Let’s be honest. Remembering passwords on top of the million other things to do in any given day is a lot. Are your team’s passwords fairly similar across multiple online accounts? It’s okay, you are not the only business.
Most people reuse their passwords over many different applications, and have one or two passwords only. With the increased need for security, however, there are now much better ways to protect your accounts and provide additional layers of security.
Nowadays almost all online services, banks, social media, shopping have added a way for your accounts to be more secure.
Here we help you to understand MFA and 2FA plus introduce you to LastPass to manage your passwords.
Maybe you’ve heard of the term MFA or 2FA and are slightly confused. Let us help you break what this is and why you need it.
MFA = Multifactor authentication
2FA = Two factor authentication
In the old days!
In the old way of doing things you signed in to your online accounts in a process called ‘authentication’. That included a basic login and password. For example
Multifactor Authentication (MFA), however, works by adding additional layers of security to your online accounts.
This provides a “second” thing – what we call a second “factor” – to prove who you are.
Yes, the first layer remains as your username and password, however now you can add another layer of protection. For example:
What this additional level of protection does is helps to ensure that you are who you say you are when logging into your online account.
So even if someone gets your user name and password, and logs in with your credentials, they will be stopped!
You will get an immediate notification on your phone to indicate that someone is trying to login to your account.
You can then decline the authorisation, locking them out. This also tells you that your password has been guessed, so you know to change your password.
Many of your current apps will have an MFA feature that you can turn on. For other things like email, you can enable MFA.
This may mean talking to your ITA provider so that we can assist you to help turn on your Microsoft 365 MFA feature.
Once it is turned on, you and your team will need to use MFA before you can next access you emails/Teams and other applications.
Make sure that everyone is ready for this and knows what to do. It isn’t hard, but like with all changes, its best to ensure that you have support from the rollout.
Reusing the same passwords across multiple accounts is not a safe idea as it creates an opportunity for credential stuffing attacks. A credential stuffing attack is one where leaked credentials from one site/service are used on another site/service to see if they work. It would be like using the same key for your car and your house.
For example, if you use the same password on your online bank account and Facebook, an attacker can easily breach both of your accounts even though you may not have reused the same password on your email account. This potential harm this practice can cause may be a monetary loss, data loss or loss of sensitive personal details.
Here at the ITA we recommend that you update your password after every three months, unless you have been the victim of a cyber-attack, then you should change your password immediately. This ensures that if your credentials are breached, then they are not able to immediately breach other accounts also.
Password strength is a big topic of discussion. You know the drill, you must use lower and uppercase letters, use numbers, use special characters, make sure it is long. But even after all this effort, your password can still be weak!
You can test your passwords out before you use them at https://www.passwordmonster.com/ or https://password.kaspersky.com/. This information gives you feedback about the strength of your password, which should help you to strengthen your password choices:
(Note: Your password is not collected or stored at either of these websites. They are well known secure sources of information that you can trust)
Yes, it is definitely best practice to use a Password Manager.
Password Managers allows you to keep track of your passwords without having to remember them.
LastPass is a free or paid personal password manager for an individual, however, if you want to protect your business, you need LastPass Business. We can help you specifically with this.
Having MFA or 2FA is an essential these days, and so is having decent and unique passwords. For practical reasons you need to have a business password solution in place to ensure your team are password secure.
Here at the IT Centre, we can help you to simplify this process, and provide you with support to easily and effortlessly apply these tips. If you would like to discuss your specific needs, please feel free to reach out to us here.
A number of our clients have been asking us about Microsoft 11. “Should I upgrade?” “Should I wait?”. It’s new and everyone wants the latest and greatest right.
In this case, however, it may be best to WAIT
With most upgrades, updates are something to install as a matter of course. The manufacturer, after all, is delivering new efficiencies, improved processes, and increased security, so why wouldn’t you?
Well with Windows 11 it’s not quite that simple:
First of all, Windows 11 has been called “the biggest update we’ve seen to Microsoft PC software in more than half a decade.”
Most importantly, Microsoft has said it will support Windows 10 until October 14, 2025, so there is no need to rush any decision.
Windows 11 is a redesigned operating system aiming at improved user navigation. Expect:
If you are in the market for a new laptop, make sure you’re getting one with Windows 11 pre-installed. That way, you’ll be sure to get one that will be able to run the new operating system without hassle.
Your IT specialist may have already suppressed some of the reminder notices for you, so that you don’t get asked to upgrade all of the time. However, they can’t stop them all.
If you see the official Microsoft screens saying ‘click here to install Windows 11’ our suggestion is to not do anything and just wait. It might be a good idea to also inform your team to do the same.
One thing to be mindful of is that if you do go ahead and install Windows 11, any problems you encounter may not be covered by your IT specialist under your current plan.
However, if you are sitting at your computer reading this and are still using Windows 7 and Windows 8, its definitely time for an upgrade to at least Windows 10. Windows 7 and 8 are no longer supported by the manufacturer and without support or security updates, these systems are vulnerable to malware attacks.
In conclusion the best thing to do is to talk to IT Centre about this upgrade to Windows 11 to see when and if it is right for you. For now, you won’t be disadvantaged by doing nothing, so you can just relax, take a breath, and contact us here
More then just that flashing box, lighting up like a disco in the corner of the room, routers play a particularly important role in keeping your business safe, and your data secure, as well as creating efficient, and safe remote working conditions.
Here we look at the role of the router, and what you can do to ensure you have the right one for your business.
Think of your router like an important Traffic Officer only allowing approved content in and out of your business.
The difference between an entry level router and a higher quality router, provided by IT Centre is a lot. Sometimes it pays to think outside the box, and not just take the router provided for free in the box.
When it comes to security, it is a good idea to take preventative measures. This is where the best secure routers come in. A router with built-in security controls and services that monitor your network around the clock is going to save you a lot of potential headaches. With your router protecting your area of coverage, your devices and your network safe.
“You must always change the factory default password for the router and ensure that the firewall and other security features are in fact enabled”.
Ever been confused by the codes that come up when you go to log in to your network?
WPA2 and AES are the best settings to secure your Wi-Fi from hackers. Remember that if a hacker is able to breach your network, they could steal important information, like bank details, or even your identity.
We strongly suggest against using an open network. An open network means you won’t have a password, so anyone can have access to your Wi-Fi and all of your devices.
Make sure to apply WPA2 to your router for improved protection of your online information.
Routers can be complex and can create harmony or havoc depending on the route you choose to follow. Buying a router with the highest security is crucial to protect your network.
Remote working conditions are the new normal, which means that many of us may need to upgrade our home routers too.
By speaking to The IT Centre, you could find quick connectivity and security gains with an upgraded router.
To save time and money and to make sure that you have done all that you can to make your business feel free to reach out to us here.
The Regional Business Partners Network has more funding available for tourism related businesses in the Queenstown Lakes district.
If you are a tourism business or supply a tourism business you could be eligible for upto $5000 funding for advice and support plus another $5000 for implementation of that business advice.
IT Centre is a registered service provider with the Regional Business Partners Network and we are currently supporting clients, funded by the RBP, through the ongoing effects of the pandemic. You too may be eligible for 100% funding towards advice and implementation of this advice.
The Tourism Communities: Support, Recovery and Re-set Plan is government funding that targets tourism businesses physically based in the Queenstown Lakes District. Tourism businesses are those where 50% of operational output is/was purchased by tourists (domestic and/or international) or those that supply tourism businesses.
For more details about the fund and eligibility criteria click here.
The funding is administered by Otago RBP Growth Advisors, and provides a number of initiatives focusing on ensuring tourism is more sustainable and resilient in the future and includes:
Business Advisory Support: (up to $5,000 per business operation) to enable businesses to receive expert advice and support, such as on changing target markets, or scaling their business.
Implementation Support: Grants for businesses to implement business advice (up to $5,000 per business operation).
What can you get advice on?
We can supply advice and service related to: –
If your business is physically located within the Queenstown Lakes District and is a ‘tourism business’, please register with Regional Business Partners here.
If you are already registered, please indicate your interest in the funding by emailing firstname.lastname@example.org or by contacting your Growth Advisor.
Written by: Peter Marshall, Voicecom Technologies
If you have Microsoft 365 for business, we want to make sure you’re making the most of it. You’re already paying for the subscription so why not take advantage of a whole suite of integrated applications that can streamline your workflows?
While remote work has been a key driver for Otago businesses to adapt the way they work and assess the systems they use, along the way they’ve realised that these apps not only offer remote capabilities but also the opportunity to integrate apps and business processes to allow them to better serve customers, streamline work, and improve employee productivity.
Microsoft SharePoint – SharePoint can seem overly complicated because it can offer so much. But it doesn’t need to be so scary. You can start small and use more functionality as needed or as you grow. Basically, it’s a platform that offers content management and collaboration. It helps with reducing duplicate files, gives you remote access (needed more than ever!) and allows you to work on the same document at the same time. Find out more about SharePoint here.
Microsoft Power Automate – Microsoft Power Automate allows you to automate workflows across applications. You can use it to connect email and instant message alerts, synchronise files between applications, copy files from one service to another, collect data from one app and store it in another, and much more. Templates are available to get you started. Efficiency is key for sustained success across businesses and Power Automate assists this by simplifying workflows with the automation of repetitive tasks.
Microsoft Forms – Forms allows you to create shareable surveys, quizzes, and polls in just minutes. You can then invite others to respond to it using almost any web browser or mobile device, see real-time results as they’re submitted, use built-in analytics to evaluate responses, and export results to Excel for analysis.
Microsoft Planner – A simple, visual, task management app that helps remove chaos from the team collaboration environment. You can create multiple task lists associated with different projects or set up daily to-do checklists.
Microsoft Teams – a chat-based workspace that integrates people, content, and tools into a single platform. Find out more about Teams here: https://ita.co.nz/microsoft-teams-more-just-video-conferencing
Microsoft OneDrive – OneDrive is essentially an online folder system for file storage. Similar to SharePoint however SharePoint offers much more in the way of collaboration. You might use OneDrive to save your personal drafts and then move them to SharePoint when you’re ready for collaboration.
Microsoft Lists – Helps you track information, organise your work and easily share with others. Lists are simple, smart, and flexible, so you can stay on top of what matters most to your team. Track issues, assets, routines, contacts, inventory and more.
Microsoft Stream – Your central destination for your business video content. It’s like an internal, secure YouTube for your business. This is the perfect place to keep things like training videos or marketing content for staff to easily access.
Microsoft Sway – Sway is a cloud only story-telling application similar to PowerPoint but provides more narrative options than a slide show.
Microsoft Whiteboard – A digital version of the traditional whiteboard that allows collaboration and brainstorming with your team in an interactive and engaging manner.
Microsoft MyAnalytics – Uses your data to provide insights into two of the key factors in your personal productivity: how you spend your time and who you spend it with. MyAnalytics takes a look at your everyday work patterns, finds areas that could benefit from your attention, and provides you with the tools to achieve more thoughtful use of your time.
Microsoft Power Apps – If your business needs a specific app to do a specific job, this is what PowerApps can do. Using simplified development techniques and with the help of your IT expert, you can create sophisticated applications using features, procedures, and processes found in Microsoft 365.
If you want to find out more about how any of these Microsoft 365 applications can benefit your business, contact us today on +64 3 443 5499. If you’d like to visit or email us, you can find our details here.
Written by: Andrew Fergus, IT Alliance
Now, more than ever, it is important to secure your data. Cybersecurity threats to your organisation, your staff and your clients are becoming a regular occurrence here in Otago. As these cybersecurity threats become more significant, it’s really important to understand what they are, and how to do your best to prevent them. So let’s dig in and look at the different types of attacks and one of the most popular options for countering it – ESET Endpoint Security.
Ransomware. This is a type of malware which threatens to publish or block access to your data unless a ransom is paid.
Email Virus Attachments. It’s common for viruses to be sent as email attachments to unsuspecting users, if opened these can potentially infect your whole system with unwanted viruses.
Spyware. This is another type of malware which can steal sensitive data such as passwords, credit card details and commercially sensitive data.
ESET is used on 110 million devices, each one sends a feed to head office if it detects an unknown potential virus – this means they can examine it and send out a fix if needed. They send out updates every 2 hours and have a team dedicated to threat security. It also has a negligible impact on computer performance. Meaning your computer wont go super slow. Its testing system has no false positives, so if there is a notification, you know it is correct.
With so many businesses moving their files to the cloud there is an additional ESET product helping keep business safe. ESET Cloud Office Security provides advanced preventive protection for Microsoft 365 applications against malware, spam and phishing attacks via an easy-to-use cloud management console. Eliminate spam from Microsoft 365 inboxes and keep your OneDrive files malware-free.
One more motivation will be around from 1st December 2020 with a new Bill from the New Zealand Government, which means that if you are compromised and your data gets taken or lost, you have to notify the Office of the Privacy Commissioner and affected individuals. If you don’t then you could be liable for up to $350,000 per EACH MEMBER of a class action.
We recommend using ESET Endpoint Security, this protects your files and network, doesn’t hog your resources or waste your time on false positives – it also mitigates your risk against the NZ Privacy Act 2020.
For those of you that have moved your files to the Microsoft Cloud. We recommend turning on 2FA (Multi-Factor Authentication) which is included free with your Microsoft 365 subscription. Also add your Office IP address so it only prompts you for a second authentication every few months when using your office, but still prompts to authenticate when adding new devices or visiting new areas.
If you’d like help choosing the best antivirus & firewall software for your business and help with setting it up, contact us today on +64 3 443 5499. If you’d like to visit or email us, you can find our details here.
Do you find yourself so caught up in other areas of your business that you tend to only manage your IT when things go wrong or it becomes an absolute must?
This is called reactive IT Management. With it, brings a mountain of stress, disruption and blown budgets.
A proactive approach to IT management doesn’t have to be difficult or expensive. In fact, it can save you money and keep you focused on doing what you do best.
This is where a Managed Service Provider steps in. They’re not just the guy you call in for computer repair, they’re essentially an extension of your team. An MSP is there to support you and ensure the IT side of your business is efficient, cost-effective and low-risk. Let’s look at some of the benefits of proactive IT management and why businesses in Otago might want to move away from a more reactive response.
Large, unexpected IT bills can often be avoided with a good plan in place. A Managed Service Provider can help prevent the unnecessary cost of fixing things by implementing a plan with regular, scheduled maintenance. Additionally, they can give you the tools to effectively manage your IT life cycle, forecasting hardware and software upgrades. With a fully prepared life cycle, IT budgets can be planned in detail for years to come. Everything from printers to operating systems can be prepared on a tightly controlled schedule. Adopting an IT life cycle is a great way to eliminate unwanted surprises and make the most out of your IT budget.
There’s nothing worse than when you get halfway through the day and you realise you’ve spent most of it troubleshooting or dealing with an IT issue. Can you imagine how frightening the numbers would be if you calculated the total number of hours lost due to IT-related disruption? A Managed Service Provider’s core purpose is to lessen this disruption and would likely pay for themselves rapidly. An MSP often does routine maintenance outside of hours so when you log in the next morning, you’re good to go! They’re your Clark Kent, unobtrusively making things happen in the background and quickly embracing their capes should anything big arise.
Something stops working at the worst of times and you find yourself giving an IT technician your full operational history to help you both connect the dots of where things went wrong. Sound familiar? The great thing about an MSP is that they get to know your business, and more importantly, have a detailed documentation process. The team will get to know your business and you’ll often be dealing with the same technicians who know you and your systems. Having an intimate knowledge of your site’s configuration and a detailed service history means they’ll spend less time troubleshooting and more time working on the job. Familiarity when working regularly on a system means clients are not paying for a technician to relearn the basics for each job or call out. As an added bonus, when you partner with an MSP, the charge is often much less than the hourly rate of one-off call outs.
In the technology space, there are changes and updates left, right and centre, often leaving you overwhelmed. This leads to you either falling behind with your IT services or purchasing things your business may not need. A Managed Service Provider is across all things IT, so you don’t have to be. You have the option to meet on a regular basis to discuss and review appropriate changes or updates that should be considered to your IT infrastructure. They know what’s happening in the industry and can guide you according to your specific needs. They’re not about telling you that all your computers need to be updated with the highest spec and most expensive models. In fact, an MSP will get to know how you operate with an audit and provide you with a plan on where you can best spend and save money. They’re about plans with priorities and delivering a solution according to budget.
If you’d like to find out more about how a Managed Service Provider can help you move from reactive to proactive IT management, contact us today on +64 3 443 5499. If you’d like to visit or email us, you can find our details here.
Times used to be simpler when phone lines were just that, but today there are more and more companies moving to the more complicated VoIP (Voice over Internet Protocol) system for their phone lines. This is in part due to advances in technology, but also partly enforced by telecoms companies like Spark suggesting they won’t support the legacy phone lines in future.
While VoIP can work well in the right circumstances due to potential cost, flexibility and number portability advantages – you do need good IT support. In circumstances which aren’t optimal it can end up being more expensive, more complicated and come with a range of security issues which need to be well thought out. Let’s take a look at the four main security issues below.
Hackers can use automatic phone dialler software which rapidly calls you and then hangs up, this is called a DoS attack and keeps your line busy so you cannot accept or make calls. Attacks like this can severely impact any businesses ability to communicate and can be extremely difficult to stop.
A very recent example is the attack on the New Zealand Exchange (NZX) which shows how vulnerable businesses can be. One way to help protect your communication infrastructure is by using Session Border Controllers (SBCs) which act like a VoIP firewall. This protects your network by using a secure connection between you and your service provider and gives you more control over your VoIP calls and voice traffic.
This is where someone can easily listen, divert or even hijack selected VoIP calls by putting themselves “in the middle” of the VoIP signalling path. This can happen when weak or no encryption mechanism is used on wireless access points, allowing unwanted users to join your network just by being nearby.
This can be one of the most serious threats, especially for those in industries where discussing private information is of the utmost importance, such as in legal or health sectors. Encryption and authentication protocols such as the TLS (Transport Layer Security) protocol can help with this.
Without good security protocols and strong passwords, system and user credentials are vulnerable to theft – making it easy to hack into online VoIP systems or phone hardware. This can lead to many issues, two of which include:
• Phreaking – a type of hack which steals a service from a service provider while passing the cost along to another person. Commonly this is when your VoIP account is hacked and someone uses it to make calls which you pay for.
• Vishing – where a legitimate number is hacked and then used by a party to call you and pretending to be from a trustworthy organisation, such as your bank, and asking for confidential or critical information.
To avoid this from happening, make sure you use 2 factor authentication where possible to access your online systems, never use your VoIP phone number or extension as the voicemail password (common defaults) and always change the default admin passwords on web based phone hardware.
Most VoIP providers will only allow you to use the caller ID of the lines you own, but some allow any number to be presented on their network which can cause problems. It is most commonly used where a business doesn’t present their main number but might instead present a tollfree number or their main number for customer callbacks.
However this means it can also be used to emulate another party or business with the intent to defraud, cause harm or wrongfully obtain something of value. This makes it important to have a mechanism in place which only displays numbers which have been authenticated.
VoIP can be great in the right circumstances but people often jump in without considering the extra complications and security issues which don’t exist with a traditional phone line.
It’s best to go into VoIP with your eyes open and be aware of the risks, then you can use it effectively for your needs. If you’d like help setting up VoIP or improving the security of your existing setup then contact your nearest IT Alliance member.
The IT Alliance are a group of nationwide partners that banded together to offer businesses high-quality, flexible support with a local touch. They are small enough to feel part of your team but backed by a bigger organisation and network of support. It doesn’t matter if you’re located in Otago or on the road across the country, they have the infrastructure set up to ensure you’re covered with all things IT.
How great is it that technology allows us to remote in and help clients at the drop of a hat? Although remote support is an excellent tool, sometimes an on-site visit is what you need. After all, it might be a little too much to expect Frank from accounts to troubleshoot why his keyboard isn’t connecting to his docking station, which isn’t connecting to his laptop, which is only connecting to one of his two screens, which seem be missing some cords?…you get the idea!
All of the partners in the IT Alliance pride themselves in providing, fast, high-quality local support. They’re focused on building long-lasting client relationships and working with you to ensure IT is strengthening your business, not obstructing it.
As a group of 12 independent IT companies across New Zealand, the IT Alliance work together as a group to deliver products, projects, training and support throughout New Zealand. Regular meetings during the month are held where specialist knowledge is shared among members and then passed onto clients from a local source.
Having partners that can reach the entire country means there are no limitations to servicing your business. Whether you’re travelling and need help, or have staff based around New Zealand, they can provide you with flexibility by supporting you no matter where you are.
The issue with partnering with a single, large IT company is that you can often get lost in the noise. Partnering with a member from the IT Alliance means you’re getting the benefits of small and local but also the access and knowledge of big and broad. Smaller and local offers agility, with the capability of changing and adopting new technologies at a faster pace, bypassing lengthy procedure. Additionally, you’re not paying a premium to support a single large organisation that has substantial overheads to cover.
A collaborative approach is critical with the fast-paced nature of the IT space. The IT Alliance team are backed with a wealth of knowledge and varying specialties. This means they each bring something unique to the table and can share the most important information with each other rather than wading through the sea of updates and changes the industry consistently presents. The core purpose of the partners coming together frequently is to brainstorm, explore all points of view, share experiences, stretch perspectives and challenge the way things are down. All with the objective to ensure the best possible IT solutions are offered to their customers.
Due to recent world events, most people have now had the opportunity to try out working remotely in one way or another, especially those who work from Central Otago. It’s also been an opportunity to test out our IT systems when working from home and to see if they’re up to the task of simulating being in an in-person environment.
There are of course some professions who are unable to work from home, such as nursing and hospitality. Retail is another where it can be more difficult as you don’t have the luxury of seeing things and trying them on before you buy. Office environments are generally the ones who get on with things from home – but do they do this well?
If you’ve had a team working from home, how do you think this compared to working in an office? Would you give productivity during this time a 5 star rating or a 2?
Some love it so much they’ve committed to full-time remote working teams – but with this extreme there needs to be a strong consideration about the long-term effect on productivity and mental health. The question needs to be asked – do your staff actually enjoy working from home? Usually there are some who love it and others who don’t. Two of the main benefits usually cited are the lack of commute and increased flexibility.
There may be people on your team who don’t enjoy working from home, perhaps they don’t have a dedicated office or workspace, and working from home wasn’t what they signed up for when joining your company. If they feel that they need to work from an office environment to be happy and productive, then a balance needs to be found.
When working remotely it’s more important than usual to use your calendar effectively, including blocking out time to get productive work done – which cannot be overridden by meetings.
In Microsoft Outlook you can even schedule emails straight into your calendar, it’s easy to block out time to do tasks using this method and the email is right there as a handy reference – you can ask your helpful IT person If you need some tips and tricks.
Some love working from home and others need to be around people in an office environment, so as with most things there is a balance to be struck which ensures a happy and productive team.
If something isn’t working with the team, always look at yourself first – the fish rots from the head down! If something is going wrong then ask yourself why and what you could do to improve things first before you consider what others can do. Own your mistakes.
Think about the long-term effect of working remotely and the effect it will have on morale, it can be exhausting if someone is in video meetings all day. Reducing your overhead costs are a great benefit to not having an office, but always put your staff’s wellbeing, morale and productivity first.
If you’re not sure where to start, then get in touch with us on 03 443 5499. We would be happy to help you!
There are plenty of options available for video conferencing at the moment, which has been extremely useful with many people working from home in the current environment. Skype, Zoom and Microsoft Teams are some of the big names available – but did you know that Teams can also do much more than just video conferencing?
Here at IT Centre, we like to use it for all of our Microsoft apps and workflows. Meaning it’s the tech equivalent of a swiss army knife which can switch between different bits of kit at a moment’s notice. If you currently have multiple apps, workflows, inboxes and files all over the place… then Teams might just be the all-in-one solution you’re looking for.
If you are constantly trying to keep up with your inbox and struggle to find that important email, then you are certainly not alone. Many businesses are now using tools like Slack for internal comms which can drastically reduce email clutter, did you know that Teams has a similar function? It’s a quick way to communicate with your internal team or give them a call – some of us have gone so far we’ve eliminated internal emails altogether!
Having multiple locations for files, unorganised file structures, different file versions and not being able to find something is certainly not uncommon. Using Teams allows you to directly integrate with Microsoft’s file hosting service, OneDrive and have all of your files in one place, and also makes file sharing easy with external customers or suppliers.
Everyone has access to what they need in Microsoft Teams by setting your team and only having access to what’s important for you – split these up by department or otherwise as suits you. Then you can interact with your colleagues however you need to based upon the large array of apps and workflows available. For example, you might want to hop on a quick call with a member of the admin team, share some private documents with management or your marketing team might want to set up a quiz to share with your customers.
If that wasn’t enough, you can also use Teams to book your meetings, keep track of them in the calendar, run live webinars for up to 10,000 people and integrate CRM and customer ticketing apps. Basically it can be used as your one-stop-shop to replace the multiple different apps you are currently using, with multiple logins and varying integration capabilities.
If you feel disorganised, have files here there and everywhere and want to centralise it all to keep them in one place securely in the cloud – then Microsoft Teams might be the answer for you. It will help you centralise your files, communications, email addresses (across multiple domain names) to become more organised.
Small to medium size kiwi businesses are increasingly being targeted by unscrupulous hackers, and cyber-criminals which often leads to loss of confidential data, intellectual property and can result in considerable business disruption. Poor password security is one of the key methods these cyber-criminals use to gain access to your systems. We want to highlight some of the fundamental threats you’re facing and guide you through implementing a strong password policy for your business.
According to the 2020 Data Breach Investigations Report, over 80% of breaches within hacking involve brute force or the use of lost or stolen credentials. You can see the full report here. The problem is the vast amount of people still using weak or compromised passwords, leaving kiwi SMEs vulnerable.
Why are smaller organisations being targeted these days? Cyber-criminals are not just after big corporations with substantial funds. They are looking for the easiest hack which means focusing on smaller, easier targets is often the strategy. Sometimes smaller enterprises can be identified as not having strict policies in place across all aspects of the business. Larger corporations have entire teams working on policy and procedure or dedicated IT teams consistently managing potential threats. As a Managed Service Provider, we want to help make sure you’re just as covered as these larger businesses. We suggest you establish and implement a strong password policy that employees can refer to.
So, we all know we’re supposed to use “strong” passwords, but what does that mean? We’ve come up with the simple acronym ‘CLOUDS’ to help you remember the most important things to think about when creating passwords:
Characters – Use at least one of each of; lower case, upper case, number and a symbol (e.g. #) or a space
Length – A minimum of 8 characters and ideally 10.
Obvious – Ensure your password is NOT obvious like a birthday or your family and pet names. Hackers can find these details through things like social media.
Unique – Think of something new each time. Do not use a slightly altered version of old passwords. Your old passwords may have been hacked from a website and sold on the dark web.
Different – make sure you use different passwords for different accounts.
Set – The most basic rule; set your own passwords. Leaving the default set up by your IT support is unsafe. You’d be surprised at the huge number of passwords that are simply not set at all.
Your intentions are good when coming up with the most uncrackable of passwords but now you find yourself continuously hitting the ‘forgot my password’ button and going through the tedious and time-consuming process of a reset. It sounds all too familiar doesn’t it?
We’re moving towards a world where thumb prints and facial recognition technology will alleviate the need to remember a collection of passwords but until we reach that point, we need a reliable solution to remember our passwords. Considering a password manager program is a good option. This gives you the option to store all your passwords in one place and when you’re signed in, they can quickly populate your details when logging into various platforms. There are numerous safe and reliable password managers so ask your local ITA member which one they suggest to suit your needs.
Alternatively, some people use encrypted documents, for example, password protected Excel or Word documents, while others use the ‘remember password’ facility of their web browser. If you use your web browser, make sure it encrypts the passwords and remember you need to log-off if you share computers or leave it unattended. All of these are good options and can help you move away from physically writing down passwords which can be risky and affect business continuity if you lose access to the physical copy.
Most experts no longer recommend having to change your password every six months as it hasn’t proved to improve security. However, we do suggest if you have old passwords that you bring them up to date and change these every couple of years. Furthermore, always change your passwords immediately if there are any indications they may have been compromised.
The best thing you can do is implement a strong password policy for your employees. Have them use the ‘CLOUDS’ checklist when creating passwords and encourage using a password manager. Make it part of your policy that passwords are updated when an employee moves on to ensure your systems remain secure.
The trick to having strong passwords that pass the ‘CLOUDS’ test, is NOT having to remember them. Use one of the techniques above to do the heavy duty remembering for you. Copy and paste as required. Just remember your login password and your password manager password – don’t write those down anywhere!
Recent growth in remote work locally here in Central Otago as well across New Zealand and around the world has seen an increase in the number of these cyber-attacks and has left businesses vulnerable. Across the ITA we continue to see heightened targeting of clients which is why it’s critical to review or implement your password policy immediately. If you have any concerns in this area or want to find out more about keeping your business protected and secure, contact us or your local ITA member.
IT Centre is a founding member of the NZ-wide IT Alliance – www.ita.co.nz
Check out the links below for a contact near you.
The environment in which we operate has significantly changed over the last few months. Businesses have been driven to embrace remote working. There has been no better time to question the efficiency of your workflows and systems. A business simply needs to have online functionality and the ability for staff to continue to work remotely. The need for increased collaboration and file sharing amongst teams is essential, which is where SharePoint can offer an excellent solution. How? Read on..
Are your documents and folders in a bit of a mess? Don’t worry, it happens to the best of us! With the change of employees, each individual has different ideas on how to organise filing systems, so yours has likely evolved into a mix of conflicting folders and duplicates. Have you ever collaborated on a document, emailing it back and forth until you eventually find yourself so confused as to which document is the most up to date? Yes! We have all been there. Working remotely means that now, more than ever before, we have a huge need for collaboration. This means that the same mentality needs to be embraced with your document management system. SharePoint allows you to have one central location where your documents are stored, categorised, updated and backed up. You can set up permissions so that others can access and update. No more version 18.104.22.168, saved on everyone’s drive!
SharePoint gives you the ability to capture version history. You no longer have to spend time hunting for the latest version of the health and safety policy! This not only helps reduce the number of duplicate files but it offers a history of who has last worked on the document. Having access to older versions can sometimes be a lifesaver. This means that if a colleague accidentally deletes some information from an older version when updating, you can still gain access to the previous version with a click of a button.
Accessibility is key. You might be working from home, stuck up north or down south, or perhaps on a family outing and work suddenly needs urgent attention. SharePoint allows you to jump on your laptop, tablet or other device and instantly access all of your work files. Quick, easy access has never been so important and can ensure as little downtime as possible.
The strong need for collaborative tools has increased, especially with a workforce that is frequently operating online and remotely. SharePoint allows users to collaborate by working on the same document at the same time. Additionally, you can easily create and customise your own intranet. Fancy right? This provides the perfect platform where you can share and manage content, knowledge, and applications to empower teamwork, quickly find information, and seamlessly collaborate across the organisation. Not to mention, bring your team together!
One of the most common concerns about embracing cloud platforms is the security of your data. We need to change our perception about having everything stored onsite and having ‘physical’ control. A company like Microsoft has an entire team continually working on the safety of their platforms so perhaps it’s time to embrace cloud options which can give your business the leap forward. You do also have control. Backing up your data, and implementing multifactor authentication are two key steps to helping keep your data safe. What does this really mean? Backups: using a third-party provider to back up your data is essential as Microsoft only manages the security of its platform… not your data!. Multifactor authentication makes it harder for anyone to hack or steal your data. It is a simple system whereby you might, for example, be required to enter a password as well as a text message code using an authorising app.
The way we do business has dramatically shifted. The damaging effects of a worldwide pandemic means we need to embrace technology to help us ride this wave of change. If you’re ready to make the move to more efficient and collaborative and secure document management, we can help get you started. You can pop us an email or give us a ring. We would be more than happy to walk you through the process in plain English!
IT Centre is part the IT Alliance, a group of like minding companies working together around the country to bring better value and services to clients.
IT Alliance members near you!
It’s fair to say that within the Central Otago business community, COVID-19 has really pushed our business into the cloud. Whilst Microsoft provides powerful services within Microsoft 365, it is important to note that comprehensive backup of your Microsoft 365 data is not one of them. Of over 1,000 IT Pros surveyed, 81% experienced data loss.[i] This can be from simple user error to major data security threats like ransomware. The misconception that Microsoft fully backs up your data on your behalf is common and could result in damaging repercussions which is why it’s important to know what areas you are responsible for.
Have you thought about how your Microsoft data is backed up? “The scary reality is that even though sensitive cloud data is stored in Office documents, an estimated 76% is not being backed up[ii]. In fact, IDC states that 6 out of every 10 organisations still don’t have any form of Office 365 data protection[iii].” Microsoft’s core focus is on infrastructure and maintaining uptime to users but when it comes to data protection, this lies with you.
Users accidentally deleting files is all too common. If a file or email is accidentally deleted, Microsoft makes this recoverable for a short period of time. If you go looking for something a few months down the track and realise it may have been accidentally deleted, you’re unlikely to recover this. If you do not have your own automatic back up and the recoverable period has passed, your file will be permanently deleted.
An even greater threat, if you are made vulnerable by any hackers or viruses, again your data is at risk of being lost. Malware and viruses can do serious damage to your business. Not only is your company reputation at risk, but the privacy and security of internal and customer data as well. External threats can find their way in through emails and attachments and you can’t control users accidentally opening these. Having a reliable antivirus is essential but having back up is critical in the case of a serious breach. Regular or automated backups will help ensure a separate copy of your data is uninfected and that you can recover documents or emails quickly with limited downtime.
Microsoft runs under a shared responsibility model. But what does that really mean? Microsoft data backup will protect you from events such as natural disasters that affect their data centres, hardware or software failures on their part, power outages, operating system errors, etc. Their key focus is on availability and uptime, not your data. This means you are responsible for your Microsoft 365 data including email, OneDrive and SharePoint. It is your responsibility to ensure your data is protected from human error, malicious activity, misconfigured workflows, hackers, and viruses. Basically, Microsoft will ensure availability and access but your job is to protect your data with reliable backup systems and multifactor authentication.
The solution really can be so simple, cost-effective and provide you with ultimate peace of mind. You’ll need to set up a backup solution via a third-party system. With the move of more company data to being stored in cloud platforms like Onedrive and Sharepoint, this data is no longer covered by business local backup systems as they were when data was located on a file server. It is essential when moving to cloud-based storage systems and when investing considerable amounts in the cloud system setup, to have an automated backup.
Having a backup of your Microsoft 365 data mitigates the risk of losing access to important emails, documents and files for all your users. It is critical and will fill the gap between long-term retention and data protection. We can help in getting this set up for you. You send us a quick email here or you can give us a ring. We would me more than happy to chat this through with you in plain English.
[i] Veeam customer survey, September 2019 3 IDC: Why a Backup Strategy for Microsoft Office 365 is Essential, 2019
[ii] Veeam customer survey, September 2019 3 IDC: Why a Backup Strategy for Microsoft Office 365 is Essential, 2019
[iii] Veeam customer survey, September 2019 3 IDC: Why a Backup Strategy for Microsoft Office 365 is Essential, 2019
COVID-19 has created an abrupt shift to remote work, putting pressure on the IT infrastructure of many businesses. Although technology has allowed organisations to adapt quickly, usually this shift would require in-depth planning and risk analysis. The quick change to a virtual environment means potential weaknesses have encouraged cyber-criminals to see this as an opportunity to be out in full force.
How good is it that in a lot of cases, businesses have been able to continue their operations because of the ability to work remotely? Technology is awesome. But with it, does come risk. It’s great that businesses have embraced remote work, but we can’t stress enough how important it is to make sure your tech and business is protected. Remote workers don’t necessarily have the same firewalls and corporate levels of threat protection at home which means your business’s data is vulnerable at the click of a button. Also, working from home, Joe from IT isn’t one office away to save you when you’ve opened a dodgy email.
“But, … I’m password protected!”
Unfortunately, passwords simply aren’t enough to keep you secure. They are regularly shared and can be easily hacked. You need a second line of defense and this is where multi-factor authentication comes in.
Multi-factor (or two factor) authentication is a security mechanism that requires an individual to provide two or more credentials in order to authenticate your identity. For example, you may be required to enter a password as well as a text message code using an authorising app. Other forms of authentication might be a fingerprint or retinal scan. Yes, it can be a little more time consuming, but it can be a whole lot more time consuming and stress inducing if you end up with a major security breach on your hands.
In a lot of cases, it’s actually FREE and just needs to be set up! If you’re unsure if you have multi-factor authentication or you want to enable this function, call us and we can help 03 443 5499. If you’d like to email us, you can find our details on our contact page.
We understand this is a challenging time and you’re having to adjust the way you operate. The good news is that there are some excellent tools available that can help you – some you may already have! You can give us a call here in Wanaka on 03 443 5499 or reach us HERE. We know it’s a lot to take in but we’re here to help and guide you through with all things IT.
This Contact Tracking form is made possible by the power of Microsoft Forms which is part of Microsoft 365 (formerly Office 365). You can do similar things with Google forms.
Call us on 03 443 5499, or contact us here, if you want to know what else can be done with your Microsoft 365 subscription, such as using SharePoint for cloud based document management and sharing for remote working, enterprise class email and calendaring or using Teams for collaboration and remote team working.
It’s not clear what the exact requirements for contact tracking will be but this is a simple and cheap way you can start.
There are multiple ways of recording this sort of information and this may only be one way you use for your business for example you may have a manual register you use for people who don’t have a cell phone. Alternatively you could complete the form on their behalf.
You may want to print these instructions before starting
Step 1. Create a form
Step 2. Add some questions
Step 3. Optional Extras
Step 4. Click Send
Step 5. Good to GO!
If you would like more help with set-up or customisation click here to contact us (our normal charges & Terms and Conditions apply).
Thanks to IT Centre we have been able to make up a registry that requires no paperwork. Customers & Contractors can simply open up the camera on their iPhone or Android and it will redirect them to fill out our Contact Tracing Registry” “… thanks guys that is really cool will save us heaps of paperworkChris and Glenys Cowling, Tauranga ITM
Thanks team, that’s really easy. We’ll print it out on vinyl in reverse and stick it to the inside of our windowSean & Claire O’Connell, Wanaka Signs
Wow, that’s really easy, thank you!Sarah Burdon, The Camp, Lake Hawea
Levels two and three are on their way and it is time to prepare for what that might look like for your business. It can feel a little overwhelming, so let’s break down some of the key areas that might help your business to manage all the changes. We will cover contact tracing, what it is and why it’s so important. Two key steps to defining it for your business and lastly some brilliant business IT tools that could save time, money, and possibly even lives.
Contact tracing is the ability to trace what kind of contact you have had with which people, how close you have been to them and how long you were in their presence. There are two types of contact tracing: casual and close. Casual is defined as someone you have been in the vicinity of. Close, is someone you might have shared bodily fluid with, or been closer than 2m to, for 15 min or more. For example, you might have shared a drink with someone, or gone into their home to fix something and stayed for more than 15 min chatting to them at a 1m distance.
It is possible that we might experience little outbreaks here and there for quite some time to come. We will most likely be required, for health and safety needs, to be able to track our day to day interactions. If this is the case we will need to consider how to manage onsite, offsite, deliveries all sorts of day to day interactions. Protocols and communication will be key moving into this next recovery phase.
There are lots of tools you can use to keep your business moving forward. For those of us who are lucky enough to be able to work from home, tools like Microsoft 365, Zoom and other online platforms like Hubspot, will be able to provide regular quality communication and transparency with workers. What is very important to remember is that remote work doesn’t always mean your data is safe. Check out our blogs on multi-factor authentication and more on network safety
Most companies already have access to systems that can put tracking visitors and deliveries in place, they just haven’t discovered it yet. Bundled with your Microsoft 365 or Google Suite subscription is a tool called Forms. This enables you to make simple questionnaires that are available online. Once you have made that form, it automatically generates a QR Code, which you can print out and stick on your entrance way. All available from your laptop or home computer!!
For example, you arrive at your favorite café. On the door there is a QR Code which you scan. It pops up with a form to fill out, and even your order. Once you hit send on the form, it informs the café staff that you have checked in, and what your order is. Once your order is complete, you are sent a message saying you can pop in and pay with payWave. Minimal contact, but all that data is kept for the café owner to use to track you down if there were to be a covid case in your vicinity, keeping you safe.
For those business that are face to face this is a really testing time. However, now is not the time to take your foot off the gas. There are so many tools you can use to transform your business and who knows, possibly even for the better. Once you are online, you are no longer geographically restricted! Talk to your web designer, add a shopping cart or Shopify account. People are in the mode of learning to order from you online means it’s a great time to enrich your database more than ever before. If you are in the wellness, entertainment or education business, consider running live events using Eventbrite or use the paid subscriptions option on Facebook.
For companies needing more sophisticated tracking, Microsoft Power Apps can be used to create custom Apps. You can then track GPS location, time on site, record photos, the sky is the limit. Whatever you do, there will be a way, but never feel like you are on your own.
IT Centre is a founding member of the NZ-wide IT Alliance – www.ita.co.nz