Secure Your Passwords Now

For years, we’ve been told that strong passwords include three things: upper and lower-case letters, numbers, and symbols. And why wouldn’t we when the National Institute of Standards and Technology (NIST) told us they were the minimum for robust passwords? Here’s why and how it involves you.

The Problem
The issue isn’t necessarily that NIST advised people to create passwords that are easy to crack, but it did steer people into creating lazy passwords, using capitalization, special characters, and numbers that are easy to predict, like “P@ssW0rd1.”

This may seem secure, but in reality, these strings of characters and numbers could easily be compromised by hackers using common algorithms.

To make matters worse, NIST also recommended that people change their passwords regularly, but did not define what it actually means to “change” them. Since people thought their passwords were already secure with special characters, most only added one number or symbol.

NIST essentially forced everyone, including you and your colleagues, to use passwords that are hard for humans to remember but easy for computers to guess.

The Solution

One cartoonist pointed out just how ridiculous NIST’s best practices were when he revealed that a password like “Tr0ub4dor&3” could be cracked in only three days while a password like “correcthorsebatterystaple” would take about 550 years.

Simply put, passwords should be longer and include nonsensical phrases and English words that make it almost impossible for an automated system to make sense of.

Even better, you should enforce the following security solutions within your company:

Multi-factor Authentication – which only grants access after you have successfully presented several pieces of evidence
Single Sign-On – which allows users to securely access multiple accounts with one set of credentials
Account Monitoring Tools – which recognize suspicious activity and lock out hackers

When it comes to security, ignorance is the biggest threat. If you’d like to learn about what else you can do to fortify security, just give us a call at 800-421-7151.

New Version of Microsoft Office Announced

Do you use Microsoft Word, PowerPoint or Excel on a daily basis? You’re not alone. The Office suite has more than one billion users, and with a new version coming out next year that number could go up. Whether your organization currently uses Office or not, you need to be prepared for the next version.

Microsoft Office 2019: release and features

For the past ten years, Microsoft has updated its suite of productivity software every three years. The current version is Office 2016, and in sticking with the schedule Office 2019 will be available for purchase at the end of next year. However, previews of the next version will become available several months before the final release.

According to Microsoft, the newest version of Office will include:

-The usual Office applications (Word, Excel, PowerPoint, etc.)
-Office server programs (Exchange, SharePoint and Skype for Business)
-Security and IT management enhancements
-Improved “inking” features for touchscreen usability
-Streamlined data analysis features in Excel
-New PowerPoint presentation features like Morph and Zoom
-Office 2019 vs. Office 365

The biggest difference between Office 2019 and Office 365 will be price. For the former, users pay a one-time fee to acquire a software license. Once users have a license, they own that version of Office forever (although Microsoft will stop providing support 10 years after the product is released).

With Office 365, users pay a monthly subscription fee and can use applications as long as they don’t fall behind on the bill. Programs included in the Office suite can be accessed online or installed locally (as long as you connect to the internet at least once per month).

Thanks to cloud technology, Office 365 can be updated much more easily than other versions of Office. O365 users will probably have access to Office 2019 features around the same time as its release, possibly sooner.

The only drawback of Office 365 is its IT management requirements. Unlike its licensed counterparts, O365 requires one or more servers to be set up, domains to be maintained, and files to be migrated to the cloud.

Much like an O365 subscription, our managed IT services are charged based on a flat monthly rate. We can help your small- or medium-sized business enjoy all the benefits of the cloud. Just give us a call today at 800-421-7151.

The Best Computer Productivity Hacks

We’re all obsessed with finding new ways to become more productive. Business gurus often emphasize the importance of time management and taking breaks to avoid burnout. But aside from motivating yourself to work more efficiently, there are plenty of tools that increase your daily output. If you use a computer all day, check out these productivity hacks.

Monitor Productivity Levels
Start by tracking how much work you complete on an average day. Google Chrome Extensions like RescueTime record your most frequently visited sites, and track how much time you spend away from your computer. Running the app will provide you with a productivity rating and a detailed log of how you spend an average day.

If you find out you’re wasting a huge portion of your time on social networking, you’re more likely to make conscious adjustments on how you manage your time.

Get Rid of Clutter
Another way to increase output is by deleting old files, uninstalling unused programs, and organizing documents into appropriately labeled folders. This makes your work easier to find and improves your computer’s performance.

As for the clutter in your email inbox, Gmail and Outlook both have features that filter out unimportant messages. Simply enable Priority Inbox on Gmail or Clutter on Outlook to get a clean, spam-free inbox.

Block Time-Wasting Sites
Visiting non-work-related websites is a surefire way to hinder productivity. A quick, five-minute break to check your Facebook feed or watch a YouTube clip may not seem like much, but a few of those per day add up to a lot of time.

If you and your employees have trouble staying away from sites like Facebook, Instagram and Twitter, it’s a good idea to block access to them using URL filters.

Of course, if you want your employees to take occasional breaks during the day, you could use apps like StayFocusd or Strict Workflow. These allow you to set a limit on how long and how many times users can visit non-work-related sites.

Stay On Track with To-Do Lists
To-do lists help you break down large projects into manageable, bite-sized tasks. And perhaps the most satisfying aspect is crossing things off the list, giving you and your employees a sense of accomplishment and total visibility of your progress.

There are wide variety of digital to-do lists available today like Google Tasks or Trello. These platforms allow you to set deadlines for small tasks and write clear instructions for each item on the list. What’s more, they’re incredibly easy to use and are great for keeping track of your workflow.

Use Keyboard Shortcuts
Last but not least, mastering keyboard shortcuts will make it easier to perform simple functions than if you’re stuck looking for them in the toolbar. There are more than a hundred useful shortcuts, but some that you should always keep in mind are:

Ctrl + C, Ctrl + V, Ctrl + X – to copy, paste, and cut selected items
Ctrl + Z – to undo changes
Ctrl + T – to open a new tab on your web browser
Alt + Tab – to switch between open windows
Alt + F4 – to close the program
For many more like these, take a look at Windows’ list of advanced shortcuts.

These are just some of the tips every user should know to stay productive. If you need more ideas on how to get more out of your technology, call us today. We provide enterprise-level tools and advice that will make your life a lot easier.

Office 365 Web App Launcher Improvements

Do you sometimes wish you could get to your Office 365 applications faster? Microsoft has tweaked the Office 365 web app launcher so you not only get to your apps faster, but you also get to view your most relevant programs, files, contacts, and activities more conveniently. Here’s how it can make you more productive.

Key changes to the Office 365 main page

The newly added “Recommended” section displays activities — comments, edits, and @ mentions — on recently opened files. This gives users an overview of changes to recent documents.

Underneath the “Recommended” section is the “Recent” document column, which shows the most recent activities, while “Places” displays the SharePoint sites you frequently visit and the OneDrive folders you’ve recently accessed.

Being able to see the edits, shares, and comments on your documents makes collaboration more transparent among users within an organization, and these new upgrades make that possible.

What’s more, you can now search among online documents, web apps, SharePoint sites, and contacts within Office.com without having to open individual apps. For example, when searching for a document whose file name you don’t know, you can type in the name of the author and the results will show you the author’s profile and other relevant files and activities.

Web app launcher enhancements

One of the biggest improvements to Office.com, however, is how apps are displayed in the app launcher.

The main window of the new web app launcher has been redesigned to highlight the most frequently used apps. It will still show all the apps within your Office 365 subscription, but you can pin your most used apps or display all items in the main bar, which makes opening and switching between apps a lot easier.

You can also return to the main page with a single click of the Office 365 button from the App Launcher — no need to minimize or close each app.

Office 365 Gallery

Users aren’t always aware of every application included in their subscription, which is what the Office 365 Gallery is for. Its main function is to provide users with personalized suggestions of applications — and their descriptions — which may be useful to their active tasks. These suggestions include links to mobile and desktop-based versions of the applications they recommend, and resources for learning more about them. To access the Gallery, click “Explore your applications” from the Office.com main page.

Each of the changes in the new and improved Office 365 are aimed at simplifying and personalizing business users’ experiences, and we recommend exploring the tools available to you. Call us at 800-421-7151 to know more about Office 365’s productivity-enhancing applications and features.

What Are the Advantages of SaaS?

Almost every business relies on software to operate, and for most SMBs and firms, the costs of software — including license and maintenance — are painfully expensive. So is there a solution that allows you to leverage the power of software without a high price tag? One candidate is the software delivery service called SaaS. Read on to learn more about it.

What is SaaS and what makes it appealing?

Software as a Service (SaaS) is a software delivery model that allows you, as a user, to access software from any device via the internet. This gives you more flexibility since you won’t have to come to the office to use the software, but will be able to work from anywhere that has an internet connection.

As opposed to a traditional on-premises setup where software is stored locally, SaaS software is hosted in the cloud, eliminating the need to buy new hardware or spend money on its maintenance. Besides, by transferring software hosting to a third party, you’re also outsourcing all the responsibilities that come with maintenance such as upgrades and troubleshooting.

Another aspect that sets SaaS apart from using on-premises software is licensing. With on-premises, you purchase a license and pay yearly support fees; while with SaaS, you pay a monthly or annual subscription fee that covers licenses, support, and other fees. This is advantageous since it allows you to spread out costs over time, instead of purchasing licenses outright.

Will my data be safe?

One of the issues that makes companies reluctant to switch to SaaS is data security. Who will own my data? Will my data be safe? What if the vendor goes out of business?

First of all, when you’re outsourcing your software to a SaaS vendor, you have to sign a service level agreement (SLA). Make sure that the SLA specifies that you own the data and that the vendor is obliged to provide access to your data even if they go bankrupt.

Secondly, it’s likely that data hosted by your SaaS vendor will be more secure than when it’s stored on your average SMB’s or firm’s network. That’s because SaaS vendors have to undergo strict security audits, forcing them to invest more in security, backup technology, and maintenance than a typical SMB has to.

Should I switch to SaaS or stick to on-premises?

SaaS is an ideal solution for firms and SMBs with straightforward business models that are looking for a way to reduce upfront costs. But if your business is large or has complex business processes, a traditional on-premises solution might be a better choice since it offers more functionality and allows for full customization.

Still unsure about whether SaaS is the right answer for your organization? Want to know more about SaaS before making the transition? Call us today at 800-421-7151. Our experts are ready to answer any questions you may have about SaaS!

Equifax’s Leak: Lessons Learned

No business owner wants their customers’ data leaked, but no matter how well your prevention plan is, the unexpected can happen. And when it does, what will determine the fate of your business is how well you respond to it. So before you start planning an incident response, read the following story and recite this: Don’t walk in the footsteps of Equifax.

What happened to Equifax?

Equifax, the huge American credit agency announced in September 2017 that its database was hacked, resulting in a leak of tons of consumers’ private data, including personally identifiable information of around 143 million US citizens. It included names, social security numbers, addresses, birthdates, and credit card and driver’s license numbers.

Equifax responded by setting up a new site, www.equifaxsecurity2017.com, to help its customers determine whether they had been affected and to provide more information about the incident.

Soon after, Equifax’s official Twitter account tweeted a link that directed customers to www.securityequifax2017.com, which is actually a fake site.

Fortunately for Equifax’s customers, the fake phishing site was set up by a software engineer who wanted to use it for educational purposes and to expose flaws in Equifax’s incident response practice. So, no further harm was done to the already-damaged customers, and Equifax is left with even more embarrassment.

So what did Equifax do wrong?

One of the huge mistakes Equifax made in responding to its data breach was setting up a new website to give updated information to its consumers outside of its main domain, equifax.com.

Why? You first need to know that since the invention of phishing scams, phishers have been creating fake versions of big companies’ websites. That’s why so many major corporations buy domains that are the common misspellings of their real domains.

You should also know that phishers can’t create a web page on the company’s main domain, so if Equifax’s new site was hosted there, it’d be easy for customers to tell whether the new page was legitimate and not be fooled by a fake domain name.

What’s obvious from this embarrassing misstep is that Equifax had never planned for a data leak. And this is an unforgivable oversight by a company that handles the information of over 800 million consumers and more than 88 million businesses worldwide.

Don’t repeat Equifax’s mistake

Whether your business is a small startup or as big as Equifax, it needs to prepare for a data breach. Besides having a comprehensive network defense plan, you also need to have the right incident response plan in place.

So what you should do after you’ve discovered the leak is, first of all, be upfront with your customers and notify them as soon as possible.

You also need to establish a message that includes the following information:
How the leak occurred
How the leak could affect your customers
How you will prevent future attacks
What your company will do to support affected customers
You should also create a web page to keep your customers up to date. But remember, the new web page should be under your company’s primary domain name.

As we’ve seen from Equifax, an incident response plan that’s robust is a must. Feel free call WAMS at 800-421-7151 to talk to our experts about how you can come up with an acute one — so you won’t have to repeat Equifax’s apologetic statement, since it doesn’t help the company redeemged reputation at all.