Get in Touch

The danger of comparing Apples with Apples  

When it comes to reviewing IT services many desire to be in a position to be able to compare 'Apples with Apples'. The reasoning is always quite simple. Given the inherent complexity surrounding IT coupled with a lack of expert knowledge in the area it makes sense to simplify the selection process. By viewing all vendors through a pre-defined lens, the pro's and cons of each vendor can be mapped out side by side. 

But does this method really make the process any simpler? 

Everyone is familiar with the term 'no brainer'. By definition, it is a decision or choice that is very easy to make and requires very little thought. Decisions are easy when there is a clear and obvious advantage to one of the available options. In order for there to be a clear and obvious advantage, you need to be aware of differences rather than the similarities. 

To take the metaphor literally for a moment; suppose you were tasked with selecting the best fruit to make an apple pie. In one scenario, you are presented with 3 varieties of apples. In the other, you are presented with apples, pears and plums. The first scenario requires expert knowledge of apple varieties, the second, could be answered by a child. 

Choosing Between Apples 

Commonly we see businesses struggle with final selection of an IT provider as they have narrowed their selection criteria to a handful of common attributes. To the untrained eye, each companies capabilities appear to be almost identical. Undoubtedly this perception couldn't be further from the truth. 

The truth is that each company likely produces vastly different results and service experiences. Results and experiences that could potentially make or break the company making the selection. There are various ways to uncover these differences (see this article) however for the average individual, the only difference they are likely to understand is the price. 

The Importance of Price 

When dealing with service companies, price is crucially important. The old adage of 'you get what you pay for' has a lot of merit. Ultimately, an MSP offering services cheap is likely compromised by either the quality of their staff, levels of resourcing, training & development, or a combination of all three. 

Inversely, spending more does not guarantee great results. Whilst it is a good indicator of a business that values their time and knows what it will take to deliver great results, price alone cannot guarantee a great choice. 

So despite the importance of price as a consideration, it cannot be the primary point of difference as it commonly is when comparing 'Apples with Apples'. 

Taking a Different Perspective 

When is comes to selecting a new MSP, the devil is not in the detail. Focussing too much on the detail narrows perspective and hides the major differences that are likely critical to the outcomes you are trying to achieve. 

As an extreme example, suppose you were looking for a new car with an automatic gearbox, lane assist, cruise control, automatic wipers and heated seats. Then suppose you decided to only evaluate vehicles based on this pre-defined list of requirements. 

Undoubtedly you would end up with a list of seemingly identical vehicles selling for vastly different prices. This list could easily include hatchback's, SUV's, Ute's and luxury sedans. With nothing else to differentiate your options other than price, it would be blind luck to choose the right vehicle for your needs. 

Whilst this example might seem silly as no one is buying a car solely off the spec sheets, it is an apt description of the importance of standing back and looking at the bigger picture. IT companies should be evaluated and qualified based on their cultural fit with your organisation, the alignment of their services to your needs, and their ability to deliver on their promises. 

If the goal is to make a confident decision in selecting a provider, your focus should be on differentiation. 

Choosing Between Apples, Pears and Plums 

Focus on capabilities and quality of service rather than merely the existence of common services. By doing so you are far more likely to be able to clearly differentiate between providers. This is done by broadening your scope and asking questions without yes/no answers. Some examples include: 

  • Explain how it is that you ensure the security of your clients' networks 
  • What challenges have you seen clients have when adopting Office 365? 
  • How would you recommend we go about creating an IT roadmap? 

These questions are so much better than 'Do you offer cybersecurity?', 'Are you familiar with Office 365?' & 'Do you offer strategy and advice?' as they give far deeper insight into their services & capabilities. 

Providers that give clear, competent answers are far more likely to deliver superior results. Additionally you will be able to see who is a better fit for your organisation based on their approach. 

It shouldn't take technical expertise to evaluate these important traits in a provider. Likewise, you should not feel the need to 'simplify' the process by reducing your scope to simple yes/no questions. Instinct commonly plays a huge role in evaluating potential hires in an interview. Similarly, your instincts should be able to differentiate the apples, pears and plums

The majority of Microsoft 365 (M365) customers are simply not utilising the bulk of the products and features that are bundled into their subscription.  Identifying and addressing areas of underutilisation could not only help you maximise the value you receive from your investment but help improve your business processes and team’s efficiency.

A powerful tool, M365 is designed to address and solve the pain points commonly experienced in a growing organisation. The challenge business leaders often face is understanding which tools in M365 can help solve which pain points, and how to make that happen.

As Microsoft Partners, we can connect those dots for you. We utilise a simple 4 step process to help identify opportunities for improvement and determine how M365 can help accomplish them.

Achieve a better utilisation of M365 with these four steps:


1. Start by identifying where you are at.

Before you dive into finding solutions, it’s always good to generate a baseline of what you are currently doing and how it is working. When we are working with a client to better utilise their M365 environment here are steps we follow:

  1. Technically audit your environment to see how you have configured your apps and security
  2. Learn your business processes and your service delivery from start to finish
  3. Talk with your team to understand how they use the M365 tools daily

2. Recognise where you need help.

Once we have learned more about your business operations, we have a better understanding of what your ideal workflows would look like and what is holding you back from achieving them. We call these obstacles pain points.

By identifying key pain points across your organisation, you can see clearly where you have opportunities to further apply M365.

Questions to ask while looking for pain points:

  • Where are we experiencing bottlenecks?
  • How many different tools do we use to complete a task?
  • How are we handling communication? Is it centralised and simplified?
  • Can our team easily access all the information they need to complete their daily tasks?
  • Are you still physically attaching lots of documents to your emails? Are you still sending lots of emails to your internal staff?

Make sure you consider each department, or team, as they might have different pain points. Including their opinions and feedback in your analysis is very important in order to come up with a relevant solution.

3. Work through some solution scenarios.

After identifying your pain points, it’s time to identify possible solutions.  Creating scenarios and test running solutions helps us find the best possible fit for your team and it also improves their adoption of the new process.

When creating possible scenarios take a pain point and identify the issue, business goal, and possible solution. This allows you to workshop possible solutions and see how you could resolve your issues with M365.


Here are some common examples:

Issue: Too many communication tools, one for video conference, one for chat, and one for email. Communication is not centralised.

Business Goal: Increase communication and consolidate communication locations.

Solution: Implement Microsoft Teams with chat and video conferencing, use as single solution for both external and internal calls and communication, augmented with email.

Issue: Logins are secured, but not on every device, and there’s no Multi-Factor-Authentication. Passwords are compromised and invalid logins occur.

Business Goal: Secure our communication and collaboration technology.

Solution: Enable Azure Active Directory service and enable MFA on all devices.

Issue: Employees have to wade through multiple folders in order to find what they need. 

Business goal: Increase efficiency and simplify file organization.

Solution: SharePoint has a super indexing system which means you no longer need lots of confusing folders and sub-folders. We recommend only 3 sub-folders to avoid confusion and simply search for what you are after. just like you are used to when searching the internet.

In each of the examples, it’s clear that attaching a business mindset to each issue and providing the solution via technology, creates a vivid picture of how Microsoft 365 will drive business goals.

4. Implement and learn.

You can work with an IT professional to identify and implement these solutions. However, a huge part of implementation is education. Dropping a new technology and expecting everyone to embrace it is not going to be effective. We utilise workshops or online training systems to detail how this solution will help remove the pain points they were experiencing, show them how to best utilise the solution, and provide training documents to reference while they learn.

Though this process is simple, having someone with an in-depth understanding of the M365 environment can really help you get the most out of it. If you would like assistance getting better utilisation of M365 and optimising your business, book an introductory call with us and lets get started.

We are all ingraining ourselves into an Internet of Things (IoT) world that, for the most part, benefits everyone – improving efficiency and keeping us connected to the devices and people that are important to us. (more…)

Here at Sensible, we are devoted to delivering “Sensible” IT advisory and support services while continually identifying improvements. So, you have improved business operations, more productive staff, confidence in your technology, and predictable costs.

We use the same process and strategy to help improve our own business that we do for yours- that is how we know it works, and now others know it too.

We are proud to say that the program we have worked so hard on to create has landed us a spot on Channel Future’s 2020 MSP 501 list.

The success we can bring a client by providing them with IT business consulting and solutions is what drives us, so we are thrilled to be recognised for that work. In that spirit, we wanted to share with you the steps we take in analysing our client’s and our business’ technological opportunities. If your current provider is not helping you do this assessment or isn’t asking you these questions, your investment in them isn’t paying off as much as it could. You can book a call with us anytime here.


Identifying Technological Opportunities In Your Business

1. Get into the details.

The first thing we do with a new client is to sit down and learn as much as we can about their business’s goals, their current technological utilisation, and where their processes snag. We look to:

  • Understand the step by step of their workflows
  • Review the time it takes for tasks to be completed, and identify bottlenecks
  • Review historical trends for workloads, efficiency, profitability, etc.

The most important part about this step is that it needs to be repeated regularly. Businesses change and evolve and implementing data points you can track over time help keep us in-tune with how things are going.

Example: Every quarter we review our budget and ask ourselves, “how did we improve profitability this quarter”. This prompts us to analyse what we were able to implement to improve our efficiency and profitability and encourages us to find tweaks or new technology that can help us continue to improve.

2. Complete a SWOT analysis on your current technology solutions.

SWOT is a great organisational framework we use to take what we have learned and categorise it into a helpful and actionable format. We use the questions provided below to help organize our information into each category.

S- Strengths: What does the company do well, what resources does it already utilise well, and how is the company making the best use of information technology?

W- Weaknesses: What processes or services could the company improve, in what areas does our competition have the technological edge, and what technology should the business actually avoid?

O- Opportunities:  Think about new market opportunities and how technology is changing. Are there interesting trends in technology that you would like to try, are there industry-specific solutions that could elevate business operations?

T- Threats: What information security threats should the business be most concerned about, how would their business fair if the technology went down?

3. Identify high impact areas for growth.

We then take our SWOT analysis and pinpoint opportunities that play to the company’s strengths, reduce weaknesses, and we note potential threats to plan for. Then we do our research to find the perfect technological solutions, create an implementation plan, and budget out the project and any ongoing service necessary.

We would love the opportunity to learn more about your business and help find you technological solutions meant to help automate and improve your business, and thus your profitability. Book a call with our CEO, Katherine Spanner, and let’s get started.


We are all ingraining ourselves into an Internet of Things (IoT) world that, for the most part, benefits everyone – improving efficiency and keeping us connected to the devices and people that are important to us.

With the advancement of technology, almost every aspect of our lives generates data and sends us infromation over the internet. Smartwatches track our steps, smart doorbells keep us safe, smartphones know our location, video streaming services know what we like to watch and make recommendations, social media puts ads and posts in front of us that it knows we will like, our coffee pots even know when we would like our coffee made in the morning.

IoT is emerging as a powerful tool in the business world as well. IoT devices record and transfer data, and this can be applied to monitor important processes, give us new insights, boost efficiency, and allow companies to make more informed decisions. They can tell you what is really happening, rather then what you assume is happening.


So, what really is the Internet of Things?

IoT is a system of interrelated, internet-connected devices that can collect and transfer data over a wireless network. By combining these connected devices with automated systems, you can gather information, analyse it and draw conclusions to inform decisions better or take action to help someone with a particular task or learn from a process.


How can IoT help my business?

Here at Sensible, we have had great success in improving our client’s efficiency, security, and profitability with the correct implementation of IoT devices. Having the ability to monitor, track, and analyse important data easily has given our clients the visibility they needed to make better-informed decisions and take productive action to improve their businesses.

Whether it’s as standard as finding a better way for employees to clock in and out of work, or as niche as monitoring and controlling the temperatures of food shipments while they were in route to their destinations, IoT devices can help. We can help you by making recommendations and vetting devices that could make an impact.


How do I know what IoT devices to get?

IoT devices are great, but you don’t want to overdo it. When working with a technology professional like ourselves, we can help pinpoint areas of your business that could be optimised with the help of IoT devices, and then research the best model of that device for your business.

There is a lot to consider when adding any device to your business’s network:

1. Is it compatible with your existing devices?
We help find a quality device that will function within your existing environment and won’t require a ton of additional work to get it to “talk” with your existing systems.

2. What security threats will it pose?
Unsecure devices that are connected to your network can create massive holes in your cybersecurity. Many IoT devices are insecure out-of-the-box and should be reconfigured properly immediately. Recently, a WiFi-enabled coffee pot was proven hackable and exposed the rest of the corporate network to a ransomware attack. We make sure that any devices that will be connected to your network have been configured to the security standards necessary to keep your information protected.

3. Does your network have the strength to support additional devices?
The more devices you add to your network, the more strain you put on it. There is a breaking point where your network connection will slow and no longer be reliable. Depending on how many devices you add, you may need to upgrade your network capacity. We can help you evaluate your existing network and determine what it would be able to support.


I’m ready to talk about taking a more Sensible approach to our IT, who do I talk to?

We would be delighted to talk further and discuss how we can help you implement IoT devices, or simply examine your current IT approach and offer advice for improvement. You can book a call with our CEO, Katherine Spanner, via the button below.


If your business relies on Microsoft 365, you may have noticed that on Tuesday, September 29th, there was a multi-hour outage. Microsoft confirmed via their Twitter account that the "residual issue has been addressed, and the incident has been resolved." Still, for many, this was a wakeup call to the fact that they need to have a backup form of business communication.

Businesses are moving towards more modern workplaces. Many of our clients no longer utilise landlines and handle all communication electronically via platforms like Microsoft Teams, so when Microsoft 365 went down, they found themselves without any way to communicate to their clients or conduct their business.

For everything in life, to be prepared, you should always have a backup plan. In these cases of technology outages, we would recommend putting together a Disaster Recovery Plan detailing what to do if any of your virtual systems fail. That way if something happens, your business will be able to take it in stride with minimal interruption.

For example, in the case of losing your communication method of Microsoft Teams, your Disaster Recovery Plan should:

1. Plan how you will notify your team that the Disaster Recovery Plan is being enacted

2. Designate your secondary communication platform(s) for external communication and internal communication

3. Define where calls or messages should be forwarded to

4. Designate who will be in charge of setting up the call forwarding, be sure to include updated personal contact information for this person

5. Craft a generic message that can be posted to social media channels or on your website to inform your customers of the best way to reach you

6. Designate who will be in charge of posting your external messages, be sure to include updated personal contact information for this person and how to access the necessary accounts or website

7. Be shared with your team and kept in an accessible place so anyone can reference it if needed

If you are working with an IT provider, it is essential to share this information with them so they can help you adjust as needed if the time comes. Additionally, you can utilise their expertise to ensure your Disaster Recovery Plan is well detailed and sure to support you through a crisis. If your business could use help creating Disaster Recovery Plans for your solutions, we would be more than happy to help you out.


Apple computers have long touted enhanced security measures as compared to their PC counterparts. The truth? Macs can be just as vulnerable as PCs.

Apple’s closed system: once a strength, now a downfall

Though their closed system is an advantage over Microsoft, it has recently proven to be a massive downfall. The T2 equipped Macs, meant to be their most secure version yet, has proven vulnerable. Hackers have found that with physical access, security encryption can be compromised entirely.

Usually, Apple would issue a patch (an update) to fortify any openings, but this specific weak spot lives in the hardware of the machines, not the software of the operating system. Hackers can use what is called the Blackbird exploit to boot with root access to the SEP chip in your Mac which stores your most sensitive data: encryption, passcodes, ApplePay, biometric data, etc.

In simpler terms, all Macs with the T2 chip are seriously hackable, and Apple can’t fix it.

What about Macs that don’t have the T2 chip?

Even though this hardware vulnerability is a specific case, Macs have always been and will be susceptible to cybercrime. Though cybercriminals are typically focused on PCs since they are more widely adopted, the rising popularity of Macs is proving to draw their attention. We are seeing more system-agnostic attacks meaning they can be effective on both Macs and PCs.

Beyond the T2 chip vulnerability, all Macs are susceptible to viruses, malware, and web threats. Here are some busted myths:

1. Macs don’t get malware. Even though the system has certain safeguards, users are ultimately the vulnerability when it comes to malware. Actions like opening an unknown attachment, downloading software from malicious sites, or clicking on bad online ads can land you with malware that can sap your system's productivity or worse.

2. Macs don’t need security software. Again, the system is at the mercy of the user. Users can be fooled by phishing emails or prompted to download bad software. Security solutions will stop you before you do something detrimental.

3. My Information is safe on my Mac. Though many cybercriminal attacks are geared towards Pcs, device theft skews towards Mac computers and devices as they are easily identified and highly priced. Make sure that your devices have Find My Mac set up, are password protected, and go through regular data backups to an external storage space.

Should I stop using Macs? How do I protect my device?

We are not at all suggesting that Macs are not suitable for personal or business use. We see the discovery of the T2 chip vulnerability as a timely example to underscore that no matter what devices you are using, you need to take precautions to protect yourself or your business from cybercrime. Here are some basic steps to protect your device:

1. Install security software. Period. There are so many options, finding one with adequate strength and at a reasonable price point is fairly simple. If you run into any issues, we encourage you to give us a call (book a call link), and we would be happy to help you out.

2. Keep on top of software updates. The reason for updates is to improve your device. Though it can be a minor annoyance, keeping your devices up to date ensures you have the most recent security patches and big fixes.

3. Invest in education and training. Especially for businesses, training your employees on how to adhere to security policies and recognize cyberthreats will exponentially decrease their likelihood to put your information at risk.

4. Work with an IT professional. An IT provider can help ensure that you aren’t leaving any holes in your defences, advise you on which tools or software would work best for your organization, and help provide solutions to any IT problems you are facing. Here at Sensible we love giving our clients back their peace of mind, knowing that with all the potential threats out there, we can expertly protect their information and help craft solutions for any problems they encounter. If you need IT assistance, give us a call.

Cybercriminal attacks are getting more and more sophisticated. If your business's site doesn't have an SSL certificate you are putting your reputation and your site's visitors at risk. In this blog, we will be covering:

What is an SSL Certificate?

The Types of SSL Certificates

Why do SSL Certificates Vary in Cost?

How to Pick an SSL Certificate Provider

If your business's website doesn't have an SSL certificate, we can help. Book a call today.

What is an SSL Certificate?

SSL Certificates are a vital part of internet security, especially when your business needs to have an online presence. SSL certificates secure your domain, providing your online visitor's security, which is paramount.  You need to create a secure environment that makes clients and potential customers confident in your business. Position your business as a trusted and secure resource- an SSL certificate helps you do that in two essential ways:

  1. It provides an encrypted link between the user and the server hosting your particular service. This is vital when exchanging sensitive information like personal information and housing financial transactions.
  2. It provides proof of identity. Verifying that the site they are on is owned and operated by the correct owners and has not been spoofed. How to check this: When you view the certificate (click on the padlock next to the URL)–The company name should match the website

As technology advances, so does the sophistication of cybercriminals attacks. We have seen business's websites spoofed or redirected which causes a lot of grief for the business, their clients, and their potential clients. In fact, as a result, Google Chrome and other browsers will now penalise (and potentially block) any website that does not have an SSL certificate. Check to make sure your URL begins with https:// not just http://. The S indicated that the website does have an SSL certificate. If you don't have one, we can help you get one- book a call with us today.

Types of SSL Certificates

Not all SSL Certificates are equal. There are essentially 2 types of SSL Certificate generally available now:

  1. Single Name Certificates (for only one service/host server) - e.g. OR, etc.
  2. Wild Card Certificates (for use on multiple services/host servers) - e.g. AND, etc. Wildcards, of course, are more expensive, but if you have more than 2 or 3 services they can be cost-effective.

SSL certificates can only now be purchased for 1 year periods, so make sure to renew it every year.

Why the Varying Costs for SSL Certificates?

There are definitely cheaper options out there for SSL certificates. However, you do get what you pay for.

As we outlined above, SSL certificates are not all the same. Having a cheaper SSL usually provides minimum encryption and trust, and is considered the bare minimum when it comes to protecting your website and it's visitors. The more expensive the SSL the more protection it provides. We can help you weigh your options and find the right provider for your business.

Which SSL Provider Should I Pick?

We have put together a checklist to help you decide on the best SSL provider for you:

1. Do they properly validate the identity of the SSL purchaser? This is a manual, slower process to ensure that the purchaser of the "" SSL certificate actually is CONTOSO and not an imposter. They also include your business name on the certificate. Cheaper providers simply do not have the infrastructure for this important step, or they skip it or do a very basic check = Lower Trust = the main reason for a cheaper price.

2. Is there a warranty offered to users of your internet services? Warranty is an insurance for an end-user against loss of money when they make a payment on an SSL-secured site. This is very important for e-commerce sites but is also important if personal data is being submitted to the secure site. e.g. GoDaddy offers only a limit of $1000 to end users against loss of money when submitting a payment on an SSL-secured site. = Lower Trust Our preferred provider comes with a $1 million warranty.

3. Are you buying the SSL from a registered Trusted Certificate Authority or just a wholesaler? Is the provider simply a mass wholesaler of other people's SSL's or do they directly stand behind it and offer the service themselves? Trusted Certificate Authorities are organisations that have earnt trust globally (and by all web browsers) to safely and securely provide secure identities. There are only 8 actual Trusted Certificate Authorities in the world. Our preferred provider is one of these Trusted Authorities and offers 24X7 support.

4. What Level of Encryption is provided? What level of encryption is provided to protect the data in transit over the public internet- 128-bit / 256-bit? This encryption means how easy is it for a hacker to grab the sensitive information. The standard now is 256-bit - which is a lot harder to hack.

5. Is the SSL Certificate guaranteed to Work on All Devices? Has the certificate been verified to work on all devices that may connect? e.g. smartphones and tablets? Some providers do not - though this is becoming less common.

As an internationally ISO27001 accredited organisation, Sensible Business Solutions takes security very seriously.

We have to go out of our way to ensure the systems and suppliers we deal with have best practices in place, offer business-grade support, etc. The choice is up to you - but we will always be able to help you with the systems we recommend.

If you need more assistance, give us a call, we're happy to lend our expertise to your organisation.

As we are all still trying to understand what the lasting impact of the COVID-19 pandemic will be, many organisations are taking a hard look at their operating costs and looking for potential cuts. Protecting cash flow is vital right now. At Sensible we want to help you implement strategies that can help reduce your IT costs and set you up with a system flexible enough to support your business through the many changes (or pivots) you might be making to position yourselves to thrive through it all. We want to offer you guidance and support through these times, and potentially help you save some money.

Step 1- Do an Internal Audit

Take a look at your current technology solutions. Take stock of everything you are paying for and ask yourself these questions:

• Is this the right system for my business? Does it accomplish all I need it to?

• Are we currently utilising all the tools we are paying for? Can we cut any?

• Do we lack internal processes? Are there ways I can improve efficiency and save our employee’s time?

Step 2- Cut Any Redundant or Unnecessary Services

The easiest way to reduce costs is to get rid of what’s not working. Many companies have a habit of purchasing a new tool or service to meet an immediate need. Little do they know they usually already have a tool that could meet that need, it’s just not being used properly. Here is a free tip: Do you have Office 365? Most companies get this package so they can use programs like Word and Excel, but don’t fully utilise the other apps that come with it. Microsoft teams can easily replace Slack and Zoom, and Sharepoint or OneDrive can do the job of Google Drive and Dropbox. You’re already paying for Office 365, and the tools themselves are more powerful, providing integration of your information and files across all the apps. You might simply need some training or guidance on how to implement these tools into your business processes, and we can help with that.

Step 3- Evaluate Whether It’s Cost Effective to Manage Your Own IT

Is IT your core skill set? Will you ever be as efficient and skilled as a complete team of specialists? Often your time will be better spent doing what you are best at, then wasting countless hours trying to learn an entirely new skill set. Additionally, can you really afford not to do IT the right way? Payroll and training costs alone can be a nightmare. Outsourcing a portion of your IT needs to a 3rd party resource like Sensible can help you simultaneously improve your technology management, and potentially save money. If you’re currently relying on an internal IT manager or a small internal team, are they struggling to keep up with the tsunami of complex and ever-changing technology needs and services? Important competitive projects may be delayed while your team has to complete training, and you become the test environment for their new skills, increasing your risk. Sensible offers a full-service solution for your IT needs, resulting in a higher standard than most organisations can achieve in-house.

Step 4- Don’t Pay for Quick Fixes, Invest in A Reliable Solution

How does your current IT resource handle your technology needs? Are you currently working with a “break-fix” style of management, where you pay for problems as they occur whether or not they happened before? Or are you paying a predictable monthly fee for a process that analyses your business, looks for opportunities to improve your staff productivity and tries to prevent problems in the first place? We believe you should engage a provider like us, who trusts their systems to offer you unlimited support for a fixed fee. Those quick fixes add up quickly, and with the right solution, you can eliminate them.

Step 5- Plan for The Future, Secure Your Information

As we are working remotely, it is more imperative than ever to understand how to protect your data. Protecting your finances, your reputation, and your Intellectual property can be costly, mainly if not implemented properly. However, it is even more expensive if you don’t protect them adequately at all. Adhering to compliance regulations can be costly and often means implementing and maintaining a stringent security infrastructure- do you have the expertise to do this most cost-effectively?

We could cover many more steps to take, but these are the areas where we think you can make the most impact on you and your business. If you’re hesitant about tackling this problem on your own, that’s okay! We encourage you to contact Sensible. We can help you identify these problems and guide you on how to solve them. Give us a call!

Microsoft Office 365 has proven itself to be one of the foremost business-level office solutions in the world, regardless of industry. It’s a set of tools that companies and MSPs all over the world utilise and promote—but that doesn’t mean it’s perfect, and it definitely doesn’t mean that people have mastered and taken advantage of all of its features. Unfortunately, one of the most important aspects of IT management is neglected in most Office 365 implementations: cybersecurity.

Here in Australia we’ve seen a number of high-profile successful cyberattacks in the past few months; Toll Group suffered two attacks, BlueScope Steel was hit by an attack that forced them to shut down operations company-wide, and money management company MyBudget was hacked, causing a nationwide shutdown that left over 13,000 customers financially upset.

If companies of that size are able to be hacked, so can your organisation—you cannot assume that your standard firewall and antivirus combination will keep you safe.

This takes us back to Office 365, which has a variety of security features that many organisations are not aware of, and therefore do not utilise. With more and more organisations moving to Office 365, there are more and more people not optimising their environment or taking the next steps to protect themselves. When we consider the growth and staying power of remote work environments, it becomes an even higher priority.

A Case Study

In our years of experience, we’ve run into a few cases where a company adopts Office 365 out-of-the-box, and experiences some form of cybercrime that they thought they were safe from. In one case, there was a malicious actor that was automatically forwarding every email the employee received to their company’s competition—including sensitive personal and financial information. Office 365 has a security feature that can alert the user and/or administrator if company emails are being forwarded outside of the network, or if there’s other strange behaviour—but this feature is not enabled automatically. The victimized company in that case was being spied on for two weeks before they found out —not many companies come out of that with revenue and reputation intact. If they had looked into their cybersecurity options, and didn’t assume that Office 365 automatically secured everything, this could have been mitigated or avoided entirely.

Noteworthy Office 365 Security Features

Another form of security that Office 365 supports is “impossible travel detection”. In an impossible travel scenario, the system detects if logins are being attempted from different geographic locations in a timeframe that you couldn’t physically achieve. e.g. Login attempt in London, and after an hour it’s being attempted again from New York. This is impossible travel, and it’s a major indicator that someone is trying to hack your account. There are tools to detect those things and alert the proper individuals—but again, these are not automatically turned on. You need to set it up specifically.

While those tools (and others like them) are less known or understood, there is one security feature that almost everyone is aware of—and also isn’t activated out-of-the-box : Multi-Factor Authentication (MFA). With MFA activated, users are required to validate their login attempt via another system—this could be a text message, a smartphone app, or token. While yes, MFA adds another step to every login, it also adds an impossible step to any hacker or social engineer that manages to get a hold of your password. If they don’t have both your password and your smartphone, they can’t get into your account to cause problems. Sensible recommends always implementing MFA.

Another major misconception and point of neglect with Office 365 is the assumption that data stored in OneDrive or other Cloud-based solutions are backed up. Microsoft only supplies a short term recycle bin. They do not supply backups at all: this is up to you to arrange. Just because you are working in the cloud does not mean your data is immune from accidental / intentional data loss or corruption.

So what can we do? Sensible is happy to work with you to improve your cloud defences and cybersecurity solutions, whether it involves an Office 365 subscription or not. We begin by discussing your current environment, and business, before auditing your company for security risks. Once we’ve audited your network and identified your weak points, we can work with you to improve. Whether there’s a certain cybersecurity benchmark you want to hit, or if you need to meet regulatory compliance criteria, we can help you get there.

If you’re interested, feel free to give us a call; we’re happy to lend our expertise to your organisation.

Sensible Business Solutions © 2022 All Right Reserved
Privacy Policy