When it comes to Internet security, most small businesses don’t have security policies in place. And considering that employee error is one of the most common causes of a security breach, it makes sense to implement rules your staff needs to follow. Here are four things your IT policies should cover.

Internet

In today’s business world, employees spend a lot of time on the internet. To ensure they’re not putting your business at risk, you need a clear set of web policies. This must limit internet use for business purposes only, prohibit unauthorized downloads, and restrict access to personal emails on company devices. You can also include recommended browsing practices and policies for using business devices on public wifi.

Email

Just like the Internet policy mentioned above, company email accounts should only be utilized for business use. That means your employees should never use it to send personal files, forward links, or perform any type of business-related activities outside their specific job role. Additionally, consider implementing a standard email signature for all employees. This not only creates brand cohesion on all outgoing emails, but also makes it easy to identify messages from other employees, thus preventing spear phishing.

Passwords

We’ve all heard the importance of a strong password time and time again. And this same principle should also apply to your employees. The reason is rather simple. Many employees will create the easiest to crack passwords for their business accounts. After all, if your organization gets hacked, it’s not their money or business at stake. So to encourage employees to create strong passwords, your policy should instruct them to include special characters, uppercase and lowercase letters, and numbers in their passwords.

Data

Whether or not you allow your employees to conduct work on their own devices, such as a smartphone or tablet, it is important to have a bring your own device (BYOD) policy. If your employees aren’t aware of your stance on BYOD, some are sure to assume they can conduct work-related tasks on their personal laptop or tablet. So have a BYOD policy and put it in the employee handbook. In addition to this, make sure to explain that data on any workstation is business property. This means employees aren’t allowed to remove or copy it without your authorization.

We hope these four policies shed some light on the industry’s best security practices. If you’d like more tips or are interested in a security audit of your business, give us a call.

To learn more about how to safeguard your business, or if you are looking for an expert to help you find the best solutions for your business talk to GCInfotech about a free technology assessment.

 

Published with consideration from TechAdvisory.org SOURCE

 

The volume of malicious cyber attacks is increasing every year. Although many companies use the latest network security systems, they aren’t immune to the hackers’ favorite strategy — social engineering. Unlike malware, social engineering tricks people into volunteering sensitive data. Here’s what you should know to protect your business.

Phishing

This is the most frequently used social engineering attack, especially against small businesses. Check out these frightening statistics:

 

How is phishing carried out? Criminals make use of emails, phone calls, or text messages to steal money. Victims are directed to phony websites or hotlines and are tricked into giving away sensitive information like names, addresses, login information, social security, and credit card numbers.

To protect yourself, be wary of emails from people you don’t know that offer you a prize, come with attachments you didn’t request, direct you to suspicious sites, or urge you to act quickly. Phishing emails usually appear to come from reliable sources, but they are wolves in sheep’s clothing.

One of the most infamous and widespread examples of phishing was during the 2016 Summer Olympics in Rio, where victims received fraudulent emails for fake ticketing services that stole their personal and financial information.

Tailgating

What’s the fastest and easiest way for criminals to enter a secure office? Through the front door, of course! Tailgating happens when an employee holds the door open for strangers and unauthorized visitors, allowing them to infiltrate an organization. This simple act of kindness enables fraudsters to enter restricted areas, access computers when no one is looking, or leave behind devices for snooping.

Quid pro quo

Here, scam artists offer a free service or a prize in exchange for information. They may lure their victims with a gift, concert tickets, a T-shirt, or early access to a popular game in exchange for login credentials, account details, passwords, and other important information. Or hackers may volunteer to fix their victims’ IT problems to get what they want. In most cases, the gift is a cheap trinket or the tickets are fake, but damages from stolen information are all too real.

Pretexting

Fraudsters pretend to be someone else to steal information. They may pose as a telemarketer, tech support representative, co-worker, or police officer to fish out credit card information, bank account details, usernames, and passwords. The con artist may even convince the unsuspecting victim to apply for a loan over the phone to get more details from the victim. By gaining the person’s trust, the scammer can fool anyone into divulging company secrets.

In spite of the many security measures available today, fraudsters and their social engineering schemes continue to haunt and harm many businesses. Thus, it’s best to prepare for the worst. To protect sensitive information, educate yourself and be careful. Remember: If anything is too good to be true, it probably is!

To shield your business from social engineering attacks or to learn more about how to safeguard your business, or if you are looking for an expert to help you find the best solutions for your business talk to GCInfotech about a free technology assessment

 

Published with consideration from TechAdvisory.org SOURCE

Office 365 comes with different storage and sharing options to make business owners more productive. Two of these are OneDrive and SharePoint, both of which have a long list of features and benefits. Which option is best for you? Keep reading for the answer.

Looking for a secure platform to manage your files? Where do you go for help? Should you choose SharePoint or settle for OneDrive instead? If any of those terms sound Greek to you, don’t worry. You don’t need a degree in computer science to figure it out. This article will give you the lowdown on what to expect from these services.

Both SharePoint and OneDrive are cloud-based services from Microsoft that allow you to store, share, and sync files across different devices. SharePoint was released in 2001 and reportedly has over 190 million users. OneDrive, on the other hand, was launched in 2007 and has more than 250 million users.

SharePoint is marketed mainly as a document management and storage system, but it can be configured to do much more than that. OneDrive, which was previously known as SkyDrive and Windows Live Folders, is part of the Office suite of online services.

What the two have in common
For starters, both platforms make use of Office 365 to help companies organize information and share this with others. To keep things secure, documents go to a cloud drive, so employees can easily track changes in a single file that is stored in one central location. One of the main reasons these platforms are so popular is because users can add comments and notes using real-time collaboration. Since data can be synchronized and is readily available, everyone sees the most up-to-date information regardless of how they view the document.

With OneDrive, it’s personal
OneDrive makes use of a SharePoint backdrop to work. This connects the two programs. The difference is that OneDrive is made for an individual, and the user remains in control even if the file is shared to different people. This means multiple teams can collaborate simultaneously as long as the original owner shares the document via a secure link. That person determines who can edit and view the file.

There’s more to SharePoint
With SharePoint, employees throughout the company can view and edit the stored file. Changes are tracked and higher-ups will know who is working on the document. This is ideal for human resource surveys or updates that need the attention of other team members.

With SharePoint and OneDrive, businesses can improve the way they work. If you want to learn how online document sharing programs can improve your company’s visibility and productivity, get in touch with us now. We’re here for you.

To learn more about how to safeguard your business, or if you are looking for an expert to help you find the best solutions for your business talk to GCInfotech about a free technology assessment

Published with consideration from TechAdvisory.org SOURCE

Whether you’re a newbie or an expert in search engine optimization (SEO), the field changes so often that it can be overwhelming. That can be pretty frustrating since businesses of any size need to get people to their sites in order to really grow in our web-driven culture. Thankfully, there are a few tried-and-true methods for improving your position in Google’s index.

Make sure you’re indexed by Google

Go to Google.com and search ‘site:’ with your website domain listed after the colon (example: ‘site:acme.com’). If you don’t see any results from your page listed, that means Google hasn’t added your site to its search results yet. Although some advisers recommend filling out a request form that Google offers, there is a much faster way to get recognized by the search giant.

Google is constantly scanning web pages for updates in content to include in their search results. When they see a link to an external site on one of their already indexed pages, Google will add that link to the queue of new sites to be scanned and indexed. If you can get your domain name linked on a popular or trusted page, you’ll start seeing your page in the search results in no time.

Go out and get more links

The more links to your site from external pages, the higher you climb in the search results. Other than getting affiliate businesses to link you on their pages, consider managing a blog or RSS feed. Content generation not only promotes interest and traffic in your site, it also lets you submit yourself to blog directories or news aggregator sites like Feedly and Alltop which compile source materials and get you those external links.

Fine-tune your content

Be very careful not to change any of your core ‘permalinks’. If users have links that direct them to pages that can’t be found, it could affect your site’s ranking. Keep your pages live, and keep them named efficiently. Some website platforms, like WordPress, use default link structures that create complicated, number-based links that can be off-putting to users and confusing to administrators and search engine indexers. If possible, make sure your links use category and page title references for more appealing links and organizational structure.

Measure and track your ranking

Just because you believe your site has achieved a desirable ranking on Google doesn’t mean it will stay there. Stay proactive and never let yourself get lazy with your content production, site management, and SEO monitoring — it could mean the difference between moving up the search page, and disappearing from it altogether. Online tools like Cyfe and Google Analytics give you a more in-depth look at your site traffic and external links so you’re always ahead of the competition.

Optimizing your Google page indexing can be daunting. For more information on how to get your site moving up the ladder. Contact us today.

Published with consideration from TechAdvisory.org SOURCE

Smartphones are like palm-sized computers, and they deserve the same protection as desktops and laptops. While you don’t need to install bulky security software to protect against cyberthreats, there are steps you can take to keep cybercriminals at bay.

Mobile malware MO

Mobile malware can be as harmful to a business’s network as infected desktops and laptops. Potential problems include overcharges on phone bills, stolen data, intercepting messages, tricking users with phishing attacks, and sending fake notifications to one’s contact list.

Most malware comes from applications downloaded from third-party app stores and give hackers access to passwords, user account information, and other sensitive personal data. Since many business users link their Android devices to each other, malware could transfer from one device to the next.

Who is responsible?

The burden doesn’t fall solely on smartphone users. App stores such as Google Play Store are responsible, too, such as in the case of the malware-ridden banking and weather apps that were downloaded from the Google Play Store. In these cases, the companies that were affected were urged to provide updates regarding the malicious apps so they could be removed from the store.

How to avoid being victimized by malware

The Google Play Store isn’t 100% secure, but downloading from established app stores — and not from little-known and less secure ones — reduces the probability of downloading malicious apps. In cases when an infected app makes its way to the store and starts getting lots of downloads, Google will be quick to remove it from the store and make everyone aware of it.

Despite app stores’ best efforts, it’s nearly impossible to prevent mobile malware from getting through to the store. That’s why it pays to read user reviews where infected users post detailed warnings. Also, regularly updating your mobile device’s operating system and security software helps prevent infection as the latest versions of those are patched against the latest known threats in app stores and elsewhere online.

Malware doesn’t discriminate, so regardless of your computer or mobile device of choice, it will find a way to infect you if your software isn’t up to date. To find out whether your business devices are safe and fully protected, consult our cybersecurity experts today.

To learn more about how to safeguard your business, or if you are looking for an expert to help you find the best solutions for your business talk to GCInfotech about a free technology assessment.

Published with consideration from TechAdvisory.org SOURCE

The cloud allows businesses to take a more hands-off approach to managing their IT resources. And the hybrid cloud is rapidly becoming the most popular option in this category, especially for small- and medium-sized businesses (SMBs).

Hybrid clouds are a combination of private and public clouds. In the former, data and applications that require tighter controls are hosted either internally or privately in an offsite facility. Public clouds are managed externally by third-party providers with the express purpose of reducing a company’s IT infrastructure.

A recent study indicates that 75% of companies have adopted hybrid cloud solutions, mainly because of their numerous benefits. Here are the four most significant advantages of moving to a hybrid cloud environment.

Adaptability

Having the ability to choose between on-site/privately-hosted cloud servers and public ones let you pair the right IT solution with the right job. For example, you can use the private cloud to store sensitive files, while utilizing more robust computing resources from the public cloud to run resource-intensive applications.

Scalability

The hybrid cloud allows you to “scale up” or “scale down” computing resources on an as-needed basis. So if there are last-minute computing demands that your hardware can’t support, or if you’re planning for future expansion, hybrid cloud solutions allow for on-demand increases or decreases in capacity.

Cost efficiency

Does your business struggle to meet seasonal demands? With a hybrid cloud solution, you’ll be able to easily handle spikes in demand by migrating data from insufficient on-premise servers to scalable, pay-as-you-go cloud servers whenever needed, without incurring extra hardware and maintenance costs.

Security

Last but not least are the security advantages of a hybrid cloud solution. You can host sensitive data such as an e-commerce details or an HR platform within the private cloud, where it will be protected by your security systems and kept under close watch. Meanwhile, routine forms and documents can be stored in the public cloud and protected by a trusted third-party.

Here’s how SMBs can set up a hybrid cloud model based on their requirements and the providers available to them:

  1. By employing one specialized cloud provider who offers comprehensive hybrid solutions
  2. By integrating the services of a private cloud provider with those of a separate public cloud provider
  3. By hosting a private cloud themselves and then incorporating a public cloud service into their infrastructure

Our experts can help you transition to a hybrid cloud solution without interruption and without the huge costs. Contact us today to learn more about the benefits that a hybrid cloud can bring to your business.

To learn more about how to safeguard your business, or if you are looking for an expert to help you find the best solutions for your business talk to GCInfotech about a free technology assessment.

Published with consideration from TechAdvisory.org SOURCE

Anglers catch fish by dangling bait in front of their victims, and hackers use the same strategy to trick your employees. There’s a new phishing scam making the rounds and the digital bait is almost impossible to distinguish from the real thing. Here are the three things to watch out for in Office 365 scams.

Step 1 – Invitation to collaborate email

The first thing victims receive from hackers is a message that looks identical to an email from Microsoft’s file sharing platform SharePoint. It says, “John Doe has sent you a file, to view it click the link below…”

In most cases, the sender will be an unfamiliar name. However, some hackers research your organization to make the email more convincing.

Step 2 – Fake file sharing portal

Clicking the link opens a SharePoint file that looks like another trusted invitation from a Microsoft app, usually OneDrive. This is a big red flag since there’s no reason to send an email containing a link to a page with nothing but another link.

 

Step 2 allows hackers to evade Outlook’s security scans, which monitor links inside emails for possible phishing scams. But Outlook’s current features cannot scan the text within a file linked in the email. Once you’ve opened the file, SharePoint has almost no way to flag suspicious links.

Step 3 – Fake Office 365 login page

The malicious link in Step 2 leads to an almost perfect replica of an Office 365 login page, managed by whoever sent the email in Step 1. If you enter your username and password on this page, all your Office 365 documents will be compromised.

Microsoft has designed hundreds of cybersecurity features to prevent phishing scams and a solution to this problem is likely on the way. Until then, you can stay safe with these simple rules:

  • Check the sender’s address every time you receive an email. You might not notice the number one in this email at first glance: johndoe@gma1l.com.
  • Confirm with the sender that the links inside the shared document are safe.
  • Open cloud files by typing in the correct address and checking your sharing notifications to avoid fake collaboration invitations.
  • Double check a site’s URL before entering your password. A zero can look very similar to the letter ‘o’ (e.g. 0ffice.com/signin).

 

Third-party IT solutions exist to prevent these types of scams, but setting them up and keeping them running requires a lot of time and attention. Give us a call today for information about our unlimited support plans for Microsoft products.

To learn more about how to safeguard your business, or if you are looking for an expert to help you find the best solutions for your business talk to GCInfotech about a free technology assessment.

Published with consideration from TechAdvisory.org SOURCE

Making the decision to migrate from an on-site system to a cloud-based Office 365 is easy, but the migration process itself presents numerous security challenges. By covering these essentials, you’ll minimize security breaches and ensure you can enjoy the benefits of Office 365.

Identify your company’s sensitive data…
Most files housed within your servers contain sensitive commercial and personal data that must be properly identified and protected. Do this by conducting a security audit before you undertake your migration.

Your audit should identify the types of data stored in the various parts of your company network, including which specific information needs extra safeguarding. Be sure to consider everything from trade secrets and contract details to the personal information of your clients.

…and then restrict access to it
Once you’ve worked out where your most precious data lies, you can check who currently has access to it and whether their access is appropriate. After all, it’s not necessary for everyone to be able to get at all the data your company owns.

Ensure that each of your employees has access only to the data that’s necessary for them to perform their duties. The great thing about Office 365 is it lets you conveniently set different levels of permissions based on user roles.

Watch out for insider threats
It’s wise to consider everyone in your organization when it comes to auditing data access permissions – and that includes system administrators who may have master access to every element of your network infrastructure.

A rogue administrator is the stuff of nightmares, since their elevated position gives them much greater leeway to siphon off valuable data without being noticed – or even to allow others to conduct questionable business and bypass the usual built-in security precautions. You can mitigate this risk by monitoring your administrators’ data usage and activities.

Use machine learning to foresee security breaches
Every action performed by your staff within Office 365 is automatically logged, and with relative ease you can create detailed activity reports. But the sheer number of events taking place within Office 365 in the course of your business’s normal operations means that even attempting to identify questionable behavior will be akin to finding a needle in a haystack.

That’s not to say it’s unwise to be on the lookout for anomalies in normal usage – the export of unexplainably large volumes of data, for instance, could suggest that a member of your team is leaking intelligence to a competitor, or that they’re about to jump ship and take your trade secrets with them.

To make things easier, machine learning technologies can identify potential breaches before they happen by analyzing large swathes of data in seconds. Graph API is incorporated into Office 365, and allows for the integration of machine learning tools into your security environment to achieve just that. The same tools can also help you avoid being caught unawares by hackers, by identifying system login attempts from locations that are out of the ordinary.

By following these tips, you’ll be able to enjoy the powerful collaborative features of Office 365 while ensuring the robust security your business demands. To find out more about how we can help your Office 365 migration run smoothly, just give us a call.

To learn more about how to safeguard your business, or if you are looking for an expert to help you find the best solutions for your business talk to GCInfotech about a free technology assessment.

 

Published with consideration from TechAdvisory.org SOURCE

Speculation has been circulating that Windows 10 gathers more info than it should. Whether or not you think privacy lines have been breached, here are some tips to protect your privacy in a matter of clicks.

Slip off the grid

Thanks to location tracking, nearby restaurants and future weather predictions are at your fingertips. While some might not mind this feature, there are others who wish to enjoy some privacy from their smartphones every once in a while.

To turn it off, launch the Settings app, tap Privacy, and disable the Location tab. If you wish to share your location with certain apps, scroll down and activate the ‘Choose apps that can use your location’ tab and choose your desired apps.

Say goodbye to ad tracking

Every time you surf the net, you leave a trail of breadcrumbs that lead directly to your online profile. This problem is easily solved by deactivating ad tracking. Windows 10, however, goes a tad further by using an advertising ID, which gathers information based on web browsing usage and whenever you use Windows 10 apps.

To take care of that, launch the Settings app, go to General, look for “Change privacy options,” then move the slider from on to off. If you want to make sure you have no virtual stalkers, head to choice.microsoft.com/en-us/opt-out and disable the “Personalized ads whenever I use my Microsoft account” tab.

Disable Wi-Fi Sense

This feature is designed to let you easily share Wi-Fi connections with specific users, but hackers can misuse it to log on to your network without your permission. To disable it, launch the Setting app, go to Network & Internet > Wi-Fi > and click on Wi-Fi Sense. From there, deactivate two bars: “Connect to suggested open hotspots” and “Connect to networks shared my contacts”.

Cortana, why so clingy?

Albeit helpful, the digital assistant Cortana requires access to your personal information. But you can stop her from collecting data by logging in to your Microsoft account and clearing all the information Cortana and other Microsoft services (ex. Bing maps) have gathered.

You can also clear the information in your interests section or head over to the “interest manager” tab to edit the interests you want Cortana to track.

More privacy options

All of these tips are easy to follow and will take only five to ten minutes to implement, but if you like to make very detailed adjustments to your system’s privacy setup, launch the Settings app and go to Privacy.

We hope you find these five privacy protection tips helpful. If you need more help protecting your information or securing your network, give us a call.

To learn more about how to safeguard your business, or if you are looking for an expert to help you find the best solutions for your business talk to GCInfotech about a free technology assessment.

 

Published with consideration from TechAdvisory.org SOURCE

Technology is there to make things easier, not harder. That’s why you need an IT partner that can support your technology while you focus on your business. Law firms are no different. Successful firms know that their time is best served helping their clients. With the average bill rate of $300+ per hour for lawyers in the New York Metro area, firms without an engaged IT partner that handle IT issues expeditiously are severely hurting their business.

Why Lawyer’s Need Managed Services

Client Confidentiality

Client information is extremely important in the legal industry. You are handling very personal data for your clients. You have phone records, birth certificates, tax records, and so much more. Your clients trust that you will keep their records safe as you handle their case. GCInfotech can help! We can encrypt your data and your emails so everything stays secured.

Attorney on the Go

Just like real estate agents, attorneys are always working on the go. Having the right equipment that can help you stay connected can go a long way. We can help set you up with a secured tablet so you can answer emails and review documents no matter where you are. We can also help set up a system at your home so you don’t have to worry there either. An attorney should always be available to his or her clients, and we can help ensure you always are!

Case Management

It goes without saying that technology has made it easier for every industry to function. How terrible would it be if you had to wait for someone to submit physical documents in person before continuing a case? The transfer of information online has helped the legal industry advance tremendously. This is why we can help establish your office online network so you can always access or send the files need no matter where you are.

Office Connectivity

This ties in to the topic above. Having your team always connected ensures every case is handled appropriately at all times. If you need to send something to a colleague you can do so without any troubles. We ensure your team has the right tools to connect to everyone else so you can work more effectively together.

Legal Apps

Have you heard the saying “There’s an app for that”? Did you know there’s an app where you can get documents notarized without having to drive anywhere or have anyone come to you? These are the types of apps that attorneys and their clients should be using! What about an app called FastCase that has the entire American law library in its archives? Our team can help find these apps for you. We can see which ones can benefit your office and can help set your team up so they are better prepared when they are not working at the office.

Like we mentioned at the beginning, technology is there to make things easier. That’s why we are always keeping up with the best technology for your legal firm. Wouldn’t it be great to eliminate all your IT issues and get your law office setup for success? Call or visit us today to schedule a free technology assessment to get that process started.