Blog

December 11th, 2014

BusinessValue_Dec11_BThe end of the year can be a stressful time for all. Businesses are busy preparing to finish the year and are usually tied up planning for the year ahead. This often means looking for new, yet affordable, business systems that can make tasks and business operations easier. To help, here are five free or affordable business systems that could be a real help to your business.

  1. Canva If you are a business owner, chances are that you aren't the world's best graphic designer, unless you run a graphics company of course! In order to design graphics, icons, flyers, and even posters you need specific graphics software. This can be expensive and the software is not going to be easy to use for design novices. You may even need an in-house graphic designer. This is where Canva comes in.

Canva is an online app that allows users to quickly and easily create professional looking graphics using drag and drop functionality and a wealth of free, or affordable, stock images. In other words, you can create designs in a short amount of time.

The service itself is free, but some images do need to be purchased.

  1. FreshBooks Most business owners are not certified accountants either, and even if you understand the basics of accounting and tracking of finances, the money side of your business is often a full time or at least a specialized job. If not handled correctly, this could spell disaster for your business. One solution is cloud-based FreshBooks.

FreshBooks is accounting software that allows you to invoice clients, track payments, accept payments, track expenses, and access financial reports at the click of a button. Beyond this, you can connect FreshBooks with your payroll services to ensure that your employees are paid on time.

The platform offers a free plan that allows you to track and manage one client, while paid subscriptions start at USD 19.95 a month.

  1. Hootsuite Many businesses have a presence on more than one social media network. While this is a great way to reach out to the highest number of customers, it can be a chore to manage and maintain a presence on all of these networks all of the time. Hootsuite is specifically aimed at this task.

Hootsuite is a tool that allows you to manage your social media accounts from one platform. Using Hootsuite you can schedule posts, set up streams, establish keyword tracking, and track engagement. It really is a one-stop-shop for all of your social media platforms.

Hootsuite offers a free subscription which allows you to manage three social media profiles, while a business subscription starts at USD 8.99 and allows you to track up to 50 profiles and gives you access to more advanced analytics and features.

  1. Podio Managing projects and ensuring that all employees are aware of what they should be doing, and what others are doing, can be one of the toughest tasks for any business owner. Sure, spreadsheets and communication work to a point, but there is always room for error and of course improvement, which is what Podio provides.

Podio is a project management app that allows you to easily manage projects, tasks, deadlines, and even files. Using an intuitive dashboard that all users have access to, employees and managers can easily see who is doing what, as well as what needs to be done and what has already been done.

Podio is free with limited features for five users and costs USD 9 per user, per month for the full subscription plan.

  1. CoSchedule If you have a blog, either on WordPress or hosted by WordPress, sharing the articles you post on your social media profiles is a great way to increase content reach and interaction. However, it can be time consuming to actually create posts on each different platform, unless you use CoSchedule.

With CoSchedule you can write your social media posts for a blog article and schedule them to be posted once the article goes live. Think of it as automating the sharing of your blog articles. This will save you time, while making it easier to manage your content, largely because the calendar included in CoSchedule is easy to work with and gives you a good view of your content.

CoSchedule is USD 10 per month, per blog.

If you are looking for more affordable ways to improve your business operations, contact us today to see what boost we can offer you at a price you can afford in 2015.

Published with permission from TechAdvisory.org. Source.

December 9th, 2014

Facebook_Dec08_BSocial networks have become a large part of modern communications and it is not uncommon for users to log onto sites on a daily basis. Networks like Facebook are so popular that some business owners and managers are concerned about how much valuable work time is spent on the site. In response, the social media giant is aiming to turn around this negative feeling from employers with a new social network aimed at businesses and potentially called Facebook at Work.

What is Facebook at Work?

In late November, Facebook announced that they are developing a new social network which may be called Facebook at Work. As you can guess by the clue in the title, this is going to be a business-oriented venture that will bring the popular social network, or elements of it, to the workplace.

For many businesses, this popular social network is not really a part of every business operation. Sure, marketing and sales may use this platform, and others, as a way to reach out and connect with customers, but few organizations are known to use Facebook internally as a communication and social network for employees.

Those who do use the network in the office often use their personal accounts and have noted that they would like an easy way to separate work from personal life, while still remaining on the network. Many businesses would also prefer that employees didn't bring their personal lives and Facebook accounts to the office because this can lead to breaches in privacy and even important data being compromised, especially if a personal account is hacked.

The best way to think of this new platform is that it is Facebook strictly for work. While it is still in the development stages, some interesting details have emerged. There is no official name for the network, thus far, but sources at Facebook have noted that the codename for the product is Facebook@Work.

What Facebook@Work will look like

From what we can tell, the network will look and work much the same as the existing version of Facebook. Users will be able to create profiles, join groups, post on each other's News Feeds, and even send messages using the popular Facebook Messenger. Where it will differ is that it will have collaborative tools that allow users to share and work on the same documents.

This network will be completely separate from the personal Facebook site, with users having a different password and username. Information between a personal and work account will not be shared either. This should make the network more secure, or at least minimize the use of personal accounts for work-related tasks.

What we don't know

We do know that Facebook@Work, or Facebook at Work, is currently being developed by a London-based branch of Facebook who seem to be also acting as the main testers. However, we are unsure at this time if the network is being developed strictly as an internal network, which will be used only within a company, or if it will be more like LinkedIn, where it will allow you to connect with similar professionals.

Interestingly enough, Facebook has been using its own network and various groups as a major part of their own internal communication tools amongst departments. For example, when an employee joins a new department they are added to a secure group and group chat where updates are posted, questions are asked, and work is supposedly assigned and agreed upon. It could be that the company is developing something along these lines for external release too.

We don't know exactly when this network will be introduced, but you can be sure that it will be debuted sometime in 2015, possibly with a rollout in the next year. If your business uses social platforms, or is looking to integrate social media in the near future, this business-oriented social media platform could be worth keeping your eyes on.

Stay tuned as we will be covering this further in the future. Meanwhile, if you have any questions about how best to utilize Facebook in the office please contact us today.

Published with permission from TechAdvisory.org. Source.

December 3rd, 2014

Security_Dec01_BWhile there are many different types of malware out there, the good news is that with many threats we know where they come from and their purpose. Recently, news broke of a new form of malware called Regin that is causing quite a stir in the security community, largely because it's tough to deal with and not much is actually known about it. This has naturally caused some security concerns for businesses, but what threat does this malware really pose for companies?

What exactly is Regin?

What is most interesting about Regin is that a number of security experts seem to not really fully understand it. They know that it exists, they know it is complex, and they know it is one of the most advanced pieces of malware ever created. But, they don't know what exactly it does, or where it comes from.

What we do know is that Internet security firm Symantec is credited with first bringing Regin to public attention, and that it has been around since at least 2008. So far, the company has said it is similar to the Stuxnet virus that was supposedly developed in (or by) the US and used to attack and subvert the Iranian nuclear program.

Regin is known to infect Windows-based computers and at its core is a backdoor trojan style of infection. From detected infections it is looks like the purpose of the malware is not to steal information but to gather intelligence and facilitate other types of attacks.

What makes this malware so powerful and disturbing is that it is much more advanced than other infections. Using various encryption methods it can hide itself extremely well, making it difficult to detect. It can also communicate with the hacker who deployed it in a number of different ways, thus making it a challenge to block or stop. As a result, it is far from easy to actually figure out what exactly this malware is doing and why.

Who has been infected?

According to various security experts we have been able to compile a list of companies and organizations that have been targeted to date. These include:
  • Telecommunications companies
  • Government institutions
  • Financial companies
  • Research companies
  • Individuals and companies involved in crypto-graphical and mathematical research
At the time of this article, no known attacks have been carried out against companies in the US, Canada, or the UK. The main countries targeted so far have been Russia and Saudi Arabia, along with a smaller number of infections in Malaysia, Indonesia, Ireland, and Iran. A total of 10-15 countries have been targeted since the malware was first discovered in 2008.

Is this a big deal for my company?

Just because your company is operating in a country that hasn't been affected thus far, doesn't mean that you aren't at risk of being attacked by this malware in the future. If you operate in any of the industries or sectors listed above, you could still be at risk, especially if you do business with clients in infected regions.

For now, however, it appears that Regin is only infecting larger government bodies and large companies outside of North America and much of Europe, so the chances of you being infected are relatively low. Although as with any threat, this can change at any moment.

What we recommend is that you ensure your antivirus and antimalware solutions are kept up to date and always switched on. You can rest assured that eventually experts will learn more and block this malware from infecting systems. Beyond this, working with an IT partner, like us, who can ensure that your valuable data and systems are secure, is also be a good idea. The same goes with watching what you download and any emails you open. If you don't know or trust the source, don't download any program, open an attachment, or read an email connected to it.

Looking to learn more about the security of your systems? Contact us today.

Published with permission from TechAdvisory.org. Source.

Topic Security
December 3rd, 2014

BI_Dec2_BBusiness intelligence, and more specifically the metrics that support it, is among one of the most important processes a company can integrate. While it can be tough to get started, many companies find success to begin with by tracking overall sales metrics. There are a ton of sales metrics you can employ that can give you a better overall picture of your business, and here are five of the most common.

The sales pipeline

This metric is often employed by businesses to show current sales opportunities and estimate the number of sales or revenue the sales team will bring in over a set period of time, usually a couple of months. When employed correctly, team members are better able to track and remain in control of their sales. Managers can also be assured that targets are more accurately set and reached.

When companies set up their sales pipeline metrics they often set out to measure:

  1. Average time deals remain in the pipeline.
  2. Average percentage of converted leads.
  3. Average worth of every deal.
  4. The number of potential deals in the pipeline.

Overall sales revenue

This metric is often seen to be the most important sales-related metric to implement, largely because it provides managers and owners with a good overview of the health of their company and overall performance. In short, sales revenue allows you to accurately view the profitability of your business, even if your profits aren't presently growing.

Beyond giving a useful whole-business overview, this metric can also uncover exactly how much each sale influences or contributes to the bottom line. This can be calculated by using the standard profit-ratio equation - net income over sales revenue.

Accuracy of forecasts

Any sales manager knows that forecasts are just that, predictions. But, because so much of sales is based on informed speculation it is important to track the overall accuracy of any future forecasts. By doing so, you can uncover gaps in processes and reveal any forecasting tools that need to be improved.

From here, you can track improvements and tweak forecasts to ensure that they become as accurate as possible. After all, if you can show that you are meeting your goals, or are close to meeting them, you can make more reliable decisions and be assured that your company is doing as well as it appears to be.

Win rate

The win rate, also known as the closure rate, is the rate that shows how many opportunities are being translated into closed sales. Because this rate looks at the number of sales, you want it to be as high as possible, especially when you look at the time your sales team puts into closing sales.

While a high rate is preferable, low win rates are also useful largely because they can highlight areas where improvement is needed. For example, if your team has constantly low win rates across the board, then it could signify that there is a need for more training on closing sales, or that sales staff may not be knowledgeable enough about the products or services being offered. A fluctuating rate could show increased industry competitiveness and highlight when a sales push could be beneficial.

Loss rate

The loss rate can be just as important as the win rate, largely because it focuses on how many potential customers did not purchase products and/or services from you. It can really highlight problematic areas in the early sales process. For example, by tracking the loss rate you may be able to see that response time is low, causing potential customers to walk away.

Essentially, when measured correctly, you can use loss rate to improve the overall sales process and hopefully bump up your overall win rate. You can also compare the two rates to really see how big of a gap there is and give your team a solid goal to try and find ways to reduce this gap.

If you are looking for solutions that allow you to track and measure your sales and any other data you generate, contact us today to learn how we can help turn your data into valuable, viable business information to lead your company to better success.

Published with permission from TechAdvisory.org. Source.

November 25th, 2014

BCP_Nov24_BRegardless of your business's location and industry, there is always a chance that you may experience a disaster at any time. Be it man-made, or natural, any disaster, if not properly prepared for, could spell trouble for your company. That's why a Disaster Recovery Plan is essential. To help ensure that your plans can see you through the worst, here are five tips based on lessons learnt from businesses that have battled disaster.

1. Have a full copy of your data backed up outside of your operating region

Almost every company, regardless of size, has backup measures in place. These backups can be either physical or digital, and are supposed to be carried out on a regular basis. If a disaster strikes, having access to your data can help ensure that you can recover your systems and resume operations in the minimal amount of time.

While backups are great, if you keep your backups in the same area as your main systems, or even if your offsite backups are in the same region, there is a chance that a large disaster, like a flood, or power outage, could also affect these backups too. One of the best solutions is to keep a current backup offsite, and outside of your operating region, with most experts recommending at least 150 miles (250 km) away from your main business area.

How do you achieve this? The best option is to use cloud-backup. Many providers host their backup service at a number of different data centers in various locations, so that should a disaster strike both your business and a nearby data center, your data is still safe at other centers.

2. Realistically test your plan

It can be tempting to simply develop a plan and then test it in a closed environment once or twice a year, make some changes where necessary and then sit back and hope it works. In truth, for any plan to really be effective it needs to be tested in a realistic environment. If this is not carried out then there is a possibility that the plan could fail when activated.

Because disasters come in almost any form and size, you are going to want to first identify as many potential problems as possible. From here, test your recovery plans based on these scenarios and see how effective they are. Be sure to also involve your colleagues and employees, as they too will need to know what to do when disaster strikes and what their role in the recovery of data is.

A good way to look at these tests is to think of them more as practice runs. As with anything, the more your practice the easier and more effective it becomes. In this case, good practice could literally save your business.

3. Update your plan as you update your systems

When you develop a recovery plan, you need to base it on the systems and technology you currently have in your business. However, these systems and devices may not be in use six months, to a year from now, or you may introduce new systems and improvements.

As soon as you make any changes, your existing recovery plan could become obsolete. Therefore, you need to ensure that when you introduce new systems or technology you are also updating the recovery plan to cover and fit with these changes.

4. Create an accessible plan

Many experts agree that having a physical plan that employees can see and access during a disaster is one of the best ways of ensuring that it is actually implemented properly. Therefore, when you develop a Disaster Recovery Plan make sure that all of your employees can access it at any time. This includes during and immediately following a disaster.

Beyond this, you need to make sure that the plan is consistent. If you update the master plan, but fail to update the copies you store in say a public cloud, or at different worksites, this will lead to confusion and even an increased recovery time or complete recovery failure. When you do update your plan, let all parties involved know that it has been updated and remind them where they can find copies of the plan.

5. Don't be the only fully-trained disaster recovery expert in your company

As a business owner or manager it can be easy to try and run everything yourself. Afterall, it is your business and you know exactly how to look after everything, right?. The problem is that if you are the only fully-trained disaster recovery person you are making yourself the weakest link in the plan.
Published with permission from TechAdvisory.org. Source.

November 21st, 2014

Security_Nov17_BOver the past few years there have been a number of issues and rulings made by various courts in the US regarding the overall freedom of the Internet and how it is to be managed. By now, many of us have heard of Net Neutrality, but it may seem like an issue that won't affect small businesses. However, in mid-November, President Obama delivered his stance on the issue, thereby bringing it to the forefront of modern politics.

What is Net Neutrality?

In order to define Net Neutrality, we should first look at the main idea behind what the Internet is: a free and open medium where individuals can express and house thoughts, ideas, and more. It was founded on one principal, and one principal alone: All information and Internet traffic MUST be treated equally.

This free, open, and fair principle is what we call Net Neutrality. In practice, this idea prevents Internet providers, and even governments, from blocking legal sites with messages they disagree with, and restricting access to services and sites that don't meet their business needs.

What exactly is the issue?

At this time, major telecommunications companies providing Internet access are trying to push legislation through the US court systems that will essentially make it legal for them to throttle Internet speeds; asking other providers to pay fees in order to speed up access to sites and to even block some sites.

There are laws currently in place, set by the FCC (Federal Communications Commission), that prohibit providers from collecting, analyzing, and manipulating user traffic. In other words, according to the FCC, the role of the Internet providers should be to simply ensure traffic and data gets from one end of the network to the other.

Last year, it was uncovered that US telecommunications giant, and Internet Service Provider, Comcast demanded that Netflix pay them millions of dollars or they would limit the Internet speed of Comcast users trying to access the streaming service. Netflix tried to negotiate but the result was that Comcast did indeed cut user speeds. Netflix paid to avoid this from happening again. This act is an obvious breach of the main tenet of Net Neutrality: Equal access for everyone.

Combine this with the January 2014 ruling that the FCC had overstepped its bounds in regards to this topic and the increased lobbying by telecommunications giants against Net Neutrality, and you can quickly come to realize that the Internet as we know it is under threat.

How will this affect my business?

If nothing is done, there is a very high chance that you will be paying higher rates for Internet-based services (because the providers will be asking other companies to pay to guarantee speedy access which will then be passed along to you via higher rates). You may even be forced to use services you don't want to use because they offer better access speeds on your network.

Beyond this, because so many businesses rely on websites and the hosting companies that enable us to access them, there is a very real risk that these hosts may have access speeds cut. This in turn could mean that it will take more time for some users to access your website and services. Think of how you react when you can't access a website, you probably just search for another similar site which loads easily - now imagine this happening to your site. In other words, you could see a decrease in overall traffic and therefore profits.

What can I do about this?

First off, we highly recommend you visit The White House's site on Net Neutrality, and read the message that President Obama has recently posted there. To sum it up, he believes that Net Neutrality should be protected and the Internet should remain open and free. He has even laid out a plan with four rules that the FCC should enact and enforce:
  • No blocking - Internet providers are not to block access to any legal content.
  • No throttling - Internet providers cannot slow or speed up access speeds based on their preferences.
  • Increased transparency - The FCC is to be more transparent and push providers to follow the Net Neutrality rules.
  • No paid prioritization - There is to be a ban on providers insisting other companies pay to have equal access speeds.
You can bet that this plan will be met by stiff resistance both in government and by the telecommunications companies themselves. The FCC is an independent organization and it is up to them to select whether or not they want to enact President Obama's plan. One thing you can do is to publicly submit your comments to the FCC via this website. Any comments made will be seen by the FCC and are are publicly viewable. In the past, enough public pressure has been able to sway FCC decisions, so share this article and the links in it with everyone you know, asking them to take action as well.

What about other countries?

For now, the Net Neutrality battle is largely US based. The vast majority of Internet traffic starts or at least passes through the US. This means that if the telecommunications providers (many of whom own international subsidiary providers) can limit access to sites in the US it could very quickly become a world issue. Beyond this, other countries often follow laws that the US enacts, so it could only be a matter of time before we see similar bills passed in other countries.

In short, this is a major issue that could see the end of the Internet as we know it. If you would like to learn more about Net Neutrality and how you can help ensure the Internet remains free and open, contact us today.

Published with permission from TechAdvisory.org. Source.

Topic Security
November 20th, 2014

Windows_Nov18_BWhen it comes to IT, one of the largest expenses for many businesses is software. Some employees require the bare minimum, while others could need thousands of dollars worth of software. Businesses who have purchased licenses for Microsoft software may receive an email asking for a license audit. Here is a brief overview of these letters and what you should do if you receive one.

The Microsoft Software Asset Management Review

Earlier this year, Microsoft announced that they will be sending out over 30,000 letters to small businesses who have purchased Microsoft software licenses. These letters or emails are focused on checking that you have the right number of licenses for your systems.

This program actually has three audit elements, or emails, that are being sent out to businesses.

  1. Internal self-audit email - This is the most common letter businesses have been receiving. It asks them to verify that they are compliant with Microsoft's licenses, which is usually done by sending Microsoft the software keys for each license or product purchased. They then compare this to their records.
  2. Software Asset Management (SAM) Engagement - This is a voluntary process where Microsoft sends a Software Asset Management partner to your business to audit your systems and see if you are over or under licensed. For companies who do agree to this, the audit is paid for by Microsoft. The downside is, if you are found to be non-compliant, you will likely face a fairly large bill.
  3. Legal Contract Compliance (LCC) audit email - This audit can be enacted by Microsoft if you put off a SAM or self-audit for an extended period of time. Essentially, this is a legal audit that you must comply with. If you are found to be non-compliant under this audit, you could face stiff legal penalties.

What happens if I receive one of these emails?

Should you receive one of these emails you will be asked to carry out the audit by a set date. Most of the emails contain a spreadsheet that you will need to put your license information into. This can take time because you will likely need to physically check every machine using Microsoft software for relevant information.

Auditors who come to your business will ask you for network and server access and any other form of information they think they can ask for.

Should you be found to be non-compliant or under-licensed, you will likely then be presented with a bill for the extra licenses. If you happen to be highly under-licensed, this bill could be quite large.

What should I do if I am worried about this audit?

An audit like this could be time consuming, costly, and above all is frustrating for any business owner. What we recommend is working with us. We can help ensure that your business is using appropriate licenses and, should you face a request to do an audit, we can help you through the process.

So, contact us today to ensure that your business is compliant.

Published with permission from TechAdvisory.org. Source.

November 19th, 2014

Windows_Nov17_BHeartbleed has to be one of the biggest security issues of the year. While it has largely been dealt with via updates and new software, Microsoft has announced that a similar and equally large security threat is affecting nearly all servers running Windows Server. While there is a fix for this, it is an issue you should be aware of.

The new security problem

On November 11, 2014 Microsoft released a patch for nearly all versions of Microsoft Server, along with patch notes that included the reason why the patch was released. In short, it was released to plug a security gap that the company calls Schannel Remote Code Execution Vulnerability.

This cryptically-named vulnerability essentially allows hackers remote code access by sending specific packets of data to a server. Data packets are made up of basic units of data communication combined in order to send data over a network.

Hackers can structure certain data into packets then breach a bug in Microsoft Server software, potentially allowing a hacker full remote access to that server and the ability to execute whatever code they so choose, including giving themselves full access to the systems and data hosted on your server.

This bug is particularly destructive because it affects the Schannel library on servers, which is responsible for encryption and authentication in Windows.

What versions of Windows server are affected by this bug?

This bug can potentially be found on nearly every version of Windows and Windows Server currently in use by companies, including:
  • Windows Server 2003
  • Windows Vista
  • Windows Server 2008
  • Windows 7
  • Windows 8/8.1
  • Windows Server 2012/2012 R2
  • Windows RT/RT 8.1
In other words, pretty much any business using Windows and Windows Server is at risk.

What should we do?

While this appears to be a big issue, and in truth it is, Microsoft has noted that they are unaware of anyone actually exploiting this bug as of the writing of this article. The company has also released a patch - MS14-066 that is supposed to fix the problem.

Therefore, the best action you can take is to update all of your systems running Windows. While it primarily affects servers, this could become a widespread issue if systems are not updated. What we recommend is contacting us as soon as possible. We can help ensure that all of your systems are updated and protected from this bug.

If you would like to learn more about Windows and how you can keep your systems secure, please do call us today.

Published with permission from TechAdvisory.org. Source.

November 19th, 2014

SocialMedia_Nov17_BFor an effective social media strategy, most businesses realize that they need to have a presence on more than one major social platform. While this has led to the creation of Twitter accounts for businesses, many struggle to generate content and posts due to the character limit. To help, here are 10 tips that can increase the effectiveness of your Twitter campaigns.

  1. Keep posts on the shorter side - This may seem ridiculous, after all there are only 140 characters allowed per tweet, but keeping tweets short allows users to add their own comments and ideas when they retweet. Try keeping your tweets below 100 characters.
  2. Twitter is not about promotion - Studies have proven that tweets that promote a company or product don't usually do as well as messages that are more conversational in nature. If you want to ensure maximum interaction, aim for a mixture of tweets that consists of about 80% conversational and 20% promotional.
  3. Know what time to tweet - Each market is different, so take the time to research tweeting habits. If you see that the majority of your target audience is active during after-work hours, then it would make sense to tweet when they are more likely to be online. Remember, many Twitter users are connecting via their mobile devices, so you are probably better off tweeting during lunch hours, as well as pre- and post-work.
  4. Know what days to tweet - Much like knowing what time to tweet, it is a good idea to also know which days are best to tweet in order to maximize engagement. For example, if you are trying to interact more with other businesses (B2B) then it is best to tweet on days when the companies are open and an owner or manager is more likely to be looking at business systems and social accounts. Customers, however, are usually more receptive to messages on days when they aren't working e.g., Saturday and Sunday.
  5. Use hashtags - Hashtags in Twitter allow for categorization and make tweets searchable. For example, if you use the hashtag #fresh in a tweet and then search for 'fresh' on Twitter, you should see similar posts using the same hashtag.
  6. Use hashtags sparingly - There is a common trend in social media to use hashtags for nearly every word. This makes posts difficult to read and usually leads to people not sharing or retweeting your content. Instead, try to work one to three hashtag, at most, into your tweets naturally.
  7. Realize Twitter moves fast - The average trend on Twitter lasts about one hour, to one day. So, if you see a trend developing or beginning, act quick to join the conversation. Posting after the trend has faded will usually lead to tweets being ignored.
  8. Don't act on every trend - Trends come and go so quickly on Twitter that it can be tempting to try to jump on each one, or as many as possible, in order to get your message out to as many people as possible. However, not every style and subject will be relevant to your business. By shoehorning content to fit trends you could come across as insincere and lose interest from followers.
  9. Watch who you follow - Following people is one of the quickest ways to grow your own follower base - usually because users will follow those who follow them. But, when it come to business, you want to be sure to follow users who are relevant. For example, follow your customers, strategic partners, and even competitors. Following Twitter users who aren't relevant to your business is not going to get your messages read by the right people.
  10. Keep an eye on Twitter - In order to effectively spot trends and see what your target market is saying, it is worthwhile to use a program like Tweetdeck, which allows you to see all tweets, track hashtags, topics, and more.
If you would like to learn more about using Twitter in your business, contact us today to see how our services and solutions can boost your social media presence.
Published with permission from TechAdvisory.org. Source.

Topic Social Media
November 13th, 2014

Security_Nov10_BIn October of last year news broke about a new form of malware called Cryptolocker. This malware posed a particularly large threat to many business users and led to many quick and important security updates. Now, almost a year later, it appears that the second version of this - CryptoWall - has been released and is beginning to infect users.

What is Crypto malware?

Crypto malware is a type of trojan horse that when installed onto computers or devices, holds the data and system hostage. This is done by locking valuable or important files with a strong encryption. You then see a pop-up open informing you that you have a set amount of time to pay for a key which will unlock the encryption. If you don't pay before the deadline, your files are deleted.

When this malware surfaced last year, many users were understandably more than a little worried and took strong precautions to ensure they did not get infected. Despite these efforts, it really didn't go away until earlier this year, when security experts introduced a number of online portals that can un-encrypt files affected by Cryptolocker, essentially neutralizing the threat, until now that is. A recently updated version is threatening users once again.

Cryptolocker 2.0, aka. CryptoWall

Possibly because of efforts by security firms to neutralize the Cryptolocker threat, the various developers of the malware have come back with an improved version, CryptoWall and it is a threat that all businesses should be aware of.

With CryptoWall, the transmission and infection methods remain the same as they did with the first version: It is most commonly found in zipped folders and PDF files sent over email. Most emails with the malware are disguised as invoices, bills, complaints, and other business messages that we are likely to open.

The developers did however make some "improvements" to the malware that make it more difficult to deal with for most users. These changes include:

  • Unique IDs are used for payment: These are addresses used to verify that the payment is unique and from one person only. If the address is used by another user, payment will now be rejected. This is different from the first version where one person who paid could share the unlock code with other infected users.
  • CryptoWall can securely delete files: In the older version of this threat, files were deleted if the ransom wasn't paid, but they could be recovered easily. In the new version the encryption has increased security which ensures the file is deleted. This leaves you with either the option of paying the ransom or retrieving the file from a backup.
  • Payment servers can't be blocked: With CryptoLocker, when authorities and security experts found the addresses of the servers that accepted payments they were able to add these to blacklists, thus ensuring no traffic would come from, or go to, these servers again. Essentially, this made it impossible for the malware to actually work. Now, it has been found that the developers are using their own servers and gateways which essentially makes them much, much more difficult to find and ban.

How do I prevent my systems and devices from being infected?

Unlike other viruses and malware, CryptoWall doesn't go after passwords or account names, so the usual changing of your passwords won't really help. The best ways to prevent this from getting onto your systems is:
  • Don't open any suspicious attachments - Look at each and every email attachment that comes into your inbox. If you spot anything that looks odd, such as say a spelling mistake in the name, or a long string of characters together, then it is best to avoid opening it.
  • Don't open emails from unknown sources - Be extra careful about emails from unknown sources, especially ones that say they provide business oriented information e.g., bank statements from banks you don't have an account with or bills from a utilities company you don't use. Chances are high that they contain some form of malware.
Should your files be attacked and encrypted by this malware, then the first thing you should do is to contact us. We can work with you to help find a solution that will not end up in you having to pay the ransom to recover your files.

If you are looking to learn more about CryptoWall malware and how to boost your security and protect your data and systems, then we could you your first line of tech defence.

Published with permission from TechAdvisory.org. Source.

Topic Security