PTG specializes in the delivery of IT services with a focus on business continuity, virtualization, and storage solutions to support your line-of-business and communication applications. Our implementation services are centered around IT and business best practices, gleaned from years of working in the industry and from well-established vendor partnerships.

4 Things to Look for in a CRM System

4 Things to Look for in a CRM SystemUsing a Customer Relationship Management (CRM) system can vastly improve the productivity of your sales team. There are a lot of very different CRM options on the market and figuring out which system is right for you can be daunting. When looking for a CRM, there are a few factors you must consider before committing to a system.

Will it support your sales process?

Look for a CRM system that supports the way you and your team want to work. You shouldn’t have to adapt your entire process to fit the system – the system should fit you. This doesn’t mean you aren’t going to make changes to your process (no doubt, that’s part of the reason you’re looking for a CRM in the first place), but those changes should be dictated by your needs, not by the CRM.

Involve your team in the process and make sure it fits your team across the board. Not every salesperson works the same, and not everyone on your team is going to want the same features. This is where features like customizable dashboards are especially helpful!

Does it connect to your other applications?

Look for a CRM that can easily connect to the applications you already use. The more your team has to switch between applications to record data, the less likely people are to do it.

For example, if you’re using Outlook for email, find a CRM that will integrate with Outlook and track emails, appointments, contacts, and tasks so your sales team doesn’t have to switch between the two applications.

Consider the departments your sales team works with the most – will your CRM integrate with their systems? How easy or difficult will it be for the sales team to get other departments information they need (and vice versa)? Will your marketing team be able to easily alert your sales team to new leads? Can financial information about deals be passed to QuickBooks (or whatever accounting software you’re using) automatically?

Integrating your CRM with other systems ensures information is consistent across the board without an employee having to spend time entering it into multiple systems.

Can it grow with you?

Look for a CRM that can grow and adapt with you as your sales team grows. There are some nice, cheap (even free) options for small CRM systems on the market that can seem perfect when you’re just starting out – but may not be able to grow with you as you add more contacts and employees. There are a few specific areas where you’ll need to watch for this:

Price: How are you billed? Are you charged by the seat (user)? By the number of contacts? By features? Or some combination? Will you still be able to afford it if you need to move up to the next pricing level? And the next one? Some CRM systems make their money by getting you in the door at a low price, then getting more and more expensive as you grow. If you’re already dependent on the CRM system at this point, this could put you in the position of having to choose between the features you need and the features you can afford.

Features and customization: Not everyone needs a ton of bells and whistles in their CRM system, especially when your team is small. It may seem like a waste of money to invest in a system that has more than what you need right now. But consider a few years down the road – how big will your team be then? What will your sales process be like? Consider what features you need now AND what features you may need down the line.

For example, Microsoft Dynamics CRM Online has some really nice upsell and cross-selling features. When you’re just getting your feet wet with a CRM and have a small sales team with a fairly simple process, these may seem unnecessary. But as your team grows and become more sophisticated, cross-selling and upselling may become a vital part of your sales process.

Another factor to consider is whether or not features can be customized to fit your needs. The out of the box options may work fine for you up front, but as you grow, you may find you need more – or different options.

Is it easily accessible from any location?

A CRM system should be easily accessible to everyone who needs to use it – no matter where they’re working. This is especially important if you have a mobile workforce or a sales team that often goes to client offices for sales meetings.

If your team can’t easily access the CRM system and has to wait until they’re at the office to enter data, it’s much less likely that the data is going to actually end up in the CRM every time. Look for a CRM that can be accessed from anywhere, to make it as easy as possible for your sales team to enter information as soon as they get it.

To do this, your best bet is generally going to be a cloud-based CRM that can be accessed from anywhere with an internet connection. An on-premise server with a VPN can work, too, although, accessing a CRM with a VPN can be a slow process.

Even better, look for a cloud-based CRM with an offline mode and offline synchronization so you can still work, even when you’re offline.

Finding and implementing a CRM isn’t always a quick process. But taking the time to find the right system for your company will save a lot of headaches down the road.

One way to see if a system works for you? A free trial. Follow the link below to try out Microsoft Dynamics CRM Online for 30 Days.



Register for a 30-day free trial of Dynamics CRM Online



Why We Don’t Open Unsolicited Resumes

woman typing on laptopUsing job boards in your hiring process can seem incredibly impersonal (and if you’re the one looking for a job, it can seem like throwing your resume into a black hole), which isn’t something you typically want when looking for a new person to your join your team.

But we have a very real and very important reason for using one: security. Malicious emails designed to look like resumes are a very common way to send ransomware and other forms of malware.

Ransomware, a form of malware that holds your files hostage for a ransom fee, can be potentially devastating to businesses, especially if you don’t have good backups (for a deeper dive into what it is and what to watch out for, read this blog).

While we back up our files regularly, and haven taken measures to limit the possibility of ransomware entering our system, we don’t take chances when it comes to protecting our data and our customer data.

What We Do Instead

Use a Job Board: Instead of asking applicants to email their resumes (and opening resumes sent to us via email), we use a job board. The particular job board we use displays the resumes submitted in a web browser so we never have to actually download the file. We can get through the entire hiring process without having to take any risk of opening a file that could be malware.

Block Certain File Types: Outside of the hiring process, there are other steps we’ve taken to help prevent malware emails from even coming in our environment. One step is to block files types commonly associated with malware from coming into our company via email. Some of the file types we’ve blocked include .exe, .scr, .bat, .js, .jse, .vb, .vbe, .wsf, .wsh, .cmd, .pif, and .chm. We update this list as new forms of malware come out. Directions for how to do this in Office 365 are in this blog post.

Use Advanced Threat Analytics: We’re Office 365 users and have turned on Advanced Threat Analytics (which we’ve written more about here). Basically, it uses machine learning to detect threats (specifically in attachments and links in emails) before they come into your network. This has prevented multiple malicious emails – including some disguised as resumes – from getting inside our network.

Train Employees: All employees on are trained on data security best practices, including the warning signs for malicious emails. We post about the newest threats on our company-wide social media site (Yammer), so everyone is up to date. This is critical – even the best spam filter isn’t going to keep out 100% of malicious emails. It’s vital for all employees to know what to look for. It only takes one click on a bad link or opening the wrong attachment and your entire company could be compromised.

What to Watch Out For

We understand a job board isn’t right for everyone. If you do still need to get resumes via email, take some precautions and watch out for the warning signs that something could be off. Some of the red flags include:

  • Resumes sent with emails not customized to your company or the position in any way – this could be a sign of a hacker blasting an email to as many people as possible to try to up their chances of someone falling for it.
  • Bad grammar and spelling – Emails containing malware are typically poorly written with a grammar and spelling errors.
  • Large files sizes – Resumes typically shouldn’t be very large files, so a large file size should raise a red flag.
  • Weird file types – If you don’t recognize the file extension (or if it’s a file extension not typically associated with documents or resumes), don’t open it. This doesn’t mean a .doc file doesn’t contain malware, but if it’s a strange file type, it’s more likely you’re in for a nasty surprise.
  • Macros – Do not ever enable macros on an attachment from an unknown sender (and be very, very cautious even when you know the sender). This has gotten to be such a common way of sending malware in an otherwise innocent looking file that Microsoft has turned them off by default.

Of course, emails that don’t raise any of these red flags could still be dangerous. Always be careful when opening attachments from unknown senders.

Not accepting resumes via email may not seem like the friendliest way to recruit new employees, but it’s the safest for us – and security is a top priority. If you’re interested in what our job board looks like, or what positions we currently have open, check it out here.

Our friends at Propel HR have written more about best practices while hiring on their blog.




Sign up to get advice for how to save time and get more done.



How to Set Up Text Alerts for Calendar Changes

Mobile PhoneOne of our favorite productivity tips is to simply turn off your email. While vital to most businesses, email (especially email notifications) can be a huge source of distraction for many employees and logging out for a while can make it easier to get other work done.

But turning off your email for an extended period of time may mean the potential to miss a notification when a meeting gets changed or cancelled. Thankfully, there is an obscure feature in Outlook in Office 365 that lets you set up SMS/text notifications when meetings are changed.

Here’s how to do it:

Set up your text options in the Outlook Web App.

Go to Mail Options in the Outlook Web App (When logged into portal.office.com, click the gear in the upper right-hand corner and then choose ‘Mail’ under My app settings). Under General, choose Text Messaging. The next screen you get will depend on whether not you’ve set up text messaging alerts before. If you haven’t, it will look like this:

textalertsetup

Choose “Set Up Text Messaging” (or “Edit Text Messaging Settings” if you have a different screen). You’ll choose your wireless carrier, enter in your phone number, and then get a passcode to enter to verify your identity.

Set up your Calendar Notifications.

After you’ve verified your phone number, click “Set Up Calendar Notifications” (or in the Settings sidebar, click “Notifications” under Calendar:

calendaralertssetup

Check these boxes:

Notifications about changes to events that occur within the following number of days

Notifications for event reminders

And Click Save. You’re done!

We’d love to see Microsoft add this workflow to Flow, the newly released automation app. They already have several workflows perfect for people who like only looking at their email at designated times (like send you a text when you get an email from your manager), so this would fit right in.

In the meantime, it doesn’t take long to set this up. So, set up text notifications for meeting changes and turn off your email and you’ll get more done. Really.



Sign up to get advice for how to save time and get more done.



Rethinking Your Conference Room and Huddle Spaces

Conference RoomMost people don’t know that we ‘huddle’ every morning at PTG.  It starts at 8:15 with the services and sales teams and runs for no longer than 15 minutes.  At 8:30 our leadership team huddles and outlines any big issues of the day or things that are top of mind.

By 8:45 our entire company is ‘in sync’ with what needs to happen for us to deliver a phenomenal customer experience that day.  It is my focus to make sure that our team members feel like they are completely engaged.  (For a great read on this, I recommend this blog post from Steelcase.)

These huddles take place no matter where our team members happen to be at these designated times.  While we want them to be in the office, sometimes that is just not possible.  Skype for Business allows them to call in (from any device). If they’re calling in from a tablet or smartphone they can see video and shared content.

The key to making it work? Having the right technology. For us, that’s Skype for Business and conference phone that supports it.

In the past, a highly connected conference room or huddle space was easily a $10,000-$25,000 expense.  With a few smart purchases – it’s easy to make your conference room a great place for employees to collaborate, impress your customers when they come to visit (and maybe even get a little work done!).

Here are a few options:

Jabra Speak 510:  This handy little speakerphone is always with me in my bag.  I can plug it into my PC and do a conference call via Skype or pair it with my cell phone via Bluetooth.  Retail is $149.99 and I recommend it for anyone who travels regularly.  It can also be used in very small conference and huddle rooms.

Logitech Connect Camera:  This is slick ‘canister’ looking speakerphone and webcam is ideal for smaller huddle rooms.  It supports HDMI, Bluetooth, USB, Near-Field Communication and has a 1080p HD camera.  You could plug it into a PC/Mac (what most folks do for smaller conference rooms) and or pair it with your cell phone via Bluetooth.  With just this and a small TV you could have a great conference room/huddle solution for less than $750 in hardware costs!

Polycom Trio RealPresence Phone: This is the workhorse of our conference room.  It is a full-fledged conference phone that connects to Skype for Business and allows you to ‘start’ a meeting with a single touch of a button.  It can also be paired with a cell phone for conference calls that happen on the fly.  It’s a little more expensive with a retail cost of $1250.  Admittedly, that’s a lot for a conference phone; but it works very well in our conference room.

Intel NUC PC:  This small form factor PC fits nicely in a cabinet or on a shelf.  It’s very cheap (around $350, depending on specs) but is more than enough to support web conferencing and desktop sharing and collaboration.

If you are interested in an example of a larger scale video conferencing hardware, check out the Logitech Group offering (expect it to be around $1250).

You can see how building out a nice collaboration space doesn’t have to be expensive. Using these examples you could build out a very nice space for around $1100 (Logitech Connect, $500, Intel NUC, $350, and a 42” TV for $299).  Every space is different!

If you would like for us to help you put together a great collaboration space – please reach out to us!

Where should I put my stuff in Office 365?

Office 365 logoA common question we get from customers is: “Where do I stick my stuff in Office 365 – Where do I store my files and how do I share with others?” With all the options for places to store things and communicate in Office 365, it’s a fair question and, unfortunately, there isn’t a straight forward answer.

Every business will be different.  The important thing to do is to set the parameters for your company, share those with your team, and then stay consistent!

To set the baseline, let’s first define the different places to store and share in Office 365:

Yammer:  Yammer is Microsoft’s social media platform.  Most people describe this as Facebook for your office.

OneDrive for Business:  OneDrive is cloud storage included in Office 365.   Every user gets 1TB of space to store their files (documents, PDFs, photos, music, videos, etc).  This is similar to DropBox and Google Drive.

SharePoint:  SharePoint is a web portal that can store documents and lists (among other things).  The easiest way to think of SharePoint is like your company file share or your company’s network drive.  This barely scratches the surface of what Sharepoint can do, but shared storage and company portals are the most common usage.

Office 365 Groups:  Groups are a mashup of several different technologies: email, file shares, calendars, even shared notebooks.  It’s not exactly the same, but a good comparison is Slack.

Got it? Let’s get into recommendations for where to house files and communications in Office 365. Remember, these are just recommendations and you may find what’s best for your company is a little different.

When to Use Yammer

YammerYammer as a great replacement for distribution groups in Outlook.  It’s a place for company announcements, asking questions (via Polls), and to engage around a certain topic. While you can post files into Yammer, we generally recommend against it. It’s better to post a document in SharePoint and then promote it via Yammer by clicking the Post button.

Examples of Yammer Content:

Content

Type of Post

401k enrollment is next Tuesday!

Announcement

I am meeting with Acme and Company on Tuesday.  If you have any contacts there, please let me know!

Post

There’s birthday cake in the break room!

Post (and who doesn’t love this one?)

Acme and Company called today to say that John did a great job on their assessment!  Way to go John!

Praise

We are thinking of expanding our footprint.  What location do you think would be best? A) Florida, B) Alabama or C) Washington

Poll

When to use OneDrive (for Business)

OneDriveWhen we say OneDrive in this article we are referring to OneDrive for Business – not to be confused with Microsoft’s consumer offering OneDrive.

Every user on a Small Business or Enterprise Office 365 plan gets 1TB of OneDrive for storage. The best way to use OneDrive is for storing all of your personal work files. These might be reports, performance reviews, financial documents, etc.  Occasionally these files may require some input from someone else – but not at massive scale.  It’s with maybe one or two users.

The intent of OneDrive is for it to be the place where you store all of your files, replacing your “My Documents” folder. The beauty of this approach is that your files are available across all your devices (PCs, phones, tablets) and in the Cloud.

OneDrive is built right into Office so you can File->Save As right to OneDrive.  You can also sync your files down from OneDrive to your PC using the Sync Client.  Because Office 365 uses Azure Active Directory, your files are secure.  You can share files using just a link (similar to DropBox’s offering) or share it so that a user ID and password is required.

When to use SharePoint

SharepointThere are two unique use cases for file storage in SharePoint: ‘static’ information and ‘dynamic’ (or collaborative) information.

Static Information

Examples of static information include your Employee Handbook, SOPs, employee benefit information, etc. – the documents that generally don’t change often and need to be accessed by many people in your organization.

We recommend creating a SharePoint site collection for each major department (HR, Legal, Sales, Marketing, R&D, etc.) and placing the appropriate static documents in these site collections.  Put them right on the homepage so that they are really visible to your team.

Dynamic Information

This is where SharePoint can really shine.  For many years, the main selling point of SharePoint was ‘Team Sites’.  While SharePoint has grown into many things over the years, Team Sites continues to be the most heavily used feature by high performing organizations.  Team Sites are made up of Lists and Libraries.

Lists are exactly what they sound like – lists of information.  Examples might include contacts, tasks, calendars or even custom lists you create.

Libraries are where documents are stored.  Much like OneDrive, the documents can be synced to your PC.  They can also be checked in/checked out for control, include versioning, automated change updates, and co-authoring.

Team Sites are the place to store files that require heavy collaboration or version control.  Good examples of Team Sites are RFP sites, Product Launch sites, Contracts, etc. Much like OneDrive, sites and documents can be shared externally, making Team Sites a great place for people from multiple companies to collaborate.

So if you’re planning to have several people work on a set of documents collaboratively, have workflow requirements, or versioning control, SharePoint is the right place for your documents and files.

When to use Office 365 Groups

This is the big one.  Office 365 Groups is a mash-up of almost all of the items above into a single platform.  With Office 365 Groups you get:

  • Group mailbox (think of it like a chat room)
  • Shared OneNote Notebook
  • Office 365 Planning space (in Planner)
  • Shared document storage location (it’s technically a SharePoint document library – but without any of the bells/whistles)
  • Shared calendar

The intended use for Office 365 Groups is to be a hub for complex projects that may require file storage, calendars, and team notebooks (something a Team Site gives you as well).

There are a few different ways you could create and manage groups. The two most common ways are by department and by project. How you organize Groups will really come down to how your employees need to communicate (be aware, there are limitations to the number of groups and group members – there is no external sharing at the moment).

But honestly, unless your company is already set up to communicate using a platform like this, it may not work very well for you. Office 365 Groups offer so much functionality, but it doesn’t seem to integrate well with the way most teams work. We work with a lot of customers on Office 365 and, so far, we haven’t found one where Groups worked well or significantly improved their communication or productivity. The biggest hold back right now is that Groups cannot be shared externally. If this changes, it could significantly increase the value of Groups.

We’re keeping an eye on it, though, and hoping that changes.

The short version

To break it all down into a single chart – here’s our recommendation:

Use Case

Location

Mass Communication Yammer
Idea sharing and feedback Yammer
Personal file storage OneDrive for Business
Group file storage and collaboration SharePoint Team Sites
Complex projects requiring calendaring, message threads, file collaboration, and notebooks Office 365 Groups





Sign up to get advice for how to save time and get more done.




Why you should use Clutter in Office 365

Messy DeskOne of our favorite features in Office 365 is Clutter. It’s an awesome tool for cutting down on the amount of email (and distracting email notifications) you get in your inbox every day.

Unfortunately, a lot of people, especially new Office 365 users, don’t know what Clutter is or how helpful it can be.

What is Clutter in Office 365?

Clutter is a feature in Outlook in Office 365 that moves non-urgent and low priority emails to a separate folder (called “Clutter”). It uses machine learning to figure out what emails you read regularly and what emails you tend to delete or pass over and makes decisions about what to move based on that. It uses this information to make decisions about what to move.



Want more ways to cut down on distractions and focus on what matters?  Sign up for our Productivity Kickstarter Course.





How does Clutter filter emails?

Clutter looks at a few different parts of the message to determine if the message should be sent to the Clutter folder: the sender, if you’re the only recipient (or if you’re part of a larger group), its importance and whether it’s part of an email chain you’ve replied to already.

There are few people it will never filter emails from including you, anyone you report to, and anyone who reports to you.

It will continue learning, so if your email habits change, it will adapt and change with you.

How to “train” Clutter

From our experience, Clutter is pretty good at learning what you are and aren’t reading. But it may not always be perfect. If you want to help it learn a little faster, you can.

Just manually move emails you want to go to Clutter from your Inbox to the Clutter folder (either drag and drop it or right click and select “Move to Clutter”). Soon, it will learn to move these emails on its own.

You can also do the reverse – move email from Clutter to your Inbox if you want to train it to send those emails to your Inbox. The only time we’ve really had to do this was for email notifications that needed to come to our Inbox but didn’t actually need to be read.

We recommend checking your Clutter folder every so often to see if any emails that may have gone there without you wanting them to.

How is it different than spam/junk mail filtering?

One of the most common questions we get about Clutter in Office 365 is “How is it different than spam or junk mail filtering?”

The short answer is spam/junk mail filtering is the unsolicited email you don’t want to be getting at all (and could potentially be dangerous). Email going to your Clutter is the email you still want to be getting but are lower priority.

If you have an email in your Clutter folder (or Inbox!) that you’d rather not get at all, see if you can unsubscribe from it (if it’s an automated marketing email, by law it should have an unsubscribe link somewhere around the bottom).

How do I turn Clutter on/off?

Clutter is turned on by default in Office 365. If you’d rather get all your emails in your inbox, you can turn Clutter off.

To do this, in Outlook, right-click on the Clutter folder and select “Manager Clutter.” A new window will open. In this window, uncheck the box that says “Separate items identified as clutter” (you may have two options to select from instead of a check box – if so, select “Don’t separate items identified as clutter”). Hit save.

If you have Clutter turned off, and want to turn it back on, just go through the same process and make sure the “Separate items identified as clutter” option is checked or selected and save.

You can also get to the options screen in your Office 365 dashboard page by going to Mail > Settings > Options > Mail > Automatic Processing > Clutter.

We’re big fans of Clutter. Email can be a huge time suck, so it’s nice to have a feature that helps you sort through it and focus on what needs your attention right now.

Why Running Outdated Technology Is Bad for Business

Old Computer EquipmentIf it ain’t broke, don’t fix it. In most cases, we agree – but not when it comes to running your business on operating systems and servers that have reached end of service. Even if it doesn’t seem to be giving you issues right now, it’s a bad idea – and flat out dangerous. Even running older software can sometimes be dangerous. Windows users are being advised to remove Quicktime from their computer because of dangerous vulnerabilities that won’t be patched.

Unfortunately, outdated systems still have a pretty large foothold. Two years after reaching the end of service, Windows XP is still installed on more than 180 MILLION computers. Many companies are still running on Windows Server 2003 (which reached end of service in 2015) or SQL Server 2005 (which reached end of service April 12, 2016).

Generally, this is because the server isn’t actively screwing up or causing any issues and it can be pretty expensive to replace a server. But the potential is there for it cost you a whole lot more to NOT replace it.

So, what does End of Service mean?

End of service (also called end of life or end of support) for both operating systems and servers means the system is no longer being supported by the manufacturer. This mean no support from a customer service standpoint when something goes wrong (your local IT company may still support it though).

It also means you won’t get any new updates. On the surface, this doesn’t sound bad. Not getting access to new features may not be a big deal – but not getting any new security updates is.

If you’re in a business that must meet regulations like HIPAA, running on outdated equipment also means you’re probably out of compliance, which means hefty fines and a loss of customer and patient trust.

Why is it dangerous?

Servers and operating systems that have reach end of life aren’t getting new security patches, which is where the danger comes in. Your system is completely open to any vulnerabilities found after the system reached end of service and you won’t have a way to close the holes.

On top of that, with every new round of patches that comes out for newer operating systems/server, hackers are basically given a list of vulnerabilities they can use against anyone using an out of date OS or server.

If you think your business is too small to be a target for hackers, you’re wrong. Hackers know small businesses don’t have nearly as much money to spend on data security as the big guys and use that to their advantage.

What should you do?

Keep your machines (whether it’s servers, PCs, phones, etc) up to date. No, we don’t mean go out and updated to the latest operating system as soon as it comes out. But be aware of what machines you do have and be prepared to update them before end of service. If you have machines that have already reached e

If you have machines that have already reached end of service, migrate to new machines ASAP. Be aware of what’s installed on your company’s computers, too (and if any Windows computers are running Quicktime, remove it ASAP!) and uninstall older programs as they stop being supported by the manufacturer.

PCs running outdated Operating Systems

Before updating operating systems, make sure any line of business applications you use will be compatible with whatever you’re upgrading to. You’ll also need to check to make sure the computer you’re updating can support the new operating system. You can check the system requirements for Windows 10 here.

Unfortunately, if you’re running Windows XP (or earlier) and want to move to Windows 10, there isn’t a direct path to do it. You’ll need to upgrade to Windows 7 first, then from there, update to Windows 10.

Outdated Servers

Moving off of an outdated server is a much bigger, and more expensive, animal than just updating an operating system. You have three options: purchase and migrate to a new physical server, move your systems to the cloud or a hybrid solution that moves some systems to a physical server and some to the cloud.

All the options have their advantages and disadvantages, which we won’t get into too much here. The biggest difference, though, will be cost. Physical servers are typically a large one-time cost (until you need to upgrade again) and cloud storage is usually a low monthly fee. Hybrid solutions, unsurprisingly, have a mix of both upfront costs and on-going monthly fees.

Whichever direction you decide to go in, make sure any line of business applications are compatible with what you move to. Otherwise, you’re in for some headaches.

Updating operating systems and servers can be a pain, but it’s nothing compared to the problems that come with getting hacked. If you need help updating your old equipment, please let us know!




Sign up to get advice for how to save time and get more done.




Why We’re Using Advanced Threat Analytics

Advanced Threat AnalyticsIf you spend any time around us (or reading our blog!), you’ll hear us talk about security. Security is so critical to us because it transcends the idea of our job as your IT solution provider.  It actually starts with you – the end user – who is interacting with data on a day to day basis.

One of our favorite new features, designed specifically to help you as the end user, is Advanced Threat Analytics from Microsoft.  This is available as an add-on to existing Office 365 subscriptions or as a stand alone license.

What is Advanced Threat Analytics?

Advanced Threat Analytics (ATA) is a service added to Office 365 to detect suspicious activity and prevent malicious attacks from hitting your network. It combines the typical ‘analysis’ that happens with security products (such as anti-virus) with machine learning – meaning that over time, it actually gets smarter. 

You’ve probably heard a lot about artificial intelligence (AI) in the last few months and while this isn’t technically AI, it does analyze the behavior of a company (or user) over time to determine what is normal vs irregular.  By knowing what is normal versus irregular behavior, ATA can help identify potential security issues earlier in the process.

Why We Love It 

While the machine learning stuff is cool, the reason we’re loving ATA so far is what it does to protect you at one of your most vulnerable points – email.

The most common way malware spreads in organizations today is via email.  Most commonly, this is done via links embedded in emails that look legitimate or via attachments.  This service adds a layer of protection for each:

Safe Links:  Safe Links scans inbound emails to make sure that the links that are shown in the email are actually redirecting users to the places where they need to go.  If the links are unsafe, they are removed from the email before being sent to the recipient.

Safe Attachments:  Safe Attachments actually opens unknown file types in an environment separate from your environment to detect potentially malicious activity.  If the attachment is unsafe, the message is delivered to the recipient without the attachment.  This is especially useful since a very large percentage of malware/ransomware is delivered via malicious attachments (most commonly documents and PDFs).

ATA blocked 8 malicious files from entering our organization in less than two weeks after implementation – pretty good when you consider we already have a pretty restrictive rule in place about what kind of files can enter our organization.

We’ve already started contacting our current customers about implementing ATA – if you’d like to jump the line, please let us know!

Sign Up for Our Newsletter

The Pros and Cons of Office 365 for Business

 

Office 365 logoMoving to the cloud can be a big decision for any business. While moving to a cloud-based system like Office 365 has some major advantages, it’s not going to be the right system for everyone. A quick way to see if it’s right for you is to look at the major pros and cons:

Pros of Office 365

Work Anywhere

One of the biggest advantages of Office 365 is the ability to work from anywhere as long as you have an internet connection. Because it’s entirely cloud-based, you can access your email, files and Office programs (Word, PowerPoint, Excel) from any location and any device. If you have a plan that includes desktop version of Office, they can be installed on up to 5 devices per user.

This is especially helpful for companies with remote employees, multiple locations and companies with employees who travel often.

Collaborate easily

If working in teams is at all a part of your company, you’ll appreciate the collaboration features of Office 365. The biggest advantage of this? You get one version of the truth.

Everyone who needs to contribute to or edit a document (or spreadsheet, or presentation, etc), can work on the same version (and get real-time changes) rather than having multiple version floating around that have to be combined.

You can also share direct access to your files, rather than send files as attachments. This means people can make changes to one file rather than having multiple copies. Versioning is included in case you need to go to back to an older version.

Always Have Access to the Latest Versions of Programs

With Office 365, you’ll also have access to the latest versions of Office at no additional charge. You’ll get the latest and greatest features without having to uninstall and reinstall Office on everyone’s machines. In addition, Microsoft is constantly making upgrades to features across programs – you’ll get access to those, too. Check the Office Blog to get an idea of what kind of upgrades you get with an Office 365 plan.

Mix and Match Plans

There are several different Office 365 business plans available with different programs and features. Not everyone in your company is going to need the exact same thing. You can mix and match plans so you don’t have to pay for more than you need. It’s pretty easy to switch between plans, too, if you find that an employee needs more or less than what they have now. You can check out a breakdown of the different plans here.

Subscription-Based Payment

Office 365 is a subscription-based service, meaning you pay a low monthly fee (per user) rather than a large lump sum up front. This can be helpful from a cash flow perspective. Plans are typically paid month-to-month (though some places will do yearly subscriptions, sometimes for a discount), so you turn off what you’re not using to save money.

Security Features

One of the biggest misconceptions about the Cloud is that it’s not safe. In reality, it isn’t necessarily any more or less safe than an on-premise system. It’s all in how you use it and what security measures you put in place. Office 365 has a lot of built-in security features to keep your company’s data safe. Some of our favorites include:

  • Encrypted email: This keeps anyone other than the intended recipient from reading your email
  • Data Loss Prevention: This is a set of policies that checks and prevents sensitive information (like social security numbers) from leaving your organization via email. We’ve broken it down a little more in this post.
  • Mobile Device Management: These features allow you to control Office on your employees phones to protect company information. If an employee’s phone is lost or stolen, it can be remotely wiped to prevent anyone who shouldn’t have access from getting to company data.
  • Advanced Threat Analytics (ATA): ATA uses analytics and machine learning to detect and alert you to suspicious behavior on your network. Our favorite part of this? It will scan emails as they come into your network for malicious links and attachments and if it detects something fishy, it’ll prevent the malicious attachment from getting in. Your employees will still get the email, but will get a message explaining why the attachment isn’t there. This can go a long way to preventing a data breach due to human error.

These certainly aren’t all the security features available in Office 365 – just a small sample. Please note, these aren’t available on all plans. To have everyone in your organization covered, you’ll need to get them all on plans that include it or purchase it as an add-on.

 

Cons of Office 365

If the internet is down, you may not be able to access work.

Since Office 365 is a cloud-based service, if you don’t have an internet connection, you may not be able to access your files. If your company has an unreliable internet connection (or a very slow one), it’s probably not the best option for you.

There are options to overcome some of this if you have an expected downtime. You won’t be able to access email, but you can sync your files to your desktop and use desktop versions of Office programs (if your plan includes them).

Subscription Based

Yes, we’re putting this under both pros and cons – for this, it really comes down to preference. If you’d rather just spend a large sum every few years for your Office programs and server and not have to worry about it every month, Office 365 isn’t going to be a great option for you. Yearly subscriptions could be a happy medium, though – often you can get a discount for going this route.

Compatibility with Line of Business Applications

The problem with always having access to the latest versions of Office programs is that your line-of-business applications may not always be compatible. If you are on Office 365, though, you are able to use some older versions of Office programs. Always make sure you check compatibility with critical applications before upgrading Office (or Windows, or any other technology it may interact with).

Can be hard to keep up with changing feature set

The features in Office 365 do change fairly frequently. On one hand, you always have access to the latest and great versions. On the other hand, it can be hard to keep up sometimes if you use some of the lesser known programs like Delve and Yammer.

Typically, the changes aren’t huge, so it’s unlikely any update will mean having to relearn the programs. More likely, you just won’t always know what the changes are.

Most people only use 20% of the functionality

This isn’t really a con of Office 365 itself, but worth noting. A majority of users don’t use Office 365 to its full advantage. Most people use only Office 365 for email, file storage and access to Office programs, even though it has so much more to offer.

There certainly isn’t anything wrong with this – but it may mean you’re paying for more than what you need. If you do move to Office 365, it’s a good idea to do a gut check every few months to see what parts are actually being used. You may be able to move some employees down to a cheaper plan to without losing functionality.

Want to try it for yourself? Start a free trial of Office 365 using the link below. Then, check out this blog post covering 7 things you should try during your Office 365 trial.
Register for a 30-Day Trial of Office 365

Protecting Your Company from CEO Impersonation Attacks

Attack email trying to trick someone into sending a wire transfer

Attack email trying to trick someone into sending a wire transfer

Transitioning to a paperless office in the cloud can be a great move for your business, cutting costs and making it easier to access your files from anywhere. But it can present an increased risk of sensitive data leaving your organization via email or online attack.

More and more attackers are targeting businesses and trying to trick employees into wiring money or sending personnel files through CEO impersonation attacks. These are a type of spear phishing attack, meant to look like they are from the CEO (or another high-level employee) sent to a lower level employee (more on phishing on this blog). These attacks are usually highly targeted and rely on the fact that lower level employees don’t always have direct contact with the leadership team and wouldn’t ask too many questions if asked to send information to them.

A common scenario is an email that looks like it’s from a high-level employee to an HR employee asking for personally identifiable information for employees – like a copy of a W2 or for payroll information for employees. Snapchat recently fell victim to this.

These files can then be used to steal the identity of these employees or sold on the black market (so someone else can steal their identity).

What to watch out for

There are a few questions every employee should be asking when they get an email requesting some sort of action (whether it’s to open a file or to send information). Answering these questions can potentially raise a red flag and let you know there is something wrong.

Do you really know who is sending the email? Do you recognize the sender and their email address? Is it the correct email? Is the From: name formatted correctly?

Is the message consistent with what you would expect from the sender? Is the tone consistent with the way they normally speak and write? Does it look like emails from that sender (fonts, colors, signature, etc)

Is the sender asking you to open an attachment or access a website? Hover over the link to see the URL – does the URL match what you’re expecting? Is the domain in the URL or file name of the attachment related to the content of the message?

Please note, even if you don’t immediately see something amiss, this doesn’t guarantee the email is legitimate. It is possible for more advanced (or more dedicated) attackers to spoof a legitimate email address. If someone is targeting your company very specifically, they have a spent the time to learn enough about your company and leadership team to imitate their emails pretty convincingly.

What to Do to Protect Your Files

There are some steps you can take to mitigate the risks of your company falling victim to CEO impersonation attack:

Company Wide

Train all employees on data security best practices and what to look out for: This the biggest key to data security. Everyone in your company regardless of role should be trained in data security – and regularly retrained as threats evolve. Even outside of CEO impersonation attacks, it only takes one employee accidently clicking on a bad link or opening a malicious attachment to put your whole company at risk.

Limit who has access to personnel files: The more people who have access to sensitive data, the bigger the risk. Store files in a location where you can restrict access based on the employee. If you’re using Office 365, Sharepoint has some nice functionality for this.

Implement Data Loss Protection: Some email services (like Office 365) have the capability to implement data loss protection. These are basically a set of customizable rules that check emails before they’re sent to make sure sensitive data isn’t being emailed out. We’ve written more about it in this blog.

Implement a good spam filter: A a good spam filter will stop the more obvious phishing emails. This isn’t 100%, though – just as legitimate messages can be caught by a filter, well-crafted, malicious messages will pass through a spam filter. Employees need to be trained that an email making it through a spam filter doesn’t automatically mean it’s legitimate.

As an Individual

  • Never give out passwords or other sensitive data over email.
  • Do not click on links in email, especially from unknown sources. Pull up your browser and go to the website there rather than clicking. For example, a user who receives a message from LinkedIn should open a new web browser window, navigate to LinkedIn, and log in, rather than clicking on the email link. If the email is legitimate, the notification will be in the LinkedIn notification system.
  • Trust your gut and double check everything – if something looks funny or just doesn’t feel right, don’t open it and don’t respond to it. It’s better to take the extra few minutes to double check with the sender to make sure it’s real.
  • Follow basic data security best practices in and outside of the office. Here’s a short guide to get you started.

Don’t let CEO impersonation attacks dissuade you from considering the cloud or a paperless office from your business – and don’t think you are safe just because your information is stored on a server at your office or in paper form. Any company can be a target. With the right security measures in place and a well-trained staff will go a long way to keeping you safe.

Our friends at Propel HR have written more about transitioning to paperless offices. Read their blog here.

Sign up to get advice for how to save time and get more done.