While we’re all for efficiency, there are some boundaries that should not be crossed for everyone’s benefit. Take, for instance, the email you use to subscribe to online services. While it may be tempting (or, for some people, automatic) to use your work email address when you sign up for, say, your Netflix account or an online merchant, we wanted to discuss why this is a bad habit to get into that could have lasting consequences.
The reason you shouldn’t use your work email for personal purposes is a simple one:
What Happens If You No Longer Work for the Company?
Seriously, we want to know: what’s your plan if your employment comes to a sudden end?
Let’s say that you were using your work email for an assortment of personal reasons—maybe you used it to subscribe to a few subscription services, or you used it to login to a favorite online retailer or two… maybe one named after a really big river in South America.
Potential for distraction aside (which is itself a whole other can of worms), tying your personal life too much to your work life can have some long-term issues. Let’s say you did choose to use a work email to sign up for a personal service, only to leave that job some time later.
Regardless of the reason you leave—whether you or your position was terminated, you found another job, whatever—one of the first things that any responsible company will do is to deactivate your accounts from their system. Neglecting to do so would be a cybersecurity failure on their part. Good luck trying to recover a forgotten password when the authentication is sent to an email you no longer have access to.
Businesses Should Actively Discourage Private Use of Professional Email Addresses
There are plenty of reasons that a business should want to keep their users from using their professional email accounts for their own personal purposes. We’ll quickly run through the list:
- Corporate accounts are readily available online in many cases, making them easy targets for phishing and spam.
- On a related note, it becomes a lot easier for a cybercriminal to find online accounts that are tied to a business email address and use what they find to craft more effective spear phishing messages—ones that are tailored specifically for a particular recipient.
- Many people still reuse passwords across many different websites and services, so if a website is breached that an employee’s work email was used to access, there’s a good chance that a work password could be stolen with it.
Cybersecurity Needs to Take Precedent Over Convenience
While convenience is an appealing motivator, it is important that your processes are shaped to prioritize your business’ security. Educating your team about password best practices and the actual importance of this kind of work/life balance will be key to shoring up this particular security issue.
We’re Here to Help Strike the Balance
Turn to us for help with keeping your team members from inappropriately merging their work lives and personal lives, as well as our assistance in optimizing the rest of your processes. Give us a call at 651-234-0895 to learn more.
Getting your staff to care about your organizational network and data security may be more difficult than you might think, but it’s not a lost cause. Today, keeping your business’ organizational security strong relies heavily on your staff’s willingness to follow the right practices, so today we thought we’d give you seven tips to get your people to care about security
Be Up Front
One of the main reasons employees don’t often care about cybersecurity is the overt secrecy surrounding it. Today’s organization needs to come clean when it comes to the constant threats that are out there. If you want your people to have a vested interest in keeping your business’ information systems and data secure, you need to level with them. After all, they can’t help if they don’t understand.
Make it a Personal Investment
Your company holds a lot of your employees personal data. Let them know that along with any sensitive and proprietary data that could be lost in a data breach, that their data could also be vulnerable. In order to sufficiently secure your data and theirs, they need to know what’s at stake if they don’t actively follow cybersecurity procedures.
Top Down Security
Every member of your organization needs to understand that they could be targeted by hackers and fall victim to these threats. The more your employees understand that management is actively complying with security policies, the more willing they will be to alter the way they consider cybersecurity.
Gamify Your Process
People tend to be more engaged when there is incentive baked into a policy. Gamification is the strategy of scoring a person based on their efforts. This strategy works wonders for productivity so it stands to reason that it would work for cybersecurity awareness and following any organizational policy that’s in place to keep your systems and data secure.
One of the most important variables to get your people to follow the rules, is to have them in place to begin with. In cybersecurity, confusion can be a huge albatross, so ensuring that everyone is playing with the same rulebook is a must. This includes building procedures to handle attacks such as phishing as well as password hygiene and many other security-based policies. The more consistent your procedures are, the more likely your staff is to understand and follow them.
Start from Day One
With all the threats that are out there at the moment, you will want to stress the importance of cybersecurity with current and new employees, alike. If you start hammering home the importance of compliance with security procedures from the day an employee starts at your business, the more likely they will continue to comply with them as they undertake their job; which for most of your staff, isn’t strictly cybersecurity.
Employee’s Security training is becoming commonplace at almost every organization, largely because the threats that it faces could have devastating consequences. You will want to invest in comprehensive training and re-training to ensure that your employees understand the importance of your cybersecurity initiatives, and that they are up-to-date on any and all changes to policy or strategy.
Cybersecurity is a team effort today and if your organization isn’t stressing the importance of it, it’s only a matter of time until it rears its head. If you would like to learn more about training your employees on the best practices of cybersecurity, creating a cybersecurity policy that works to keep your information systems secure, or if you would just like to talk to one of our IT professionals about cybersecurity best practices and procedures, give us a call today at 651-234-0895.
For decades, technology has been the driving force behind some of the biggest and most radical shifts in business. Therefore, it makes sense to assume that the keys to your organization pushing past its limits and becoming truly exceptional lies in the implementation of new technologies that change operations in a profound way. The process of digital transformation does not have to be difficult, but it is important in a business environment so that you can stay competitive.
Digital transformation is the process of implementing new technologies and rethinking the relationship that your goods, services, and operations have with them. It can be seen as a way to innovate and make advancements in ways that might not otherwise be possible. The ongoing COVID-19 pandemic has forced many companies to accelerate their adoption of technology, so digital transformation is a trend that is rapidly increasing in popularity. To help your company make the best decision possible regarding technology, we have put together an easy three-step process you can follow when implementing new technology for your company.
Make Sure Your Objectives Align with Your Business Goals
The technology you implement should align with what you are trying to accomplish as a business. If your goal is to develop products, consider technology solutions that streamline that process. If your goal is to get the word out about services, consider ways that technology can help you get the word out. If your goal is to provide exceptional customer support, think of ways that technology can streamline the process for customers to receive the help they need when they need it. In other words, implementing technology without a clear and defined goal is not going to help your business; if anything, it will make your infrastructure more complicated and bogged down, so we encourage you to think about what your business does well and how technology can help you do it better.
Lean On Your IT Department or IT Resource
When it comes to your business’ implementation of new technology solutions, you want to take as hands-off a position as possible. Too often management and the C-suite get too involved in the decision-making process regarding IT. It is important to remember that you have an IT department or IT resource for a reason; respect their opinions and consult them on the implementation process. Understand that you may have a biased opinion of the technology because you want it to succeed and you think that it can be a great asset, but know that the ones making the cold and calculated decisions are often the IT resources implementing the solution. Just because something works perfectly for one organization does not mean that it will for you, and you should ensure that any solution you choose to implement is right for your organization well before the implementation process begins.
Get Your Staff On Board
Any new tools you implement will surely come with some resistance from your staff. Sometimes those who have been with you for a while are stuck in their ways and might not immediately see the benefits of implementing great new technology solutions. Therefore, it becomes your responsibility to show them just how much they stand to gain from not just learning your new tools, but mastering them as well. Implementing new technology is most beneficial when it’s done in a top-down manner, meaning the boss shows the employees just how confident they are in the solution by actively using it themselves. Employees are more likely to buy in when they know there is some passion behind it, and they will appreciate any training you can offer so they too can learn as much as possible about it.
Get Started with Digital Transformation Today
Point North Networks, Inc., can help your organization adopt new technology solutions and improve operations for the better. Our trusted technicians can be there for every stage of the process, from design to implementation to training and support. To learn more about how we can make a difference with your digital transformation strategy, reach out to us at 651-234-0895.
Passwords are probably the most important part of keeping accounts secure. That’s why it is so important to follow industry best practices when creating them. Today, we’ll take a look at the standards outlined by the National Institute of Standards and Technology (NIST) in creating the best and most secure passwords.
What Is NIST?
For years, NIST has been the predominant organization in the establishment of password creation standards. They continuously change their advised practices to meet with the current cybersecurity demands. They recently updated their guidelines so we thought we would go over what strategies they suggest, to give you an idea of what makes a secure password.
Many corporations are currently using the NIST guidelines and all Federal agencies are expected to utilize them. Let’s go through their newest password guidelines step by step.
#1 – Longer Passwords are Better than More Complicated Ones
For years, it was preached that the more complicated the password, the more secure the account. Today’s guidelines refute that notion. NIST suggests that the longer the password, the harder it is to decrypt. What’s more, they suggest that organizations that require new passwords meet a certain criteria of complexity (letters, symbols, changes of case) actually make passwords less secure.
The reasoning behind this is two-fold. First, most users, in an attempt to complicate their passwords will either make them too complicated (and forget them) or they will take the cursory step of adding a one or an exclamation point to the end of a password, which doesn’t complicate the password as much, if at all. Secondly, the more complex a user makes a password, the more apt they are to use the same password for multiple accounts, which of course, is not a great idea.
#2 – Get Rid of the Resets
Many organizations like to have their staff reset their password every month or few months. This strategy is designed to give them the peace of mind that if a password were compromised that the replacement password would lock unauthorized users out after a defined set of time. What NIST suggests is that it actually works against your authentication security.
The reason for this is that if people have to set passwords up every few weeks or months, they will take less time and care on creating a password that will work to keep unwanted people out of the business’ network. Moreover, when people do change their password, they typically keep a pattern to help them remember them. If a previous password has been compromised, there is a pretty good chance that the next password will be similar, giving the attacker a solid chance of guessing it quickly.
#3 – Don’t Hurt Security by Eliminating Ease of Use
One fallacy many network administrators have is that if they remove ease of use options like showing a password while a user types it or allowing for copy and pasting in the password box that it is more likely that the password will be compromised. In fact, the opposite is true. Giving people options that make it easier for them to properly authenticate works to keep unauthorized users out of an account.
#4 – Stop Using Password Hints
One popular way systems were set up was to allow them to answer questions to get into an account. This very system is a reason why many organizations have been infiltrated. People share more today than ever before and if all a hacker needs to do is know a little personal information about a person to gain access to an account, they can come across that information online; often for free.
#5 – Limit Password Attempts
If you lock users out after numerous attempts of entering the wrong credentials, you are doing yourself a service. Most times people will remember a password, and if they don’t they typically have it stored somewhere. Locking users out of an account, at least for a short period of time is a good deterrent from hackers that use substitution codes to try and guess a user’s credentials.
#6 – Use Multi-factor Authentication
At Point North Networks, Inc., we urge our clients to use multi-factor or two-factor authentication on every account that allows them to. According to NIST they want users to be able to demonstrate at least two of three authentication measures before a successful login. They are:
- “Something you know” (like a password)
- “Something you have” (like a mobile device)
- “Something you are” (like a face or a fingerprint)
It stands to reason that if you can provide two out of three of those criteria, that you belong accessing the system or data that is password protected.
Security has to be a priority for your business, and password creation has to be right up there with the skills everyone should have. If you would like to talk to one of our IT experts about password management and how we can help your business improve its authentication security, give us a call today at 651-234-0895.
By now you’ve heard of VoIP (Voice over Internet Protocol), the telephone system that runs through your Internet connection rather than a phone line. VoIP can save your business up to 60 percent off your current phone bill. What many people don’t know—even ones that utilize a VoIP platform—is that there are many available options that can have major benefits for your business. Companies that have VoIP typically only use between one-third and one-half of the available options. Today, we wanted to showcase five VoIP features that you may not be taking advantage of.
Of course, nobody will ever really admit that they are screening their calls, but most people are guilty of it. Whether you just don’t cop to it or not, it can keep you from having to have conversations that you just don’t have time for. With VoIP, you can send the call to voicemail, disconnect it without giving the caller the chance to fill up your email with solicitation, or you can push it to your mobile phone. Either way, you have complete control.
One useful feature is the auto attendant. It’s basically a simple automated receptionist that can facilitate call transfers, send callers to voicemail, or even provide basic information and support. A lot of businesses completely forego having an actual receptionist and use the call attendant feature as a call hub to direct calls. It’s extremely useful.
Find Me, Follow Me
Some members of your staff are always on the move and it can be difficult for clients and other people to get them on the phone in their office. The find me, follow me feature is a sophisticated form of call routing. It provides a person to go where they are needed and still get the calls that come through for them by calling multiple phones at one time.
Many VoIP platforms don’t just make the people you put on hold listen to the same ol’ elevator music, you can pick your own. This may be a completely aesthetic feature, but it can be a benefit and fit in nicely with the company culture you are trying to cultivate. Insert marketing messages, promotions, and helpful advice for your callers.
Do Not Disturb
This is a feature that is not used enough. If you want to stay productive you need to be able to eliminate distractions. Nothing is more distracting than your phone blowing up constantly. In fact, studies have shown that people take over ten minutes to get back into the flow after a call. If you want to shut it down and focus on the task at hand, using the do not disturb feature can help you get in the headspace you need to be truly productive.
With other features like text messaging and video conferencing, VoIP can add a lot of value to your business’ roster of communications tools. If you would like to learn more about VoIP or other productivity-boosting tools, give us a call today at 651-234-0895.