silver click pen

Everything You Need to Know About Microsoft Viva Sales

Data entry can be a real drag for salespeople. The time they spend on administrative tasks is time away from customer interactions. But that data is vital.

It’s important to capture customer orders, quotes, needs, and more. Lead and sales reporting help sales managers know where to direct their attention. Analytics also help drive more efficient ways of closing the deal.

Microsoft has taken up the mantle of this challenge. It is about to launch a new digital experience for sales teams. Microsoft Viva Sales is part of the “Viva” line of applications. These include things like Viva Insights for improved staff wellbeing. As well as Viva Learning for staff development.

The Viva apps natively integrate with MS Teams and the Microsoft 365 ecosystem. They include automation designed to eliminate boring tasks and enable more work engagement.

Viva Sales is a “CRM helper” application. We’ll go through some of the most asked questions about the app, its features, and when you can get it.

What Is Microsoft Viva Sales?

Viva Sales is an application that will provide sales and lead insights. These insights populate throughout Office 365 and Microsoft Teams. The focus of the app is to cut unnecessary manual entry to give sellers more time to sell.

How Does Viva Sales Work? Is It a CRM?

Viva Sales is NOT going to replace your normal CRM platform. Instead, it connects to your CRM and other sales-related apps. It leverages the data from these connections. This makes it easier for salespeople to get the prospect data they need to enable their work.

Salespeople spend approximately 34% of their time on administrative tasks.

Viva Sales Basics

Some of the core advantages of Viva Sales are:

  • Eliminate Forms: Data entry for sales professionals is greatly reduced. This frees them up for more customer relationship building.
  • Powerful Data Leveraging: Viva Sales connects to several platforms. This includes non-Microsoft programs and CRMs. The integration allows salespeople to cross-reference data points and gain valuable insights.
  • AI-Driven Help: Salespeople will get prompts that are AI-driven. These suggestions and reminders help them along in the sales process with a lead.

Interconnected Interface

Microsoft Viva Sales provides sales-specific insights throughout the various M365 applications. Salespeople natively see important customer details, wherever they are. Including in their Outlook Calendar or when in their Microsoft or non-Microsoft CRM.

Microsoft Viva Sales
Image courtesy of Microsoft

Viva Sales Features

Tag to Capture Sales Interactions

Tagging is also known as using someone’s “@name” to get their attention. Tagging is a popular software integration used throughout many cloud-based apps. It’s also used within Microsoft 365.

Salespeople can use the familiar tagging function. They can use it to capture data from another M365 application for a prospect or customer. This includes adding someone to a list of customers by using a tag for their Viva Sales name. The system will capture the contextual information on the lead or customer.

Collaborate

Viva Sales makes it easier than ever to collaborate with your team on a sales prospect or customer. You don’t have to chase down information to copy/paste into a message. Use that tagging function to populate lead information from Viva Sales in seconds.

Viva Sales Feature - Collaborate
Image courtesy of Microsoft

You can also easily edit or open a lead/customer record. No need to look for and open another app. The process gets you where you need to go in as few clicks as possible.

Call Summaries & Integrated Data

One thing that customers and salespeople hate is a lack of understanding. For example, when a salesperson doesn’t know about a recent customer interaction.

This can happen when company communication systems store data from different sources separately. Such as phone call messages being in one place and a customer’s website chat session being in another.

Viva Sales brings all that customer engagement data together into a single view. This allows the salesperson to see call summaries and capture call action items.

Download & Customize

Salespeople that prefer an Excel view of their contact list can get this from Viva Sales. Download lead and customer lists. Customize the application per the organization’s needs.

When Will Viva Sales Be Available?

Microsoft has announced that Viva Sales will be “coming in Q4 2022.” There is no exact date for the launch yet, but you can be sure that we will keep an eye on this!

In the meantime, you can watch a video explaining the application on Microsoft’s site here.

Take Advantage of Microsoft Viva Automation

Microsoft built the Viva suite of digital experience apps for productivity. These apps help employees find information faster, feel more connected, and work more productively.

Now is the perfect time to explore those that have already launched and get ready for Viva Sales.

Contact us today for a free consultation to improve your team’s digital experience.


Featured Image Credit

This Article has been Republished with Permission from The Technology Press.

Free photos of Checklist

Checklist for Better Digital Offboarding of Employees

Digital footprints cover today’s modern workplace. Employees begin making these the moment they’re hired. They get a company email address and application logins. They may even update their LinkedIn page to connect to your company.

When an employee leaves a company, there is a process that needs to happen. This is the process of “decoupling” the employee from the company’s technology assets. This digital offboarding is vital to cybersecurity.

You don’t want a former employee to maliciously email all your customers from their work email. Sensitive files left on a former staffer’s computer could leak months later.

20% of surveyed businesses have experienced a data breach connected to a former employee.

Digital offboarding entails revoking privileges to company data, and much more. This is a critical process to go through for each former staff member to reduce risk.

Below, we’ve provided a handy checklist to help you cover all your bases.

Your Digital Offboarding Checklist

Knowledge Transfer

Vast corporate knowledge can disappear when a person leaves an organization. It’s important to capture this during a digital offboarding process.

This could be something as simple as what social media app someone used for company posts. Or it may be productivity leveraging. Such as the best way to enter the sales data into the CRM.

Make sure to do a knowledge download with an employee during the exit interview. Better yet, have all staff regularly document procedures and workflows. This makes the knowledge available if the employee is ever not there to perform those tasks.

Address Social Media Connections to the Company

Address any social media connections to the former employee. Is their personal Facebook user account an admin for your company’s Facebook page? Do they post on your corporate LinkedIn page?

Identify All Apps & Logins the Person Has Been Using for Work

Hopefully, your HR or IT department will have a list of all the apps and website logins that an employee has. But you can’t assume this. Employees often use unauthorized cloud apps to do their work. This is usually done without realizing the security consequences.

Make sure you know of any apps that the employee may have used for business activities. You will need to address these. Either change the login if you plan to continue using them. Or you may want to close them altogether after exporting company data.

Change Email Password

Changing the employee’s email password should be one of the first things you do. This keeps a former employee from getting company information. It also keeps them from emailing as a representative of the company.

Accounts are typically not closed immediately because emails need to be stored. But you should change the password to ensure the employee no longer has access.

Change Employee Passwords for Cloud Business Apps

Change all other app passwords. Remember that people often access business apps on personal devices. So, just because they can’t access their work computer any longer, doesn’t mean they can’t access their old accounts.

Changing the passwords locks them out no matter what device they are using. You can simplify the process with a single sign-on solution.

Recover Any Company Devices

Make sure to recover any company-owned devices from the employee’s home. Remote employees are often issued equipment to use.

You should do this as soon as possible to avoid loss of the equipment. Once people no longer work for a company, they may sell, give away, or trash devices.

Recover Data on Employee Personal Devices

Many companies use a bring your own device (BYOD) policy. It saves them money, but this can make offboarding more difficult.

You need to ensure you’ve captured all company data on those devices. If you don’t already have a backup policy in place for this, now is a good time to create one.

Transfer Data Ownership & Close Employee Accounts

Don’t keep old employee cloud accounts open indefinitely. Choose a user account to transfer their data to and then close the account. Leaving unused employee accounts open is an invitation to a hacker. With no one monitoring the account, breaches can happen. A criminal could gain access and steal data for months unnoticed.

Revoke Access by Employee’s Devices to Your Apps and Network

Using an endpoint device management system, you can easily revoke device access. Remove the former employee’s device from any approved device list in your system.

Change Any Building Digital Passcodes

Don’t forget about physical access to your building. If you have any digital gate or door passcodes, be sure to change these so the person can no longer gain access.

Need Help Reducing Offboarding Security Risk?

When you proactively address digital offboarding, the process is easier and less risky. Contact us today for a free consultation to enhance your cybersecurity.


Featured Image Credit

This Article has been Republished with Permission from The Technology Press.

Free Person Shopping Online Stock Photo

9 Urgent Security Tips for Online Holiday Shopping

The holiday shopping season is taking off. This means that scammers have also revved up their engines. They’re primed and ready to take advantage of all those online transactions.

Don’t forget to stay safe online during the buying frenzy that occurs this time of year. An ounce of cybersecurity prevention is definitely worth a pound of cure. It can also save you from a financial or privacy nightmare.

Here are some of the most critical safety tips to improve your online holiday shopping.

Check for Device Updates Before You Shop

Computers, tablets, and smartphones that have old software are vulnerable. While you may not want to wait through a 10-minute iPhone update, it’s going to keep you more secure.

Hackers often use vulnerabilities found in device operating systems. Updates install patches for known vulnerabilities, reducing your risk. Make sure to install all updates before you use your device for online holiday shopping.

Don’t Go to Websites from Email Links

Yes, it’s annoying to have to type in “amazon.com” rather than just clicking a link in an email. But phishing scams are at an all-time high this time of year. If you click on an email link to a malicious site, it can start an auto download of malware.

It’s best to avoid clicking links, instead visit the website directly. If you want to make things easier, save sites as shopping bookmarks in your browser. This is safer than clicking a text or email link.

Use a Wallet App Where Possible

It’s always a risk when you give your debit or credit card to a website. The risk is even higher if you’re doing holiday shopping on a site you haven’t purchased from before.

Where possible, buy using a wallet app or PayPal. This eliminates the need to give your payment card details directly to the merchant. Instead, you share them with the wallet app service (Apple Pay, Google Pay, PayPal, etc.). But the retailer doesn’t get them.

Remove Any Saved Payment Cards After Checking Out

There are many websites (including Amazon) that automatically save your payment card details. This is bad. Yes, it may make the next buy more convenient, but it puts you at risk. A hacker with access to your device or account could make purchases.

There is also the risk of a data breach of the retailer. These are common and can leak sensitive customer payment information. The fewer databases you allow to store your payment details, the better for your security.

Immediately after you check out, remove your payment card from the site. You will usually need to go to your account settings to do this.

Make Sure the Site Uses HTTPS (Emphasis on “S”)

HTTPS has largely become the standard for websites now. This is instead of “HTTP” without the “S” on the end. HTTPS means that a website encrypts the data transmitted through the site. Such as your name, address, and payment information.

You should NEVER shop on a website that doesn’t use HTTPS in the address bar. An extra indicator is a small lock icon in front of the website address.

Double Check the Site URL

We all make typos from time to time. Especially when typing on a small smartphone screen. One typo can land you on a copycat site (such as Amazonn(dot)com).

Hackers buy domains that are close to the real ones for popular retailers. Then, they put up copycat sites designed to fool users that make a mistake when typing the URL.

Take those extra few seconds to double-check that you’ve landed on the correct website. Do this before you start shopping.

Never Shop Online When on Public Wi-Fi

When you connect your device to public Wi-Fi, you might as well expect a stranger to be stalking you. Hackers LOVE the holiday shopping season and will hang out in popular public Wi-Fi spots.

They spy on the activities of other devices connected to that same free hotspot. This can give them access to everything you type in. Such as passwords and credit card information.

Never shop online when you’re connected to a public Wi-Fi network. Instead, switch off Wi-Fi and move to your mobile carrier’s connection.

Be On High Alert for Brand Impersonation Emails & Texts

Phishing scammers were very active during the holiday shopping season of 2021. There was a 397% increase in typo-squatting domains connected to phishing attacks.

While you need to be careful all the time about phishing, it’s even worse during the holiday season. Attackers know that people are expecting retailer holiday sales emails. They also get a flurry of order confirmations and shipping notices this time of year.

Hackers use these emails as templates. They impersonate brands like Target, UPS, Amazon, and others. Their emails look nearly identical to the real thing. They trick you to get you to click and/or log in to a malicious website.

Be on high alert for brand impersonation emails. This is another reason why it’s always better to go to a site directly, rather than by using an email link.

Enable Banking Alerts & Check Your Account

Check your bank account regularly. Look for any suspicious charges that could signal a breach. One way to automate a monitoring process is to set up banking alerts through your online banking app.

For example, many banks allow you to set up alerts for events such as:

  • When a purchase occurs over a specified dollar amount
  • When a purchase occurs from outside the country

How Secure Is Your Mobile Device?

Mobile malware is often deployed in holiday shopping scams. How secure is your device from malicious apps and malware? Contact us today for a security checkup.


Featured Image Credit

This Article has been Republished with Permission from The Technology Press.

Red Surface laptop on a checkered bed by a window

7 Pro Tips for Microsoft 365

Microsoft 365 is the most popular of all major office productivity software. It has 48.8% of the global market share, just edging out Google’s apps, by a couple of percentage points.

It’s used by individuals, small & mid-sized businesses, and larger enterprise organizations. It does everything a modern office needs. Including from word processing and spreadsheet work to cloud storage and video conferencing.

Because Microsoft 365 is such a vast platform, with over 20 apps in total, it can be easy to miss helpful features. People tend to stick with what’s familiar. But this often causes them to miss out on time and money-saving bonuses in M365, beyond the core apps.

Some of the many apps you get, depending on your subscription plan, include:

  • Excel
  • Word
  • Powerpoint
  • Outlook
  • To Do
  • OneDrive
  • Teams
  • Forms
  • Defender
  • SharePoint
  • Yammer
  • Lists
  • Access
  • Bookings
  • Intune
  • Planner
  • Visio
  • And more

Want to get more value from your subscription? We’ll go through some of the most helpful apps and features in Microsoft 365 that you may now know about.

Get More Out of M365 With These Tips

1. Skip the Menu Bar by Using Search to Find Functions

We’ve all been there at one time or another. You know there is a way to do something in an app, but you can’t find it in the menu. For example, trying to change your margins in Microsoft Word to give you more space on the page.

You can stop wasting time clicking through one tab after another, and instead, use the search box at the top. It’s not just for searching for help topics. You can use a search to quickly jump to settings like margins, page orientation, and many more.

Search

2. Leverage the Free Stock Images, Icons & Videos

Most businesses need to have nice-looking images from time to time. They’re used on websites, brochures, and presentations. But finding good business images can be expensive.

You can’t just do a Google search to find them because they may be copyrighted. You need to have images that you can use commercially without any problems.

Inside Word, Excel, and PowerPoint you have a treasure trove of images. These are free to use in your marketing. You also have videos, icons, and even 3D models, all there for the picking.

Find them by going to Insert > Pictures > Stock Images

Use the tab at the top to tab between the different media. Then, click to insert it directly into your document, spreadsheet, or presentation.

Stock Images

3. Save Time by Using Data Types in Excel

Researching things like the population of a city or the nutrition value of a new menu can take days. Did you know that inside Excel you have access to several databases?

You can leverage facts and figures stored inside Excel’s “data types.” They include topics on everything from chemistry to yoga poses. Use data types to populate tons of data in seconds for various topics.

  • Start by adding your list (e.g., a list of menu items)
  • Highlight your list.
  • Then, click the Data tab.
  • In the Data Types window, choose the type of data it is (e.g., Food, Plant, etc.).
Excel Data Type
  • Next, click the small database icon that appears at the top of the list.
  • Choose the type of data you want.
  • The details will populate into the next open column on the right for each list item.
Excel Data

4. Save Time on Customer Surveys with Microsoft Forms

Microsoft Forms is one of the best-kept secrets of M365. This cloud-based survey and form builder makes it simple to send out surveys to people. You get the results back as soon as they click “submit” on the cloud-based form.

You can even download the results directly to Excel. Using them for graphing or uploading them into a software template.

Microsoft Forms

5. Use PPT’s Presenter Coach to Improve Your Skills

Do you worry when it comes time to give a presentation to clients or your own team? Not everyone feels comfortable about public speaking, even if it’s virtual.

PowerPoint can help with a handy AI-powered feature called Presenter Coach. Turn this coach on when practicing your presentation. It will give you tips on your pacing, use of filler words (e.g., umm), repetitive language, and much more!

Look for the “Rehearse with Coach” option on the Slide Show menu.

6. Save Recurring Email Text in Outlook’s Quick Parts

Do you have certain emails you send to customers that have the same paragraphs of text in them? For example, it might be directions to your building or how to contact support.

Stop retyping the same info every time. Outlook has a feature called Quick Parts that saves and then inserts blocks of text into emails.

  • Create a Quick Part by highlighting the text to save in an email.
  • On the Insert Menu, click Quick Parts.
  • Save Quick Part.

When ready to insert that text into another email, just use the same menu. Then click to insert the Quick Part.

Outlook Quick Parts

7. Create a Keyboard Shortcut to Paste as Unformatted Text

Keyboard shortcuts are great for saving time. But there’s not always one there when you need it. One handy keyboard shortcut to add for MS Word is to paste as text only. This method removes any formatting that copied text might have had so your document isn’t messed up.

Here’s how to make a keyboard shortcut for this:

  • In Word, click File> Options.
  • Click Customize Ribbon.
  • At the bottom of the panel, next to Keyboard shortcuts, click Customize.
  • Scroll in the left pane to All Commands.
  • Look for “PasteTextOnly”
  • Type your keyboard command, then click Assign.
Keyboard Shortcut
PasteTextOnly

Need Help Optimizing Microsoft 365?

Microsoft 365 has many security-enhancing, time-saving, and dollar-saving features. Learn how else we can help by scheduling a consultation today.


Featured Image Credit

This Article has been Republished with Permission from The Technology Press.

Free Close Up of a Keyboard Stock Photo

What Is Microsoft Defender for Individuals & What Does It Do?

When you hear about Microsoft adding security apps to M365, it’s often the business versions. But the pandemic has changed the way that we see the workplace. It’s now a hybrid world. One made up of several connected “mini-offices” located in employee homes.

The outsourcing market has also contributed to the change in company networks. Freelancers are often contracted to work the same hours as employees. This means less overhead and taxes to pay. Approximately 68% of large consumer products companies outsource a part of their workforce.

What we’re getting at is that the need for home devices and network security has never been greater. Company data is now at the mercy of employee devices, situated in homes across the globe.

55% of employees use their own devices and software to work from home.

Microsoft has been at the forefront of this huge shift in the work environment. Its latest release is another example of how it has positioned its products to address new needs.

The latest security offering by Microsoft is not for business plans. It’s for Personal and Family users of Microsoft 365. The company announced Microsoft Defender for Individuals on June 16, 2022. This is a brand-new digital home security tool.

The Basics of Microsoft Defender for Individuals

Microsoft Defender is a new app that Microsoft 365 subscribers can download. Anyone with a Personal or Family plan can access it for no extra cost.

According to Microsoft, there was a main driver for offering Microsoft Defender. It was to protect the digital life of small businesses and families. Small companies will often use consumer Microsoft 365 plans. This is because they are less expensive than the business plans.

This app brings many digital protections together into one dashboard. These include the following.

Online Security Visibility

Most families have several devices connected to their network. This includes computers, tablets, and smartphones. It can be hard to know which are vulnerable before a hacked device infects the others.

Microsoft Defender gives you visibility into the security status of your devices. It does this in a single place. So, you could see if that new phone of Sally’s has antivirus enabled. You can also easily add or remove devices.

Device Safeguards

The app includes extra protections from online threats. These are in the form of help from antivirus and anti-phishing protection.

You can use it to continually scan devices for threats, both new and existing. You also gain control of scanning customization. For example, you can note certain apps as safe and tell Microsoft Defender what to scan.

Real-Time Alerts & Recommendations

Hackers use automation and AI to unleash their attacks and help them spread. This means that it’s often a race against the clock to stop a breach from getting worse.

To react fast, you need to know something is wrong. Microsoft Defender helps you by giving you real-time alerts. These also come with recommended actions. So, you not only know something is wrong, but you also know what to do about it.

What Else Should You Know?

Here are a few other important things you should know about using Microsoft Defender for Individuals.

Where Can You Download It?

You can download Microsoft Defender for Individuals from Microsoft here. You need to have a Microsoft 365 subscription to either the Personal or Family plan.

What Devices Can Use It?

You can use Defender to secure and monitor the following devices:

  • Windows: Windows 10 version 19041.0 and higher
  • Mac: Intel Macs from Catalina 10.15 and higher, and Apple silicon-based devices from 11.2.3 and up
  • iPhone: iOS 13.0 or later
  • Android: Android OS 6.0 or later

How Many Devices Can You Add?

Microsoft Defender allows you to watch the security of many of your home or work devices. The M365 plan you have will dictate how many.

  • If you have Microsoft 365 Personal plan, you can receive protection on up to 5 devices at the same time.
  • If you have Microsoft 365 Family plan, you can receive protection on up to 30 devices at the same time. (5 devices per person, 6 people total)

What Are the Key Differences Between the Personal & Family Plans?

Both plans can access the many different Office and other Microsoft applications. The main difference is how many people and devices can use the Microsoft 365 services.

  • Microsoft 365 Personal: $69.99 US/year, 1 person, 5 devices
  • Microsoft 365 Family: $99.99 US/year, 6 people, 5 devices per person

So, if you want to sign up even 2 people, you’re saving quite a bit with the Family plan. Even more, if you have six people total using the service.

What’s the Difference Between Microsoft Security on Windows & Microsoft Defender?

Most Windows users are already familiar with the Microsoft Security app. It comes pre-installed on Windows. Microsoft Defender differs from this app in several ways.

Microsoft Defender:

  • Is not pre-installed on Windows. You must download it.
  • It’s a cross-device application used on many different devices
  • It includes features for online security
  • It includes alerts and security tips

Learn More About Defender & Microsoft 365 Today

Are you looking to get more from your Microsoft 365 subscription? We can help! Reach out today to schedule a technology consultation with our M365 experts.


Featured Image Credit

This Article has been Republished with Permission from The Technology Press.

Free illustrations of Hacker

The Biggest Vulnerabilities that Hackers are Feasting on Right Now

Software vulnerabilities are an unfortunate part of working with technology. A developer puts out a software release with millions of lines of code. Then, hackers look for loopholes that allow them to breach a system through that code.

The developer issues a patch to fix the vulnerability. But it’s not long before a new feature update causes more. It’s like a game of “whack-a-mole” to keep your systems secure.

Keeping up with new vulnerabilities is one of the top priorities of IT management firms. It’s important to know which software and operating systems are being attacked.

Without ongoing patch and update management, company networks are vulnerable. And these attacks are completely avoidable. 82% of U.S. cyberattacks in Q1 of 2022 were due to exploiting patchable vulnerabilities. This is a global problem.

What new vulnerabilities are lurking in products from Microsoft, Google, Adobe, and others? We’ll go through several. These were recently noted in a warning by the Cybersecurity and Infrastructure Security Agency (CISA).

Make Sure to Patch Any of These Vulnerabilities in Your Systems

Microsoft Vulnerabilities

Microsoft vulnerabilities include those in three of its products. Internet Explorer (IE) is one of them. Microsoft discontinued IE in June of 2022. You should remove this from any computers that still have it installed.

You’ll see the acronym “CVE” used in the vulnerability names. This is an industry-standard naming structure. It stands for Common Vulnerabilities and Exposures.

Here is a rundown of these vulnerabilities and what a hacker can do:

  • CVE-2012-4969: This Internet Explorer vulnerability allows the remote execution of code. This is a “critical” vulnerability because of the damage it enables. Hackers can release this via a website. Thus, formerly safe sites can become phishing sites when hackers exploit this loophole.
  • CVE-2013-1331: This is a flaw in the code for Microsoft Office 2003 and Office 2011 for Mac. It enables hackers to launch remote attacks. It exploits a vulnerability in Microsoft’s buffer overflow function. This allows hackers to execute dangerous code remotely.
  • CVE-2012-0151: This issue impacts the Authenticode Signature Verification function of Windows. It allows user-assisted attackers to execute remote code on a system. “User-assisted” means that they need the user to assist in the attack. Such as by opening a malicious file attachment in a phishing email.

Google Vulnerabilities

Google Chrome and applications built using Google’s Chromium V8 Engine are also on the list. These applications are targets of the following vulnerabilities.

  • CVE-2016-1646 & CVE-2016-518: These both allow attackers to conduct denial of service attacks. They do this against websites through remote control. This means they can flood a site with so much traffic that it crashes.
  • Those aren’t the only two code flaws that allow hackers to crash sites this way. Two others, CVE-2018-17463 and CVE-2017-5070 both do the same thing. And like all these others, have patches already issued that users can install to fix these holes.

Adobe Vulnerabilities

People use Adobe Acrobat Reader widely to share documents. It makes it easy to share them across different platforms and operating systems. But it’s also a tool that’s on this list of popular vulnerabilities.

  • CVE-2009-4324: This is a flaw in Acrobat Reader that allows hackers to execute remote code via a PDF file. This is why you can’t trust that a PDF attachment is going to be safer than other file types. Remember this when receiving unfamiliar emails.
  • CVE-2010-1297: This memory corruption vulnerability. It allows remote execution and denial of service attacks through Adobe Flash Player. Like IE, the developer retired Flash Player. It no longer receives support or security updates. You should uninstall this from all PCs and websites.

Netgear Vulnerability

Netgear is a popular brand of wireless router. The company also sells other internet-connected devices. These are also vulnerable, due to the following flaws.

  • CVE-2017-6862: This flaw allows a hacker to execute code remotely. It also enables bypassing any needed password authentication. It’s present in many different Netgear products.

Cisco Vulnerability

  • CVE-2019-15271: This is a vulnerability in the buffer overflow process of Cisco RV series routers. It gives a hacker “root” privileges. This means they can basically do anything with your device and execute any code they like.

Patch & Update Regularly!

These are a few of the security vulnerabilities listed on the CISA list. You can see all 36 that were added here.

How do you keep your network safe from these and other vulnerabilities? You should patch and update regularly. Work with a trusted IT professional to manage your device and software updates. This ensures you don’t have a breach waiting to happen lurking in your network.

Automate Your Cybersecurity Today

Patch and update management is just one way that we can automate your cybersecurity. Learn how else we can help by scheduling a consultation today.


Featured Image Credit

This Article has been Republished with Permission from The Technology Press.

person in black long sleeve shirt using macbook pro

Small Businesses Are Attacked by Hackers 3x More than Larger Ones

Have you felt more secure from cyberattacks because you have a smaller business? Maybe you thought that you couldn’t possibly have anything that a hacker could want? Didn’t think they even knew about your small business.

Well, a new report by cybersecurity firm Barracuda Networks debunks this myth. Their report analyzed millions of emails across thousands of organizations. It found that small companies have a lot to worry about when it comes to their IT security.

Barracuda Networks found something alarming. Employees at small companies saw 350% more social engineering attacks than those at larger ones. It defines a small company as one with less than 100 employees. This puts small businesses at a higher risk of falling victim to a cyberattack. We’ll explore why below.

Why Are Smaller Companies Targeted More?

There are many reasons why hackers see small businesses as low-hanging fruit. And why they are becoming larger targets of hackers out to score a quick illicit buck.

Small Companies Tend to Spend Less on Cybersecurity

When you’re running a small business, it’s often a juggling act of where to prioritize your cash. You may know cybersecurity is important, but it may not be at the top of your list. So, at the end of the month, cash runs out, and it’s moved to the “next month” wish list of expenditures.

Small business leaders often don’t spend as much as they should on their IT security. They may buy an antivirus program and think that’s enough to cover them. But with the expansion of technology to the cloud, that’s just one small layer. You need several more for adequate security.

Hackers know all this and see small businesses as an easier target. They can do much less work to get a payout than they would, trying to hack into an enterprise corporation.

Every Business Has “Hack-Worthy” Resources

Every business, even a 1-person shop, has data that’s worth scoring for a hacker. Credit card numbers, SSNs, tax ID numbers, and email addresses are all valuable. Cybercriminals can sell these on the Dark Web. From there, other criminals use them for identity theft.

Here are some of the data that hackers will go after:

  • Customer records
  • Employee records
  • Bank account information
  • Emails and passwords
  • Payment card details

Small Businesses Can Provide Entry Into Larger Ones

If a hacker can breach the network of a small business, they can often make a larger score. Many smaller companies provide services to larger companies. This can include digital marketing, website management, accounting, and more.

Vendors are often digitally connected to certain client systems. This type of relationship can enable a multi-company breach. While hackers don’t need that connection to hack you, it is a nice bonus. They can get two companies for the work of one.

Small Business Owners Are Often Unprepared for Ransomware

Ransomware has been one of the fastest-growing cyberattacks of the last decade. So far in 2022, over 71% of surveyed organizations experienced ransomware attacks.

The percentage of victims that pay the ransom to attackers has also been increasing. Now, an average of 63% of companies pay the attacker money in hopes of getting a key to decrypt the ransomware.

Even if a hacker can’t get as much ransom from a small business as they can from a larger organization, it’s worth it. They often can breach more small companies than they can larger ones.

When companies pay the ransom, it feeds the beast and more cyber criminals join in. And those newer to ransomware attacks will often go after smaller, easier-to-breach companies.

Employees at Smaller Companies Usually Aren’t Trained in Cybersecurity

Another thing is not usually high on the list of priorities for a small business owner. We’re talking about ongoing employee cybersecurity training. They may be doing all they can just to keep good staff. Plus, priorities are often sales and operations.

Training employees on how to spot phishing and password best practices often isn’t done. This leaves networks vulnerable to one of the biggest dangers, human error.

In most cyberattacks, the hacker needs help from a user. It’s like the vampire needing the unsuspecting victim to invite them inside. Phishing emails are the device used to get that unsuspecting cooperation.

Phishing causes over 80% of data breaches.

A phishing email sitting in an inbox can’t usually do anything. It needs the user to either open a file attachment or click a link that will take them to a malicious site. This then launches the attack.

Teaching employees how to spot these ploys can significantly increase your cybersecurity. Security awareness training is as important as having a strong firewall or antivirus.

Need Affordable IT Security Services for Your Small Business?

Reach out today to schedule a technology consultation. We offer affordable options for small companies. This includes many ways to keep you protected from cyber threats.


Featured Image Credit

This Article has been Republished with Permission from The Technology Press.

Free photos of Computer

Internet Explorer Has Lost All Support (What You Need to Know)

After being the main entry to the internet in the late 1990s and early 2000s, Internet Explorer (IE) is gone. As of June 15, 2022, Microsoft dropped the web browser from support.

IE ushered in the age of connection to the world in 1995 and held a majority of the browser market share for many years. But the release of newer technologies like Google Chrome made it less relevant.

In 2014, Internet Explorer still held about 59% of the global market share, with Chrome at 21%. But just two years later, IE lost its top spot to Chrome and trailed behind another newcomer, Safari.

In 2015, the writing was already on the wall when Microsoft released a new browser, Edge. With Edge destined to take IE’s place as the official browser installed on Windows systems.

It’s inevitable, the longer technology is driving work and home life, that we’re going to lose some of our favorites. Adobe Flash Player is another technology that used to be widely used and is now gone.

So, now that IE has reached its end of life (EOL), what happens next?

Microsoft Will Redirect Users to IE Mode in Edge

According to Microsoft, now that IE is officially out of support it will redirect users. Over the next few months, a new experience will happen. Those opening this outdated browser will instead land in Microsoft Edge with IE mode.

To ease the transition away from Internet Explorer, Microsoft added IE Mode to Edge. This mode makes it possible for organizations to still use legacy sites that may have worked best in IE. It uses the Trident MSHTML engine from IE11 to do this.

When in IE mode, you’ll still see the Internet Explorer icon on your device. But if you open it, you’ll actually be in Microsoft Edge.

Microsoft Will Be Removing Internet Explorer Icons in the Future

Microsoft isn’t yet getting rid of the IE icons that appear in places like the taskbar and Start menu on Windows. But it will in a future update. Users can expect to see those removed at some point.

Edge Will Import Browser Data from IE

What about your favorites, saved passwords, and other settings that you have in IE? Microsoft Edge will import these from Internet Explorer for you, so they’re not lost. This will include things like your browsing history and other data stored in the browser. You’ll then be able to access these in the Microsoft Edge’s settings area.

With IE Retired, What Do You Need to Do Now?

Uninstall the Browser

It’s risky to keep older technology that is no longer supported on your system. Cybercriminals love to exploit older tools that are not receiving any security updates. This leaves an open invitation to breach your network. Manufacturers are never going to address these because they retired the software.

Outdated technology costs enterprises approximately 47% more when they suffer a data breach. As compared to those with updated tools.

You should transition your stored information to Microsoft Edge (or another trusted browser). Then uninstall IE from your device or devices.

Ensure Employees Know How to Use IE Mode in Edge

A scenario that businesses want to avoid is what happened to many organizations in Japan. Several government and corporate users weren’t prepared for the retirement of IE.

It was reported that IT and engineering departments received many calls for help. This was due to unpreparedness for the browser’s demise. Although it came with warnings, it was a shock to many that used legacy sites that need IE to work. This included the customers of government agencies, financial institutions, and other organizations.

This left them scrambling to try to figure out what to do at the last minute. They still needed access to employee attendance management, and other online tools.

Of course, with IE mode in Edge, this transition didn’t need to be so chaotic. But without communication or training, more than 20% of affected users hadn’t figured out what to do.

Make sure you communicate with your team what to do. Companies can automate IE mode for their users so that it launches automatically.

Train Employees on Microsoft Edge Features

Microsoft Edge has a lot of benefits over IE and other browsers. It’s faster and more responsive than Internet Explorer. It also has comprehensive security controls (including password breach monitoring). And has unique features such as “collections.”

But with all new tools, if you want employees to use them proficiently, they need to have a chance to learn them. Take the time to transition right, and have your employees trained on Edge.

Need Help Upgrading Your Digital Tools?

You don’t have to panic when a technology you use retires. We can help you upgrade well ahead of any deadlines. Reach out today to schedule a technology consultation.


Featured Image Credit

This Article has been Republished with Permission from The Technology Press.

MacBook Pro on table beside white iMac and Magic Mouse

5 Mistakes Companies Are Making in the Digital Workplace

The pandemic has been a reality that companies around the world have shared. It required major changes in how they operate. No longer, did the status quo of having everyone work in the office make sense for everyone. Many organizations had to quickly evolve to working through remote means.

During the worst of the pandemic, it’s estimated that 70% of full-time workers were working from home. Even now that the pandemic has hit a new waning phase, remote work is still very much a reality. 92% of surveyed employees expect to still work from home at least 1 or more days per week.

This transformation has forced companies to rethink the tools and policies they use. Many have also needed to completely revamp how they work. They’ve had to switch to a cloud-based digital workspace to enable a hybrid team.

This transition has brought newfound benefits, such as:

  • Lower costs for employees and employers
  • Better employee work/life balance
  • Higher morale
  • The same or improved productivity
  • More flexibility in serving clients

But, the transition to a digital workplace has also brought challenges and risks.
These include:

  • Vulnerable networks and endpoints
  • Employees feeling disconnected
  • Communication problems
  • Difficulty tracking productivity and accountability
  • Increased risk of data breaches

20% of organizations experienced a breach during the pandemic due to a
remote worker.

Overcoming the challenges and reaping the benefits takes time and effort. It also often takes the help of a trained IT professional, so you avoid costly mistakes.

Below are some of the biggest company mistakes when building a digital workplace. For the statistics, we referenced IGLOO’s State of the Digital Workplace report.

1. Poor Cloud File Organization

When companies go virtual for their workflows, files live in a cloud-accessible environment. If those cloud storage environments aren’t well organized, it’s a problem. It can be difficult for employees to find the files they need.

About 51% of employees have avoided sharing a document with a colleague for this reason. They either couldn’t find it or thought it would be too hard to find. It’s notable that this is the highest percentage recorded for this stat in the IGLOO report. Meaning that this problem is getting worse.

Some tips for making shared cloud storage files easier to locate are:

  • Keep file structure flat (2-3 folders deep)
  • Create a consistent hierarchy and naming structure
  • Don’t create a file for fewer than 10 documents
  • Archive and delete older files monthly to reduce clutter

2. Leaving Remote Workers Out of the Conversation

No one likes to hear people start talking about something at a meeting and realize they’re lost. They missed an important piece of an earlier conversation. Many companies haven’t yet overcome in-person vs remote communication challenges.

In fact, nearly 60% of remote workers say they miss out on important information. This is because colleagues first communicated it in person. Efficiency suffers when in-office workers make decisions without regard for remote colleagues.

Managers and bosses must lead the way in changing this culture. While old habits do take a while to change, mindset can transition to be more inclusive of the hybrid world.

3. Not Addressing Unauthorized Cloud App use

Unauthorized cloud app use (also known as Shadow IT) was already a problem before the pandemic. That problem escalated once people began working from home. Which is often using their personal devices.

Over half (57%) of employees use at least one unauthorized app in their workflow. When this happens, organizations can suffer in many ways.

Some of the risks of shadow IT include:

  • Data leakage from non-secured apps
  • Data privacy compliance violations
  • Redundancies in-app use that increase costs
  • Unprotected company data due to a lack of visibility
  • The employee leaves and no one can access the data in the unauthorized app

4. Not Realizing Remote Doesn’t Always Mean From Home

Remote employees aren’t always working from home, connected to their home Wi-Fi. They may also be working from airports, hotels, a family member’s home, or local coffee shops.

Companies that don’t properly protect company data used by remote employees, can be at risk of a breach. Public networks are notorious for enabling “man-in-the-middle” attacks. This is where a hacker connects to the same public network. Then, using software can access data transmissions from others on that
network.

It’s advisable to use a business VPN for all remote work situations. VPNs are fairly inexpensive and easy to use. The employee simply enables the app on their device. The app then reroutes their data through secure, encrypted servers.

5. Using Communication Tools That Frustrate Everyone

Are virtual meetings giving your team problems? As many as 85% of remote workers say that they’ve had 1-2 meetings interrupted by technology. It’s getting so you can hardly have a virtual meeting without someone having a technical issue.

Communication is the oil that makes the engine of a digital workplace run. Effective cloud-based video calls, audio calls, and chats depend on the right technology. This facilitates a smooth experience.

Don’t rush to use just any communication tools. Take your time and test them out. Get help optimizing settings to improve your virtual meetings. Additionally, ensure your remote team has tools to foster smooth communications. This includes headsets, VoIP desk sets, webcams, etc.

Boost the Productivity of Your Hybrid Office

Reach out today to schedule a technology consultation. We can help you improve the efficiency and productivity of your digital workplace.


Featured Image Credit


This Article has been Republished with Permission from The Technology Press.

Free illustrations of Phishing

You Need to Watch Out for Reply-Chain Phishing Attacks

Phishing. It seems you can’t read an article on cybersecurity without it coming up. That’s because phishing is still the number one delivery vehicle for cyberattacks.

A cybercriminal may want to steal employee login credentials. Or wish to launch a ransomware attack for a payout. Or possibly plant spyware to steal sensitive info. Sending a phishing email can do them all

80% of surveyed security professionals say that phishing campaigns have significantly increased post-pandemic.

Phishing not only continues to work, but it’s also increasing in volume due to the move to remote teams. Many employees are now working from home. They don’t have the same network protections they had when working at the office.

Why has phishing continued to work so well after all these years? Aren’t people finally learning what phishing looks like?

It’s true that people are generally more aware of phishing emails and how to spot them than a decade ago. But it’s also true that these emails are becoming harder to spot as scammers evolve their tactics.

One of the newest tactics is particularly hard to detect. It is the reply-chain phishing attack.

What is a Reply-Chain Phishing Attack?

Just about everyone is familiar with reply chains in email. An email is copied to one or more people, one replies, and that reply sits at the bottom of the new message. Then another person chimes in on the conversation, replying to the same email.

Soon, you have a chain of email replies on a particular topic. It lists each reply one under the other so everyone can follow the conversation.

You don’t expect a phishing email tucked inside that ongoing email conversation. Most people are expecting phishing to come in as a new message, not a message included in an ongoing reply chain.

The reply-chain phishing attack is particularly insidious because it does exactly that. It inserts a convincing phishing email in the ongoing thread of an email reply chain.

How Does a Hacker Gain Access to the Reply Chain?

How does a hacker gain access to the reply chain conversation? By hacking the email account of one of those people copied on the email chain.

The hacker can email from an email address that the other recipients recognize and trust. They also gain the benefit of reading down through the chain of replies. This enables them to craft a response that looks like it fits.

For example, they may see that everyone has been weighing in on a new product idea for a product called Superbug. So, they send a reply that says, “I’ve drafted up some thoughts on the new Superbug product, here’s a link to see them.”

The link will go to a malicious phishing site. The site might infect a visitor’s system with malware or present a form to steal more login credentials.

The reply won’t seem like a phishing email at all. It will be convincing because:

  • It comes from an email address of a colleague. This address has already been participating in the email conversation.
  • It may sound natural and reference items in the discussion.
  • It may use personalization. The email can call others by the names the hacker has seen in the reply chain.

Business Email Compromise is Increasing

Business email compromise (BEC) is so common that it now has its own acronym. Weak and unsecured passwords lead to email breaches. So do data breaches that reveal databases full of user logins. Both are contributors to how common BEC is becoming.

In 2021, 77% of organizations saw business email compromise attacks. This is up from 65% the year before.

Credential theft has become the main cause of data breaches globally. So, there is a pretty good chance of a compromise of one of your company’s email accounts at some point.

The reply-chain phishing attack is one of the ways that hackers turn that BEC into money. They either use it to plant ransomware or other malware or to steal sensitive data to sell on the Dark Web.

Tips for Addressing Reply-Chain Phishing

Here are some ways that you can lessen the risk of reply-chain phishing in your organization:

  • Use a Business Password Manager:

This reduces the risk that employees will reuse passwords across many apps. It also keeps them from using weak passwords since they won’t need to remember them anymore.

  • Put Multi-Factor Controls on Email Accounts:

Present a system challenge (question or required code). Using this for email logins from a strange IP address can stop account compromise.

  • Teach Employees to be Aware:

Awareness is a big part of catching anything that might be slightly “off” in an email reply. Many attackers do make mistakes.

How Strong Are Your Email Account Protections?

Do you have enough protection in place on your business email accounts to prevent a breach? Let us know if you’d like some help! We have email security solutions that can keep you better protected.


Featured Image Credit

This Article has been Republished with Permission from The Technology Press.