Security of data and networks, an issue that companies are taking seriously. They’re going to great lengths to protect themselves from external threats and are, for the most part, safe from them. And yet, there are still stories about how businesses are being infected by malware. If they’re safe to the external environment, where’s the threat coming from?

In recent years the majority of security threats and compromises have come from within the company. A common threat to companies is the logic bomb - malware that targets IT systems and deletes data. As a logic bomb is introduced from within the network, the blame often lies with a disgruntled employee with full access to internal systems.

Insider threats Giving employees full access to the network when they don’t need it is a common mistake often made by companies. There’s little need for an employee who does graphic design to have access to weekly sales records. This practice could set your company up for a considerable security problem in the future.

Dawn Cappelli, an insider-threat expert at the Carnegie Mellon Software Engineering Institute stressed, "These types of insider attacks happen to businesses of all sizes, from small companies to very large corporations." This is an important issue businesses should be aware of if they want to remain secure.

Take Precautions Security threats can be a particularly harsh nightmare for small businesses, as many don’t have an IT department or staff with the technical expertise needed to maintain a secure network. If you’re one of these organizations, it’s a good idea to hire an outside consultant to help you with your network security. With consultants, it’s important that you maintain close contact with them to ensure any issues that crop up are dealt with expeditiously.

If you don’t work with an external company there are a few things you should do when you have an employee leave the company. First, their accounts should be deleted immediately and their access privileges should also be revoked. Second, if you have accounts with shared passwords, you should change them to ensure an ex-employee can’t gain access to the system.

If you’d like to learn more about internal security, and measures you can take to ensure you are safe, we are ready to help you. Please contact us.

Business Continuity Plans (BCP), plans on how to provide a stable service, or recover after adverse actions, have become top of mind with many managers. Businesses have adopted such plans, or are in the process of implementing one, but owners may have missed some crucial elements that could result in an ineffective plan.

Here are six key non-IT functions and processes that need to be in place to ensure your company is ready to effectively execute your BCP.

Easy to use plans Many continuity plans have been developed mainly for the IT department, as such, they can be a little complicated to understand and follow if employees don’t have a technical background. You should aim to have a plan that’s easy to follow and can be understood by all employees.

Communicate plans Remember that your plan encompasses all facets of your organization. It’s crucial that every employee knows their role and the relevant actions to take when the plan is executed. To do this, you need to ensure that all employees have access to a copy of the plan and any changes or updates are clearly communicated.

Test plans Beyond communication, it’s important to conduct regular tests, with every quarter being sufficient. The tests should be as real as possible and span all departments within the organization. This will ensure that employees are aware of how they, and the systems, will react under duress. It’ll be beneficial to your business if the first time the employees execute the plan isn’t during an emergency.

Short term and long term plans Your BCP should consist of both long term and short term elements that can be easily adapted to meet changing business environments and the emergence of new threats. You should aim for an even mix of short and long term solutions that cover as wide a variety of situations as possible.

Ensure buy-in from all levels If you’re in the process of instituting a BCP you should ensure that the whole organization is onboard with the plan. If an employee is unsure about the validity of a part of the plan, take the time to find out why and ask for suggestions. An uninformed or uncooperative employee could be the difference between survival and failure in a disaster situation.

Update and Review After every test, staff turnover and technological update, you should review the plans and make changes if necessary. Essentially, if anything in the company changes, review and update the plan. Remember: just because you have an effective plan this month, doesn’t mean it’ll be so in the future.

Continuity plans are only as strong as the weakest link. In an emergency, the last thing you want is an employee following the wrong process or be unsure of what they should be doing. If this happens, you could see an exponential growth in recovery time and costs. We’re ready to tell you more, so please contact us if you would like to talk continuity planning.

Since its release in June 2011 many small businesses have been switching to Office 365, Microsoft’s cloud based Office suite, for its numerous features. One useful feature is that you can use Outlook to create and share your contacts’ information in a professional manner by using electronic business cards.

Here’s how to create and share an electronic business card:

Create an Electronic Business Card

1. Open Outlook and select Contacts followed by Home. Click on New Contact.
2. When the Contact window opens, press Business Card and the Edit Business Card window will open.
3. You will be able to enter contact information into the relevant areas under the Fields box.
4. If you want to add an image or change the layout of the business card, press the Layout button located in the right side of the screen.
5. When you have entered the information, press Ok and the business card will be saved as a .vcf file which is readable by most email clients.

Add an Electronic Business Card to an Email If you have saved a contact’s information as a business card, you can easily attach the card to an email.

1. In a message select the Contacts pane and search for the business card you would like to attach. When you find it, click it.
2. Select the Home tab, followed by Forward Contact. A drop-down menu will open, select As a Business Card.
3. You will see the business card as an attachment in the email.

Add a Business Card as a Signature You can add a business card to your signature in any email.

1. When you create an email message click Signature and select Add signature.
2. Select the signature you would like to use, if you have one. If not, press anywhere in the white space below Edit signature.
3. Click Business Card beside the paragraph alignment buttons in the Edit signature field.
4. Select the contact name you use and press Ok. Your contact information will show up at the bottom of the email as a downloadable .vcf file.

If you’re a user of Office 365 and would like to learn more, or would like more information on Office 365 or other products, please give us a call.

Social media is one of the most important communication tools of the modern era. Companies use it to connect with customers and like minded individuals, all in the name of building trust in their brand and products. While almost every company has a social media presence, they have been slow to trust employees to use personal social media at work. On average, 31% of companies block employees from accessing their accounts.

There are four distinct advantages to allowing social media:

• Increased productivity. There have been a number of studies that have found that judicious use of social media in the workplace will actually increase productivity. A study conducted by the University of Melbourne found that employees with access to social media are 9% more productive than those without.
• Increased buy-in. Employees like to feel trusted and empowered. If they don’t you can expect to experience higher turnover and lower morale. A good way to gain trust is to allow employees to use social media in the workplace. If an employee feels like they are trusted, they’ll be more likely to stay with the company.
• Recruiting. Small businesses have started to use social media for recruitment, but limit efforts to one account. If you have 10 employees in your organization, each with a social media account with 100 friends, you have the potential to reach 1,000 people. This is achievable if employees are allowed to access social media at work and are encouraged to share posts.
• Identification of business opportunities. Through the use of social media, employees in charge of sales and business development can source new clients and build fruitful relationships.

There are many advantages to allowing access to social networks at the office. If you‘re hesitant to completely open the social media floodgates, try doing so in short periods, like the final three hours of the working day.

No matter what you decide, allowing access to social media is a good practice for your business. If you would like to learn more about social media and how you can leverage it in your business, we are happy to talk with you.

The iPhone has quickly become one of the most popular smartphones on the market. When Apple launches a new version, fans line up for blocks to get their hands on it. What makes it so desirable? Well it’s easy to use and has powerful apps that users have come to rely on. Some would say the iPhone has even gone so far as to replace desktop calendars for many people.

The three most popular calendar programs are Outlook Calendar, Google Calendar and iCal. Here are the steps you can take to sync your different calendars with the iPhone. These calendars will all be viewable using the Calendar App on your iPhone.

Sync with Outlook Microsoft Outlook is the most popular email program in use, making the accompanying calendar just as prevalent. To sync your Outlook calendar with your iPhone:

1. Open Outlook
   1. Click Tools and select Trust Centre.
   2. Click Add-ins, followed by Details.
   3. Select iTunes Add-in, followed by Manage.
   4. Select Com Add-ins, Go and finally iTunes sync add-in.
   5. Click Ok.
2. Plug your iPhone into your computer using the USB cable. iTunes should open automatically.
3. In iTunes, select your iPhone. It will be located in the left hand bar, under devices.
4. Navigate to the Info tab and check Sync calendars with.
5. Choose Outlook. You’ll be able to select which Outlook calendars you want to view using your iPhone.
6. Press Sync.

Sync with Google Calendar If you use Google Calendar, syncing with the iPhone takes a few more steps, but it’s still fairly straightforward.

1. On your iPhone select Settings followed by Mail, Contacts, Calendars.
2. Press Add Account.
3. Select Microsoft Exchange. Note: Devices running iOS 4.0 can sync with more than one Exchange account. If you’re using a version that’s earlier than 4.0 you’ll only be able to sync with one Exchange account.
4. In the Email and Username fields, enter your full email address e.g., name@gmail.com. If you use a @googlemail.com account you’ll most likely get an Unable to Verify Certificate error message. If you do, press Cancel when the error message is displayed.
5. In the Password field enter the password you use to log into your Gmail account.
6. When you have entered the information, press Next in the top right of your screen.
7. In the Server field enter “m.google.com” (without the quotations).
8. Tap Next.
9. Select Calendar if you only want to sync with your calendar. If your company uses Google Calendar to setup meetings, you’ll also need to turn on Mail.

The calendar should sync automatically and show up on your iPhone within a few minutes.

Sync with iCal If you use iCal you can sync with your iPhone by:

1. Plugging your iPhone into the computer using the USB cable. iTunes should open automatically.
2. Select your iPhone. It will be located in the left hand bar, under devices.
3. Click the Info tab, followed by Sync iCal Calendars. You’ll be able to choose what calendars you would like your iPhone to sync with.
4. Press Sync.

No matter which calendar app you use, you can view it on your iPhone. There’s no need to carry around a day planner or appointment book with you anymore, just carry your phone. If you would like to know more about how to capitalize on the features of the iPhone we’re only a call away.

If you mention “OS X” and “virus” in the same sentence, you’ll get some weird looks from Mac users. Traditionally viruses and trojans on OS X were near non-existent, but there’s a Mac specific trojan, codenamed Flashback, that has affected more than 600,000 computers. This is big news as it shows that machines running OS X may not be as secure as first thought.

Many Mac owners are unsure of what exactly the Flashback trojan is, what it does and how to ensure they’re not infected. We’re here to help clarify the situation.

What is a Trojan and What Does Flashback Do? In general terms, a trojan is a piece of malicious software that infects a computer and gives control of part, or the whole computer to hackers. The Flashback trojan takes advantage of an OS X Java vulnerability and infects computers by tricking them into downloading a fake Java update.

When the program is installed, Flashback will download and install the main trojan code without the need for permission from the administrator. From there it proceeds to hijack your browser, redirect search queries to websites developed by hackers, and then take advantage of pay-per-click advertising.

Why Should I be Worried? While this version hijacks your browser, there are far more sinister things it could do. As this trojan acts as a downloader, there’s nothing stopping the developers from updating the malware to steal passwords, banking information and other confidential information.

How do I Ensure My Mac is Clean? Apple has released an update for machines running OS X 10.6 and later. The first step you should take is to update your computer to patch the vulnerability. To update your Mac:

1. Press the Apple logo, located in the top right hand of your screen.
2. Select Software Update...
3. Press Install and Restart.

While the patch will prevent Flashback from working, it won’t delete the program if you’ve been infected. The Internet security company F-Secure has developed a script that scans your computer and removes Flashback if found. Once you have downloaded the script, open and run it. The script will search your computer and place the infected files in an encrypted ZIP folder labeled Flashback_quarantine.zip.

Flashback has infected a higher number of Macs than any other trojan to date and goes to show that Macs also have security flaws. This also serves as a reminder that you should have a virus scanner and security program running on your Mac. If you have any questions regarding the security of your Mac or other devices, please don’t hesitate to contact us. We are here to help keep your machines secure.

Tablet computers are arguably some of the most useful devices that have been developed in the past ten years. While there are a ton of tablets on the market, there’s one that’s king: the iPad. The iPad has many different features that appeal to nearly every user, including companies who have taken to using the iPad for presentations.

If you’re on the road and give lots of presentations, the iPad can be the perfect tool as it allows you to leave the laptop at home, or in the hotel room. Here are three programs that are great for creating and giving presentations on the iPad, and what you need to give presentations on big-screens such as projectors and TVs.

Keynote Keynote is Apple’s presentation software. With this app, users can create some really professional looking presentations with ease. The one downside to Keynote is that it has trouble interacting with presentations created using Microsoft PowerPoint. Some fonts, clipart and animations used by PowerPoint and not Apple, will simply not copy over.

SlideShark SlideShark is perfect for users who aren’t comfortable with Keynote or are more comfortable with Microsoft PowerPoint. It works by uploading your presentations using SlideShark, converting them into a format the iPad can read and syncing them with the iPad. This is a great app for users of PCs.

Power Presenter This app is for presenters who want to give presentations on a projector, as its main purpose is to make it easier for the iPad and projectors to sync with one another. After you’ve finished your presentation, save it as a PDF and hook up your iPad to the projector you’ll be using. The app will simultaneously show the presentation on the screen and your iPad. This app is good if you don’t have the time to set up the projector whenever you give a presentation.

What You Need to Give Presentations When you switch over to using the iPad for presentations, you’ll need two adapters that allow you to hook the iPad up to the various different visual outputs e.g., TV screens and projector units.

The first adapter is a VGA adapter which will allow you to connect your iPad to the majority of projectors. When you give a presentation using a projector, plug the VGA cable into your iPad and the projector, and you should be ready to give your presentation.

The second adapter is for TVs and projectors that use HDMI outputs. Apple calls this adapter a “Digital AV Adapter” and it can be found on the Apple Store. When you plug in the adapter, your display should show up on both the screen and your iPad.

If you have any questions about using your iPad to give presentations or other uses for your Apple products, please contact us. We’re more than happy to sit down and discuss solutions with you.

Microsoft is one of the largest software companies in the world, offering a product catalogue that has something for everyone. With products like the Microsoft Office suite, Microsoft all but dominates the desktop office business. The next step for Microsoft has been to move their business services to the cloud.

Microsoft’s cloud based office suite for businesses is called Microsoft Office 365. Office 365 includes Word, Excel, PowerPoint, Outlook and OneNote - and Microsoft Server products e.g., Lync 2010 and SharePoint Server. All programs are accessed via a Web browser, offering users the ability to access the programs from the office, home or anywhere in between.

On March 14, 2012 Microsoft held a press conference announcing that the price of Office 365 subscriptions will be reduced by up to 20%. This decrease will apply to all new and renewing direct customers.

The price cut is a great advantage to many potential customers as it makes Office 365 more competitive with other cloud based office solutions such as Google Apps. This is also beneficial as many businesses already use the desktop versions of Microsoft Office. If they switch to Office 365, employees will be comfortable with the cloud version, as the software is exactly the same as the desktop version.

It’s the perfect time to look into Office 365 and see what it can bring to your organization. If you’d like to learn more about Microsoft Office 365 or other products from Microsoft, we are your go-to experts and will be more than happy to help.

With the increasing severity of natural disasters in recent years, many larger companies have started to develop and implement a continuity plan to ensure that they can still conduct business, no matter what happens. Businesses in the process of developing a plan will eventually need to decide if they want to use software or templates?

The decision between templates and software can be a tough one to make, as whichever one you choose, you’ll be using and relying on for a long time. To help you we’ve covered some pros and cons on both choices:

Using Software If you choose to go with a software program, you will be walked through the whole process allowing you to develop a useable plan. Another benefit of using software is that you’ll be able to develop reports if needs be.

The drawbacks of using software include cost, inflexibility and learning time. For the most part, business continuity planning software is not cheap, and at times can be inflexible due to limits within the program. If you have a niche need, the software may not cover it. In addition, as with mastering any program, the learning curve can be quite steep.

In general, using software would be advantageous for companies that have a bigger budget for the development of a continuity plan. Software is also a good bet if you don’t have staff who are experts in continuity planning, or if you operate in an industry where a continuity plan is necessary, e.g., companies working with healthcare insurance, or manufacturing companies that have introduced ISO 9000.

Using Templates If you feel that your company is not ready for software you can use templates to help you develop your plan. These solutions are mostly written plans that you adapt to meet your business needs. They’re useful if you’re just starting to do continuity planning, as they provide a normally solid foundation, and are generally a lot cheaper than software.

A limitation to using templates is that they can be a little too basic at times, and may not meet your needs. Granted, most plans will follow a basic structure and your developer will need to adapt some steps for your relevant region and industry.

As each industry is different, it’s hard to make a recommendation on what type of planning style companies should take. We recommend you take your time, do your due diligence and weigh out what’s best for your business. No matter which method you choose to go ahead with, ensure that it’s easy to implement, and that you’ll be able to teach your staff how to run the plan.

If you feel really lost or are not sure what to do, talking to professional consultants could go a long way in helping you develop a plan. If you’d like to learn more about business continuity planning please contact us - we are happy to help.

In the past five years, there has been a significant rise in the sharing of files and information between computer users. Many businesses have also taken to sharing files using cloud services and peer-to-peer (P2P) networks, allowing users to share files with each other over the Internet. This brings about a number of issues, both with file recoverability and overall security.

With the seizure of a number of cloud storage and sharing websites, including Megaupload, and the seemingly omnipresent malware in P2P files and the shaky security in relation to P2P networks, businesses have had their hands full staying secure. Do you know what your options are when it comes to data security?

Cloud Services Knowhow The recent seizure of Megaupload’s files and servers by the US Government caught many people and businesses unprepared. While Megaupload’s main purpose was file sharing, it was found that a large number of organizations were using their services to store files. If you had files stored on Megaupload, the chances of getting the files back are non-existent.

It needs to be pointed out that many cloud services don’t guarantee that files stored on the service will be recoverable in the event of a crash, or disruption in service, e.g., a government seizing servers. If you read the user agreements of a number of major cloud services, they all have clauses stating that if data stored on their service is lost for any reason, it’s gone forever, and the hosts can’t be held liable for losses.

Risks of P2P With high speed Internet widely available at low prices, P2P file sharing has become incredibly popular, it’s almost uncommon to find someone who has never used a P2P service. If you or your employees use P2P at your office, there are a number of potential security threats you should be aware of:

• The unknown share: If you put a file in a folder that is shared on a P2P network, it’ll be shared with all other people connected to that folder and almost anyone can access it. This is normally done by mistake, i.e., not looking where the file will be saved when you save it. There’s also malware out there that will move files into a shared folder which the developer of the malware can find and upload with ease and without the user knowing it is happening.
• Open network: Typically P2P works on open networks: users give and share. What this means is that when using P2P on a poorly configured network, the whole network could be unsecure, allowing for access to other computers connected to the network.
• Untracked data: If you share a document with another person, and they then share it with others, there is potentially, an unlimited amount of people that can get the data. If you want to take it back, it can be impossible to do so, even if the original document is deleted.
• Storage hijacking: There’s news of malware that has been developed with the purpose of downloading illegal material onto your hard drive. This could pose a problem if the data is found, as you will be liable.

What Should I do? With regards to cloud services, as with anything that comes with a contract, the first thing you should do is gain an understanding of it by utilizing reading material such as blogs, news articles and Wikis. It’s a pain in the neck, but it’ll help you understand the boundaries of the program and your responsibilities. Remember that if you go to court to get files back from a company, and it becomes known that you didn’t read the agreement, you’ll probably end up losing that case.

Second, it’s not recommended to keep single copies of data on one cloud service. Chances are high that in your business, you store your data and backups in a place separate from the computer. This makes sense with the cloud as well - keep your data with a number of different cloud services. If it’s important enough, have physical backups of what you put in the cloud.

For P2P networks there are also a number of steps you can take to protect the data on your network:

• The most obvious one is to ban employees from using any file sharing services outside of your network.
• If you do allow file sharing, it’s a good idea to establish and strictly enforce a protocol for this. You should also set which users are allowed to share files, and what files are appropriate to share. Be sure that all staff are aware of your policy and the measures that will be taken in the event of any deviations.
• Develop a system to classify documents by whether or not they can be shared, and who they can be shared with.
• If you work in an office where you need to share files, but don’t want to use a P2P network or the cloud, and are unsure of other solutions out there, don’t worry. There are companies that specialize in document sharing solutions that should be able to provide you with assistance.

The most important thing is that whatever the situation is, you take action to try to solve the problem while frequently revisiting the actions to ensure that they are working. If you’d like to learn more about document sharing over the cloud, or via P2P networks, give us a buzz. We’re more than happy to help.