Blog

April 11th, 2014

Security_Apr11_CThe security of your systems and communication, especially those that utilize the Internet should be paramount for any business. Over the past few weeks a massive new security flaw has been uncovered. This flaw, codenamed Heartbleed, could potentially expose all your vital data and communications that flows between your computer and websites online. All businesses and Internet users should be aware of this Heartbleed so that they can take steps to stay safe.

Background info about secure transmission of information on the Web

Most sites on the Internet rely on Secure Sockets Layer (SSL) technology to ensure that information is transmitted securely from a computer to server. SSL and the slightly older Transport Layer Security (TLS) are the main technology used to essentially verify that the site you are trying to access is indeed that site, and not a fake one which could contain malware or any other form of security threat. They essentially ensure that the keys needed to confirm that a site is legitimate and communication can be securely exchanged.

You can tell sites are using SSL/TLS by looking at the URL bar of your browser. If there is a padlock or HTTPS:// before the Web address, the site is likely using SSL or TLS verifications to help ensure that the site is legitimate and communication will be secure. These technologies work well and are an essential part of the modern Internet. The problem is not actually with this technology but with a software library called OpenSSL. This breach is called Heartbleed, and has apparently been open for a number of years now.

About Heartbleed

OpenSSL is an open-source version of SSL and TSL. This means that anyone can use it to gain SSL/TSL encryption for their site, and indeed a rather large percentage of sites on the Internet use this software library. The problem is, there was a small software glitch that can be exploited. This glitch is heartbleed.

Heartbleed is a bug/glitch that allows anyone on the Internet to access and read the memory of systems that are using certain versions of OpenSSL software. People who choose to exploit the bugs in the specific versions of OpenSSL can actually access or 'grab' bits of data that should be secured. This data is often related to the 'handshake' or key that is used to encrypt data which can then be observed and copied, allowing others to see what should be secure information.

The problem with Heartbleed

There are two major problems with this bug. The first being that if an attacker can uncover the SSL handshake used by your computer and the server that hosts the site when you login or transmit data they will be able to see this information. This information usually is made up of your login name, password, text messages, content and even your credit card numbers. In other words, anything that gets transmitted to the site using that version of SSL can be viewed.

Scary right? Well, the second problem is much, much bigger. The hacker won't only be able to see the data you transmit, but how the site receiving it employs the SSL code. If a hacker sees this, they can copy it and use it to create spoof sites that use the same handshake code, tricking your browser into thinking the site is legitimate. These sites could be made to look exactly same as the legitimate site, but may contain malware or even data capture software. It's kind of like a criminal getting the key to your house instead of breaking the window.

But wait, it gets worse. This bug has been present in certain versions of OpenSSL for almost two years which means the sites that have been using the version of OpenSSL may have led to exposure of your data and communication. And any attacks that were carried out can't usually be traced.

Am I affected by this?

What makes this so different from other security glitches is that OpenSSL is used by a large percentage of websites. What this means is that you are likely affected. In fact, a report published by Netcraft cited that 66% of active sites on the Internet used OpenSSL. This software is also used to secure chat systems, Virtual Private Networks, and even some email servers.

We have to make it clear here however: Just because OpenSSL is used by a vast percentage of the Internet, it doesn't mean every site is affected by the glitch.

The latest versions of OpenSSL have already patched this issue and any website using these versions will still be secure. The version with Heartbleed came out in 2011. The issue is while sites may not be using the 2011 version now, they likely did in the past meaning your data could have been at risk. On the other hand, there are still a wide number of sites using this version of OpenSSL.

What should I do?

This is a big issue, regardless of whether a website uses this version of OpenSSL or not. The absolute first thing you should do is go and change your passwords for everything. When we say everything, we mean everything. Make the passwords as different as possible from the old ones and ensure that they are strong.

It can be hard to tell whether your data or communications were or are actually exposed or not, but it is safe to assume that at some time or another it was. Changing your passwords should be the first step to ensuring that you are secure and that the SSL/TSL transmissions are secure. Another thing you should be aware of is what sites are actually using this version of OpenSSL. According to articles on the Web some of the most popular sites have used the version with the bug, or are as of the writing of this article, using it. Here are some of the most popular:

  • Facebook
  • Google
  • Gmail
  • Yahoo
  • Yahoo Mail
  • Instagram
  • Pinterest
  • Amazon Web Services
  • GoDaddy
  • Intuit
It would be a good idea to visit the blogs of each service to see whether they have updated to a new version of OpenSSL. As of the writing of this article, most had actually done so but some were still looking into upgrading. For a full list of sites, check out this Mashable article.

If you have a website that uses SSL/TSL and OpenSSL you should update it to the latest version ASAP. This isn't a large update but it needs to be done properly, so it is best to contact an IT partner like us who can help ensure the upgrade goes smoothly and that all communication is infact secure.

Contact us today to see how we can help ensure that your company is secure.

Published with permission from TechAdvisory.org. Source.

Topic Security
April 9th, 2014

SocialMedia_April07_CBusiness customers can be largely visual creatures; judging a company by how it looks. When it comes to social media campaigns if the content of your business posts is not visually appealing you may find it hard to engage your clients. The question is, what tools can you can use to create visual content, especially if you aren't a Photoshop expert or graphic designer.

In this day and age where compelling visuals are possible online, it is extremely important to learn how to create attractive visuals to aid your social media marketing campaigns. You at least need a working knowledge of how to enhance your photos and make them more attention-grabbing. There are a number of free or highly affordable tools out there that can help you do just that.

PIXLR - This advanced photo editor works like Photoshop, only it is easier to use and therefore ideal for beginners. You can create images from scratch or perform advanced image editing. Using fairly simple tools can maximize the potential of images. For quick editing, there’s PIXLR EXPRESS or PIXLR O-MATIC, which are free to use. Visit the PIXLR website to learn more and start use these programs.

PicMonkey’s Online Photo Editor - This photo editor can transform ordinary images into fantastic photographs in just a few clicks. Select the image that you want to modify and add special effects such as fancy text, or simply crop and re-size. The photos edited using PicMonkey can be uploaded on Facebook and other social media platforms. PicMonkey is free to use so you can just go to the website and start editing away. For added frames and special effects there’s a premium version you can upgrade to for USD $33.33 per year.

LiveLuvCreate - This website can be used without any charge and offers a variety of design layouts and graphics. Using this platform you can edit your own images and there are also a ton of images created by users on its library that can help give you inspiration. Among the tools available are borders, filters, and photo effects, as well as fonts, colours, and styles. Visit the website to set up an account and start editing your images today.

Canva - If you want to create your Facebook cover photos from scratch, or if you want to design some blog images, this is a free application that might prove useful. This tool is very convenient and can be used to create business cards, invitations, posters, and presentations. Visit the website today to start creating your own visuals.

Quozio - If you are into quotes, Quozio lets you upload famous and favorite quotes, visualize them, and then share them on your social network. Simply enter an interesting quote and then select a background image. Instead of simply posting what’s on your mind, you can make a quote more attractive and appealing by transforming it into a visual using this free app. Visit the site today to visualize your next quote.

Whether you are posting on Facebook, Twitter, or any other social network, your content cannot come alive without the use of quality graphics and images. If Photoshop does not work for you, these other tools are ideal substitutes for creating appealing graphics for a variety of social media platforms.

Make sure to share your own list of top photo tools for everyone to see! And, if you would like to learn more about leveraging social media in your business, contact us today to see how we can help.

Published with permission from TechAdvisory.org. Source.

Topic Social Media
April 8th, 2014

Office365_Apr07_CThe latest version of Microsoft OneNote was released in 2013 and is now available for download for free. This cross-platform application lets you create notes online and access them on any device where OneNote is installed. It also allows sharing and collaboration with other users, making it easier to work on a continuing project and keep up to date. You can save what you like on your notes, including images, tables, and more.

If you are looking for a powerful note program, OneNote has some great features.

Access and edit notes anywhere

Windows PC, Mac, iOS, Android, and Windows Phone all support OneNote. Install the appropriate version and you can access your notebooks from any of these devices. Previous versions require that you manually sync your notebooks to make them accessible on all devices. However, with the latest version this is no longer required as your notes are automatically synced on your OneDrive. This means you can view and edit them anywhere where you have an Internet connection.

You can access notes on your mobile device that you originally created on your computer. If you have access to a computer that does not have OneNote installed you can easily find the application on the Web. If you go to OneNote’s page on the Web you can log in to the account linked with your installed versions of OneNote and use as you normally would.

Organize data in notebooks

OneNote is a great tool for organizing different data and files. You can create various notebooks that contain information on specific subjects. For instance, you could create a notebook for personal use, a notebook containing client information, etc. Each of these notebooks can then contain various sections with color coded tabs, making it easy to organize files.

This feature is helpful, especially if you are working with a large volume of data. Searching for specific information or data is also straightforward with a convenient search function. You can simply type your keyword in the search field and wait for the result. Click on your chosen result and you will be taken to that particular note.

Third party integration

The latest version of OneNote also has a new cloud API that allows third party applications to be used. This allows users to enjoy more features, as they are not just confined to the features that are native to OneNote. One of the apps that you can use is OneNote Clipper. Install this on your browser and use it to automatically save clippings from the Web in just one click.

Work on important tables

Tables are often used for creating databases or for comparing and listing data. Creating tables in OneNote 2013 is more convenient as it now allows you sort data within a table, designate header rows, as well as change the color of the cells. You can also insert an Excel spreadsheet into your notes.

Write handwritten notes

If you are using a touch capable device you can write notes or draw using a stylus or your fingers. This is especially helpful for jotting down quick notes or reminders about what to insert on a page. Circling or underlining a word or group of words is quick and easy to do.

Organized data and files are easy to access, which is vital when you need this information at your fingertips. OneNote keeps data in order so you can easily find what you need when you need it.

Find out how OneNote and other tech innovations and updates can support your business productivity. Get in touch today!

Published with permission from TechAdvisory.org. Source.

April 4th, 2014

iPad_March02_CTo many business owners and managers the iPad has become an indispensable tool. It is a really useful mobile device that allows users to stay connected with the office, and maintain productivity while they are away from their desks. One problem though is that there has never been an easy way to work on Office documents. That has recently changed though with the release of iPad optimized versions of popular Office programs.

Wait isn't that Microsoft Office Mobile?

Earlier last year Microsoft introduced Office Mobile for Office 365 subscribers. With this app users could access, create, and edit Office documents on a mobile device. The only issue with this app is that it is optimized for smaller screens e.g., the iPhone. While it is possible to use it on your iPad, optimized apps specifically for the iPad have until now been lacking.

In late March this year, Microsoft finally released iPad specific versions of Word, PowerPoint, Excel, and OneNote. Anyone with an iPad Mini, iPad 2,4, and Air can download the apps for free from the App Store and view any related Office documents on their device.

How Office for iPad works

The best way to think of these apps is that they are simply touch versions of the popular Office programs that have been developed specifically for the iPad. Here's four things you should know about the apps:
  • They're free - Currently the Word, Excel PowerPoint, and OneNote apps are available to download for free from iTunes. It is highly likely that more apps will be coming soon.
  • The program links closely with your OneDrive account - OneDrive was SkyDrive until Mid February when Microsoft renamed their cloud storage service, thus allowing you to create documents on the desktop version of Office and then save them to your OneDrive and work on them on your iPad.
  • Document formatting is supported - The iPad versions of the apps have the same formatting features as the desktop versions. Any formatting changes you make to documents on the desktop version can also be made on the iPad.
  • Excel has a unique number pad - Many iPad users don't have a keyboard, and the numbers on the stock iPad keyboard require a number of button hits to reach. To increase usability, Excel on iPad has a special numerical keyboard.

Two caveats

We noted above that the apps are available for free. While this is correct, you will only be able to open and view documents. If you want to edit you will need an Office 365 subscription. The following Office 365 plans will allow you to open, edit, and save documents:
  • Office 365 Home
  • Office 365 Small Business Premium
  • Office 365 Midsize Business
  • Office 365 Enterprise E3 and E4
  • Office Education A3 and A4
  • Office 365 ProPlus
  • Office 365 University
  • Office 365 trial subscriptions
While the vast majority of features found on desktop apps can also be found on the iPad versions, there is one missing - for now: Printing. At this time, printing documents directly from the app is not supported. Microsoft notes that they are working on this and that this function will be introduced in a future update. For now however, your best option is to save files to OneDrive and then open these on your desktop and print from there.

Getting the apps set up on your iPad

If you have an Office 365 subscription getting the apps setup may be a little confusing. Here's how you can do it:
  1. Download the apps from the App Store. (Make sure you have enough free space on your device). You can find the apps by opening iTunes and searching for: Office for iPad. Note: You will need to download each app separately.
  2. Open the app and you should be asked to log in using your Microsoft account. If your business uses Office 365, or if you have an Office 365 account, enter your username and password as you usually do to access the Web and your email.
If you choose to log in using a free account to begin with, you can upgrade to an Office 365 account from the app. This can be achieved by opening the app, and clicking Activate which should be located at the bottom left of the main menu. You can then follow the app's steps to purchase an Office 365 subscription through iTunes. Alternatively, you can go to the Office 365 website and subscribe through here. Once you open the app, after your account has been updated, you should be able to access, edit, save, and share documents.

Should I get this app?

Office 365 is one of the most popular versions of Office for small to medium businesses, and many users are wondering if they should download the app to their iPad. The answer to that is that it depends on whether you want to use your iPad for work or not.

Generally speaking, business owners who have an iPad and Office 365 subscription will benefit from downloading this app. The main reason is because it offers another way to connect with the office and potentially increase productivity, especially when you are away from your desk, through greater flexibility.

If you don't have an Office 365 subscription but use Office in your business, the iPad versions of Word, Excel, and PowerPoint could be useful, especially if you only need to view documents. That being said, you might want to consider updating to Office 365 in order to gain full access.

Contact us today to learn more about the different plans available for your business.

Published with permission from TechAdvisory.org. Source.

Topic iPad
April 4th, 2014

Security_March31_CComputers must have appropriate protection from malware attacks. Aside from creating annoyances, malware infections can also affect the performance of your computer. Furthermore, the data on your system and confidential information that you use online may also be tracked and used without your knowledge. Because of the severity of the problems that it can cause you need to be very cautious about preventing malware infections, and know how to deal with them properly.

Signs of a malware infection

Before proceeding with the steps on how to respond to malware infections, we first need to learn about the signs and symptoms of a malware infection. These include:
  • Several pop-ups appear even when not browsing the Web.
  • Unusual slowness of the computer and Internet connection.
  • System hangs or freezes.
  • Corrupted programs.
  • Antivirus is disabled.
  • E-mails sent to or from your account which you did not send.
  • High network activity, even when not using large programs or accessing huge data.
  • Redirected access to some sites.

How to respond to a malware infection

In case you experience any of these symptoms, the first thing to do is to ensure that your antivirus and antispyware program is updated. This is to make sure that they detect the latest known threats on their database. You should then run scans to see if an infection is detected. If it is, the programs usually have a way to remove the infection. You then need to follow the steps the program recommends.

If this doesn't work, disconnect the infected computer from the network to prevent the spread of the malware. Furthermore, avoid accessing the Web and using vital information such as bank account and credit card information. Let the technical department or your IT partner handle the concern since they are trained in determining and eradicating system malware infections.

Once the problem has been pinpointed, a tech specialist will go through the process of eliminating the infection. This includes backing up data on the computer and restoring the system to its original state. Depending on the extent of the infection, the computer may need to be wiped clean, or reformatted before restoring backed-up files.

After the whole process, the computer must be tested to ensure that the infection has been totally removed. Moreover, further investigation and studies must also be done to determine where the problem started, as well as to create a strategy as to how to prevent this from happening in the future.

How to prevent a malware attack

Prevention is better than a cure and this definitely applies to malware infections. It’s best to arm yourself with knowledge on how to avoid malware attacks and prevent your systems from being infected.
  1. Ensure that security protection is always updated and that you run system scans on a regular basis.
  2. Avoid downloading attachments or clicking links from unknown sites or senders.
  3. Enable firewall protection.
Malware can hugely affect business operations and the security of private information. One of the best ways to prevent this is to work with an IT partner, like us, who can help recommend and install protection systems. You might want to think about getting help in managing these solutions too, to ensure that your systems are secure at all times.

If you have questions or concerns with regards to malware prevention and resolution, feel free to call us. Our support team is always ready to help.

Published with permission from TechAdvisory.org. Source.

Topic Security
April 3rd, 2014

iPhone_March31_CWhen it comes to mobile phones and tablets, iPhones and iPads are up there as the most popular on the market. Most of the features of the iPhone can also be found on an iPad, though the latter has a wider screen. One of the features that both devices support is iOS's Calendar. It is included on every mobile device from Apple and it can be used for creating and sharing events. While Calendar may display a default start of the week depending on your regional settings, this day can be changed.

Why change the day your week starts on your calendar?

If you go into Calendar and note that your regional setting is set to United States, for example, you may notice that the day of the week starts on a Sunday. This is true even with other regional settings. While it is technically correct that Sunday is the beginning of the week, you may still want to change the day so that your week starts based on your native calendar or even when your work week begins.

Often people see Monday as the start of the week because it is usually the start of the working week. You might find it more convenient if this is also reflected in your calendar setup. Moreover, your calendar might appear more organized if your weekends are next to each other. With the default setting, Sunday and Saturday are on the left and right side, with the work week in between.

How to change the beginning of your work week

There are two ways to change the day that your week starts on Calendar. One method is changing the country in the regional setting and the other one is by changing your Calendar's date setting. However, take note that changing the regional setting will also affect other features in your device such as the time format and the number that appears on your screen when someone calls. If you don’t want to take any chances, it’s best to follow the calendar setting method.

Here’s how to change the day your week starts on your calendar setting:

  1. Tap the Settings icon on your device.
  2. Scroll to Mail, Contacts and Calendars then tap on it.
  3. Go to Calendars and select Start Week On.
  4. Tap your preferred option and Calendar will make that the start of your week.
If you would like to be a little different, you can change your regional settings by:
  1. Going to Settings.
  2. Choosing General.
  3. Selecting International.
  4. Tapping Regional Format.
  5. Selecting the country or region of your choice
As mentioned, this may affect other features on your device, including the time and the way phone numbers are displayed. If you work with colleagues or clients from other regions, this might not be an issue for you.

If you have any questions about your devices and how you can use it in your business then get in touch. Our friendly and knowledgeable support team are happy to assist you.

Published with permission from TechAdvisory.org. Source.

Topic iPhone
March 28th, 2014

iPad_March24_COne of the biggest hardware trends has to be interacting with touch, whether it's with your tablet or computer, fridge or car navigation system. Touch screens are everywhere and becoming more popular with a multitude of different devices which require certain gestures to communicate. If you're an iPad user then there are some important gestures that you should know about.

Every new iPad, and many of the older ones, run the latest version of iOS - Apple's mobile operating system. For those running iOS 7, gestures are the main way you interact with your device. While it may look weird to people who don't use them, waving your hands around, spreading your fingers, and even pinching are normal to you!

One of the greatest plus points about gestures is that when used properly, they make it simpler to interact with your device; speeding up your overall productivity. So, if you are looking to increase productivity while using your device, you should know and practice different gestures. Here are six of the most important:

1. Swipe one finger from the top

If you place your finger on the top bezel (above the viewable area of the screen) and swipe down onto the screen you will open, or slide down, the notifications center. From here you can action notifications. When you are finished slide up from the bottom of the screen to close the notifications.

2. Swipe one finger from the bottom

If you place your finger on the bezel (below the viewable area of the screen) and swipe up onto the screen you should bring up the Control Center where you can control the important settings on your iPad. To close simply swipe down.

3. Swipe one finger down

Place your finger anywhere on the viewable area of the screen and swipe down. This will open up the Search bar where you can search for almost anything on your iPad, including apps, emails, music, and more. To close this bar, simply tap the home button, or tap anywhere on the screen other than where the keyboard or search bar are.

4. Swipe four fingers up

If you place four fingers anywhere on the screen you will bring up thumbnails that represent the apps that you have open. If you swipe up on a thumbnail, you will close the app.

5. Swipe four fingers left or right

With apps open, you can place four fingers on the screen and swipe to the left or right. This will switch to other open apps. You can swipe the opposite direction with your fingers to go back to another app, if you sweep to the left again, you should bring up a list of recently used apps.

6. Grab with five fingers

If you are in an app and want to quickly get to the homescreen place all five fingers on the screen and pinch them together. This will shrink the app into your home screen. You can open it again by swiping four fingers up and selecting it.

If you are looking to learn more about using your iPad in your business, contact us today to see how we can help.

Published with permission from TechAdvisory.org. Source.

Topic iPad
March 26th, 2014

Office365_Mar24_CMicrosoft Office is a collection of desktop applications from Microsoft, designed for Windows and Mac computers. In 2011, Office 365, which is a cloud-based version of the suite, was introduced. This allows users to access these applications on the Web, including Excel. Microsoft Excel contains spreadsheets which are often used in creating and managing databases, finances, and more. Did you know that the rows and columns of cells can be renamed for easy identification?

Like other spreadsheet applications, Microsoft Excel documents are based on cells that can be arranged into rows and columns. It is within these cells that data is entered when creating a worksheet for various functions including data management and computations, etc. Each cell in the spreadsheet has a corresponding name, which is identified by its column letter and row number.

For instance, the cell under column A that belongs to row 1 has the default name A1. You will see this in the name box, which is located on the upper left side of the spreadsheet, next to the formula bar. This name can actually be changed however.

Why name cells in Excel

As mentioned, the default name for each cell in an Excel spreadsheet is based on the relevant column and row. One of the reasons why you may want to change this name is to make it easier to find what you are looking for, especially when there’s a lot of information in a particular spreadsheet. For instance, if you name a particular cell 'Total', searching for this word is much faster than scrolling through the spreadsheet to find the correct cell or trying to remember its specific column and row.

This is also the case when creating formulas for computations. Instead of using the cells’ column letter and row number, it’s more convenient to use a name that you can easily understand. For example, naming one cell 'GrossIncome' and the other one 'Deductions' makes it easier for you to compute net income by subtracting Deductions from GrossIncome for the result.

Another benefit of naming cells is that it is easier for other users to understand. If you are sharing the spreadsheet or workbook with other colleagues or business associates, using cell names that are easy for everyone to identify reduces potential confusion.

How to name cells in Excel

Naming cells in Excel can be done in two ways. The first is by changing the name directly on the name box and the other one is by defining names under the Formulas menu. The difference is that when naming a cell through the define name feature of the menu you can select its specific scope.

This determines where the specific name will be recognized as having the same value, such as in the entire workbook or in a specific spreadsheet only. Changing the name in the name box will automatically determine the workbook as its scope rather than the whole spreadsheet.

Changing a cell name in the name box:

  1. Select the cell that you want to name.
  2. Go to the name box and type the name you prefer.
  3. Hit enter on your keyboard.

Defining a cell name:

  1. Select the cell that you wish to name.
  2. Click the Formulas menu.
  3. Choose Define Name.
  4. Type the name of the cell in the new window that pops up.
  5. Select the Scope.
  6. Click OK.
Remember that a cell name should not contain any spaces. The uppercase and lowercase letters R and C are also not available as cell names, since they represent column and row. Furthermore, aside from letters, the first character of a cell name can also be a backslash or an underscore. The rest can be a combination of letters, underscores, periods and numbers, which can be up to 255 characters.

If you have further questions about changing the cell name in Excel, please don’t hesitate to give us a call.

Published with permission from TechAdvisory.org. Source.

March 20th, 2014

Security_Mar17_CAny business that employs technology in any aspect will eventually begin to worry about how secure their systems are. In order to ensure security, many companies implement a security strategy. While these strategies are a great way to ensure the security of your business systems and data, there is one element that many business owners forget: The audit.

Auditing and the security security strategy

Auditing your company's security is important, the only problem business owners run across is where and what they should be auditing. The easiest way to do this is to first look at the common elements of developing security strategies.

These elements are: assess, assign, audit. When you develop a plan, or work with an IT partner to develop one, you follow the three steps above, and it may be obvious at the end. In truth however, you should be auditing at each stage of the plan. That means you first need to know what goes on in each stage.

During the assessment phase you or your IT partner will need to look at the existing security you have in place. This includes on every computer and server and also focuses on who has access to what, and what programs are being used. Doing an assessment should give you an overview of how secure your business currently is, along with any weak points that need to be improved.

The assignment phase looks at actually carrying out the changes you identified in the assessment phase. This could include adding improved security measures, deleting unused programs or even updating systems for improved security. The main goal in this phase is to ensure that your systems and networks are secure.

Auditing happens after the changes have been made and aims to ensure that your systems are actually secure and have been implemented properly. Throughout the process you will actually need to continually audit and adjust your strategy.

What exactly should be audited?

When conducting an audit, there are three factors you should focus on:
  1. The state of your security - Changing or introducing a security plan usually begins with an audit of sorts. In order to do this however, you need to know about how your security has changed in between audits. Tracking this state and how it changed in between audits allows you to more efficiently audit how your system is working now and to also implement changes easier. If you don't know how the state of your security has changed in between audits, you could risk implementing ineffective security measures or leaving older solutions open to risk.
  2. The changes made - Auditing the state of your security is important, but you should also be auditing the changes made to your systems. For example, if a new program is installed, or a new firewall is implemented, you will need to audit how well it is working before you can deem your security plan to be fully implemented. Basically, you are looking for any changes made to your system that could influence security while you are implementing a new system. If by auditing at this point, you find that security has been compromised, you will need to go back to the first step and assess why before moving forward.
  3. Who has access to what - There is a good chance that every system you have will not need to be accessed by every employee. It would be a good idea that once a security solution is in place, that you audit who has access to what systems and how often they use them. This stage of the process needs to be proactive and constantly carried out. if you find that access changes or system access needs change, it would be a good idea to adapt your the security strategy; starting with the first stage.
If you are looking for help developing a security strategy for your business, contact us today to see how our managed solutions can help.
Published with permission from TechAdvisory.org. Source.

Topic Security
March 19th, 2014

BCP_Marc17_CIsn’t it disturbing how a disaster (whether man made or natural) can devastate your business? While disasters are inevitable, you can mitigate risks and lessen the damage to your business in the event of one through a DRP (Disaster Recovery Plan). While it may not seem important to some businesses, especially if yours has never been faced with a disaster, a DRP would be a good idea.

While there are several facets to a DRP that are going to determine whether it will be effective or not, making sure that you’ve considered these 5 tips is definitely a good start.

1.) Commitment from management

Because the managers are the ones who will coordinate the development of the plan and be the central figures who implement the recovery plan, it’s crucial that they are committed to it and are willing to back it up.

They will also be responsible for setting an allocated budget and manpower to creating the actual plan. That said, it’s very important that they know the concept behind it and how huge of an impact a DRP can have on a business.

2.) A representative on each department should be available when creating a DRP

It’s unthinkable to believe that your DRP is well optimized when you haven’t had a representative from each department coordinate with you while creating the recovery program.

Considering how they themselves are the front line of your organization with the best knowledge about how their department works, it’s a huge plus that you should take advantage of when creating a DRP.

With the representatives on your team, you’ll be able to see things from their perspective and gain first-hand knowledge from those who do the actual work.

3.) Remember to prioritize

In an ideal world, you should be able to restore everything at the same time after a disaster strikes. But since most businesses usually have a limited amount of resources, you will usually have to recover systems one at a time.

Because of this, you need to have a hierarchy or a sense of priority when determining which systems should be recovered first. That way, the most important systems are immediately brought back up while the less important ones are then queued in order of their importance.

4.) Determining your recovery strategies

This is one of the main focal points of a DRP since this phase tackles the actual strategies or steps that you’ll implement to recover your systems.

When determining your actual strategies, it's important that you brainstorm and think about all the options that you have to recovering your systems. Don’t simply stick with the cheapest possible strategy or even the most expensive ones.

You have to remember though that the simplest strategy to implement is probably the best one. That is, as long as the simplest strategy covers the critical aspects of your system recovery.

That said, avoid over complicating your strategies as you might face unnecessary challenges when it comes to the implementation of the recovery strategy.

5.) Do a dry run at least once a year

Your DRP shouldn’t end with the concept alone. No matter how foolproof you think your strategy is, if you haven’t tested it you most likely have missed something important.

It's during the dry run phase that the need for extra steps (or the removal of one) are made even more evident. You can then start polishing your strategies according to how your dry run plays out. It would also be a good year to practice your plan each year and update it accordingly.

These tips will help you ensure that your DRP will remain effective should a disaster occur. If you’re having a hard time figuring out how to go about the process of creating a DRP, then give us a call now and we’ll help you with the process.

Published with permission from TechAdvisory.org. Source.