Remote Work

Public WiFi Security Myths, Facts & Best Practices

Public WiFi Security Myths, Facts & Best Practices

DesignDATA
wifi-security

For many workers, the ability to work from anywhere is one of the most appreciated perks of modern wireless technology.

Are you feeling trapped inside with lots of work on a beautiful sunny day?

No problem – you can pack up your laptop and finish your work from a table on the patio at your local coffee shop.

Dog begging for attention while you try to work? Take her to the dog park and write a report from a picnic table while she runs around. Need to send a last-minute work email before flying off for vacation? You can take care of it from the airport waiting area. 

Working remotely gives workers and companies unprecedented flexibility, but, like many benefits of technology, working from anywhere can be a double-edged sword. For example, the public WiFi networks that enable employees to work from coffee shops, parks, and restaurants also present a security risk to company data.

Millions of people are working remotely due to COVID-19 precautions. As restrictions ease in some locations, more workers will seize the opportunity to leave the house and work from other places, often using public WiFi. Companies must understand the risks of using public WiFI and develop best practices to protect company networks and data.

Most people are aware of some risks associated with using public WiFi. There’s a lot of helpful information on this topic, but there are also some myths. In this article, we’ll examine the truth of three common statements about public WiFi security.

We’ll discuss some best practices for safely working via public WiFi.

#1. When working on public WiFi, other devices can communicate with your device without your knowledge

This statement is true. 

On some public WiFI networks, hackers can gain access and initiate communication with your device. They don’t even have to be anywhere near you. Malicious actors can do this from hundreds of miles away. The risk is real, but there are mitigations. You should ensure that all company devices have the latest security patches and updates. 

Another effective tactic is to use a software-based firewall (such as the Windows Defender Firewall built into Windows 10) and implement hardening policies to disable services that may be listening for remote requests (such as remote registry and remote desktop).

#2. Anyone can snoop on your Web browsing and traffic on public WiFi

This one is a partial myth.

Traffic to regular http:// sites is visible to anyone, but https:// sites are encrypted. This is critical knowledge for workers using public WiFi. To avoid prying eyes, be aware of whether the sites you visit are http:// or https://. On laptops, this is indicated by a padlock icon in the browser bar. In addition, some browsers will message you “not secure” if you visit http:// sites. Pay attention to these indicators and don’t view or type sensitive information on an unencrypted site.

Additionally, some other services are also not secure. FTP and Telnet are two examples where all communication (including passwords) is sent in clear text for anyone willing to listen in to hear.

#3. The only way to work safely on public WiFi is to use a VPN connection.

This statement is widespread, but it’s not true.

Using a VPN effectively reduces the security risk of using public WiFi, but it’s not the only way. For example, if a VPN is not required to access internal company servers or applications, it may be redundant since traffic to and from https:// sites is already encrypted.

Other security strategies can reduce the attack surface available to hackers and protect devices, even without a VPN. A few of these strategies include reconfiguring vulnerable legacy Windows features and using secure browsers and applications that enforce Transport Layer Security (TLS) for all communications.

You should investigate all the available options before deciding the best path for your company.

For Companies

The first step for companies is establishing a clear policy about working with public WiFi. Then, whatever policy you choose, ensure your employees have what they need to work productively under company best practices.

One of the most effective ways is to provide adequate training resources and on-demand help desk support.

If you allow your employees to access the company network and data via public WiFi, ensure that company devices are well protected. Managed security patching, a managed software-based firewall and managed endpoint-based antivirus protection are all essential.

You may choose to disable or restrict access to company systems based on public WiFi security risks. If you go this route, provide your employees with other remote connectivity options such as a VPN, a work-issued hotspot, or reimbursement for using their personal phone’s hotspot.

When choosing a VPN, make sure to evaluate the pros and cons of options such as full-tunnel vs split-tunnel and make the best choice for your company.

For Employees

First and most importantly, make sure you cooperate with your company’s established best practices.

Next, research and educate yourself on the most recent expert tips for safely using public WiFi. The recommendations include making sure you only visit websites you know are fully encrypted (https:// only), refraining from downloading any new updates or software, and logging out of accounts once you’ve finished what you’re doing. 

Recommendations continually change as technology evolves, so check frequently to ensure you’re current.

Interested in Learning More?

This article should help you determine if your company is headed in the right direction with its public WiFi policies and precautions, but that’s only one small part of the bigger cybersecurity picture. If you would like more information, check out our free cybersecurity resources. 

Ready to take action? 

Public WiFi Security Myths, Facts & Best Practices Read More »

3 Ways to Improve Hybrid Meetings in 2023

3 Ways to Improve Hybrid Meetings in 2023

DesignDATA

Four-minute read

It is safe to say that hybrid work is here to stay. According to Forbes, 81% of business leaders believe hybrid will be the leading work model by 2024, but over 70% of businesses lack a comprehensive hybrid strategy.

For companies to succeed in this ‘next normal,’ they need a strong foundation. That foundation is an effective means of communication and collaboration. Hybrid meetings always result in inequity between in-person and remote participants. One of the best ways to mitigate this is by implementing the most meaningful hybrid meeting technology for your organization. But first…

Look at the how of hybrid meetings

Businesses worldwide are choosing hybrid work models because they value in-person collaboration and access to a global talent pool. To balance these potentially conflicting elements, how meetings are conducted cannot benefit one set of employees over the other. Even the perception of proximity bias can palliate employee morale and dampen productivity. Being intentional and thoughtful about how you structure your synchronous meetings can mitigate these potential hazards.

This first requires a systematic process for determining which meetings need to be hybrid, then eliminate meetings that shouldn’t be meetings (can the discussion be resolved with a group chat, online poll, etc.? ). Finally, keep meetings remote if possible, even if a few participants are in the same place. This measure avoids creating a two-tiered participation system.

Look at the why of hybrid meetings

The phrase “this could have been an email” is all too familiar for the seasoned office denizen. Meetings should have a predetermined structure and purpose. If you are taking your team away from developing, improving and selling your product, then these meetings need to have demonstrable value, and different types of meetings need to be used strategically.

Take measures to keep “deep teamwork” – collaboration, innovation and interpersonal bonding – in-person whenever possible, and leave hybrid meetings to “shallow teamwork,” such as coordinating, information sharing and straightforward decision making. Then, reduce inequities as much as possible through technology and design meetings from a remote-first standpoint.

Navigating the evolving remote and hybrid work landscapes can be challenging. But together, we can learn from one another and discover how to use technology, communication, cybersecurity and other techniques to our advantage. Click the button below to gain access to our HybridCSI 2022 content, where you’ll be able to watch video sessions and download resources that offer industry insight and tips. It’s time to empower your workplace.

 

Invest in Audio and Video Technology
Do not underestimate the impact discordant technology can have on employee experience. In 2021, 22% of companies reduced their office use while working remotely, but only 38% upgraded their video technology. This did not escape the notice of employees, as 70% had some difficulty contributing to video calls. The best place to start is with audio. Hearing and being heard is a crucial part of ensuring equal inclusion in remote meetings. For example, we had a client conduct a  major board meeting with some members in-person while others were remote. The sound was so terrible that an important vote took place without the remote participants realizing; they could not participate. We have experienced meetings where a cell phone on a conference table is the only audio connection between in-person and remote participants, which is certainly not ideal. These are just a few examples of the inequity and disruption of inefficient hybrid work technology. Once you have an excellent audio solution, you can explore new video technology. One piece of technology to look out for is life-sized remote participation, where cameras are at eye level to facilitate better eye contact. There are also smart cameras available that pick up individual attendees in a room and put them in their own space on the screen.
Be Intentional
Technology plays a large role in creating more inclusive and productive meetings, but there are other techniques you can put into practice too that aren’t always tech-based. Business leaders should constantly stay on top of all productivity trends to streamline processes and support staff. Here are some other tips we recommend:
  • Only invite teammates who really need to be in the meeting. Having people in a meeting who may not be vital to the topic can actually waste time, effort and potentially money. Instead of the individual working on mission-critical tasks, they’re sitting in a meeting that may not apply to them. Instead, invite people who absolutely need to join the conversation. If something important arises, people in the meeting can relay the information to other members in a simple Microsoft Teams message or email.
  • Provide your team with an agenda. Prepare an agenda in a document, with action items. We are human, so sometimes we may get distracted by personal conversations during a meeting. Having an agenda to look back to can keep everyone on track. Also, send the agenda to your team 20 minutes before the meeting so that they will know what will be covered and can create questions beforehand.
  • Your meeting should have a strong ending. There’s nothing worse than awkward silence and a meeting ending abruptly, and from experience, this seems to be enhanced for virtual meeting attendees. To avoid this, set the stage and allow people to voice questions or concerns.

How an IT MSP can help

The most important takeaway is to critically examine why you are doing things and how these things align with your goals and enable your staff to create value for your customers. It is immensely rewarding finding ways to boost productivity and elevate employee experience by thinking through workplace processes, policies and technology. This is far easier said than done. designDATA can help you take your team’s productivity to the next level by optimizing collaboration and communication tools. We work closely with our clients to ensure successful staff adoption of productivity tools like Microsoft Teams, Microsoft 365 Business Voice and OneDrive. We also offer custom deployment plans that keep your team secure, productive and engaged.

3 Ways to Improve Hybrid Meetings in 2023 Read More »

Work-From-Home Security: How to Close the Gap

Work-From-Home Security: How to Close the Gap

DesignDATA

Working from home has long been a dream for many office workers. Recent developments in cloud technology and video conferencing have enabled companies to offer part-time or permanent remote or hybrid options. Experts predicted this trend would increase, but no one expected a global pandemic to make the dream of working from home a reality for millions. With this shift comes the need to tend to work-from-home security.

The Shift to Remote and Hybrid Work

When COVID-19 hit, companies quickly pivoted to remote operations. No one knew how long the situation would last, and the initial focus was on maintaining worker productivity. The new way of working allowed for this, but it came with some challenges too. Remote work and hybrid work aren’t going away soon, and it is time for companies to get serious about work-from-home security.

These new ways of working have produced new pathways for cybercriminals to attack. Hackers and other malicious cyber actors are attacking remote and hybrid workers with three primary tactics:

Email & Phishing Scams

Hackers have taken advantage of the COVID-19 crisis to launch phishing attacks through email, texts and social media. Fraudulent emails are often disguised as helpful information from company leadership or as requests from the company for personal information.

Unsecured Wi-Fi Network Infiltration

Devices connected to unprotected home networks are an easy target for cybercriminals. They use this vulnerability to steal data and passwords and intercept sensitive messages.

Personal Computer Hacks

A large percentage of workers admit to using their personal or mobile devices for work-related purposes. Employees often transfer company data to personal devices for convenience or other reasons. This makes the data vulnerable to attacks — especially since many people don’t regularly install security updates on their devices, nor do those devices have all of the protective software that a business-owned device would.

What Can Business Leaders Do? 

Excellent cybersecurity starts with savvy leaders who understand the risks and implement smart policies to keep home offices secure. Here are three policies business leaders can introduce to set their companies up for work-from-home security success.

Disallow the Use of Personal Computers
Make sure all employees have company devices. Set the clear expectation that business data will never be transferred to or accessed from personal computers. Suppose bring-your-own-device is already part of your culture. In that case, you can work with your IT team to develop standards that users of personal devices need to adhere to, such as installing the organization’s antivirus or patching tools.

Ensure Data is Stored Securely in Business-Approved Repositories
Many employees have a personal Dropbox or other cloud-based data storage account. They also often store data on their local hard drives. Set up easy-to-use company data repositories and implement policies that prevent workers from using their personal accounts to store and share company data.

Require Relevant Cybersecurity Awareness Training
Train employees on relevant security topics such as “how to recognize phishing attacks,” “proper password management” and “company cybersecurity best practices.” Adequate training resources are available, and leaders should make sure their employees participate regularly.

What Can IT Teams Do?

While leaders set cybersecurity policies, IT teams make recommendations and do the technical work to implement the policies and procedures that secure company networks and data. Here are four technical strategies IT teams can use to help employees keep company data safe while working from home.

Use Multi-Factor Authentication (MFA)
Passwords and physical devices are both relatively easy to steal. IT teams can prevent malicious actors from accessing company data by requiring more than one form of identification to access company devices and systems. MFA is essential for controlling access to publicly-accessible services, such as Microsoft 365.

Require a VPN Connection to Access Company Data & Applications

VPNs boost security by providing remote employees with a secure connection to the company network. Employees should only be able to access internal company data and applications through a VPN. Ensure the VPN is configured with network segmentation and profiles, so each department or external vendor account only has access to the servers or devices needed to do the job. For example, a marketing user’s VPN shouldn’t allow them to ping the accounting server. Also, an external vendor that uses the VPN to help manage a database application shouldn’t be able to access a file server through the VPN.

Use Remote Monitoring & Management Tools
These tools help IT teams monitor all devices used by ensuring employees are up to date on security patches and antivirus updates. This also allows helpdesk employees to assist remote users with requests directly.

Deploy a Business Password Management Tool
Employees are notorious for writing passwords on sticky notes or storing them in files on their desktops. Give workers a more secure and convenient option by providing a business-approved password management tool to help them create strong passwords and keep them organized. Talk to your IT service provider for recommendations.

What Can Employees Do?

All the best leaders and tech-savvy IT teams in the world can’t secure a home office if employees don’t cooperate. The following actions will ensure that employees do their part to maintain cybersecurity while working remotely.

Protect Your Home Wireless Network With a Password
This seems simple, but many employees either have open home wireless networks or have never changed the default password. You should set a strong password for your home Wi-Fi network and make sure not to post it where it can be easily seen.

Cooperate With Company Policies
Corporate cybersecurity policies about passwords, personal devices and document storage can seem burdensome or paranoid. However, they pose real risks to company data security, and there are consequences if employees don’t cooperate with the policies. Employees should be diligent in complying with all company cybersecurity policies and best practices.

Be Wary of Suspicious Emails and Attachments
Hackers and other cybercriminals often pose as managers or team members in emails, chats or meeting requests. Remote work and hybrid work make it more complicated and critical for employees to carefully identify the people they interact with. To maintain work-from-home security, employees must be rigorous about identifying everyone they meet or share company information with.

Want to Learn More?

The steps described in this article will help you get started in securing your employees’ home offices, but there’s a lot more to ensure your company has excellent cybersecurity.

Ready to take action?

Let’s connect. Book a call with us and we will introduce you to one of designDATA’s cybersecurity experts to get started.

Ready to take the next step? Let’s connect! Book a Security Assessment with one of our cybersecurity experts to see how we can help you.

Work-From-Home Security: How to Close the Gap Read More »

The Benefits of Moving to the Cloud for Remote Work Productivity

The Benefits of Moving to the Cloud for Remote Work Productivity

The Benefits of Moving to the Cloud for Remote Work Productivity

DesignDATA
The Benefits of Moving to the Cloud for Remote Work Productivity

Four-minute read

The tech industry notoriously loves to use nebulous and arbitrary buzzwords, like “big data,” “net neutrality,” or “machine learning.” Rest assured, though, cloud computing isn’t one of them.

In reality, the concept of the cloud has been floating around since the 1960s (even if it was just a wild concept at the time). Since then, however, it has not only been fully realized but has matured rapidly to level the playing field among businesses of all sizes.

What is “The Cloud”?

In the simplest terms, “the cloud” or “cloud computing” involves storing and accessing data over the internet instead of in some physical infrastructure, like your computer’s hard drive. Within this definition, there are three distinct service models: Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Software as a Service (SaaS).

IaaS
This encompasses the fundamental building blocks of computing that can be rented, whether that’s physical or virtual servers, storage or networking.

PaaS
This is the next layer up from IaaS. On top of the underlying storage, networking, and virtual servers, PaaS also includes the tools and software required to build applications, including middleware, database management, operating systems, and development tools.

SaaS
As expected, this is the delivery of applications as a service. SaaS is likely the version of cloud computing that most people are familiar with because the underlying hardware and operating system are generally irrelevant to the typical end-user, who will access the service via a web browser or app.

Yes, IaaS, PaaS, and SaaS are distinctly different service models, but they are not mutually exclusive. While many organizations understand and utilize more than one, the concept of the massive power-consuming data processing that is happening on the other end in a data center may be a bit ambiguous to an individual user. Moreover, cloud computing is such a large umbrella concept that you may not even know you’re using it. However, if you’re taking advantage of applications like Microsoft Teams, Google Drive, Apple iCloud, Dropbox, and a slew of others, you’re already exploiting the cloud!

Cloud Deployment Models

Cloud Deployment Models

There are plenty of cloud service providers in the market, but the most popular are Amazon Web Services (AWS), Microsoft Azure, and Google Cloud. As you research cloud providers to identify one that offers services that best fit your organization, you’ll also have five main cloud deployment models to choose from: public, private, hybrid, community, and multi-cloud.

Public
This is the classic, most popular cloud-computing model. With a public cloud, you don’t own any hardware; users access a large pool of computing power over the internet from a cloud service provider. With this model, you gain the ability to rapidly scale a service because of the vast amounts of computing power available from the “multi-tenant” architecture.

Private
This is essentially the opposite of the public cloud. With the private cloud, organizations can benefit from the flexibility of the public cloud but also gain an added layer of data security because all information is tucked away behind the corporate firewall. Therefore, companies can control precisely where their data is being held with customized infrastructure.

Hybrid
As expected, this model combines private and public cloud environments. Some less-sensitive data is stored in the public cloud, and the more sensitive projects are stored in the private cloud (which can also be on-premise servers). In the hybrid model, organizations utilize multiple vendors with different cloud usage levels to work as one system.

Community
This model represents a cloud dedicated to a few organizations within the same community. In this case, it’s not a public cloud (because it’s essentially “members only”), but it’s also not a private cloud dedicated to a single company. Although it’s not particularly popular, it’s worth being aware of.

Multi-cloud
As the name suggests, this model uses more than one cloud provider at a time for redundancy, or increased reliability. Although all public cloud providers provide options for fail-safes, accidents still happen. With multiple cloud providers, you have an added layer of security and comfort knowing that if an accident occurs with one provider, your backup provider will still be available.

How Does It Work?

At a basic level, companies rent access to anything from applications to storage from a cloud service provider rather than owning onsite infrastructure or data centers. At this point, nearly any service that doesn’t require you to be physically close to the computer hardware that you are using can now be delivered via the cloud.

Although there’s a significant amount of cloud-related information, here’s the takeaway: with an internet
connection, cloud computing allows you to work anywhere, anytime.

Benefits

Traditionally the most widely discussed benefit is avoiding the upfront cost of owning and maintaining on-premise IT infrastructure, decreased complexity, increased security, and faster deployment times. However, in this era, the focus is shifting to the benefits for remote-work productivity: connectivity and accessibility, increased collaboration, and improved efficiency.

Connectivity and accessibility
With cloud technology, users within your organization can access all your files from anywhere, using any device. All information is accessible 24/7 with an internet connection. With that freedom also comes decreased risk since files are no longer stored on any physical computer.

Increased collaboration
Switching to the cloud supports simultaneous syncing, working, and sharing files in real-time, thereby increasing the collaboration and efficiency of employees. Now the location of employees is insignificant; employees from all over the world can collaborate seamlessly.

Improved efficiency
Gone are the days when you worry about your organization’s power requirements, space considerations, expensive computer hardware, or software updates. Similarly, the downtime associated with these issues is in the past. When you shift to the cloud, your entire company can stay focused on building quality relationships that generate revenue, not on IT issues.

The Future of Remote Work

Increased flexibility, enhanced integration capabilities, improved work processes, and reduced overhead costs will continue to drive organizations to utilize the cloud. Small and medium-sized businesses (SMBs) can now compete with larger corporations as new, powerful web-based business apps shift the financial costs and bridge the “software divide” that once separated them.

With this technology, SMBs can measure significant benefits from their cloud investments, including increased productivity throughout their organization. With unbounded connectivity and accessibility, increased collaboration, and improved efficiency, your organization can operate at its intended level.

Are you curious about how you can boost internal productivity? Our experts would be honored to answer any questions you may have – and don’t forget to check out our free monthly training session focused on enabling your teams to do their best work.

The Benefits of Moving to the Cloud for Remote Work Productivity Read More »

How To Protect Your Company From Business Email Compromise

How To Protect Your Company From Business Email Compromise

How To Protect Your Company From Business Email Compromise

DesignDATA
How To Protect Your Company From Business Email Compromise

Phishing scams have been a persistent threat for years. It’s likely that you’ve received an unexpected email informing you of a compromised account or a plea for immediate funds from a friend stranded in a foreign country. Perhaps you’ve even been notified of an impending eviction or the urgent need to update your computer’s antivirus protection.

These emails lure you in with a link to download software or a request for your banking information, but beware! These deceptive emails can leave you with malware on your computer or unauthorized charges on your credit cards. While they can be irritating, a well-trained eye can usually identify the fakes.

Phishing emails often have misspelled words, domains that don’t seem right, missing signatures, grammatical mistakes, or other telltale signs that tip you off to the scam. As long as you know what to look for and stay alert, you and your employees can avoid becoming victims of traditional phishing scams.

But, what if the usual telltale signs are missing from a phishing email? What if the phishing email appears completely authentic because it originates from the email account of a trusted individual or reputable organization?

The risk of falling into the trap of a business email compromise (BEC) is significantly higher for you and your company. Unfortunately, this is an all too common occurrence. However, in this article, we will delve deeper into the world of business email compromise and provide valuable insights on how you can effectively protect your company from such attacks.

Understanding Business Email Compromise

According to the FBI, business email compromise schemes resulted in $1.7 billion in losses to companies in 2019 alone. Data from Check Point Research suggests that the numbers for 2020 are even higher, as cybercriminals have taken advantage of the disruption caused by the global pandemic to launch hundreds of thousands of cyber attacks on distracted workers.

A business email compromise occurs when a malicious actor controls someone’s email account. This can be achieved by guessing usernames and passwords, especially on widely-used platforms like Microsoft 365 or Google Mail, leveraging stolen credentials from data breaches, or deceiving individuals into entering their passwords on fraudulent websites. Once inside, the cybercriminal can exploit not only the compromised organization but also its business associates.

After gaining access, attackers study their targets, understanding their habits and communication patterns, ensuring their malicious emails blend seamlessly. Unlike typical phishing attempts, BEC attacks are more targeted, focusing on a few individuals to maximize gains.

These BEC emails are particularly deceptive because they originate from a genuine source, making them virtually indistinguishable from legitimate emails and bypassing spam filters. The content of these emails often urges recipients to take actions like paying invoices, buying gift cards, or sharing personal information. Sometimes, they even intercept ongoing email conversations to redirect payments. While the immediate goal is financial gain, some attackers seek valuable data or deeper access to the company’s network for future exploits.

Preventing Business Email Compromise

To effectively reduce the risks of BEC attacks, it is crucial to implement strong cybersecurity measures that prevent attackers from accessing your users’ email accounts. By following these foundational practices, you can ensure the safety of your network against BEC attacks and other malicious schemes.

  • Strong Password Policies: Require employees to create complex passwords that combine letters, numbers, and special characters and regularly updating these passwords can also deter unauthorized access. No one likes inventing strong new passwords, but this simple step is one of the strongest defenses against business email compromise.

  • Implement Multi-Factor Authentication (MFA): MFA requires users to provide two or more verification methods. It’s an effective barrier against unauthorized access, even if a malicious actor has the password.

  • Review and Manage Email Rules: Have your users (or IT staff, with management’s permission) review the automatic rules configured within your users’ email accounts. BEC attackers exploit these rules to conceal their actions, such as auto-moving bank-related emails to the trash or forwarding emails with “invoice” in the subject to external addresses for scrutiny.

  • Email Monitoring and Filtering: Utilize advanced email filtering solutions to detect and quarantine suspicious emails, and regularly monitor both outgoing and incoming email traffic to identify unusual patterns or activities indicative of potential compromises.

  • Regular Training and Awareness Programs: Educate employees about the dangers of BEC and other phishing attacks. Regular training sessions can help them recognize and report suspicious emails. Your employees are a critical defense against BEC but also a critical vulnerability if they’re not invested in your cybersecurity policies. 

Identifying Business Email Compromise Attacks

Although it is ideal to prevent BEC attacks from occurring altogether, there are instances where it may not be feasible. Cybercriminals are resourceful and can find ways to bypass your security measures, whether by compromising one of your users’ accounts or by targeting an external party that is not directly under your cybersecurity policies. In such cases, these attackers can exploit the compromised account to launch BEC attacks against your organization.

BEC attack emails are meticulously crafted since attackers, having already infiltrated an email account, aim to remain undetected until they achieve their goals. It’s crucial for employees to remain alert to these subtle threats and promptly alert the IT or cybersecurity team upon spotting any anomalies. Adopting the following measures will empower your team to counteract BEC tactics effectively.

  • Keen Attention to Detail: Encourage employees to scrutinize emails for subtle inconsistencies. BEC emails might have unusual phrasing or sentence structures that deviate from the sender’s typical tone.

  • Verification Protocols: Implement policies that require multiple approvals for significant actions. For instance, all wire transfers should be verified by at least two individuals (the requester and another party) to prevent potential BEC exploits.

  • Validation Procedures:  Even if higher-ups, like the CEO, have the authority to make financial decisions unilaterally, always validate such requests. If an email asks for a financial transaction, cross-check by calling the requester using a previously known number, not one provided in the suspicious email.

  • Adherence to Policies: BEC attackers might use urgency or discretion as tactics to bypass standard procedures. Train employees to be cautious of such requests – even if the sender is familiar- emphasizing the importance of always following established protocols.

  • Trust Your Instincts: If you suspect a case of business email compromise, take precautions and immediately notify your IT or cybersecurity team so they can take appropriate action.

Take the Next Steps 

As cybercriminals continue to adapt and refine their strategies, businesses must remain vigilant and informed about the latest cyber attacks. Staying updated on these threats and learning effective defense strategies is essential to safeguard your organization. In our extensive collection of cybersecurity resources, you’ll find invaluable tools like our guide five crucial tips for identifying business email compromises.

If you have any questions or concerns about your current cybersecurity strategy, connect with one of our experts to discover how we can assist you.

Need more support with your business’ Apple infrastructure? We can help! Explore our Enterprise IT Solutions for Apple and get back to working securely and confidently.

How To Protect Your Company From Business Email Compromise Read More »

Innovative Features in Microsoft Teams for Remote Work

Innovative Features in Microsoft Teams for Remote Work

Innovative Features in Microsoft Teams for Remote Work

DesignDATA
Innovative Features in Microsoft Teams for Remote Work

Four-minute read

The shift to remote work has transformed the traditional office landscape, challenging organizations worldwide to foster connection and engagement in a virtual setting. Microsoft Teams has risen to prominence as a vital tool for managing remote teams and facilitating collaboration, evolving with features designed to mirror the in-office experience.

Let’s explore five innovative tools in Microsoft Teams that enhance communication, spark creativity, and promote collaboration:

1. Announcements for everyone to see

Within a physical office space, it’s easy to make announcements to your whole team. A great new feature in Microsoft Teams that replicates this is the ability to create an announcement. This will appear as a banner at the top of a post and is a helpful way to instantly draw attention to important information about an upcoming project, meeting, or social matter.

Plus, they’re customizable: you can add a title and image to the announcement, and it can be marked as important by adding a red exclamation point. Announcements are available in channels, and it’s also possible to post one across multiple channels. You can even email them directly via Outlook.

2. Whiteboard or mural for interactive brainstorming

Whiteboard is a great feature that replicates the boardroom environment by allowing participants in a virtual meeting to sketch, write, and brainstorm new ideas onto a shared digital canvas.

Mural is just as awesome. This Teams app provides a digital workspace for real-time visual collaboration. The app allows participants to create diagrams, add digital sticky notes and more while simultaneously collaborating.

3. Virtual meeting room with Together Mode

Together Mode is an innovative new app in Teams that also replicates the boardroom. Using AI segmentation technology, meeting participants are digitally placed in a shared background to make it feel like they are all in the same room.

Not everyone in the team has to use the feature, but for it to work most effectively, every participant needs to have their camera on during the meeting. Everyone will be visible simultaneously, and their position does not change throughout the online session. This makes it easier to read body language, reactions, and create a more cohesive and engaging virtual meeting space.

4. Customized channels for collaboration

Much like having different teams hosting meetings and collaborating directly within an office, channels are a handy way to deal with project management. It’s a space where everyone who has access to the channel can collaborate, hold meetings, and have conversations. Team members within a channel can use the ‘follow’ option to receive updates about all channel activities.

5. Live reactions for communications

The lack of visual cues and personal interactions often leaves virtual-meeting participants frustrated. Plus, it can be challenging to express yourself in a virtual environment.

Thankfully, Teams has released some fun new tools for users to communicate and respond during a meeting without interrupting the flow. There are four reactions available: like, love, applause, and laugh. Participants can also click on an icon to raise their hand in a meeting – a great option to avoid those awkward moments when a few people try to speak simultaneously. These reactions are accessed by hovering over the ‘show reaction’ in meeting controls at the screen’s top right area.

Welcoming Teams software into your work environment

Microsoft Teams has greatly helped facilitate our move to remote work, promoting productivity among our teams and softening the blow of losing our office space. We’ve recently launched Microsoft 365 Business Voice and have found that this telephony software has also helped replicate the physical workspace in such a meaningful way. Let designDATA help you achieve the same results by setting up your business phone system for calling, chatting, and virtual meetings all in one app.

Innovative Features in Microsoft Teams for Remote Work Read More »

Talk With Our Productivity Expert