Categories
Technology Training

Project Manage With Microsoft Planner

Do you manage groups of people but have a hard time keeping track of everything? Well, Microsoft has the tool for you! Microsoft Planner is a great application that is part of the Office 365 offering. It is a work in progress from Microsoft but none the less, Planner is a vast improvement from a simple to do list that you may use in Outlook. If you are managing internal projects across several employees with a lot of moving pieces but don’t have a need for a fully fledged project management software, then Planner will be great for you!

Make the most of your Office 365 investment by trying Planner to see if it is a good fit for your organization. You can create projects, assign tasks and checklists under that project to members of your team. Planner lets you attach and share files that are relevant to the project and you can get a birds-eye view of the progress across all of your employees from the Planner dashboard. Microsoft Planner can be accessed on a web page, local desktop application or mobile app and the best part is that it stays synced across all of your devices to keep you on track while you’re on the move.

In this video, we will show you where you can find Microsoft Planner in the Office 365 portal. From there, we will show you how to set up your account, create projects and assign tasks to the team members in your organization. Keep your team on track and get your project completed on time with Microsoft Planner.

Categories
Technology

Phishing Attacks In The Real World

 

When was the last time you almost lost $23,000 to a phishing email? This nearly happened to one of our clients this week. Fortunately, this phishing attempt was spotted before the funds were transferred, however, there are a few good lessons to take away from this story and we want to educate you so you can protect your company from these sorts of attacks.

“Bob’s Company” received an email at Accounting@Bobscompany.com. The email was from Bob@Bobsscompany.com.

The email wrote:

“Good Morning,

Please pay the attached invoice in the amount of $23,000.

Thank you,

Bob”
For the accounting manager, this was business as usual. The boss regularly sends requests to the accounting department to have bills paid. At a glance, there is nothing wrong with the email but in this instance, the tone of the email was unusual which caused for further investigation.

This phishing attempt was sophisticated enough to the point where the scam artist even took the time to forge a signature on the attached invoice that matched Bob’s signature. Fortunately, the accounting manager double checked with the boss before processing the transaction. What’s scary is just how close the accounting manager came to processing the payment which is a mistake any one of us could make. If they weren’t paying attention or were just in a hurry, anything could have happened.

What’s important to take away is just how predictable we are. Most companies operate the same way with similar departmental and communication structures. If this wasn’t true then social engineering scams wouldn’t work. This was a close call for just one company and it isn’t hard to believe that whoever sent this email has sent thousands of them and likely got paid on a handful.

These types of attacks are becoming more prevalent than any other because they are cheap, easy and work on businesses of all sizes. “Bob’s Company” is a small business, not a behemoth company that you surmise a hacker would go after. Small businesses are easy targets from a hacker’s perspective because many of them do not invest in security and user training like large companies do.

Some actionable steps you can take to avoid falling prone to this type of attack are:

  1. Avoid using departmental emails like Accounting, Payroll or HR. This lets the hacker know that they are sending the phishing email to the right person making it more likely for the email to have the hackers desired effect.
  2. Use regularly changing keywords when sending requests for a transfer of funds. Change this keyword every month and instruct your staff never to transfer funds without the keyword in the email. This is a really low tech solution but it works. These attacks are intended to trip you up when you aren’t paying attention. The majority of attacks never involve someone spying on your network and learning your passwords and company secrets. Simple though it may be, this is an effective form of two-factor authentication.
  3. Use free spoof phishing tools like KnowBe4 to test your employees to see who is likely to click on phishing emails. Invest in those employees by training them on what to watch out for.

We are living in an ever-developing world where cybercrime is global, the barrier to entry is low and we humans are the weak link in the chain. Since cybercrime has such low risk and high reward these scams will become more frequent and sophisticated. Businesses will have to adapt to these changes and develop strategies to protect their resources. It is important to consult with your IT partner to learn how you can train your employees and set up security measures that will prevent this coming wave of cybercrime.

Categories
Technology Training

Harden Employees Against Ransomware With KnowBe4

Are you curious to see who in your company is most likely to download a virus on your network? Well now you can find out and the best part is, its free. With KnowBe4 you can administer a range of free tools that will allow you to see which of your users is most likely fall for phishing emails.

The sad truth is that some people will click on anything that comes across their email inbox. This is how most network infections start. Till more recently, there hasn’t been a lot anyone could do to prevent this. KnowBe4 allows you to find those trouble users and train them so that this major hole in your network can be filled.

From a compliance standpoint, KnowBe4 offers actionable data that will allow you to show your HIPAA or PCI compliance officer that you are taking actions toward due diligence.

As an IT company, we do our best to prevent major disasters with layered security involving anti-virus, managed firewalls, Office 365 spam filtering, security permissions and most important, great backups. Even with all of these security measures in place, there isn’t a foolproof method to ensuring that a few phishing emails won’t slip by unnoticed. We rely on backups to get our clients up an running quickly but even under the best of conditions, it is still better for the virus to have never been clicked on to begin with.

For a small investment in time, you can’t afford to not use these great free tools from KnowBe4. Take a few minutes to watch our new video on how to get started with KnowBe4 and harder you users against malicious emails.

Categories
Technology Training

Repair Windows 10 With Windows Automatic Repair Tool

If you are having a problem with your desktop or laptop computer such as a reboot loop, corrupt Windows files, corrupt registry keys, corrupt registry driver or other Windows boot related issues you can resolve most of these by using the Windows Automatic Repair tool.

Windows Automatic Repair or Startup Repair can fix a lot of issues in Windows 10. This solution may not fix all of your PC Boot up problems but it is a good place to start. Running Startup Repair on your computer can fix problems that keep Windows from loading on your computer.

In this video, we will walk you through the advanced settings for using the Windows Automatic Repair tool. If your computer is having a boot issue you should follow this process before taking your computer to your IT partner. Doing this will likely save you a lot of money and time. Remember, before using any of these tools, it is very important that you back up your data as some of these tools have the ability to erase your hard work.

If you find that you are still having Windows boot issues after having run this tool, consider calling the techs at eTop Technology for support on all of your business technology needs.

Categories
Technology Training

CamStudio Screen Recording

If you have tried to explain a complex computer problem to your technical support group and found it difficult to bridge the gap between English and all the technical jargon, you may find it easier to make a screen recording of the problem rather than sending a lengthy email. CamStudio is a great, free program that will help you with just that.

In this video, we will walk you through downloading CamStudio and getting it set up to start screen recording. CamStudio is a very simple and straightforward program but none the less it is very powerful when you are trying to explain a problem. Once you know how to use the program you can export a .mp4 file that you can then email to your technical support group.

Categories
Technology Training

Learn how to use a VPN

You may have heard of, or even used, a virtual private network (VPN), but do you know what it is? A VPN is an encrypted tunnel through a wide area network (WAN), also known as the Internet. This means that the network does not have to be located in one physical location, unlike a local area network (LAN). By using encryption and other security measures, a VPN can scramble all the data sent through the WAN, so the network is “virtually” private. In other words, a VPN allows you to access the files on your local network over the internet from an airport, coffee shop or another country, and you will be as secure as if you were sitting in your office.

Businesses commonly use VPNs to communicate across multiple locations. A large company that has offices in several cities may need to send data between their locations via the Internet. To keep the information secure, the company will set up a VPN with an encrypted connection, effectively giving the company a secure intranet over the Internet.

In this video, we will show how you can download one of the many VPN services on your computer. Once downloaded, we will show you how to set up and use this tool. Although there are many VPN options to choose from, most of them work the same way. If you are going to be traveling for work, or need to work from home or a coffee shop, it is important to send and receive sensitive data over a VPN. Otherwise, you are opening a direct access to all of your company’s sensitive information, and risk a security breach. For more information, or if you would like to set up a VPN for your company, contact eTop today.

Categories
Technology Training

Microsoft OneNote for Beginners

Are you aware of all the applications that come with your Microsoft Office 365 subscription? Most people think of Office 365 as a hosted email service but don’t realize that it is much more than that. Depending on the subscription that you have, almost every Office application that Microsoft offers will be included and is accessible in the Office 365 portal.

This week we have created a video that will walk you through one of the included applications, OneNote. Like the name would suggest, OneNote is an application that keeps all of your note taking in one place. No matter if you are in a meeting, a trade show or conference, or even if you’re still in school, OneNote is a great application for all of your note-taking needs.

To help get you started, we will show you how to access and download OneNote from your Office 365 portal. Once installed, we will show you how to set up the program so that it is customized to your liking. Although the program is pretty straightforward, there are a few features that you should know about and we go over them in this video.

Once you watch this quick overview you will be able to take notes and insert pictures, videos, and sound recordings like a pro. Need a table, graph or chart? We’ll show you how to use those as well. When you’re all done taking notes, you can share them with colleagues and friends making OneNote a great tool to help your team collaborate. If you are used to using other Office products like Word or Excel then you will pick up OneNote quickly since many of the features and functionality are set up the same way.

If you haven’t already, we would encourage you to take a closer look at your Office 365 portal to see what applications are available to you. From the beginning, Microsoft has packed a lot of value into the 365 offering and since then they have done an excellent job of adding in more applications and features. To help you get the most out of your subscriptions, we will be making a series of how to videos that will debut what Microsoft has to offer and how to use each application.

Categories
Technology

Automate using Automate.io and Microsoft Flow

Business today gets done through the technology that connects us. The problem is that no matter what, there will never be one master program that does everything we specifically need. We’re forced into optimizing our work lives through no less than a dozen applications that we ourselves string together. While this is still faster than reverting back to pen and paper, you may still find yourself having to do a task in one program only to do it again in another.automate.io For example, right now I have my newsletter program, email platform, YouTube, CRM, LinkedIn, several other social media programs, my internal chat app and our company website all running at the same time in order to get work done.

Let’s say I meet someone who I want to do business with: I have to find them on LinkedIn, send them a follow-up email, add them to my contacts list, and add them to my mailing list.
Flow
This takes time, and if you are going through a large list of new potential clients after a trade show, you could find yourself losing a day just doing data entry. Happily, there is a solution to this problem, and it’s called automation.

Most major programs today have open API’s that other third party apps can create integrations for. Instead of having to repeat yourself for every application, you can use programs like Automate.io or Microsoft Flow to bridge the gap between programs.

In this typical sales situation, you can now add your new contact to your CRM. Your automated processes will take that information and send that contact a LinkedIn invite, add them to your newsletter mailing list, and also send them an email thanking them for their time. Now you have taken three steps and turned them into one.

There are countless ways that these automation programs can be used, and more applications are jumping on board with this system every day. If you are finding yourself doing repetitive tasks in multiple application then take the time to find an integration that will ensure that you are only doing your most important work.

Categories
Technology

Stop Ransomware In It’s Tracks

Today we are going to review a brilliant tool that stops ransomware and other spam in its tracks. It’s called Sendio Opt-Inbox, and it’s more than just antivirus and spam filtering; it’s all of that combined with two-factor authentication, meaning that if anyone sends you an email, a human has to verify that they sent that email to you.

Sendio
Sendio Anti Ransomware Protection

This nifty tool is different because it completely filters out mass email attacks. Ransomware is a numbers game; large scale attacks use automated systems to send out thousands of emails, knowing that some portion of those emails will inevitably succeed. However, hackers and their automated systems do not account for any kind of authentication process.

When you sign up for Sendio, you are opting to re-route your mail through their system. This allows them to run a series of scans on the email and check the IP address to see if the email is coming from a trusted source. Before Sendio hands off the email to you, the sender will go through the “Sender Address Verification SAV” process or their email won’t be delivered. This means that someone actually has to tell Sendio “It’s okay, I’m a real person and I want to have a conversation with the addressee.” Sendio makes sure that you are only having meaningful conversations with people who you want to talk to.

What about automated emails, like newsletters, that you voluntarily subscribe to? Sendio takes this one step further: you can not only choose to trust certain newsletters, but also choose when these emails get sent to your inbox.

Is this new fancy widget expensive, or even worth the extra cost? The starting price is $34 per month, and the pricing changes depending on whether you have Sendio host the application for you, or if you host it on your own network. You can run a quick cost-benefit analysis to see if an application like Sendio would be cost effective for you and your organization. Go to the store and get a cheap stop watch, and click the stopwatch every time you sort through junk mail. Do this for a month, and you will see how much time you could save sorting through junk mail alone. Multiply this estimate by the number of employees in your company, and you can see that a product like Sendio is easily worth the price. Beyond the amount of sheer time saved, you can assume increased productivity, and thus an additional capacity to increase revenue. Furthermore, a product like Sendio could save you countless amounts of time, money, and data loss by preventing ransomware attacks.

It sounds great, but are there any downsides to this magical tool? Unfortunately, no tools on the market are 100% foolproof. Potentially, if you are subject to a highly targeted attack, the attacker could manually go through the verification process, assuming that Sendio hasn’t already flagged their domain or IP address for fraudulent behavior. However, with the high volume of fraudulent emails sent out by hackers every day, it seems improbable for hackers to find an effective way around this new gateway.

Ransomware has caused too many executives and management sleepless nights and it is time for a system that can help you take back your peace of mind. Talk to your IT partner about implementing Sendio across your network. Get you time back, become more efficient, and most importantly, get a few more hours of sleep!

Categories
Technology

Phishing For Passwords

There has been a recent increase in phishing attempts across the US and it is concerning for many reasons. It is important to be aware of these issues and how these phishing attempts work so that you can protect yourself and your company. The unfortunate truth is that there is only so much you can do to block phishing emails from landing in your inbox in the first place. The only surefire way to prevent phishing attempts from becoming a problem is by training your users to keep a keen eye.

phishing

A phishing attack like the one shown above is an attempt to get you to give away some important information, usually credentials to an email account. In the past, phishing attempts have been highly generic like the “Nigerian Prince” scam that any most discerning individuals would understand to be malicious. Now that most people have become aware of the nature of phishing attempts, the scammers are having to become more sophisticated.

This means that phishing attempts will become increasingly difficult to distinguish from legitimate emails. As more and more emails are being hosted in the cloud through services like Gmail and Office 365, scammers have found a particularly effective way to trick people. These services will periodically ask you to verify your credentials or even change your password every 90 days. These routines can be hijacked to make you think that you are giving your information to your provider when really you are giving it to a scammer.

By looking at your publicly available DNS records, scammers can tell what email platform you are using. It is easy to set up a web page and design it to look exactly like the login page of any hosted email provider. Scammers will use this information to send you highly targeted emails asking you to verify your credentials for “security” reasons. Seeing that the email appears to be from a trusted source, and the link in the email supposedly leads to your hosted email provider, you are likely to enter your password giving the scammer access to all of your information.

In order to help you avoid these pitfalls, we have a few simple steps to follow that will help keep you safe.

  1. Are you expecting the email? Maybe you are logging in from a new computer and the email host doesn’t recognize or trust your device. This is a good reason to expect an email with a link. If there is no reason to expect an email, then receiving one should be a red flag.
  2. Inspect the email. Start by looking at the sender. Do you know them? Don’t just look at the display name; carefully inspect the email address that the email is coming from. Is the domain address spelled correctly? If not, this is likely a scam. Does the email use scary works like Urgent or Emergency? This should be a red flag as well. Also, be sure to check any external link addresses and if they lead to an obscure website, this is likely a scam.
  3. Don’t use links. If you have reason to think that this email is legitimate, take one last security precaution and don’t use the link provided. If you need to verify your credentials then you will be prompted to do so the next time you log into your email account. Do a web search for the login page of your hosted email provider and log into your account from there. If you are not prompted to verify your login then you will know that the email you received is a scam. If it is a link from a known sender, you could also give them a call to verify that the link is from them.

Following these steps will allow you to filter out most phishing attempts that make it to your inbox no matter how sophisticated they become. These attacks rely on you making decisions while not fully paying attention, but they will never be able to fully copy the email provider they are trying to spoof. This means that if the email is not legitimate, then you will likely be able to point that out with a few seconds of careful inspection.

As always, be sure to work closely with your IT professional to ensure that you have a security plan in place. Phishing attempts can lead to data loss, security breaches and even significant lost revenue. It is always better to be preventative about these issues than having to deal with the aftermath.