Month: May 2019

Categories
Blog

Critical Update From Microsoft: Remote Desktop Services

Impacted Systems:

  • Windows Server 2003
  • Windows XP
  • Windows7
  • Windows Server 2008

Nonimpacted Systems:

  • Windows 10
  • Windows Server 2016
  • Windows Server 2019

If you are still using Windows Server 2003 or XP, Windows 7, Windows 2008 R2, or Windows 2008 you could be in trouble. A wormable virus may be coming your way. The virus is designated as CVE-2019-0708.

CVE-2019-0708

This means that the virus can get into your system without you doing anything like clicking a malicious link. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights without your knowledge.

What Should You Do?

Microsoft has released a critical update for their Remote Desktop Services that impacts multiple Windows versions. The patches are for devices and systems that are both in and out-of-support, which is rare for Microsoft to do. This shows the importance of these patches.

The update addresses the vulnerability by correcting how Remote Desktop Services handles connection requests. To apply the patches, go to the Microsoft Security Update Guide for in-support systems and KB4500705 for out-of-support systems.

Note: Clients & Customers on a valid managed services agreement are being taken care of and there is no immediate action for any computer, server or other devices under a valid managed services agreement.

Microsoft recommends that customers running one of these operating systems download and install the update as soon as possible.

Does This Mean Even Systems Without Support Can Get The Patch?

Yes, Microsoft is aware that some customers are running versions of Windows that no longer receive mainstream support. This means that you wouldn’t have received any security updates to protect your systems from the CVE-2019-0708 virus.

Given the potential impact on customers and their businesses, Microsoft decided to make security updates available for platforms that are no longer in mainstream support.

All Windows updates are available from the Microsoft Update Catalog.

What Should We Do Before We Apply The Update?

It’s recommended that you back up all of your important data first. If you have a reliable backup, if the patch creates problems you can still access your data. You should do this before you install any patches.

What If We Can’t Apply The Patches?

If you can’t apply the patch for your system there are other things that you can do:

  • If you don’t need the Remote Desktop Services, you can disable it.
  • Block the TCP port 3389 (this prevents unauthorized requests from the Internet).
  • Enable NLA (Network Level Authentication) for Windows 7 and Windows Server 2008.

Of course, the best thing to do is to contact your local IT services company. They’ll know exactly what to do.

What Is A Wormable Virus?

This means that any future malware that uses this vulnerability could propagate from one vulnerable computer to another. This is how similar malware like WannaCry spread around the world. Experts are worried that this flaw could be used to fuel a fast-moving malware threat like the WannaCry ransomware attacks of 2017.

Here’s what Simon Pope, director of incident response for the Microsoft Security Response Center tells us:

“This vulnerability is pre-authentication and requires no user interaction,” Pope said. “In other words, the vulnerability is ‘wormable,’ meaning that any future malware that exploits this vulnerability could propagate from vulnerable computer to vulnerable computer in a similar way as the WannaCry malware spread across the globe in 2017. It is important that affected systems are patched as quickly as possible to prevent such a scenario from happening.”

Have There Been Any Attacks Yet?

Microsoft said they haven’t found evidence of attacks against this dangerous security flaw. But one could happen at any time. Right now they are trying to prevent a serious, imminent threat with these patches.

Simon Pope goes on to say:

“While we have observed no exploitation of this vulnerability, it is highly likely that malicious actors will write an exploit for this vulnerability and incorporate it into their malware.”

What Does The Microsoft Remote Desktop Do?

You use the Microsoft Remote Desktop application to connect to a remote PC or virtual apps and desktops made available by your admin. You can control your desktop computer and all of its contents from another computer.

The app lets you connect to your desktop from wherever you are. The access to the remote desktop happens over the Internet or via another network. It lets you interact as if you were physically working from your desktop.

The Remote Desktop application also gives the “master” computer access to all of the contents on the remote computer.

What Else Should We Know?

If you had updated from Windows 7 to Windows 10 or from Windows Servers 2008/2008 R2 to Windows Server 2016 or 2019, you wouldn’t need to worry. This is why it’s essential to keep your systems up to date.

Soon, on January 14, 2020, support will come to an end for all Windows Server 2008, 2008 R2 equipment and the Windows 7 operating system.

If you’re still using these servers or operating system, it’s crucial to replace them now so that there’s no disruption to your daily operations or loss of data.

Any hardware or software product that reaches its end of life is a potential gateway for hackers to enter through. In addition to the security hazard, there are other reasons why it isn’t a good idea to keep using old equipment such as unresolvable outages.

Where Can We Get Help?

Contact us to ensure your Microsoft desktops and servers are secure and protected from unauthorized intrusions.

Categories
Blog

What Is PII, Non-PII, and Personal Data?

Personal Data

Data security becomes more important with each passing year. It’s important to have a good understanding of the terms that both governments and the information security industry use. Understanding these terms will help you lead your organization to comply with today’s regulations as well as whatever new regulations are coming down the pike. Today we’ll define three major terms: personally identifiable information, non-personally identifiable information, and personal data.

Personally Identifiable Information (PII)

Personally identifiable information, or PII, is information that organizations may hold on individuals that can be tied to the individuals’ identities. The National Institute of Standards and Technology provides a legal definition for the USA:

PII is any information about an individual maintained by an agency, including (1) any information that can be used to distinguish or trace an individual‘s identity, such as name, social security number, date and place of birth, mother‘s maiden name, or biometric records; and (2) any other information that is linked or linkable to an individual, such as medical, educational, financial, and employment information.

PII comes in two varieties. Linked information is the more sensitive variety. Anything that can by itself be used as an identifier is considered linked information. Social security numbers, driver’s license numbers, full names, and physical addresses are all examples of linked information.

Linkable information is the second category. Linkable information can’t do much on its own, but it becomes powerful when linked with other pieces of information. ZIP code, race, age range, and job information are all examples of linkable information.

Non-Personally Identifiable Information (Non-PII)

Non-personally identifiable information, or non-PII, is information that doesn’t fall into the above categories. All sorts of information falls into this category. In the digital world, IP addresses, cookies, and device IDs are considered non-PII, since (unlike what you see on TV) these pieces of information can’t be used to identify an individual.

Personal Data

Personal data sounds like a casual way to describe the above, but it’s more than that. Personal data is a term used in Europe that is roughly equivalent to PII. Euro-centric publications won’t tend to use the term PII unless discussing something explicitly American. Many of the same principles of PII apply to personal data, but there are some further ramifications that are important to know.

As the USA does with PII, the EU has a specific definition for personal data, defined in GDPR as this:

Article 4(1): ‘personal data’ means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

A Crucial Difference Between PII and Personal Data

One of the most crucial differences between the NIST’s definition of PII and GPDR’s definition of personal data is this: GPDR concludes that even cookies, IP addresses, and “other identifiers such as radio frequency identification tags” can be personal data, especially when combined with other unique identifiers.

In short, the EU’s GPDR guidelines are more restrictive than their USA equivalents. This is the explanation for the rash of “cookie notices” that’s spread around the web, and it could have implications for your business.

Wrap Up

If you need more information about PII, non-PII, and personal data, don’t hesitate to reach out. We’re here to serve you and meet your IT needs.

Categories
Blog

Do Businesses Really Need A CHRO?

Business CHRO

Human capital is one of the most important business assets and also one of the most elusive. Today’s employees are staying only an average of around 4 years, far different than years past when people regularly stayed with the same company for over a decade. Job stability is a serious concern for organizations, who often find that they are losing their highly qualified staff members when a better offer comes along or when opportunities dry up. This can happen because organizations do not have a stable and structured human resources staff that is able to continuously create opportunities for training and advancement within the organization — staying tuned to the needs of the highest-performing staff members while supporting a positive culture throughout the organization. With the focus on swift moves and organizational change, it’s a strategic imperative that you have a top executive focused on the human resources needs of the business.

“Culture Eats Strategy for Breakfast”

Anyone who has been through business school has heard this old adage from management guru Peter Drucker, as related by Mark Fields in 2006. While it may be a bit trite, this statement has never been more applicable as the corporate culture can quickly fester due to poor decisions by business leaders who are not keeping personnel needs in mind. People want to work somewhere that provides personal as well as financial fulfillment and that often means finding a flexible working situation or the ability to advance their careers with hard work and dedication. If the culture of your organization is toxic with poor leadership in place, it may not even be obvious until you begin losing high-potential staff members.

With a Chief Human Resources Officer (CHRO) in place, there is likely to be a greater focus on gathering employee feedback as well as looking into breaches in rules and etiquette by staff. It doesn’t take long for a positive corporate culture to turn into a negative without a continuous focus on employee satisfaction. The perception that “leadership doesn’t care” or a lack of accountability can poison even the most positive working relationships. A CHRO helps actively listen around the organization and has the ability to raise concerns to the highest level while adequately explaining the challenges and offering strategic solutions.

Encouraging Meaningful Diversity and Mutual Respect

Diversity of thought and cultural fit are every bit as important as ethnic diversity in your workforce. It’s easy enough for managers to hire someone who not only looks like them but also thinks like them — something that a CHRO can help guard against. There’s more to a hostile workplace than a single person or small group of individuals who are behaving badly. It starts with the idea that staff members can get away with atrocious behavior and that the perpetrators are being enabled due to their high-performance standards or position within the organization. It can be challenging to discipline individuals who are perceived to be exceptional, but having C-suite representation for all personnel can help lead to accountability and mutual respect. Meaningful diversity occurs when managers and supervisors are encouraged to step outside their comfort zone and work with people who may be a great cultural fit, even if they may not have exactly the right pedigree or high levels of experience. A dedicated and involved CHRO helps hiring managers to see beyond the surface to find the exceptional staff members that will help the organization grow and evolve in the future. It’s never too early to begin encouraging managers to celebrate diversity and inclusion through a variety of different initiatives that can ultimately result in a more balanced workforce.

Attract and Retain the Best

Creating a positive culture also means finding what motivates employees and being able to illustrate the real business benefits of reducing turnover and providing the perks that employees truly want. HR is moving far beyond simply being the “complaint department” or a way to ensure compliance with a variety of rules and regulations. Having a CHRO provides the business with a higher degree of strategy in the hiring and managing of talented staff members. Millennials and Generation X alike appreciate being able to work from home or remote locations when the work permits it, but a CHRO is able to help quantify the savings that can be expected for the business as well as the softer side of employee engagement. Proactive human resources support is quickly becoming a differentiator for businesses that view these roles as more of a strategic position instead of the tactical role that HR has played in the past.

Finding benefits that employees will appreciate is only a portion of what goes into attracting and retaining the best staff members for your organization. A proactive CHRO regularly reviews the competitive landscape to ensure that health and wellness benefits are commensurate with the marketplace. Creating wellness initiatives also falls to HR, with the long-term benefits of these programs helping bring a new focus to the value of encouraging positive health choices throughout the life of each staff member. Having a CHRO included as a deliberate part of corporate strategic decisions creates a more equitable focus on the individual needs of employees as well as the organization’s requirements for long-term growth.

Experience and Training Key for Successful CHROs

Not every CHRO comes up through human resources. It’s not unusual for someone more on the business, marketing, or legal side to see the value in making the leap in this direction. It is crucial that any CHRO candidate has a deep understanding of the privacy and liability issues that can arise from this sensitive position and department. These individuals thrive when they have a full understanding of people management, legal considerations as well as business operations in order to help managers and leadership identify staff challenges and how to move toward resolution. Few of these issues will be solved overnight, meaning your CHRO must have the ability to stay the course and navigate difficult relationships over time. The role of CHRO even has some aspects of a Chief Security Officer, as they will need to understand and be able to manage in-depth data privacy policies which can be quite complex depending on your business model. Measuring the success of various initiatives is also a data-driven operation that requires analysis and interpretation of diverse datasets.

Organizations may survive without someone from human resources at the executive table, but it is becoming more unlikely that they will thrive without this representation in the C-suite. Chief Human Resource Officers provide a needed counterpoint to the business-focused mantra that you may hear from other executives, providing a different perspective on reaching organizational goals through the introduction of positive culture change, accountability, and diversity in hiring practices. This strategic role not only provides organizations with qualified candidates but also helps ensure that high performers stay and continue providing their brain trust to the business.

Categories
Blog Technology News

Are You Backing Up Your Data Correctly?

By now, all business owners should be aware of how important it is to perform regular data backups. Your vital documents could be destroyed in any number of ways. This is even a good idea for most individuals. We all have important emails, docs and photos that we would hate losing.

Has This Ever Happened To You?

You’re one of those cautious people who does make regular backups of your hard drive and phone. Then one day, your phone falls into the ocean while on vacation. Or your laptop is stolen at the airport. Now what?

You buy a new phone or laptop then sit down to install all your old files. But guess what happens? Your external hard drive has become damaged. Your thumb drive keeps giving you an error message. All that data and you can’t gain access to it! Regardless of how scary and unsettling this is for individuals, now imagine you’re a business owner and this same scenario unfolds.

Your IT department makes their backups daily. Then one day, an employee opens an email that contains a malware virus. All your data is destroyed within moments. You rush to the IT department, confident that everything can be restored within a few days. But when the IT guy tries to reinstall your database, something goes wrong. The backup won’t work! When an individual loses all their data, it can be heartbreaking. But when a business owner loses all their data, it can end in bankruptcy.

In addition, you not only need a backup of the data, but you will also need a way to virtualize the backup image locally quickly and off-site in the event of a disaster especially when it comes to critical data like a server or special user.  These are complex issues that business owners often leave to their IT department, but you can’t always be certain they’re doing everything by the book.

Are You Asking The Hard Questions?

It’s so important to test your data backups. If you do care about all those documents and photos, then check to make sure that your backups will work if you need them. For the business owner, this couldn’t be more important. And you can’t just assume that your IT department is doing this regularly. Making sure they’re doing their jobs is essential. Even the best-laid plans sometimes fail. There should always be a contingency plan in place.

When it comes to business, that means backing up your data several times per day. And it should be backed up onsite and offsite. But those backups must be viable. Will they work in the time of need? Make sure by making it company policy to not only perform the backups, but test them as well. This is something that all IT professionals should know and do without being told.

It would be great if everyone did their job every day the way they were supposed to. But if you’ve owned a business for very long, you know that this isn’t realistic. As the company owner, it’s your job to double check these important tasks.

Why You Need Reliable Data Backups

Just turn on the news and you’ll see why data backups are so important. These are some of the most recent and the worst:

  • In November of 2018, Marriott and Starwood properties lost 500 million records to hackers. They lost the personal information of half a billion customers. If you’ve ever stayed at a hotel, then you know the type of information that you must give them. They want your driver’s license number, your car’s license plate number, your home address, where you work—the list goes on. If you’ve ever stayed at a Marriott, then there’s a good chance all your personal information is for sale right now on the Dark Web.
  • In September of 2018, Facebook lost 50 million records of Facebook users. They would not acknowledge precisely what was stolen but finally admitted that hackers did have access to anything posted at Facebook for 50 million of its users. You’ve got photos, personal info, and no telling what else on Facebook. Could hackers have pics of your family and friends?
  • In August 2018, T-Mobile lost the data for 2 million of its users. They confirmed that the data did not include billing information but it did include account info, names, addresses, email addresses—no telling what else.

With startling data breaches like this occurring each year, we should all be more proactive about our data backups. We must make them regularly and we must test them to make sure they will work if need be. There’s just no other way to get your laptop or phone data restored in case of emergency. And for a business owner, the stakes are high. It’s not just photos and letters from friends and family; it’s your livelihood.

Are Backups Easier With The Cloud?

If you own a business, make it standard operating policy to test these backups each day. If you work with a good managed IT service, then that’s their job. They know how important this is and most will be performing and testing backups regularly. It’s still a topic you should address with them. If you’re using the cloud to back up your data, then this can be a safe and reliable way to make sure that your database will be there when you need it.

Do You Need Some Professional Guidance?

Your managed IT provider can manage, monitor and maintain a cloud-based Infrastructure more manageable. They will often see issues and resolve them before they cause trouble. This means fewer interruptions to your business operations and less downtime. Using a centralized cloud-based location means less time going back and forth with your managers to acquire and verify the information. There are lots of great reasons to choose the cloud and dependable data backups are just one of them.

Talk to your IT department or your managed services provider to get more information about this critical topic.

Categories
Blog

What Is PII Under GDPR?

GDPR PII

The security of user data is of high importance, and that importance only grew with the implementation of the EU’s General Data Protection Regulation (GDPR). These sweeping new regulations went into effect on May 25, 2018. They are European Union regulations, but they have sweeping effects since they apply to any business that stores personal information of any EU citizen.

It’s important to comply with GDPR. The first step, though, is to understand what exactly GDPR requires for your business.

PII Under GDPR

The short answer to the question of what PII is under GDPR is that it’s not a thing. Personally, identifiable information is an American term. The rough European equivalent is personal data. It’s important to note, though, that the two are not identical. The European standards are more restrictive, and the European category (personal data) is, therefore, more inclusive.

Here’s the bottom line: don’t assume that if you’re PII compliant that you’re automatically GDPR compliant. You need to do more for the latter.

Defining Terms

If you’re asking the question “what is PII under GDPR?” there’s a good chance you know some of the lingo already, but it’s worth reviewing.

Personally Identifiable Information (PII)

This term refers to any number of pieces of information that a company might store that can be used to identify individuals. Bad actors who accumulate enough PII on an individual may be able to compromise the individual’s accounts or even steal the individual’s identity. Examples of PII include (but aren’t limited to) driver’s license numbers, social security numbers, full names, physical addresses, and credit card numbers.

Remember, this is an American term, not a global one.

Non-Personally Identifiable Information (non-PII)

Non-PII is what’s left that’s not PII, in the American way of viewing things. This is the kind of information that can be used in aggregate forms. It’s useful data, but it can’t be used to identify individuals on its own. Examples include IP addresses, device IDs, and cookies left behind on devices while browsing the web.

Personal Data

Personal data is the EU equivalent of PII. It’s the information that businesses store on customers that could be used to identify those customers. The important difference here is the breadth of the definition.

GDPR concludes that even non-PII can be personal data. Cookies and IP addresses, for example, can be used in conjunction with PII to help reconstruct a person’s identity. For this reason, even these forms of information are considered personal data and are protected under GDPR.

The ruling that even cookies can be considered personal data is why you’ve started seeing cookie warning messages all over the internet. Those companies are seeking to comply with GDPR by receiving permission from all visitors to use cookies.

Best Practices for Businesses

Given the changing landscape of privacy regulations, businesses must adapt and stay compliant. Here are a few best practices for complying with GDPR.

Survey What Data You Collect

The first step toward compliance is to know what your business is collecting. Conduct a comprehensive survey of the data that you collect and store through your site.

Keep Only What You Need

Second, ask the hard questions about what personal data your business truly needs. If it’s not providing real value, dump it.

Get Permission to Keep It

Whatever you decide is essential, ask permission to keep it. That’s what the cookie notices are doing, and you need to do the same.

Conclusion

Data privacy regulations are complex. You might not want to go it alone. If not, we’re here to help. Contact us today!

Categories
Blog

Do You Know Your Passwords?

Passwords are a real pain for most people. But imagine what it’s like for a business owner. Companies often have dozens of accounts with vendors and suppliers. They work with accountants, manufacturers, delivery companies—even the guy who brings the water each week. All these represent accounts and for each account, there’s a password. But what is it?

Are Your Passwords A Priority?

As a business owner, these passwords should be a number one priority and yet many of them don’t have any clue who is in charge of passwords, where they’re kept or what they are. This has become a more prevalent problem for several reasons:

  • Employees quit and move on to other opportunities. What if the guy who manages all your passwords doesn’t show up for work one day?
  • Hacking and ransomware are a huge problem for businesses all over the world. Many companies are still not using two-factor authentication. They aren’t even using strong enough passwords. Let’s stop making it so easy for hackers to get in!
  • Industrial espionage is a real thing these days. Companies hire thieves to go to work for other businesses, learn all they can about their technology, then steal it. Imagine if your biggest competitor had the passwords to all your accounts.
  • Saving millions on R&D could give any company the edge. A recent article in Investopedia says that obtaining trade secrets from the energy, biotech, computer, chemical and auto sectors has become a common crime. Sometimes these secrets are used for bribery and blackmail and other times the information is stolen so it can be high jacked by a competitor. This can save a company millions of dollars in research and development. All they have to do is steal or copy some of your valuable documents. And all they need to do this is your passwords.

Password Missteps

What is the number one mistake people make when creating passwords? Believe it or not, people still use commonly known things like their birthdate, their spouse’s birthdate or a combination of their kid’s names. This is sheer madness! We simply make it too easy for crooks to get hold of our online documents. And with the advanced technology that cybercriminals use these days, it only takes them a few moments to crack most passwords. We aren’t even making it difficult for thieves to steal from us.

Too Busy?

Business owners often wear many hats. They have to oversee so much of their daily operations. They may have just lost a valuable employee or released a new product. There’s always something important going on. It’s no wonder that they turn over these seemingly smaller tasks to trusted employees. Often, if you ask a business owner about his passwords, he’ll tell you that the IT department is in charge of all that. But who is the IT department? There may be a few individuals who’ve been with the company for several years. But very often these employees work for a company for a year or so, then move on to greener pastures.

Each time an IT employee who had access to your passwords leaves your company, it should be standard policy to change them all. But this rarely happens. People get busy. They have so many irons in the fire. Maybe the business owner feels he can trust his IT people to do the right thing. But this sets up a scenario where any number of expensive mistakes can happen.

  • An ex-employee might be persuaded to divulge your passwords to a competitor for the right amount of money.
  • An angry ex-employee might want revenge so he could break into files and delete important documents.
  • A careless employee could put your passwords in an easy-to-find digital or physical location.

Employees Can Work For or Against You

For business owners, your employees may be your most valuable asset. But sometimes they can be your weakest link. They get careless, too busy, or they simply want to damage your business because they feel jilted. It’s important to be aware of all these various things that could go wrong. As they say, anything that “could” go wrong will eventually do so.

The bottom line for business owners is to protect what you’ve created. You’ve built a great company that employs dozens of people. You can better provide for your family now. Your employees have obligations too so if something negative happens to your business, it affects a lot of people. Those are a few things to keep in mind when thinking about those all-important passwords. They are the key to your everyday business operations.

A prudent business owner will always know where those passwords are and who has control over them. You should have a strong policy to protect them from outsiders or even your own employees. Anytime someone leaves your company who had access to the passwords, they should all be changed. Yes, this is a hassle, but the alternative is that you lose thousands of dollars or even your business reputation in the marketplace.

Need More Help?

For help with safeguarding your passwords, ask your managed IT service provider to recommend a solid system. This is their area of expertise. They know about all the latest cyber scams. Most managed IT companies have been around the block a few times. They’ve seen and heard it all and their expertise can be a valuable commodity that you should take advantage of.

Categories
Blog

Plan The Perfect Microsoft Office 365 Migration

Plan The Perfect Microsoft Office 365 Migration

If you’re trying to figure whether Microsoft Office 365 is right for you, then migration should be one of your primary concerns.

When it comes to a cloud-based suite like this, migrating to Office 365 from your current IT environment is no small task.

That’s why you have to be sure you know what you’re doing.

Before we get to the 6 steps you should follow for a perfect Office 365 migration, let’s make sure we’re on the same page about what it actually is…

What is Microsoft Office 365?

Microsoft Office 365 is a subscription-based service that enhances Microsoft applications like Word, Outlook, PowerPoint, and Excel with the flexibility and accessibility of the cloud.

There are two primary ways that this platform breaks down – the web-based and premium desktop versions:

Web-Based Microsoft Office 365

The web-based Microsoft Office 365 Business provides users with online (browser-based) access to all their range of favorite Microsoft Office apps:

  • Word (word processing)
  • Excel (spreadsheets)
  • PowerPoint (presentations)
  • Outlook (email)
  • OneNote (note-taking)
  • OneDrive (file hosting and synchronization with 1 TB of storage)
  • Access (database management, for PCs only)

Premium Office 365

The Premium desktop-based alternative gives users a range of enhanced and advanced features:

  • Exchange (mail server and calendaring management)
  • SharePoint (website building tool to share, organize, store and access information)
  • Teams (a tool for collaboration, meetings, chat, and communication)
  • Planner (task and teamwork management)
  • Invoicing, booking and business intelligence tools
  • Customer relationship management functions
  • Yammer, Microsoft’s social media platform that enables users to collaborate and connect with each other

However, that’s really just the beginning as to how the many tiers of Microsoft Office 365 plans break down…

What Microsoft Office 365 plans are there, and what do they cost?

As a flagship offering from Microsoft, Office 365 comes in many shapes and sizes. So many, in fact, that you might not know where to begin.

The following list breaks down the many primary plan types offered for Microsoft Office 365, what they include, and how much they cost.

For each plan, these prices refer to a per-user basis, per month. To figure out what it would cost you, simply count the number of users you need to add from your business, and you’ve got your monthly cost – that’s easy to compare against your IT budget.

Exchange Plan 1 – $4.95 USD per user per month
 Essentially just the email client aspect of the much larger Microsoft Office 365 platform, this plan includes:

  • Secure corporate email
  • 50 GB of inbox storage per user
  • Sent messages up to 150MB
  • All inbox management features available – sharing calendar dates and contacts, out of office messages, web-based email support.

SharePoint Online Plan 2 – $8.95 USD per user per month
 Primarily designed as a file sharing and storage plan, this plan features SharePoint and OneDrive, as well as:

  • Unlimited personal cloud storage
  • Real-time co-authoring of files in the Microsoft suite of apps
  • Centralizing and indexing of the user’s content in libraries and lists with metadata records management, and retention policies
  • SharePoint mobile capability
  • In-Place Holds that allow users to preserve content from edits or deletion

ProPlus – $12.95 USD per user per month
 In addition to Microsoft Outlook, Word, Excel, PowerPoint, Access (PC only), Publisher (PC only) and OneDrive (1TB storage), this plan includes:

  • Web-based and desktop versions of the above Microsoft applications
  • Skype for Business client (service not included)
  • Licenses for an unlimited number of users

Enterprise E3 – $21.95 USD per user per month

Including all the applications, services and features of ProPlus, this plan also provides:

  • File storage and collaboration with OneDrive and SharePoint
  • Additional apps and services listed under the Premium suite above, such as Microsoft Teams, Yammer, and Stream (providing users with the ability to stream video to team members and other contacts)
  • Email hosting with 100GB of inbox storage and custom email domains
  • Unlimited personal cloud storage
  • Online video conferencing for up to 250 attendees
  • Online meetings for up to 10,000 attendees through Skype Meeting Broadcast or Microsoft Teams live

Business Essentials – $7.95 USD per user per month
 An even more business-focused plan, this offering includes:

  • Mobile installation of Office apps (up to 5 devices per user)
  • Outlook email (50 GB of inbox storage per user and sent messages up to 150MB)
  • OneDrive for Business (1 TB of cloud storage per user)
  • Microsoft Teams
  • HD video conferencing
  • Yammer collaboration software
  • Office online (browser-based suite of Office apps)
  • Planner (project management platform that allows staff to plan projects, assign tasks, share files and communicate)
  • Microsoft Flow (workflow automation app that allows users to automatically configure notifications, sync files, collect data without having to code the process)
  • PowerApps (app development platform that allows users to build business-specific web and mobile apps)

Business Premium – $14.95 USD per user per month
 In addition to the complete desktop and online Office 365 suite of applications (Outlook, Word, Excel, PowerPoint, Teams, OneNote, Access [PC only], Publisher [PC only], Sharepoint, and OneDrive), this plan offer includes:

  • Business management and CRM tools – Outlook Customer Manager, Bookings, Invoicing and MileIQ
  • The range of online services offered in lower-tier plans like ProPlus and Business Essentials

Business – $20.00 USD per user per month

As the most commonly recommended plan for businesses, Microsoft Office 365 Business includes everything Business Premium has to offer, plus:

  • Enhanced security features such as attachment scanning and link checking for email, Information Protection Policies that add controls over how info is accessed, and data backup features that keep your information accessible
  • Device management features, fully integrated with iOS, Android and Windows, that allow for simple deployment and management of Windows on your mobile platforms

So that’s what these plans include – but obviously, that’s not all you need to know to make your decision.

There’s another key question…

What about Microsoft Office 365 migration?

Now that you know more about Microsoft Office 365, you may be interested in seeing what it can do for your business firsthand.

Unfortunately, it’s not that simple.

If you’re not already using Microsoft Office 365, then you have to figure out how to migrate to it. Migrating from one business technology to another isn’t necessarily a simple process.

Before starting on the step by step process, make sure you have these three key aspects of prepared:

List of Users

Keeping careful track of how many users you have and what they need to do will make migration much smoother than it would be otherwise. The last thing you want to do is overlook a user here or there and find they can’t access the system after launch because there weren’t enough licenses or log-ins arranged.

Temporary Passwords

While you sort out the details of your new Microsoft Office 365 environment, it’s smart to work with temporary passwords. That way, it’s easy to test the environment without issuing official credentials and log-in info.

Domain Registrar Information

This is especially important for Microsoft Office 365 migrations – why? Because email is a central facet of Office 365. In order to ensure seamless changeover between your previous email client and Microsoft Outlook, you’ll need complete information on your domain registrar.

The 6 Step Process To Microsoft Office 365 Migration

Planning makes all the difference between a successful migration and a disastrous one.

Follow these steps and take your time to execute an effective migration:

Plan ahead.
When preparing for your migration to Microsoft Office 365, it’s important to plan efficiently and thoroughly.

The best way to achieve this is with an actual meeting with those who are involved in the process. You should talk through a number of key factors both in the migration, such as:

  • Why are we choosing to migrate?
  • What benefits do we expect to gain from migrating?
  • How will our infrastructure change during migration?
  • How will the user experience change after migration?
  • How will we train staff members on using Microsoft Office 365?

This is an especially vital step because, if you don’t have answers to these questions, then you probably aren’t ready to migrate.

Knowing how to answer these questions means that you can avoid common pitfalls and hit the ground running with your new IT environment.

Furthermore, you’ll want to make sure your entire staff understands what migration means for their work. What kind of downtime will they encounter, what are the benefits they will have access to once it’s complete, etc.

Plan for your infrastructure.

The new Microsoft Office 365 environment will be built on the foundation that is your infrastructure, so you better make sure it is up to the task before you start.

Infrastructure-based considerations should include:

  • Bandwidth: You should assess your bandwidth to zero in on exactly how many concurrent client machines are connected to the network at any one point in time.  In theory, your bandwidth should be able to support at least that many concurrent machines running Microsoft Office 365, which dictates that necessary network segments and connections you’ll need.
  • Hardware: Migration is a great opportunity to take stock of your hardware. For example, in your new environment, will you need a server dedicated for Skype for Business? That depends on how heavily you plan to make use of it. This is the type of question you need to answer (and do something about) before you migrate, and not after.
  • Software: As Microsoft Office 365 provides virtually all the software you could possibly use, there isn’t too much to take stock of in your old environment.
  • However, if you and your staff currently use mail-enabled applications that you’re fond of, or that are so specific to your business and industry that you’ll need them post-migration anyway, then you need to make sure they are compatible with Exchange Web Services.

Equip yourself with a deployment tool.

The good news is that you won’t have to handle much of the migration process all on your own. Microsoft offers a Deployment Readiness Tool to help users plan out the many aspects of a successful migration – primarily, environment discovery.

This tool can analyze and gather info on your IT system’s Active Directory and domain settings, helping to take stock of your Exchange, SharePoint, End User environment and Skye for Business settings. In addition to the app-based features, the Deployment Readiness Tool will also log your network configurations and settings so that they are carried over in migration as well.

Furthermore, Microsoft also has an Assessment and Planning Toolkit. While it is not designed specifically for Office 365, it is useful for discovery and inventory of cloud services and applications. If you’re migrating from a cloud-based or hybrid environment, the Assessment and Planning Toolkit will likely be a useful aid in determining what you need to keep track of.

App-specific planning.

While much of Office 365 will migrate seamlessly from one version of Microsoft Word or Excel to the next, there are a couple of Microsoft apps and service that will require further attention when you migrate:

  • Sharepoint: Prior to connecting to Sharepoint, there are a few steps you’ll need to take through the Administration Center. Primarily, you’ll want to double check global site collection settings, Internet, Intranet, and Extranet settings, user profiles, and MySite.  In each of these cases, you’ll want to be sure that their settings match those of your current environment. The default settings in Sharepoint may not match your current ones, so take the time to verify before you start sharing business data.
  • Skype For Business: If you and your staff intend to use Skype For Business, particularly public Instant Messaging, then you’ll need to make sure your staff knows how.  Specifically, Windows Live is supported for public IM in Skype for Business, but Yahoo is not. Furthermore, this is separate from on-premises IM. In both cases, your staff will need to know how it works in order to get the most out of it. If you intend to use public IM, you may need to migrate from Yahoo entirely.

Lay out the end-user experience.

Once you’re done migrating, you’ll want your staff to be able to hit the ground running, right?

Then make sure they can actually do so before you start the migration. This means making sure the browsers they use are supported for web-based office 365, and the operating systems they use are supported for the suite:

  • Supported browsers: Internet Explorer, Mozilla Firefox, Google Chrome
  • Operating systems: Microsoft Office 2010, 2007 SP2, 2008 for Mac, Office Web Apps

It’s time to migrate.

Now that all the groundwork has been done, you’re ready to migrate.

Remember, there’s no rushing this process. If you want it to be effective, and if you want your new Microsoft Office 365 environment to work as planned, then be patient and follow the steps carefully.

Is Microsoft Office 365 right for you?

Depending on what you do for business, how large your organization is, what your budget will allow, Microsoft Office 365 may or may not be the right choice. Only you can decide for sure.

If you do believe that Microsoft Office 365 will have a positive effect for you, then make sure to carefully plan your migration. Regardless of whatever benefits it may bring you, a poorly planned migration is not worth the trouble it causes.

Categories
Blog

Malware attack hits US accounting firms

Malware Threat

A major accounting software and cloud services company has been hit by malware, affecting their many clients across the US.

Wolters Kluwer, a major provider of tax accounting software and cloud services, has been hit by malware. The many financial software services they offer to clients across the country have been down since Monday, May 6.

The software provided by Wolters Kluwer is extremely popular in the US accounting industry. Users include every one of the top 100 American accounting firms, as well as 90% of the top banks worldwide, and 90% of Fortune 500 companies.

This malware attack comes at an especially vulnerable time when many accounting firms (and their clients) are intending to file their taxes. With their primary accounting systems offline, they won’t be able to do so, or at least not with Wolters Kluwer software.

However, it’s not as simple as just using different accounting software. Wolters Kluwer also provides cloud services to their clients, which means that necessary client financial data is stored in their servers, and inaccessible by the accounting firms during this outage.

Since the attack began Monday morning, Wolters Kluwer took many of its systems offline to slow the spread of the malware. According to representatives, they have since been working non-stop to try to eliminate the malware and bring their systems back online. They have contacted authorities and third-party forensic teams to investigate the attack.

“We’re working around the clock to restore service, and we want to provide [clients] the assurance that we can restore service safely,” said Elizabeth Queen, vice president of risk management for Wolters Kluwer, to CNBC. “We’ve made very good progress so far.”

However, end-users have still not been able to access their tax documents that are stored in Wolters Kluwers cloud servers. The many systems that Wolters Kluwer took offline on Monday include the customer services lines that end users have relied on to get info from the software provider.

When a backup customer service number was finally provided, users were told that there is no estimated window in which the services will be fully restored. For the time being, thousands of accountants at numerous firms across the US are being expected to wait and see.

Categories
Blog

How Tech Is Changing The CEO’s Job Description

CEOs and Technology

For CEOs, digital transformation has changed the game. CEOs today need new approaches to leadership, planning and vision. Otherwise, they risk leaving themselves and their companies falling behind in the wake of rapidly changing technologies.

The last decade has seen a remarkable rise in digitally disruptive technologies that have forever changed business models, business processes and the nature of work.

Consider the impact the Internet of Things, Big Data, analytics, automation, artificial intelligence and cloud computing have had on the way businesses operate. One only needs to look at what impact companies like Airbnb and Uber have had on the lodging and transportation verticals to realize that a new leadership approach is an absolute mandate for CEOs today.

How Is the Modern CEO Role Changing?

“Technology isn’t changing only corporations—it’s also changing the job of the CEO, bringing with it the challenge of keeping up with technological development,” notes a recent McKinsey & Co. article.

There are plenty of resources out there to help CEOs stay in touch with and understand emerging technologies, according to one anonymous business leader in the McKinsey piece. “What’s much harder for a leader is deciding what’s relevant and what’s not,” he said.

That means today’s CEOs need to be clear about priorities and be able to make fast decisions about to pursue.

What Leadership Structure Does a Tech-Savvy CEO Need?

The c-suite looks very different today than it did a decade ago. New titles reflect the importance of technologies in the modern enterprise: Chief automation officer, chief data officer, chief digital officer and chief information security officer are just a few of the roles that companies realize are critical for success.

Board members and senior executives alike need to be adept at and capable of adapting to the technical revolution, providing leadership and guidance to the CEO. These leaders may have experience and demonstrated success, but today they need to be agile. And the CEO needs to be aware of what they need and make changes accordingly.

How Can CEOs Plan for Digital Transformation?

“I very rarely get pulled into the today,” Amazon founder Jeff Bezos told Forbes in a 2018 interview. “I get to work two or three years into the future, and most of my leadership team has the same setup.”

That’s the right approach for CEOs wanting to lead digital transformation.

With so much disruption, Greg Crandall of Query Consulting Group suggests CEOs need planning processes that focus on customers and employees first. Customer expectations are evolving; they expect easy access to brands and that those brands know who they are, how they have interacted and can deliver immediate answers.

“Today’s organizations must compete within themselves to meet the needs of current and targeted customers. … This means internal teams, departments and other groups must compete … and cooperate with each other to transform the customers’ experiences by empowering employees to think and act in ways that, ultimately, transform the organization itself,” Crandall writes. “And to do this, those teams need leadership from the top that promotes thinking critically, communicating transparently, and acting with agility.”

The focus on the customer is paramount to Tim Cook, Apple’s CEO. In a January 2019 interview, he said, “What I focus on is the customer. The customers speak every quarter. They speak every year. They speak every day. And the most important thing for us is that they’re satisfied.”

The cycles are changing too. Gone are the days when 3- to 5-year planning cycles suffice. Today’s CEO needs to lead a process of continuous planning and assessment.

How Do Today’s CEOs Have To Communicate?

Transparency and humility are the order of the day for the modern CEO. Customers, partners, employees and stakeholders expect open and clear messaging. They cannot think of digital strategy as somehow separate from other strategic planning.

Instead, CEOs need a holistic approach that embraces and incorporates technology, listens carefully to customers, and applies that learning and perspective into changes to business models, business processes, markets, structure and culture. The CEO needs to project that the organization is one that is adaptive, learning and nimble.

How Big a Role Should the CEO Play in Digital Transformation?

Traditionally, Research and Development and IT divisions have been responsible for product development and innovation. That’s changing, notes Thomas Siebel, chairman and CEO of C3 IoT.

“With the 21st-century digital transformation, the adoption cycle has inverted. What I’m seeing now is that, almost invariably, global corporate transformations are initiated and propelled by the CEO,” Siebel writes. “Visionary CEOs, individually, are the engines of massive change that is unprecedented in the history of information technology—possibly unprecedented in the history of commerce.”

As technology transforms companies, industries and how we live, work and play, it’s only natural that the CEO’s role also needs to change. CEOs who recognize and embrace the digital revolution are most likely to see their organizations thrive and grow.

Categories
Content

Microsoft Azure

What Is Microsoft Azure?

Microsoft Azure is a growing collection of cloud services for building, deploying and managing intelligent applications through a global network of data centers. Most cloud services providers offer similar features like on-demand capability and scalability. But it’s the applications that make Microsoft Azure truly shine.

What Is Azure Commonly Used For?

At its core, Azure is a public cloud computing platform—it’s an Infrastructure as a Service (IaaS) and Platform as a Service (PaaS) that can be used for services such as analytics, virtual computing, storage, networking, and much more. It can also be used to replace or supplement your on-premise servers.

How Does Azure Work?

Azure, like other cloud platforms, relies on a technology known as virtualization. Essentially, the Cloud is a set of physical servers in one or more data centers that execute virtualized hardware for customers.

What Are the Benefits Of Using Azure?

Hybrid: Develop and deploy where you want with the only consistent hybrid cloud on the market. Extend Azure on-premises with Azure Stack.

Productive: Reduce marketing cycles by delivering features faster with more than 100 end-to-end services.

Intelligent: Create intelligent apps using powerful data and artificial intelligence services.

Trusted: Join startups, governments, and 95 percent of Fortune 500 businesses who run on the Microsoft Cloud today.

What Types Of Companies Use Azure?

Azure is great for businesses of all types. Some of the companies using Microsoft Azure include:

  • Johnson Controls.
  • Polycom.
  • A.P Moller-Maersk Group.
  • Seattle Seahawks.
  • Fabletics.
  • Grisard Management AG.
  • Drive Time.
  • Pacifico Seguros

Where Is Our Data Stored With Azure?

Microsoft Azure not only offers more regions than any other cloud service provider – it also makes it easy to know where your data is stored. Whether you need it stateside or elsewhere, Microsoft Azure gives you access to an unparalleled network of data centers.

Why Else Should We Use Microsoft Azure?

It allows you to eliminate expensive onsite servers and gain secure access to your data in and out of the office – but that’s not all. Microsoft Azure provides a range of benefits.

  • Harness fully managed services.
     Being free of onsite servers is just the beginning of the benefits offered by Azure. The serverless computing solutions equip you with the capability to take advantage of programming models that are offered nowhere else, helping to simplify event-driven computing.
  • Access and deploy your serverless solutions wherever you need to.
     No matter what you need them for, Azure offers easy access to the solutions you use. Whether you’re on-premises, working in a hybrid environment like Azure Stack, on IoT Edge devices, or in other clouds, you can access functions as needed.
  • Increase the security of your data.
     You’ll have Azure Active Directory for on-site directories and authentication, secure VPN (Virtual Private Network) connectivity, a scalable and secure Application Gateway, DDoS Protection, Advanced Threat Protection, and much more from the Azure Security Center. Microsoft Azure data is stored in data centers that offer an industry-leading combination of physical and logical safeguards, from high perimeter fencing and 24/7 surveillance to multi-factor biometric locks. And compliance is never in question with governance capabilities built into Microsoft Azure.
  • Use Azure with your smart devices.

IoT Central and IoT Hub let you connect, monitor, and manage your IoT assets, with notifications for authenticated devices and message delivery tracking. Given the explosion of the “smart” device industry, Microsoft’s IoT Hub is the best friend you didn’t know you needed.

  • You’ll benefit from extensive scalability.
     Whether you need to go global now or in the future, Microsoft Azure has the network and the resources to facilitate your business’ growth around the world. With Microsoft Azure, your ability to deliver services isn’t limited by your local infrastructure.
  • You can go green.
     Whether your business has a mandate to be as green as possible or not, you can do so with Microsoft Azure. After achieving carbon neutrality in 2014, Microsoft Azure set and has maintained their goal of averaging 1.125 power usage effectiveness (PUE) for each and every data center they open.

What Web Solutions Does Azure Provide?

One of the most popular platforms within Microsoft Azure is its group of Web solutions, including the Content Delivery Network which focuses on the user experience and reduces load times. Microsoft Azure guarantees massive capacity with a scalable interface while avoiding new infrastructure costs.

Microsoft Azure’s Content Delivery Network provides advanced analytics about workflows by tracking content engagement in real time. The E-commerce platform offers the ability to give your staff what they want with a personalized and secure experience.

Does Microsoft Azure Use Virtual Machines?

Create Windows Virtual Machines with on-demand capacity in seconds, as opposed to the decades-old process of on-boarding a new physical machine in a day (or more). It’s an added bonus if your organization is growing and needs high performance.

Does Azure Use Artificial Intelligence?

Artificial Intelligence and Machine Learning capabilities are just a few clicks away for your next-generation applications, like server-less bot services (think chatbots).

Does Azure Include Developer Tools?

Beyond the managed services, Azure has a range of tools to help your team do what they do even better. This comprehensive set of development, deployment, and management tools includes local development and debugging via Visual Studio or the Azure CLI, continuous deployment with Azure DevOps tools, and live monitoring thanks to Application Insights.

Azure has A plethora of tools for developers to build, edit, test, diagnose, and deploy code in a variety of environments. Use Azure’s IoT Central, a scaled solution for connected devices that allows you to build production-grade applications in a matter of hours without extensive development experience. You’ll have Azure Database for MySQL, SQL Data Warehouse, Azure Database for PostgreSQL, SQL Server on Virtual Machines and more.

The managed services available on Azure include data, messaging, and intelligence to create scalable, highly available applications. Give your team the toolset that they need to focus on identifying and developing solutions to real business problems.

How Do We Migrate To Azure?

Migrating can seem like an insurmountable task, but there are several steps you can take to simplify the process:

  • Plan for a brief period of downtime, and schedule migration accordingly for minimal impact.
  • Consider dependencies and plan configurations so data and programs aren’t compromised.
  • Migrate entire databases to Azure rather than running Azure functions within an internal database to avoid data loss.
  • Include remote and virtual machines in scheduled migrations, so connectivity is maintained.

No matter how advanced or simple your needs are, Microsoft Azure has a solution for your business and can help you grow, protect your data, and increase your efficiency. From reliable and secure data storage to flexible environments, Microsoft Azure has the solution for your organization’s future.

Skip to content