. If you don’t have enough room for all of the displays you want to share, digital signage might be able to help you better capture the message you want the viewer to walk away with.

It Makes Your Audience More Patient
If you find yourself at a loss for words, you can instead let the digital signage do the talking in certain cases. In other words, if you have a lot to get done but not a lot of time, you can use your digital signage to distract your audience long enough to enact what you need to accomplish. This is especially true in customer-facing establishments. After all, everyone appreciates something to look at while they’re waiting.

It’s More Affordable
Digital signage might require a significant up-front investment, but it saves you money in the long term thanks to its ability to change to anything you want your sign to say. There are minimal costs of upkeep related to digital signage, with the only real one being the occasional software update and the image it will display. You’ll save not just money, but spacial costs associated with the signs. Your solution will pay for itself in the long run.

You don’t even need a special display of any kind--just a simple television with the right inputs will work the way you need it to. If you’re looking to get started with digital signage, Coleman Technologies can help. To learn more, reach out to us at (604) 513-9428.

Google.com
There are few resources out there that are as valuable as Google’s website. Even the act of “googling” something has become a verb. Granted, “googling” a query might not yield the results the user is expecting, which can lead to frustration. By effectively using search commands, you can make any Google search more accurate, saving time better spent actually using the plethora of knowledge you have at your fingertips.

Tip #1: Use the Tabs
Google has built-in search functionality for images, videos, news, and so much more. There are tabs for images, news, videos, maps, shopping, books, flights, and finance. You can use each of these to narrow down the results you get when you make a specific query.

#2: Use Quotes
Even if you type in what you’re looking for, Google will sometimes misconstrue what you’re looking for as something else. If you’re looking for a specific phrase, you can use quotes around it to find exactly what you’re looking for.

Example: “happy days”

The results will be the term or phrase exactly as it’s typed.

#3: Use a Hyphen to Exclude Words
Think of the hyphen as the “minus” sign of Google searches. If you have a word that you’d rather omit from a search, place a hyphen in front of it.

Example: scale -weight

By removing the topic of one of the homonyms from the equation, you will get more targeted and accurate results.

#4: Use a Colon to Search Specific Sites
If you know that what you’re searching for is found on a specific website, you can limit the search to that site with a colon.

Example: Virtualization site:azure.microsoft.com

In the above example, you can also use a specific keyword to include it in your search.

#5: Search Locally
Google can determine your location, giving you a lot of power to find local businesses, restaurants, institutions, you name it. Just type it into Google.

Example: Laundromats nearby.

Just make sure you have your location services on if mobile. Otherwise, the search engine will use your Internet connection’s IP address to figure out what’s close to you.

What are some of your favorite ways to use Google? Let us know in the comments.

Let’s face it, if your business operates anything like most do, you have far too many of these processes for anyone to reasonably remember. This means that making sure that your processes are both comprehensively recorded and accessible for your employees to reference is a crucial facet to your productivity.

Fortunately, doing so is relatively simple, as long as you go about it properly.

Step One: Identify What You’re Documenting
The important thing to remember about creating documentation is that, unless the task itself is incredibly granular, making the documentation too specific isn’t going to help anyone. On the flip side, any documentation that is too vague isn’t likely to provide anyone with the value that it should.

You need to store your documentation in a centralized place that all employees can access. It helps even more if there is a system in place to allow you to search the contents of each document, sort them in various ways, and highlight changes and edits made to processes. In other words, utilizing a document management system or a knowledge center of some kind will go a long way in preserving the functionality of your processes. There are plenty of tools and applications out there for this, and we can help you choose the best one for your situation based on your specific needs.

Step Two: DIARI (Do It And Record It)
This step will form the basic shape of your documentation, as it will create a step-by-step guide to completing the task as a whole. You’ll need to go through a run-through of the process you’re trying to document, recording every step you take.

Don’t be shy about including details, either. For instance, if your process will require the same questions to be asked each time it is put into action, include the list of questions in your documentation. If someone is supposed to be contacted specifically, identify them in your documentation and provide their contact information.

From here, you should have a pretty good handle on how the process typically goes down… and the insights to make it even better.

Step Three: Refine, Repeat, Revise
When you were running through your process, were there any steps that would have made more sense to do earlier so you could be better prepared for a later responsibility? Try rearranging the steps in your documentation and trying it again. Did it work better, or worse? Take these observations into account and act accordingly.

Really, once you commit the time to doing it properly, creating invaluable and useful documentation isn’t that difficult of a process. You can even bring multimedia into it, if it’s a good fit, using tools like Steps Recorder on Windows.

For more handy IT tips, make sure you subscribe to our blog!

Today, we aim to fix that. We will review why a Google account is so important to keep secure, as well as a few means and methods of doing so.

How a Google Account Can Be So Valuable
The purpose of the Internet has evolved greatly in the relatively few years it has been around. Today, the Internet is largely used as a communications and information sharing tool - true to its roots. This is where the name Internet comes from: inter (reciprocal or shared) and network (a system of connected things). However, as new purposes for the Internet emerged over time, circumstances changed, and the view of the Internet shifted.

The Internet was always meant for sharing information, from the very first inklings of an idea. In 1962, J.C.R. Licklider of MIT wrote up a series of memos that illustrated a system of interconnected computers, intended to share programs and data the world over, that he coined the “Galactic Network.” This idea of sharing information was also the driving force behind Sir Tim Berners-Lee’s development of the World Wide Web. As Sir Berners-Lee said:

“Had the technology been proprietary, and in my total control, it would probably not have taken off. You can’t propose that something be a universal space and at the same time keep control of it.”

In many ways, these ideals are retained in today’s environment. Online sharing is at its peak, social media and collaboration fulling leveraging a network that is, for the most part, still free of control by any central source. These are ideals that have developed into the demand for net neutrality and open-access information. However, while these ideals have been largely upheld, there are a few notable caveats that give us a more accurate view of today’s Internet.

As the Internet grew in capability, it also grew in utility… many of which featuring the need for greater security and privacy. With the confidential information that only select users should be accessing growing in popularity within Internet-based communications, this spurred a balance to the Internet that both individuals and businesses can appreciate, and that Google has shaped its offerings around.

From its beginnings as a dissertation project by two Stamford doctorate students, Google has grown into the dominant force online today. Businesses use its G Suite applications every day, as private users leverage some of their other services to their own benefit. Many people, both for business and personal use, leverage Gmail. Let’s face it, Gmail is just useful, whether you use it for work, or just maintain an account to open accounts with other web services.

It is this last point that makes your Google account’s security so important to maintain.

How many of your online accounts are accessible by Google? On the subject, how many of your accounts would be compromised if your Google account was first?

The Impact
This is the double-edged sword of a Google account. On the one hand, it only makes sense to use a Google account to create others, either using your associated Gmail address or linking it directly. The convenience is inarguable, and Google does equip these resources with reasonable security standards. So why not use a Google account?

Unfortunately, there’s one critical consideration that doing so adds into your security equation, that many overlook:

Linking an account to your Google account ties your Google account’s security to it directly.

This means that, if your Google account was to be compromised, all of the accounts you had connected to it are also compromised by association. Depending on what you had saved in this way, that could have some devastating ramifications.

Finding Out How Devastating
If you’re on your desktop right now, you can access your Google account by clicking here. In the Security section, you can review all the devices that your Google account has been active on, all the third-party applications with access to your account, and all the websites that are utilizing Google Smart Lock.

Is this list longer than you would have expected? Does it include your bank?

If it does, all it would take for someone to defraud you would be to access your Google account--or even lock you out of your own bank, resetting your bank credentials by using your Gmail account to activate an account recovery process.

A Solution
Again, this creates a conflict between two priorities: convenience against security. While the convenience could make anything that you use online more efficient in both your professional and personal life, nothing is worth compromising the security of either. So… where do we stand?

Like any conflict between two interests, the ideal place to meet is in the middle. In this case, it is the conclusion that you can have the best of both worlds--you just have to make sure that your Google account is secured properly.

While it would be great if there was, there just isn’t an option somewhere in Google you can select to make everything perfectly secure, just like that. Having said this, it is just a matter of taking a few precautions.

Securing Your Google Account
The first thing to securing any account is to understand that it isn’t a one-time activity and will need to be revisited periodically to make sure that everything remains secure. You should keep an eye out for news stories that discuss breaches among any of the organizations you have an account with, as you will still need to alter your credentials for these accounts.

Once this is set, there are a few best practices that it would be in your best interest to follow.

Passwords and Account Security
While all of your accounts should have the protection of a strong password, the fact that your Google account serves as a repository for your others make it only more crucial to implement one to its authentication measures. To accomplish this, make sure the password or passphrase you select is well in keeping with best practices, and that your Google account is the only account secured with it.

You should also be careful about what you are using to access your account. Any device that is available to the public should be avoided, as they are not only magnets for viruses and other digitally-based cyberthreats, but a cybercriminal could potentially retrieve your credentials from the device you used and thereby gain access to your account. Public Wi-Fi signals can have very similar issues, so use a secured, private connection whenever possible.

Two-Factor Authentication (2FA)
There is also the option to make your Google account ask more of someone trying to access it, a secondary code sent to you in a text message, delivered in the Google Authenticator application, or dictated through a direct call to your mobile device. By enabling 2FA, you can greatly decrease the likelihood that a cybercriminal will have everything they need to get in, assuming they don’t have access to your phone as well. We generally recommend that you utilize Google Authenticator, as it is the most secure of those three options.

You can also use your Google account to access a list of one-time authentication codes that you can print out and keep with you. This way, if you need to access your account and don’t have your phone handy, you can reference these to get in. If you run out of codes or lose the list, you can easily reset them and start over.

To set up these features, log in to your Google account.

At the end of the day, you don’t have to sacrifice the convenience of Google, as long as you have protected it responsibly. Coleman Technologies has the expertise to help you manage this security, as well as the rest of your business’ IT solutions and infrastructure. Call (604) 513-9428 to learn more.

The Internet of Things Shapes Security Policies
Connected devices are now commonplace in both the personal lives of users and offices all over the world. The Internet of Things typically consists of devices that can connect to the Internet, but aren’t traditionally connected devices, like home appliances and other objects. To protect themselves from the security issues related to these devices, businesses have implemented solutions and tried to control devices brought to the office by their employees. Basically, you need to determine if the measures you are taking are adequate to ensure IoT devices aren’t going to become a problem for your organization. If you take action now, you decrease the risk of these devices compromising your security.

Ransomware Decreases in Usage, But It’s Still Dangerous
As of last December, Malwarebytes indicates that the rate of direct ransomware infection has dropped to about 10%. This is a major change compared to the ransomware spike that occurred in 2017. Of course, it’s still important to ensure that you are protecting yourself from this dangerous malware, as well as have plans in place to recover from an encounter with ransomware.

Cryptomining is More Popular than Ever
One big development in 2018 is an increase in cryptomining threats that can install themselves on devices and covertly mine Bitcoin without the user’s knowledge. These kinds of threats can have side-effects on your computers that can slow down the device or create more work for the device than usual. You definitely don’t want cryptomining software on your device, so be sure to protect it from these threats as well with a comprehensive security solution and active resource monitoring.

Proactive Security is Still the Best Option
Thankfully, more organizations are seeing the benefit of actively preventing security threats from becoming an issue by implementing proactive solutions on their infrastructure. This includes patching vulnerabilities and updating software as soon as new fixes are issued, as well as seeking out threats on a regular basis to eliminate anything that has potentially installed on their devices. This basically takes a reactive approach that some businesses still rely on--resolving issues as they pop up rather than preventing them entirely--and converts it to a proactive stance.

IDG has released a new survey that reveals the security priorities of many businesses. These respondents found that the following aspects of network security were priorities:

• 74%: Best practices
• 69%: Compliance mandates
• 36%: Responding to a security incident that occurred in their own organization
• 33%: Mandates from the board of directors
• 29%: Responding to a security incident that occurred in another organization

Cybersecurity is more important than ever before, so how is your organization working to keep itself safe? Coleman Technologies can help. To learn more, reach out to us at (604) 513-9428.

Let's look at the definition of disaster.

dis·as·ter

A calamitous event, especially one occurring suddenly and causing great loss of life, damage, or hardship, as a flood, airplane crash, or business failure.

To Coleman Technologies, a disaster is anything that involves a major loss of data or major downtime. When one of our clients experience a server malfunction that leaves most employees sitting idle unable to work, that is a disaster.

The Cost of a Disaster

Downtime is a very terrible expense to not try to avoid. Try this simple formula for yourself:

Number of Employees Affected by an IT Outage X Average Employee Hourly Cost (NOT WAGES)
+ Average Company Hourly Income X Percentage of Income Lost Due to the IT Outage

This simple formula will tell you about how expensive every hour of downtime is for your company. The hardest value in the formula is understanding the percentage of income lost. Not all companies might have a figure, but you will want to consider it as you do the math. This doesn't include the cost of repair, consultation, parts, or any of the remediation required to get things back up and running.

Disaster's Harbinger

Disaster can strike from any direction. Hard drives can go, data can be corrupted, hardware can fail, and networks can go down, and systems can become infected with viruses and malware. User error can cause disaster, as well as theft and other malevolent activity. While companies should take precautions to safeguard themselves against threats both external and internal, and managed maintenance can prevent a lot of foreboding issues, having a solid disaster recovery plan can mean faster turnaround when there is devastating downtime.

Employing a disaster recovery plan starts with the data - your most important IT asset. Computers can be replaced, hardware can be repurchased and software can be reinstalled. Your data is the culmination of countless hours of work by all of your employees ever. It's no wonder why most businesses that suffer a major data loss go out of business within the first year. You can lose your credibility, and things go into disarray. Data needs to be backed up.

Your backed up data should be archived regularly offsite. Most importantly, your backup solution needs to be easy to test, and tested regularly. You don't want to find out your backups are corrupted when it is too late.

The time to put together your company's disaster recovery solution is now. Contact Coleman Technologies at (604) 513-9428 to talk about solutions for safeguarding your data and your business in the event of a disaster, large or small.