Microsoft understands the value of your business’s data and the costly repercussions of losing it. That’s why they’ve released a slew of security and compliance tools for Office 365 subscribers. But given the increasing sophistication and frequency of data breaches, Office 365 cloud security solutions won’t be enough to protect your files. You’ll need to follow these seven security tips to truly avoid data loss in Office 365.

Take advantage of policy alerts
Establishing policy notifications in Office 365’s Compliance Center can help you meet your company’s data security obligations. For instance, policy tips can warn employees about sending confidential information anytime they’re about to send messages to contacts who aren’t listed in the company network. These preemptive warnings can prevent data leaks and also educate users on safer data sharing practices.

Secure mobile devices
With the growing trend of using personal smartphones and tablets to access work email, calendar, contacts, and documents, securing mobile devices is now a critical part of protecting your organization’s data. Installing mobile device management features for Office 365 enables you to manage security policies and access rules, and remotely wipe sensitive data from mobile devices if they’re lost or stolen.

Use multi-factor authentication
Because of the growing sophistication of today’s cyberattacks, a single password shouldn’t be the only safeguard for Office 365 accounts. To reduce account hijacking instances, you must enable Office 365 multi-factor authentication. This feature makes it more difficult for hackers to access your account since they not only have to guess user passwords but also provide a second authentication factor like a temporary SMS code.

Apply session timeouts
Many employees usually forget to log out of their Office 365 accounts and keep their computers or mobile devices unlocked. This could give unauthorized users unfettered access to company accounts, allowing them to compromise sensitive data. But by applying session timeouts to Office 365, email accounts, and internal networks, the system will automatically log users out after 10 minutes, preventing hackers from simply opening company workstations and accessing private information.

Avoid public calendar sharing
Office 365 calendar sharing features allows employees to share and sync their schedules with their colleagues. However, publicly sharing this schedule is a bad idea. Enabling public calendar sharing helps attackers understand how your company works, determine who’s away, and identify your most vulnerable users. For instance, if security administrators are publicly listed as “Away on vacation,” an attacker may see this as an opportunity to unleash a slew of malware attacks to corrupt your data before your business can respond.

Employ role-based access controls
Another Office 365 feature that will limit the flow of sensitive data across your company is access management. This lets you determine which user (or users) have access to specific files in your company. For example, front-of-house staff won’t be able to read or edit executive-level documents, minimizing data leaks.

Encrypt emails
Encrypting classified information is your last line of defense to secure your data. Should hackers intercept your emails, encryption tools will make files unreadable to unauthorized recipients. This is a must-have for Office 365, where files and emails are shared on a regular basis.

While Office 365 offers users the ability to share data and collaborate flexibly, you must be aware of the potential data security risks at all times. When you work with us, we will make sure your business keeps up with ever-changing data security and compliance obligations. And if you need help securing your Office 365, we can help with that too! Simply contact us today.

To learn more about how to safeguard your business, or if you are looking for an expert to help you find the best solutions for your business talk to GCInfotech about a free technology assessment

Published with consideration from TechAdvisory.org SOURCE

Many small and midsize businesses are deciding to make cloud services and infrastructure an intentional component of their strategy, rather than scrambling to react every time employees start using some new service. These cloud-ready businesses are taking control of cloud adoption by investing in the right tools and making the technical and operational changes necessary to adapt to a faster-paced world.

A strategic approach to the cloud means recognizing that it is here to stay, and being clear about what benefits you want to achieve for your business. Then, you can evaluate where changes need to be made to ensure you can use cloud services securely and productively while maintaining control over costs.

Five key areas you should consider when optimizing your business for the cloud:

Infrastructure: Look at the IT hardware and networking infrastructure you currently have on-premises, and consider what you will need to fulfill your growth plans and optimize for the cloud. Look for ways you can consume infrastructure from the cloud instead of managing it yourself, as many robust options are available that are more secure and higher-performance than most small or midsize businesses can obtain on their own. These aspects of IT are generally well-defined and are not where you want to focus your efforts on adding value. At the same time, don’t abandon what you have. Rather, look for ways that your existing infrastructure can easily connect to the online services you with to use.

Data: Using online services naturally means data moves across multiple locations. The more cloud services you use, the more likely it is that you will keep significant amounts of data online. In order to cloud-optimize your business, look for data storage options that can interoperate with all the tools you plan to use, including analytics, business applications, and business processes. Being able to seamlessly move data to the cloud depending on application and performance needs can enable you to preserve more of your data in an accessible state.

Management: With the cloud, you can spin up multiple virtual servers for a variety of purposes, typically at far lower cost than purchasing the required hardware yourself. That means you need more than virtualization—you need visibility across all the services you support and consume. This is doubly true if you’re using a mix of on-premises hardware, cloud-based virtual machines, and public cloud services, as many businesses will for the foreseeable future. Visibility is also necessary to manage costs, as consuming cloud services typically uses an operational expense model rather than a capital expense model. This may require new management tools if your environment is on the more complex side.

Security: Securing data across multiple services is a different task than securing it behind a traditional firewall. You need server technology built to protect data wherever it goes, whether it’s on a local server, a mobile device, or an online file share. Strong encryption and multi-factor authentication should be available as an option in the technology you choose.

Applications: Look at all the applications your company uses and make strategic decisions about which ones will provide the best value when you set up your business in the cloud. Other apps might require modification to move to the cloud, but if the business value is there, it could well be worth the trouble.

One key to creating a cloud-ready business is choosing the right server technology to power your applications and services. Windows Server is designed for a cloud-first, mobile-first world and powers business workloads around the world. It helps you give employees access to information across diverse infrastructure, networks, devices, and applications, while offering high levels of security and reliability. And, interoperability between Windows Server and Microsoft Azure can smooth the path to cloud migration.

To learn more about how to safeguard your business, or if you are looking for an expert to help you find the best solutions for your business talk to GCInfotech about a free technology assessment.

Published with consideration from Microsoft SOURCE

Seventy-five percent of all obsolete computing equipment is currently in storage. In other words, it’s gathering dust in that unused office, shoved under a desk somewhere, or being used as a plant stand in the corner. But good options for disposal and recycling of old computers abound.

The following are EasyTech’s top tips for safely getting rid of unused computer equipment. You’ll free up storage space while helping our environment stay clean and green.

Computer Recycling

Many of the basic components in an old computer can be reused. This includes plastic from keyboards, metal from computer housing, and glass from older monitors. At the same time, toxic substances in computers like lead and cadmium need to be kept out of landfills and groundwater. Since January 2012, Staples has recycled more than five million pounds of electronics.

Fortunately, computer recycling is now an easy option in most communities. Many towns have public drop-off stations for your unused equipment, while computer retailers such as Staples offer free recycling as well. These recyclers will ensure electronic equipment and batteries are responsibly reused.

Computer Reuse

Recycling your old computers is a great choice when they are broken and beyond repair, but equipment that still works can be sold or donated to charity. Many schools, churches, and other community organizations will be happy to take your computers when your office decides to make an upgrade. In fact, computers that are broken yet repairable are often welcomed by these kinds of institutions. (Be sure to ask before donating equipment that is not in working order.)

Another option, offered by Dell and Goodwill, is called the Dell Reconnect program. This service is a residential computer-recycling program that offers recyclers the opportunity to drop off old gear at Goodwill locations. This free service is tax deductible and not only are you recycling gear, you’re also giving the community an opportunity to use technology they might otherwise be unable to afford.

Selling your outdated computing equipment is another option. Many businesses may be surprised to know that their unwanted computers can be listed on popular classified ad sites and turned into a bit of extra cash. Just because you might not need those old computers doesn’t mean someone else might not, and if that’s the case there are effective recycling programs out there like Gazelle that actually pay you fairly well for your gear when it’s no longer wanted.

Computer Upgrades

We all like brand new things—new cars, new houses, new computers. But before you decide on junking your old computer equipment, find out whether component upgrades might be a better option. The addition of more memory or storage, or adding better graphics capability, can give an old computer new life. RAM upgrades might save you money and reduce your impact on the environment.

You might also be able to use some of the components in your old computers with your newer systems. Old hard drives can serve as data storage or backup receptacles. Your old monitor can be hooked up in tandem with a new monitor for extra viewing area (a dual monitor setup often provides small business users with a productivity boost. Want to know how? It’s a snap! Just follow these official dual-monitor setup instructions from Microsoft).

Before You Recycle

Proper computer disposal means being careful of our environment. It also means being careful with the data those old computers contain. You don’t want customer or financial information getting into the wrong hands when you dispose of your computers.

Erasing files from your computer won’t be enough to keep a determined data thief from getting at your information. Data-wiping software can make information retrieval more difficult, although even this might not stop a sophisticated crook.

If you are donating or selling old computers and they contain sensitive information, you might consider removing the hard drive first and disposing of it separately. Retailers that offer computer recycling usually ensure that data is effectively destroyed in their disposal process, so this is a good option when privacy is a concern.

To learn more about how to safeguard your business, or if you are looking for an expert to help you find the best solutions for your business talk to GCInfotech about a free technology assessment

Published with consideration from STAPLES.com SOURCE

Phishing scams, whereby cybercriminals masquerade as trustworthy entities to fool victims into disclosing private information, have had a recent surge in popularity. This is largely because hackers realize the best way to infiltrate a system is by exploiting people’s trust. Although these attacks bypass network security systems, there are some tools you can use to defend against them. One is Google’s new anti-phishing feature for Gmail apps on Android devices.

Phishing warnings
The new Gmail app feature uses Google’s Safe Browsing technology to examine billions of URL links per day and identify websites impersonating legitimate ones, like an online store, bank, or social media. It will then check whether these websites are embedded with malware or have elements of a phishing attack (e.g., asking for login credentials, private information, etc.).

If it has reasonable evidence to think that the website is indeed malicious, Gmail will display a warning prompt: “The site you are trying to visit has been identified as a forgery, intended to trick you into disclosing financial, personal, or other sensitive information.”

Keep in mind that Gmail may come up with false positives, and for this reason, Google does not completely block access to using a link but advises that you take extra caution if you choose to proceed.

The tech giant also reported this update is available only for Android users and will eventually reach other devices; so if you have an iOS, be extremely careful when interacting with any links in your Gmail accounts.

Safety for Gmail and Google Docs
In other news, a widespread phishing attack affected thousands of Gmail and Google Doc users earlier this month. The attack uses a spoofed email from a known contact attempting to share a ‘document.’ If opened, the fraudulent link redirects victims into an innocent-looking Google page that asks for account permissions. If users grant access, a worm collects your contact list and proceeds to attack other users. Fortunately, Google quickly responded to the scam, removed the fake pages, and updated anti-phishing detection to account for similar threats.

Security training
While Safe Browsing features are extremely helpful for Android Gmail users, they shouldn’t be a total substitute for good security awareness. Remember, phishing exploits human trust, so make sure to train your employees to have a healthy skepticism of every unsolicited link or file and download security updates whenever possible.

For more information and advice on security training or Android-related news, give us a call today. We’ll make sure your business is completely up to date with shifting mobile security trends and issues.

To learn more about how to safeguard your business, or if you are looking for an expert to help you find the best solutions for your business talk to GCInfotech about a free technology assessment

Published with consideration from TechAdvisory.org SOURCE