Posts in Best Practices

Does this smell “phishy” to you?

October 17th, 2019 Posted by Best Practices, Hackers, Internet, Networks, Security, Staff 0 thoughts on “Does this smell “phishy” to you?”

Phishing attacks use malicious emails or websites cleverly disguised as legitimate points of contact and business to lure you into giving criminals access to your personal, financial, and business information. Attacks are on the rise, especially for SMB’s. Think was even targeted earlier this year. With the stakes for your business (both for your finances and your reputation) getting higher every year, we’ve prepared some information and security tips to help you deal with the “phishy” stuff that could come up.

 

Phrases to watch out for

Phishing attempts have come a long way from “I’m a Nigerian prince”. Criminals are using the same language that a business associate, bank contact, or client would use to trick you and your employees into giving away valuable information and access. Language like:

“We suspect an unauthorized transaction on your account. To ensure that your account is not compromised, please click the link below and confirm your identity.”

“We were unable to verify your account. Please click here to update and verify your information.”

“Hey, it’s (your boss’s name). I’m stuck in a meeting, could you pick up some gift cards for me?” (this one made the rounds in Durango via email and text message)

“This is Todd from IT, and I need you to send me your login information so we can do some maintenance on your computer” (sent from what looks like a legitimate company email)

 

What to do

Play hard to get – if anything doesn’t look or feel right, DO NOT click on any links in the email or reply to the email. Contact the company/financial institution/person directly. And DO NOT use any phone numbers given in the email, those are easily faked too.

Take a breath – criminals want you in a hurry and not thinking too hard about what you’re doing, so there is almost always some sense of urgency to a phishing attempt. Take your time and ensure that any information/access you’re giving is going to the right person for the right reasons.

Don’t get too personal – with so much information available online about our jobs and our lives, it can be all too easy for criminals to collect this information and try to use it to manipulate us. Try to avoid putting too many details out there, and remember that it’s not just the people who are close to you who can get access anymore.

Beware the link – hyperlinks in emails are a favorite way for criminals to trick you into downloading malicious software (just takes one click) or enter your information on a website that only LOOKS legitimate. Don’t click anything you aren’t completely confident in, and even then think twice.

Double up – two-factor authentication is an effective and inexpensive security measure that could make all the difference for your company. With two-factor authentication, it’s much more difficult for a criminal to access sensitive information even with a login and password, because they’re still missing a key piece of the puzzle. (To learn more about two-factor authentication visit our blog post here.)

Think passphrase – The longer and more creative your password is, the more difficult it will be to hack or guess. Instead of trying to come up with bizarre spellings for common words, you could try a nonsense phrase. Like: phishingemailsarejustawful! They’re easier to remember and to type.

Bring in security – you don’t have to do this on your own, and you shouldn’t try. There are some amazing anti-virus programs and email filters that will help you protect your company from multiple types of attacks. Your odds of protecting your business, your employees, your customers, and yourself go way up when you’re using the right tools for the job.

Using Cybersecurity as a Differentiator in Your Business

September 23rd, 2019 Posted by Best Practices, Disaster, Hackers, Networks, Security, Staff 0 thoughts on “Using Cybersecurity as a Differentiator in Your Business”

Customers are more aware than ever of how vulnerable their information is, and they depend on you to step up and to keep them safe while providing them with excellent customer service. Here are 5 steps to help your company gain a competitive edge with cybersecurity.

Audit, audit, audit – you can’t fix a hole unless you know where it is, and more than 70% of all cybersecurity incidents today are the result of internal security issues. Frequent and consistent audits of your network will give you the knowledge you need to address any issues before they become a security breach.

Get certified – does your industry have guidelines or standards for compliance in security? If so, make it a point to get very familiar with them and seek out any certifications offered. This will help you better protect your customers and your business, help you avoid costly fines, and it will show your customers that you take your commitment to them seriously.

It’s a culture thing – cybersecurity is all about team work. Every single person in your company is a part of your defense against data breaches and other security threats, and it’s important that they understand how valuable a proactive approach is in protecting your company and your customers. Making security a part of your company culture also communicates your dedication to your customers. The more they feel comfortable and safe doing business with your company, the more they’ll be inclined to recommend you.

Get everyone up to speed – values and culture are important, but your employees need the practical skills to walk their talk. Make sure that you’re taking the time to educate your employees on best practices, current threats, and how to get the most out of the technology and software you provide.

Spread the word – top notch cybersecurity isn’t something you want to keep to yourself. Tell your customers about your commitment to their privacy on your website, in your newsletter, and in ads. Let them know about your certifications, or talk about your employee certifications and trainings on social media. It will help them appreciate your company in a whole new way.

Don’t wait for a breach to take care of your business and your customers, start today. And if you want an expert to help you get everything done right, we have engineers and advisers that are more than happy to help you assess your situation and move forward with a plan that’s tailored to your business. Contact us today to learn more.

5 Bad Habits of IT Departments

September 23rd, 2019 Posted by Best Practices, Devices, Security, Staff 0 thoughts on “5 Bad Habits of IT Departments”

Even the best of intentions can be sabotaged by bad habits, and IT departments are no exception. In this post we’ll share with you the top 5 bad habits you’ll want to watch out for in your IT department.

  1. Bad timing with new technologies

With technology moving in leaps and bounds, the phrase “Timing is everything” has taken on a whole new meaning. If a technology is adopted too early, your business and employees will have to suffer through all the bugs, outages, and partially-formed processes that are a given with emerging tech. But, if the new technology is adopted too late, you’ll be in a mad scramble just to keep up with your industry. The right timing is crucial to ensure that technology is an asset or even a competitive edge.

  1. The wrong focus in hiring

Too often when a role opens in IT, too much emphasis is put on specific knowledge of certain software, hardware, and processes. These laundry lists of tech knowledge can scare away great candidates who may be a great fit for the company, even if they would need to pick up a new skill or two. At the end of the day, ensuring that a new employee is going to fit well into your company culture and is willing (and enthusiastic!) about learning new skills will have a much more positive outcome for your business.

  1. A rigid course

Having a plan for your business is essential, and the IT department should have a plan that supports your business plan. But being too rigid can cause major issues. It’s important to leave enough flexibility to allow for circumstances to change and new opportunities that may become available. If your IT department is focusing on specific software or hardware instead of which direction will best support your business goals, you could end up locked into a course that becomes obsolete or cumbersome by the time it’s put into motion.

  1. People pleasing

In a culture where we have so many different options and rarely have to choose just one, employees can get in the habit of asking the IT department to support any and all of their favorite applications and services. And, because they want to keep everyone happy, the IT department says “yes” without really looking at the potential consequences. What ends up happening is your business network becomes flooded with too many applications and services for your IT department to manage efficiently or safely. Each of these applications or services is a potential security breach, and each can fail or glitch at any time. Does your IT department have the skills and time to support all of this? Is it how you want them to spend their time? Or is it better to risk ruffling a few feathers to keep your IT streamlined, efficient, and secure?

  1. Skipping the training

All the high-end technology in the world can’t help your business if no one knows how to use it. If your IT department isn’t providing your employees with comprehensive training and documentation, you’re wasting your money. Think of the videoconferencing or projection equipment you’ve seen collecting dust on so many conference tables. Or the phone system features that have never been utilized. These tools could be a major benefit to the business, but your staff isn’t comfortable relying on something they can’t confidently operate.

River of Technology

August 20th, 2019 Posted by Best Practices, collaboration, Communication, Community, Staff 0 thoughts on “River of Technology”

The common sense survival guide that will keep your business afloat.

Here at Think we play as hard as we work, and for some of us that means time on the river. We couldn’t help but notice that there are some important parallels to being successful in the water and successful in business technology. Here are 5 tips to help you and your business successfully navigate the river of tech.

Plan ahead – Do you have a destination in mind? An idea of how you want to get there? These questions apply equally to river travel and the technology required to support your business. Tackling whitewater rapids without scouting first could be a dangerous endeavor. In a constantly shifting environment filled with opportunities and challenges, picking a good line and sticking with it will help control costs and allow you to use technology as a business tool rather than just a necessary expense.

Be prepared – The next step is having the right gear and knowing how to use it. All the knowledge in the world won’t make a wooden pallet a raft, and the most sophisticated water craft won’t make up for a lack of skill. The same goes for technology.

Go with the flow – Both rivers and technology are always changing, moving, and evolving. There’s no denying or changing that fact, so your best bet is to go with it. Use the current to get you where you want to go, because fighting against it will deplete your resources and set you back.

If you get stuck – Sometimes you’ll get sucked into an eddy or stuck on a rock in the middle of a moving river. Something similar happens in business technology when you’re bogged down with aged equipment, slow moving processes, or even one belief system about how IT functions in your business. The best thing to do at a time like this is assess your situation and where you’re at, decide where you want to go, and put in the effort to move yourself back into the flow.

Bring a guide – If all of this sounds like a lot, you’re not alone. These are specialized skill sets and know how that come with a lot of time, study, and practice. A healthy dose of passion for the work helps too. It’s not for everyone. Luckily there are guides who are happy to share their knowledge and skills to ensure that you have a safe and enjoyable experience.

When it comes to your technology needs, a managed service provider can help you from beginning to end. They strategically plan out the types of technology, processes, and policies. They will help you get your business where you want it to go. They ensure that you have all the appropriate gear and that your staff is able to use it. They assist you in the inevitable change that comes with evolving technology in your business. They help you when you get stuck or run into a challenge.

If you’re looking for a guide to help you navigate the river of business technology, our engineers would be happy to talk with you.

Company Culture: the secret to success

August 13th, 2019 Posted by Best Practices, collaboration, Communication, Community, Staff 0 thoughts on “Company Culture: the secret to success”

Some parts of a business require a lot of work, time, and focus to create and maintain. Others will happen whether you work at them or not. The biggest (and maybe most important) example of this is company culture. Think about it. We’re social creatures, and it is natural for us to function as a cooperative group. It’s something you see happen even in temporary groups, like people waiting to get on a bus or standing in line at the store. There’s an unspoken give and take, an acceptance (and sometimes disregard) for the norms of the situation. No one is discussing it, planning it, or even consciously directing it. But it happens.

The same thing happens in a business. With a group of people brought together to support a common cause for 40 or more hours a week, how could it not?

The question isn’t “Do we have a company culture?”, because the answer to that is always “Yes.” The question is “Do we have a company culture that supports our employees, our clients, and our business goals?” The answer to that question will determine everything from employee productivity to turnover rate. In an industry with a notoriously high turnover rate, like IT, company culture can make all the difference in your business’s ability to thrive.

 

Starting at the Top

Actions speak louder than words.

We’ve all heard it a hundred times, but we rarely take the next step to understanding the implications of that simple truth.

Many businesses have instituted wellness programs to help support and encourage their employees in making healthier life choices. To the tune of $50 billion a year. This sounds like a lot of action in the right direction, so why isn’t it working? A recent study by the National Institute of Mental Health suggests that these wellness programs haven’t increased workers’ health much at all. Or improved their experience at work.

This is because a policy or program can’t actually change company culture. Until it’s modeled by the leadership, it’s just empty words.

 

Setting the Example

Take a moment to think about what you’re modeling for your employees and coworkers. Are you answering emails late at night or well before work in the mornings? Do you skip lunches, rush from one meeting to the next, and cancel plans with your family on a regular basis? Are you showing up to work when you’re sick, injured, or exhausted?

The story we’re told is that you have to work hard to succeed, and sometimes that means sacrifice and struggle. This can certainly be true, and there’s nothing wrong with hard work and sacrifice. But is what you’re gaining worth what you’re giving up?

You have to remember that as the boss you set the tone. Your employees will follow your example, and you have to decide if this culture is sustainable, productive, and reflective of the business you want to create.

 

What You Value

One way to look at this is that it all comes down to what you value.

Do you want your employees at their desks for 8 hours a day, pushing regardless of what their actual level of productivity is?

Or do you want your employees working at their best, producing high quality work, regardless of whether that happens in 1 hour blocks or means they take a day off when they’re sick, have a family event, or just need to manage their stress level?

You have the opportunity to create a business that is both supportive and successful. Are you ready to do it?

Two-Factor Authentication: Secure, Simple, Inexpensive

July 15th, 2019 Posted by Best Practices, Data, Disaster, Hackers, Security, Staff 0 thoughts on “Two-Factor Authentication: Secure, Simple, Inexpensive”

“I don’t believe there is any single item that is more cost effective at improving security for public facing services than two-factor authentication.  This is why most Internet banking and other sensitive websites are requiring this nowadays.” – Darrell Brooks, Director of Infrastructure at Think

Even the strongest password may not be enough to protect your sensitive data. Luckily, two-factor authentication (2FA) is here to help.

Two-factor authentication adds an extra level of security to your basic login process. Think of it like this: Having 2FA required for your account login is like having a deadbolt and a keycode for your front door. That way if you lost your key, you would still be protected by the keycode. Or if someone overheard your keycode, you would still have the deadbolt in place.

Just as you would require both the keycode and the physical key to get into your front door, you would also require two different factors to access an account secured with 2FA.

There are three categories used for two-factor authentication:

  1. A thing you know (like a password or keycode)
  2. A thing you have (like a keycard or a mobile phone)
  3. A thing you are (like a fingerprint)

Your two factors should come from two different categories. This is often a password and an auto-generated PIN number that has been sent to you through a text or an app.

Many (if not most) people are guilty of using weak passwords or duplicating passwords for different accounts. This probably includes your employees. Adding 2FA to your security is a simple, easy, and inexpensive way to tighten security for your business.

Take a look at the different two-factor authentication apps available online, or contact Think to discuss options for your business needs. In the end, the one you will use will depend on the kind of deployment that you desire and the structure of your organization.

Successful IT Transitions Need These 5 Components

July 12th, 2019 Posted by Best Practices, Cloud, Communication, Data, Security, Staff 0 thoughts on “Successful IT Transitions Need These 5 Components”

Change is easy to get excited about and easy to get started, but it’s tough to follow through and keep the momentum going. Especially when it feels like there’s no end in sight, as can happen with IT projects if you’re not careful. But it doesn’t have to be an endless slog. If you build these 5 components into your IT transition, the entire process will be much smoother and more successful from beginning to end.

1. A tracking system – a simple list of major goals and initiatives, refer to it often (especially if you’re thinking about adding anything), and check off progress as you go. This helps to keep the direction clear, make the steps and goals feel attainable, and makes progress easy to see. All of these will make it easier for your staff to maintain motivation and momentum.

2. Clear communication – When people don’t understand what they’re doing or why, they lose focus, motivation, and enthusiasm. So, make all communications regarding the transition as transparent and simple as possible. Lose the tech jargon and talk about the benefits, challenges, and goals in a way that everyone can understand.

3. Available support personnel – It’s likely that there will be a handful of people in your organization who are always in demand during any IT transition. They’re the ones who always seem to know what’s going on and how to fix it. It’s essential that these people be free to work on higher level issues, while anything else is delegated to employees with less expertise and/or less demand on their skills and time. This will help the transition move more quickly and smoothly while encouraging less experienced staff to learn and take on new responsibility.

4. Clear transitions and expectations – make sure that your employees know when and how to transition from doing things the “old way” to adopting your new solutions and processes. Whether this is an entirely new role or just a new approach, you can cut down on confusion, frustration, and unnecessary delays by ensuring that everyone knows what to do and when to do it.

5. Data-based targets – It’s important to both morale and progress that you and your team can identify what “done” is for any given stage or goal in the transition. This gives you a framework to discuss their progress and direction, and it gives them a definite path to follow.

7 Tips for Training Tech-Savvy Employees

June 6th, 2019 Posted by Best Practices, collaboration, Communication, Staff 0 thoughts on “7 Tips for Training Tech-Savvy Employees”

Updating your technology on a regular basis is an important part of keeping your employees productive and efficient as well as protecting your company from cyber security threats. But keeping employees up to date on how to use all this new tech can be a challenge. Here are 7 tips to help you train more tech savvy employees and keep your business moving forward.

  • Know why –Most people resist change. It’s just human nature. But if you can explain WHY it’s worth their time and effort to learn and use this new tech, you’ll find your employees will be a lot more cooperative. And maybe even excited.
  • Recruit inside– Some employees will naturally be more apt and more interested in the new tech. Recruit them to help you train the others. This will help bridge the knowledge gap as well as getting everyone involved on the project together.
  • Get hands-on –As often as possible, have your employees learn by doing. The more engaged they are, the more likely they are to retain the information.
  • Documentation –Ever wish there was a manual for that? So do your employees. Give them written instructions (preferably with screenshots) whenever possible. This will help them learn more quickly and provide a handy reference guide for later.
  • Keep it small –Breaking your employees into smaller groups for tech training gives them more opportunities to ask questions and engage with the instructor, helping them learn more quickly.
  • Everyone is different –Some employees will pick up the new tech and run with it right away, but others will require more time and effort to get them going. Be prepared for differing rates of progress and be patient.
  • Get their thoughts –Your employees can provide you will valuable feedback on the learning process and how the new tech is impacting the company, if you ask and are open to listening. Do this during the transition and afterwards to help keep tabs on the bigger picture.

Is your business being targeted?

May 8th, 2019 Posted by Best Practices, Hackers, Security 0 thoughts on “Is your business being targeted?”

Two members of our staff and 3 of our clients were targeted by this phishing scam last month. You should know about it.

 

Have you seen the latest email phishing scam?

It looks like a quick email from your boss. They’re in a meeting and can’t talk, but could you stop and pick up some gift cards?

If you reply saying you will get the cards, the next email says to pick up $1,800 of Walmart gift cards and just take a picture of the numbers on the back of the card and email them back.

Which is where they really get you. Once you’ve sent the scammers the numbers on the back of the card, they have access to the money. And you have no way to get it back.

This scam is designed to take advantage of the fast-paced and informal nature of a lot of business communication. As well as the trust we place in our superiors. Two of the employees here at Think were targeted by this phishing attempt. A combination of cybersecurity knowledge and a good email filter helped ensure that neither of them fell for the scam. But others haven’t been so fortunate.

You can protect your business and your employees from phishing attempts with a few simple steps:

  1. Education – talk to your staff about what phishing is and what to watch for.
  2. Awareness – make sure your staff is looking at the sender and the contents of an email closely before clicking on links or replying.
  3. Protection – a good email filter will flag emails from outside senders, helping your employees identify untrustworthy sources more easily.

Phishing is one of the leading cybersecurity vulnerabilities for a business. Take steps to protect your business and don’t get caught!

5 Reasons Your Business Needs a Backup and Recovery Plan

May 6th, 2019 Posted by Best Practices, byod, Cloud, Data, Disaster, Hackers, Security, Staff 0 thoughts on “5 Reasons Your Business Needs a Backup and Recovery Plan”

If you lost all your business data today, how long would it take for your business to recover? What steps would you take to get everything up and running again? How would it impact you financially? Knowing the answers to these questions is all part of being prepared. Just like having a back up and recovery plan. Here is some more compelling evidence that this is a necessary part of any business today:

1. Data is Easy to Lose – not just major events, a lot of it is human error. This is especially true in a BYOD culture where you may have business data being stored on personal laptops or in personal cloud accounts of your employees.

2. Cyber Attacks Keep Coming – the average cost of an attack for a company with 10 – 24 employees is over $38,000, and it just goes up from there. It doesn’t matter what type of business or the size, hackers will target anything they can profit from.

3. Downtime – loss of data can bring your entire business to a grinding halt. And if that data can’t be recovered, it takes even more time to replace (if that’s even an option).

4. Irreplaceable Data – some documents or files are truly invaluable. Everything from client lists and research to files on upcoming projects. If all that disappeared in one day, where would your business be?

5. Reputation – do you hold any sensitive or personal data on for your clients or customers? Or data that your clients will need to access in the future, like health care records or financial information. How would telling them it was all gone impact your relationship with them? Or your reputation in the business community?

A variety of back up and recovery options are available and can be customized to suit your business. Contact one of our engineers today if you would like to learn more about your options or get an expert’s perspective on developing your own backup and recovery plan.

CONTACT US

888.98.THINK
970.247.1885
3067 Main Ave. Durango, CO
101 W. Main St. Farmington, NM
7483 E. Visao Dr. Scottsdale, AZ
5700 Washington St. Denver, CO

JOIN OUR TEAM

Join our team of hard-working, fun-loving, technology experts.

View Careers

© 2018 Think Network Technologies, LLC. All rights reserved.