Digital monitoring is a bit of a contentious topic in business, but according to a survey from Gartner, it might not be as contentious of a topic as previously thought. In fact, employees are often in favor of digital monitoring under the appropriate circumstances, as long as it doesn’t get in the way of their jobs.
Coleman Technologies Blog
Password changes, multi-factor authentication, and countless changes in policy and procedure can make daily workflows more and more complicated. Cybersecurity can truly be a pain—a necessary pain, granted—but a pain nevertheless, and one that can gradually lead to burnout if you aren’t careful. Let’s go over how to mitigate the likelihood of it.
Technology is only effective in the hands of the right—or, at least, well-trained—employees. To work toward this goal, you’ll have to ramp up your hiring processes to ensure you garner the interest of the right candidates for the jobs. Nowhere is this more true than for your IT department. Let’s go over how you can make your business an attractive employment option for skilled and innovative technicians.
Whether or not you believe acronyms are an acceptable form of speech, some people might use them habitually or instinctively even for business communications. Of course, they don’t have much place in this context, but habits are hard to break. To address this issue, one innovative thinker has created a tool that can help determine if the acronym “LOL” is sincere or not.
With technology playing such a massive role in modern business processes, having someone in the higher ranks to oversee it is a huge advantage. This is the role of the Chief Information Officer—the CIO—which makes them an integral part of the modern C-suite.
So, what kind of thing does the CIO (or your business’ equivalent of it) need to know and consider in order to fulfill their role?
Hot desking—the workplace organization method wherein there are no assigned workstations—has an assortment of pros and cons to it, but many companies are finding the more fiscal benefits to be worth the trade-offs. Let’s explore some of the pros and cons of hot desking, and go over a few tips and strategies that will help if you choose to implement it.
The average person will spend an estimated one-third of their life at work. One third. That’s a lot of time, providing plenty of opportunity to accumulate stress. Over time, these emotions could potentially overwhelm your employees and lead to a breakdown. This is, naturally, harmful to your business, so let’s explore some strategies you can share with your team to help them deal with their workday stresses.
It doesn’t matter if your workplace is your typical office space or if it is remote. There will always be factors that can contribute to burnout. These struggles are not exclusive to the location of the office, and if left unchecked they can impact work performance, productivity, mental health, and so on. It’s important that you have coping mechanisms and strategies in place to address burnout before it becomes too severe to counter.
Love it or hate it, remote work is here to stay—particularly now that many people have experienced it for themselves and have no intention of giving it up. However, many employers are going to want their employees back in the office to some degree. How can a balance be struck between these two sides? We posit that a hybrid work environment will play a role.
The User Experience and How Security Fits
Let’s face it, the majority of Internet consumers have no idea about data security until something terrible happens. Until they get malware, or get their identity stolen, or their accounts hacked, they assume that there is enough built-in security to facilitate any behavior online. This is not ideal, obviously, but there are a small number of people, around 29 percent, that have enough security awareness to avoid certain websites.
Power
To start, let’s go to perhaps the most basic need of any technology user: the energy required to keep their devices on in the first place. Let’s not split hairs—the average home office setup might not have sufficient outlets available for all the devices that need to be powered.
If this applies to you, you may appreciate someone giving you a nice surge protector to help expand the number of available outlets you have while simultaneously protecting the devices you plug in.
A Few Brief Disclaimers
Before we get into how this is possible, we should mention a few of the prerequisites of this process.
As of right now, the Windows/ChromeOS compatibility is clearly intended for enterprise use, as it is configured for company-wide setups and rings up an annual per-user cost of $70. Furthermore, the method we are covering here is only compatible on higher-end Chromebooks, with at least an i5 or i7 Intel Core processor, 16GB of RAM, and 128GB of onboard storage.
“What does—and doesn’t—work?”
To motivate your team to take ownership over their responsibilities and invest in your successful operations, you need to communicate that what they say has credence. Your team can be a goldmine of insights if you hear what they have to say. Think about it, they’re the ones that have hands-on experience using the tools that you’ve put in place.
Mobile Device Use
When working from home, the reasonable threshold for mobile device use is significantly different. Theoretically, you could talk to someone on speakerphone with the phone across the room (although you shouldn’t). However, there are other people with you in the office that you could potentially distract.
What Exactly is Passwordless Authentication?
Instead of using passwords, you would effectively verify your identity through alternative means such as a verification app, a predefined security token, or even biometric information. These forms of authentication aren’t exactly new--most smartphones have a biometric authentication system onboard--but now they are beginning to become the predominant way that IT administrators set up their authentication systems.
Let’s review what true collaboration is, and how you can lead your company towards more collaborative behaviors in your day-to-day undertakings.
Teamwork and Collaboration Aren’t the Same Thing
First, it is important that we define the difference between these two seemingly synonymous terms. While it is possible to work as a team without collaborating, collaboration requires some element of teamwork to be present.
Let’s start by examining the reasons for communications that businesses use to manage their internal processes.
- Information sharing - There is plenty of news that needs to make its way around any business. There are many different forms of communication that can accomplish this.
- Collaboration - Today’s business needs to use collaborative strategies more than businesses of the past, and communication is a big part of any collaborative endeavor.
Now, let’s consider a few solutions that can help you to accomplish solid information sharing and collaboration.
Information Sharing
When you think of internal communications at work, the lion’s share of it will fill this need. Employees need to know certain things to maintain continuity of a business. This includes the publication of policies, procedures, plans, or potential changes to each. To accommodate the sharing of all this knowledge, businesses use the following tools:
- Email - Email is the most tried-and-true solution for internal business communications because it works on every level. It is available, familiar, and with today’s email platforms, features dynamic tools that can help anyone get their point across.
- Newsletters - Some companies choose to roll out a company newsletter for their staff. In these newsletters there are spotlights on points of emphasis. If you choose the newsletter as the tool you want to broadcast your internal communications, however, it has to be understood.
Collaboration
Nowadays, collaboration is important for every business’ success. Business moves faster and if you don’t have some semblance of coordination between your employees in separate departments, it can cost more than time. It can be the difference between generating revenue and not. Here are some tools used to boost collaboration:
- Productivity Suites - Today, there are a lot of collaboration-based applications out there. They are designed for specific business needs, but the most effective are the productivity suites like Google’s G Suite and Microsoft Office 365 because they give you the collaborative tools and shared storage that any team needs to be successful.
- Chat Applications and Forums - Instant messaging apps have improved collaborations tenfold. Forums have been useful since the early days of the Internet. Today, developers have created apps that combine the two and offer hundreds of outside software integrations to help promote collaboration.
The IT professionals at Coleman Technologies have the expertise and access to solutions to help you solve any of your business’ operational problems. Call us today at (604) 513-9428 to learn more.
What is Social Engineering?
Think of it like this: online, you have some type of social currency. Your personal information, your data, your interactions, your profiles, they all add up to your online life. If someone were to use that information to trick you into providing them access to your secure online accounts, you would be the victim of a social engineering attack.
Basically, a hacker uses what amounts to the fundamentals of human psychology to gain unauthorized access to an account. Rather than exploiting a vulnerability within a system’s technology, a social engineer will take advantage of the human resources to gain access through relatively simple psychology.
Successful social engineering can be the result of many different actions. Some include: carelessness by an individual, perceived kindness, reaction to fear, and business as usual. Let’s take a look at these actions and how social engineering schemes work as a result.
Individual Carelessness
When there is a lack of diligence carried out by an individual, there are openings for a social engineering attack. This includes trash thrown out with information on it, keeping login credentials out in the open, and other careless actions. It’s important that you and your staff understand that the best practices of password protection, such as using a password manager, are crucial to maintaining the integrity of your company’s network and infrastructure.
Perceived Kindness
Many people won’t think twice about helping someone that asks for help. Social engineering attackers take advantage of the better angels of our nature, by using people’s helpfulness to gain access to secure computing resources. Any person can fall for this type of attack. This is why we stress that in order to keep your digital and physical resources secure, a critical eye for potential intrusion works. That doesn’t mean you have to be a jerk, but if a situation is presented to you that’s out of the ordinary, take anyone’s helplessness with a grain of salt.
Business as Usual
When we picture a hacker, we all tend to think about them the same way. They are brooding people sitting in a dark room typing away at a computer. In social engineering attacks, this couldn’t be further from the truth. A popular social engineering tactic is to gain physical access to a large business--where there are often a lot of moving parts--and then spend time at the business looking for ways into secure digital environments. This could also include straight hatchet jobs, where your employees would help people outside of your business sabotage your access control systems.
Reaction to Fear
Finally, fear is one of the best motivators. By striking fast and threatening all types of negative consequences if a worker doesn’t help them get into a secure computing system, this kind of cyberattack can be a major problem.
Coleman Technologies Can Help Protect Your Business
If you are looking to secure your network from cyberattacks, including social engineering, the IT professionals at Coleman Technologies can help. Call us today at (604) 513-9428 to learn more about how we can help you with the training you need to keep social engineering from causing problems for you.
Two years ago, a friend of mine had a swimming pool built behind his house. It had a real nice deck, a deep end, a slide for his kids, and a little sectioned-off shallow end that was heated with jets. Talk about a nice way to cool off after a long week! This pool was in constant use - his kids had pool parties, he hosted cookouts. This investment of his was bringing his family a lot of joy and happiness.
Fast forward to this summer. Apparently the ground had settled and shifted, causing a leak that not only slowly drains his pool, but has been washing out the dirt under the pool. Even worse, some of the excess water has found its way into his newly renovated basement. This is not an ideal situation.
Now the thing that used to bring my friend a lot of satisfaction is the bane of his existence. It’s a problem, and it’s causing stress and costing money.
Your business technology can work the same way. It’s designed to help you do more and keep track of more, but when things go bad, it can really be a disaster, especially if you’ve been relying on it.
My friend now hates his pool. He regrets it. In all seriousness, I feel terrible for him. More than half of the summer went by before he was able to get the problem fixed. By the time it was fixed, the joy that his swimming pool once brought him was gone. After a particularly hot weekend, I asked him if he was glad that he got his pool fixed so he could enjoy it again. He just shrugged and said it barely crossed his mind.
I was thinking, this guy must be crazy! I would have spent the entire weekend in this swimming pool. Then I realized that I’ve seen this before. I’ve felt this.
It’s really easy to get disenchanted by something that once made you excited or brought you a lot of joy. Once it’s a burden, you can get burnt out by it.
For a lot of business owners, your technology is going to feel the same way. There’s a lot of good it can do for you, but once you’ve dealt with years of annoying issues, unexpected bills, and users reporting problems, it starts to really weigh you down.
I don’t want any of my clients to feel the same way about their business as my friend feels about his swimming pool. I want your technology to work for your business. I want it to help you make more money, not be an expense. If anyone feels burnt out or let down by their IT, please give me a call at (604) 513-9428 so I can help you love it again.
That’s all I wanted to say; there’s no pitch here, there’s no IT lesson. You don’t deserve to be constantly frustrated by your IT, and it doesn’t have to be that way.
Preventing Phishing
Phishing has been becoming more and more of a favorite tactic by hackers, meaning that you and your employees need to look at any messages that come in via your email (or other solutions) with a critical eye. Here are some practices to help you minimize the influence of phishing on your business:
- Watch for “Urgent” messages (or, for that matter, “URGENT!!!!!!” ones). Many phishers will try to manufacture urgency to make sure you click without taking a moment to consider it may be an attack. Resist this knee-jerk response.
- Review in detail. Many phishing messages show distinct warning signs, such as blatant spelling or grammar errors (but this may just be the person you’re talking to as well). You can find other, more reliable signs by giving any links or the email address of the sender the “hover” test. Without clicking on anything, hover your cursor over the links and a small pop-up box will appear. This box will show you the address that really sent the email, or the link that you would actually be redirected to. Check to make sure all the details are kosher. For these reasons, it’s recommended that you don’t click on any links in emails. Instead, retype the URL into your web browser.
- Double-check with the sender. If you have access to another means of communication with the supposed sender of an email, reach out to them using that other means to confirm that they sent it. If they didn’t, it’s a pretty safe bet that the email is fraudulent.
- When in doubt, assume the worst. If you just aren’t sure how legitimate a given email is, don’t click around in it. Assume that it is a phishing attempt, and report it to your IT provider.
Establishing Safe Browsing Habits
Unfortunately, there are plenty of threats that reside online, and it is only too easy for a user to unwittingly allow them in. Make sure your users abide by the following policies to minimize the threats you’ll potentially need to deal with.
- Think before you click. Similarly to links found in emails, there are plenty of opportunities online to let in a threat. Consider what you’re clicking on before you do so. (The “hover” trick works well here too… check out the bottom of the window.)
- Reserve business computers for business purposes. Non-work-related browsing can bring users to websites that can host threats without the user realizing. Discourage your users from surfing the web, downloading content, and doing other things online unless they are work-related.
- Moderate access. Use firewalls and content filtering to keep unwanted content off of your network, and users from accessing unwanted content, respectively.
- Trust your IT resource. If you are even the slightest bit unsure about something, whether it’s a program you’ve been prompted to install or making sure your settings are focused on maintaining security, reach out to IT for assistance.
Enforcing Strong Passwords
It seems that everything requires a password these days, which makes it all the more important that you and your users are aware of how to keep them safe - especially in the workplace.
- Don’t recycle passwords. Once a password has been used and replaced, it is best to not use it again - this is why you’ll often find a “you have used this password too recently” message if you attempt to use it again within a certain timeframe. This is the same reason that passwords should not be used for more than one account - if that password is compromised, you’ve just lost control of multiple accounts.
- Avoid easily-guessed passwords. As a way to try and come up with a password that is easy to remember, many people will resort to using common elements in their password - pet names, maiden names, birthdays or anniversaries - or use a simple phrase or a string of numbers. The entire point of a password is to make it so that others are unable to access one of your accounts, so making it something that can be guessed is counter-productive.
- Consider leveraging passphrases instead. Passphrases are not only typically more secure than a password, they also have a tendency to be more memorable. Let me ask you this… which of these two would you find more memorable, “F4njUJ29S5” or “pearquiethigh?” You can also use basic substitution to make you passphrase more secure, turning our example into “pe@rqu!e+h!gh” instead.
- Use a password manager. One of the main reasons that people reuse passwords so often and neglect to change them is the fact that they are scared of forgetting them. A password manager can help reduce this by securely saving all of your different passwords behind one master password.
Protecting Your Business’ Data
Finally, there are many threats out there to your business’ data - including any you have on your clients or your employees. You have a responsibility to yourself, as well as these clients and employees, to make sure that this data is as secure as possible.
- Make sure your business’ data is backed up. There are so, so, so many ways that your business could lose its data. While it may be attacked, it could just as (if not more) easily be lost due to equipment failure, user error, weather conditions… the list goes on and on. If your on-site data is lost, you will want to make sure you have an up-to-date copy squirreled away in the cloud to reference.
- Protect your assets with access control. You need to be concerned about both the security of your digital files, and of your actual business location. If you’re using multi/two-factor authentication to secure your online resources, or requiring identity confirmation in order to enter certain areas of the business… you need to be doing both.
- Maintain your security solutions. The thing about security software is that it isn’t something that you can just set up and count on indefinitely. Attackers are always examining these solutions to find vulnerabilities, so it is important that you regularly update and patch the ones you use to keep them safe. Every solution you have should actually be set up with security in mind. A glaring example is your company’s wireless. Not only should that be secured with a password, it should be hidden away from outside users.
- Keep your payment options compliant. For your sake, and the sake of your clients, you should make sure your business is compliant to whatever regulatory standards that apply to it… including the Payment Card Industry Data Security Standard (PCI DSS).
Following these guidelines is a great start to ensuring your company’s security. Coleman Technologies can help get you this far, and beyond. Reach out to us at (604) 513-9428 to learn more about what we can do.