Get in Touch

The purpose of a password is to protect sensitive data from unauthorised access.

For a long time, to keep up this protective layer, we have advocated that employees create ever more complex passwords and change them even more often.

This is now wrong ! What’s the point of a password system if it makes employees lives even more complex and it doesn’t even properly provide protection any more? Most current password practices were designed for a different age and are no longer fit for purpose. One enormous lesson that the COVID pandemic has taught us, is that the work environment is now totally different :

  1. Systems and data only used to be accessible in a single office, on a single device, on a single network, where we could easily identify the trusted people.
    1. Now, many (unseen) people can now work on many (known and unknown) devices on many networks on many different systems at many locations – How do you know what to trust?
  2. Cybercrime is now super-industrialised which means old defences are easily and cheaply beaten. Bad actors can easily be profitable targeting individuals, let alone small businesses.
    1. Attacks will happen – so you need to contain and limit the spread and damage that will occur.

However, Human Nature is unchanged:

The more rules and complexities and changes you introduce , the more people will try to find an easy way around them.

  • Use the same passwords for every system – once known, access everything!
  • Predictable changes in passwords (e.g. !Password1 just changes to !Password2, etc.)
  • Use the same special characters all the time ( ! at start / end, $” for “s”, “@” for “a,” “1” for “l”, etc.)

 

The new Best Practice Password System:

  1. Introduce 2-Factor Authentication for all systems (e.g. a separate notification on your smartphone to make sure it’s you).
  2. Passwords should be a small phrase (not a single word) that contain no personal information and are easy to remember – e.g. the first few words of your favourite song.
  3. Use a password management system so you can easily have different passwords for every system and not have to remember them.
  4. Introduce risk-based protection / analysis
    1. Automatically Report/ Block any logins from locations you will never travel.
    2. Automatically Restrict what unknown devices can do with your data – e.g. if its unmanaged, don’t allow edits / downloads, etc.

If you do this, then:

  1. Passwords can stay small – around 8 characters in length
  2. Passwords rarely need changing at all (every 12 months or only if a breach is suspected)

Even better, with the right computer equipment, you can now even get rid of passwords all together when using a trusted device. Your employees will really appreciate the difference and your security will now actually work !

If you need help , feel free to give us a call; we’re happy to lend our expertise to your organisation.

 

The majority of Microsoft 365 (M365) customers are simply not utilising the bulk of the products and features that are bundled into their subscription.  Identifying and addressing areas of underutilisation could not only help you maximise the value you receive from your investment but help improve your business processes and team’s efficiency.

A powerful tool, M365 is designed to address and solve the pain points commonly experienced in a growing organisation. The challenge business leaders often face is understanding which tools in M365 can help solve which pain points, and how to make that happen.

As Microsoft Partners, we can connect those dots for you. We utilise a simple 4 step process to help identify opportunities for improvement and determine how M365 can help accomplish them.

Achieve a better utilisation of M365 with these four steps:

 

1. Start by identifying where you are at.

Before you dive into finding solutions, it’s always good to generate a baseline of what you are currently doing and how it is working. When we are working with a client to better utilise their M365 environment here are steps we follow:

  1. Technically audit your environment to see how you have configured your apps and security
  2. Learn your business processes and your service delivery from start to finish
  3. Talk with your team to understand how they use the M365 tools daily

2. Recognise where you need help.

Once we have learned more about your business operations, we have a better understanding of what your ideal workflows would look like and what is holding you back from achieving them. We call these obstacles pain points.

By identifying key pain points across your organisation, you can see clearly where you have opportunities to further apply M365.

Questions to ask while looking for pain points:

  • Where are we experiencing bottlenecks?
  • How many different tools do we use to complete a task?
  • How are we handling communication? Is it centralised and simplified?
  • Can our team easily access all the information they need to complete their daily tasks?
  • Are you still physically attaching lots of documents to your emails? Are you still sending lots of emails to your internal staff?

Make sure you consider each department, or team, as they might have different pain points. Including their opinions and feedback in your analysis is very important in order to come up with a relevant solution.

3. Work through some solution scenarios.

After identifying your pain points, it’s time to identify possible solutions.  Creating scenarios and test running solutions helps us find the best possible fit for your team and it also improves their adoption of the new process.

When creating possible scenarios take a pain point and identify the issue, business goal, and possible solution. This allows you to workshop possible solutions and see how you could resolve your issues with M365.

 

Here are some common examples:

Issue: Too many communication tools, one for video conference, one for chat, and one for email. Communication is not centralised.

Business Goal: Increase communication and consolidate communication locations.

Solution: Implement Microsoft Teams with chat and video conferencing, use as single solution for both external and internal calls and communication, augmented with email.

Issue: Logins are secured, but not on every device, and there’s no Multi-Factor-Authentication. Passwords are compromised and invalid logins occur.

Business Goal: Secure our communication and collaboration technology.

Solution: Enable Azure Active Directory service and enable MFA on all devices.

Issue: Employees have to wade through multiple folders in order to find what they need. 

Business goal: Increase efficiency and simplify file organization.

Solution: SharePoint has a super indexing system which means you no longer need lots of confusing folders and sub-folders. We recommend only 3 sub-folders to avoid confusion and simply search for what you are after. just like you are used to when searching the internet.

In each of the examples, it’s clear that attaching a business mindset to each issue and providing the solution via technology, creates a vivid picture of how Microsoft 365 will drive business goals.

4. Implement and learn.

You can work with an IT professional to identify and implement these solutions. However, a huge part of implementation is education. Dropping a new technology and expecting everyone to embrace it is not going to be effective. We utilise workshops or online training systems to detail how this solution will help remove the pain points they were experiencing, show them how to best utilise the solution, and provide training documents to reference while they learn.

Though this process is simple, having someone with an in-depth understanding of the M365 environment can really help you get the most out of it. If you would like assistance getting better utilisation of M365 and optimising your business, book an introductory call with us and lets get started.

Microsoft Office 365 has proven itself to be one of the foremost business-level office solutions in the world, regardless of industry. It’s a set of tools that companies and MSPs all over the world utilise and promote—but that doesn’t mean it’s perfect, and it definitely doesn’t mean that people have mastered and taken advantage of all of its features. Unfortunately, one of the most important aspects of IT management is neglected in most Office 365 implementations: cybersecurity.

Here in Australia we’ve seen a number of high-profile successful cyberattacks in the past few months; Toll Group suffered two attacks, BlueScope Steel was hit by an attack that forced them to shut down operations company-wide, and money management company MyBudget was hacked, causing a nationwide shutdown that left over 13,000 customers financially upset.

If companies of that size are able to be hacked, so can your organisation—you cannot assume that your standard firewall and antivirus combination will keep you safe.

This takes us back to Office 365, which has a variety of security features that many organisations are not aware of, and therefore do not utilise. With more and more organisations moving to Office 365, there are more and more people not optimising their environment or taking the next steps to protect themselves. When we consider the growth and staying power of remote work environments, it becomes an even higher priority.

A Case Study

In our years of experience, we’ve run into a few cases where a company adopts Office 365 out-of-the-box, and experiences some form of cybercrime that they thought they were safe from. In one case, there was a malicious actor that was automatically forwarding every email the employee received to their company’s competition—including sensitive personal and financial information. Office 365 has a security feature that can alert the user and/or administrator if company emails are being forwarded outside of the network, or if there’s other strange behaviour—but this feature is not enabled automatically. The victimized company in that case was being spied on for two weeks before they found out —not many companies come out of that with revenue and reputation intact. If they had looked into their cybersecurity options, and didn’t assume that Office 365 automatically secured everything, this could have been mitigated or avoided entirely.

Noteworthy Office 365 Security Features

Another form of security that Office 365 supports is “impossible travel detection”. In an impossible travel scenario, the system detects if logins are being attempted from different geographic locations in a timeframe that you couldn’t physically achieve. e.g. Login attempt in London, and after an hour it’s being attempted again from New York. This is impossible travel, and it’s a major indicator that someone is trying to hack your account. There are tools to detect those things and alert the proper individuals—but again, these are not automatically turned on. You need to set it up specifically.

While those tools (and others like them) are less known or understood, there is one security feature that almost everyone is aware of—and also isn’t activated out-of-the-box : Multi-Factor Authentication (MFA). With MFA activated, users are required to validate their login attempt via another system—this could be a text message, a smartphone app, or token. While yes, MFA adds another step to every login, it also adds an impossible step to any hacker or social engineer that manages to get a hold of your password. If they don’t have both your password and your smartphone, they can’t get into your account to cause problems. Sensible recommends always implementing MFA.

Another major misconception and point of neglect with Office 365 is the assumption that data stored in OneDrive or other Cloud-based solutions are backed up. Microsoft only supplies a short term recycle bin. They do not supply backups at all: this is up to you to arrange. Just because you are working in the cloud does not mean your data is immune from accidental / intentional data loss or corruption.

So what can we do? Sensible is happy to work with you to improve your cloud defences and cybersecurity solutions, whether it involves an Office 365 subscription or not. We begin by discussing your current environment, and business, before auditing your company for security risks. Once we’ve audited your network and identified your weak points, we can work with you to improve. Whether there’s a certain cybersecurity benchmark you want to hit, or if you need to meet regulatory compliance criteria, we can help you get there.

If you’re interested, feel free to give us a call; we’re happy to lend our expertise to your organisation.

2020 has already proven itself to be a tough year, particularly here “Down Under” in Sydney, Australia. We’ve dealt with widespread and devastating bushfires, floods, and now the global pandemic of the COVID-19 strain of the coronavirus. Not just businesses, but entire nations are being shut down to contain the virus and minimise the death toll.

Many organisations may be forced to lay off employees to survive, or shut down entirely, which will hurt both the business and the employees. There’s a way for your organisation to continue operating amidst this crisis, and keep people employed, which is good for everyone involved.

Fortunately, there is a way to do that for many industries. Remote work has been a growing trend worldwide, and has now become a necessity. Social distancing recommendations given to us by our governments and the World Health Organisation disallow communal gatherings in the name of safety :  in-person workspaces may be next. The answer, then, is to work from home. Facilitating a remote workforce gives more flexibility to both the business and the employee, and it keeps both safe in this time of crisis. Many companies may not have the infrastructure built up for this yet, but we’ve been helping organisations improve their technology for over 35 years; and is something we can help you with.

Modern IT Best Practices

Modern IT Best Practices make a huge difference in how a company will respond to this crisis. We’ve noticed that the organisations that follow seven specific practices are adapting to the current climate much more smoothly than others. The 7 modern IT practices are:

  1. C-Level executives directly engage multiple times a year with their business-savvy IT provider to ensure their IT systems properly deliver their business requirements.
  2. They no longer have onsite IT departments who are not geared for providing uninterrupted remote support.
  3. They have provided secure systems for their staff to perform all their major functions from anywhere
  4. They have already carefully migrated a large part of their systems to securely configured cloud based systems.
  5. They have migrated to cloud-based communication systems.
  6. Their IT Support team are already experienced in the (more complex) back-end world of the cloud.
  7. They have invested in regularly training their staff to properly use their technologies and measuring these productivity gains.

If you examine your organisation, how many of those seven things do you do or have done?

We can help you get these policies in place, and adapt to the current reality. Swift action might be the thing that minimises the damage to, or outright saves, your business in this trying time. Schedule an introductory chat via our calendar.

As you may be aware, Apple launched iOS 11 last Tuesday, 19th September, 2017

However, there is a bug in the latest iOS which affects the native Apple Mail app (Mail.app) on your iPhone or iPad which will prevent you from sending or replying to emails.

You might see an error message that says "Cannot Send Mail. The message was rejected by the server."

This will affect you if your email account is hosted by Microsoft on Outlook.com or Office 365, or an Exchange Server 2016 running on Windows Server 2016 you will have this issue.

Although, Apple and Microsoft are trying to resolve this issue - there has been nothing released yet.

WHAT DO YOU DO?

You have these immediate options:

  1. Delay upgrading to iOS 11
  2. Too Late ?
    1. Install the Microsoft Outlook app from the app store (it doesn't have this issue)

OR

B. Rollback to a previous version of iOS

Call us if you are stuck and still having any issues on 1300-SENSIBLE (736-742)

Workplace Analytics is a program that helps managers determine staff productivity levels using data gathered from their email, calendar, documents, and other applications within Office 365. Previously, Microsoft’s MyAnalytics allowed only employees to view their individual data, but with this updated version, managers now have access to this data, too.

How it works

Now available as an add-on to Office 365 enterprise plans, Workplace Analytics extracts behavioral insights from data gathered from Office 365 email, calendar, documents, and Skype. This means that any data an employee types into their email and calendar -- whether it’s on the subject line or the main content itself -- can be used to indicate their productivity status.

The program has an overview dashboard that provides specific information:

  • Week in the Life provides an overall view of how the entire organization spends time and how members collaborate
  • Meetings shows the amount of time spent in meetings
  • Management and Coaching gauges staff-manager one-on-one meetings
  • Network and Collaboration takes a look at how employees connect to colleagues

What does it aim to do?

Workplace Analytics aims to address what, according to Microsoft, are businesses’ most common challenges: complexity, productivity, and engagement.

Using Analytics data, managers and human resources departments can form productivity strategies for the entire company. If, based on Workplace Analytics data, a majority of your employees are spending 60% of their time attending meetings and not enough time doing creative work, they can come up with a strategy that reduces meeting time and focuses more on productive tasks.

It also identifies how employees collaborate with internal and external parties. Suppose one of your sales staff frequently communicates with certain contacts. By using Workplace Analytics data, the employee’s manager would be able to determine whether this particular collaboration pattern is helping the employee hit sales targets or whether he or she is missing out on other more critical contacts. Also, based on this info, managers would be able to determine which employees are most likely to meet or exceed their targets and set company-wide standards accordingly.

Data gathered by Workplace Analytics also allows managers to determine an employee’s level of engagement (i.e., whether the organization’s collaboration patterns are good for the company) and whether workloads are fairly distributed among workers and/or departments.

Is it useful for small businesses?

Large corporations have been using Workplace Analytics, but small businesses can also benefit from it. For one, the data used to provide the insights are all based on data generated by employees themselves -- how much time they spend on meetings, whom they frequently communicate with, and how much time they spend on productive tasks.

Aside from letting managers examine their staff’s working behavior, Workplace Analytics also provides an overall look into what happens at an organizational level. If you want your organization to harness the capabilities of Workplace Analytics and other Office 365 tools, give us a call today.

Published with permission from TechAdvisory.org. Source.
Sales
Support
Email
SHOPCUSTOMER SUPPORT CENTREEMAIL SUPPORT
Sensible Business Solutions © 2021 All Right Reserved
Privacy Policy
magnifiercrossmenuchevron-down