Windows 8.1 Just Lost All Support. Here’s What You Need to Know

Free Microsoft Notebook photo and picture

Companies both large and small share this one cybersecurity problem. They have computers that are still running older operating systems. Staff might use these devices only occasionally. Or the company may be running customized software that won’t run on newer OS versions.

The problem is that when the OS becomes outdated, the system is open to cyberattacks. When Microsoft or another developer retires an OS, it means that it is no longer supported. No more feature updates and no more security patches for newly found vulnerabilities.

The latest operating system to lose all support is Windows 8.1. Microsoft released the OS in 2013, and it was officially retired on January 10, 2023. Microsoft issued the following warning for companies:

“Continuing to use Windows 8.1 after January 10, 2023 may increase an organization’s exposure to security risks or impact its ability to meet compliance obligations.”

Here are a few facts you should know about what this retirement of Windows 8.1 means.

The OS Will Still Technically Work

When an operating system reaches its end of life, it doesn’t just stop working. Thus, many companies go on using it without realizing the security risk. Technically, the OS will work as it did the day before retirement. But it’s a lot less safe due to the loss of support.

Your System Will No Longer Receive Security Patches

Software and OS vulnerabilities are sought out and exploited all the time. This is what hackers do for a living. The vulnerability cycle usually begins with hackers finding a software “loophole.” They then write code to exploit it that allows them some type of system access.

The software developer learns of this, usually once hackers start breaching systems. They write code to fix that vulnerability. Developers then send the fix to users via an update that they install. This protects the device from one or more hacker exploits.

When an OS reaches its end of life, these fixes are no longer made. The developer has moved on to focus on its newer products. So, the vulnerability remains. It leaves a device vulnerable to hacks for days, months, or years afterward.

Approximately 61% of security vulnerabilities in corporate networks are over five years old.

Options for Upgrading

If you have a computer that is still running Windows 8.1, you have two options for upgrading. You can opt for Windows 10 or Windows 11. If the computer is running such an old OS, there is a chance your system may not meet the requirements for one or both. In this case, you may need to buy a new device altogether.

Microsoft states that there is no free option to upgrade from 8.1 to Windows 10 or 11. Some of the advantages you gain when upgrading include:

  • Better built-in security
  • Faster processing
  • Capability for more modern features (like facial recognition)
  • Improved accessibility features
  • Updated productivity tools (like snap layouts in Windows 11)

What Happens If I Don’t Upgrade?

Security & Compliance Issues

Your data security is at risk if you stay on Windows 8.1. Without any security updates, any vulnerabilities will stay unpatched. This leaves your system highly vulnerable to a breach. One hacked system on a network can also cause the breach or malware infection to spread to newer devices.

If you have to comply with a data privacy regulation, like HIPAA, you’ll also run into issues. Data privacy rules dictate making reasonable efforts to protect data. Using a device with an outdated OS jeopardizes meeting compliance.

Slowed Productivity

The older systems get, the slower they get. Staff that must work on outdated software often complain that it hurts productivity. 77% of surveyed employees were frustrated with outdated tech. Employees dealing with outmoded systems may also quit. They are 450% more likely to want to leave and work elsewhere.

An outdated operating system can hold your staff back. They miss out on modern time-saving features. They can also run into problems with bugs that will no longer get fixed.

Incompatibility With Newer Tools

Software and hardware developers aren’t looking back. Once Microsoft retires an OS, they aren’t prioritizing its compatibility. In fact, some may not want their product to be compatible with it because of the liability.

When you have issues using modern software and hardware it hurts your business. You become less competitive and begin to fall behind. Staying on an outmoded OS keeps you stuck in the past.

Get Help With Your Windows Upgrades

We can help you upgrade smoothly from an older Windows OS to a new one. If you need a new system, we can point you in the right direction for the best value. Give us a call today to schedule a chat about upgrades and where your security stands.


Featured Image Credit

This Article has been Republished with Permission from The Technology Press.

Data Backup Is Not Enough, You Also Need Data Protection

Free Security Computer Science photo and picture

The need to back up data has been around since floppy disks. Data loss happens due to viruses, hard drive crashes, and other mishaps. Most people using any type of technology have experienced data loss at least once.

There are about 140,000 hard drive crashes in the US weekly. Every five years, 20% of SMBs suffer data loss due to a major disaster. This has helped to drive a robust cloud backup market that continues to grow.

But one thing that’s changed with data backup in the last few years is security. Simply backing up data so you don’t lose it, isn’t enough anymore. Backing up has morphed into data protection.

What does this mean?

It means that backups need more cybersecurity protection. They face threats such as sleeper ransomware and supply chain attacks. Cloud-based backup has the benefit of being convenient, accessible, and effective. But there is also a need for certain security considerations with an online service.

Companies need to consider data protection when planning a backup and recovery strategy. The tools used need to protect against the growing number of threats.

Some of the modern threats to data backups include:

  • Data Center Outage: The “cloud” basically means data on a server. That server is internet accessible. Those servers can crash. Data centers holding the servers can also have outages.
  • Sleeper Ransomware: This type of ransomware stays silent after infecting a device. The goal is to have it infect all backups. Then, when it’s activated, the victim doesn’t have a clean backup to restore.
  • Supply Chain Attacks: Supply chain attacks have been growing. They include attacks on cloud vendors that companies use. Those vendors suffer a cyberattack that then spreads throughout their clients.
  • Misconfiguration: Misconfiguration of security settings can be a problem. It can allow attackers to gain access to cloud storage. Those attackers can then download and delete files as they like.

What to Look for in a Data Protection Backup System

Just backing up data isn’t enough. You need to make sure the application you use provides adequate data protection. Here are some of the things to look for when reviewing a backup solution.

Ransomware Prevention

Ransomware can spread throughout a network to infect any data that exists. This includes data on computers, servers, and mobile devices. It also includes data in cloud platforms syncing with those devices.

95% of ransomware attacks also try to infect data backup systems.

It’s important that any data backup solution you use have protection from ransomware. This type of feature restricts automated file changes that can happen to documents.

Continuous Data Protection

Continuous data protection is a feature that will back up files as users make changes. This differs from systems that back up on a schedule, such as once per day.

Continuous data protection ensures that the system captures the latest file changes. This mitigates data loss that can occur if a system crashes before the next backup. With the speed of data generation these days, losing a day’s worth of data can be very costly.

Threat Identification

Data protection incorporates proactive measures to protect files. Look for threat identification functions in a backup service. Threat identification is a type of malware and virus prevention tool.

It looks for malware in new and existing backups. This helps stop sleeper ransomware and similar malware from infecting all backups.

Zero-Trust Tactics

Cybersecurity professionals around the world promote zero-trust security measures. This includes measures such as multi-factor authentication and application safelisting.

A zero-trust approach holds that all users and applications need ongoing authentication. So, just because a user is logged into the system today, doesn’t mean they are completely trusted.

Some of the zero-trust features to look for include:

  • Multi-factor authentication
  • Distinct file and folder permissions
  • Contextual authentication
  • Verification of permissions for file changes

Backup Redundancy

If you back up to a USB drive or CD, you have one copy of those files. If something happens to that copy, you could experience data loss.

Cloud backup providers should have backup redundancy in place. This means that the server holding your data mirrors that data to another server. This prevents data loss in the case of a server crash, natural disaster, or cyberattack.

Air Gapping for More Sensitive Data

Air gapping is a system that keeps a copy of your data offline or separated in another way. This would entail making a second backup copy of your data. Then, putting it on another server. A server disconnected from external sources.

This is a feature that you may want to seek out if you deal with highly sensitive data. It helps to ensure that you have at least one other copy of your backup. A copy walled off from common internet-based attacks.

Need Help With Secure Backup & Data Protection Solutions?

Have you updated your backup process for today’s threats? Give us a call today to schedule a chat about data backup and protection.


Featured Image Credit

This Article has been Republished with Permission from The Technology Press.

8 Reasons Every Company Is Now a Technology Company

person using MacBook Pro

Whether you sell shoes or run an accounting firm, you need some type of technology to operate. Today’s companies aren’t just in the business of selling their own goods and services anymore. They also must master various types of digital tools.

These include software, payment systems, computers, Wi-Fi networks, mobile devices, and more. Companies also need to protect their devices and network.. If that technology isn’t working, it can impact a business significantly.

98% of surveyed organizations say that just one hour of IT downtime costs more than $100,000. The reliance on technology means that every company is now a technology company.

This is the case no matter what products you sell or services you provide. Let’s discuss exactly why this is the case in today’s world.

What Makes Technology a Backbone of Any Business?

1. Technology Is a Critical Part of Business

Even farmers use tech to check commodity prices, sell livestock, and keep their books. Most companies couldn’t operate without their software. Or without databases filled with important information.

IT downtime is so devastating for this very reason. Remember the breaches impacting global meat producer JBS and Colonial pipeline? Those companies had to halt operations because of ransomware attacks.

They both paid the ransom to their attackers so they could begin operating again. Without the technology that’s become a normal part of our day, a lot of companies would close.

2. Customers Expect an Excellent Digital Experience

Customer experience came in first in a survey of top business priorities for the next 5 years. Nearly 46% of respondents said it was at the top of their list.

If a customer has just one bad experience with your company, they will likely go elsewhere. In a digital world, those experiences are often:

  • Navigating your website
  • Checkout experience
  • Appointment scheduling ease
  • Shipping notifications
  • Helpfulness of online chat
  • Response time from customer support
  • Ability to contact your company via social media

To keep up with consumer expectations in 2023 and beyond, means you need to use technology. From your website to your payment experience, people expect a smooth digital flow.

3. Employees Need Devices to Drive Productivity

How do employees work productivity without the use of a computer, tablet, or mobile device? These devices keep staff connected to each other and your customer data. Devices enable communication and are how much of the work in offices gets done. If they don’t run well, business productivity suffers.

4. AI & Automation Help Companies Stay Competitive

AI and automation help organizations move faster. AI can personalize a consumer shopping experience. Automation can help sales teams close 30% more deals and improve conversions by over 200%.

To stay competitive, companies must integrate technology tools with AI and automation capabilities. This means they need to know the best ways to use these tools. Plus, integrate them well with existing solutions.

5. Information Is Being Generated at a Rapid Pace

Companies generate information digitally at a dizzying pace. Can you imagine what it would be like if you had to go back to all the paper files? You’d need a separate building just for all the filing cabinets.

Files, documents, and customer records are largely digital now. Keeping track of all that information and making it searchable requires technology skills.

6. Vendors/Suppliers Are Leaving Legacy Systems Behind

Think of the vendors you use to run your business. Could you interact with any of them offline only? No email, no digital documents? In most cases, the answer is, “No.”

The companies that you rely on for your business are also “technology companies” in the same way. Most will be leaving behind legacy systems like fax machines and paper documents. Thus, you need to use digital means to interact with them.

7. It’s Difficult to Grow Without Tech Innovation

People are limited by what they can mentally and physically do in a day. Computers and technology have exponentially increased that. They do a lot of the processing and manual work.

The cloud is often touted as leveling the playing field for small businesses. It allows smaller companies to leverage technology to do more affordably.

It’s hard to continue growing your business without the smart use of digital tools. This includes reviewing your technology infrastructure and looking at innovations on the horizon.

8. Business Continuity Needs

Business continuity is about keeping your company running despite any crisis events. One natural disaster could severely impact a building and everything in it. But, if you are storing your data in the cloud and using cloud software, your business can still operate.

Companies that aren’t employing backup systems are at significant risk. Tech solutions create the ability to continue operating from anywhere, increasing business resiliency.

What Does Your Innovation Roadmap Look Like?

Using technology securely and to its fullest can be a full-time job. Give us a call today, we can help take that burden off your shoulders.


Featured Image Credit

This Article has been Republished with Permission from The Technology Press.

6 Steps to Effective Vulnerability Management for Your Technology

red padlock on black computer keyboard

Technology vulnerabilities are an unfortunate side effect of innovation. When software companies push new updates, there are often weaknesses in the code. Hackers exploit these. Software makers then address the vulnerabilities with a security patch. The cycle continues with each new software or hardware update.

It’s estimated that about 93% of corporate networks are susceptible to hacker penetration. Assessing and managing these network weaknesses isn’t always a priority for organizations. Many suffer breaches because of poor vulnerability management.

61% of security vulnerabilities in corporate networks are over 5 years old.

Many types of attacks take advantage of unpatched vulnerabilities in software code. This includes ransomware attacks, account takeover, and other common cyberattacks.

Whenever you see the term “exploit” when reading about a data breach, that’s an exploit of a vulnerability. Hackers write malicious code to take advantage of these “loopholes.” That code can allow them to elevate privileges. Or to run system commands or perform other dangerous network intrusions.

Putting together an effective vulnerability management process can reduce your risk. It doesn’t have to be complicated. Just follow the steps we’ve outlined below to get started.

Vulnerability Management Process

Step 1. Identify Your Assets

First, you need to identify all the devices and software that you will need to assess. You’ll want to include all devices that connect to your network, including:

  • Computers
  • Smartphones
  • Tablets
  • IoT devices
  • Servers
  • Cloud services

Vulnerabilities can appear in many places. Such as the code for an operating system, a cloud platform, software, or firmware. So, you’ll want a full inventory of all systems and endpoints in your network.

This is an important first step, so you will know what you need to include in the scope of your assessment.

Step 2: Perform a Vulnerability Assessment

Next will be performing a vulnerability assessment. This is usually done by an IT professional using assessment software. This could also include penetration testing.

During the assessment, the professional scans your systems for any known vulnerabilities. The assessment tool matches found software versions against vulnerability databases.

For example, a database may note that a version of Microsoft Exchange has a vulnerability. If it detects that you have a server running that same version, it will note it as a found weakness in your security.

Step 3: Prioritize Vulnerabilities by Threat Level

The assessment results provide a roadmap for mitigating network vulnerabilities. There will usually be several, and not all are as severe as others. You will next need to rank which ones to address first.

At the top of the list should be those experts consider severe. Many vulnerability assessment tools will use the Common Vulnerability Scoring System (CVSS). This categorizes vulnerabilities with a rating score from low to critical severity.

You’ll also want to rank vulnerabilities by your own business needs. If a software is only used occasionally on one device, you may consider it a lower priority to address. While a vulnerability in software used on all employee devices, you may rank as a high priority.

Step 4: Remediate Vulnerabilities

Remediate vulnerabilities according to the prioritized list. Remediation often means applying an issued update or security patch. But it may also mean upgrading hardware that may be too old for you to update.

Another form of remediation may be ringfencing. This is when you “wall off” an application or device from others in the network. A company may do this if a scan turns up a vulnerability for which a patch does not yet exist.

Increasing advanced threat protection settings in your network can also help. Once you’ve remediated the weaknesses, you should confirm the fixes.

Step 5: Document Activities

It’s important to document the vulnerability assessment and management process. This is vital both for cybersecurity needs and compliance.

You’ll want to document when you performed the last vulnerability assessment. Then document all the steps taken to remediate each vulnerability. Keeping these logs will be vital in the case of a future breach. They also can inform the next vulnerability assessment.

Step 6. Schedule Your Next Vulnerability Assessment Scan

Once you go through a round of vulnerability assessment and mitigation, you’re not done. Vulnerability management is an ongoing process.

In 2022, there were over 22,500 new vulnerabilities documented. Developers continue to update their software continuously. Each of those updates can introduce new vulnerabilities into your network.

It’s a best practice to have a schedule for regular vulnerability assessments. The cycle of assessment, prioritization, mitigation, and documentation should be ongoing. This fortifies your network against cyberattacks. It removes one of the main enablers of hackers.

Get Started with a Vulnerability Assessment

Take the first step towards effective vulnerability management. We can help you fortify your network against attacks. Give us a call today to schedule a vulnerability assessment to get started.


Featured Image Credit

This Article has been Republished with Permission from The Technology Press.

7 VoIP Setup Tips for a More Productive Office

Free photos of Voicemail

The global pandemic put a big emphasis on the need to run a business from anywhere. Enabling employees to work remotely requires cloud solutions. This includes collaborative platforms like Google Workspace and Microsoft 365. VoIP (Voice over Internet Protocol) phone systems have also become critical.

VoIP allows companies to stay in contact with customers and potential customers. Employees can work from anywhere and still answer the business phone line. Callers get a similar experience no matter where employees may be working, office, or home.

When you have people working from home, those old landline systems are inefficient. This has led to a large movement by businesses to VoIP. Both for necessity and cost-savings.

According to Microsoft, 82% of organizations have reported saving money after implementing VoIP.

While VoIP is the way to go for the future, this doesn’t mean it’s foolproof. Companies that don’t set up their system efficiently, can experience issues. This includes things like dropped calls, low bandwidth, and features left unused.

If you’ve been struggling to make your cloud phone system more efficient, check out these tips below. They provide setup best practices for VoIP. Use these to positively impact your bottom line.

1. Check Network Capabilities

You can’t just assume that you can enable a VoIP system, and all will be well. Your network may not be able to handle the extra bandwidth needs without adjustments.

Things you want to look at include jitter and packet loss. Additionally, review router settings to make sure it can handle peak traffic times. Experiencing dropped calls or choppy audio shows a need to address issues. These may include adjusting network hardware and/or increasing your ISP bandwidth.

2. Prioritize Your VoIP Software Using QoS Rules

Quality of Service (QoS) is a router settings area that allows you to say which traffic is most important. If QoS is not in place, it means resource issues. A large cloud backup could kick in and interrupt your calls because it’s taking up bandwidth.

QoS sets up “traffic lanes” that give priority to certain functions. You’ll want to have your VoIP software prioritized to get the bandwidth it needs. This avoids issues with less critical processes hogging up internet resources.

Using QoS keeps your calls smooth. It also improves the reliability of your cloud phone system. It’s also a good idea to use these rules for other important cloud activities.

3. Provide Quality Headsets for Your Team

A cheap headset can ruin the call experience for a potential customer. If someone calls in and can’t hear anything or gets choppy reception, they’ll quickly get frustrated. They will most likely figure that your company doesn’t have its act together.

Your employees may not be able to afford high-quality headsets. They also may not know what type to buy. Head off potential problems by issuing quality headsets for your team to use.

4. Set Up Departments & Ring Groups

One of the great features of VoIP phone systems is the ability to set up ring groups. You first set up your department groups (accounting, marketing, etc.). Then set the included employee extensions.

Creating a ring group allows you to have a call go to your customer support department as a whole. This is better than one person, who may be busy. That way, the whole group gets the ring, and the first available person can pick up.

Ring groups improve the caller experience by reducing the wait time. It can also mitigate the need for the caller to leave a voicemail and get stuck waiting on a callback.

5. Create Your Company Directory

Auto assistants are extremely helpful and nearly all VoIP systems have them. First, you set up your company directory and then record messages to prompt the caller.

For example, you can set up a message that prompts them to input the last name of the person they are trying to reach. If they aren’t calling a specific person, they can be routed to a department.

While setting up a company directory takes a little effort upfront, it will save much more. You no longer will need to have someone specifically routing every call. Callers can also get to the person or department they need faster. This improves the customer experience and boosts office productivity.

6. Have Employees Set Up Their Voicemail & VM to Email

When you get out of a long meeting, going through a bunch of voicemails can take time. Instead of having to listen to each one to see which calls are a priority, you could simply read through them.

The voicemail to email feature in VoIP phone systems will automatically transcribe voicemails. They are then emailed to the recipient. This improves efficiency. It also eliminates wasted time having to listen to entire messages to know who called.

Have employees set up this feature with their extension and email address. Some VoIP systems also offer an option to have transcribed voicemails sent via SMS.

7. Train Your Team on the Call Handling Process

Don’t leave your employees to jump in and learn a VoIP system themselves. It’s important to train them on the features and the company calling process. This ensures that your team can enjoy all those time-saving features.

Get Help Enhancing Your Business Phone System

Need help improving your business phone system? Looking for a better customer experience? Give us a call and schedule a consultation. We can help!


Featured Image Credit

This Article has been Republished with Permission from The Technology Press.

What to Include in a Year-end Technology Infrastructure Review

Free illustrations of Checklist

When the year is coming to a close, it’s the perfect time to plan for the future. Most businesses begin the year with the hope of growing and improving operations. Much of how a business operates depends on technology. So, it makes sense to look to your IT for areas of optimization.

A year-end technology review provides an opportunity to look at several areas of your IT. The goal is to take time to focus on improvements you can make to boost your bottom line. As well as what tactics to take to reduce the risk of a costly cyberattack.

A recent study by Deloitte looked at digitally advanced small businesses. Small businesses that make smart use of technology are well ahead of their peers. Here are some of the ways they excel:

  • Earn 2x more revenue per employee
  • Experience year-over-year revenue growth nearly 4x as high
  • Had an average employee growth rate over 6x as high

The bottom line is that companies that use technology well, do better. They are also more secure. According to IBM, businesses that have an incident response plan reduce the costs of a data breach by 61%. Using security AI and automation can lower costs by 70%.

This year-end, take some time to do a technology review with your IT team or managed IT provider. This will set you up for success and security in the coming year.

Considerations When Reviewing Your Technology at Year-End

The goal of a year-end technology review is to look at all areas of your IT infrastructure. Security, efficiency, and bottom-line considerations will be the key drivers for future initiatives.

Technology Policies

When technology policies get outdated, people stop following them. Review all your policies to see if any of them need updating to reflect new conditions. For example, if you now have some staff working from home, make sure your device use policy reflects this.

When you update policies, let your employees know. This gives them a refresher on important information. They may have forgotten certain things since onboarding.

Disaster Recovery Planning

When is the last time your company did an incident response drill? Is there a list of steps for employees to follow in the case of a natural disaster or cyberattack?

Take time to look at disaster recovery planning for the new year. You should also put dates in place for preparedness drills and training in the coming months.

IT Issues & Pain Points

You don’t want to go through a big IT upgrade without considering employee pain points. Otherwise, you might miss some golden opportunities to improve staff productivity and well-being.

Survey your employees on how they use technology. Ask questions about their favorite and least favorite apps. Ask what struggles they face. Let them tell you how they feel technology could improve to make their jobs better. This, in turn, benefits your business. It can also help you target the most impactful improvements.

Privileged Access & Orphaned Accounts

Do an audit of your privileged accounts as part of your year-end review. Over time, permissions can be misappropriated. This leaves your network at a higher risk of a major attack.

You should ensure that only those that need them have admin-level permissions. The fewer privileged accounts you have in your business tools, the lower your risk. Compromised privileged accounts password open the door to major damage.

While going through your accounts, also look for orphaned accounts. You need to close these because they’re no longer used. Leaving them active poses a security risk.

IT Upgrade & Transformation Plans for the New Year

If you make IT upgrades and decisions “on the fly” it can come back to bite you. It’s best to plan out a strategy ahead of time, so you can upgrade in an organized way.

Have a vulnerability assessment performed. This gives you a list of potential problems your company should address. Eliminating vulnerabilities improves your cybersecurity. Planning ahead allows you to budget for your upgrades and avoid unplanned expenses.

Cloud Use & Shadow IT

Review your use of cloud applications. Are certain apps hardly used? Do you have redundancies in your cloud environment? A review can help you cut waste and save money.

Also, look for uses of shadow IT by employees. These are cloud applications that are being used for work but did not go through approval. Management may not even be aware of them. Remove this security risk by either closing the accounts or officially approving them.

Customer-Facing Technology

Don’t forget to look at the customer experience of your technology infrastructure. Go through your website and contact process as a customer would.

If you get frustrated by things like site navigation, then your customers and leads may be too. Include optimizations to your customer-facing technology in your new year plans.

Schedule a Technology & Security Assessment Today!

We can help you with a thorough review of your technology environment to give you a roadmap for tomorrow. Contact us today for a free consultation.


Featured Image Credit

This Article has been Republished with Permission from The Technology Press.

Tips for Overcoming Barriers to a Smooth BYOD Program

Free A Person Working on His Laptop Stock Photo

Bring your own device (BYOD) is a concept that took hold after the invention of the smartphone. When phones got smarter, software developers began creating apps for those phones. Over time, mobile device use has overtaken desktop use at work.

According to Microsoft, mobile devices make up about 60% of the endpoints in a company network. They also handle about 80% of the workload. But they’re often neglected when it comes to strong cybersecurity measures.

This is especially true with employee-owned mobile devices. BYOD differs from corporate-owned mobile use programs. Instead of using company tools, employees are using their personal devices for work. Many businesses find this the most economical way to keep their teams productive.

Purchasing phones and wireless plans for staff is often out of reach financially. It can also be a pain for employees to carry around two different devices, personal and work.

It’s estimated that 83% of companies have some type of BYOD policy.

You can run BYOD securely if you have some best practices in place. Too often, business owners don’t even know all the devices that are connecting to business data. Or which ones may have data stored on them.

Here are some tips to overcome the security and challenges of BYOD. These should help you enjoy a win-win situation for employees and the business.

Define Your BYOD Policy

If there are no defined rules for BYOD, then you can’t expect the process to be secure. Employees may leave business data unprotected. Or they may connect to public Wi-Fi and then enter their business email password, exposing it.

If you allow employees to access business data from personal devices, you need a policy. This policy protects the company from unnecessary risk. It can also lay out specifics that reduce potential problems. For example, detailing the compensation for employees that use personal devices for work.

Keep Your Policy “Evergreen”

As soon as a policy gets outdated, it becomes less relevant to employees. Someone may look at your BYOD policy and note that one directive is old. Because of that, they may think they should ignore the entire policy.

Make sure that you keep your BYOD policy “evergreen.” This means updating it regularly if any changes impact those policies.

Use VoIP Apps for Business Calls

Before the pandemic, 65% of employees gave their personal phone numbers to customers. This often happens due to the need to connect with a client when away from an office phone. Clients also may save a personal number for a staff member. For example, when the employee calls the customer from their own device.

Customers having employees’ personal numbers is a problem for everyone. Employees may leave the company, and no longer answer those calls. The customer may not realize why.

You can avoid the issue by using a business VoIP phone system. These services have mobile apps that employees can use. VoIP mobile apps allow employees to make and receive calls through a business number.

Create Restrictions on Saved Company Data

Remote work has exasperated the security issue with BYOD. While BYOD may have meant mobile devices in the past, it now means computers too. Remote employees often will use their own PCs when working outside the office.

No matter what the type of device, you should maintain control of business data. It’s a good idea to restrict the types of data that staff can store on personal devices. You should also ensure that it’s backed up from those devices.

Require Device Updates

When employee devices are not updated or patched, they invite a data breach. Any endpoint connected to your network can enable a breach. This includes those owned by employees.

It can be tricky to ensure that a device owned by an employee is kept updated. Therefore, many businesses turn to endpoint management solutions. An endpoint device manager can push through automated updates. It also allows you to protect business data without intruding on employee privacy.

The monitoring and management capabilities of these tools improve security. This includes the ability to safelist devices. Safelisting can block devices not added to the endpoint manager.

Include BYOD in Your Offboarding Process

If an employee leaves your company, you need to clean their digital trail. Is the employee still receiving work email on their phone? Do they have access to company data through persistent logins? Are any saved company passwords on their device?

These are all questions to ask when offboarding a former staff member. You should also make sure to copy and remove any company files on their personal device. Additionally, ensure that you deauthorize their device(s) from your network.

Let Us Help You Explore Endpoint Security Solutions

We can help you explore solutions to secure a BYOD program. We’ll look at how your company uses personal devices at your business and recommend the best tools. Contact us today for a free consultation.


Featured Image Credit

This Article has been Republished with Permission from The Technology Press.

7 Things to Consider When Getting a New Computer to Avoid Buyer’s Remorse

Free Stylish workspace with computer and simple furniture Stock Photo

Have you ever bought a new computer and then had buyer’s remorse a few months later? Maybe you didn’t pay attention to the storage capacity and ran out of space. Or you may have glossed over memory and experienced constant freeze-ups.

An investment in a new PC isn’t something you want to do lightly. Doing your research ahead of time and consulting with a trusted friend or IT shop can help. It will keep you from making major mistakes that could come back to haunt you later.

Here are several things to consider before you put down your hard-earned money on a new computer.

The Amount of Memory (RAM)

One of the big mistakes that people make when looking for a new computer is to ignore the RAM. Random access memory may be called RAM on the specification or “memory.” If your system has low memory, you run into all sorts of problems.

These issues can include:

  • Browser freezing up when you have too many tabs open
  • Issues watching videos
  • Some software not working properly
  • Sluggish behavior
  • Inability to open multiple applications
  • Constant freezes

Memory is the “thought process” of the PC. If there isn’t enough, it can’t take on another task until it completes the current processing tasks. This can cause frustration and ruin your productivity.

People often go for those low-priced computer deals when looking for a new device. But these can include only 4GB of RAM. That’s not a lot if you do much more than staying in a single application or just a few browser tabs.

The higher the RAM, the more responsive the system performance. So, look for PCs with at least 8GB of RAM. Or higher if you do any graphics/video or other processing-intensive activities.

User Reviews for Longevity

Buying a new computer is an investment. So, it’s natural to want that investment to last as long as possible. You don’t want to spend $700 on a new computer, only to begin experiencing problems when it’s just two years old.

Take your time to research user reviews on the specific models you’re considering. You’ll begin to see patterns emerging. Steer clear of models that have consistent complaints about breakdowns sooner than expected.

You may have to pay a little more for a system that has a better track record of performance. But it will save you in the long run when you have more years of usable life before that device needs replacement.

Whether the PC is for Personal or Business Use

If you have a small business or are a freelancer, you may try to save money by buying a consumer PC. But this could end up costing you more in the long run.

Consumer PCs aren’t designed for continuous “9-to-5” use. They also often lack certain types of firmware security present in business-use models. The price gap has also shortened between good consumer computers and business versions. If you’re not looking at the cheap systems, you’ll find that it’s not that much more to get a business-grade device.

The Processor Used

It can be confusing to read through the processor specifications on a computer. How do you know if Intel Core i7 or i3 is best for your needs? What’s the performance difference between AMD and Intel processors?

If you don’t want to do the research yourself, you could call up your local IT shop. We will be happy to steer you in the right direction. We’ll explain in layman’s terms the differences. As well as which processor makes the most sense for your intended use.

For Laptops: The Case Type

If you’re looking for a laptop computer, it’s important that it is durable. Laptops have some unique characteristics that differ from desktops. For example, the screen is often folded down one or more times per day. Additionally, the keyboard is part of the case and is not easily replaced by the user.

If you get a laptop with a cheap plastic case, it’s bound to break during normal use. Keys could also easily pop off the keyboard, requiring a trip to a computer repair shop.

You want to consider the materials used for the case. Paying an extra $20-$30 upcharge for a better casing is definitely worth it. It can help you avoid unneeded headaches.

Storage Capacity

Storage capacity can be a pain point that you experience after the fact. If you buy a computer without paying attention to hard drive space, you could regret it. You may not be able to transfer over all your “stuff” from the old system.

But storage capacity can also be an area where you can save some money. If you store most of your files in the cloud, then you may not need a lot of hard drive space. The less space you need, the lower the price.

Hard Drive Type

If you can get a computer with a solid-state drive (SSD) rather than a traditional hard disk drive (HDD) you should. SSDs are faster and less likely to have read/write issues. They have no moving parts; thus they are quieter as well.

Solid-state drives have come down in price quite a bit recently. There are many affordable options, and you’ll also find some PCs with both a hard drive and SSD.

Come to Us Before You Spend Money on a New Computer

Don’t blindly invest in a new computer without some expert guidance. Contact us today for a free consultation to save you from a bad new PC experience.


Featured Image Credit

This Article has been Republished with Permission from The Technology Press.

Checklist for Better Digital Offboarding of Employees

Free photos of Checklist

Digital footprints cover today’s modern workplace. Employees begin making these the moment they’re hired. They get a company email address and application logins. They may even update their LinkedIn page to connect to your company.

When an employee leaves a company, there is a process that needs to happen. This is the process of “decoupling” the employee from the company’s technology assets. This digital offboarding is vital to cybersecurity.

You don’t want a former employee to maliciously email all your customers from their work email. Sensitive files left on a former staffer’s computer could leak months later.

20% of surveyed businesses have experienced a data breach connected to a former employee.

Digital offboarding entails revoking privileges to company data, and much more. This is a critical process to go through for each former staff member to reduce risk.

Below, we’ve provided a handy checklist to help you cover all your bases.

Your Digital Offboarding Checklist

Knowledge Transfer

Vast corporate knowledge can disappear when a person leaves an organization. It’s important to capture this during a digital offboarding process.

This could be something as simple as what social media app someone used for company posts. Or it may be productivity leveraging. Such as the best way to enter the sales data into the CRM.

Make sure to do a knowledge download with an employee during the exit interview. Better yet, have all staff regularly document procedures and workflows. This makes the knowledge available if the employee is ever not there to perform those tasks.

Address Social Media Connections to the Company

Address any social media connections to the former employee. Is their personal Facebook user account an admin for your company’s Facebook page? Do they post on your corporate LinkedIn page?

Identify All Apps & Logins the Person Has Been Using for Work

Hopefully, your HR or IT department will have a list of all the apps and website logins that an employee has. But you can’t assume this. Employees often use unauthorized cloud apps to do their work. This is usually done without realizing the security consequences.

Make sure you know of any apps that the employee may have used for business activities. You will need to address these. Either change the login if you plan to continue using them. Or you may want to close them altogether after exporting company data.

Change Email Password

Changing the employee’s email password should be one of the first things you do. This keeps a former employee from getting company information. It also keeps them from emailing as a representative of the company.

Accounts are typically not closed immediately because emails need to be stored. But you should change the password to ensure the employee no longer has access.

Change Employee Passwords for Cloud Business Apps

Change all other app passwords. Remember that people often access business apps on personal devices. So, just because they can’t access their work computer any longer, doesn’t mean they can’t access their old accounts.

Changing the passwords locks them out no matter what device they are using. You can simplify the process with a single sign-on solution.

Recover Any Company Devices

Make sure to recover any company-owned devices from the employee’s home. Remote employees are often issued equipment to use.

You should do this as soon as possible to avoid loss of the equipment. Once people no longer work for a company, they may sell, give away, or trash devices.

Recover Data on Employee Personal Devices

Many companies use a bring your own device (BYOD) policy. It saves them money, but this can make offboarding more difficult.

You need to ensure you’ve captured all company data on those devices. If you don’t already have a backup policy in place for this, now is a good time to create one.

Transfer Data Ownership & Close Employee Accounts

Don’t keep old employee cloud accounts open indefinitely. Choose a user account to transfer their data to and then close the account. Leaving unused employee accounts open is an invitation to a hacker. With no one monitoring the account, breaches can happen. A criminal could gain access and steal data for months unnoticed.

Revoke Access by Employee’s Devices to Your Apps and Network

Using an endpoint device management system, you can easily revoke device access. Remove the former employee’s device from any approved device list in your system.

Change Any Building Digital Passcodes

Don’t forget about physical access to your building. If you have any digital gate or door passcodes, be sure to change these so the person can no longer gain access.

Need Help Reducing Offboarding Security Risk?

When you proactively address digital offboarding, the process is easier and less risky. Contact us today for a free consultation to enhance your cybersecurity.


Featured Image Credit

This Article has been Republished with Permission from The Technology Press.

6 Important IT Policies Any Size Company Should Implement

person holding pencil near laptop computer

Many small businesses make the mistake of skipping policies. They feel that things don’t need to be so formal. They’ll just tell staff what’s expected when it comes up and think that’s good enough.

But this way of thinking can cause issues for small and mid-sized business owners. Employees aren’t mind readers. Things that you think are obvious, might not be to them.

Not having policies can also leave you in poor legal standing should a problem occur. Such as a lawsuit due to misuse of a company device or email account.

Did you know that 77% of employees access their social media accounts while at work? Further, 19% of them average 1 full working hour a day spent on social media. In some cases, employees are ignoring a company policy. But in others, there is no specific policy for them to follow.

IT policies are an important part of your IT security and technology management. So, no matter what size your business is, you should have them. We’ll get you started with some of the most important IT policies your company should have in place.

Do You Have These IT Policies? (If Not, You Should)

Password Security Policy

About 77% of all cloud data breaches originate from compromised passwords. Compromised credentials are also now the number one cause of data breaches globally.

A password security policy will lay out for your team how to handle their login passwords. It should include things like:

  • How long passwords should be
  • How to construct passwords (e.g., using at least one number and symbol)
  • Where and how to store passwords
  • The use of multi-factor authentication (if it’s required)
  • How often to change passwords

Acceptable Use Policy (AUP)

The Acceptable Use Policy is an overarching policy. It includes how to properly use technology and data in your organization. This policy will govern things like device security. For example, you may need employees to keep devices updated. If this is the case, You should include that in this policy.

Another thing to include in your AUP would be where it is acceptable to use company devices. You may also restrict remote employees from sharing work devices with family members.

Data is another area of the AUP. It should dictate how to store and handle data. The policy might require an encrypted environment for security.

Cloud & App Use Policy

The use of unauthorized cloud applications by employees has become a big problem. It’s estimated that the use of this “shadow IT” ranges from 30% to 60% of a company’s cloud use.

Often, employees use cloud apps on their own because they don’t know any better. They don’t realize that using unapproved cloud tools for company data is a major security risk.

A cloud and app use policy will tell employees what cloud and mobile apps are okay to use for business data. It should restrict the use of unapproved applications. It should also provide a way to suggest apps that would enhance productivity.

Bring Your Own Device (BYOD) Policy

Approximately 83% of companies use a BYOD approach for employee mobile use. Allowing employees to use their own smartphones for work saves companies money. It can also be more convenient for employees because they don’t need to carry around a second device.

But if you don’t have a policy that dictates the use of BYOD, there can be security and other issues. Employee devices may be vulnerable to attack if the operating system isn’t updated. There can also be confusion about compensation for the use of personal devices at work.

The BYOD policy clarifies the use of employee devices for business. Including the required security of those devices. It may also note the required installation of an endpoint management app. It should also cover compensation for business use of personal devices.

Wi-Fi Use Policy

Public Wi-Fi is an issue when it comes to cybersecurity. 61% of surveyed companies say employees connect to public Wi-Fi from company-owned devices.

Many employees won’t think twice about logging in to a company app or email account. Even when on a public internet connection. This could expose those credentials and lead to a breach of your company network.

Your Wi-Fi use policy will explain how employees are to ensure they have safe connections. It may dictate the use of a company VPN. Your policy may also restrict the activities employees can do when on public Wi-Fi. Such as not entering passwords or payment card details into a form.

Social Media Use Policy

With social media use at work so common, it’s important to address it. Otherwise, endless scrolling and posting could steal hours of productivity every week.

Include details in your social media policy, such as:

  • Restricting when employees can access personal social media
  • Restricting what employees can post about the company
  • Noting “safe selfie zones” or facility areas that are not okay for public images

Get Help Improving Your IT Policy Documentation & Security

We can help your organization address IT policy deficiencies and security issues. Reach out today to schedule a consultation to get started.


Featured Image Credit