Businesses rarely address cybersecurity in their company policies. With cybercrimes becoming more prevalent, it's important you inform staff about the threats they could be exposed to. Make sure your business and employees are safe with these security policies.

Internet

In today’s business world, employees spend a lot of time on the internet. To ensure they’re not putting your business at risk, you need a clear set of web policies. This must limit internet use for business purposes only, prohibit unauthorized downloads, and restrict access to personal emails on company devices. You can also include recommended browsing practices and policies for using business devices on public wifi.

Email

Just like the Internet policy mentioned above, company email accounts should only be utilized for business use. That means your employees should never use it to send personal files, forward links, or perform any type of business-related activities outside their specific job role. Additionally, consider implementing a standard email signature for all employees. This not only creates brand cohesion on all outgoing emails, but also makes it easy to identify messages from other employees, thus preventing spear phishing.

It’s one thing to collect your business’s data, but turning that information into insights that propel your organization toward growth is quite another. Analyzing your data can be daunting, but it shouldn’t get pushed to the bottom of your to-do list. Here are a few tricks you can use to make better forecasts.

Many businesses shy away from data analytics due to the perceived costs and resources required to get anything of value. However, even the most humble mom-and-pop stores and home-based entrepreneurs have access to a broad range of worthwhile information.

It doesn’t make sense to spend half your week mired in spreadsheets and charts if you’re not extracting information that helps increase revenue. Basic data analytics solutions from companies like Microsoft and Google offer solutions to streamline the collection and examination of company information. But with an array of different tools to choose from, what should you consider before investing in one?

How easy is it to use? There’s no point investing in a dashboard solution if you don’t understand the way the insights are presented. Analysis functions must be straightforward and user-friendly.

Nowadays, business owners have a number of social media accounts used for various purposes, whether it’s to communicate with existing and potential customers, to showcase and announce their latest products, or to expand their online presence. But, one wrong move is more than enough to tarnish your organization’s hard-earned reputation. So watch out for these common online reputation management mistakes.

Your online reputation will not take care of itself

Assuming that your enterprise doesn’t need an online reputation management (ORM) strategy is the most common ORM mistake business owners should avoid and, probably the first one as well. Just because your business’s reviews were positive today, doesn't mean they will be tomorrow. Your online reputation can change in an instant.

Think about it: The key to protecting your business from the harmful bad reviews is a good ORM strategy. In short – this is a process that could make or break your reputation, and you should be extra careful. The more work you put in ORM, the more control you have over what appears in search engines for your products or services.

Expressing your personal opinion

The growing market for cybersecurity products is a sign that businesses are taking the issue seriously. But before your company jumps into investing in any product, ask yourself if it’s really necessary. Find out how you can make the most out of cybersecurity products by conducting a risk assessment.

Uncover threats and vulnerabilities

Every business should evaluate the current state of its cybersecurity by running a risk assessment. Doing so is one of the easiest ways to identify, correct, and prevent security threats. After discovering potential issues, you should rate them based on probability of occurrence and potential impacts to your business.

Keep in mind that risk assessments are specific to every business and there is no one-size-fits-all approach for small business technology. It all depends on your line of business and operating environment. For instance, manufacturing companies and insurance groups have totally different applications to secure.

After tagging and ranking potential threats, you should identify which vulnerabilities need immediate attention and which ones can be addressed further down the line. For example, a web server running an unpatched operating system is probably a higher priority than a front desk computer that's running a little slower than normal.

Big companies like Yahoo, Target, and AOL are often at risk of data breaches because of the large volume of data they collect and store. And when a data breach occurs, individual users are the ones hardest hit. Luckily, there are a few things you can do to mitigate damage from disastrous data breaches.

Determine what was breached

Whether its names, addresses, email addresses, or social security numbers, it’s critical to know exactly what type of information was stolen before determining what steps to take. For example, if your email address were compromised, you’d take every precaution to strengthen your email security, which includes updating all your login credentials.

Change affected passwords immediately

Speaking of passwords, change yours immediately after any breach, even for seemingly safe accounts. Create a strong password comprised of alphanumeric and special characters, and make sure you never reuse passwords from your other accounts.

Once you’ve changed all your passwords, use a password manager to help you keep track of all your online account credentials.

If the website that breached your information offers two-factor authentication (2FA), enable it right away. 2FA requires two steps to verify security: usually a password and a verification code sent to a user’s registered mobile number.

Earlier this year, news broke that a malware strain named VPNFilter was infecting hundreds of thousands of devices. If you didn’t act then, now’s the time. Security experts have updated their threat assessment and its much worse than they originally thought. Small businesses are especially at risk and need to take action.

VPNFilter recap

A team of security researchers from Cisco released a report that a strain of malware had been discovered on hundreds of thousands of routers and network devices. Originally, researchers believed it affected only Linksys, MikroTik, Netgear, and TP-Link devices.

Like many malware strains, VPNFilter infects devices that use default login credentials. But it’s worse than the average cyberattack because it can destroy router hardware and cannot be removed by resetting infected devices.

As if destroying 500,000 routers wasn’t bad enough, VPNFilter lets its creators spy on networks and intercept passwords, usernames, and financial information.

What’s new

Just two weeks after VPNFilter was discovered, security experts announced that it targets 200,000 additional routers manufactured by ASUS, D-Link, Huawei, Ubiquiti, UPVEL, and ZTE. Worse yet, VPNFilter can alter data passing through infected routers. That means when you enter a username and password into a banking website, hackers could steal that information and show you an incorrect account balance to hide fraudulent deductions.

The Worldwide Developers Conference (WWDC) has developers meeting and joining discussions with more than a thousand engineers from Apple. What new products did the computer manufacturer have in store for consumers? Read on to find out!

A more personal, faster iOS 12

Apple has focused on improving the operating system’s performance so that iPads and iPhones become more responsive and work faster. The good news is that older devices that can still run iOS 11 will be compatible with iOS 12.

Developers tweaked the software to make apps launch quicker, especially the keyboard and camera. The latest version of iOS is designed to optimize its system when it is under load, so that Apple products run faster when the user demands higher performance.

Fresh features aimed at impressing consumers include the Memoji, an Animoji that users can customize to their preferences. Group Facetime supports video conferences of up to 32 individuals, and these fun tweaks can be used in both Facetime via the Effects camera and in Messages.

A smarter Siri

Apple’s signature digital assistant can now answer queries about motorsports, food, and famous people. There is a new Shortcuts feature integrated in the Workflow app, which allows users to automate various tasks in first- and third-party apps, to be triggered through Siri voice commands.

What’s the worst thing that could happen to your Internet of Things (IoT) devices? If you guessed ‘getting infected with malware,’ you’re right. Many users think IoT gadgets don’t need the same protections required for PCs, laptops, and smartphones -- but they do. There’s a new malware strain that attacks IoT-enabled devices, and you need to secure your IoT devices now more than ever.

What is the Hide And Seek malware?

The Hide and Seek (HNS) malware has created a "botnet" by quietly infecting thousands of devices using advanced communication methods. Without getting too technical, a botnet adds or “recruits” computers to their network to carry out malicious acts, such as overloading a network by telling every infected device in the botnet to try and connect at the same time.

The new HNS can’t be removed by resetting the infected device, which is the solution for most IoT malware strains. The new strain can also exploit a greater variety of devices and in less time than its predecessors. Experts believe it has already compromised more than 90,000 IPTC cameras and other devices.

IoT devices are easily hacked if they connect to the internet, which is home to opportunistic cybercriminals. And because businesses and consumers are expected to acquire and use more IoT devices (the market is expected to reach $1.7 trillion by 2020), it’s imperative to take cybersecurity precautions.

Within the last year, Chrome has helped users understand that HTTP sites are not secure. More websites use HTTPS, a safer protocol, than ever before. So, how can you benefit from this transition? Find out here.

For several years, Google has moved toward a more secure web by strongly advocating that sites adopt the Secure HyperText Transfer Protocol (HTTPS) encryption. And last year, Google began marking some HyperText Transfer Protocol (HTTP) pages as “not secure” to help users comprehend risks of unencrypted websites. Beginning in July 2018 with the release of a Chrome update, Google's browser will mark all HTTP sites as “not secure.”

Chrome's move was mostly brought on by increased HTTPS adoption. Eighty-one of the top 100 sites on the web default to HTTPS, and the majority of Chrome traffic is already encrypted.

Here's how the transition to security has progressed, so far:

• Over 68% of Chrome traffic on both Android and Windows is now protected
• Over 78% of Chrome traffic on both Chrome OS and Mac is now protected
• 81 of the top 100 sites on the web use HTTPS by default

HTTPS: The benefits and difference

Blessed are today’s businesses for having the benefits of technology to make operation more efficient. Apps have been a big help in streamlining business processes across industries. But at the same time, these programs may cause error and confusion when unorganized — and that translates into lowered productivity.

How app confusion occurs

A new study conducted by CITE Research shows that a surplus of apps is causing a great deal of confusion in the workplace. Among the 2,000 workers from the US, UK, and Australia surveyed, 69% wasted as much as 32 days a year navigating between apps — that’s an hour of productivity lost every single day.

The same research — entitled From Work Chaos to Zen: How Application Overload Redefines the Digital Workplace — reveals the biggest problem is with communication apps and channels. On average, a single worker juggles four communication apps every day, which is pretty much like holding four conversations at one time. It’s even worse for 20% of the respondents who said they use six or more.

Furthermore, the average worker flips between apps as frequently as 10 times per hour, which means more time wasted. 56% of respondents felt that searching for information stored across different apps was disruptive while 31% said it caused them to lose their line of reasoning. It's tempting to see each individual app as a problem-solver, but when looking at the bigger picture, it could be causing problems.

Facebook is no longer the most popular social media platform for US teens. According to a recent survey by Pew Research Center, only 51% of US teens aged 13 to 17 years are using Facebook. This is much lower than the shares for US teenage Snapchat users (69%), Instagram users (72%), and YouTube users (85%).

Reasons for user demographic shift

The same survey found that only 10% of US teens use Facebook most frequently, unlike other platforms like Instagram (15%), YouTube (32%), and Snapchat (35%). There are two main reasons why Facebook is no longer the first social media choice for US teenagers: visual content and control.

#1. Visual Content

The current youth demographic group favors visually appealing posts. As a result, teens prefer platforms like Instagram and Snapchat that allow them to beautify their photos and instantly share them with their friends. This is unlike Facebook where users can only upload, share, read, and like curated posts, which is deemed “uncool” by teenagers.

#2. Control

Youngsters are known to be highly expressive, but this is impossible to do if they’re friends with their mom, dad, or other adults on social media. Snapchat and Instagram solve this by allowing teens to control who’s able to see their posts. What’s more, Snapchat and Instagram stories allow users to send time-limited messages. Unlike regular Instagram posts, Instagram stories allow users to share images or videos on their app immediately. These images and videos will then be removed from the platform after 24 hours, similar to how Snapchat works.

Microsoft recently announced plans to eventually stop the activation of Silverlight, Shockwave, and Flash content in Office 365. This is not just the developers disabling bugs with an option to click a link or button to look at content. Within a few months' time, Flash will be gone from Office 365 for good.

What media will be affected once this is implemented?

Microsoft Silverlight and Adobe Flash or Shockwave content that uses Microsoft’s OLE (Object Linking and Embedding) platform and the “Insert Object” feature will be blocked. However, media that uses the “Insert Online Video” control via an Internet Explorer browser frame will not be affected by this change.

The following timeline shows the various changes that will take full effect by January 2019:

• Controls in the Office 365 Monthly Channel will be blocked beginning June 2018.
• Controls in the Office 365 Semi-Annual Targeted (SAT) Channel will be blocked beginning September 2018.
• Controls in the Office 365 Semi-Annual Channel will be blocked beginning January 2019.

Why did the developers choose to take out the embedded content?

Microsoft pointed out various reasons for making their decision. It cited that malware authors have been exploiting systems through Word, Excel, and PowerPoint files with embedded content, and that most Office 365 users did not use or rarely use the controls anyway.

The healthcare industry is unique in that the biggest data security threat comes from insider breaches.The main reason for these unauthorized hacks is financial gain. So how can healthcare organizations protect themselves against insider threats? Read on.

#1 Educate - The workforce (meaning all healthcare employees) must be educated on allowable uses and disclosures of protected health information (PHI) and the risk associated with certain behaviors, patient privacy, and data security. For example, when a celebrity is admitted to hospital, employees may be tempted, just out of curiosity, to sneak a look at their medical records, so this must be emphasized as a definite no-no.

#2 Deter - Policies must be developed to reduce risk and those policies must be strictly enforced. The repercussions of HIPAA violations and privacy breaches should be clearly explained to employees. They can be penalized huge amounts of money and violations can also carry criminal charges that can result in jail time.

#3 Detect - Healthcare organizations should implement technology to identify breaches rapidly and user-access logs should be checked regularly. Organizations need to have a strong audit process and ensure that they are regularly monitoring and updating access controls so only authorized personnel are looking at sensitive patient data, and that attempts by unauthorized personnel don’t go unpunished.

A destructive, new malware has surfaced in at least 500,000 home and business routers across 54 countries. Security researchers warned that the infected devices could “self-destruct” as the said malware named VPNFilter can maintain presence even after a successful reboot.

How VPNFilter Works

Talos cited the vulnerable devices as Linksys, MikroTik, Netgear, and TP-Link networking equipment, as well as network-attached storage (NAS). Upon infecting a small office home office (SOHO) router, VPNFilter deploys in three stages.

In stage 1, the malware imposes its presence by using multiple command-and-control (C2) infrastructure to capture the IP address of the existing stage 2 deployment server. This makes VPNFilter so robust that it can deal with any unpredictable changes in C2. This stage of the malware persists through a reboot, which makes preventing reinfection tough in stage 2.

Stage 2 involves deploying modules capable of command execution, and data collection and exfiltration. According to the United States Department of Justice (DOJ), this can be used for intelligence gathering, information theft, and destructive or disruptive attacks. Moreover, stage 2 malware has a “self-destruct” feature that once activated by the hackers will overwrite a critical area of the device’s firmware so it stops functioning. This can happen on almost every infected device.

Imagine having artificial intelligence assistants (AI) like Siri or Cortana as your company’s customer service agents. It sounds fantastical now, but it’s slowly turning into reality. For many organizations, integrating AI into their systems is the next logical step in innovating customer support.

How AI capabilities enhance customer service

AI has two capabilities that enhance customer service: machine learning and natural language processing.

Machine learning studies historical customer data in your systems and equips your customer service staff with all the information they need to address concerns much faster and provide personalized product suggestions, discounts, and offers. It’s the same mechanism that enables Facebook to suggest friends and brands to add or follow, and allows Amazon to personalize product recommendations.

On the other hand, AI’s natural language processing capabilities make it possible for businesses to deploy computerized customer service systems that don’t require human support staff. AI-enabled systems can ‘talk’ to customers via software similar to that of Apple’s Siri, Google’s Alexa, and Windows’ Cortana.

Automated, accurate, and agile responses

For most people, social media is a convenient way to stay in touch with family and friends. For a small group of people, it’s an opportunity to profit off other people’s trust. Here are some things you can do to continue enjoying Facebook and Twitter without compromising your privacy.

Lockscreens exist for a reason

Make sure all your computing devices lock the moment you stop using them. This way, you are safe from the simplest hack of all: someone opening a browser on your computer that has your social media login saved. As long as your password isn't your birthday or anniversary, you'll be forcing hackers to work for access to your account.

Strong passwords are never out of fashion

Unlocking your phone may be limited to a six-digit passcode, but you'll need something much more complicated for your account password. The first thing you'll need to do is create a password that isn't used for any other account. Because data breaches have become such a regular occurrence, hackers probably have a long list of your favorite passwords from other websites and platforms.

In this case, it is best to use a password manager like an app or online service that allows you to generate and retrieve complex passwords.

Regardless of your company's size, social media marketing is a valuable tool you can't afford to ignore, especially if your business is brand new to the marketing world. Here are some tips you can take away to start making some noise in the social media stratosphere.

#1 Prove you’re an expert

It’s important to know everything there is about your product/brand, and often it's a good idea to know even everything beyond it. According to PR firm founder Heather DeSantis of Publicity For Good, one needs to “transition from being a business owner and someone selling a product to a thought leader. You have to have actionable tips that other small-business owners can take action on”.

#2 Establish profiles on major social media sites

Take time to figure out which social media sites your target customers frequent. Then set up pages or profiles on those sites -- and post content regularly, at least once a week. To post to multiple social media platforms at a time, consider using a service such as Hootsuite. Once profiles are up and running, don't let them fall behind. Outdated profiles are almost as bad as nonexistent ones.

#3 Create fresh, shareable content

New threats to businesses’ precious employee and customer data emerge every day, so the only surefire way to protect your files from viruses, theft, and other unforeseeable disasters is to partner with a leading cloud backup provider. With a basic understanding of how cloud backups work, you can set up a plan that is economical and customized to the needs of your business.

How should you go about choosing a cloud backup provider? Let’s take a look:

Learn more about their storage capacity

Before partnering with a cloud backup provider, ask them where they store their data. Many providers use cloud servers over which they have little control, which could be hazardous as it makes it harder to monitor activity and respond to anomalies. To avoid this fate, choose a backup service that operates their own cloud-based servers.

Next, you will have to determine whether your business assets can be backed up, since some cloud storage providers do not have the capacity to save bigger files like videos or other multimedia files. By asking these questions, you can find a cloud backup service that fits your business needs, and more importantly, can take care of all your files.

Before Social Media platforms like Facebook went live, HIPAA was established to protect the privacy of medical providers and their patients. And although there are no specific rules for Social Media use, every healthcare organization must implement security protocols that adhere to privacy policies.

On April 14, 2003, the "Health Insurance Portability and Accountability Act" (HIPAA) became law with the goal of protecting the privacy of patient medical records, hospitals, doctors, and health plans. The regulations set forth by this legislation allowed patients to freely access their medical records and gave them more control over the disclosure and use of their private health information.

Billions of people consume Social Media content every day, and over 30% of healthcare professionals use the same platforms to build and expand their professional network. There are advantages to utilizing Social Media in the medical field, such as notifications about new services, and interacting with patients. However, there is a possibility that using this platform the wrong way will lead to violations in patient privacy and HIPAA regulations.

Businesses have made lots of money using social media to engage with current and potential customers for years now. But after a recent breach, some users are reevaluating Facebook's reputation. Read on to know how this concerns you and if you must do something about it.

Last month, news broke that a firm known as Cambridge Analytica collected private data from over 50 million Facebook users. The British company supposedly used this information in 2016 to influence voter behavior during the US presidential election and UK’s Brexit campaign.

How did they harvest the data?

In 2015, a Facebook personality quiz app called "This is Your Digital Life" was created by Cambridge psychology professor Aleksandr Kogan. Around 270,000 Facebook users signed up and gave information about themselves in exchange for humorous results.

What users didn't know was that Kogan's firm, Global Science Research, struck a deal with Cambridge Analytica to share the information that was gathered. Aside from collecting information about the Facebook users, the app also mined some data about the users' friends.

Information collected was based on:

• Data from other platforms that are also owned by Facebook, including Instagram and WhatsApp
• Advertisers and other third-party partners
• Apps and websites which use Facebook services
• Your location
• The devices you use for Facebook access
• Payments handled by Facebook
• Your Facebook connections and networks
• Messages, photos and other content that other users send to you
• The information you disclose to Facebook
• Your activities on Facebook

Mobile devices, such as smartphones and laptops, have changed the landscape of business organizations everywhere. Nowadays, businesses arm their workers with these devices in the field, making mobile performance and connectivity highly essential. Optimizing IT systems for mobile workers isn't easy, but there are a few simple tricks you can try.

The ability to manage the workforce out in the field requires a modern support infrastructure called mobile performance management. It includes the top five tips to keep field workers connected: optimizing traffic, applying control, measuring performance analytics, simplifying data security, and identifying the root cause of connectivity issues.

Optimize

Although the latest apps on the market can maximize productivity for the mobile workforce, these apps come with a certain risks: stability issues that could lead to the apps crashing while out in the field. If you are your company’s IT decision-maker, be cautious of untested apps, and consider blocking heavy bandwidth apps to streamline data flow when signal strength is weak.

Control

Another thing you can do with mobile performance management solutions is blocking personal apps and unsafe WiFi networks. Both of these create serious security risks that could lead to costly data theft or loss.

When talking about cyberattacks, the first one that usually comes to mind is phishing, a scam that uses email to spread malware or steal personal information. But hackers have a new method to infiltrate your systems, and it’s surprisingly effective. Here’s what you need to know about watering hole attacks.

What are watering hole attacks?

Much like phishing, a watering hole attack is used to distribute malware onto victims’ computers. Cybercriminals infect popular websites with malware. If anyone visits the site, their computers will automatically be loaded with malware.

The malware used in these attacks usually collects the target’s personal information and sends it back to the hacker’s server. Sometimes the malware can even give hackers full access to their victims’ computers.

But how does a hacker choose which websites to hack? With internet tracking tools, hackers find out which websites companies and individual users visit the most. They then attempt to find vulnerabilities in those websites and embed them with malicious software.

Any website can fall victim to a watering hole attack. In fact, even high-profile websites like Twitter, Microsoft, Facebook, and Apple were compromised in 2013.

Despite internet connections that deliver information to the other side of the globe in milliseconds, countless industries still rely on slow and inefficient middlemen to complete transactions. From supply chain management to hi-tech contracts, blockchain isn’t just about money, it’s about an entirely new way to do business. Just look at our examples.

What is blockchain?

Blockchain, like the cloud, is more of a concept than a specific piece of software or hardware. It’s the idea that if you store a spreadsheet or ledger on a hundred different computers -- each of which receive automatic and encrypted updates -- it’s nearly impossible to create a fraudulent entry. If someone adds a line of false information to one spreadsheet, 99 others can confirm it is not in their copy and is therefore inaccurate.

In the Bitcoin ledger, each line represents the transfer of funds from one account to another. So if John wants to transfer money to Jane, he sends a request to Bitcoin’s blockchain and thousands of computers confirm his account information is correct and he has sufficient funds. The money is transferred, both account balances are updated, and the whole process takes less than an hour with almost no human interaction. Much faster than the 5-7 business days of most banks.

Facebook users woke up to a nightmare when they heard that the social media giant and associated app developers were selling their sensitive data to companies, like Cambridge Analytica, without their consent. So if you're concerned about being one of the 50 million users whose data have already been sold, you should check out the following 3 tips.

Download your Facebook data

The thought of a complete stranger going through your account is pretty disturbing. Yet, you’re probably curious about the amount of information you uploaded to your social media sites over the years. Fortunately, Facebook allows you to download a copy of all your data. You simply have to log in to its web version and…

• On the site’s main navigation, click on the down button right next to the Quick Help icon
• A menu will pop up and you’ll find Settings right above the Log Out option
• Click on Settings and you’ll automatically be redirected to General
• Within the General page, press Download a copy of your Facebook Data
• It will redirect you to a different page where you’ll need to press Start My Archive button to proceed with the download process

Paying and filing taxes is already annoying without the threat of refund fraud or identity theft. But phishing schemes, especially during tax season, have become so widespread that you’ve probably already received spoofed emails or calls during the last few years. To maintain the security of your business, you and your employees need to be extra cautious with the emails you receive at tax time.

Phishing baits to watch out for

Phishing attacks often consist of fabricated or compromised emails sent to finance/payroll or human resources employees that are made to look like they're from an executive in your company. The message might contain a request to forward employee records, including their W-2 forms, but that’s not all...

Another common scheme, which doesn’t only happen during tax season, involves getting a call from a person declaring to be an IRS employee. And no, caller IDs won’t save you because they can forge that, too. The phisher will inform you that you owe them cash from back taxes and they will threaten legal action if you don’t pay via credit card at that instant.

Always remember, the IRS will never contact you on the phone to let you know that you owe them money. And they certainly won’t threaten you or demand payment over the phone. If they really need to notify you of such matters, they’ll use the postal service and will give you a chance to discuss payment terms.

Small-business owners with limited financial resources have to manage their office IT on their own. Although this might work for a while, it can grow into a massive problem when the business starts expanding. At that point, you’ll want to focus on that expansion, not repairing tech problems. This is where external IT support comes into play.

Access to new technologies and industry experts

Managed Services Providers (MSPs) are equipped with resources most small businesses can’t afford. They employ teams of experts in fields ranging from cybersecurity to data management to networking -- all available for you on an outsourced basis. For example, an MSP provides advanced security software and applications that can help your business avoid the risks of cyberthreat.

They also work with industry tech leaders who provide insights into upcoming hardware and software products in the market. This ensures you receive updated recommendations on the latest technologies so you can use them in your business, and they often come with deals and discounts that you wouldn’t normally have access to.

Knowledge from past breaches

External IT support providers have been helping businesses recover from all kinds of tech disasters since the dawn of hackers. They now have enough knowledge to prepare Data Backup and Disaster Recovery plans for you. This way, you and your team would still be up and running after suffering from an IT emergency without disrupting much of your business operations.

Everyone thought the worst was over when credit-reporting agency Equifax revealed that the credentials of 145.5 million people in the US were leaked. However, the company recently discovered that there are more victims from the major breach. Here’s everything you need to know.

What happened?

On March 1, Equifax reported that the names and driver’s license numbers of approximately 2.4 million Americans were stolen. According to the company, sensitive information like home addresses, home states, or the license issue and expiration dates were not leaked. Equifax said these breaches were discovered only recently because their forensic investigations primarily focused on stolen Social Security numbers.

In response, the company said that anyone affected would be notified directly. They’re also now offering a security program designed to prevent identity theft and credit tampering. However, given the company’s poor track record, not many are willing to enroll.

When the company first announced the breach in September last year, the tool used to check whether an account had been hacked didn’t work and came up with false positives. Fortunately, there are other things you can do to protect yourself.

Have you decided to build up your web presence and attract new customers using social media? Here are five tips on how small- and medium-sized businesses (SMBs) can turn likes into dollars.

#1. Choose the right platform

Between Facebook, Twitter, Instagram, YouTube, and LinkedIn to choose from, you may be tempted to sign up for more social media accounts than you’re ready to manage. It may not seem like much at first, but you'd be surprised by how quickly you can be overwhelmed by statuses, commenting on existing posts, and answering inquiries on every platform, which is why it’s better to adopt only a few platforms that can effectively attract your target customers.

Ask yourself these questions before deciding which platform to use:

• Who is my target customer and what channels do they use?
• What do I hope to gain by opening a social media account?
• What kind of content do I want to share and create?
• How much time can I devote to social media management?

#2. Know when to update

Are most of your customers online at 8am or 8pm? With a better understanding of your target users' habits, you can schedule your posts so they create more traffic, increase brand engagement and, eventually, generate new leads and customers.

Google applications mostly comprise collaborative tools that are regularly updated to address your growing needs. With their new Google Drive update, gone are the days of converting files just to add a comment because you can now easily comment on the files in the ‘Preview’ pane.

To reduce the hassles

Google Drive allows your team to seamlessly share files in the cloud and work on the go. The tech giant knows that businesses require all types of tools and files to finish certain tasks and responsibilities efficiently. This is why they eliminated the stresses of converting a document into a G Suite equivalent file just to allow commenting.

To ease your responsibilities

Google decided to enable comments directly on Microsoft office documents, images, and PDFs without any need for conversion. This is particularly helpful when you’re working with another firm, negotiating a sales transaction with a supplier, or discussing a contract with a customer. In each case, you'd likely deal with different file formats.

To improve collaboration

The most recent update allows you to comment on various file formats in Google Drive, akin to how you do it in Google Docs. In Drive’s ‘Preview’ pane, you can assign tasks, mention colleagues, or add notes, and your team will be able to respond even if they don’t use G Suite.

During the previous quarter, fake Chrome notifications urging users to dial a tech support number have grown dramatically. Research reveals that this tech support scam could possibly use an Application Programming Interface (API) to freeze the browser, convincing the user to get in touch with the support line and share their credit card details.

The End Game

The scam works by displaying an error message indicating a bogus security breach incident that renders a browser unusable. These scammers capitalize on the fact that a serious crash can't be solved by simply closing the site, thereby sending the users into a panic. This encourages them to dial the number listed on the warning message.

On the other end of the line, the scammers would pose as Microsoft or Apple representatives to convince users into surrendering their credit card details to repair a non-existing security issue. The scams are generally carried out through legitimate sites or malicious ads that have been hacked.

The Ingenious Process

This new scam operates against Chrome by corrupting the window.navigator.msSaveOrOpenBlob programming interface, which basically uses it as a form of distraction. The hackers manipulate the browser and forces it to save a random document on a disk repeatedly at super fast intervals that are impossible to notice. After five to 10 seconds, Chrome will be completely unresponsive.

You are probably already aware of Cortana, the Windows 10 AI personal assistant. Did you know that you can use it to improve the efficiency and productivity of your business? With a better understanding of its basic functions, you'll be on your way to becoming an AI-powered organization.

To take advantage of Cortana, you should enable it on your desktop first. The process is easy: Just press the Windows Key, type "cortana" and click on "Cortana settings.” From there, you can change whether it responds to your voice or get activated by a keyboard shortcut, and you can set other personal preferences.

Voice Reminders, Notes and Alarms

As soon as you enable “Hey, Cortana” on all your gadgets, you can begin using it to dictate notes, set alarms, and create reminders. Thanks to advancements in AI, Cortana should be able to recognize most natural-language requests, like "Wake me up at 9am tomorrow," or "Remind me to pick up my dry cleaning tomorrow."

Meanwhile, you can use it as a voice recorder during meetings instead of writing down notes. Just say, "Hey Cortana, make a new note in OneNote," and whatever is recorded will automatically be saved to OneNote!

Facebook recently announced a big change to its News Feed. In response to the backlashes it has been receiving -- mostly due to allegations of how social media causes depression and affects one’s political views -- it has decided to limit posts from businesses and share more posts from your friends on the News Feed.

Potential outcome for Facebook

One of the main sources of revenue for the social media giant is from its advertising program. But with the changes set to take place, there’s a high possibility that users will spend less time on its platform. This would mean comparatively less effective advertising than before, thus fewer advertisement signups from businesses.

While they do admit this move may potentially hurt profitability, Facebook hopes this change will improve user experience, which in the long-run may translate into higher profits.

Reason for News Feed change

One of the most frustrating things about using email is seeing dozens of spam messages every day. Fortunately, they’re just minor annoyances that are easy to remove from your inbox. However, hackers have developed a way to make spam much more insidious. Here’s what you need to know about modern spam attacks.

Understanding DSD

Distributed Spam Distraction (DSD) is designed to inundate your inbox with thousands of nonsense emails. There are no dangerous links, ads, or attachments involved, just random excerpts of text stolen from books and websites. What’s more, the email and IP addresses used are all different so victims can’t simply block a specific sender.

These attacks last anywhere from 12 to 24 hours and can flood inboxes with as many as 60,000 messages. While they may seem like harmless annoyances, the true purpose of DSD is to draw victims’ attention away from what hackers are doing behind the scenes.

And what they’re doing is exploiting your personally identifiable information (PII) to make unauthorized purchases or pilfer cash directly from your accounts. The DSD acts as a sort of smokescreen to hide payment confirmation messages behind a deluge of spam messages.

The massive success of ransomware like WannaCry and Petya have spurred other cybercriminals to develop their own ransomware and sell it on the black market. This means we can expect more ransomware attacks in the future. To prepare your business, you need virtualized disaster recovery solutions. Here’s why.

Virtual DR

Virtual DR solutions allow you to create point-in-time copies, or “snapshots,” of operating systems, data, and virtual machines as they appear at a given point in time. These snapshots can then be loaded onto any workstation with everything still intact. In the event of a ransomware attack, administrators can essentially roll back the system to a point before the malware hit.

What’s great about point-in-time copy features is that they are automated. Just schedule the snapshots, and your virtual DR software will do the rest. And although virtual DR solutions vary, most of them have the capacity to store thousands of point-in-time copies, giving you plenty of restore points to choose from.

Why virtual DR trumps traditional DR

Traditional DR methods don’t have these features. Even though most computer operating systems have a system restore functionality, modern ransomware strains are designed to disable them. On the other hand, virtual DR software isolates point-in-time copies and restore functionality from virtual machines, which means they can’t be affected if one virtual machine was compromised with ransomware.

When it comes to security updates, time is usually of the essence. The longer you wait to install a fix from a vendor, the higher the risk of being compromised. But in the cases of the Meltdown and Spectre flaws, you might be better off waiting until a more reliable patch is released. Let’s review what’s going on and what the best course of action currently is.

Unsecured data storage

Spectre and Meltdown are the names given to two hardware flaws that allow hackers to see any piece of information stored on your computer. Although slightly different in execution, both take advantage of a hardware feature that computer chips use to access and store private information. For the last 20 years, security experts believed this information could not be stolen or spied on by malicious software, but that assumption was proven false on January 3, 2018.

Now that the Spectre and Meltdown vulnerabilities are public information, hackers can use them to create programs that steal passwords, social security numbers, credit card numbers, and anything else you type into your computer.

Because these problems are hardware-based, none of the updates will be able to secure the vulnerable storage; they’ll simply prevent your computer from storing anything in it. Currently, there are patches for:

Smart business owners use uninterruptible power supply (UPS) for emergency situations like a storm, fire, or other disasters. Often, a UPS is deployed for desktop computers to give employees ample time to save their work and prevent losing unsaved work. An even better power-saving strategy in emergency situations, however, is to use UPS for networking equipment.

UPS for network equipment

UPS systems provide backup power in case of outages and protect against power surges, which don’t just damage computers but also make you lose unsaved work. Deploying them for Wi-Fi routers and modems allows you to stay connected to the internet in what is typically a chaotic time.

Moreover, it makes sense to not just keep your PCs powered up, but to also have internet access during a disaster. This strategy works relatively well if your staff are predominantly laptop users, as that means you only need to juice up your Wi-Fi gear.

Better than generators

Although generators are indispensable for certain businesses, they also require greater upkeep. Small- and mid-sized businesses may not have enough capacity to maintain them because they typically require a utility crew who can manage high-maintenance equipment.

Passwords are a double-edged sword. If you make them too simple, they’ll be easy to guess; if you make them too complex, they’ll be impossible to remember. One solution is to create an uncrackable password and save it to your browser. Unfortunately, recent research suggests that tactic could drastically reduce your privacy.

Why auto-fill passwords are so dangerous

In 2015, the average internet user had 90 online accounts, a number that has undoubtedly grown since then. This has forced users to create dozens of passwords, sometimes because they want to practice healthy security habits and other times because the platforms they’re using have different password requirements.

Web browsers and password manager applications addressed this account overload by allowing usernames and passwords to be automatically entered into a web form, eliminating the need for users to hunt down the right credentials before logging in.

The process of tricking a browser or password manager into giving up this saved information is incredibly simple. All it takes is an invisible form placed on a compromised webpage to collect users’ login information without them knowing.

With the tug-of-war between mammoth social media platforms for daily users, 2018 is poised to become the biggest year for technological advancements in the industry. As social norms related to social media change, here are the top 5 trends we expect to become mainstream this year.

1. The boom of Augmented Reality

   The launch of the new iPhones -- both 8 and X -- last September brought with it an under-the-radar change to the devices. The incorporation of a new chip provides iPhone users with extraordinary augmented reality (AR) experiences. While most conversations about AR focus on the mobile gaming experience, social media platforms will likely find a way to integrate the new technology as well.

2. Influencer marketing

   Influencer marketing has proven to be the best way forward for companies to connect with younger audiences. Titanic companies such as The North Face, HubSpot and Rolex are great examples of companies which have profited heavily from social media-based influencer marketing. By contrast, companies that opted for traditional strategies struggled to connect to social media users, indicating that influencer marketing is here to stay and blossom in 2018.

   more

It’s the perfect time of year to evaluate last year’s technology investments and make adjustments for the year to come. Whether 2017 left you with extra cash in your pocket or desperate for a better way to get work done, here’s a roundup of the best IT news from the past year.

Small businesses love the cloud

According to research from IDC, more than 70% of businesses with 10-99 employees took advantage of cloud technology in 2017, and that number is expected to rise this year. This is largely due to IT providers demonstrating that the cloud is just as, if not more, secure than on-premises solutions. The list of possibilities for what can be hosted in the cloud on a small-business budget is getting longer every day -- if you’re not devoting resources to this technology, it’s time to jump onboard.

Mobile payments earn users’ trust

Like the cloud, making credit card purchases using a mobile device suffered from a trust deficit in its early stages. For good reasons, consumers have been conditioned to treat IT security with caution, and storing financial information on a smartphone that could wirelessly transmit that information to cashiers sounded dangerous.

When you visit an encrypted website, the connection between the source of the web page and your browser is secure. Encryption ensures users’ browsing habits are safe from hackers’ prying eyes, but phishing scammers have found a way to adopt it for their own schemes.

How hackers use encryption to carry out phishing scams

According to recent research, 24% of phishing scams in 2017 use web encryption -- an astounding increase from last year’s 3%. This means more HTTPS sites may not be truly safe.

Phishing scammers rely on their victims to do what they ask, which is why it’s so effective. And with this new trick, unsuspecting users are more likely to be deceived. What makes this encryption-aided scam even more effective -- and dangerous -- is that it makes hackers’ phishing email or text that much more authentic-looking.

For example, if you receive an email that purports to be from Amazon and includes a link to an encrypted site, there’s now a slightly higher chance you’d believe this email is the real deal. Clearly, if you’ve never purchased anything from Amazon, you’d know that this is a fake. But then again, there are millions of Amazon customers who could be misled into thinking that that email is legitimate.

Your employees access applications and confidential business data every day. Hackers, on the other hand, are trying to do the exact same thing but for more malicious reasons. To make matters worse, even employees can go rogue and steal your data, which is why it’s crucial that you have an IAM solution in place.

What is IAM?

Identity and access management is a system that secures, stores, and manages user identities and access privileges. It ensures that users are who they say they are and will grant access to applications and resources only if they have the permission to use them.

Some of the most common IAM solutions include single sign-on (SSO), multi-factor authentication (MFA), and access management, all of which can be deployed on-premises or in the cloud.

Why is it so important?

Modern technology enables businesses to be more agile and efficient than ever before. For instance, the cloud lets your employees work from anywhere at anytime on any device. However, this means that your workforce has moved beyond the protections of on-premise security.

That’s why you need to embrace another security solution, one that focuses on identity rather than physical or network security, which is exactly what IAM was designed for. It makes sure that your employees, customers, and partners are who they say they are and are only able to access the resources they need, nothing more. And that’s just scratching the surface on how IAM can benefit your company.

With over 1.3 billion monthly active users, Facebook’s Messenger app is an unprecedented success. Facebook is now looking to fully utilize the potential of this monster user base and has therefore added a feature for improving connectivity between local businesses and consumers. Read on to learn how this feature could benefit you!

The How

By installing a plug-in called Customer Chat, retailers can integrate Facebook Messenger with their website, letting their customer support representatives carry on conversations with clients just like they would on Facebook.

Customer Chat also saves conversation histories, meaning a user can be talking to a customer representative on their website and then continue the conversation once they shift to Facebook -- without having to start a new conversation. Customer Chat is now open to any business in the form of an ‘expanded public beta.’

Here’s Facebook’s guide detailing how to install Customer Chat.

Facebook’s Grand Plan

Like all new services, the success depends on the users. Customer Chat’s primary user base seems to be those who lack the time or confidence involved in sending a formal e-mail for a casual business inquiry.

Installing powerful antivirus software and setting strong passwords are no longer considered the bare minimum in cybersecurity. With hackers, government agencies, and ISPs constantly monitoring networks and your online habits, hopping onto a Virtual Private Network (VPN) is crucial for keeping your surfing habits private. Here’s why.

What is VPN?

Simply put, a VPN is a group of servers you connect to via the internet. Once you’ve established a connection, your computer acts as if it’s on the same local connection as the VPN, making it seem like you moved to a different location.

When you surf the web through a VPN, all the data transmitted and received is also encrypted, preventing anyone -- from hackers to government agencies -- from monitoring your online activities.

Why should you have one?

Of course, security and privacy are major reasons why you would want a VPN. For example, if you’re connected to a public WiFi network -- like the ones you typically see in local cafes and airports -- using a VPN encrypts the information you’re sending or accessing online. This means things like credit card details, login credentials, private conversations, or other sensitive documents can’t be intercepted by a third party.

At Microsoft’s 2017 Ignite conference, three new apps were announced that help small businesses streamline everyday tasks. The apps -- Connections, Listings, and Invoicing -- spent a few months as limited previews, but are now available to anyone with an Office 365 Business Premium subscription. Let’s take a look at what they do and how to enable them for your team.

Microsoft Invoicing

Word and Excel have hundreds of templates for generating company invoices, but this new app does much more than just create documents. Invoicing allows you to store the names, descriptions, and prices of your products and services in a connected database. You can also store your tax information, company logo, and a click-to-pay PayPal badge, which means half of the necessary information is automatically filled out the moment you click Create.

In addition to clean and professional looking documents, Invoicing also makes it easy to organize, store, and search past invoices thanks to a built-in QuickBooks integration. Last but not least, all of this is easily accessible from Microsoft’s mobile app.

Microsoft Listings

With its centralized dashboard, Listings allows you to manage and update company details displayed by Google, Facebook, Bing, and Yelp. It also helps you monitor your company’s online reputation by tracking page-views, company reviews, and Likes.

Your passwords are the gateway to your files, money, and identity, so it’s no surprise that hackers are constantly trying to steal them. Most cybercriminals will use malware to do the trick, but they also have other means at their disposal. Google’s year-long security investigation provides the details.

The results

From March 2016 to March 2017, Google and UC Berkeley researchers examined three main ways hackers hijack accounts:

• Keylogging software - a malicious program that records computer users’ keystrokes
• Phishing emails - to lead people into dangerous websites
• Stolen passwords - available to the highest bidder

In just one year, Google found 788,000 successful keylogging attacks, 12.4 million victims of phishing attacks, and 1.9 billion accounts exposed via login credentials sold on the black market.

Researchers suggest the reason so many accounts are hacked is because people tend to reuse their passwords, which means if one set of login credentials is exposed, other accounts could be compromised.

Phishing is also a big threat because it targets users -- the weakest links in your cybersecurity. The strongest password or security system won’t mean anything if your employees constantly fall for online scams.

For most people, Google is the first stop when searching for a specific business. And in some cases -- like searches for gyms and beauty salons -- people are using Google to help them contact the business about an appointment. Now, the search giant has made that possible right from its results pages.

How to edit your business’s Google listing

When someone types your business’s name and location into Google.com, a “Knowledge Panel” is displayed on the righthand side of the search results with information about your office. If your business doesn’t have a Knowledge Panel, you can change that by opening a free Google My Business (GMB) account.

The GMB platform lets you link to your website, update office information (address, hours, phone number, etc.) and choose which photos Google associates with your company. GMB also gives you data about how many people:

• Saw your business’s Knowledge Panel in search results
• Visited your website by clicking somewhere in the Knowledge Panel
• Asked for directions via the Knowledge Panel

What’s new with GMB?

In the summer of 2017, Google announced that business owners could customize “Posts” in their Knowledge Panel. Posts are made up of a 100-300 word caption, an image and a call-to-action button, such as Learn More, Sign Up, Buy, etc. Posts automatically expire after seven days, which makes them perfect for sales, events and content marketing.

Strategies for attracting new customers are always changing, and Google is shaking things up yet again. Apart from well-placed keywords and link-worthy content, reviews from sites like Facebook and Yelp will be displayed in the search results.

How Google changed search results

Google’s new search algorithm is designed to lead people to high-quality products and services. For instance, if you search "Acme Group Inc.", Google will show you something called a Knowledge Panel. Displayed on the right side of the search results, this panel includes information like address, hours, web address and more.

Over the last year, Google has been automatically aggregating and including online reviews to display in the Knowledge Panel.

Which review sites does Google include?

Relevant sites vary from industry to industry, so if you manage a restaurant, reviews from Yelp or Zagat will likely be displayed next to your online listings. If your business is a bit more niche, however, there are a few steps to determine which review sites affect you.

Go to Google and search for the following:

• “[your company name] reviews” - to locate sites that already have reviews on your business
• “[industry] reviews” - to determine industry review sites that you should be listed on
• “[industry + location] reviews” - to find review boards where you can boost your local presence

For ages, most people assumed that setting a strong password on their WiFi router was enough to prevent cyberattacks, but recent events prove otherwise. Two Belgian security analysts have found a serious weakness in WiFi networks, called KRACK, that puts your wireless devices in danger.

What is KRACK?

Simply put, KRACK, short for ‘key reinstallation attack,’ allows hackers to bypass WPA2 -- a security protocol used by routers and devices to encrypt activity -- and intercepts sensitive data passing between the mobile device and the wireless router, including login details, credit card numbers, private emails, and photos.

In extreme cases, KRACKed devices can be remotely controlled. For example, hackers can log in to your surveillance systems and shut them down.

What’s worse, Internet of Things devices -- like smart thermostats and IP cameras -- rarely receive security fixes, and even if some are available, applying patches are difficult, as these devices tend to have complex user interfaces.

The good news, however, is you can do several things to mitigate the risks.

Download patches immediately

According to recent reports, security patches have already been released for major platforms, including iOS, Windows, and Android. Router manufacturers such as Ubiquiti, Mikrotik, Meraki, and FortiNet have also issued firmware updates, so make sure to install them as soon as possible.

Mark Zuckerberg and Elon Musk are not the only ones dabbling with AI and machine learning. According to Cisco, these technologies might be key to the future of IT system management and business continuity, both of which have grown increasingly complex over the years.

Artificial intelligence (AI) and machine learning are extremely useful in helping us sift through massive amounts of information, and networking behemoth Cisco recently announced that they will be incorporating these technologies with two of their services.

Business Critical Services

This suite of services uses AI-powered automation, compliance, security, and machine learning analytics tools to reduce the complexity of IT systems management. It helps monitor the health of your business services and mitigate risks via automated compliance and remediation audits.

You can also replicate your network to improve reliability between your hardware and software components, and deploy features with automation capabilities.

Cisco High Value Services

This product support model provides network, software, and solution support using advanced analytics and best practices to access infrastructure performance and remediate issues. Cisco aims to improve business continuity and reduce resource constraints with remote monitoring, automated incident detection, and high SLAs.

A password policy designed for federal agencies must be secure, right? Surprisingly, that hasn’t been the case according to the National Institute of Standards and Technology (NIST). On the hook for the password best practices that we still use today -- the combination of letters, capitalizations, and numbers -- NIST admits that the existing guidelines were misguided. Find out why and how it involves you.

The problem

The issue isn’t necessarily that NIST advised people to create passwords that are easy to crack, but it did steer people into creating lazy passwords, using capitalization, special characters, and numbers that are easy to predict, like “P@ssW0rd1.”

This may seem secure, but in reality, these strings of characters and numbers could easily be compromised by hackers using common algorithms.

To make matters worse, NIST also recommended that people change their passwords regularly, but did not define what it actually means to “change” them. Since people thought their passwords were already secure with special characters, most only added one number or symbol.

NIST essentially forced everyone, including you and your colleagues, to use passwords that are hard for humans to remember but easy for computers to guess.

There are only so many hours in the workday, so making the most of your time is vital. If distracting websites, unorganized files, and cluttered inboxes prevent you from getting work done, consider using these tips to better manage your time and stay productive at work.

Monitor productivity levels

Start by tracking how much work you complete on an average day. Google Chrome Extensions like RescueTime record your most frequently visited sites, and track how much time you spend away from your computer. Running the app will provide you with a productivity rating and a detailed log of how you spend an average day.

If you find out you’re wasting a huge portion of your time on social networking, you’re more likely to make conscious adjustments on how you manage your time.

Get rid of clutter

Another way to increase output is by deleting old files, uninstalling unused programs, and organizing documents into appropriately labeled folders. This makes your work easier to find and improves your computer’s performance.

As for the clutter in your email inbox, Gmail and Outlook both have features that filter out unimportant messages. Simply enable Priority Inbox on Gmail or Clutter on Outlook to get a clean, spam-free inbox.

Facebook’s not only for posting cat photos, complaining about restaurants, or stalking your ex, it’s also an incredibly effective advertising platform. From small businesses to big corporations, anyone can benefit from Facebook's marketing tools. Read on to leverage Facebook to your advantage.

Why advertise on Facebook?

Above all else, the cost-effectiveness of Facebook advertising sets it apart from other marketing channels. The starting cost is as low as 1$ per day, which is ideal for SMBs that want to test small campaigns before investing more.

Beyond its affordability, Facebook advertising is also extremely effective. With 2 billion monthly active users and the ability to nail down your audience to the most specific details -- including their interests and online behavior -- it’s no surprise that Facebook advertising had the best return on investment compared with other social media platforms according to a survey of social media marketers worldwide.

Before you get started

As with other traditional marketing campaigns, before beginning a campaign, you need to determine your marketing objectives, audience, budget, and how you want your ads to look. Once you have the answers to all those questions, you’re ready to go.

What would you do right now if you discover that your business’s database is hacked and a huge number of your customers’ data gets leaked? Speechless, with dismay, but you need to act, decently. In this case, it helps to have a good incident response plan in place, so your business won’t suffer the same fate as Equifax, which is an interesting story we’re about to tell.

What happened to Equifax?

Equifax, the huge American credit agency announced in September 2017 that its database was hacked, resulting in a leak of tons of consumers' private data, including personally identifiable information of around 143 million US citizens. It included names, social security numbers, addresses, birthdates, and credit card and driver’s license numbers.

Equifax responded by setting up a new site, www.equifaxsecurity2017.com, to help its customers determine whether they had been affected and to provide more information about the incident.

Soon after, Equifax’s official Twitter account tweeted a link that directed customers to www.securityequifax2017.com, which is actually a fake site.

Fortunately for Equifax’s customers, the fake phishing site was set up by a software engineer who wanted to use it for educational purposes and to expose flaws in Equifax’s incident response practice. So, no further harm was done to the already-damaged customers, and Equifax is left with even more embarrassment.

When small- and medium-sized businesses expand, they need tools that can support their growth. For many, this includes cloud productivity software and managed IT services. And if you need tools for accounting, project planning, supply chain management, and sales, there’s enterprise resource planning (ERP) software.

What is ERP?

Simply put, ERP software integrates various aspects of your business -- from accounting and human resources to production and sales -- into one system where you can easily manage tasks and process data.

The key feature of any ERP system is a central database that gives users a complete summary of financials, sales figures, and other important metrics. In practice, this means employees in different departments can rely on the same information without your having to reenter that information into a different database.

But simplicity is only one of many benefits.

Enhanced reporting

With business information consolidated in one location, you can generate comprehensive reports and analytics at any time.

One of the most popular uses for this feature is financial reporting. General ledgers, revenue recognition, and tax reporting functionality are built into most ERP software solutions, allowing you to balance the books in seconds.

With the popularity of Office 365, hackers are trying to find new ways to exploit its users, and they’ve come up with a new idea: a credential-harvesting campaign that uses personalized spear-phishing mails as a tool. If you’re an Office 365 user and don’t want your account compromised, read on.

What makes it different from other scams?

The new threat comes in the form of spear phishing, an old familiar method in which hackers send emails that purport to be from trusted sources and dupe you into disclosing sensitive information. In this particular attack, the email messages are admirably well-crafted, making them even harder to spot.

The emails are also rid of the usual telltale signs such as misspelled words, suspicious attachments, and dubious requests. You might have to recalibrate what you know about phishing scams, because this new threat ticks all the boxes that make it look legitimate.

How does it work?

The hackers behind the attack craft personalized messages, pretending to be from trusted sources, such as your colleagues or Microsoft itself, and send them to your inbox. The messages could contain a link or a PDF file that leads to a legitimate-looking landing page. Upon clicking the link, the user will be prompted to enter his or her credentials, which the hacker will use to launch attacks within the organization.

Hurricanes Harvey and Irma have already caused billions of dollars in damages, but hurricane season is far from over. Experts are predicting that there will be five more major tropical storms through October, and if they present risks to your business, it’s time to establish a watertight disaster recovery (DR) plan. Here are a few things you need to consider.

Pay attention to location

First and foremost, your backup site should be in a hurricane-free zone. Ideally, your offsite facility should be located at least 100 miles away from your main location. If this isn’t possible, make sure it is built to withstand wind speeds of 160 mph (as fast as Category 5 storms), and is supported by backup generators and uninterruptible power supplies.

You should also request an upper floor installation or, at the very least, keep critical IT equipment 18 inches off the ground to prevent water damage.

Determine recovery hierarchy

Certain parts of your IT are more mission-critical than others. Ask yourself which systems or data must be recovered in minutes, hours, or days to get your business back to running efficiently.

For example, you may find that recovering sensitive customer information and e-commerce systems take priority over recovering your email server. Whatever the case may be, prioritizing your systems ensures that the right ones are recovered quickly after a disaster.

Despite the apparent break from international ransomware attacks, hackers are still keeping themselves busy, this time using an adware campaign that could easily be one of their most cunning tricks yet. If you use Facebook Messenger, you need to read this.

What is it?

Little is known about the adware itself or those behind it, but it was uncovered by David Jacoby, senior security researcher at Kaspersky Lab, when he received a Facebook message from one of his friends, only to find out that wasn’t the case.

Basically, the adware uses Facebook Messenger to track your browser activity and pushes you to click on malicious ads or give out personal information.

How does it work?

By clickjacking and hijacking credentials of Facebook users, the adware is able to send messages to people in the victim’s contact list. If you’re one of those people, you’ll receive a phony message from your friend’s compromised Facebook account.

The message includes your friend’s name followed by the word “Video,” a shocked face emoji, and a shortened URL. Once clicked, the URL will redirect you to a Google Doc with a blurred photo taken from your friend’s Facebook page, disguised as a video. If you click on the “video”, you’ll be redirected to one of a number of targeted websites based on your browser, operating system, and location.

A new, Locky-type ransomware is currently infecting tens of thousands of computers worldwide. It uses the same code from the 2016 version to encrypt users’ files and it looks poised to cause another massive cyber emergency. Here’s everything we know so far.

Quick facts

According to a threat intelligence report, the email-based ransomware attacks started on August 9 and were detected through 62,000 phishing emails in 133 countries in just three days. It also revealed that 11,625 IP addresses were used to carry out the attacks, with the IP range owners consisting mostly of internet service providers and telecom companies.

How it works

The malicious email contains an attachment named “E 2017-08-09 (580).vbs” and just one line of text. Like the original Locky authors, attackers responsible for the new variant deploy social engineering tactics to scam recipients into opening the attached .doc, zip, pdf, .jpg or tiff file, which installs the ransomware into their systems.

When an unsuspecting user downloads the file, the macros run a file that provides the encryption Trojan with an entry point into the system. The Trojan then encrypts the infected computer’s files.

Success is not just about putting in the hours, but also being adaptive and investing in the right tools to improve outputs. Keeping work confined to the office might have been adequate years ago, but not anymore. Today’s workforce is now more mobile than ever, which is why businesses are turning to remote access solutions. Amazon AppStream 2.0 is one such solution that has quickly gained traction, find out why.

What is it?

Initially released in 2013, Amazon AppStream was created as a platform for remote access to digital resources to help businesses streamline the costly process of managing apps on-premises. Simply put, it streams desktop apps to users across various devices via a browser.

Today, Amazon AppStream 2.0 has been updated with major improvements thanks to user feedback. Now, you can stream desktop applications from Amazon Web Services to any device running a web browser compatible with HTML 5.

What can you do with Amazon AppStream 2.0?

You can run desktop applications on any device, including Windows, Linux, Macs, and Chromebooks. Amazon AppStream 2.0 features multiple streaming options, including the General Purpose, Compute Optimized, and Memory Optimized.

What do you call someone who hunts for security gaps in computer hardware and software? A hacker, right? What about someone who takes their findings to vendors to help them improve the quality of their products? There is more than one type of hacker, and understanding the difference is important.

A complicated history

Since all the way back in the 1950s, the term hacker has been vaguely defined. As computers and the people who worked with them became more accessible, the word was used to describe someone who explored the details and limits of technology by testing them from a variety of angles.

But by the 1980s, hackers became associated with teenagers who were being caught breaking into government computer systems. Partially because that is what they called themselves, and partially because the word hacker has an inherently aggressive ring to it.

Today, several of those pioneering hackers run multimillion-dollar cyber security consulting businesses. So what should you call someone who uses their knowledge for good?

“White hat” hackers

Sometimes referred to as ethical hackers, or plain old network security specialists, these are the good guys. Whether it’s selling what they find to hardware and software vendors in “bug bounty” programs or working as full-time technicians, white hat hackers are just interested in making an honest buck.

Building a rapport with customers has never been easier with customer relationship management (CRM) software. You can track contact information, buying preferences, and sales patterns. It’s a must-have for all sales and marketing teams. But if this is the first time you’re using CRM software, try adopting the following best practices.

Always update customer information

A CRM system is only effective when the data it provides is current. If the customer’s address, company name, or preferred method of contact has changed, your staff should be recording this information immediately so your sales and marketing teams are always equipped with the right information.

Use purchasing history for upselling opportunities

It’s easier to sell to existing customers than acquiring new ones. Boost your sales performance by analyzing your existing clients’ purchasing history and designing promotions or events designed just for them. For example, if they recently purchased a razor from your online store, you can program your CRM to recommend related products like shaving cream or aftershave. Not only does this widen your profit margins, it also makes customers’ lives a lot easier and promotes repeat business.

When social media is used correctly, marketers can better understand their target audience and thus create better content and deliver it more effectively. This is vital since you'll be able to send customers tailor-made content that helps increase conversion rates and sales revenue. Grow your business with social media with these four steps:

Identify what’s trending on social media

From global events like the WannaCry and Petya ransomware attacks to the Super Bowl halftime show that took the internet by storm, content marketers need to know what consumers are talking about on social media.

For example, when Steve Harvey read the wrong name at Miss Universe in 2016, Burger King wasted no time tweeting a picture with the caption: “At BK, everyone gets to keep their crown.” This clever and timely message resulted in almost 100,000 retweets, likes, and replies.

Knowing what's trending helps marketers fine-tune content to ensure better engagement and higher conversion rates. And it can even help establish relevance in larger conversations and engage new groups of potential customers.

Understand what’s happening locally and globally

Did you know that viruses, ransomware, spyware, and trojans are all categorized as types of malware? Having been around for decades, these cyber threats have grown both in number and intensity. Needless to say, it pays to know how each of them works as well as how to protect your business.

Viruses

Once created to annoy users by making small changes to their computers, like altering wallpapers, this type of malware has evolved into a malicious tool used to breach confidential data. Most of the time, viruses work by attaching themselves to .exe files in order to infect computers once the file has been opened. This can result in various issues with your computer’s operating system, at their worst, rendering your computer unusable.

To avoid these unfortunate circumstances, you should scan executable files before running them. There are plenty of antivirus software options, but we recommend choosing one that scans in real-time rather than manually.

Spyware

Unlike viruses, spyware doesn’t harm your computer, but instead, targets you. Spyware attaches itself to executable files and once opened or downloaded, will install itself, often times completely unnoticed. Once running on your computer, it can track everything you type, including passwords and other confidential information. Hackers can then use this information to access your files, emails, bank accounts, or anything else you do on your computer.

For many businesses, applications like Google Drive are heaven-sent. They make managing files and photos much easier and safer than manually saving them in external disk drives. That said, backing up all files remains a burden to those who have files stored on several devices and can’t seem to transfer these files onto Google Drive or any other cloud platform. Luckily, Google came up with a viable solution to this problem.

Seamless backups and syncing

Google’s new application, Backup and Sync, allows both PC and Mac users to seamlessly back up files, photos, and video files from various devices, SD cards, and USB drives in Google Drive or Google Photos.

To use the app, download and install it on your Mac or your Windows computer, sign in with your Google account, select your sync settings, and choose the folders you wish to back up. If you’re uploading photos or videos, you can choose between High or Original quality upload size. And if you want to upload photos only, you have the option to upload to Google Photos.

Once you’re done setting up, a folder will be created on your computer where files can be saved and accessible anywhere via the cloud. Any file dropped into this folder will automatically sync to Google Drive.

The cyber community hasn’t fully recovered from the WannaCry ransomware attacks, which struck businesses and organizations in May. Now, a Petya ransomware variant named Nyetya is poised to join its ranks as one of the worst cyber attacks in history. Like WannaCry, its attackers exploited unpatched Microsoft vulnerabilities and demanded a $300 ransom in Bitcoins. But there are key differences between the two that are worth taking a look.

Worse than WannaCry

Nyetya is deemed worse than WannaCry mainly because it spreads laterally, meaning it targets computers within networks and affects even systems that have been patched. Because it also spreads internally, it needs to infect only one device to affect several others within a single network.

Cyber researchers trace its origins to a tax accounting software called MEDoc, which infected 12,500 systems in Ukraine. Since the initial infections in June, it has spread to thousands of networks in 64 countries. And although it hasn’t spread as fast as WannaCry, it might have a wider reach soon because it uses three attack pathways to infect a system. It hasn’t made as much money as WannaCry, which is why cyber researchers are concluding that the attacks are not economically motivated.

If you have ever received what looked like a personalized email from a huge corporation, there’s a good chance it was actually written with the help of an email automation platform. Email automation saves time and money while strengthening customer relationships, and contrary to popular belief, it is well within most SMB budgets.

What is email automation?

Usually included in customer relationship management (CRM) software, email automation centers around the idea of combining your business data into emails to customers and prospects. This allows you to draft templates with placeholders for names, addresses, and other variables that the platform will match with individuals from your email list.

Even better however, is personalizing how and when your emails go out to clients. Automatically inserting customer data into an email is great, but it still requires that you draft the content that surrounds it and hit Send. Email automation grants you the ability to create templated emails that are automatically merged with client data and sent when certain conditions are met.

Examples of email automation

To really get an idea of how valuable this solution is, it’s important to see what it looks like in action. Say you own an eCommerce site that sells complementary goods, like golf clubs and golf balls. You could create a campaign wherein anytime someone buys a set of clubs, pre-written emails automatically go out one month later on how high-quality golf balls improve your handicap.

Facebook is like a Swiss Army knife, practical and featureful. But did you know that Facebook has hundreds of built-in marketing features that 1.8 billion users worldwide are mostly oblivious to? With that in mind, here are four Facebook features you can use to boost your SMB’s social marketing efforts:

Audience Insights tool

This free tool is designed to help businesses learn more about their target audience. Audience Insights takes the guesswork out of identifying your customers by providing data such as geography, purchasing patterns, and even the Facebook pages they like. You can also use your existing customer database, Facebook page, or email list to learn more about your clients. Audience Insights help save a lot of time and money by determining whom you should advertise to.

Facebook Product Shops

This allows you to sell your products directly from your Facebook page. After following these instructions, you can set up your product shop in just a few clicks. You can choose whether you want buyers to purchase directly on Facebook or whether you want buyers to complete checkout on your website. Consider running ads using the data gathered from the Audience Insights tool to target ideal customers and increase sales.

Adding to the list of reasons to outsource your network security to a certified IT provider, a recent CIA leak shows just how vulnerable most network routers really are. Read on to learn why this is such a big vulnerability and what you can do to fix it.

The Wikileaks CIA documents

For several months, the notorious website famous for leaking government data has been rolling out information it obtained from the Central Intelligence Agency. The documents detail top-secret surveillance projects from 2013 to 2016 and mainly cover cyber espionage.

In the most recent release, documents describe government-sponsored methods and programs used to exploit home, office, and public wireless routers for both tracking internet browsing habits and remotely accessing files stored on devices that connect to compromised networks.

Is my router one of them?

According to the documents, 25 models of wireless routers from 10 different manufacturers were being exploited by the CIA. They weren’t off-brand budget devices either; the list includes devices from some of the biggest names in wireless networking:

• Netgear
• Linksys
• Belkin
• D-Link
• Asus

It’s rare that business owners have a chance to get move value out of their existing IT solutions without investing more resources in them. But with Microsoft’s latest data analytics platform, business owners can make sure they’re squeezing every last drop of productivity from Office 365, for free.

What is Power BI?

Released in the spring of 2016, Power BI is Microsoft’s business analytics platform. Regardless of whether or not data is stored within a Microsoft platform, connecting Power BI to a database allows you to create detailed graphs, charts, maps, and more. For example, if you upload sales records, dragging and dropping two columns is all it takes to map out where your product sees the most demand.

Recently, Microsoft announced a brand new feature for business owners who want to get more value out of their software subscriptions. The Office 365 adoption content pack collects information about how your employees use Microsoft productivity software, and feeds it directly into Power BI’s analytics. There are four types of insights you can work with:

Adoption

These metrics give you visibility into how much each O365 platform is being used. You may be paying for OneDrive accounts for the entire organization, only for Power BI to reveal that less than a quarter of your team is using it. Compare enabled users and active users to get a clearer picture of your investments.

The waitlist for Pinterest’s latest “DIY Promoted Pins” tool is proof of how eager small- and medium-sized businesses are when it comes to social media marketing. Establishing a solid online presence, promoting corporate content, and driving website traffic at the same time is every business owner’s dream come true. Here are some pointers to keep in mind.

Know your audience

According to a study conducted by Ahalogy and AcuPOLL Precision Research, Inc., Pinterest is largely used by women, mostly “Millennial Moms.” If your typical customer demographic is predominantly male, your marketing efforts would probably be better spent elsewhere. But if your business caters to women between the ages 15-29, you should consider creating an online presence on Pinterest.

Think like a content marketer

Users are looking for engaging content, which is why 59% of active Pinterest users go for Pins that lead to blog posts, articles, and even photos. The most popular topics on the platform are more visual (e.g., food, fashion, decor, etc.), so if you don't have highly visual content, then infographics, images from blog entries, and even photos of staff members also do the trick.

Security professionals should be beefing up your network security, implementing advanced firewall software, and identifying risks for possible breaches. In reality, they spend a huge chunk of their time troubleshooting issues on individual personal computers (PCs). That workflow is not ideal, but that’s what normally happens in many organizations. At what cost? Read on to find out.

Cost of fixes

According to a survey of technology professionals, companies waste as much as $88,660 of their yearly IT budget as a result of having security staff spend an hour or more per work week fixing colleagues’ personal computers. The ‘wasted amount’ was based on an average hourly salary of IT staff multiplied by 52 weeks a year. Other than knowing how much time is wasted, what makes things worse is that IT security staff are among the highest paid employees in most companies.

The fixes have mostly to do with individual rather than department- or company-wide computer problems that don’t necessarily benefit the entire company. The resulting amount is especially staggering for small- and medium-sized businesses (SMBs) whose limited resources are better off spent on business intelligence tools and other network security upgrades.

While it’s easy to turn a blind eye against hurricane warnings and think “I already have a business continuity plan in place”, it pays to be extremely cautious, especially when the National Oceanic and Atmospheric Administration (NOAA) predicts up to four unusually active hurricanes this year. Needless to say, you simply can’t afford not to hurricane-proof your disaster recovery (DR) plan.

The NOAA forecasts 11 to 17 tropical storms in the Atlantic, the Caribbean Sea, and the Gulf of Mexico. Hurricane season has officially begun and is expected to last until the end of November. The four allegedly active hurricanes are presumed to be Category 3, 4, or 5 on the Saffir-Simpson Hurricane Wind Scale (Category 1 is the weakest and 5 the strongest).

But don’t panic just yet; here are five steps you can take to protect your business during hurricane season.

1. Schedule a DR drill

Despite having a DR plan, many companies don’t test their plan, at least not as often as they should. So if you’re one of those companies, it’s crucial to conduct a DR drill now. A lot can change in the months or years since you have last tested your plan -- systems updates, infrastructure upgrades, employee turnover and more. By scheduling a drill, you’ll be able to make sure everyone knows their roles and that all critical systems are covered.

WannaCry is one of the few malware campaigns to become a household name. It’s educated countless people on the reality of ransomware and the vulnerability of their data. If you’re still worried about whether you’re at risk, we’ve collected everything you need to know right here.

Ransomware review

Ransomware is a specific type of malware program that either encrypts or steals valuable data and threatens to erase it or release it publicly unless a ransom is paid. We’ve been writing about this terrifying threat for years, but the true genesis of ransomware dates all the way back to 1989.

This form of digital extortion has enjoyed peaks and troughs in popularity since then, but never has it been as dangerous as it is now. In 2015, the FBI reported a huge spike in the popularity of ransomware, and healthcare providers became common targets because of the private and time-sensitive nature of their hosted data.

The trend got even worse, and by the end of 2016 ransomware had become a $1 billion-a-year industry.

The WannaCry ransomware

Although the vast majority of ransomware programs rely on convincing users to click compromised links in emails, the WannaCry version seems to have spread via more technical security gaps. It’s still too early to be sure, but the security experts at Malwarebytes Labs believe that the reports of WannaCry being transmitted through phishing emails is simply a matter of confusion. Thousands of other ransomware versions are spread through spam email every day and distinguishing them can be difficult.

The WannaCry ransomware, a type of malware that encrypts a victim’s files and extorts them for money, has already affected thousands of machines worldwide. Unfortunately, the success of this attack is just the beginning. According to security researchers, other hackers will probably develop stronger WannaCry variants in the coming months. And if you don’t want your business to become a victim of these attacks, you must take the following precautions.

Update your software

The first (and probably best) defense against WannaCry ransomware is to update your operating system. New research from Kaspersky shows that machines running Windows XP, 7 and outdated Windows 10 versions were affected by the ransomware. To check whether your systems are up to date, open your Windows search bar, look for Windows Update, click Check for Updates, and install any major updates.

Also, don’t forget to download the latest security patches for your business applications and security software.

Run security programs

Many antivirus programs now have mechanisms for detecting and blocking WannaCry malware; so when you’ve fully updated your security software, run a full system scan.

If employee training and education isn’t an integral part of your cybersecurity strategy, a recent scam might force you to reconsider. Instead of relying on complicated programming code to steal and destroy data, hackers are increasingly relying on human errors to get the job done. Even well-trained users are falling for the most recent ploy, take a look.

Broadly defined, “phishing” is any form of fraud in which an attacker tries to learn information such as login credentials or account information by masquerading as a reputable entity or person in email, IM or other communication channels.

These messages prey on users who click links, images and buttons without thoroughly investigating where they lead to. Sometimes the scam is as simple as an image with a government emblem on it that links to a website containing malware. Just hovering your mouse over the image would be enough to see through it. But some phishing schemes are far more difficult to recognize.

The Google Defender scam

Recently, an email spread to millions of Gmail accounts that almost perfectly imitated a message from Google. The text read:

“Our security system detected several unexpected sign-in attempts on your account. To improve your account safety use our new official application “Google Defender”.

In today’s competitive business environment, SMBs are constantly finding new ways to outdo one another. Recently, social media and content marketing strategies have become increasingly popular. But because many of your competitors are utilizing the same platforms as you are, it’s essential for you to find new methods to make your business stand out. These tips might help:

Come up with and implement a media crisis management plan

It’s normal for businesses to go through a crisis or two. Avoid embarrassing public relations nightmares by having a social media crisis management plan in place and ready for implementation.

Create buyer personas

Social media data is a great tool to gather information about your potential customers, and in doing so, create buyer personas. Buyer personas are comprised of generalized characters that help build an ideal picture of your business in the market. Key demographic information includes age, location, and even reasons for buying and product-related concerns.

Track the impact of your content marketing

When it comes to content marketing efforts like blogging and social media, it’s essential to have a system to measure results. You can measure how these efforts impact your brand awareness by using metrics such as social media reach, brand mentions, media mentions, and branded searches.

We are taught never to judge a book by its cover. But in this superficial age, looks are everything, especially for websites. Your website is a customer’s first impression of your business, and if your site has poor graphics, illegible content, and other website no-no’s, that could end all chances of establishing a relationship and driving revenue. Go through these key indicators so you don’t end up in such a situation:

A variety of clean photos

Always take photos under professional lighting to really get the best images of your products. When customers are browsing, it’s normal for them to want to see as much detail as possible, so try to include as many photos, from as many angles your prospects might want.

Clear descriptions

The last thing you want to do is to confuse your customers. That’s why it’s important to include all of your products’ technical information and dimensions before creating simple and straightforward product descriptions.

Establish policies

Returns and refunds are an inevitable part of online shopping. In fact, a large percentage of online shoppers make purchase decisions based solely on how streamlined the returns policy is. Make sure to establish clear policies for returning and refunding items that are easy to find for customers.

You pay close enough attention to the links you click to avoid clicking on something like goolge.com or evrenote.com...right? Because if you’re not, you could end up exposing your computer or smartphone to a host of malware. The newest phishing attack strategy is the worst of all, and can catch even the most astute users off guard.

What are homographs?

There are a lot of ways to disguise a hyperlink, but one strategy has survived for decades -- and it’s enjoying a spike in popularity. Referred to as “homographs” by cybersecurity professionals, this phishing strategy revolves around how browsers interpret URLs written in other languages.

Take Russian for example, even though several Cyrillic letters look identical to English characters, computers see them as totally different. Browsers use basic translation tools to account for this so users can type in non-English URLs and arrive at legitimate websites. In practice, that means anyone can enter a 10-letter Cyrillic web address into their browser and the translation tools will convert that address into a series of English letters and numbers.

How does this lead to phishing attacks?

It makes a lot of sense for electronics firms to pack a variety of functions into mobile devices and expand their usefulness. Instead of confining their use to communications, companies such as Apple, Samsung, and others have turned mobile phones into mini-computers that can serve as a substitute for your laptop, or as a storage device. If you’re using mobile phones as a communications and storage device, backing up now would be a wise move.

Malware on mobile

More than 50% of the world’s adult population use a mobile phone with internet connection, so dangers in these handy devices are to be expected. Scarier than the thought of being offline is being online and exposed to malware.

If you use your mobile devices as an extension of your work computers, backing up is a must. Mobile phones have become as vulnerable to malware as laptops and desktops have, especially if you consider the fact that many professionals and business owners use them for emailing confidential documents and storing business-critical files.

Device disasters

Other than malware, other types of disasters can happen on your device. Because you carry it wherever your go, your device can easily be stolen, misplaced, or damaged. They may be easily replaceable, but the data contained in them may not. Having completely backed up data on your devices helps prevent a minor inconvenience from turning into a disastrous situation.

We live in an age overflowing with information, and most of this is taking place in social media feeds and timelines. Social media is truly a window to the entire world, but it can be detrimental to your business if your employees are just messing about with hashtags, tweets, and likes all day. Annual social media policy reviews can give you and your business some much-needed clarity.

Avoid legal trouble

Do you remember Chipotle’s social media debacle in 2015? It lost a lawsuit for firing an employee that posted negative content on social media because it turned out that Chipotle’s social media policy violated federal labor laws. That’s why you should work with your legal team to keep your policies up to date: so they comply with the Federal Trade Commission and the National Labor Relations Board.

Protect company information

Social media policies can actually help safeguard sensitive data from hackers and cyber attacks, especially in a bring-your-own-device (BYOD) working environment. Employees must know the proprietary company information that must never be shared, as well as understand that confidential information -- such as marketing tactics, non-public financials, and future product launches -- are to be communicated only ‘internally.’ A good example is General Motor’s social media policy, which clearly spells out what can and can't be disclosed to the public.

Staving off malicious cyber attackers is already a herculean task, so the last thing you need is to feel exposed from a totally new angle. That’s how many felt after Wikileaks’ accusations that the US government was spying on its citizens. However, the truth is a lot different from what the headlines would have you believe.

What devices and apps are supposedly vulnerable?

Wikileaks labeled its ongoing release of 8,761 classified CIA documents “Year Zero.” Nestled among those files are tools and correspondence that explain how operatives could snoop on communications, downloads, and browsing history. Here is a list of the “affected” applications and hardware:

• Windows operating systems
• iOS
• Android
• Samsung Smart TVs
• WhatsApp
• Signal
• Telegram
• Confide

Those are some very big names, right? Thankfully, it’s mostly hyperbole. The reality of the situation isn’t nearly as bad as it sounds.

Two considerations before freaking out

First, almost all these exploits require physical access to devices before anything can be compromised. For example, news organizations repeatedly reported that WhatsApp, Signal, Telegram and Confide all had encryption protocols that had been subverted by the CIA. That is 100% false.

Although a ransomware infection might feel targeted, you’re not the only one who’s been infected. Ransomware is spreading at an alarming rate, but the further it goes, the more resources are allocated to fighting it. If your data is held hostage, always check these lists for free decryptors first.

The state of ransomware in 2017

It’s been almost 30 years since malware was first created that could encrypt locally-stored data and demand money in exchange for its safe return. Known as ransomware, this type of malware has gone through multiple periods of popularity. 2006 and 2013 saw brief spikes in infections, but they’ve never been as bad as they are now.

In 2015, the FBI estimated that ransomware attacks cost victims $24 million, but in the first three months of 2016 it had already racked up more than $209 million. At the beginning of 2017, more than 10% of all malware infections were some version of ransomware.

Zombie ransomware is easy to defeat

Not every type of infection is targeted to individual organizations. Some infections may happen as a result of self-propagating ransomware strains, while others might come from cyber attackers who are hoping targets are so scared that they pay up before doing any research on how dated the strain is.

There are so many variables that go into order fulfillment and shipping that it’s no wonder an entire field has sprung up around streamlining these processes. If you’re looking for a great way to add value to your business, an order management system may be just the thing for you.

First off, we need to clarify that inventory management systems (IMSs) are not the same as order management systems (OMSs). The former is a solution for analyzing your sales history as a means to forecast demand for your product and the materials you will need in the future, while the latter is all about the here and now.

What does an OMS do for you?

One of the toughest things about managing an eCommerce store is juggling a growing number of sales, each at totally different steps in your shipping process. An OMS service is all about organizing your orders into a coherent and manageable workflow. Here are just some of the difficulties it helps you wrangle:

• Your eCommerce store can be connected to your inventory. If something is out of stock, it can be reflected on your site so customers aren’t misled about the availability of your product.
• Payment authorizations can be automated and integrated with your shipping services.
• You can provide reports to your customers about their order's shipping status. From intra-warehouse movements to on-the-truck updates, one page will have all the information they need.
• Products and materials can be automatically restocked once they dip below a certain threshold.
• Refund and returns can be automatically processed by your OMS.

Businesses nowadays are focusing their marketing efforts towards social media. Precious time and money are being invested in expanding customer base, establish corporate identity, and drive revenue. That’s why it’s vital for owners to know which platforms work, and which ones don’t. And this is no walk in the park.

Over 71 percent of Snapchat users are under 34 years old; as of 2015, the social network boasted over 100 million active users. It’s an ideal marketing option for businesses targeting a millennial audience. If you’re still unsure about Snapchat for your small business, consider these statistics:

• 58 percent of college students are likely to purchase a product from coupons sent over Snapchat
• 65 percent of Snapchat users contribute content on a daily basis
• Only 1 percent of marketers are taking advantage of Snapchat, which means you can be an early adopter and gain a competitive advantage

Snapchat is a social media application that allows users to send pictures and videos - called “Snaps” - to others. The media sent can only be viewed for 10 seconds or less (you can specify the length), after which it disappears for good. You can add a Snap or multiple Snaps to create your own “story” which can be viewed by others for 24 hours.

Business owners have spent the last couple months fearful of cyber attacks from the “fileless malware” plastered across headlines. The reality of this new threat doesn’t actually call for panic...yet. Getting acquainted with this new malware today could save you from a headache in the future.

What is this new threat?

To oversimplify the matter, fileless malware is stored somewhere other than a hard drive. For example, with some incredibly talented programming, a piece of malware could be stored in your Random Access Memory (RAM).

RAM is a type of temporary memory used only by applications that are running, which means antivirus software never scans it on account of its temporary nature. This makes fileless malware incredibly hard to detect.

This isn’t the first time it’s been detected

Industry-leading cyber security firm Kaspersky Lab first discovered a type of fileless malware on its very own network almost two years ago. The final verdict was that it originated from the Stuxnet strain of state-sponsored cyber warfare. The high level of sophistication and government funding meant fileless malware was virtually nonexistent until the beginning of 2017.

Failing to stop a cyber attacker, or to pass a disaster recovery plan (DRP) audit could be the product of focusing your efforts on the wrong educational resources. Because no matter how many conferences you attend, or how many certifications you receive, nothing beats real-world case studies. If that’s what you’re looking for, a state government office just gave us plenty to pore over. See for yourself.

Hosting certain types of data, or managing a government network, legally binds you to maintain DRPs. After an audit of the Michigan Department of Technology and Budget, several failures lead to a trove of helpful tips for small- and medium-sized businesses attempting to create a bulletproof disaster recovery plan.

Update and test your plan frequently

One of the first and most obvious failures of the department’s DRP was that it didn’t include plans to restore an essential piece of their infrastructure. The plan didn’t include steps to restore the department’s intranet, which would leave employees unable to complete even the most basic of tasks.

The reason for the oversight? The last time the plan was updated was in 2011 -- leaving out more than six years of IT advancements. If annual revisions sounds like too much work, just consider all of the IT upgrades and improvements you’ve made in this year alone. If they’re not accounted for in your plan, you’re destined to fail.

Facebook might be the biggest name in social media, but that doesn’t mean it’s the only one. Since there isn’t a one-size-fits-all platform, there are trendier options such as Instagram and Snapchat, with a burgeoning millennial base to choose from. With that in mind, it’s essential for business owners to understand the pros and cons of each platform before settling on one.

Facebook

According to the 2017 Wasp Barcode State of Small Business Report, Facebook is the most utilized social media of all the options. Out of the survey’s 1,100+ respondents, 68 percent used Facebook as an integral part of their marketing strategy, with LinkedIn coming in second at 39 percent.

One of the contributing factors to Facebook’s popularity is the fact that it’s currently approaching a total of 2 billion personal users, making it the first place companies go to when they want to increase their brand awareness. Other marketing-specific reasons businesses choose Facebook are social media referral traffic, terrific conversion rates for e-commerce traffic, and a huge impact on user purchasing decisions.

As technology consultants, we’re stuck between a rock and a hard place. We want to provide our clients with enterprise-level IT, but that requires that we specialize in overwhelmingly intricate technology. Explaining even the most foundational aspects of our cyber-security would most likely put you to sleep before convincing you of our expertise. But if you really want to know, here are a few summaries of how we focus on proactive strategies rather than reactive ones.

Understand the threats you’re facing

Before any small- or medium-sized business can work toward preventing cyber-attacks, everyone involved needs to know exactly what they’re fighting against. Whether you’re working with in-house IT staff or an outsourced provider, you should review what types of attack vectors are most common in your industry. Ideally, your team would do this a few times a year.

Reevaluate what it is you’re protecting

Now that you have a list of the biggest threats to your organization, you need to take stock of how each one threatens the various cogs of your network. Map out every device that connects to the internet, what services are currently protecting those devices, and what type of data they have access to (regulated, mission-critical, low-importance, etc.).

Google’s G Suite or Microsoft’s Office 365? That’s the question. One that many business owners ask themselves but often put aside because weighing the individual functionality seems like a monumental task! We’re here to help end that indecisiveness, so let’s take a look at what each has to offer.

Cost and commitment

G Suite offers two pricing plans: $5 and $10 per user per month. The $5 plan offers company email addresses, video and voice calls, integrated online calendars, online documents, presentations and spreadsheets and more.

The $10 plan offers all the features of the $5 plan plus unlimited storage or 1TB per user for less than 5 members, advanced admin control panel for Google Drive, and audit and reporting insights for Drive content and sharing, to name a few.

• Office 365 offers a number of pricing plans, including:
• Office 365 Business Essentials ($5.00 per user per month)
• Office 365 Business ($8.25 per user per month)
• Office 365 Business Premium ($12.50 per user per month)
• Office 365 ProPlus ($12.00 per user per month)
• Office 365 Enterprise E1 ($8.00 per user per month)
• Office 365 Enterprise E3 ($20.00 per user per month)
• Office 365 Enterprise E5 ($35.00 per user per month)

Scroll, double-tap, repeat, might have been the original Instagram-ing routine, but not anymore. After partnering with global advertising giants, IG is introducing its latest feature: Stories. With it, you can share short videos, or even personally decorated snapshots of your daily life. But many of you might ask, “What does this have to do with online marketing?” Read on and find out.

Jim Squares, director of product marketing, said in an interview with Fortune that “a two or three-week test period” will be carried out before releasing it to all its active advertisers. Let’s face it, the similarities between Instagram Stories and Snapchat ads are undeniable. But with Snapchat ads, they work mainly with larger brands and keep ads as unobtrusive as possible. If you want to collaborate with big boys like Netflix or Coca-Cola, you’re looking at a budget bigger than what you might have. By contrast, Instagram ads are self-serving and employ auction-based pricing.

When it comes to setting up and paying for video ads inside Stories, it’s a pretty straightforward process, much like Facebook advertising. Not only do you have the ability to target your audience, but the benefits of working with demographic and Internet-based targeting capabilities definitely give Instagram a competitive advantage. On top of this, users can expect more goodies when the format officially takes off. For the time being, Stories seems to be a simple yet efficient way to test out advertising placement.

Does filling in web forms sap all your browsing energy? Do you find it especially taxing to shop or register online using a mobile device? Google’s Chrome alleviated this dilemma when it introduced the Autofill feature in 2011, which made filling in forms much faster and making credit card purchases online more convenient. Unfortunately, it didn’t take that long for cyberthieves to find a way to take advantage.

How do they do it?

By concealing other fields in a sign-up form, users are tricked into thinking they only have to fill out a few fields. The trickery at work is that upon auto-sign up, other fields, which could include your billing address, phone number, credit card number, cvv (the 3-digit code used to validate credit card transactions), and other sensitive information, are auto-filled with the user none the wiser.

This sinister trick is nothing new, but since there hasn’t been any countermeasure since it was first discovered, the threat it poses is worth emphasizing. Finnish whitehat hacker Viljami Kuosmanen recently brought to light how users of Chrome and Safari are particularly vulnerable, and he even came up with a demonstration of how this phishing technique is perpetrated. The technique is so sneaky, it’s enough to make one give up online shopping forever.

Investing in customer relationship management (CRM) software is absolutely essential for small- and medium-sized businesses that want to up their sales performance. It helps sales departments understand their clients, tailor their marketing efforts, and more. If your business isn’t already using CRM, here are five reasons why you should definitely give it a chance.

Grows with your business

The ol’ Rolodex may have been useful for managing a few clients, but you’re going to need a better solution if you plan to maintain relationships with hundreds, possibly thousands, more. CRM scales with your business, meaning it can handle larger data sets and more clients as you expand your sales operation.

Organizes your data

CRM software acts as a central database for all your sales records and transactions. This means important customer information can be retrieved in just a few clicks rather than rifling through thousands of documents, sticky-notes, and disorganized cabinets. And since CRM is hosted in the cloud, sales data, customer interactions, and other actionable information are available for the entire company.

Improves customer service

As cyber attacks continue to rise, businesses large and small need to stay one step ahead with IT services that keep them protected no matter what. What once were minor nuisances have now become advanced threats that can actually put you out of business. In fact, these cyber attack statistics will prove to you that you need managed services from a technology provider to remain safe and competitive.

The numbers

Small businesses are not at risk of being attacked, but worse, they’ve already fallen victim to cyber threats. According to Small Business Trends, 55 percent of survey respondents say their companies have experienced cyber attack sometime between 2015 and 2016. Not only that, 50 percent reported they have experienced data breaches with customer and employee information during that time, too. The aftermath of these incidents? These companies spent an average of $879,582 to fix the damages done to their IT assets and recover their data. To make matters worse, disruption to their daily operations cost an average of $955,429.

The attacks

So what types of attack did these businesses experience? The order from most to least common are as follows: Web-based attacks, phishing, general malware, SQL injection, stolen devices, denial of services, advanced malware, malicious insider, cross-site scripting, ransomware and others.

When disaster strikes, organizations need to put their business continuity plans into action and recover their IT systems as quickly as possible. Failing to do so can mean serious financial and reputational repercussions. Despite this, investments in disaster recovery are set aside each year for high-tech IT investments, and every year companies and employees continue to suffer for it. Here are some reasons why disaster recovery is well worth your time, effort, and resources in 2017.

DR isn’t a huge investment

A common misconception about disaster recovery is that it’s a large, bank-breaking investment. Expensive secondary data centers, networks, and server maintenance usually come into mind when a business owner is confronted with the idea of business continuity. And while that may have been true in the past, establishing a strong disaster recovery plan today is as simple -- and as cheap -- as going to a cloud-based disaster recovery provider and paying for the data and services that your business needs. Subscription pricing models are actually incredibly low, meaning you can have minimal downtime while still having enough to invest in new tech.

Onsite backups just won’t cut it

Skype used to dominate an area of VoIP communications that serves a special function: group video calling. With apps like Snapchat, WhatsApp and, most recently, Slack nipping at its heels, it comes as no surprise that social network behemoth Facebook takes a slice of the cake with its recently rolled out desktop group voice calling. With this functionality, anyone who has ever participated in a Facebook-enabled conversation should embrace this new development.

No one gets left behind

In group chats, there’s always that one person who gets the joke last, or reads it last, and so feels left out. With Facebook’s group video chat, this never has to happen as every participant in the group can be connected at the same time. The functionality is still in the “small test” phase, which means certain details are still being ironed out. When it fully launches, though, expect a considerable portion of Facebook Messenger users to consider moving their Skype group video conversations to Facebook.

Potentially compelling benefits

Since introducing its audio calling capability in 2013, Facebook has worked hard to keep up with the competition. Facebook’s introduction – and potential domination – of desktop group video calling might signal the end of times for Skype and other players. For one, Facebook and social media user growth hasn’t shown signs of slowing down. Moreover, most users of internet telephony might inevitably see the advantages of using a single platform for their social media activity and online communications.

Ransomware has become a fast-track for making money for some hackers this holiday season. But instead of just demanding a small payment for the decryption code that will unlock their computers, some hackers are demanding that victims sacrifice two other friends to ensure they receive the code they need. Read more to find out what makes Popcorn Time such a devious program and how you can avoid becoming one of its victims.

Ransomware is nothing new. Cybersecurity miscreants have been taking advantage of online users for years by requiring payment to "unlock" a victim's computer. What Popcorn Time does differently is give users the option to spread the virus to two other victims in the hopes that they will pay the ransom -- a tactic that promises to double their money at the expense of your sense of morality (and at the expense of your friendships as well).

The Cost of Popcorn

When you inadvertently download this ransomware, you will be met with a screen that explains that your files have been hijacked/encrypted, and that to get them back you will need to pay one Bitcoin for a decryption key that they keep stored remotely. The Bitcoin fee is usually more than $700, a hefty price to pay during any season but particularly difficult for those infected during the holiday season.

Recently, Amazon Web Services (AWS) announced the creation of a new data analytics tool to lighten the burden on businesses when analyzing data in the cloud. This tool, referred to as “Glue,” is meant to clean up and organize data that comes into the cloud from various sources so that it can be analyzed by business intelligence software and data analytics experts. Let’s take a closer look at this service and how it can benefit you and your business.

Data analysis can be an extremely profitable arm of your business, if undertaken carefully. Much of what people consider to be data analysis for a business is actually just digital clerical work, which makes the process even more frustrating and time-consuming than it needs to be. At its core, AWS’s Glue is an app that automates this tedium, which is often referred to as ETL (extract-transform-load).

Third-party software already exists to help with this task, but the service from AWS is one of the first cloud-based alternatives to come to market. Glue is designed to work with businesses that have their own on-premises data centers and infrastructures in addition to working with AWS frameworks. In fact, if a business makes changes to on-premises data, Glue can be set up to trigger jobs and update the data in the cloud so users always have access to the most up-to-date information for use and analysis.

Have you had to deal with security issues in the past year? Brace yourself, as there are more to come. For this reason, security experts have become indispensable members of society, who guard tech-dependent individuals and businesses against malicious attacks that pose threats to their privacy and livelihood. As you ring in the new year, make sure you’re well armed against the following predicted cyber-crimes.

Increased threats on cloud technology

Cloud service has numerous benefits to businesses. They make data storage, collaboration, and processing more efficient; they enable employees to work faster; and they help operations flow smoother. Cloud technology’s popularity is expected to rise well into the next few years, but as demand increases, so does the dangers presented by cyber attackers.

Ransomware will be more complex

Ransomware incapacitates computer systems by locking down files and preventing access for ransom. In its 2016 Threat Predictions report, security software company McAfee predicts a peak in ransomware attacks next year. Although they also predict it to recede by mid-year, damages to vulnerable cloud-dependent infrastructures can be great and costly. Most alarming in the prediction, however, is that in the coming year ransomware attacks will be more complex due to new elements.

Because of its image-heavy content, Instagram has become a tremendously popular social platform, as evidenced by its 500 million users and over-a-billion daily engagement. More than being a photo-sharing social network with fun filters, Instagram’s potential to turn your followers into customers is worth exploring. Make the most of your Instagram account with these 5 practical tips.

Ensure your posts are shoppable

This simply means providing a convenient path in which your followers can buy the products posted on your page. With a shoppable Instagram tool, you can direct users to your online shop where they can make an actual purchase. Instagram is, arguably, not the best ecommerce platform to use if you depend on clickable media, but if you know how to tweak the app to your advantage – and provide an attractive presentation of your products – you can turn likes into sales.

Give away discount codes or coupons

Entice followers to engage with you and share content with incentives such as discount codes or coupons. You can do this by running contests with an interesting concept, cool prizes, and a sharing or voting element that encourages participants to share your content with their friends. Better yet, engage followers by tapping into user-generated content via photo contests, resulting in free promotion for your brand.

Marketing automation was once a technology reserved for mega corporations and enterprise-level businesses. Fortunately, the IT industry is making business tools cheaper and more accessible all the time. Nowadays, if you’re a small business owner, you’d have to be crazy to pass up all that marketing automation has to offer. If you haven’t already implemented this wonderfully profitable technology, read up on the five best reasons to do so here.

Instant responses to email requests

If a customer or prospect sends your business an email via your website or a "Contact Us" form, any delay in response could ultimately cost you a client. But if you have a marketing automation plan in place, you can customize automatic email responses to respond to these leads as soon as an email is received. This lets potential customers know either the information they requested or that you will be responding in more detail soon.

Stop leaving voicemails and start closing deals

There’s a reason most people prefer to communicate via email: Keeping in touch over phone can be tough if both parties are always busy. An automated system solves this by logging when you’ve contacted leads and automatically emailing them about follow-up times. The call, email, and its response are all logged in your CRM and calendar without a single minute wasted entering mundane information.

Business technology has become one of the most important components for successful companies big and small. In an overwhelmingly digital landscape, businesses depend on IT for marketing, data storage, and financial transactions. And with that comes the need to secure every bit of private information cyber criminals might want to feast their eyes on. And while an outsourced security professional is a must, there are a few simple steps you can do yourself to get started. Check out five of our favorites here.

Limitation of lateral data transfers

Employees not being educated on data sharing and security is one of the biggest reasons for internal data breaches. It’s a good idea to limit access to important data and information by restricting access privileges to only a small number of individuals. Also, you can decide to use network segmentation to cut unnecessary communication from your own network to others.

Keeping your machines and devices updated

Internal breaches might also occur when employees work with unguarded or unprotected machines. They might unknowingly download malware, which normally wouldn’t be a problem if machines were properly managed. Updating your operating systems, antivirus software, business software, and firewalls as often as possible will go a long way toward solidifying your defense systems.

Data is vital to your business. It’s how you keep records, track activities, and function as a business in general. However, with all of the data that your business generates on a regular basis, it can be difficult to keep everything backed up at all times. Fortunately, there is a way to better prioritize your data backups. By appropriating one of the IT industry’s favorite solutions, you can revolutionize your data backup protocols.

Too much data may sound like a good thing, but depending on your organization, backing up everything à la minute may be out of your price range or just flat out impossible with the amount of information you create. The problem then becomes: How do I structure my backup plan to prioritize the critical files? We believe the answer is analytics.

In order to avoid backing up unneeded data, you’ll require a “smarter” backup solution. This is where an experienced MSP (managed services provider) really earns its keep. We’ve spent years becoming experts in backup solutions and designing systems that keep your mission-critical data healthy, and we can offer something few others can’t: a backup solution that learns.

The first step in ensuring all of your customer information is safely duplicated and quarantined is to install sophisticated analytics engines that help determine what is most essential to your business's day-to-day operations. These ever-evolving engines will prioritize data in order of importance and translate that to a backup structure that ensures the right data is safe and sound should disaster strike.

Scam artists will stop at nothing to make an extra buck, which means that people need to be vigilant about protecting their valuable information. While the phone is still a popular method of approach, the Internet has opened a new avenue for the scammer to attempt to steal your money. Keep reading to find out why younger consumers are more prone to falling for new scamming tactics.

Results Conclude Youth is more Gullible

Microsoft recently conducted a survey of 1000 computer users of all ages and from many of the largest countries in the world to find out how many of them had been scammed by phony "technicians" claiming to be employees of Microsoft or other major computer conglomerates. The results were startling when studied demographically. Researchers discovered that seniors, who were traditionally viewed as the major victims of such fraudulent schemes, were not the most likely group to fall for the scam.

Research indicated that although seniors were most likely to buy into a telephone scam, they still did not fall for the act as much as younger age groups. The study found, in fact, that between the ages of 18 and 24, people were 2.5 times more likely to fall for the scam than seniors. Those between the ages of 25 and 34 were three times more likely than seniors to be tricked.

Facebook, Twitter, and Instagram have changed the way we interpret the word social. Whereas it used to mean just catching up with a friend over tea, being social online now has blurred the lines between friends and customers. But far beyond the “big three” lies dozens of untapped social networks. If you’re hoping to get into some of the biggest rising stars in online marketing, you’ve come to exactly the right place.

Having great content on your site is the magnet that attracts visitors. However, when there is too much competition on the most popular platforms, it's hard for your social media reputation management to deliver the results you expect. To reap nominal rewards from social media marketing, you need to devise new methods to stand out from the crowd.

Meetup

For people with similar interests, Meetup is a great site to plan face-to-face meetings. Does your company sell hiking, camping, and backpacking products? Organize a meetup for the people in your community to go on a hike. You really can’t get a better customer interaction than engaging them in the activities they love.

Eventbrite

With Business Intelligence software, companies have the ability to pull data from various sources throughout the company, from human resources to accounting and marketing reports. By combining information from across departments, owners have all the data they need to make the best decisions for their company. Let's see how BI technology can help companies budget for the new fiscal year.

Compiling Data Across the Board

Business Intelligence is not a new concept. Companies regularly compile data from many of their departments to make important business decisions. The manual process of gathering spreadsheets of data is cumbersome and time-consuming. BI software allows company owners to look at data from the various departments in one location, an online dashboard that can be manipulated to provide the exact information needed at the time.

Putting it all Together

Business intelligence software extracts information from raw data provided by various departments to help business owners make important decisions in marketing, budgeting and financial planning/prediction. All on one dashboard, marketing campaigns can be tracked and evaluated for effectiveness, money can be moved from one department to another, and companies can see the financial health of the company.

With all the recent hacking scares all over the world, you know and understand that your cyber security and your business’s cyber security are extremely important. However, when it comes to authentication processes, you may not be sure what the real deal is. There are two seemingly similar types of authentication that are often confused. Those are, of course, two-step and two-factor authentication. Find out more about the differences between the two here to ensure your cyber security will always be top of the line.

If you are seeking out a way to improve your business's cyber security, both for your business itself as well as for your customers, you are likely looking at your authentication process. Two-step and two-factor authentication are two of the most commonly used options in cyber security. And in current cyber security, many businesses use the terms two-step and two-factor authentication interchangeably.

There are, however, subtle differences between the two. A two-step authentication process requires a single-factor login (such as a memorized password or biometric reading) as well as another of the same type of login that is essentially sent to the user. For example, you may have a memorized password for your first step and then receive a one-time-use code on your cell phone as the second step.

The internet is constantly tempting us. There’s an endless collection of funny cat videos, memes, and social media statuses to consume. Sure, the occasional three-minute YouTube video never hurt anyone, but if employees waste hours of their working day on these websites, that’s a problem. So how can you, as a business owner, discourage employees from procrastinating on the internet? When it comes to increasing employee productivity, keeping a close eye on your personnel’s internet behavior reaps various benefits.

Time-saving measures

At times, the internet can be very addictive. Internet monitoring software saves employees from the temptation of online videos and games by restricting access to time-wasting sites that you deem unnecessary for business. But internet monitoring software doesn’t even have to be as extreme as denying permission to harmless social media websites. Just letting your employees know that you’ll be randomly monitoring their internet activity discourages them from taking prolonged visits to their Instagram page.

Avoiding harmful websites

The internet hosts plenty of unsavory links and websites. Employees who haphazardly click phishing links or access malware-ridden pornography sites can put your business at risk. Working with infected machines can slow down the entire system and, in some cases, completely halt operations. But by using internet monitoring tools you can restrict access to dangerous websites, and identify reckless employees to remove their internet privileges, if necessary.

Facebook has been looking for new ways to diversify the services it offers. One such example is Facebook at Work -- launching today. The new product is a way for enterprise firms to stay connected and share information just like the Facebook of yesteryears. There has been a need for the use of social tools in enterprise activities, and so far, Facebook is the only company making a bold step toward filling that void. If you’re curious about how the service works, we have a complete review here.

Facebook releases generally take place in the company’s home country, the US. However, this time around the social media giant will launch its take on enterprise communication tools in London, where Facebook at Work was first dreamed up.

Facebook at Work has set its sights on improving productivity in the workplace. In addition to aesthetic updates like changing from the iconic blue color to a business-friendly grey, users will have a totally separate platform from the original Facebook. Work accounts are strictly for work interactions and will not mix with users’ personal profiles. So how is it different from just creating a work-friendly account on the original platform?

Facebook at Work creates a microcosm of the social media site, just for your company. Employees can communicate with coworkers, post pictures, plan for upcoming events, and make office announcements at ease. As an added bonus, Facebook at Work will employ auto-translate functionality to make communication between foreign nationals easy.

For as long as there have been cybercriminals, there have been social engineers, or people who use tricks and scams to force other people to volunteer sensitive information. There are several ways to use social engineering to acquire valuable information like account passwords and bank accounts, but avoiding these scams comes down to one thing: training. Let’s take a look at some of the easiest ways for your employees to avoid one of these scams.

As more and more of our information moves into the digital realm, criminals are turning to social engineering to trick people into trusting them with their delicate information. People often trust others too easily and make themselves the targets of easy attacks from criminals. These attacks may come in the form of messages, baiting scenarios, fake company responses, and many others.

Most often, messages are sent to users in the form of an email that might contain a link or something to download. Although they may look legitimate, these emails often contain viruses; once the link is opened or you attempt to download it, a virus latches onto your computer, giving its creator free access to your email account and personal information.

It’s been reported that Facebook is about to ship out its Oculus virtual reality headsets, and Google has its own version in the works. By taking all of this into consideration, it’s safe to say that the VR landscape is about to experience growth -- and small- and medium-sized businesses should take advantage of this three-dimensional shift. Besides gaining a competitive edge, here are some other reasons to compel you toward embracing virtual reality:

Create your own virtual product prototypes

With the help of virtual reality, you’ll no longer have to rely on manufacturing when you want to see what your product physically looks like and how it might work. These virtual products allow you to make any changes before going through with production. According to Abi Mandelbaum, CEO and co-founder of YouVisit, “Model creation in VR, for example, can save companies time and money, as these types of models or prototypes allow viewers to examine a product and make changes without the time or expense of building a physical model.”

Virtual designs for engineers

Especially beneficial for engineers, architects and other professionals that work with building or engineering large structures, virtual reality helps save both time and money. As an alternative to small models or 2D renderings, VR offers a more immersive experience that helps design and replicate structures.

Everyone, from doctors to lawyers, needs to continue learning to stay ahead of the times. Business owners might have it worst of all, oftentimes needing to stay on top of several industries to keep their company running. Keep reading for a refresher on all the latest trends and buzzwords used in the cybersecurity sector.

Malware

For a long time, the phrase ‘computer virus’ was misappropriated as a term to define every type of attack that intended to harm or hurt your computers and networks. A virus is actually a specific type of attack, or malware. Whereas a virus is designed to replicate itself, any software created for the purpose of destroying or unfairly accessing networks and data should be referred to as a type of malware.

Ransomware

Don’t let all the other words ending in ‘ware’ confuse you; they are all just subcategories of malware. Currently, one of the most popular of these is ‘ransomware,’ which encrypts valuable data until a ransom is paid for its return.

Intrusion Protection System

There are several ways to safeguard your network from malware, but intrusion protection systems (IPSs) are quickly becoming one of the non-negotiables. IPSs sit inside of your company’s firewall and look for suspicious and malicious activity that can be halted before it can deploy an exploit or take advantage of a known vulnerability.

Catching up with your friends at your high school reunion is all well and fun before the conversation turns to work. It seems like all your friends have well-paying jobs, and you’re stuck with a demanding one that’s underpaid. What if there were a way you could land better jobs or further your career path? No sacrificial ceremonies needed. Instead, find out how LinkedIn’s Alumni Tool taps into your network and brings you one step closer to success.

Get started

Access the Alumni tool by going to the homepage and hovering over “My Network.” Then select “Find Alumni.” From there, you are free to perform any search for individuals who have attended your school. You can apply one or more of the following filters:

• Where they live (geographic location)
• Where they work (company)
• What they do (job function)
• What they studied (major)
• What they’re skilled at (LinkedIn skills)
• How you are connected (first- and second-degree connections, group members, etc.)

On top of that, you can also identify alumni by the year they attended school, or you can conduct a text search for specifics that don’t fit in any of the listed filters.

Earlier this year, thousands of Delta passengers worldwide were grounded due to a power outage that halted critical IT operations. This was a huge problem not only for the many delayed travelers, but also for the airline company itself. Within three days, the airline company cancelled around 2300 flights and paid over millions of dollars in downtime costs. But if you weren’t personally affected, why should you care? Well, without a business continuity in place, companies like yours can face the same repercussions. In order to prevent that, take heed of some poignant lessons companies can learn from Delta’s IT failings.

Strive for 100% redundancy

According to Delta’s chief information officer, a power failure caused the company’s data center to crash, grounding thousands of would-be passengers. Although power was restored six hours after the incident, critical systems and network equipment failed to switch to a secondary site, corrupting valuable data in the process. And while some systems failed over, other vital applications didn’t; this created bottlenecks, decreased revenue, and diminished customers’ confidence.

Delta’s case is a massive wakeup call not just for the airline industry but for every business -- large and small. Companies must implement disaster recovery plans for their data centers, on-site technology, and Cloud applications to continue servicing customers while fixing the main issue with their primary systems. Companies also need to get rid of the false notion that redundancy plans to assure service continuity is restricted to larger corporations. DR and business continuity solutions are extremely affordable today, and a partnership with a provider can help you in more ways than one (more on this later).

The next time you visit Dropbox.com, you may be asked to create a new password. Why? Back in 2012 the cloud storage firm was hacked, and while it thought only email addresses had been stolen, new evidence has come to light that user passwords were compromised, too. So if you’ve been using Dropbox since that time but haven’t updated your password, the company advises you to do so ASAP.

Despite the unfortunate incident, Dropbox has implemented a thorough threat-monitoring analysis and investigation, and has found no indication that user accounts were improperly accessed. However, this doesn’t mean you’re 100 percent in the clear.

What you need to do

As a precaution, Dropbox has emailed all users believed to have been affected by the security breach, and completed a password-reset for them. This ensures that even if these passwords had been cracked, they couldn’t be used to access Dropbox accounts. However, if you signed up for the platform prior to mid-2012 and haven’t updated your password since, you’ll be prompted to do so the next time you sign in. All you have to do is choose a new password that meets Dropbox's minimum security requirements, a task assisted by their “strength meter.” The company also recommends using its two-step authentication feature when you reset your password.

The ocean has a strange way of making you feel so small; so does a Twitter account with virtually no followers. It does become quite hard for your small- to medium-sized business to establish a strong online presence when they are surrounded by singers and supermodels with their own collection of trending hashtags. This is the part where you’d wish you had come across a genie lamp; while waiting for that to happen, take Twitter’s new dashboard app out for a spin.

According to Noah Pepper, Twitter’s product and engineering manager, “For businesses, Twitter is a place to share news, tell stories, and have conversations that support, educate, and delight their customers.” On top of that, he states that “It's a place for authentic interactions – but we know that creating these kinds of connections isn't always easy for businesses that are time and resource-constrained.” Because of this, Twitter has developed a brand new application that helps lighten your social media load -- enter Twitter Dashboard.

Twitter Dashboard specifically caters toward small- to medium-sized businesses, helping them to establish a fast, efficient and affordable means to manage their online presence. It helps you easily track and engage with audiences. The free app is still in the beta phase but is available to all businesses in the United States via iOS devices. There’s also a desktop web version as well.

As the saying goes, “absence makes the heart grow fonder.” If oceans were to separate you from your loved ones, what would you do? Would you communicate as much as you used to? Would you still check in from time to time? Now, apply this sentiment to your business; what would happen if communication with your customers broke down? Following up on orders or keeping track with progress would become a nightmare - it’s time for CRM software to save the day:

Since every business differs in terms of size, there is no one-size-fits-all when it comes to CRM. Thus, varying corporate sizes require unique CRM software that best addresses requirements. We’ll be taking a look at ideal CRM software options for the following categories: businesses in general, very small businesses and ones that are free.

Best CRM Software for Small Businesses: Salesforce

Salesforce has long been considered one of the top-tier CRM solutions, mainly due to its cloud-based nature coupled with full-featured capabilities that cater to businesses of every size. Typically, Salesforce is synonymous with larger enterprises, but that doesn’t mean small- and medium-sized businesses are denied the same perks. Enter Salesforce’s small business edition: with it, SMBs can utilize the robust set of CRM tools at an affordable rate.

According to several reports, the volume of malicious cyber attacks have increased since the beginning of the Rio Olympics. And even though our devices have the latest network security systems, hackers have a cunning trick up their sleeves -- social engineering. Unlike malware and other viruses, social engineering tricks people into divulging sensitive data to hackers. Unfortunately, businesses are also vulnerable to various social engineering tactics. As a business owner, you should be vigilant of these common scams used by hackers.

Phishing

Phishing scams are perhaps the most common type of social engineering attack. Usually seen as links embedded in email messages, these scams lead potential victims into seemingly trustworthy web pages, where they are prompted to fill in their name, address, login information, social security number, and credit card number.

Phishing emails often appear to come from reputable sources, which makes the embedded link even more compelling to click on. Sometimes phishing emails masquerade as government agencies urging you to fill up a personal survey, and other times phishing scams pose as false banking sites. In fact earlier this year, fraudulent Olympics-themed emails redirected potential victims to fake ticketing services, where they would eventually input their personal and financial information. This led to several cases of stolen identities.

The art of organizing a meeting is much like chess. Each player has different possible moves, or availabilities; and it's up to you to strategize which pieces to move where, or which events to schedule (or reschedule) when. The objective is to land on a square wherein all participants can attend, but achieving this goal often demands a tiring and time-consuming process. Fortunately, with the help of Microsoft FindTime, you can arrange meetings efficiently and easily.

Before any meetings take place, you’ll need to download Microsoft FindTime first. Fear not, because this Microsoft Outlook add-in is easily downloadable and is 100 percent free. FindTime was developed to help you and your guests do just that -- find time! Coordinating all attendees’ schedules, FindTime will iron out a time that works for everyone.

Just the thought of having to organize a meeting across your organization can stir up anxiety and elicit a huge sigh... Sigh! Why? On top of handling your own hectic schedule, you’re expected to juggle your attendees’ schedules as well. This would be the moment when telephone calls start to flood in and emails start to go back and forth, rarely heading toward a unified decision.

Although some view Facebook as a strictly social platform reserved for selfies and political rants, its $350+ billion market value screams otherwise. While it isn’t something you should be shoveling money into, it probably is a sales avenue you’re neglecting. Aside from purchasing ads, there are a host of FREE ways to go about improving your SMB’s Facebook page. We’ve listed six of our favorites here.

Use video whenever possible

Recently, Mr. Zuckerberg himself was caught opining about the value of video in social media. And while there hasn’t yet been any news about newsfeed algorithms giving preference to video, it’s definitely a safe bet when compared to texts and graphics. Facebook Live is an excellent way to engage your subscribers, and there are several ways to leverage it for increased profitability. Whether it’s an Ask Me Anything segment or a promotional announcement, hit that record button more often for more engagement.

Facebook only promos

While we’re on the topic of promotions, make sure you’re creating some that are only available through Facebook. If you’re simply reposting those from your website or e-commerce store, it’s harder for followers to justify maintaining any interest in your page. Use Facebook Live or a pre-recorded video to introduce a better-than-usual discount on your products or services. The key here is getting customers to actually visit your page, so make sure it’s not a coupon code or a link they can just pass on to friends. Ask the first 100 viewers to post their email address in the comments section of the video. If their increased dwelling time doesn’t make a lasting impression on them, it probably will make an impression on their Facebook newsfeed algorithm.

Similar to the shakedowns you see in mob movies where innocent shop owners are forced to pay “protection money,” deploying ransomware is a means of extortion. Computer hackers install it on your network to seize control of your company’s precious confidential data, then demand payment for its safe return.

The way in which these nefarious operators commandeer your information and deny you access usually involves some fairly sophisticated stuff. The ransomware they install on your system is essentially a virus that “locks up” your data, and it can’t be unlocked unless you pay them for the keys.

Some of these data-encrypting viruses are strong, such as the CryptXXX strain. It has been infecting businesses for the past few months, and its latest mutation can’t be quelled by decryption programs found for free on the internet.

Two relatively new types of ransomware aren’t quite as virulent as CryptXXX, but we’d like to bring you up-to-date on them nonetheless. Here’s a look at what they’re called, what they do, and how you can defeat them should your business be impacted.

PowerWare

The first of these recent ransomware varieties is called PowerWare, which also goes by the name PoshCoder. It imitates a more complex ransomware program called Locky, although with less effectiveness.

What tech fads has your SMB recently written off as silly and not worth your time? 3D printing, internet of things…Pokémon GO? Juvenile as they may seem at first, these trends helped to make a lot of businesses a lot of money. Navigating the quickly rising and falling auspices of the tech world may seem like a lost cause, but with the right know-how, you can make, connect, and catch profits by exploiting the tech trends of the day. Let’s take a look at five strategies to make that happen.

Get in early

One of the biggest indicators of how successful your SMB will be in making big gains off of a new trend is how early you get in. Fads, especially in the tech world, can come and go in no time. Be careful not to invest in resources with a long-term commitment like new logos or graphics, but instead in low-cost workarounds like special promotions and social media campaigns that put you front and center immediately. Once the popular kids have moved onto a fresh fixation, you’ll be ready to move forward without skipping a beat.

Use existing tools

How can you get up to speed quickly without investing too much in permanent resources? The trick is to hijack existing opportunities and strategies for your own message. For example, John Deere has been selling farming equipment for over 150 years, with no signs of slowing down. But with a creative combination of existing GPS technology and mobile devices, they quickly jumped to the forefront of the “Internet of Things” craze by connecting their vehicles to crop planning practices.

One of your business’s most valuable assets is data, and ensuring its safety should be a top priority for your IT department. But what of the fact that there are so many different types of data nowadays? It seems like every few months there’s a new buzzword for the latest flavor, so it’s important that you get a taste of each new kind to ensure you’re up-to-date.

Data is the lifeblood of the information age. It gets observed, collected, organized, and analyzed, and it allows businesses to compete for profit and prosperity. And it takes many forms, each one unique and often vividly-named by the addition of a simple descriptive word.

As such, we thought a short glossary was in order to help keep you current on a handful of new data buzzwords and how they might impact your business.

Small Data

If “big data” is about powerful machines, huge databases, and sophisticated analytics, its little brother “small data” is about people. Small data takes a scaled-down approach to data mining that relies on things like social media to acquire important information. Archiving it is also simpler since a complex central data warehouse isn’t necessary.

Slow Data

Let’s face it, keeping yourself free from online threats can be a pain: using different passwords for every site, changing them every three months, using advanced encryption, the list goes on and on. You either end up paranoid of being online or give up altogether. We’ve organized 5 simple cybersecurity measures that we promise anyone can implement.

1. Two-Factor Authentication

Did an attacker get your password? With two-factor authentication they’ll still need your mobile device to do any damage. Here’s how it works: every time you log into a service that requires a password, the service will send a code to your mobile device for another layer of authentication. Nowadays, most internet services have this option: Google, Facebook, Twitter, Instagram, Skype, Slack, etc. Check a full list here to see if you could be using two-factor authentication on any of your online accounts.

2. Password Manager

Say goodbye to the bygone era of memorizing a long list of different passwords for the various websites and services you use. Password manager software may have been around for a long time, but it’s still a viable solution for improving your login integrity. After installing it, all you need to do is create one secure master password and let the software do the rest. It will store and encrypt all of your passwords in one place for future reference and help generate random, more secure passwords for any new logins.

When it comes to technology news, breakthroughs, innovations, and what-to-do’s, we’ve always got our eyes peeled for the latest and greatest. Paying close attention to what’s trending is critical not only to our success, but to that of our clients as well, which is why we’re taking a look at 5 popular SEO and Social Media tactics happening now.

Everyone knows about death and taxes, the two most famous certainties that we must endure. If there were a third, surely it would be that without robust up-to-date search engine optimization (SEO) and social media strategies, your business will fall behind.

And since there’s no time like the present, we’d like to put forth some of the things that your business should consider taking into account this year in order to increase awareness of your brand, drive more traffic to your websites, and ultimately boost conversion rates.

1. Conversational search

With the success of digital assistants like Apple’s Siri, and the relatively recent roll outs of Amazon Echo and Google Home - two virtual helpers for the home - voice recognition is becoming much more prominent. For businesses, this means adapting your site’s content so it’s detectable by spoken phrase searches in addition to simple short keyword searches.

WordPress is an amazing open source platform that is favored by individuals and business users worldwide due to its ease of use, simplicity and flexibility. However, given that it is the most widely used content management system, it is also the most vulnerable platform out there. Recently WordPress has released an update that addresses security issues for all previous versions. Check out exactly what the update entails.

What’s new in WordPress 4.5.3?

The latest WordPress version includes fixes for more than two dozen critical vulnerabilities, including:

• Redirect bypass in the WordPress customizer API
• Two separate cross-scripting problems via attachment names
• Information disclosure bug in revision history
• Denial-of-service vulnerability in the oEmbed protocol
• Unauthorized category removal from a post
• Password change by stolen cookies
• Some less secure sanitize_file_name edge cases

All vulnerabilities were found by members of the WordPress community. In addition to the security issues listed above, WordPress 4.5.3 fixes 17 maintenance issues from its predecessors 4.5, 4.5.1 and 4.5.2 (See full list).

It's astounding how celebrities manage to amass millions of followers and gain thousands of likes for posting a photo of their shadow. Companies of all sizes would go crazy for that kind of exposure, but rarely do their wishes get granted. But not all hope is lost, start small and take baby steps with the help of Instagram’s recently-announced tools that help make the process of establishing your company’s presence an easier one:

Business profile pages

Previously, it was hard for Instagram users to distinguish an account belonging to a business from one that is dedicated to cats, but with the Business Profile feature, that’s a problem of the past. By taking advantage of this, you are giving customers directions to your business with just one tap - and on top of that, you can also establish a contact call to action with choices that include: text message, phone call or email.

The posts themselves are identical to those from other accounts, but as previously mentioned, the major difference is the account’s profile page itself. Especially when customers are given directions and various channels for communication with just a single tap. This fills in the void many business owners experience: converting the interest sparked on Instagram and converting it into action.

Like the Loch Ness Monster, reputation marketing has long been considered a figure that is shrouded in mystery. Shai Aharony from Redboot Online sums it up as "tools that allow you to analyze, track, monitor and engage online activity, giving you the power to directly respond to customer complaints and turn potentially damaging feedback into a positive experience." If you are still unsure, take a look at these 10 tools that provide a better theoretical as well as practical understanding:

ConsumerAffairs

Businesses can forge a strong online reputation and boost revenue with an array of advanced features. Namely, unpaid business plans along with third-party accreditation programs coupled with powerful software as a service (SaaS) platforms - offering companies various resources to convert customer engagement into cash.

BazaarVoice

Ideal for companies with deeper budgets, BazaarVoice extends the online marketing potential of customers’ voices to shopping portals, offline channels as well as natural search. Customers are also able to leave reviews, rating, questions and other customer-generated content on client websites which will then be shared on social media.

Good cyber security, much like the best NBA defenses, must be strong and able to stop threats from every which way. For the Milwaukee Bucks, their on-court and cyber security defense could both use a little practice. Yahoo! Sports reported that the Milwaukee Bucks sent out the names, addresses, Social Security numbers, compensation information and dates of birth of players as part of a spoofed email attack. Practice these four email security tips and don’t let this happen to your business.

Education is key

There are countless cliches out there promoting the importance of education, but when it comes to cyber security, you might as well embrace them all. In the case of spoofed emails, you need to make sure your employees know what these are and how they can harm your company. They can come in several forms and look to attack your organization in a number of different ways. A good defense starts with trained employees using best security practices when it comes to emails. Knowledge isn’t just the key to success, it’s the building block of a comprehensive email security plan.

Check the sender

The easiest way to determine a real email from a spoofed one is to view who is sending it. While your basic junk mail folder will screen the really lazy attempts at spoofing, you and your employees can’t rely on it to weed out everything. A lot of cybercriminals have gotten skilled at mimicking the look and feel of companies through professional looking graphics and signatures. For starters, you are going to want to ignore email display names as these can be deceptive. The domain name provides the best clues as to who the sender really is. For instance, if an email requesting your company’s financial documents claims to be from the IRS but the domain reads IRSgov.com, it’s a spoof email since that domain is not what the IRS uses. If you ever spot an email containing a domain you consider to be suspicious, delete it immediately. If it is from a legitimate sender, they will send you a follow up email in a couple of days.

Gamers require an effective strategy to thwart the boss, athletes require constant updates on the latest tournaments to improve performance and businesses require an online community to fully thrive. As the saying goes: ‘What comes easy won’t last, and what lasts won’t come easy’. This is especially true when you embark on building an online community for your company. Allow the following five tips to help you make the process an easier and enjoyable one:

Make sure your customers are passionate

The number one rule of online community is that it should be a place where like-minded people are genuinely interested in your brand and are able to engage, if that’s not the case, it won’t be any different from throwing a party that everyone ignored. Make sure you have brand appeal, pick up on vibes your customers are giving off and figure out what they really want. The size of your online community isn’t what’s important, customer’s annual revenue and genuine passion for your products play a much bigger role.

Loosen the reins

It’s an undeniable fact that you have put copious amounts of time and energy into building and managing your business - so you can’t help but develop an attachment to it. What business owners have to realize is that your company really belongs to your users. This is a difficult obstacle to overcome, but when you are still clinging on for dear life and discouraging open discussion, you’ve basically shot yourself in the foot. Several times.

One of the biggest fears security experts have may be coming true: self-replicating ransomware. Viruses that have the ability to copy and spread themselves to new systems are nothing new, but until now ransomware attacks have been targeted campaigns. The best way to protect your network from a security threat is to understand it, here’s everything you need to know about this latest development.

Ransomware, the malware that locks up infected systems and demands payment to return access to users, has been steadily increasing its infection rate over the course of this year. Enigma Software reported that, “After staying steady for the last six months of 2015, ransomware detection has begun to climb; February saw a 19 percent increase over January, while March had almost a 10 percent increase over February. Then, in April, infections more than doubled.”

And as if that wasn’t frightening enough, Microsoft announced last week that a recently detected ransomware software was found copying itself onto USB and network drives. The ransomware, titled ZCryptor, disguises itself as either an Adobe Flash installer or a Microsoft Office file to trick users into opening it.

Once opened, it displays a prompt that says “There is no disk in the drive. Please insert a disk into drive D:”. If you see this after opening a suspicious file, it is most likely ZCryptor trying to distract you while it works in the background to add a registry key that buries itself deep in your system and begins to encrypt your files.

The words “free publicity” bring joy to the ears of many SMB owners. You don’t have a big marketing budget, so you need to find ways to cut costs as much as possible. Luckily Facebook has you covered. There are several ways you can promote your business on the world’s biggest social network that won’t cost a dime. Here are a few to get you started.

Get your friends on board

A business is nothing without its fans...at least on social media. So after setting up your Facebook business page, your first order of duty should be to invite your friends to “Like” your company page. Bear in mind, we use the term “friends” broadly here. Really, you should be telling pretty much everyone you know about your business. This includes family members, colleagues, that random parent you chatted with at your son’s baseball game, and any acquaintances from all walks of life. The goal of this is to create a foundation of followers to build upon as you grow your business.

Create your brand identity

On Facebook, your brand needs to do more than simply sell a product or service, because no one wants to interact with a company they feel is constantly trying to sell them. This is exactly why your brand should have a persona and human characteristic. In other words, you need a brand voice. So ask yourself, how should your brand sound? Should it be funny, easy-going, serious or inspiring? Once you’ve figured it out, ensure this voice is consistent in all your posts as it will help your audience form a relationship with your brand as they get to know it better. While you can and definitely should advertise different products or services your business offers, most of your posts should aim to entertain, inspire, and encourage social interaction. As your followers get to know your brand better, they will develop shared interests with it, which will eventually lead to trust. And when your audience finally trusts you, the sales will start to come in naturally.

Having direct access to customers is a gold mine for SMBs and with the increasing popularity of live video services it’s just a matter of deciding what to broadcast. The strategies for live broadcasting are very different than pre-recorded video and it’s important to reevaluate how you’ll present company information in this medium. Keep reading for six of the best types of videos for live broadcasts.

Business Introduction/Behind the scenes

If your company is new or suffering from low visibility, one of the best things you can do is give customers direct access to your staff and your product. A great use of live video is to take viewers on an office tour, show them how a product is made or even broadcast your business’s launch event.

Make sure to invite as many viewers as you can, but remember that most live broadcasts can be saved and viewed later. This is a video you’ll likely want to keep available after it’s finished.

Ask Me Anything (AMA)

Depending on your product or service, you may be getting a lot of conceptual questions about innovative ways to use it, what direction the company is heading and so forth. There’s no better way to address these questions than to do so in a personal and unscripted AMA segment.

Your service provider, who you have tasked with looking after your company’s IT, has kept your business up and running for the past 10 years. Usually, that kind of longevity in developing continuity plans has resulted to some providers overlooking or underestimating certain issues. Here are some of them.

Over-optimistic testing

The initial testing attempt is usually the most important as it’s when IT service providers can pinpoint possible weak points in the recovery plan. However, what usually happens is a full transfer of system and accompanying operations to the backup site. This makes it difficult to look at specific points of backup with too many factors flowing in all at the same time.

Insufficient remote user licenses

A remote user license is given by service providers to businesses so that when a disaster strikes, employees can log in to a remote desktop software. However, the number of licenses a provider has may be limited. In some cases, more employees will need to have access to the remote desktop software than a provider’s license can allow.

Lost digital IDs

When a disaster strikes, employees will usually need their digital IDs so they can log in to the provider’s remote system while their own system at the office is being restored. However, digital IDs are tied to an employee’s desktop and when a desktop is being backed up, they are not automatically saved. So when an employee goes back to using their ‘ready and restored’ desktop, they are unable to access the system with their previous digital ID.

As more and more content management services are released to aid SMBs in online marketing, security risks also increase. One such helper is the image processing service ImageMagick. And while it has proven useful to countless businesses, it is now something you should be concerned about from a security standpoint. Let’s take a minute to discuss this vulnerability and what you can do to protect yourself.

What is ImageMagick?

ImageMagick is a tool that allows sites to easily crop, resize, and store images uploaded by third parties. Vendors continue to improve user interfaces and experiences by consolidating functions into all-in-one packages, which means administrators are becoming increasingly unaware of what specific services they are actually utilizing. ImageMagick is deeply integrated into countless web services and many webmasters may not even be aware they are using this unsafe software.

How can an image make my site vulnerable?

Recently, it was discovered that images can be uploaded that force ImageMagick into executing commands and permitting attackers to remotely insert harmful code into vulnerable sites. Images are actually made up of complex code that is translated into photos, icons, etc. Different file extensions use what are called “Magic Numbers” to define their file types. Manipulating these numbers allows attackers to exploit a flaw in ImageMagick. The service scans the uploaded file, and attempts to decode the source information whenever it detects the file is not what it claims to be. Scanning that code and attempting to rectify the file misappropriation can then trigger whatever was hidden inside the image and result in remote command of your site.

Managing your company’s Twitter account can be tricky. You have a lot of brilliant things to say in under 140 characters but the problem is getting more eyes on your tweets. What’s worse is that there are other companies competing with you to grab that attention. So what can you do to get more people retweeting your posts? Here are a few tricks you can use to get more retweets.

Schedule your tweets

There is absolutely no point in tweeting out any content if your audience isn’t even awake for it. That’s why it’s important for you to tweet at the right time to get the most retweets. Usually people won’t be retweeting in the morning and are more likely to retweet around 2pm to 6pm EST. However, if your followers live in different time zones and countries, the time you should be tweeting may vary. Twitter tools like Tweriod track down the geographical distribution of your audience and pinpoints the optimal time you should be tweeting to get the most retweets.

Use links

The next time you tweet out something, try embedding a link in your post. Whether it’s news, sports or celebrity updates, people will put some effort in keeping up-to-date with their interests. Studies have also shown that links to instructional posts get the most amount of retweets as well. The problem is, 140 characters is not enough content for your followers. So by satisfying your audience’s curiosity, you motivate them to pay you back by sharing your tweet out to their friends.

There are many marketing techniques SMBs use to gain clients. Free information products, brochures, and press releases are just a few among many. But how do you know what’s most effective? It all comes down to looking at data and seeing for yourself what’s worked before. We’ve gone through the trouble of doing just that, so you can see how one age-old marketing technique can give a big boost to your business.

What is one thing every consumer has in common? They all love to save money. This is why the marketing technique of offering coupons is still as effective today as it was decades ago. Shocked? Don’t believe this is true? Well, let’s explore some statistics.

A recent report by Valassis, a large marketing firm that serves clients across the globe, provided some enlightening information on the effectiveness of coupons. Here’s what they discovered in terms of how coupons influence consumers.

• 82% of all consumers are more likely to buy from a brand they wouldn’t normally because of a coupon
• 85% are influenced to try a new product because of a coupon
• 84% are more likely to switch brands because of the weekly specials on offer
• 24% choose to shop at another brand’s store over their preferred because of better advertised bargains

Why do hackers attack? Is it for money, notoriety, or political reasons? Many business owners never ask these questions, and instead only think about the means of how a cyber attack takes place. But knowing the motive behind a hacker’s attack can help you understand whether or not you’re a target and what data you need to protect. So let’s take a closer look at 4 different types of hackers and their motives.

Script Kiddies

When it comes to skill level, Script Kiddies are at the bottom of the totem pole and often use scripts or other automated tools they did not write themselves - hence the name. With only an elementary level of technical knowhow, Script Kiddies usually don’t cause much damage...usually. The Script Kiddy virus known as the Love Bug which sent out an email with the subject-line “I LOVE YOU” fooled millions of people, including some in the Pentagon, in the early 2000’s. The virus reportedly caused around 10 billion in lost productivity and digital damage.

So who is a Script Kiddie? Most of the time they’re simply bored youth looking for a thrill or notoriety. Many never evolve into a full-time hacker, and instead just use their skills as a hobby. Oddly enough, many Script Kiddies find a career later on working in the security industry.

Most people are still impressed when they see a LinkedIn profile with 500+ connections. It gives that person authority in their industry and shows they’re a valuable member of the business world. In other words, 500+ connections can help sell you and your business. So how can you reach this coveted number? Here are some tips to get started.

Network every day

If you’re struggling to grow your LinkedIn network, you may not be spending enough time on the platform. If you want to become a power player, you need to use the social network often. So dedicate 15-30 minutes a day to network on LinkedIn, and make it a goal to reach 500+ connections.

Join and participate in groups

Utilizing LinkedIn groups presents an opportunity to meet other professionals (and eventually add them as connections) as well as learn and share valuable advice. The point is not to just join a group, but actively participate in them. This requires a degree of focus and smart selection.

How many groups should you join? Shoot for around ten. This will ensure you have time to participate in each group and connect with its members. As for the groups you join, you’ll obviously want to join those in your industry, but you should also diversify. So choose five within your industry and five that relate to your other interests or provide you an opportunity to learn from its group members. Some suggestions to consider are an alumni group for your university, groups that represent causes/charities you care about, and groups that relate to a new skill you’re hoping to learn. Obviously, all the groups you join need to be active. If members only post in a group once a week, this is a red flag to avoid joining.

Most business owners are quick to think that utilizing mobile devices automatically leads to more productivity. Unfortunately, this is not always true. A poor mobile device policy can actually lead to burnout and see your employees become overwhelmed by technology. Here’s how to avoid these pitfalls and get the most out of mobile devices in the workplace.

Use the right tool

Some work tasks just aren’t cut out for mobile use. While using a mobile phone or tablet to send emails is an effective way to work on the go, trying to write long form reports on these same devices is a bad idea. As a general guideline, small tasks such as email, viewing documents, using search engines and project management apps are good for mobile work. Anything that is too detailed is probably better suited for a computer or laptop. Lastly, only train your employees to use and learn the mobile devices and programs that make sense for their role. If you want them to be most efficient, you don’t want to overwhelm them with every mobile tool your business uses.

Communicate face-to-face

Email is undoubtedly a valuable communication tool. But it’s also become the bane of existence for many of today’s employees and business owners. Too many emails kills your employees productivity, overwhelming them. And unfortunately, many times email is simply unnecessary. Instead of sending that email about a question concerning an upcoming meeting, simply go and ask in-person. You’ll likely get a response much quicker and you avoid adding yet another message to the email overflow.

In the 21st century, personal computing is with us wherever we go. This is all thanks to the proliferation of mobile devices such as smartphones and tablets. These devices allow us to take work home with us. And, with bring your own device (BYOD) strategy, businesses have never been so productive. However, BYOD poses a number of security risks if you’re not careful. What are these problems? How are they caused? Here are some BYOD security risks you should know before implementing it in your business.

Data leakage

The biggest reason why businesses are weary of implementing a BYOD strategy is because it can potentially leave the company’s system vulnerable to data breaches. Personal devices are not part of your business’s IT infrastructure, which means that these devices are not protected by company firewalls and systems. There is also a chance that an employee will take work with them, where they are not using the same encrypted servers that your company is using, leaving your system vulnerable to inherent security risks.

Lost devices

Another risk your company has to deal with, is the possibility of your employees losing their personal devices. When devices with sensitive business information are lost, there is a chance that this could end up falling into the wrong hands. Additionally, if an employee forgets to use a four digit PIN code to lock their smartphone or tablet, anyone can gain unauthorized access to valuable company data stored on that particular device. Therefore, your company should consider countermeasures for lost devices like completely wiping the device of information as soon as an employee reports a missing or stolen phone.

Simply getting a ‘Like’ on your post is not enough anymore. It doesn’t give you any other useful data and you can’t immediately tell what people feel about your post. However, with Facebook reactions, you can be getting just what your company’s social media page needs. Reactions allow people to quickly express what they think about your post with five new emoticons. But how can you use this to get more exposure and engagement? Here are five tips for you to consider if you want to effectively use Facebook reactions for your social media campaign.

Ask your audience for reactions

Sometimes, audiences won’t know how to react to your posts. You can point them in the right direction by giving call to ‘reaction’ phrases like “Did you learn something new? Give us a ‘wow’ by hovering over that like button”.

As Facebook reactions are a relatively new feature, you can increase the total engagement of your posts by simply asking your fans to use one of the six available expressions on your post. This will not only increase your overall engagement and reach but will also give your fans the opportunity to learn about the new Facebook reactions.

Soften the blow of negative reviews

When purchasing new technology, how often do you consider its return on investment? For many business owners, calculating ROI is a tricky task that is sometimes skipped altogether. It shouldn’t be because if IT isn’t saving you money, it’s costing you. Here’s how you can gain a better understanding of technology ROI and how you can calculate it in your business.

ROI basics

What does it mean to have a positive return on investment? It’s pretty simple. A positive ROI means the results a technology produces are greater than or equal to the amount of time and money invested. Obviously you want a positive ROI, but when is the right time to consider it? Should it be before or after you make a technology purchase? The answer is both. Before purchasing, you want to carefully consider whether a technology service or product is worth your money. Then months after you’ve implemented it, you should analyze whether or not you made a good investment. Doing this enables you to learn from your mistakes (if you made one) and make a wiser technology purchase next time.

Also, don’t forget to look at your technology currently in use. Ask yourself, is your technology simply keeping the lights on? Or is it providing a solid foundation for your business to grow? If the answer is the former, there are likely better options out there worth trying.

As companies go to the Internet to conduct their business, their IT security becomes more vulnerable to many hackers and viruses. That’s why it’s even more important to recognize whether or not your systems are under threat from malicious software to swiftly fend off the infection. So how do you know if your company’s IT security is under threat? Here are a few warning signs to tell if you are a victim of malware infection.

Slow computer

The most common symptom of a malware infection is a slow running computer. Are your operating systems and programs taking a while to start up? Is your data bandwidth suspiciously slow? If so, your computer may potentially have a virus.

However, before you immediately assume your computer has a virus, you should check if there are other causes to your computer slowing down. Check if you’re running out of RAM. For Windows, open task manager (Ctrl + Shift + Esc) and go to the Performance tab and check how many gigabytes of RAM you are using under the Memory section. For Mac OS users, you can open the Activity Monitor app and under System Memory you should be able to find out your RAM usage.

With technology changing so rapidly, it’s easy to get caught up in outdated beliefs. And when it comes to Disaster Recovery, far too often do we see business owners still clinging to ideas that no longer apply. So, what kind of DR myths are still widely accepted by the masses? Here are three that need to be retired into IT folklore.

Tape Backups are the best DR solution

Like a car, computer or television, tape is a physical object that deteriorates over time. Don’t believe us? Go ahead and listen to your favorite cassette. One day your tape backups will become distorted and no longer work. And hopefully, that day isn’t the same one when your business suffers a disaster. However, there is a good chance all your tape backups will work. So does that mean there’s nothing to worry about? Well, consider where you store your tape backups. Are they on-site or in a location within a few miles of your office? If so, remember that if your business is hit by a natural disaster, chances are those tapes nearby will be hit as well. And if they’re damaged or become inaccessible, say goodbye to your business continuity.

While tape backup is better than nothing, many of today’s DR providers will backup your data to an offsite location that is far away from the neighborhood your office is at. That way, if your business is affected by a disaster, your backup is located hundreds of miles away in a safe place that is likely untouched.

When it comes to monitoring your employees online, there are potential positives and negatives for your company. But as a business owner who’s never done it before, you may be clueless as to what these are. So to help, we’ve come up with a list of the pros and cons of employee monitoring. And if you do decide to go through with it, we’ve provided some tips for a smooth implementation process.

The case for monitoring

There are a number of reasons why monitoring your employees is a good idea. Doing so can help you:

• Protect your organization from data theft or harm - because some disgruntled employees may try to steal from you or corrupt your data.
• Ensure you have a harassment free workplace - because cyber harassment (sexual or otherwise) happens among employees.
• Ensure staff are complying with policies - not downloading illegal programs or spending time on websites with illegal or hostile content.
• Provide evidence in case of a lawsuit - heaven forbid this happens, but if an employee participates in illegal activities on your business’s computers, monitoring can provide evidence of it.

The sad fact of the matter is that many businesses who monitor end up discovering that employees are doing things they’re not happy about. Research by Nancy Flynn, the executive director of the ePolicy Institute in Columbus, Ohio, revealed that two thirds of companies monitor their employees, and half of them have fired employees due to their behavior on email and the web.

You know social media marketing can be valuable for your business but, simply put, you just don’t have the time for it. And besides, you’re no social media expert, so the whole process itself can be unnecessarily long as you try and figure out what’s most effective. But what if there was a way you could spend less time on social media while producing more results. Sounds good, right? These 10 tools may be able to help you do just that.

Headlines

Let’s face it, most small business owners are not experts at writing compelling headlines. Thankfully, there are several social media tools that can help you get it right. Here are two of them.

• Headline Analyzer - When it comes to spurring people to action, appealing to emotions can be very effective. This free tool analyzes and scores the emotional aspect of your headline and then informs you of which emotions are being communicated the loudest.
• Optimizely - It’s one thing to hear a so called expert claim that a specific type of headline will work, and it’s another to see it for yourself. This tool enables you to A/B test your headlines, images or variations of them to see which are most effective.

Most of us don’t normally associate Business Intelligence (BI) with small- or medium-sized businesses; the large investment that has traditionally been required to hire specialist data-delving experts makes us think it’s the preserve of larger organizations. But no longer is that the case – not only does a growing selection of self-service tools put BI within reach of smaller companies, but you probably create and hold more data than you realize, which makes it easier to get going. Dispel these false beliefs about BI and get started harnessing the data that will make it easier for your small business to make more strategic decisions.

You’ve already got the data you need

It’s easy to underestimate the amount of data your small- or medium-sized business already has at its disposal. In every area of your business from finance and sales to customer relations and website management, the software packages you use to simplify your everyday operations are packed with reams of information that most of us don’t even think twice about. By talking to key stakeholders in your organization’s various departments, you can get an idea for the kind of data you already have, how it’s generated, and where it’s stored. You’re then in a good place to begin thinking about using BI tools to transform that information into meaningful business insights that inform key decision-making – all while reducing the resources you need to invest in time-consuming data generation from scratch.

TTP’s stands for threats and tactics, techniques and procedures, the number of which has been gradually increasing since 2015. The financial services sector has long been the target for cyber criminals, where they apply a myriad of techniques ranging from social-engineering to credential-stealing malware. This means the time for security professionals to boost cyber situational awareness has never been more fitting. These are the seven latest threats that have recently surfaced:

Extortion

The cyber criminal Armada Collective gained notoriety for being the first to utilize distributed denial-of-service (DDoS) attacks. This occurs when multiple systems flood a targeted system to temporarily or completely disrupt service. They evolved the idea further and started to extort Bitcoins from victims who were initially notified of their vulnerability. If they didn’t comply with the ransom demands of the criminals, they would flood their systems until the victim's network would shut down completely.

Social media attacks

This involved criminals using fake profiles to gather information for social engineering purposes. Fortunately, both Facebook and Twitter began to proactively monitoring for suspicious activity and started notifying users if they had been targeted by the end of 2015. However, you should still have your guard up when someone you don’t know, or even a friend or colleague, starts asking you suspicious questions.

The term ‘image’ is no longer associated with just pictures or paintings. In this modern day and age, image extends to how one perceives your business in reality and online. You can’t simply hit F5 and refresh an image you aren’t comfortable with. Find out how you can constantly maintain and improve your online image with the following tips.

Own the first page of search results

In his new book on online reputation management, Tyler Collins, a digital marketing expert for Fortune 500 companies mentions the importance of a company's search results that appear after pressing enter. These results make up the majority of a business or personal reputation online. For optimal results, it is advised that you occupy the first 10 spots (the entire first page of the search results), and within this number, there should also be a variety of related content such as positive reviews, media coverage as well as customer testimonials that contribute to the establishment of trust and credibility.

Paint the picture before the exhibition

Especially for entrepreneurs embarking on a new company, it is best to work on their online reputation before launching. This includes creating a brand, company name and message, all of which should help your business land the top 10 search results online. You should invest some time in thoroughly researching potential brand names to ensure your tentative company name has no negative associations.

We live in the age of distraction. If it’s not the hundredth urgent email in your inbox that blows your focus, maybe it’s your IT staff pounding on your door with another technology emergency. Whatever the circumstance, you may be tired of looking in the mirror only to see bags under your eyes from too many late nights at the office. That’s why we’ve come up with a few principles to help you become more productive in your business and life, and to hopefully help you get some sleep.

Have a single focus

When Bill Gates and Warren Buffet were asked what the single most important reason for their success in life was, both answered with a single word: focus. It is that important. When you work on one task for an extended period of time, the quality of your work is at its highest. What’s more, you’ll also finish that task in a shorter amount of time than if you had to stop and start it repeatedly due to distractions.

This principle of focus can be applied to many areas of business and life. Whether you’re writing a report, sharing time with your family, or simply reading a book for your own pleasure, the quality of that experience improves with the more uninterrupted time you dedicate to it. Now, when it comes to IT and technology, this same principle can have a tremendous impact on your business. Not only do technology distractions - such as constantly breaking computers, security breaches, and slow servers - hurt your productivity, but they also crush your spirits. How can you focus on growing your business like this? This is where an MSP comes in. They can help eliminate all IT interruptions so you get back to doing what you do best - running your business. What’s not to love about that?

As a small business owner, you may be a bit perplexed how to gain the most value out of LinkedIn. You may have already spent countless hours trying to leverage the platform with little success. So what are you doing wrong? And how can you make the most out of your time on the platform? Here are a few tactics any SMB can follow to gain more value from LinkedIn.

Know LinkedIn’s purpose

Simply put, LinkedIn is not a content marketing platform. Yes, people do publish articles and posts, but if you have a small budget and are short on time, you will get more bang for your buck on social media networks that are more content marketing friendly. For example, Pinterest, Instagram, Facebook and Twitter are all far better options in this scenario. Many users are on these platforms to view content in one form or another. On LinkedIn, content can undoubtedly be viewed, but people are primarily there to make connections. Of course that doesn’t mean you shouldn’t post an occasional article on LinkedIn. It just means don’t make it the main source of your content marketing efforts.

Another way businesses misconceive LinkedIn is in terms of lead generation. Basically, you shouldn’t expect your LinkedIn page to generate a large amount of leads. As an SMB, your marketing budget is limited, so you’ll be better off using your advertising budget to drive leads to your actual website or even a Facebook business page. Your LinkedIn business page should be used instead to validate your experience, credentials, and professionalism. With that said, make sure your page is polished and updated with all this information.

Employees are one of your biggest security holes. There is no foolproof prevention method for human error, and this is why employee mistakes are one of the most common causes of a security breach. So what can you do to prevent it? Well at the very least you need to include policies in your employee handbook, and ensure your employee reads through it and signs off on agreeing to abide by them. Having measures in place drastically reduces the chances of a security breach. Here are four areas to keep in mind when developing your own.

Internet

In today’s business world, employees spend a lot of time on the Internet. To ensure they’re not putting your business at risk, you need a clear set of web policies. Here are three important ones to keep in mind:

1. Employees should be using the Internet for business purposes only. While this is undoubtedly hard to avoid without blocking specific websites, having a policy in place should at least cut back on employees spending time on non-business related sites.
2. Prohibit unauthorized downloads. This includes everything from music to games, and even data or applications.
3. Accessing personal email should not be done on business devices. If employees must access their own email account during the day, they can do so on their smartphone or other personal device.

It’s a fact of life. Events out of your control can disrupt your business operations. While you can’t necessarily control the unexpected, you can take some precautions to prevent most business disruptions. Here are some key business continuity strategies that organizations across the globe rely on to keep their doors open.

Backup your data, applications and servers

Today, companies are more dependent than ever on IT and their business data. If these critical components suddenly become inaccessible, can your business stay open? For most business owners, the simple answer is no. This is why backing up these elements is vital to your business’s success. Backing them up ensures they can be restored quickly in the event of a disaster, security breach, or damage to IT equipment.

Obviously, to ensure the accessibility of your IT, you need to backup all your data, applications and servers regularly. The keyword here being “regularly”. While in the past most businesses would do this on-site and with tape backups, today more and more businesses are using the cloud. Some of the prime reasons for backing up to the cloud are as follows:

• Affordability
• Backups can be automated, therefore saving you time
• Cloud providers usually backup your data to multiple locations (so if one of their facilities goes down, your backup is still safe at another site)
• Backups can be accessed from anywhere, whether it’s at an employee’s home or at an alternate office
• If you need to use it, backups can be restored quickly

Disasters. They do happen -- it’s only a matter of ‘when’. While most businesses acknowledge it, surveys show that only one in four companies worldwide have adequate protection in the event of a major disruption. We’re not talking about insurance here, but a Disaster Recovery (DR) plan that could save you thousands of dollars in losses and worse, a business closure. If you haven’t heard much about what DR is, this post will help you gain some insight about what it is and how it can affect the future of your business.

As we all know, unpredictability is a fact of life. The aftermath of Tropical Storm Bill in Texas and recent floods in South Carolina are a grim and unfortunate lesson for many overconfident business owners who think their companies are spared from the likelihood of cataclysmic weather, technological malfunctions, or human actions. A 2014 survey by the IT Disaster Recovery Preparedness (DRP) Council reveals just how many companies worldwide are at risk: 73 percent of SMBs are failing in terms of disaster readiness. What does this mean? It means that 3 out of 4 companies aren’t prepared to handle emergencies and save their businesses from a worse-case scenario.

When big companies like Dropbox or Ashley Madison are hacked, the whole world hears about it. But how often do you hear about cyber attacks on the SMBs of the world? Probably not often, or never. Well, today, that’s all about to change. The NY Times recently ran an article telling the story of a small business, just like you, who suffered a major cyber attack. Here’s the story, and some ideas as to how to protect your business.

Last holiday season, Rokenbok Education, a small, California-based toy company of seven employees realized its worse nightmare. During the busiest time of the sales year, the files in their database had become unusable, infected with malware. The hackers used ransomware, a malware designed to hold a business’s data hostage, to encrypt their files and demanded a payment to make them usable again. However, instead of paying the ransom, Rokenbok restructured their key system. To do this it took four days. That’s four days of downtime, lost sales, and confused customers who likely lost confidence in the integrity of their company. Luckily this did not put Rokenbok Education out of business. But many SMBs aren’t so fortunate, and are forced to close after such a security debacle.

When it comes to business intelligence, you may think there’s no easier way to simplify your data than to organize it into a graph or chart. Business owners have been using this method for decades, so what else could be better than that? Well, a new product on the market is striving to make business intelligence even simpler. Here’s the scoop.

Earlier this week, the Chicago-based company, Narrative Science, integrated with the business intelligence and visualization software company, Qlik. The fruit of this integration is a new way of looking at your data beyond your standard charts and graphs. Yes, charts and graphs are still used, but now there is a new element that comes into play: story. Qlik now enables businesses to take the data on their charts and graphs and automatically turn it into a narrative that will explain the most important and relevant points of their data. These stories are presented in easily understood, natural language and can be personalized to the audience who is reading them. For example, if you want to change the format, language style or detail of the story, you can easily adjust these.

How storytelling can help with business intelligence

When it comes to social media, figuring just what, if any, value it offers your business can be complicated. There is no exact science when it comes to figuring it out and even experts disagree as to just what is and is not important when measuring the value of your company's social media. The reality is that there is no tried and true method to solving this enigma, but we will offer you some advice on how you can uncomplicate the mystery.

ocial media is important for your business and it can have a great deal of value for your company if utilized correctly. Of course measuring this value is an imperfect science. While we don’t have a magic formula to help you figure it out, we do have a few things for you to consider when it comes to estimating it for yourself.

Followers matter but…

...they are not the end all be all when it comes to your social media efforts. When social media first started, it was all about how many followers you had. In the eyes of consumers, more followers equaled more credibility. However, that sentiment is no longer a prevailing thought among consumers and the number of followers you have won’t make or break your organization.

If you’re not considering YouTube for your business’s marketing strategy, you’re truly missing out on one of the most powerful marketing platforms out there. YouTube gives you the opportunity to establish your business’s unique brand and personality through video. If you’re just starting out on YouTube marketing and don’t have a specific strategy in mind, check out these tips to create great videos and attract more viewers.

Keep it short and simple

Most people have short attention spans and won’t watch videos that are longer than a couple of minutes unless they’re really interested. This means lengthy videos might not perform as well as you might hope, since viewers are likely to be turned off completely. There’s no fixed formula here, but the idea is to create videos that convey your intended message within five minutes at most. If you have the need for longer videos, simply split them into small segments - this is another great way to keep your visitors hooked and make them want to come back for more.

Use humor in your videos

Have you ever wondered why the funny videos on YouTube earn so many hits in such a short time? That’s because people love humor. We all like a good laugh. There are several YouTube channels out there that have had huge success by injecting humor into their videos. You don’t have to make your audience fall on their backs laughing - just flashing a little sense of humor will do the trick.

When a person searches for your company on Google or any other search engine and sees a negative review from a ‘rant’ site, it can have significant repercussions to your online reputation. That’s because more people are likely to see something, and even click on it, when a page turns up on the first page of search results. It is important your company acts swiftly to push these negative reviews off the first page of search results. Here is some advice for fighting back against these ‘rant’ sites.

You’ve probably seen websites like Ripoff Report and Complaints Board give upset clients a sounding board to voice their frustrations. These unverified reviews are almost always negative and can damage a company’s online reputation. This is especially true if these reviews show up on the first page of an organization’s search results where it will appear to anyone who uses a search engine to look for information on a company.

Businesses are not powerless when it comes to dealing with these ‘rant’ sites and the negative content they contain. While you won’t be able to have this content completely removed from the internet, if you are smart with your online reputation management (ORM), you can push it further down the search results rankings where most people will never come across it. We compiled some useful advice to help you fight back against ‘rant’ sites that may be hurting your company’s online reputation.

In today’s competitive business world, it’s imperative that you have a thorough understanding of who your visitors are and what are their expectations. If you’re looking for a powerful analytical tool for your company’s website, Google Analytics one of the best options in the market. Yet trying to understand Google Analytics and its strategic use can make your head spin. If you’re just starting out, here’s an overview of Google Analytics and its key metrics that are noteworthy.

What exactly is Google Analytics?

Google Analytics is a free website analytic product offered by Google. It is an application that collates visitor data from your website and provides basic statistics and analytical tools for search engine optimization (SEO). The data is used to generate reports that give you insights as to how your visitors are engaging with your website.

With Google Analytics, you can analyze your traffic to discover whether your target market is finding your website, how they’re finding it, and if they’re taking the actions you expect them to take while on your site. By tracking and analyzing your traffic you can increase the engagement and enhance your marketing strategies.

There is nothing worse than having a productive day at the office become undone due to a power outage. Losing power for even a single minute can have far reaching effects on your company’s operations as you need to make sure everything is running properly and all data is accounted for. While power outages can be a nuisance, with proper preparation you’ll have no trouble in persevering when the lights go off.

Power outages are one of the only disasters that can strike just about anywhere in the United States. If you are in Seattle chances are tropical storms are not going to be an issue and if you’re in Miami you aren’t going to fret over a blizzard, but losing power can occur anywhere, at any time and without warning.

A Department of Energy report noted that power outages cost American businesses nearly $150 billion in 2014 and added that increasing demand for energy coupled with an aging infrastructure could see the number of blackouts increase. While weather-related events are the most common cause of power outages in the U.S., it is far from the only thing that can disrupt energy service.

Since this is a problem that will continue to plague businesses, especially those ones that are unprepared, it’s important to be ready should a blackout strike. Here are a few things you should consider when it comes to power outages.

Communicating via social media is a way of life for many of us, and these days it’s almost unheard of to not have a Facebook account, but what do you do to stay in touch with friends and family if you don’t have access to one of the popular social media platforms because your government has banned them? This post takes a look at how a country like Iran stays connected despite Facebook and Twitter being blocked – and why the instant messaging app Iranians do use is so wildly popular.

While China is probably the most well known country for restricting their population’s ability to view certain websites, whether through a desire to restrict access to information that might harm the country’s image or because of industry competition, there are other nations which also exercise strict control over what their people can and cannot see online.

Take Iran for example. Its citizens are denied access to Facebook and Twitter while Instagram is partially blocked due to the fact that it is possible to block individual accounts whilst leaving other parts of the platform online. Of course, anyone wanting to update their Facebook status, send tweets or upload a risqué selfie can do so using a VPN. But most VPNs charge a monthly subscription for their services and even then the access can be sketchy at best. However there is one social media platform in Iran that is freely available and that is Line, the instant messenger chat application. Unlike China which has blocked Line (something that is more to do with it being direct competition to the homegrown chat app WeChat than freedom of speech), in Iran Line is big news. In particular its social media function, called Timeline, is connecting people throughout the country, and in some surprising ways.

The threat of being infected by malicious software is part and parcel of spending time on the internet, and no sooner have the antivirus and security software programs released an update or new patch than cyber criminals are scrambling for ways to circumvent them. In addition, as end users become savvier to the tricks and scams used to steal our data, money or identities, new tactics are employed to try and fool us. And that includes Chimera, a new strain of ransomware which has recently been uncovered.

Business is booming in the world of cyber crime, and scammers, extortionists, phishers and hackers are constantly on the lookout for new ways to exploit our fears and naivety in order to boost their bank accounts, steal our data, or simply cause us mayhem for their own twisted pleasure. One of worst types of malware for playing with our emotions - and therefore increasing the likelihood of us capitulating to its demands - is ransomware. If you don’t know how this program works, read on for an introduction.

If your computer has been infected by ransomware, the first sign that something is wrong is normally discovering that you are unable to open one or more of your files. That’s because the malware encrypts them, rendering them completely inaccessible. The next thing you see will be a ‘ransom note’, either in the form of an email or a notice that appears directly on your screen. You will be told that if you want to see your files again you will need to pay a sum of money. After making payment you will (allegedly) be sent a code that will allow you to decrypt your files.

As shown by recent high-profile hacking scandals - targeting everyone from Sony Entertainment to the extramarital-affair-facilitating website Ashley Madison - cyber crime shows no sign of disappearing any time soon. In fact, experts predict that 2016 is going to be an even busier year for cyber criminals, hackers and scammers. So what do you need to know in order to be able to keep your small or medium-sized business safe next year? Here we take a look at what could be in store.

If you think that only big corporations and prominent organizations are targeted by cyber criminals, you are making a deadly mistake. It might be tempting to sweep cyber crime under the carpet and assume that you are flying below the average hacker’s radar, but that simply isn’t true. In fact, it’s the polar opposite, since smaller enterprises are actually far more likely to be at risk than larger ones, owing to their typically less sturdy security postures.

So where does that leave you as a small or medium-sized business owner or manager? Does it mean you need to be taking your cyber security even more seriously? You can bet your bottom dollar it does, as industry experts predict that 2016 is only going to become more of a minefield when it comes to online crime.

Big data. You may have heard of it; after all it’s been putting in an appearance at boardroom meetings across the globe for some time now. But what actually is big data? And what does it mean when applied in a business environment? More importantly, what can it do and how can it help your organization to succeed? And getting down to the nitty-gritty, does the term big data actually mean anything – or is it just another empty industry buzz word? The good news is that it’s not, and using big data can actually help drive profit. Read on to learn more.

So, we’ve established that big data is causing a stir and creating a buzz in companies that are in the know. In fact, it’s become hip to bandy about the phrase whenever one is trying to impress their boss, senior management or fellow co-workers. But like any lingo or jargon that is currently cool, it really doesn’t count for a whole lot if it doesn’t mean anything, particularly in the workplace.

The good news is that, unlike some of the more hackneyed expressions thrown around by those colleagues that are so desperate to impress their seniors, big data does actually mean something. And, more to the point, it can help your business thrive. Big data can help you achieve that end result that everyone in business is chasing: profit.

Are you making the most of one of your business’s greatest assets? Along with your loyal customers, your team of enthusiastic and hardworking staff, and your tastefully decorated store or office, there is an all-too-often-unsung hero just waiting to help you take your business to the next level: your data. You’ve probably read articles extolling the virtues of data mining, but just how does a small or medium-sized organization actually use data to grow their business?

Many small and medium-sized businesses shy away from data analytics due to the perceived complexities of dealing with the myriad of facts and figures. A head for figures is something many of us lack – and, even if you have no problem with the math, there’s the time involved in setting aside a part of your busy schedule to track your analytics.

But the sooner you embrace your data, the sooner you can start adding real value to your business through this extremely valuable, and often untapped, source. But just how does a smaller enterprise actually set about doing that? After all, even the most humble of mom and pop stores or home-office-based entrepreneurs has access to an often bewildering array of trackable metrics.

Natural disasters have increased exponentially in the last few years - something that has resulted in a number of small and medium-sized business owners turning to business interruption insurance for protection. Covering many scenarios that regular business insurance simply ignores, adequate protection can be the make-or-break factor when it comes to surviving a natural or manmade catastrophe.

So why do small and medium-sized organizations tend to forego business interruption insurance policies? Chances are it, like so many things, comes down to cost. But can you really afford to ignore the additional protection that interruption insurance offers, or is it safe to cut corners and hope that your regular business insurance will have you covered in the event of a disaster?

While an interruption insurance policy may cost you anywhere from $750 to $10,000 or more (the cost is normally dependent on the size of your business), the fact is that your standard insurance policy will not cover you completely when a catastrophe strikes.

Take for example the spate of superstorms that have ravaged the United States over the past decade. From Hurricane Katrina to the more recent Sandy, small businesses and enterprises throughout the US have been left devastated after feeling the wrath of Mother Nature. While a best-case scenario may entail losing a few days sales during a power outage, at the other end of the scale you could find yourself dealing with a destroyed warehouse, an office that no longer has a roof, or thousands of dollars worth of stock destroyed by flooding.

Something known as “state-sponsored cyber attacks” may not be something you have heard of until now. But with both Facebook and Google viewing the problem as serious enough to warn their users about, it seems this is an issue that could be here to stay. And now with Twitter also recently taking steps to alert their users about possible account hacking attempts, this may well be something that many of us should be concerned about.

But how at risk actually are you from a state-sponsored cyber attack? Is your small or medium-sized business in danger of being targeted? And who is behind these hacking attempts? Well, going by the warnings recently issued by Twitter, reports so far suggest that people, companies or organizations connected to internet security and freedom of speech are currently most likely to be at risk. But ‘currently’ is somewhat ambiguous, for in the world of cybercrime things can happen at lightning speed, and someone who is a target today might be deemed out of danger tomorrow – and vice versa.

As always, the best form of protection is to be forewarned, and you can only do that by learning as much as you can about the latest threats, scams and attacks. If you are a Twitter user, be it personal or for business use, you may be wondering why you have not yet heard of these alerts. That’s because Twitter’s messages were only sent to a small, and mostly rather niche, group of users. The email informed these users that Twitter was contacting them as a precaution due to their accounts “possibly” having been hacked by the state-sponsored actors. The email also stated that they believed that the actors may (or may not) be associated with a government, and that those involved had been looking to obtain personal information such as email addresses, phone numbers and/or IP addresses. So far, so vague!

It’s safe to say that malware attacks, phishing scams, and social media engineering practices are going nowhere fast. That means that, whether you are a home user or the owner or manager of a small or medium-sized business, if you choose to ignore safer online security practices you are putting your identity and the security of your company at serious risk. But what are big providers like Google doing to stop cyber threats in their tracks? After all, surely the onus is on them to provide a service that is secure as it possibly can be?

With more than one billion people using Google’s search engine on their desktops, and over a billion more accessing it through mobile devices, it is clear that security is – or should be - paramount. Google already claims to protect desktop users with its Safe Browsing service, but what about its mobile users?

With cyber threats ranging from the annoying, such as adware, to the unsavory – hello spyware - and the downright terrifying (ransomware, we’re looking at you), mobile device users are increasingly demanding to know that they are being adequately protected when using Google’s products, tools and services. So in order to protect the mind-bogglingly large number of people who are using Google on their smartphones, laptops, notebooks and tablets, Google recently unveiled plans to extend its Safe Browsing service to mobile users - or at least to who are using Chrome on an Android device.

Do you know when to invoke your Business Continuity Plan? A lot of business owners assume they know when it will be required, but the reality is that it can be hard to determine when a BCP is really necessary. It’s important you are able to assess what is taking place, and make an informed decision with regard to putting your continuity strategy into action. Here are few things you need to consider when it comes to invoking your plan.

When a disaster happens, your first thoughts will likely revolve around how it will affect your business and the services it provides. Depending on what occurs, you might be required to call your Business Continuity Plan (BCP) into action to ensure your company remains operational and that any Recovery Time Objectives are met.

Unfortunately, too many business owners fail to properly prepare themselves for taking this action, by viewing disasters as two-dimensional events. Realistically, a disaster has many possible outcomes and is not as black and white as you may think. For instance, think about how a flood can disrupt your company.

The logical conclusion for most business owners is to picture their office underwater. While that is one possibility, several others may also exist that could require you to consider implementing your BCP. A flood may not disturb your office, but what if it strikes an off-site storage facility where you keep digital or paper data? This is likely to have just as great an impact on your business, and necessitate your BCP coming into action.

When listing your company’s assets, your blog probably doesn’t make the cut. Many businesses tend to ignore blogging - which is a real mistake these days. By putting time and resources into your blog, your can transform it from just another webpage to one of the most valuable things to your company’s growth. We’ve complied our own list of things you can do to make that happen.

We’re not here to judge. However, if any one of these scenarios resembles the current state of your blog, it might be time to do something about it. We know you’re busy and that the last thing you want to do is write about your business but, with content that is carefully crafted and curated, your company will have an unique asset that can help lead your marketing, by establishing you as an expert in your field, and promote sales efforts by driving people to your website.

You’re probably wondering where to begin. Well go ahead and reset the password for your WordPress or Tumblr account, because we have a few pointers to help you get started.

Use your blog to build your brand identity

For small and medium-sized businesses, it can be difficult to build a brand identity. You have your logo and colors, but what does your brand consist of beyond that? What is its personality, what characteristics does it have, and what is its tone? These are just a few of the questions you need to consider before you begin writing your blog posts, or having someone else write them for you, of course, which is a good option for busy business people.

Between the smartphones, iPads and desktops we all use, more and more people are spending hours of their day on the Internet. And at one point or another, someone is likely to say something bad about your business online. Whether it is true or not, you need to know how to respond when it happens so you can paint a positive image of your brand. Here’s how you can do just that.

Online reputation management mistakes

As long as you have a successful business or brand, people will always have something to say about it. And when it comes to online reputation management, the goal is to create positive engagement with your customers for the life of your business. So if the discussion about your brand swings negative, here are a few online reputation blunders to avoid.

1. Ignore negative commentary - when you ignore negative comments or accusations about your brand, anger towards your business can fester, especially when there are a lot people rallying against you. Years ago, Nestle’s brand image was severely damaged by Greenpeace’s campaign against them. If they hadn’t ignored the problem at first, much of this likely would have been avoided. When it comes to your brand, this doesn’t necessarily mean you should respond to every negative comment. If someone is trolling your public discussion boards, then you can give their remarks a pass. However, if the negative post appears credible, you need to address it.
2. Reacting emotionally - if your reaction to negative comments is to fire back with negative comments, it’s certain to make you look bad. Customers want to do business with a brand that is professional. If you react emotionally or negatively to a customer online, who’s to say you wouldn’t do the same in real life to the person reading it?

Implementing Business Intelligence (BI) software and other tools can help your company grown by leaps and bounds. However, it has to be planned for with the proper level of diligence and care to truly be beneficial to your business. Haphazardly installing BI software can result in an expensive misstep that sees you fall behind the competition. But with well executed BI planning and implementation, your company can grow in ways never imagined.

Quite a few business owners see other companies using BI software and tools successfully and hope to emulate those results. Unfortunately, BI goes far beyond installing a program on your employee’s computers and expecting them to churn out results because of it. In fact, without proper planning in place, you could end up losing money on your BI investment.

If you’re ready to bring BI software and tools to your small or medium-sized business but aren’t quite sure what your should be looking for, here are four things you need to consider during the planning process.

What data do you need to know

BI software is great at helping you obtain data and presenting it to you in all kinds of different ways. But it’s only helpful if you can actually use the information. Too many businesses jump on the BI software bandwagon because they hear about the great results other companies have achieved using these tools. However, if you don’t know what information you’re looking for or how to use that data to your advantage, BI software essentially becomes a toy for you and your staff to play with.

You may think social media is designed for exciting brands like Google or MTV. And who could blame you, as these brands both have millions of followers. Because of this, you may think there’s no place for your boring brand on social media, right? Think again. Here is one brand that’s making some noise in the social media stratosphere, and some tips you can take away from their efforts.

Owning a “boring brand” is not an excuse for a poor social media presence

You've probably heard of 3M but may not know exactly what they do. However, there’s a good chance you may have some of their products in your house. If you have Ace bandages, Scotchgard, or Post-it notes lying around your bathroom or home office, then you are guilty of being an owner of 3M products.

So when it comes to social media, why does this company matter? Simple. They have 121,000 followers on Twitter, which may sound pretty remarkable when the name of this brand isn’t Apple, BMW or Taylor Swift. So how does a company like 3M succeed? Here are a few things they do well, and you can do too.

Invest in people

If you’re the sole person shooting out tweets, updating the status of your business’s Facebook page or writing articles to post on Linkedin - all while you’re trying to run your business - it’s no wonder your social media presence is failing. You know as well as anyone, that you don’t have the time for it. And for this reason, it’s impossible to put your full effort into growing a social media presence. So why not hire at least one expert (or maybe a few) to manage it for you? You’ll likely see a noticeable uptick in your followers. And even better, you’ll no longer be distracted with social media, and can focus on growing your business. What’s not to love about that?

When your employees see snow on the ground, the thought of a day off immediately pops into their heads. Of course your customers are still reliant on you to provide the goods and services they have come to expect from your business. Before a storm hits, you should be communicating with both staff and clients to inform them of the situation. This will ensure your business doesn’t miss a step should inclement weather head your way this winter.

While weather varies drastically depending on where you live, nowhere is immune from inclement conditions during the winter. It’s only a matter of time before your local weatherperson appears on TV warning you to brace for yet another “Storm of the Century”, and in turn everyone whips themselves into a frenzy preparing for the worst-case scenario.

However, you shouldn’t just be focusing on your personal affairs; you need to make sure your business is ready as well. Even if the forecast doesn’t turn out to be accurate, it’s always better to be safe than sorry. For this to happen, you will need to stay in constant contact with both your employees and customers before and during a storm to make sure they know what to expect. Doing this will help limit interruptions and make sure clients can adjust the expectations they have of your business. Here is how you can use communication technology to prepare for any possible service interruptions caused by bad weather.