Posts

Posted on

6 Ways To Help You Become HIPAA Compliant

HIPAA Compliance

Tips for HIPAA Compliance (Questions/Answers)

Need a little insight into strengthening up your HIPAA compliance efforts? Check out these 6 simple steps you can take to become more compliant and secure.

No one said HIPAA compliance was easy. It’s a higher level of security and data governance that healthcare organizations have to follow – if you’re looking for help with your compliance, check out the 6 tips below.

Working in the healthcare industry means more than treating patients. In addition to patient care, your practice’s staff also has to maintain compliance with complicated, regularly updated HIPAA regulations.

However, that’s easier said than done…

What’s the state of HIPAA Compliance and healthcare security?

To be honest – it doesn’t look good.

  • 17,000 patient records are breached every day on average (HHS.gov)
  • The healthcare sector accounts for 31% of all reported data breaches (EMC/RSA whitepaper, 2013)
  • While 91% of healthcare organizations use the cloud, 47% of those are not confident in their ability to keep that data secure (Ponemon survey, 2012).

So what can you do?

If you’re even a little unsure about your HIPAA compliance, or the level of security you offer your patients and their data, what steps can you take to do better?

Try these tips…

6 tips to help with HIPAA Compliance

  1. Check for vulnerabilities in your IT network. You may need to replace aging technology and update your hardware and software. If you don’t, you may be weakening the effectivity your IT security and endangering your ePHI. We can conduct regular vulnerability assessments to detect weaknesses in your defense.
  2. Make use of the right IT security solutions. In addition to implementing a Remote Management and Monitoring and Data Intrusion Solution to detect unauthorized attempts and block them. Our healthcare IT professionals can deploy a range of vital security solutions, including:
    • Data encryption so your ePHI and EHRs are secure both in transit and storage.
    • Multi-factor authentication where your users must use two or more forms of electronic identification to access data.
    • Routine patches and updates for your software programs to mitigate any security gaps.
  3. Maintain necessary visibility into storage of ePHI and EHRs. Monitor all access and record all login attempts to respond immediately to unauthorized attempts. Our healthcare IT team set this up for you and enhance your visibility over and control of sensitive medical information.
  4. Keep records on access to your ePHI and EHRs. It’s important to keep track of any data access in order to make sure it is in line with users’ duties and responsibilities. You should only allow access to those who need the information and no one else. Your HR department will have a role to play in this respect to advise and notify you when new employees are brought onboard, changes are made in personnel descriptions, and when employees leave your organization.
  5. Develop and implement a HIPAA policy organization-wide.  This should include all aspects of the “HIPAA Security Rule” and your policies and procedures around it. For the record, the Security Rule sets standards for the handling of ePHI, which is the specific type of data the HIPAA Privacy Rule covers. This rule establishes national standards for properly securing patient data that is stored or transmitted electronically. Also, include an Incident Response Plan that designates a person or team to respond, their roles, and the steps they should take if a data breach occurs – i.e. who should be notified, including individuals and government agencies as required.
  6. Undergo a HIPAA Assessment. {company} will assess your business’ practices to determine that the following crucial guidelines are being followed:
  • if your business is compliant with HIPAA Omnibus laws
  • if your business will meet the upcoming HITECH Stage 3 proposals
  • if your business is prepared for an audit by the Office of Civil Rights
  • how your business deals with ePHI to maintain a compliance posture
  • if your business is secure against cyber risks such as hackers, viruses and other digital attacks
  • if your business meets Meaningful Use guidelines laid out by HITECH stages 1-3, as to any technical, administrative and physical risks and vulnerabilities concerning ePHI that is maintained by certified HER
  • if your staff is properly trained to communicate, proceed and act in accordance with compliance guidelines

The healthcare industry deals with the issue of privacy by continually working to guarantee all information is kept within the intended barriers.

As new technology comes into play and makes practicing medicine easier, it has the side effect of making protecting patient information that much harder. Hence the seemingly endless rules and standards meant to reassure patients that they are protected by their provider and that their personal information is kept confidential.

Neglect and carelessness lead to these standards being created, which makes implementing the best practices like these listed above a critical part of achieving and maintaining compliance.

Posted on

How Technology Can Assist CFOs and Their Expanding Job Functions

CFO & Technology

CFO & Technology

CFOs & Technology

The CFO role continues to evolve. CFOs used to be considered fairly powerless scorekeepers or merely chief bean counters, but today the role has taken on more responsibility as well as prominence.

Of course, any CFO will tell you that the old role is not unimportant, and it has not gone away. The expansion of the CFO into strategy, decision-making, and even IT oversight creates a capacity problem. How can the CFO meet all the new responsibilities without neglecting the old? Technology can assist in a number of ways.

Before we dive into how technology can assist CFOs in their expanding job functions, let’s look at what some of those expanding job functions are. Depending on where your organization is in its digital transformation, you may have already taken on some of these. If not, this overview will give you insight into what may be added to your plate in the coming months and years.

New CFO and Finance Responsibilities

The CFO has traditionally focused on finance and accounting, and these responsibilities remain both significant and important. New areas of responsibility are developing, though, including these.

Technology

The CFO role has an increasing responsibility for overseeing technology decisions and spending, along with the CIO. The entirety of the business is dependent on technology, and good choices in this area lead to dynamic transformation. Bad choices can have catastrophic results.

Future Focus

CFO and finance responsibilities are evolving from sole focus on the past (compliance and reporting) to include a future focus. CFOs are partnering with managers around the company to improve operations, and they often work with the CEO and the board to help plan company strategy.

Financial data and analytics have helped in this aspect of transformation. Another team may be responsible for analytics, but when it comes to the financial aspect of analysis, the CFO and finance team are an essential part.

Partnering with CEO

Today, CFOs partner with CEOs to develop strategy more frequently than they did in years past. While the roles remain distinct, the line is more blurry than it used to be, and the level of partnership and collaboration is much greater.

Partnering with Division Leaders

It’s more frequent than it’s ever been for the CFO to partner with division leaders or line-of-business leaders. These leaders necessarily have other focuses than finance, and they may need or seek guidance from the CFO. This guidance is sometimes finance-related and other times more generally related to business vision. The CFO also plays a role in teaching division leaders to accept financial guidance from the finance group.

How Technology Can Assist Today’s CFOs

Savvy CFOs will leverage technology to assist them in their expanding capacities. Here are a few technologies empowering CFOs and finance teams.

Big Data and Analytics

Data is more powerful than it’s ever been, and CFOs will benefit from technology solutions in this area. Powerful customer data can drive major insights into financial trends as well as business trends. Use analytics to make better-informed predictions on the future of sales. You can often get a better picture of what the customer wants by analytics than you can by traditional means like focus groups or customer surveys. These are powerful tools that can solve many problems and speed up many tasks for the CFO and the finance team.

Embrace the Cloud

Cloud-based apps can lower IT infrastructure spending as well as the need for maintenance. Many if not all the major IT applications needed by the finance team are available in cloud format, including ERP and CRM systems as well as planning and reporting systems.

Using cloud-based applications and systems allows your company to expand without having to consider infrastructure improvement. With the cloud, you’ve outsourced the infrastructure completely.

Finance leaders and CFOs are sometimes wary of the cloud, and this is understandable. Cloud-based services have had their fair share of highly publicized leaks and breaches. These have led some to question whether the cloud is really the right solution for sensitive data, whether financial or privacy-related.

The answer to this concern is twofold. First, the track record of these cloud apps is astoundingly good. Second, take a step back and review the landscape. Do you really trust that your in-house IT or infosec team is as skilled in protecting you from an internal breach as the team at a cloud service is? Your business is broad, and IT infosec is only one small component. For the cloud service, it’s nearly everything. One breach and they’d be out of business.

Mobile Technologies

While mobile technologies are most visible on the sales force and other customer-facing services (like your website), mobile can improve the quality of life for the CFO and finance teams, too. Selecting cloud apps that allow for mobile access gives additional flexibility to where and how work is done and data is displayed.

Need A Great IT Company Who Works With Top CFOs

This is just the surface of what technology can do to empower CFOs in their expanding roles. For more, or for help implementing solutions, contact us today.

Posted on

How Can Law Firms Use Microsoft Office 365’s E-Discovery Capabilities?

Legal eDiscovery

Legal eDiscovery

According to the American Bar Association, it is crucial for attorneys and e-discovery professionals to define the rules of engagement instead of leaving those details to the IT department. Attorneys are being held to much higher standards of knowledge when it comes to technology, especially in terms of electronic discovery. ABA Model Rule 11 states that attorneys bear a duty to provide competent representation for their clients, and translated into today’s language — that means a firm understanding of technology and all of the various implications. Fortunately, there are advanced tools already built into Microsoft Office 365 that can help support the needs of law offices as they create a proactive e-discovery strategy for their offices and for their clients.

E-Discovery in a Digital World

E-discovery is increasingly complex as you bring globalization and mobile platforms into the conversation. The ability for mobile phones and tablets to access even the most sensitive personal and legal data is an ongoing challenge, not to mention the ability of clients to easily share information that should have remained confidential. SMS text messages, social media chats, in-app notes — these types of interactions must all be appraised for potential inclusion in legal matters in the future. However, the information that is shared between attorneys, clients and other external parties can be more easily managed with tools from Microsoft Office that are already available to your e-discovery team.

Advanced Document Analysis in Microsoft Office 365

The electronic discovery tools available in Microsoft Office 365 are increasingly detailed and include the ability to identify content that is a near duplicate, perform predictive coding and consolidate information across email threads. While you may still need a dedicated e-discovery platform for more detailed analysis, Microsoft’s cloud-based productivity platform has many advanced features baked into the base functionality. Microsoft has been boosting their e-discovery chops with additions to the platform that will provide professionals with more of the tools that they need to wrangle and report on data and communications that will impact their various cases. Massive regulatory cases are not the only ones whose outcome may depend on a single email — there are also thousands of smaller cases that can be solved more quickly and accurately with access to the correct information gained through intensive e-discovery.

Collecting and Preserving Crucial Electronic Data

The ability to easily share information is a boon for attorneys and clients alike, as people are increasingly ready to work from remote locations and while on-the-go. Law offices must take additional measures to ensure the security and consistency of data due to these additional pressures, and Office 365 can create clean transfer records across various mobile platforms, desktops and email. Attorneys and their staff must have a firm understanding of the flow of information throughout their various systems to take full advantage of the ways they can collect and preserve this crucial electronic data.

Investing in advanced e-discovery software may be necessary, but there are many ways that law offices are able to streamline their data structures and workflow by leveraging the advanced functionality that is already available within Microsoft Office 365. Speak with your local technology professionals to better understand Microsoft’s options for improved security and deeper data insights.

Posted on

How to Copy Cells in Microsoft Excel

Copy Paste Cells Microsoft Excel

Today’s quick tech tip covers one of the basic functions in Microsoft Excel.

Watch the video below or click here.

 

Here’s how to copy cells in Microsoft Excel, plus one of the advanced copy and paste features available in the application.

Step 1: Select the Cell or Cells You Want to Copy

If you want to select a single cell, you simply need to click on it. If you want to select a range of cells—whether that’s a partial or full column or row, or a wider range—click and hold on one of the cells you want to copy and drag to the other end of the range.

You can also select an entire column or row in one click by placing your cursor outside the grid, on top of the letter or number corresponding to the column or row. Your cursor will change to a rightward or downward arrow. Click to select the entire column or row.

Step 2: Copy

To copy the selected cells, click the “Copy” button in the Clipboard section of the ribbon. In your default view, the Clipboard section is in the upper left. You can also use a keyboard shortcut to copy: press Ctrl + C on a PC or Command + C on a Mac.

Step 3: Select Destination and Paste

All that’s left is to click on the cell where you want the copied information to go and paste. If you’ve copied a single cell, simply click on the cell where the copied content needs to go. If you’ve copied a range of cells, you don’t have to select an identical range of cells to paste. Simply select the cell that’s in the upper left corner of your range.

To paste your content, click the “Paste” button in the Clipboard section of the ribbon, or use a keyboard shortcut. This time, the keyboard shortcuts are Ctrl + V (PC) or Command + V (Mac). Your content will appear in the new location, and you’re ready to move on to the next task.

A Few Notes

Now that we’ve covered the basics, here are a few warnings and advanced tips.

Formulas

If you copy a cell with a formula in it, Excel will automatically copy that formula to the destination. If this isn’t what you want, click the down arrow below the Paste button. Excel gives you a dozen or so special methods of pasting. If all you want is the raw number, no formula attached, then use “Paste Values” instead.

Overwriting Content

If you copy a range of cells, be aware that pasting that range will overwrite anything in the destination range. Make sure you have enough space there and won’t lose any important data.

Copy Paste Cells Microsoft Excel

Posted on

How To Show PowerPoint Slides In A Microsoft Teams Meeting

Microsoft Teams and PowerPoint

In today’s tech tip, learn how to make the most out of your Microsoft Teams meetings by showing PowerPoint slides directly in the virtual meeting window.

Watch the video below, or click here.

 

Microsoft Teams is a powerful collaboration tool with a deep, rich feature set. One of the great features in Microsoft Teams is the ability to turn calendar appointments into virtual video or audio meetings directly in the app. We’ve covered how to do this before, but did you know you can show Microsoft PowerPoint slides right inside your Teams meeting? We’ll show you how in today’s tech tip.

Step 1: Launch or Join a Teams Meeting

To launch or join a meeting in Teams, click on the Meetings tab (on the desktop app, this is on the left side of the app). If your organization uses the Outlook calendar, Teams will pull that data into the Meetings tab. You should see a list of meetings here.

If you’re joining someone else’s meeting, you should see it in the list. Simply click “Join”. If you’re launching your own, click “Schedule a meeting” at the bottom of the column. Fill in the relevant details and pick a time. (It can be right now, if you need.)

Bonus tip: If you’re the one scheduling the meeting, make sure to invite the relevant teams or people. Use the Scheduling Assistant to see when your participants are free.

Step 2: Find and Click the Share Button

Once you’ve joined a Teams meeting (either as host or participant), you’ll see a set of buttons whenever you move the mouse. The video camera and microphone are fairly self-explanatory, but the button that comes next is a little less obvious. It looks like a rectangle with an up arrow in it. This is the Share button. Click it to bring up the Share menu.

You can share all sorts of things, but PowerPoints are what we’re after here. You’ll see a section with some suggested PowerPoints. Microsoft attempts to guess which OneDrive or SharePoint files you might want, but if it fails to suggest the right ones, you can always navigate yourself by clicking “Browse”. Click on the file you want, and it will launch into the Teams meeting.

How Presenting Works

Now that you’ve launched your PowerPoint presentation, be sure to understand how presenting works. You can toggle through your slides as you move through your presentation, just like you would in an in-person meeting. If you’re not the presenter, you can even toggle backward or forward through the slide deck without disturbing the presenter. This is handy if you need to move back to a previous slide and copy down information (or see what’s coming up if you need to time a restroom break!).

Sharing PowerPoints within Teams is a great way to keep up engagement in virtual meetings. Use this tip in your next Teams meeting and increase the value to all participants.

Microsoft Teams and PowerPoint

Posted on

Shopping For a Retail POS System?

Shopping Retail POS System

Whether you are starting out or ready to upgrade, there is a lot to consider when you’re shopping for a retail POS. These topics will help accelerate your research.

Shopping Retail POS System

In a retail business, the selection of your point of sale software and hardware is a crucial one. You need to know that your selected vendor is trusted, reliable and will be there for you — and that the POS solution will be easy to use and fully compliant with all applicable laws. With so many different point of sale systems on the market, how can you be sure you’re making the right choice for your business? There are some key considerations that you will want to keep in mind as you’re researching the various solutions such as your projected growth rate, the level of support that you can expect to receive and how the system will integrate with your current marketing or customer relationship management solutions. It’s crucial that you take the time to fully understand your options before signing a contract because a poor selection could have a ripple effect on your organization. Here’s what you need to know when you’re shopping for a retail POS system.

Review Your Budget and System Needs

There are some systems with some pretty hefty bells and whistles, but is that what you really need for your business? Just as with any technology solution, you want to “right-size” your requirements to be sure you’re considering systems that will meet your needs both now and in the future without a lot of pricey functionality that will not be used in your stores. Even if you’re just starting out in a rented space, what are your plans for expansion in the future? While that extra-fancy reporting software may be great for larger businesses, is it truly providing you with the value for the additional cost? Force yourself to justify each addition to the scope — but don’t scale back on basic requirements for your business.

Proactive Support During Onboarding is Imperative

It is all too easy to make an uninformed decision during the initial configuration of your POS system that could severely limit the way you are able to leverage the platform for your business in the future. When you’re considering a new POS system, be sure you are meeting the team that will physically do the onboarding, initial setup and training — and you need to be fully comfortable that they understand your current (and future!) business model and needs. Once your system is fully configured and operational, it can be much more difficult to change settings that are core to the utilization of the platform. While some changes are relatively straightforward (adding a new product or updating a price) others could require a significant investment in consultant time, testing and training before you can trust that the changes have been made correctly.

Aggressively Limit System Complexity

The word “aggressive” can have some pretty negative connotations in business, but it’s truly needed in this instance. Everyone from your staff to vendor sales teams will be pitching you on the relative value of additional functionality. Unless you are able to tie this directly back to a quantifiable business gain, resist the temptation to add complexity to your system. When you start with a system that is simple yet scalable, your ROI will be recognized sooner and you may even reduce employee frustration with the new system. Change is difficult for people, so anything that you can do to ease the transition will help soothe the nerves of unsettled staff members. When possible, consider a longer-term roadmap of development and ensure that your selected system will fulfill the future needs of your business as it grows.

Consider Integrations Possibilities

While it’s impossible to know what types of integrations you may want in the future, there are a few basics that you’ll want to consider such as how well your new POS system will work with your customer relationship management (CRM) software. Your customers are an integral part of your business, and capturing their purchases and needs allows you to serve them more effectively in the future. Other potential integrations include with your cloud storage solution, shipping management systems, inventory, communications and more. As you’re building the infrastructure to support your POS system, it’s important to review whether your telecommunications platforms and internet bandwidth are up for the challenge.

Robust Batched or Real-Time Reporting

Do you want to receive automatic reports about your business on a regular basis? Are you interested in configuring the reports that you receive, or are you happy with what comes out of the box? When you need new reports, will you have to engage consultants, or will you be able to do some simple report changes internally? Consider gathering copies of any current reports that you’re using or taking the time to detail the types of reporting you’ll need in the future before you begin your search. That way, you can share these details with the sales teams for your potential POS systems to determine the level of reporting that will be possible in the various systems.

Flexible Payment Processing

Have you considered all the ways that your team can accept payments, and does your POS system need to allow for tipping, printing or emailing receipts? An emailed receipt is a great way to continue a conversation with customers that started in your store. Customers want their receipt, so they are likely to give you an active email address for that reason. With proper opt-out procedures and messaging, you’ll then be able to communicate with these individuals in the future.

Finding the ideal POS system for your business may take some time, but doing the upfront work of research and to define your requirements will allow you to make a solid decision for a system that will serve you well in the future. Your POS system is a key element of your business operations, and finding a solution that is flexible, includes adequate reporting capabilities and can integrate well with other business systems will have your revenue humming!

Posted on

Can CMOs and CTOs Unite?

CMO and CTO Reunite

Learn about the importance of CTOs and CMOs uniting their efforts to create optimal outcomes for their companies. You can make business better by uniting.  

CMO and CTO Reunite

Considering the vital importance of digital touch points—including mobile and Web interactions—for the success of most businesses, there has never been a time where it was more necessary for CMOs and CTOs to unite. But what about the way things have been done for so many decades, with CMOs and CTOs occupying very different areas of the organization? Well, the times are changing, and it is up to business leaders to change along with them. It’s that or risk being left behind by the competition.

CMOs and CTOs Must Unite

Technology is the through-line that connects every aspect of today’s businesses, especially when it comes to management and the creation of content. Data is the foundation for all decisions in the modern business environment, which comes from the core technologies utilized by every organization. Leveraging technologies allow businesses to create content that is extremely personalized and therefore fulfills the needs of the target audience in ways that were not previously possible. According to Adobe, it is this highly personalized content, along with tech like AI, machine learning and more, that have become required in the modern world of business.

Powerful tools like the ones mentioned here are only fully utilized by combining the skills and knowledge of the CTO and CMO. The need for tech expertise is obvious since all of the most potent tools in marketing today are enriched or enabled by the latest technology innovations. But the need for marketing expertise is just as important to connect with the customer. Without a human touch and an understanding of what makes people trust a business, technology can only accomplish so much.

How Can CMOs and CTOs Combine Their Efforts?

Let’s explore some of the ways that CMOs and CTOs can work towards a united front when approaching company objectives:

Be equally accountable for the outcomes you are seeking for the company.

The CTO and CMO used to operate in individual silos that rarely overlapped. In those days it was understandable to treat the outcomes you were seeking as your own and to avoid taking on responsibility for the outcomes of other departments—especially departments that seemed to have so little to do with your own. But today it is more important than ever to share the responsibility for achieving company objectives. After all, you are in the same boat overall, and you want to make sure that boat experiences smooth sailing for the benefit of all parties.

Instead of saying, “That’s not my responsibility,” try discussing with your other stakeholders how you can contribute towards success. You may be surprised at the answers you get, and at how easily you can provide support.

Recognize the areas that you can help when developing the content management strategy for your business.

While you both need to be responsible for the outcomes sought by your company, you are only going to be most effective if you are certain where your strengths lie. For CMOs, you should be focused on utilizing your resources and expertise to manage communications, brand messaging and overall content strategies. The CMO understands the consumer better than the CTO and understands the way the consumer behaves. It only makes sense for the CMO to look to things like brand messaging and content strategy because of this knowledge.

In contrast, the CTO is best equipped to take control of analytics, delivery, and insights for the consumer. The CTO and the team underneath the CTO have the skills and reach necessary to yield the most effective results in these data-driven areas.

Learn to think like the other team from time to time.

While you definitely want to lean into your strengths, you still need to have a knack for clear communication and predicting what your peers will need in the business. In other words, you need to learn to think like a CMO or CTO, even if you are not one. No one will expect you to take over the other person’s position, of course. But the better you can get into the headspace of the other manager the better equipped you will be to cross-pollinate and predict the needs of others.

Not only does thinking like the other allow you to communicate and help each other better, but it also tends to lead to the kind of game-changing ideas that revolutionize the way your organization functions. The CMO can better understand and utilize the power of the tech available, while the CTO can become more aware of how marketing outcomes are achieved and the kind of information that could be most beneficial for marketing efforts can be better understood.

Open up lines of communication and foster their growth.

As with any new relationship, the first few conversations are often the hardest to get through. Typically, opening up the line of communication is a big effort, and keeping it open is not the easiest thing to do. But it is worth the effort. Realize that you both can greatly benefit from each other’s knowledge and that working together is the key to realizing the full potential of your business.

Posted on

How Multi-Factor Authentication Removes Bad Actors

Multi factor authentication

Multi factor authentication

Multi-factor authentication is a polarizing topic in business and technical channels. While business users are often quite fussy when asked to establish a secondary method of accessing their secure accounts and data, technology professionals realize that this bare-minimum authentication may be all that stands between business systems and some very bad actors. Reconciling the technical challenges of implementing 2FA (two-factor authentication) or MFA (multi-factor authentication) may seem like a struggle IT teams aren’t winning — but the fight is still a crucial one. Here’s what you need to know about how MFA can potentially remove bad actors from the equation in your business.

What is Multi-Factor Authentication?

Business users (and ordinary humans in general) are notorious for creating passwords that are extremely easy to unravel. As machine learning systems become increasingly sophisticated, it’s not surprising that passwords no longer pose enough of a deterrent for a dedicated cybercriminal. A simple password is like the virtual handshake that allows an individual user to access their shared resources and business systems. Passwords are generally easy for business users: they can be quickly reset as long as you have access to a primary email account and you can theoretically use the same password in a variety of different places, which certainly makes it easier on your memory! Unfortunately, everything that makes passwords convenient for business users also makes it easier for hackers to infiltrate your systems. Multi-factor authentication includes a range of strategies that technology professionals can leverage to create an additional layer of security between bad actors and crucial business data.

Additional authentification options include:

  • SMS text-based messages to a stored mobile number
  • Biometrics, such as facial recognition or fingerprints
  • Hard and soft tokens

These systems can be configured to ask for an additional method of authentication only when the access attempt appears to be high-risk — such as requests that come from an unrecognized device or originated in a region that is known for presenting cybersecurity threats.

How Multi-Factor Authentication Helps Reduce Access for Cybercriminals

Cloud-based applications are considered by some to be key targets for an attack since the storage of information is not onsite behind a firewall, but “out there” where theoretically accounts could be more easily compromised. Implementing multi-factor authentication in this situation allows legitimate users to quickly access their accounts and information while adding that crucial layer of security. This is especially important when you have privileged access accounts — those users who have admin privileges or whose login allows them to tunnel deeper into your infrastructure. Creating a strong identity governance solution and implementing it across all corners of your business can help ensure that the individual accessing the information is vetted and verified before allowing them egress. While bad actors can hack a password, it would be much more difficult for them to copy a fingerprint or gain access to a randomly-generated number that was delivered to your personal mobile phone. While SIM hijacking does occur (when hackers access a specific phone remotely), a more robust form of two-factor authentication is helping businesses such as social media platforms reduce the potential of hacked accounts.

81% of Hacks Involved Stolen Passwords

Let that fact sink in for just a moment: according to Verizon’s recent Data Breach Investigations Report in 2017, 81% of breaches leveraged stolen or weak passwords to allow cybercriminals unauthorized access to business information. Creating the rules that will convince users to update them on a regular basis is a solid first step in reducing this threat, but it will not be nearly enough to stem the tide of destruction and loss caused by poor password hygiene. The Verizon report also showed that nearly 3/4 of breaches are financially motivated, while only a small percentage (21%) were related to cyberespionage.

With this type of additional data in hand, it is hoped that organizations will be able to pitch the value of multi-factor authentication to overcome any concerns by business users as well as the cost differential involved in implementing these advanced security measures. Without multi-factor authentication in place, your business is simply one weak or default password away from providing bad actors with easy access to your sensitive business information.

Posted on

What You Need to Know About NextGen Malware and AntiVirus Protection

Nexgen Firewalls Cybersecurity

If you’ve heard the terms “NextGen Malware and Antivirus Protection”, you might think they were made up by a marketer who had a few too many lattes — but this type of security truly takes it up a notch from more familiar offerings. Today’s cybercriminals are becoming increasingly savvy and are finding ways to short-circuit or completely bypass traditional protective measures. These well-organized criminals understand white hat security procedures. They are tracking the activity of your key business leaders online or on social media. They are developing malware and viruses that can mutate to avoid detection. And make no mistake: these hackers can bring your business to a halt in a matter of hours by limiting access to your important business data or trashing crucial systems. Here’s what you need to know about the next generation of tools that cybersecurity professionals are developing to combat this escalating threat to America’s businesses.

Nexgen Firewalls Cybersecurity

Cyberthreats Were Created to Evade Your Current Security Systems

What are these dangerous and slippery lines of code? They’re developed specifically to circumvent or defeat your security processes and procedures and are becoming extremely effective at doing their job. Traditional antiviruses are often blocked before they are able to cause a great deal of mischief, but this new generation of threats requires some next-level tools for protection. Ilan Sredni of Palindrome Consulting shares: “Advanced threat protection has changed its nature. Using artificial intelligence tools that can understand any type of malware will be the standard and the only way to stay ahead, if not current, with the threats”. Early on, threat actors figured out ways to leverage the most basic of business software, such as Microsoft Excel and Word, in order to deliver their nefarious payloads. Software engineers and security professionals grew savvy to these tactics — causing a new wave of threats to come to the forefront. As the threats continue to evolve, cybersecurity professionals will need to remain diligent if they want to protect their organizations. As endpoints become more amorphous, cyber attacks increasingly take advantage of the slipperiness of maintaining security on mobile phones, WiFi locations and other potentially risky endpoints.

What Makes Antivirus Protection “NextGen”?

While it’s difficult to tie down a single definition for “NextGen” in terms of antivirus protection, this term is often used to describe strategies and products that provide a more comprehensive and scalable approach to preventing this type of attack. This system-centric approach often leverages machine learning to improve protection capabilities, uses cloud-based computing to scan for threats and unusual actions, immediately begins resolution without requiring direct input and provides a more comprehensive set of data that can be analyzed to determine the duration and extent of a breach or hack. These forensics are particularly important as organizations seek to shore up any holes in their security grid to prevent other attacks in the future. Traditional antivirus protection is proactive to some extent, in that it is continually scanning for known signatures and performing heuristic analysis. The next generation of malware is quite crafty in the way it interacts with your systems.

What’s the Difference Between Metamorphic and Polymorphic Malware?

According to Don Baham, President and CEO of Kraft Technology Group, “Polymorphic and metamorphic attributes of malware are harder to detect and prevent, and more dark web marketplaces are providing access to malware code. Together, this has resulted in a greater number of hard-to-detect malware variants attacking our enterprises”. Defining the difference between metamorphic and polymorphic malware starts with understanding the root of the terms: “Metamorphic viruses are considered to be more advanced threats then polymorphic malware because the internal code and signature patterns are changing with each with iteration, making metamorphic malware impossible to be detected with signature-based endpoint tools,” Sredni shares. Protecting against this type of malware requires reaching beyond a simple monitoring program and defining endpoint security solutions that will monitor for abnormal activity, analyze what rogue programs are attempting to do and either halt the activity or actively alert an admin. “Since this type of attack can happen rapidly, it’s crucial that your solution is able to report this newly learned behavior to other endpoints in the enterprise to help mitigate the spread of the malware,” notes Baham.

Protecting Against Next-Generation Threats

For information on protecting against this type of advanced threat, we turn to Keith Marchiano, Director of Operations for Kyocera Intelligence. “Your first step is to implement a password policy to have your end user passwords changed every 90 days. Having your server and network passwords changed as frequently is challenging. Second, implementing 2-factor authentication for anybody trying to log into your server or network is recommended. Third, implement a multi-layer plan for security- antivirus, malware/spyware/ransomware protection, and cloud DNS security to protect the network. Fourth, implement mandatory security training for all employees. Finally, have a disaster recovery/business continuity solution that will detect ransomware attacks and allow your network administrator to restore the network to the time prior to the attack. Taking this approach will improve your security and ensure if you are attacked, that you can restore without loss to your data or major damage to your company’s reputation. All of these steps can be implemented rather quickly without interruption to your business”.

Creating a holistic approach to security starts with a firm understanding of the threat landscape, something that you simply cannot gain overnight without assistance. Your business is depending on you to reduce the risk around malware and viruses — are your solutions and technology team ready to rise to the occasion?

Posted on

SD-WAN and MPLS Battle: Which Is Better?

SDWAN or MPLS

SDWAN or MPLS

What’s your favorite: red or blue? Sometimes there are no wrong answers to a question, and that may be the case when you consider the various infrastructure options of SD-WAN vs. MPLS. Can one be truly considered “better” than the other? It depends on the goals and requirements of your organization as well as the existing infrastructure that you are working with. Let’s unpack whether SD-WAN or MPLS is the winner when it comes to selecting a protocol for your network traffic. With the growth of SaaS platforms and cloud-based storage and computing, this question is looming large in the mind of IT leaders throughout the world.

Understanding SD-WAN: The Frisky Upstart

Wide Area Networking (WAN) has been around for decades, with a centralized bandwidth controller that is used to direct traffic within your organization. Policies and procedures are fed into traditional branch routers that then find the most efficient method for providing your application with the connectivity that you need. Expanding WAN can be expensive and configuration can be fiddly, which makes SD-WAN all the more attractive due to its flexibility for deployment. With SD-WAN (Software-Defined networking in a WAN), virtualization is leveraged to reduce the physical footprint and reduce the overall complexity of your networking practices. To keep it simple, you are much more likely to meet the expectations of your employees and customers with SD-WAN because you’re relying on a more flexible method of delivery for your business networking rules.

Understanding MPLS: The Hardened Contender

Multiprotocol Label Switching (MPLS) has been driving the business of doing business for many years and is a stable system for carrying data in high-performing networks. While it’s traditionally been used in telecommunications, there are plenty of organizations using MPLS to direct internet traffic, too. Where MPLS really shines is in applications such as VoIP, video conferencing or virtual desktops due to the high packet availability and low loss of quality. Sound and video quality are exceptional, and the protocol is highly predictable in nature. There are some key disadvantages such as bandwidth cost and the potential that lower-rated applications or services could be slower or have slightly degraded quality due to de-prioritization by the “traffic cop”. This protocol was great in a time when there were fewer demands on overall bandwidth, but today’s hungry cloud-based applications can quickly eat through your monthly allotments.

Advantages and Disadvantages of MPLS and SD-WAN

Without a full understanding of the particular needs of your business, it would be difficult to pick a winner between these two contenders for Top Protocol. SD-WAN offers the global availability, scalability and control that you need at a more reasonable price point, while MPLS allows you to boost the priority for crucial traffic moving through your network. MPLS practically guarantees a higher level of quality for the most important traffic within your business, while SD-WAN offers an added layer of security that might be a big selling point for organizations in today’s climate of rampant cybercrime. SD-WAN is generally considered to be more cost-effective and scalable — even though it is slightly less reliable than MPLS implementations.

Which Is Better for Your Business?

There is no clear and true winner in this battle, but you might be interested to know that Gartner released a recent whitepaper entitled: SD-WAN is Killing MPLS, So Prepare to Replace It Now. That seems like a pretty strong statement, especially considering that the research firm also notes that MPLS still far outstrips SD-WAN in terms of usage. Hybrid and internet-only WANs are on the rise as infrastructure leaders continue to look for ways to boost network efficiency and speed while reducing the possibility of a devastating security event. SD-WAN allows for an additional measure of control when it comes to security, which may be one of the reasons that IT leaders are moving in this direction.

There are no perfect answers that will fit the needs of every organization, but SD-WAN comes out on top in terms of price and scalability, while MPLS edges out the competition when it comes to overall reliability and reduced packet loss. One thing is for sure: this conversation will continue!