Facebook Finally Allows Users To Delete Sent Messages

Facebook Messenger

Facebook Messenger

Users of Facebook Messenger, which number over 1.2 billion people worldwide, now have a new feature that makes life a bit easier after making an “oops.” An oops is a mistake in an instant message that is immediately noticed, right after sending it, by the person who wrote it. It could be that a message includes a goofy typo. Typos are usually much easier to see right after sending a message than before sending it. This is a psychological thing.

The need for message deletion could also come from a message intended for one person that might be accidentally sent to the wrong person or incorrectly to a group. It could be that a group message was sent to someone who should not be included.

One thing that is helpful with this new feature is the ability to remove a photo that was sent in error. If the person receiving the message with the photo does not make a copy of it, it is possible that the mistake goes away when deleted by using the new unsend feature.

This may save considerable embarrassment. There is probably nothing more unfortunate than sending an explicit photo to your mother by accident. Hopefully, she does not see it before you get a chance to unsend it and send her a new message with the correct photo attached.

Ten Minutes to Change Your Mind

Now, for up to ten minutes after being sent, Facebook Messenger allows a person to delete a message. It disappears and then in its place appears the notation that the message was deleted.

Be aware, that there is no delay in sending the message out. Perhaps, if the receiver of the message is not paying close attention to their Facebook Messenger, the message may go unread. However, if a person already read the message, they know what it was about. The time limit of ten minutes for deletion also means that a message is not changeable the next day after a late night, drunken, message-sending binge.

Everyone Has Zuckerberg Unsend Power Now

The idea for message deletion on Facebook Messenger came from users who noticed that some of Mark Zuckerberg’s messages would disappear after a certain amount of time expired. Zuckerberg had this power to remove the messages if he changed his mind about the content with an afterthought. This was a superpower built into Mark Zuckerberg’s Facebook account that allowed him or his assistants to delete messages but was not part of the overall Facebook Messenger software’s capabilities.

Facebook Messenger users in droves petitioned the company to give them this unsend power for their accounts. The company agreed to do this and leaks came out during 2018 that this upgrade was underway.

Facebook also owns WhatsApp. Facebook bought WhatsApp for $14 billion in October 2014. On the WhatsApp system, it is possible to delete a message for up to an hour after it was created. This WhatsApp feature was extended to Facebook Messenger.

Adding this feature to all the Facebook Messenger accounts was not trivial. It took nine months of software retooling to get this feature working for all of Facebook users. Finally, in February 2019, it became available to everyone in the latest Facebook Messenger software release and upgrade.

What’s Next for Facebook Messenger?

Behind the scenes at Facebook, there is an ongoing effort to integrate all the messenger apps into one. Adding this unsend feature is heading in that direction of making Facebook Messenger blend with WhatsApp.

Facebook also owns Instagram, which it bought in 2012 for the bargain price of only $1 billion. Instagram was considered a startup at that time. Instagram has about one billion users now. About 80% of them live outside of the United States. The plans for 2019/2020 are to continue the integration of Facebook Messenger, WhatsApp, and Instagram with a redesigned interface that is simpler to use and elegant.

Until now, WhatsApp operated independently of Facebook Messenger. It has features, like message encryption, that Facebook Messenger does not have. There are also plans to make WhatsApp a payment gateway to challenge payment services like PayPal.

One significant problem is that Facebook is suffering from a serious diminishing of public trust. Many users have been leaving the system and deleting their Facebook accounts. Some do not trust Facebook’s influence over WhatsApp and think that Facebook can be persuaded to put a “backdoor” in the WhatsApp system to allow law enforcement the easy ability to spy on the encrypted communications of the WhatsApp users.

This is not so far-fetched because of the revelations that Facebook allowed its users’ data to be hacked and private information of its users to be misused by hostile foreign governments. The Facebook system was gamed in an attempt to influence the American elections.

Facebook has quite a way to go in order to rebuild trust with the public. There is no point in using any encryption service if the encryption protection can be bypassed by anyone, especially governments. Facebook may find that it loses WhatsApp users by trying to convert them to Facebook Messenger users, since, at this time, most WhatsApp users do not even realize that the service is owned by Facebook.

The Facebook Messenger Behemoth Rises

The New York Times reports Facebook wants to integrate the underlying system structure of Facebook Messenger with WhatsApp and Instagram while keeping the public interface of these three systems appear to be operating as stand-alone apps. This will aggregate the instant messaging of over 3.2 billion users. This move to integrate the three services by the Zuckerberg team brings up serious anti-trust issues and more concerns about privacy and security. Can Facebook really be trusted with all of our most private conversations?

To address privacy concerns, adding point-to-point encryption is one of the main goals for the integration of all three services during 2019 and 2020. The challenge for Facebook may not be convincing its users that it is serious about protecting their privacy as much as being able to avoid having to introduce a “backdoor” in the encryption software to allow government spying on the messages.

The new anti-encryption legislation, which just passed during December 2018 in Australia, suggests that this backdoor policy may become a new standard of government intrusion on privacy. A backdoor makes systems vulnerable to abuse and exploitation. Criminals may gain unauthorized access by exploiting the vulnerability of having a backdoor. Government workers may misuse private data that they can access.

The project requires thousands of Facebook programmers to work on it. Facebook estimates that the upgrade and integration of Facebook Messenger with the other systems will take over one year to complete. That timeline may be overly optimistic when it took nine months for Facebook just to add the unsend feature.

While the unsend feature may keep others from continuing to see a message if deleted within ten minutes, it does not permanently delete the record of the message from the system. Beware that Facebook will continue to store that embarrassing photo you mistakenly sent to your mom forever.

Australian Parliament Considering Changes To Encryption Laws

Australia Data Breach Laws

Australia Data Breach Laws

In early December 2018, the Australian Parliament passed into law a bill called the “Telecommunications and Other Legislation Amendment (Assistance and Access) Bill 2018.” Australian and international technology companies immediately voiced intense opposition to the new law. Amazon, Apple, Digi, Facebook, Google, LinkedIn, Microsoft, Snap, Twitter and many more have already raised serious objections saying that the law is overly broad, deeply flawed, and lacks sufficient judicial oversight.

The law was passed in such a rush that it had to be stripped of 173 proposed amendments to the bill that were attached to it. The legislators approved the bill on the very last day of legislative sessions before going on their summer break. Like most things done in a hurry, the chances here of making major mistakes are very high.

Legislators agreed to the law as long as they can continue with the debate over adding amendments when they return from summer break. In the meantime, the structure of the law is defined sufficiently to create a global uproar over the law’s focus and major negative impact on encryption.

What Can Happen Under the New Law?

Senior officials of the Australian government (the Director-Generals of Security, the Secret Intelligence Service, and Australian Signals) and the chief officer of intelligence agencies may request companies that are considered a “designated communication provider” to give technical assistance in order to get private data on individuals and organisations.

Technical Assistance Request

Compliance with a technical assistance request is voluntary. Requests may be made in writing or given verbally in the case of an emergency. The idea is to inform the companies of what the needs are so that they can take voluntary steps to be able to comply with future requests about things that are deemed to impact Australia’s national security and the interests of Australia’s foreign relations.

Australia already has a security cooperation agreement with four other countries including the US, UK, New Zealand, and Canada. This means the new Australian law extends beyond the bounds of Australia to include the interests of these and potentially other countries. An Australian interception agency may use this new law to enforce Australian criminal laws and also foreign criminal laws if the offense has the possibility of a three-year sentence, or more, for a conviction.

Technical Assistance Notice

The procedures and the extent of an assistance request and a technical assistance notice are the same. The difference between a request and a notice is that a notice requires compliance. A technical assistance notice requires a communications provider to do acts or things, as required, to help Australian Security, the Australian Security Intelligence Organisation (ASIO), and an interception agency with issues of national security and enforcing criminal laws for serious offenses.

These notices, under the new law, come with an enforcement warrant that includes a confidentiality provision. Failure to comply may result in a fine of up to AUS$10 million (about US$7.2 million) for each incidence.

Technical Capability Notice

Under this new law, Australia’s Attorney General can give a communications provider a technical capability notice. The notice requires compliance. It forces the provider to be capable of doing things that will allow it to be able to give certain kinds of help to Australian Security, the ASIO, and other interception agencies. This capability gives the Australian government what it needs for national security issues and to enforce the criminal laws of Australia and other foreign countries related to serious offenses.

This is the part of the new law that made the CEOs of major technology communication providers nearly lose their minds because it immediately brings up problems with the almost certainty of introducing systemic vulnerabilities and systemic weaknesses. This provision of the new law can force a company to introduce a “backdoor” into their technology, which makes it extremely vulnerable to exploitation.

Systemic Vulnerability

For the purposes of the new law, a systemic vulnerability is something that impacts a whole set of technologies used by a large class of persons, such as instant messages, online banking, text messaging, and real-time chats. It does not include a vulnerability that is introduced when it is selectively applied to a target of just a particular person, even if unidentified.

To understand this concept, it means if a vulnerability is able to be limited to a targeted person and does not affect the entire class of persons it is not to be considered a “systemic” vulnerability. Although the concept is clear, achieving such a targeted vulnerability, which is limited to a single person in a system with widespread use, is extremely challenging, if not impossible.

Consider this example. If there is a need to be able to hack into a device of an individual at the Australian government’s request that is not identified, it means the entire system must have this capability as part of its design.

On close examination, this provision in the law is absurd. Communication providers must have the capability to target any particular person in the group of people using the technology. At the same time, they are not forced to use a systemic vulnerability that impacts the entire group. If a target person is unidentified then it could be anyone in the group! The only way to target them is with a systemic vulnerability; otherwise, it is not possible to find their communications.

Systemic Weakness

A systemic weakness means something that impacts the entire group of users of the technology. If the technology introduced, selectively targets a particular person it is not considered a systemic weakness. A targeted weakness is possible to achieve. However, this is normally something done by the ASIO or other intelligence groups, not by a communications provider or a technology company.

An example would be to surreptitiously gain access to a targeted person’s device and install a key logger to capture information entered on that device. It is possible but it is ludicrous to require a communication provider to do something like that to one of its customers.

Under this new law, communication providers can be forced to do things that violate a particular person’s privacy but cannot be forced to do things that create systemic vulnerabilities or systemic weaknesses. Again, the problem is that needs to have the capability to target any individual out of a group of millions or up to billions of people, means needing to have the capability to target any single person in that group. The mere existence of this capability is, by definition, a systemic weakness.

Designated Communications Provider

The definition, under the new law, of a designated communications provider is immensely broad. Besides the obvious impact on Australian-based companies and those having physical operations in Australia, it also includes any telecommunication carrier, system, intermediaries, service providers, equipment, and any electronic services, including any websites, used by one or more persons in Australia.

By this definition, the investigation of any global system by an officer of the ASIO automatically means that at least one person in Australia is using the system. This provision of the law already caused a global reaction that generated statements from many companies domiciled in other countries besides Australia, saying that Australian laws do not apply to them.

The Technical Paradox of Encryption

Encryption only works if there is no backdoor capability to get around it. In a seminal academic white paper entitled “Key Under Doormats,” published on July 7, 2015, by Professor Harold Abelson of MIT along with the input of 14 peers, the strong evidence-based case against forcing an insecure vulnerability into encryption schemes is clearly presented. Giving the Australian government access to private conversations is the same as, by design, creating an invitation to exploit this access, which makes the entire encryption scheme vulnerable.

Conclusion

The new Australian legislation makes the Australian government seem like wanting to join the ranks of totalitarian governments like Russia, China, and North Korea that have made the use of encryption illegal in those countries. The unintended result may be a global backlash against Australia. This may leave the country in technological isolation from the rest of the world.

It is not only criminals that use encryption. Many find that unbreakable encryption is useful for all kinds of important private transactions such as online banking and financial exchanges. People have the fundamental right to secured communications for many valid reasons. For example, encryption can prevent the loss of many billions due to cybersecurity breaches, protect private medical records, and prevent the theft of intellectual property.

Allowing any government the ability to get around encryption means that criminals will likely find a way to get around it as well. It is quite possible that there are criminals working for the government too. In other words, the new Australian law might actually help criminals when considering the total impact.

The trend in most of the rest of the world is to use more robust encryption, not less. Hopefully, when the Australian legislators come back into session they will have time to give these issues a much more detailed evaluation and add many amendments to improve this seriously-flawed bill.

The Most Common Errors Local Businesses Make When Hiring an IT Consultant

Hiring an IT consultant

Hiring an IT consultant

Hiring an IT consultant is a proven method of boosting small to midsize businesses beyond their current capabilities. Rather than hiring full-time employees or tying up internal resources, businesses can allow an IT consultant to do some of the heavy lifting. That’s not to suggest that hiring an IT consultant does not have some pitfalls. Here are some of the most common errors that local businesses can avoid when hiring an IT consultant.

Rushing the Process

Hiring an IT consultant should be something that a business carefully plans for, rather than trying to pick one in an “emergency” situation. Take your time and conduct a proper candidate search. Vet IT consultants the same way that you would when hiring for an important management position.

Not Hiring an IT Consultant

A surprising number of businesses start the process of researching IT consultant firms and then decide they can do it all in-house. Contracting with an IT consultant is about business growth. Shuffling the routine tasks that an IT firm can handle off to internal employees can drain morale and waste the talents of staff who are better-suited to other aspects of the business.

Failing to Assess Business Needs

“Why are we hiring an IT consulting company?” needs to be a question that local businesses ask before signing a contract. Any IT consultant that a business is considering should be able to help assess any IT difficulties it has and provide an honest assessment of its plan to fix any issues or improve them. This will help a business to avoid paying for unnecessary services. Another great question to ask is, “What is your exit strategy in the event that we outgrow the need for your services?”

Not Protecting Intellectual Property

When a business does hire an IT consultant firm, it essentially hands it “the keys to the kingdom.” An IT consultant will have logins and passwords to virtually every aspect of the business. This is why the protection of the company’s intellectual property should be of paramount importance in the hiring process. If a substandard and unethical IT firm ends up in a dispute with the business, its entire network could be held hostage. Establish clear and firm rules regarding the handling of intellectual property, just as you would with any other outside contractor.

Not Having a Detailed Contract

A detailed contract that both the business and the IT consultant agree upon is vitally important. The contract can cover costs, number of hours of weekly or monthly service provided, goals and milestones to meet, deadlines, expectations if goals or deadlines are not met, annual price increases, and who pays for unforeseen outside services when they arise. Getting all of the expectations laid out ahead of time can lead to a successful business relationship with an IT consulting firm.

Not Choosing the Right IT Consultant

The world of IT consultant firms is expansive and yet there is a lot of specialization within the field. It’s not a field where “one size fits all”local businesses. Make sure that the IT firm you sign a contract with has the specific skills required to meet the specific needs of your business. If you’re hiring an IT consultant on a temporary basis, the problem they’re trying to fix will be resolved that much faster if they have the right skills for the job.

Not Interviewing Multiple Consultants

Talk with multiple IT consultants before selecting one. Treat the process just as you would when hiring for an important full-time position. A business should take the time to interview multiple candidates before making a selection. Is the IT consultant you’re hiring the right one to meet your business needs? This is an important business relationship and it should be approached as such.

Forgetting about IT Training

The regular full-time employees of a local business are the ones who will be using the resources and solutions provided by an IT consultant. Do they know how to use the solutions that are being provided? Before hiring a consultant, ensure that they agree to provide regular training for your staff on how to use any new or improved systems.

These are some of the most common errors that local businesses can make when it’s time to expand by hiring an IT consultant. A business can benefit tremendously when it hires the right IT consulting firm and has clear goals and expectations going into the relationship.

Hacked: The Australian Emergency Warning System — Is Your Business Next?

Australian Early Warning Network

Australian Early Warning Network

In Australia, citizens fear a terrorist attack or another national emergency just as much as the next country. For this reason, Australia has what’s called the Early Warning Network or EWN for short. Recently, a hacker was able to breach this system and took it over. The result was terrible in that it caused widespread panic. But it was also catastrophic in that it lessened the confidence Australian citizens have in their Early Warning Network system.

A Breach of Australian National Security

The breach of the EWN occurred on January 5, a Saturday evening. Hackers had somehow breached the EWN system and sent out an unauthorized alert to thousands of Australian citizens. Today, experts at the EWN have confirmed that their system was hacked. They say that an unauthorized individual somehow obtained login credentials for the system. Some of the EWM’s customers received a spam notification. The notification went throughout the entire country of Australia.

The notification read:

“EWN has been hacked. Your personal data is not safe. Trying to fix the security issues.”

Also in the message was an email address. The email address was alongside a prompt that users could unsubscribe to the EWN service. In addition to being posted on the website, the message was also sent through landlines, via text, and over email. Throughout Australia, tens of thousands of individual citizens use this service to get information from the government. All levels of the Australian government use EWN.

Right away after the attack, EWN understood that there was a breach in their security. They sent out a message and posted it on their Facebook page. It read:

“At around 930pm [A]EDT 5th January, the EWN Alerting system was illegally accessed with a nuisance message sent to a part of EWN’s database. EWN staff at the time were able to quickly identify the attack and shut off the system limiting the number of messages sent out. Unfortunately, a small proportion of our database received this alert.”

Contrary to what the original message from the hacker said, no one’s personal information was compromised. Only white page information could have been accessed, such as basic address information. Representatives from EWN also stated that some local, state, and federal government agencies were affected by the hack, but not all clients who subscribe with EWN were affected.

EWN was able to regain control of their services directly after the attack and are investigating the issue to prevent further breaches.

The Importance of Fortified IT Security in an Age of Rampant Cyber Hacking

It is common knowledge that the majority of businesses — no matter whether they are private, publicly funded, government related, or otherwise — are at risk of being hacked. Furthermore, hackers from around the globe are improving their techniques for accessing your private data and information.

This often begins with breaching the system by obtaining login credentials from individuals who already work or subscribe to a specific company, business, organization, or government agency. Naturally, this information is not given up willingly. Instead, it is obtained in a conniving and sneaky way so that the person giving up the login information doesn’t realize what they’re doing. Email phishing and phone call phishing are the top two ways that hackers obtain login information.

Chances are, your business organization is not completely safe from cyber hacks like the one that happened to EWN. Consider hiring an outsourced IT service provider who can improve your company’s security and prevent breaches from occurring.

How To Create Org-Wide Groups in Microsoft Teams

Microsoft Teams

Microsoft Teams

As technology improves, so does the way professionals use their programming to increase productivity and efficiency. At one time, emails were the preferred communication between colleagues simply because it was the new form of a written message. Over time, people came to see email as being a bit clumsy for informal messaging, as social media and SmartPhones introduced text messages and chat rooms. You wouldn’t send your roommate a formal email to ask whether to pick up an extra coffee on your way home, likewise, it makes more sense to send a text to ask if there are any specific topics to be addressed in the upcoming meeting.

Why Create Teams

The fact is, teamwork relies on communication, and teamwork is a vital aspect of how an office functions efficiently. The definition of your team might vary over time, as it is on one level the entire office staff, but it might also reference your department, or a group of people within that department who are working together on a project. By using Microsoft Teams in conjunction with Office 365, you can quickly choose who to share information with, whether it’s a quick message or a formal document. Unlike email, you can easily choose the team to share with rather than sending the message to everybody on your contacts list who doesn’t need to know about it, or alternately, accidentally leaving someone out who does need to be informed.

Recommended Settings

Like other software, Microsoft Teams has recommended settings which have proven to work best for most offices. The most common initial setting allows only team members to post to the general discussion. This can allow people outside the team to view what’s going on without cluttering up the discussion by adding their own thoughts to a project they may not be working on. Outsiders can still message individual team members with relevant information, and then the member can decide whether it is important enough to post for further discussion. Another way to keep the conversation crisp without unnecessary clutter is to turn off the “@team” notification. Although not a setting, it is important for the team owner to remove accounts that no longer belong, as they no longer need access to your org-wide team.

Conclusion

Microsoft Teams really is a great new program which is changing the way office communication is handled. Although it is much more than social media, to an extent it uses such a concept to bring the ease of communication such sites have incorporated into a professional setting. It makes it easy to share information with the people who need it, without giving it to people who have no interest or leaving anyone out of the loop who does need to know.

4 Rock Solid Reasons Why Outsourcing Your IT Support Is A Smart Move

Outsourcing IT Support

Outsourcing IT Support

As a business owner, one of your most pressing concerns should be improving the technology that drives your business.

There are so many reasons to care about your company’s IT. Here are just a few:

  • Your customers and clients will inevitably want better technology
  • Your employees need to do their jobs
  • Cyber hacking is a mounting threat
  • The advance of programming and storage services is getting hard to keep up with

Knowing this, you’re saddled with an important question: Will you hire an in-house IT department or will you outsource?

In this article, we’ll be making the case for the latter. Outsourcing IT is simply the way of the future. An increasing number of businesses and organizations are finding that it gives them more freedom, saves them money, and improves their technology by leaps and bounds. There are nearly no drawbacks.

If you still need more convincing, we get it. Below, we’ve listed the top reasons why outsourcing your IT is a wise move for any business. But first, let’s talk about what outsourcing really means and how to find the best IT service provider in your area.

What does outsourcing IT really mean?

As with any other type of outsourcing, outsourcing IT simply means hiring a separate company to handle your business’s IT services. They’ll be there when you need them, and watching your network and systems around-the-clock, ready to jump on any issue that arises.

Furthermore, the business you’ll hire only focuses their services on IT. All of their technicians will work full or part-time providing better IT for other businesses (like yours).

Some IT companies help specific industries. For example, one IT company may focus solely on assisting medical providers with the best quality IT services. They will know the ins and outs of cybersecurity measures for hospitals, doctors’ offices, and emergency care centers. Other IT companies have an even more specific subset of customers. For example, there might be an IT company who only handles the IT services for dentists.

This specific focus on a unique industry allows these companies to know everything there is to know about the industry. Of course, this benefits you, the business owner, most of all.

Generally speaking, outsourcing is a way for you to only use the IT services that you actually need from a professional IT company. Most of the time, IT service companies provide different tiers of service so that you can choose the amount of care you’ll need for your business. Companies that offer these services are particularly called MSPs or managed service providers. They do not work directly for your company in that they are not on your payroll, nor do they have offices within your business. But they completely manage your business IT services.

As your business grows, you may go up a service level tier. This will be up to you and the contract you form between you and your IT service company.

How do you locate an IT service provider?

If possible, you want to find an IT service provider who caters to your industry specifically. Again, not all IT companies provide services for a particular sub-industry, but this is common in many industries, such as the following:

  • Law (lawyers and legal practices)
  • Hospitals and medical practices
  • Dental practices
  • Schools, colleges, and universities
  • Manufacturers
  • Transport companies

When you find several IT support companies who fit the bill for your particular business, make sure to interview them. Ask them the important questions. Here’s a list to get you started:

  • How long have you been in business?
  • What types of businesses do you primarily serve?
  • How many businesses are hiring you right now?
  • Can I speak to any of these businesses? Or to past clients who were happy with your service?
  • What levels of service do you offer?
  • What do your contracts look like?
  • What type of service am I going to get if I have a troubleshooting problem and need help immediately?
  • Will someone specific be managing my account?
  • What types of service don’t you provide? (Often, it’s better to ask what services are not included.)

Top reasons why outsourcing IT services is a great idea

Hopefully, you’ve already been convinced as to why outsourcing IT is smart for virtually every type of business, but let’s break down the specific reasons below:

1. You’ll save money: You won’t be paying an in-house IT team to do nothing, waiting for you to need their assistance.

2. You’ll have access to the best talent: IT companies only do IT. They hire professionals who love technology and staying up-to-date with the latest advances in cybersecurity, software, and hardware.

3. Ideally, you’ll find a niche company who only serves your industry: Again, if you are in one of the larger industries that IT companies may focus on, you’ll have unique care for your business that you won’t find anywhere else. These companies know everything there is to know about the programs and software that you use internally and with your customers.

4. You’ll improve your security by leaps and bounds: In this day and age, hackers are coming up with all new ways to attack your online stored data, steal your information or hold it ransom, and take down your business. A professional IT service company knows how to combat these hackers and stop a breach of your security, ideally before it starts.

Looking for an IT company in your area?

As you start the search for IT companies and managed service providers in your area, be sure to talk to other businesses and organizations who outsource their IT. You can also search the web and start reading reviews of MSPs or IT service companies in your area. Often, these companies work from a central location in a city, but if you are in the suburbs or the outskirts of a larger city, most managed service providers will include you in their service area.

Doing your research is always wise when it comes to outsourcing. While hiring out your IT services is definitely the way to go, the outcome will also depend on how much effort you put into finding the best company for the job.

How Does Outsourcing IT Help Fuel Business Growth?

Business Growth

Business Growth

You already know what IT stands for: information technology. What you might not know is that most companies have a pretty poor grasp of how best to put IT to work for them.

Why? For the simple reason, that too few businesses take the time to consider the best approach to managing IT needs. They assume it’s as simple as keeping the computers running and the network humming, but that’s not it at all. Not by a longshot.

Actually, the nature of your IT setup has a significant bearing on the efficiency, productivity and profits of your company. By outsourcing your IT needs to an expert, you can majorly fuel your business growth today.

Outsourcing Is a Time-Tested Model

The first obstacle to overcome in using outsourced IT as a means of cutting costs and increasing profits is fear. Many people, unfortunately, are intimidated by taking this critical step.

Outsourcing IT is nothing new though, explains Business.com. “What started as a novel practice of U.S. companies sending IT jobs to India in the 1990s has now become a $88.9 billion industry that connects businesses with IT experts worldwide, from Belarus to Argentina.”

It’s not just big businesses, either: “Companies of all sizes make use of this service to cut down on costs, bring innovation into the business and open up more time to focus on core operations.”

In other words, this is a well-established business model that companies the world over are using the pad out their bottom lines and streamline their workflows. With time-tested results across companies and industries, there’s no reason to fear it – and that’s just the beginning of the benefits.

You No Longer Rely on a Break/Fix Model

Most businesses have a small IT staff on hand. Depending on the size of the company, that might mean a dozen personnel members, a single employee, or Richie over in accounting who is “pretty good” at troubleshooting network problems.

Now, that’s not to say that you can’t have your own staff and get along fine. But in this “break/fix” model, you’re waiting for something to go wrong before you respond. That means you could potentially suffer a breakdown during a seriously important time (Black Friday or April 15th, for instance), which would dramatically affect your bottom line.

It also means you have relatively little ability to forestall those breakdowns. Without the in-depth knowledge that comes from being steeped in the IT profession, you can’t predict coming obstacles and work around them before they become an issue. As you might expect, however, companies that manage IT for you can do just that.

Outsourced IT Can Help You Grow Intelligently

An unfortunate side effect of rapid growth, many businesses find, is that they quickly bloat their existing infrastructure and aren’t sure where to go from there. For instance, the number of orders coming into the system exceeds your ability to manage those orders. Or the number of new products creates a need for a vastly more agile website, but you haven’t created it yet, resulting in backlogged orders and emails.

Those are just a few examples, but they highlight an important point: Without an IT expert in your midst, your information technology fails to grow with your business. Instead, it can only hurry to catch up later on – at which point you might have ticked off many of your formerly enthusiastic prospects.

You can avoid that when you worked with outsourced IT professionals. They know exactly how to plan for changes coming down the pipeline and adjust your systems to accommodate them upfront. Next time you roll out a new product, for instance, they can adjust the infrastructure to handle additional orders. Or they might help you speed up your system at a crucial time – again, Black Friday and Tax Day come to mind.

Whatever you need, they can help you see it coming and respond intelligently, rather than just waiting for the worst to happen.

You Can Focus on What You Do Best

If you’re reading this article, then money says you’re not an IT expert. You are an expert in your niche industry, which is why you started a business in the first place. Logically, your best bet for growing your business is to continue focusing on what makes it thrive. That might mean:

  • Rolling out new products and services to keep your existing customers happy and bring on new ones
  • Creating value-added extras to make your products more appealing
  • Educating yourself, your employees and your customers about the nature and benefits of your products and services
  • Appearing at trade shows, attending conventions or throwing events to increase the awareness of your business
  • Negotiating new partnerships with others in your industry

As you can see, “Stopping in the middle of your busy day to fix a finicky router and get the finance department back online” is not on that list. That’s because it does not add measurably to your business growth. At best, you can address the issue quickly so that it doesn’t dampen your workflow.

An IT company, on the other hand, can help you avoid that altogether. They can take care of the issue – or even better, stop it from happening in the first place – while you focus on what made your company great in the first place: interacting with VIPs, attracting clients and customers, innovating.

The takeaway? By turning your IT needs over to a true professional, you can stop worrying about whether you’re “doing it right” and start focusing on what you do best. Say goodbye to the days of confusion, anxiety and technical failure, and hello to a new era of productivity and growth now.

How Can Managed Services Benefit Local Businesses?

Managed Services Provider

Managed Services Provider

Using Managed Services is really about smartly growing your local business, especially if that business relies on technology to any degree. A Managed Service Provider (MSP) is a third-party contractor that partners with your company to do exactly what its name suggests: It manages a service or services for you, usually in the area of IT. Most MSPs provide services for a fixed monthly amount, so there are no budgetary surprises involved.

Options Provided by Managed Services

As the MSP sector has grown and improved over the years, the choices available for local businesses have increased as well. Your company may need an MSP for only a single purpose — such as tech support for a shared wireless printer — or for a host of reasons. You will likely be able to find a Managed Services Provider that will offer a customized and affordable plan to meet your business needs. Here are a few of the options available.

  • Data storage
  • Onsite or offsite tech support
  • Backup & recovery services
  • VoIP phone services
  • Remote monitoring
  • Compliance services
  • Risk assessments
  • Monthly reports
  • Secure data centers
  • Private and/or public cloud services
  • And much more

Advantages of MSPs for Local Businesses

Outsourcing IT tasks to a Managed Services Provider can give local businesses access to state-of-the-art services without a significant investment of capital. A company with an upward trajectory may not be ready to hire its own full-time IT staff to manage these tasks. Most small business owners can imagine the potential headaches that are created by hiring a lone IT staffer; when that person gets sick or quits, it can be crippling in the short-term. With that in mind, here are some of the significant advantages that an MSP can offer a local business:

  • Improved Productivity: MSPs can improve productivity on both the technology side of your business and the human resources side. An MSP will reduce the overall expenses for a company, by avoiding the need for a full-time IT staff. Most MSPs also specialize in keeping technology upgraded when and where it needs to be done. For example, server upgrades may need to happen when data storage needs for your business increase. One of an MSP’s duties might be to monitor that situation and ensure the upgrade occurs before that point in time arrives, negating the need for downtime.
  • Freeing up Internal Resources: Many IT tasks are routine, mundane events — but they are vitally necessary for a business. These tasks can be morale-killers for full-time staffers who want to be working on the latest new project for the company. While these routine tasks are necessary, they are likely not the optimal way for your best employees to spend their time. Having an MSP carry out everyday tasks makes excellent sense from this perspective.
  • Improved Communication and Collaboration: Managed Services can provide the infrastructure needed for your employees to collaborate and communicate better. Downtime on projects can be reduced, for example, by having an MSP provide private cloud services combined with VoIP business phone services for your employees or even clients. Improved communications services can lead to faster production times and better product management.
  • Reduced IT Budget: This is one of the most significant advantages for local businesses when it comes to using a Managed Services Provider. As just one example, imagine the costs of maintaining your own on-site servers for business. This requires a full-time staffer to monitor and manage the servers; the servers take up physical space within your property, and it will even cause a significant bump in the monthly electric bill for your office. Utilizing an MSP makes excellent business sense because it frees up budgetary expenses that can be effectively managed for a fraction of the cost.
  • Added Stability and Scalability: You don’t have to worry about staffing turnover when you sign a contract with an MSP to handle IT services. An MSP lets you know that your business’ IT services are stable and continuous. Likewise, when your business is ready to scale up, you have two options: Have the business pay for added equipment, upgrades, staffing and more, or hire an MSP to do it for far less money. An MSP can allow you to dramatically reduce costs at the right time when you’re ready to expand.
  • Customized Plans: Many MSPs provide package deals that are based on the number of services required, the number of devices covered, the number of users on your network, or a combination of these factors. These are frequently offered in tiered versions so that smaller companies with fewer IT needs can still utilize the services. Many will also offer an “a la carte” pricing structure based on your individualized needs.

Utilizing a Managed Services Provider can give local business owners peace of mind by reducing costs and providing state-of-the-art services that they might not otherwise be able to afford. Most important of all, an MSP can allow you to maintain a sustainable business growth pattern without breaking the bank.

The 2019 Guide To Securing Microsoft Office 365

Securing Microsoft Office 365

Securing Microsoft Office 365

The importance of fully securing Microsoft Office 365 cannot be overstated. Recent statistics show that a hacker attack occurs every 39 seconds. Government agencies and retail, technology and healthcare industries are among the most popular targets, but the truth is that cybercriminals are more than willing to hack into any vulnerable business to obtain valuable customer information and company data.

Thankfully, Microsoft offers an array of tips and tools to help businesses and individuals keep Microsoft Office 365 fully secure. There are also some practical steps a company can take to maintain a high level of security at all times. Following is a comprehensive overview of steps any business can take to fully secure Microsoft Office 365 in 2019.

Use Multi-Factor Authentication

Microsoft highly recommends setting up multi-factor authentication, and it’s not hard to see why as it is perhaps one of the most natural yet most effective ways to protect a Microsoft Office 365 account from hacks. With multi-factor authentication in place, employees will be required to not only type in a password but also acknowledge a text message on their phone to access the company account. Using multi-factor authentication ensures that valuable company data is not compromised if an employee uses an easy-to-guess password and/or leaves the company password written in a visible location. While it is crucial for employees to understand the importance of using strong passwords, a compromised password on its own would not enable a malicious third party to access your data as one would need an employee’s phone as well to gain entrance into the Office account.

Use Administrative Accounts with Care

An administrative account provides managers and executives with additional options, privileges and security features to keep Microsoft Office 365 safe from unauthorized access. However, it is crucial for administrative accounts to be used with care or they can cause more harm than good. Following are some steps every business should take to protect admin accounts from breaches:

  • Set up regular accounts for each admin user. Admin users should utilize their regular account for non-administrative tasks and reserve the admin account for functions that cannot be completed with a periodic report.
  • Have admin users close all unrelated browser sessions and apps before logging onto an admin account
  • Instruct admin users to record out of the admin account after each session.
  • Provide clear guidelines regarding which data can be viewed and downloaded using an administrative account.
  • Use a Cloud Access Security Broker (CASB) to monitor admin user actions. A CASB can detect high-risk activities involving sensitive data and identify unauthorized admin account access attempts.
  • Immediately shut down admin accounts for administrative users who leave the company.

Secure OneDrive

OneDrive has much to offer any business. It enables users to synchronize data across various devices as well as share files with other users. Unfortunately, OneDrive can also provide hackers with easy access to company files. It is not uncommon for employees to download files from a secure OneDrive account only to save the data on an unsecured cloud account or personal device. To prevent this scenario, companies should clearly mark files that should not be downloaded from the OneDrive account. It is also essential for the IT department to:

  • Know what data is being uploaded to and downloaded from OneDrive
  • Be aware of which users have access to information
  • Know which files or folders have shared links
  • Be able to see which devices are being used to access the company’s OneDrive account and pinpoint the geographical location of the devices in question

Protect Email Communications

Every company should use all the tools that Microsoft Office 365 provides to protect the company from email-based threats. The Office 365 Security & Compliance Center enables admin users to block certain types of file attachments that are commonly used for malware or ransomware. It also allows managers to enable Advanced Threat Protection to check email attachments for malware. This protection extends to files in OneDrive, SharePoint and Microsoft Teams, protecting employees who use cloud-based software from breaches.

Furthermore, Office 365 Security & Compliance Center can be used to create an Advanced Threat Protection plan that will stop email phishing attacks

The Office 365 admin center enables IT, professionals, to set up pop-up warnings for employees who are about to download an email attachment. The warning, which clearly states that employees should not open certain types of files from users they do not know as the files may contain malware, can prevent devastating consequences should an employee click on an attachment without thinking. This handy tool also makes it possible for companies to choose which types of files activate a pop-up warning, thus creating an efficient work environment for employees who can freely access safe files without automatically opening ones that could potentially be harmful.

The Office 365 admin center also has tools that can enable companies to disable auto-forwarding for emails. Many hackers who gain access to one company account use this account to automatically forward emails in an attempt to gain access to other user accounts. The emails can be forwarded without the compromised account user being aware of what is going on, making it impossible for him or her to put a stop to the forwarded emails. By disabling auto-forwarding, companies can limit the damage caused should a malicious third party compromise an Office 365 account.

It’s also wise to enable Office Message Encryption. The program is included with Microsoft Office 365 and can be enabled in Outlook for PC. The encrypted email message program allows users to send encrypted emails both inside and outside the organization and it works not only with Outlook but also common email platforms such as Gmail and Yahoo Mail.

Provide Employee Training

An astonishing 95% of all breaches happen due to human error. Busy employees who are unfamiliar with IT guidelines can make deadly mistakes that will cost companies millions of dollars to rectify. Alternatively, many employees who are familiar with IT security procedures may disregard them because they are time-consuming to comply with or because they do not understand the importance of these guidelines in the first place. It is imperative for every single company to provide its workers with comprehensive, ongoing security training to keep systems secure at all times.

What type of training do employees need to fully secure Microsoft Office 365? Following are some important points that should be emphasized:

  • Never use personal devices for work-related tasks. It is all too easy for company employees to merge work-related and personal matters. Important company files may be downloaded onto an unsecured personal laptop, which is then unknowingly breached. A personal smartphone containing valuable business data may be stolen, compromising the company by exposing vital data. Additionally, employees should never email company files to their own personal email account. Many employees do this to work on holidays or on the weekends; however, this move exposes company data to hackers who may be able to access a personal Gmail or Yahoo email account with a weak or easy to guess password.
  • Work devices should never be used for personal matters such as checking a personal email account or social media site. It is all too easy for employees to compromise a company’s entire network by downloading a malicious attachment from a personal email account or social media site.
  • Employees should be taught the right way to communicate with colleagues and superiors. Internal communications should be secure and follow proper protocol to prevent important data from falling into the wrong hands. Employees should also be taught how to spot fake communications ostensibly from management but actually sent by a hacker attempting to access company data.
  • Knowing how to back up important data is yet another aspect of employee security training. Data should be backed up regularly yet in a secure manner so that unauthorized third parties cannot access files as they are being copied to or from a cloud server.
  • Companies should also create a plan for handling a malware, ransomware, DDoS or any other type of cyberattack. Even the best Microsoft Office 365 security guidelines cannot guarantee that an attack will never occur. Employees should know how to recognize the signs of an attack and what to do to limit the damage.
  • New employees will need industry-specific training on how to handle important data. Healthcare companies, for example, will need to ensure that all employees are aware of current HIPAA guidelines regarding patient data privacy. Government entities will need to train employees to handle sensitive or classified information by existing laws and regulations.

Cybercriminals are always on the job, looking for new ways to access company data from Microsoft Office 365 and then misuse this data by offering it for sale on the dark web or demanding a ransom in exchange for returning company files. Given this fact, it is important for businesses to have a plan in place to keep their Microsoft Office 365 accounts secure at all times. The tips mentioned above are an ideal starting point; at the same time, companies will need to customize their approach to Office security to ensure their files remain safe from unauthorized access. It’s also wise to re-examine security guidelines from time to time to ensure that they are still are effective and efficient as they are meant to be.

Australian Federal Police Share Top Tips To Keep Kids Safe Online

Kids Safe Online

Staying safe online is important for everyone, but especially for kids. Kids are the most vulnerable population online right now. They do not have the life experience to understand when someone is trying to use, exploit, or groom them. At the same time, they are going online in huge numbers, often spending a large part of their time online, and their parents often do not know what they are doing or who they are talking to. This is why so many parents do not know what is going on with their children online until something unsettling happens to them.

Naturally, everyone wants to make these unsettling incidents as rare as possible, and ideally eliminate them entirely. This is why the Australian Federal Police have come out with some advice for parents on keeping their kids safe online. This is sound advice that every parent should listen to and follow, because it works.

Here is what you should be doing to keep your child safe and protected online.

Know Who Your Child is Talking to Online

This is important, because so many parents have no idea who their child is talking to online, or even that their child is talking to anyone. Children today use a lot of apps on their devices, such as on cell phones and tablets, and take these apps with them when they leave the house. The apps connect directly to the Internet, but a lot of parents do not know that. Because the apps connect to the Internet, they are able to have in-app chat features that allow kids to talk online to anyone else who may be using that app.

Parents need to ask who their children are talking to, and even ask to see a list of their contacts in each app. If there is someone who is a stranger to the child and the parent that the child is talking to, this is a big red flag. It is the same kind of “stranger danger” of the past, where parents wanted their children to not talk to strangers in person without parents there. This time, the big “no” is for children to talk to strangers online without their parents being aware of the identity of those people.

If your child is talking to someone you do not know, you need to instruct your child to not talk to that person anymore. If the child will not comply, or if the stranger continues to contact your child, you must block that person on the app.

Know How to Block and Report

If you do not know how to block someone on an app, or report suspicious behavior to the owners of the app, now is the time to learn, because your child’s online safety may depend on it. Your child probably knows how to do these things, but you as a parent still need to learn, because it will usually be up to you to do the blocking and reporting. Have your child show you how, use an online tutorial to learn, or learn with your child if your child does not already know how to do these things.

Then, block any strangers with whom your child is communicating, and report any suspicious or inappropriate conversations to the owners of the app. Most of the time, the owners will look into it and remove access to the app from anyone they believe has been using it inappropriately. If they do not, the blocking feature can still keep your child safe. If all else fails, such as your child unblocks the person and continues talking to them on the app, you will have to delete the app from the child’s devices and block them from re-downloading it.

Let Your Child Know They Can Come to You if Something Suspicious is Going on Online

Most children have a very excellent sense of when someone is acting suspiciously or inappropriately with them online. Naturally, there are some children who are not aware of this, but most will know if something online is not as it should be. However, they may not know how to handle it on their own, or they may think that you will be angry with them for letting it happen if they come to you with the information. You must let them know that you will never be angry with them for someone being inappropriate with them online, because it is not their fault.

Let them know, and make sure they understand, that they can always come to you if there is an online situation they do not know how to handle, or if something suspicious is going on with someone they are talking to online. Let them know you will handle it, that you will be understanding and supportive of them, that you will protect them, and that they will not be in trouble. Children will be much more likely to come to you when they need you for these online situations if you make them feel absolutely safe and in the right in doing so. A child who comes to you when they need you is a child who is much more likely to be and remain safe online.

Make a Contract with Your Child

A Family Online Safety Contract is an excellent way to always be on the same page as your child when it comes to them being online. The contract, which you and your child sign together, clearly lays out the rules of them being online on any device, and what is expected of them while they are online. You can find a pre-printed Family Online Safety Contract, as well as a blank template for one (if you prefer to write your own rules for being online) at ThinkUKnow.org.au. These contracts can be printed off your computer and signed together with your child. There are also plenty of other resources available there for parents for keeping their children safe online, including information about parental controls for online devices and how to use them to control where your child can go (and can’t go) online and what they can (and cannot) do while they are there.

When you know your child is safe online, you will feel much more secure about letting them go there without your supervision. You will be confident that your child knows good internet safety habits, and also knows what to do if they encounter problems with anyone online. The contract gives you the secure knowledge that your child knows what you expect of them while they are online. When these steps are followed, children are much safer and happier, and parents are more secure in knowing their child is a protected and well-informed one when it comes to the world of the Internet.