PTG specializes in the delivery of IT services with a focus on business continuity, virtualization, and storage solutions to support your line-of-business and communication applications. Our implementation services are centered around IT and business best practices, gleaned from years of working in the industry and from well-established vendor partnerships.
It’s not hard to find people glued to a screen in public – whether it’s working in an airport terminal before a flight or checking your email in line at the grocery store. We’re addicted to the convenience of using our devices in public (guilty as charged over here). But that convenience can come at a cost if you’re not careful. Here are a few common threats and how to keep your information safe:
Rogue Access Points
It’s easy to find public Wi-Fi hotspots or a random unsecured hot spot allowing you to connect without authenticating. But these hotspots could easily could be rouge access point (an unauthorized wireless access point set up by a hacker, allowing them to access your information). If the attacker is advanced enough, they can force connect your device if it’s set up to automatically connect to wireless networks.
Let’s take rouge access points out of the picture for a moment. Just the simple use of public Wi-Fi can be dangerous. Publically accessible networks usually aren’t monitored or secured, meaning the guy sitting beside you could be sniffing your internet traffic with a simple tool running in the background (or storing it to look at later). Be careful of the websites you access as they may be spoofed and redirecting your login attempts to those sniffing tools. Every attempt you make with the wrong or right username/password combination may just send you back to a made-up/false error page.
Another common threat is called “Shoulder Surfing,” where the attacker watches over the shoulder of an oblivious user to see what keys they’re pressing. It’s easy to use a cell phone camera to snap photos of a credit card, or take videos of you logging into social media or bank account. Watch out for this in busy public places where you might not normally pay attention to your surroundings while you’re working – think busy airport terminals or coffee shops.
How to Stay Safe
Some of the most common sense practices will make the biggest impact when it comes to staying safe. They may seem like an inconvenience now, but not nearly as inconvenient as dealing with a breach.
Enable encryption on your devices so it scrambles your data. This makes any data captured almost worthless to your attacker. Ensure that every webpage that you log into uses https:// instead of just http://. Even though adding that extra “s” on the end uses SSL encryption, it still does not guarantee safety over public hotspots.
You can also get encryption set up on your email, which protect your emails from being read by anyone other than your intended recipient. This is especially important if your job involves sensitive customer or patient data.
Two Factor Authentication
Several websites, like Paypal, Facebook, and Office 365, provide you with the option of two-factor authentication. Two-factor authentication combines something you know (your password) with something you have (your phone or a passkey dongle). If you don’t have both, you can’t log in. We use two factor authentication to secure our desktops, servers, and key applications. It can be annoying if you aren’t used to it, but it’s an essential step to keep our customer data safe.
Make Security a Habit
Try to make these simple steps a habit. Making security a part of your daily routine, along with being aware of your surroundings, will greatly reduce your chances of falling victim to an attack. If you’re interested in more information about ways to keep your company’s data safe (like setting up email encryption), please contact us.
May 21st, 2015 | Category: Security |
Comments are closed
If you are like me, reports are boring. Like it or not, I don’t have a long enough attention span to dig into the details of text based reports. I want a quick snapshot of how we are performing so I can quickly zero in on trends or problem areas.
The key metrics important to our business are:
Customer Satisfaction Survey Results: No surprise here if you have read anything I’ve ever written or spent more than about 5 minutes with me.
Effective Rate by Employee: Since most of our work is fixed fee or under contract, it’s important for us to keep a close eye on our effective rate by team member.
Utilization Rate by Employee: As a services business, our time is our product. Utilization is a measure that we use to determine how much of a team member’s time is spent helping customers vs. administrative time. We shoot for an 80% utilization rate internally.
I used to gather this data in three separate reports that were cobbled together on a fairly complex spreadsheet. It wasn’t real time and, frankly, it was a pain to put together.
About 6 months ago, we moved all of our reporting to a new(ish) product from Microsoft called PowerBI. PowerBI is part of Microsoft’s Office 365 suite. Recently, Microsoft changed the pricing model to make this solution available to most SMBs.
With PowerBI our data sources are connected to the Cloud. You can connect Excel spreadsheets, SQL databases, Google Analytics, GitHub, Microsoft Dynamics CRM, and others. All of our data is kept in a SQL server database – so connecting it up was easy. Each night, at midnight, our data syncs up with the PowerBI servers, making the data available to me across any device. There are mobile apps for Phone, iPad, Android, and Windows Phone, meaning I can checking reports even when I’m not at my computer.
Here are a few screenshots (from a PC):
All up Dashboard:
Drill Thru on Customer Satisfaction, with red/yellow/green lights:
Switching our reporting to PowerBI has saved significant time and energy and made it much easier to pinpoint problem areas. If you are interested in more information on how we can help you bring your data to life, feel free to reach out to me.
“According to a McKinsey report, employees spend 1.8 hours every day—9.3 hours per week, on average—searching and gathering information. Put another way, businesses hire 5 employees but only 4 show up to work; the fifth is off searching for answers, but not contributing any value.” Source: Time Searching for Information.
How much time do you spend in your week searching for the information you need to do your job effectively? Without a good organization file organization, employees can spend a scary amount of time simply looking information, rather than putting that information to good use.
At PTG, we use Sharepoint to organize our company files. There are multiple ways to organize your files on Sharepoint – our favorite is Enterprise Key Terms.
Every time you upload or create a document you have the opportunity to ‘tag’ it as a specific (or multiple) classifications. These key terms are customizable — so you can use the terms your business already uses. Some of the classifications we’ve set up for clients include: keywords (general information, product description, how-to), departments (Marketing, IT, Admin), and project based (Project 1, Company A, Phase 3).
At PTG, we organize our files by department — every document we upload to SharePoint is classified as Sales, Services, or Marketing. We have sub classifications to organize files within these departments. A few examples:
If a file is tagged as Services, we can also choose whether it belongs to the Blue Team, the Green Team, or the Projects Team.
Our Marketing is classified both by year and by quarter (Q1, Q2, Q3, or Q4).
Our Sales documents are classified by what type of document it is (Proposal, Scope of Work, or Signed Agreement).
Classifying our files like this makes it much, much easier to find them later. Using enterprise key terms on Sharepoint has saved us countless hours of employee time. It doesn’t matter who uploaded a file – anyone in our company can go find it later. That means if our office manager has a question about a service agreement, she can go directly to Sharepoint to find out without having to go through the sales team. A team member covering for someone one else while they’re out office can find the files they need without having to interrupt a vacation. And most importantly – our employees are spending more time being productive and less time searching for a file.
Moving your business to the cloud has many benefits (like the ability to access your files anywhere and simplified business continuity in the case of a disaster) – but moving your business to the cloud can have severe consequences if you’re dealing with sensitive data and move to the wrong platform or don’t take employee training seriously.
The passage of the HITECH act in 2009 brought about very important changes relative to breaches of healthcare patient data, including:
Fines for losing unsecured electronic patient healthcare information
Notion of shared risk for companies that provide services (aka Business Associates) to a HIPAA covered entity
Use of data at rest encryption as a form of safe harbor from the breach notification requirements
The good news is that Office 365 is one of the few, if not only, cloud providers that will sign a Business Associate Agreement (BAA). A BAA is an agreement that a Business Associate (BA – any organization that provides services to a HIPAA covered entity that traffic in patient information) signs to share risk of a breach of patient information relative to the BA’s services. Microsoft will sign a BAA. Google, Dropbox and many others will not.
Office 365 certifications
Microsoft Office 365 complies with industry standard regulations, and is designed to help you meet regulatory requirements for your business. Currently, it holds the following industry certifications:
SAS 70 / SSAE16 Assessments
ISO 27001 certified
EU Model Clauses
EU Safe Harbor
HIPAA-Business Associate Agreement
FISMA Authority to Operate
Microsoft Data Processing Agreement
PCI DSS Level One
Office 365 is not, however, configured by default to meet regulatory compliance. To be clear, Using O365 does not, on its own, achieve HIPAA’s and other’s requirements. Meeting those requirements takes proper configuration and client training. It’s important for organizations to realize that they, not Microsoft, are responsible for how the enterprise users consume Office 365.
Compliance and information safety
The good news is that out-of-the-box Office 365 is delivered with the options to configure to meet your compliance requirements. Exchange Online Protection (EOP) and Data Loss Prevention (DLP), Auditing, Mobile Device Management (MDM), amongst others, are included in already purchased plans and will help you be compliant (Includes K1, E1, E3, E4, Bus. Essentials, and Bus. Premium).
Securing Office 365 so that you can safely store sensitive information on the platform translates to encrypting the data, applying access controls, and auditing access to the data. With these three technical security controls in place, you’ll be in good shape to prove to auditors that you’re protecting your data as required by your compliance security requirements.
Security and compliance shouldn’t be a checkbox or an afterthought. They should be built right into the services and solutions your organization uses every day. Security and compliance are fundamental to Office 365, but making sure that those controls are configured properly to meet your organization’s specific security and compliance needs are crucial.
Last week, TIME named Office Lens one of the Top 5 iPhones Apps for the week– and for good reason. The free app, one of the most popular Windows Phones apps and newly available on iPhone and Android, makes scanning documents, photos and even whiteboards, easy.
From the App Store description:
Office Lens trims, enhances and makes pictures of whiteboards and documents readable. Office Lens can convert images to editable Word and PowerPoint files too.
Office Lens is like having a scanner in your pocket. Like magic, it will digitalize notes on whiteboards or blackboards. Always find important documents or business cards. Sketch your ideas and snap a picture for later. Don’t lose receipts or stray sticky notes again!
We’ve been using it around the PTG office and have become big fans. Here’s a few reasons why:
1. It works and works well.
Using Office Lens is pretty straight forward without a lot of bells and whistles – and that’s a good thing. If you can take a picture on your phone, you already know how to scan something in Lens.
Here’s how to use Office Lens:
Select what you want to scan (photo, document or whiteboard): To select, you slide between the options on the camera screen.
Scan: Scanning works basically the same way as taking a picture with your phone. Best part? You don’t have to take the image straight on. Lens will find the edges and clean up the image for you.
Crop the image (if you need to): This is the only editing option you have in the app (and really, the only one you need). If you need to crop anything out of the image, you can do that before saving. Lens is good at finding the edges of what you scan, so you probably won’t need to unless you only want to save part of what you’re scanning.
Save or share your scan: Your scan can be saved in multiple places and in multiple formats (more on that below).
That’s it – incredibly simple to use and the scans turn out great. Check the end of the post for some examples.
You can export to OneNote, OneDrive, Word, Powerpoint, PDF, Mail or your photo library.
2. You can share with multiple programs, like OneDrive and OneNote.
Another reason we’re using Lens is the ability share or save our scans with programs we’re already using like OneNote, OneDrive, Microsoft Word, Microsoft Powerpoint and email.
This is a huge help for saving meeting notes. I keep all my notes in OneNote so I can access them across devices. In meetings, though, I like to write with pen and paper or on a white board. With Lens, I can scan those notes then access them anywhere and export them directly to OneNote. If I need to share my notes, I can immediately share with my team with a public OneDrive or by emailing them.
The ability to export to OneDrive is a big selling point for us, too. Our team uses OneDrive in place of saving documents to our computer, so being able to export scans directly to where we’re already storing everything without having to go through a multistep process is huge.
3. It reduces the need for a physical scanner.
No, Office Lens isn’t going to be replacing your scanner if a large part of your job is scanning multipage documents. But for a lot of people, Office Lens can reduce the need for a physical scanner.
At PTG, our main scanner is connected to our office manager’s computer since most of our employees don’t need to use one on a regular basis. That meant that when an employee did need to scan a document, both of their work days were interrupted. We’re now using Office Lens. Sure, was a small pain point, but we’re fans of anything that make our work day more productive.
Here are some examples so you can see what your scans will look like. The image on the right is the angle we scanned from and the image on the left was the final results. Click the image to expand to full size.
For many, business email is a pain point. We all get too much email and finding what you really need can be a hassle. Microsoft Outlook has several features built in that can make it easier on you: Quick Steps, Categories, and Search Folder. Using these features individually or combining them can free up a few minutes of your day and make email just a little less painful.
Categories are a great way to sort your emails within Outlook, allowing you to tag an email with one or more keywords.
To apply a category to an email, right click on the email and look for the ‘Categorize’ option. Click on a category to apply it to that message. You can rename your categories by choosing the ‘All Categories’ button.
Categories can be used alongside folders. One way to use these together is to great separate folders for specific clients, then use categories within the folders to organize the types of emails. You could use blue for contracts, yellow for invoices, etc.
Quick Steps are very similar to Outlook Rules. It’s the same functionality (applying an action to an email), but Quick Steps allow you to choose when to apply an action, rather than applying the action automatically.
To use Quick Steps, Select the message you want the Quick Step to apply to and click which Quick Step you want applied. Quick Steps are located in the top pane of Outlook.
To create or modify Quick Steps, click on the drop down in the bottom right corner of the Quick Steps box and choose ‘Manage Quick Steps.’ From here, you can view existing Quick Steps and create new ones. You can choose from default options like flagging for follow up, forward to a particular person, categorizing the message or create your own custom Quick Steps.
Search folders are a quick way to find the information you’re search for regularly by letting you save searches. Say you’re searching for emails from a particular person: Instead of typing in the user’s name at the top of your inbox, you could create a search folder with that same criteria.
To create a new search folder, right click on ‘Search Folders’ in the left pane. Then all you have to do to perform that search is to click on the search folder.
I have sounds turned off for my Outlook desktop client because I don’t like the interruption for my train of thought. Recently, I was working in the web version and couldn’t figure out where to turn the sounds for new mail off in Outlook Web App. I looked in options for OWA – but it wasn’t there.
After a little more tinkering – it’s actually in Office 365 Settings.
From here – go to notifications to set your notifications for mail and calendar reminders.
I have mine set to show the notification – but not to play the sound. Finally some peace and quiet!