Power Up Project

#013: The Latest Apple Updates You Might Actually Care About

This episode is brought to you by The Small Business Download, live at The Loft, on 18 October 2018. Click here for tickets.

In this episode, we talk about:

> two recent updates from Apple you might actually care about

> the ‘screen time’ feature to help keep control of time spent on screens for you (or your kids)

> the Apple Watch 4 which comes with heart-monitoring

Transcript:

In this episode of the Power Up Project, we talk about two new features from Apple that you may actually care about.

Hey, welcome to this episode of the Power Up Project. I’m Ben Love your host for this episode.

If you’re anything like me, you’re probably a little bit blasé about all the new announcements that continually come out from all the tech companies. Now, Apple is one of those tech companies that has their big annual event about this time of year where they have this massive keynote and it’s all very flashy. They release all of these amazing new products and new features.

Now, they’ve just had that over in the U.S. and yes, they announced a lot of new products and new iPhones and whatever else. But, to be honest, I don’t really care much about that. It’s a phone, you do a lot of cool stuff with it. The new ones have got bigger screens, they cost more money, etc. But you know what? There are two features that Apple did announce at this big keynote that I actually think are really cool and actually very useful. I wanted to take you through those two if you’re an Apple user.

Now, the first of those is a feature that comes in iOS 12, so that’s the operating system that runs on an Apple iPhone or, I guess, an iPod if they’ve still got those, the iPod Touches. This feature is called screen time, and what screen time does is basically measures how much time you use your screen, or in this case, obviously, your Apple iPhone. It gives you a great little breakdown of what applications you’re using, how much time you’re spending on each, how many times you’ve picked up your phone over the course of a day, whether your time is being spent on social media or productivity apps or what have you. They give you pretty graphs and all sorts of interesting information.

It’s actually pretty useful because if you’re anything like me, if you’re anything like my wife, if you’re anything like my children, then you probably spend a little bit too much time with your screens. This is a great app giving you some insight into how much time that actually is.

Now, apparently, this thing has also got some parental controls in there for those of you may need to control yourself or maybe control your children’s use of screen time. You can actually restrict that screen time. I haven’t had a chance to play with those features yet, but being the proud father of two, I have plenty of opportunity coming up, I’m sure. I will report back when I learn more about how screen time parental controls work in the new iOS 12.

Now, the second cool thing that Apple announced is the new Apple Watch 4. Now, I’m not so fussed about the fact that there’s a new Apple Watch out. I actually don’t wear a watch to be honest, I haven’t worn a watch in many years. The fact that there’s a new one out, meh, you know what. Probably a better screen, probably costs more, all the usual things. But interestingly enough, there is a feature on there, which is a real standout. That is the fact that the Apple Watch 4 is actually an FDA approved ECG device. What that means is that this thing can produce an electrocardiogram … Well, this thing can monitor your heart and produce electrocardiogram charts and analysis and whatever of what’s going on with your heart.

Now, this is pretty amazing because the potential of this thing is that you can use this device to monitor your heart, it can alert on, well, abnormal findings if you’ve got an abnormal heartbeat, what have you else. I’ve also seen it written that it will be able to alert third parties, so for example, friends and family, if it detects and abnormal heartbeat, and also detects that you’ve had a fall. Now, this is pretty amazing to me. This means that we’ve now got a consumer device that you can wear on your wrist at all times, and it’s a watch and it does all the other cool stuff, but if that health issue is a problem for you or someone in your family, someone you love, this device can also keep an eye on that particular risk for them and alert if this problem does occur. I think that’s amazing.

Now, in the fine print, the ECG feature does not ship with the brand new iPhone … I’m sorry … the brand new Apple Watch 4. From day one when these things physically start shipping, it will not have that feature in the software. However, the feature is slated to be released with a software update just a little bit further down the track. So, don’t go rushing out on day one to buy one of these things for that ECG functionality. But if that is of interest to you, then, you know, stay tuned to that piece of tech. It could prove to be interesting for you.

Thanks for listening to this episode of the Power Up Project, brought to you by Grassroots IT and Digit IT. Please leave us a review wherever you get your podcasts, and until next time, keep powering up.

#010: Does Microsoft Backup Your Office 365 Data? Well, Yes and No

In this episode of The Power Up Project, we cover:

〉Should you be backing up your Office365 data?

〉Can you trust Microsoft to protect your data?

〉How to back up your Office365 data.

Transcript:

Today on The Power Up Project, we’re going to ask the question should I be backing up my Office 365 data?

Hey, welcome back to The Power Up Project. My name is Ben Love and I’m your host for this episode, where we’re going to be checking in on the question should you be backing up your Office 365 information? Fantastic question.

Office 365, just to recap, is Microsoft’s big platform in the cloud there, which these days is really where all the focus is going for hosting our email and our file storage and our team communications, and our phone systems and video libraries. You name it, all that sort of stuff. We are putting so much of our vital corporate knowledge and content up in that cloud and we’re putting all that trust in Microsoft, that they will keep that information safe. The question? Is our trust being put in the right place? Are we right to trust Microsoft with this? There are two parts to the answer. Well, it depends specifically what the question is that you’re asking, I guess.

Can we trust Microsoft to actually protect all that information in a security sense? The answer is yes. Microsoft do an incredibly good job of security around Office 365. Can we trust Microsoft to protect all of that information in terms of a backup? What happens if Office 365 itself fails or crashes? Could we lose all of that information that we’ve stored in there? The short answer on that is theoretically yes, but in practise I’m confident that the answer is no. Microsoft have invested so much money and have designed an architecture around Office 365 that is so massively redundant and resilient that there is no chance that that information is going to be accidentally lost. However, does that mean that we should not backup that data ourselves? On that point, I’m going to say no, it does not mean that.

For example, when Microsoft backup and protect our data in Office 365, they’re not doing so for archival purposes for example. When we delete a mailbox or we delete some data out of our Office 365 tenant, that information will be deleted from that Office 365 tenant. Now, Microsoft will hold that for maybe 60 days or 90 days, or something or other. You may be able to get it back, you may not, during that recovery period. The point is, at no stage there has Microsoft failed in what they were intending to do. They protect your live active data, and they do that very well. But, there are definitely scenarios under which you would be advised to have your own backup of your Office 365 data. It’s not because Office 365 is going to crash, it’s for other situations.

How do you do that? The answer, thankfully, is very easily and also really quite cheaply. There’s a number of products on the market at the moment that are getting very, very good. There’s currently various tussles for leadership of which is going to be the better product. They leapfrog each other every few months, as these things tend to do until they all settle down. The product that we’re using at the moment with a lot of our clients, which is doing a fantastic job, is one called Backupify. There are absolutely other alternatives out there on the market that also do a very good job. By all means, google it yourself, or of course, touch base with your IT people, but these solutions themselves are also cloud based. They’re based in other data centres somewhere, not in the Office 365 cloud, for obvious reasons. You subscribe to them on a monthly basis or an annual basis and you pay a certain amount of money based on how many users you have in your Office 365 tenant that need to be backed up.

The pricing is not expensive. It could be $10 or $100 or something, depending on how many users you need to backup. Very easy to set up. It’s a very simple subscription to put in place and it’ll give you that peace of mind and that confidence that your Office 365 data is actually being backed up. So, if something does accidentally get deleted and you don’t discover that deletion for a long period of time, you will have those backups in place.

Thanks for listening to this episode of The Power Up Project, brought to you by Grassroots IT and Digit IT. Please leave us a review wherever you get your podcasts, and until next time, keep powering up.

#009: What is your Office 365 Secure Score (and why you should care)

In this episode of The Power Up Project, we cover:

〉What is Office365 Secure Score?

〉How does Office365 Secure Score work?

〉How to increase your Office 365 Secure Score?

 

Transcript:

In this episode of The Power Up Project, we talk about the Office 365 Secure Score.

Welcome back to The Power Up Project. I’m your host, Ben Dampney, and today we’re going to power up your business by increasing your Office 365 Secure Score. So this episode is for the Office 365 users out there. Specifically, we’re talking about Microsoft and it’s Secure Score which they give you on your Office 365 service. This score is based on a number of best practise factors. The idea is that you set a score that you’d like to achieve, up to 470 points, and Secure Score can give you an action list to help you achieve this. So to get there you go up in Office 365 and go to the Security and Compliance Admin Centre. Alternatively, you can actually go directly via the securescore.microsoft.com website.

Now, at the Security and Compliance Admin Centre you can view lots of different reports and dashboards about your Office 365 tenant. But more specifically, we’re looking at the Secure Score on that home page, there. Now, there are two components to Secure Score – the dashboard and the Score Analyzer. The dashboard gives you your account score. It allows you to set the target score that you’d like, whether it’s basic, balanced, or aggressive. And then you can view the recommended actions in the queue and compare your score.

So the target score can be set to your specifications but it’s starting at balance will be a reasonably achievable setting for many businesses. Aggressive would take a rather in-depth configuration and basic, I think, probably doesn’t cover many of the things that I would consider to be critical for your Office 365 security. Now, the actions in the queue that you have there are basically open activities for you to complete to progress your score. So some examples might be, multifactor authentication, which is the subject of another Power Up Project podcast. There’s mailbox auditing, reviewing malware detections, or reviewing mailbox access, to give you an example.

Now, you can compare your score, which shows how you compare to other 365 users of a similar size to your business and also against others in your industry. Now, this could be important, for instance, if you’re in the medical industry and you’d like to know how you compare against other medical practices, how secure you are in comparison to them. The Score Analyzer shows your score over different time periods and also your completed and incomplete actions. Now, by selecting an incomplete action, you can apply that setting. So, for example, one might be Enable Client Rules Forward Block. A bit of a mouthful but if a user has a client-created email forward, so, therefore, a rule in Outlook that automatically forwards an email to an external email account, to a Hotmail account as an example, you can disable this at a system level. So you’re able to apply exceptions to this rule, also by clicking Learn More, it tells you what you’re about to change and how it will affect users so you can say, “Okay, do I actually want to do this? Is this relevant to my business?”

And then once you apply the change it tells you the points increase, but more importantly, what was potentially affected by the change. So in my example, when we enabled Client Forward Rules Block, it told me that there were potentially three rules that it affected and in this instance it didn’t actually have an effect on those. So we didn’t have an adverse effect to what was already in place. So, look, that’s a really simple explanation of how that works. There is a More option on each of those actions or activities that gives you the Microsoft website link where you can go into greater detail. But I’d like to encourage you to check out Microsoft Office Secure Score. If you have any questions around it, please contact us to discuss how we can implement some of these strategies for your business and how we can improve your overall Microsoft Office 365 Secure Score.

Thanks for listening to this episode of the Power Up Project, brought to you by Grassroots IT and Digit IT. Please leave us a review wherever you get your podcasts. And until next time, keep powering up.

#007: Let’s Talk about Multi-Factor Authentication (again!)

In this episode of The Power Up Project, we cover:

〉Recap on Multi-factor Authentication(MFA) topic.

〉Reasons why you need to enable MFA.

 

 

Transcript:

In this episode of the Power Up Project, we are going to talk about multi-factor authentication again. 

Hey, welcome back to the Power Up Project. I’m your host for this episode, Ben Love. Today we’re going to retouch on multi-factor authentication. Now, we have touched on this before across many channels. We’ve spoken about this in blog posts, in podcasts, in YouTube and Facebook videos. We’re gonna touch on it again, because this is a really … this is low hanging fruit, folks. This is a really powerful way of improving the security of your systems and it’s easy to do.

So what I want to do, first we’re gonna recap. What is multi-factor authentication? Multi-factor authentication can otherwise be known as MFA, two factor authentication, 2FA, so on, you get the idea, is an additional layer of security on your user accounts that you use to access things such as e-mail or your accounting system and so on. Normally you would use your username and your password to log on to these systems. When you have MFA enabled, there is a third step.

Now, usually that third step will be a randomly changing numeric code that you get from a little key fob or an app on your smartphone and you enter that code in and then it allows you to log on to the system. What I want to talk you through today, three reasons why you need to enable multi-factor authentication. First of all, it is free. Pretty much every modern application, especially the cloud based ones, which obviously we’re all moving towards in a big way, have MFA functionality built in. All you need to do is turn it on. Simple as that.

If you are using older legacy systems, MFA functionality may not be built in, so you may need some sort of a third party product on top of that to give you MFA functionality. If that has to happen, there will be cost involved because of the third party application. But we are seeing less and less of those legacy systems around these days. Most of your systems, you will probably find, have some MFA support in them. Ask the question. Go to Google. Search for the name of your application and then MFA. See what you can find.

Point number two. It is super easy to use. It really is. Most MFA on cloud apps, for example, is provided via an app on your phone. Google Authenticator and Microsoft Authenticator are the two main ones that most of the platforms seem to choose between. It is very easy. You go to log on your application exactly the same way you normally would. You may enter your username and password the same way you normally would. But then there will just be this extra step. All you need to do is open the app on your phone, it will give you a code, normally about six numbers. You type that in as part of the login process and you’re done. That’s it.

With a lot of the Microsoft stuff it’s even easier. When you go to log on to your application, the app on your phone will simply pop up a message saying, “This login is in process, would you like to approve it to proceed,” and you just tap the button on your phone saying, “Yes, approve this authentication attempt.” Very, very easy to use.

Point number three is that it is massively effective at increasing the security of your user accounts. Now, security needs to come in many layers. We need firewalls, we need anti-virus, we need best practise configurations, we need all of these things. There is no silver bullet. There never will be. But MFA is an extremely effective way of protecting those user accounts, because those user accounts are the keys to the front door of all of that important information and all of that authority and power that happens within your organisations.

MFA is a very, very important piece of the whole security picture. Please, have a look at MFA if you haven’t already. We will keep harping on about this.

To recap, it’s free in most cases. Number two, it is super easy to use. Number three, it’s massively effective at increasing the security on your user accounts.

Thanks for listening to this episode of the Power Up Project, brought to you by Grassroots IT and Digit IT. Please leave us a review wherever you get your podcasts and until next time, keep Powering Up.

 

#006: Power Up Your Staff Training with Video

In this episode of The Power Up Project, we cover:

〉How to power up your business with videos for staff training.

〉How you can power up your process of knowledge transfer.

〉Powerful tools for uploading and streaming your training videos.

 

 

Transcript:

In this episode of the Power Up Podcast, we talk about powering up your staff training with video.

Welcome back to the Power Up Podcast. I’m your host, Ben Love, and today we’re going to power up your business with two fantastic tools that we use here at Grassroots IT all the time. One of them is called Snagit, and the other one, Microsoft Stream. What am I talking about here? What I’m talking about is developing a library of video content that you create yourself in your business to help with staff training, knowledge retention and that knowledge transfer. The reason this came to me that this was such a good thing to talk about is that I was meeting with the client early this week. Lovely group of people. Simply because of the nature of their business, they have a fairly high staff turnover. One of the things that they always have to pay attention to is the onboarding of new staff, training, and really not losing that organisational knowledge as that knowledge walks out the door as staff turnover, just through the course of business.

One of the points that we discussed was using video to capture a lot of this knowledge to pass on to newer staff members. How do we do that? There are two parts to this. The first part is using a little tool on a Windows computer called Snagit. It is a commercial tool you need to pay for but it’s not very expensive. Do a Google search for Snagit and you’ll find it. If you’re working on a Mac, then you can actually just use the QuickTime player that’s built in and it will do exactly the same job. What Snagit and the QuickTime player can do is record your screen. Everything you move around on your screen, the mouse clicks, the applications you open, et cetera, can be recorded into a video. If you have a microphone on your computer, I suggest a headset just for the quality of the audio there. You can record a running commentary on what you’re doing at the same time.

What you can do, let’s say you have a particular process that you need to follow to create an invoice for a client. Oftentimes, writing that down step by step in written language can be quite laborious and as such, often doesn’t get done. It gets put in the too hard basket. With a tool like Snagit, all you need to do is click the record button on Snagit and then actually start doing the process. Actually generate an invoice for a client and talk out loud into your microphone while you’re doing it. All that knowledge will be recorded into a video. It is very easy to do. It’s remarkably easy to do. At the end of all that, you’ll have a file saved on your computer which is the recording of that particular process or workflow you’ve just stepped through. But what do you do with it now? How do you make sure it’s available to all of those staff members, the rest of your organisation? This is where the second piece of our puzzle comes in.

This is a little tool called Microsoft Stream. Essentially Microsoft Stream is part of the Microsoft Office 365 suite of products and services. If you use Office 365, which most people seem to be doing these days, you probably already have Microsoft Stream. Go and have a look for it. Essentially Stream, it’s like a YouTube, if you will, in that you can upload videos to it and then people can browse them, search them, play them, so on and so forth. It’s private and secure for just your organisation. If you’re recording some confidential information in your videos, you don’t need to worry about that information getting outside the organisation. Upload the video to Microsoft Stream. It really is super simple. You just need to go to Microsoft Stream and you can access it through your Office 365 portal or from any other Office 365 apps using the app chooser button in the top left. When you go there, you’ll see a very clear sign where you click to upload a new video and you just really follow the steps. Super easy. You can drag your video file on top of the Stream web page or you can click the button to browse for a video to upload.

When it’s uploading, you can give it a nice title, which is very descriptive of what it’s all about. You can add various comments to it. You can even get fancy and start filing your videos into different channels or categories to make them easier for people to find and access. We use this a lot here at Grassroots IT for a lot of internal training materials so when we have a particular process to work through that can be a little complex in some cases, we’ll record one of these videos and save it up there so that anybody else who needs to follow through afterwards and do that same process can very easily see how we’ve done things, listen to our commentary as to how we’re doing things, but also oftentimes listen to our commentary on why we do things a certain way.

There you go. That’s this episode’s tip on powering up your staff training and knowledge transfer using Snagit, QuickTime player, and Microsoft Stream. Thanks for listening to this Episode of The Power Up Project brought to you by Grassroots IT and Digit IT. Please leave us a review wherever you get your podcasts and until next time, keep powering up.

#005: Two Cool New Updates in Microsoft Teams

In this episode of The Power Up Project, we cover:

〉Two fantastic new updates from Microsoft Teams.

〉What is Microsoft Teams?

Transcript:

In this episode of the Power Up Project, we talk about two fantastic new updates from Microsoft Teams.

Hey, welcome back to the Power Up Project. We’ve got some great updates today from the world of Microsoft Teams. So there’s a couple of interesting things that have crossed my newsfeed in the last couple of days. The first one is that Microsoft Teams is now available in a free version.

So just to recap for everybody, Microsoft Teams is, in a very simplistic sense, it’s a team chat tool, similar to Slack or Hipchat, or one of those ones. But, Microsoft Teams is so much more because instead of just having a chat channel in there, you actually use Microsoft Teams to bring together a whole lot of the other features and services within the Office 365 ecosystem.

So for example, when you create a new Team within Microsoft Teams, you will also have a SharePoint site sitting behind that to hold files that you might share with that team. You also have a OneNote file. You can also have a whole lot of other stuff in there, like it also still does just have that text chat. Teams on the longer term roadmap, is also slated to replace Skype for Business, or more accurately, the Skype for Business functionality, which is voice and video calling, is going to be merged into the Teams product set.

So keep an eye out for Microsoft Teams. It really does seem to be getting a lot of attention from the development world at the moment. So back to these updates that came across the newsfeed this morning. Like I said, the first one is that Microsoft Teams is now available in a free version. So to date, you could only use Teams if you used Office 365. Now I know so many of us use Office 365 these days, but you know what? There are still some people out there who don’t. So for those people, you can actually access Teams for free. That’s very exciting.

The other really cool part, and I love this. This is kind of, you know, the kind of big Cloud geeky bit. Microsoft has announced that Teams is now supporting in-line message translation. So think about that for a minute. In-line message translation. This is like BabelFish stuff for typed chat. So you can be chatting with multiple people, by text here, this is not spoken words here, this is not verbal. You can be text chatting with multiple people in multiple different languages, and Microsoft Teams is now capable of translating those other languages, on the fly, to whatever your selected base language is.

How cool is that? This stuff just blows me away. Isn’t technology amazing? Anyway. This is just a brand new announcement from Microsoft. It is apparently out there in the Teams Enterprise Tenants. I have not enabled it on our Tenant yet, but I will be doing so within the next 24 hours, and testing this bad boy out because I think that’s really cool.

We’ve got, I don’t know whether you remember this, but Grassroots IT, we have staff in multiple locations, so this may be a really fun too for us to test out, to communicate a lot easier with our staff over in the Philippines, and of course with our staff over in New Zealand. So stay tuned as we enable this fantastic new stuff and test it out. I will report back once I’ve had a chance to play.

Thanks for listening to this episode of the Power Up Project, brought to you by Grassroots IT, and Digit IT. Please leave us review wherever you get your podcasts, and until next time, keep powering up.

#004: Test Your Backups

In this episode of The Power Up Project, we cover:

〉Testing your backups.

〉How to make sure you can restore your business after a power outage?

〉How important ensuring an effective data backup is.

 

 

Transcript:

In this episode of The Power Up Project we talk about testing your backups.

Welcome back to The Power Up Project. I’m your host, Ben Dampney, and today we’re going to power up your business by making sure you test your backups, or perhaps that should be making sure you can restore your business in the event it powers down.

So you have backups right? We certainly hope so. Now, we consider data backed up when we’ve used the three-two-one method. That’s three copies of any piece of data, be it a Word document, picture file, email, et cetera, and that’s stored on two different types of media. For example, on a network share and also on a USB hard drive. Now one of these backups must be at a location where the data is not usually stored, so a great example offsite, at your house or maybe in a cloud service.

Now, what types of data should be backed up? Typically, your onsite data, such as your My Documents folder, server file shares, maybe your application database and also cloud services, such as Office 365, Exchange, SharePoint, G Suite, and also your financial packages, such as Xero, MYOB, Reckon, et cetera.

Now, presumably you get reports that the backups are completing okay, or perhaps your IT provider get these alerts and lets you know if there’s an issue. But more importantly than that is, are the backups tested? Now, it’s critical not just to complete a backup but to actually test them. Imagine the feeling that someone has when a critical file is deleted. You might think to yourself, “Okay, well, it’s not a problem, we have backups. We can go and restore the file.” Yet, when you attempt to recover the file, the restore process fails. Depending on the file, you may be able to recreate it or maybe not. If it’s a very large spreadsheet with lots of details about a supplier for example, that could be very difficult to restore or recover or reenter.

Even worse than that, if a CryptoLocker attack on your network encrypts all your files so you cannot access them, that’s really disastrous if you can’t get a recoverable backup, say if it’s a few months old since it was last functionally working for you. According to a major antivirus vendor, one in five small businesses that get affected by CryptoLocker go out of business. Most businesses can recover from data loss for a certain period. For some, it might be a couple of hours. For others, a few days. So I’d like you to take the time to think about any particular system or file in your business, what sort of window could you recover or restore or recreate, and how you might go about doing that.

Testing your backups can mean exploring a backup and restoring a single file, but it can also mean a full disaster recovery test, restoring servers, databases and applications to a test environment to make sure that we can functionally get it working for you. And, I guess, how often is regularly, is a pretty flexible question. It really depends on how you are testing. If you’re manually testing, then exploring a backup might occur once a month. But for a full disaster recovery, maybe it’s every three to six months. However, some of the products that we recommend, such as StorageCraft and Datto, can actually automate the testing of your backups and some of these are done daily. It certainly helps us, as IT providers, sleep at night.

Most importantly, I think it’s critical for managers and business owners to understand where their backups are stored, how often they are being tested, and what timeframe recovery is likely to be. Testing can obviously help you with this understanding. So as part of any good disaster recovery and business continuity plan, you should have an understanding of the process, and whilst you can rely on a good IT provider to assist you, ultimately these plans need your active engagement and ownership, and regular testing. So for my sanity and yours, please, review your backup testing procedures, make sure someone is actually doing it, and look at it today.

Thanks for listening to this episode of The Power Up Project, brought to you by Grassroots IT and Digit IT. Please, leave us a review wherever you get your podcasts, and until next time, keep powering up.

#003: WTF is MFA?

In this episode of the Power Up Project, we’re going to talk about:

〉What is Multi-factor Authentication (MFA)?

〉How MFA can help you avoid cyber attacks.

〉What systems you can use MFA on.

Transcript:

Hey, welcome back to the Power Up Project. I am your host for this episode, my name is Ben Love. Great to have you with us. Today we’re going to be talking about multifactor authentication, otherwise known as maybe two-factor authentication, MFA, 2FA, whatever, they’re all acronyms, they all mean the same thing. Basically, it means adding another authentication step in addition to your username and password to access a system.

Now it’s very simple to do, but it’s also becoming very, very important that you do this. A lot of us have got little physical dangles from the bank that are attached to our keyring and it’s got that little code that constantly changes, so if we need to do a transfer of money from our business bank account, the internet banking site will pop up another window saying please enter your code. And that’s when you need to enter that ever-changing code from your little keyring before the transfer will be authorised. That is multifactor authentication. That’s exactly what it is.

So you are already using this on your bank accounts. But what you may not be using it for is to access other pieces of software such as Xero, your cloud accounting platform or MAIB online, or any of your Office 365 environments such as your email or your SharePoint or your One Drive files

Now what we are seeing across our client base is that multifactor authentication is becoming critical to the point of becoming non-negotiable in most environments because it is the single most effective thing that we’re seeing at the moment for stopping user accounts being compromised. So what would happen if your account, if your password were to be compromised somehow by a malicious party, by a hacker we’ll call them. They would know your user name, and they would know your password, and they would then be able to log on to, let’s say your email.

They would then be able to log on to your email as if they were you. So we’re seeing a lot of things like this occur now. We have seen a couple of our clients targeted with this, but it’s also in the news. You might have heard about it. They’re calling it, well, you’ve heard the term phishing, which is an email spam type attack. And then there’s spear phishing where it’s an email that is sent to specific people and customised to try and get their attention and get them to click on a malicious link or compromise their security in some way.

Well the next step on that, that we’re seeing is called whaling. This is where the malicious parties identify the whales within your organisation, so that might be the CEO, the CFO, somebody with a particular authority. And if they’re then able to compromise, let’s say the email account of your CFO for example, then they could send emails around purportedly from the CFO requesting all sorts of activity, mainly that money be transferred to certain bank accounts. Now this actually is happening in real life. People are falling for this, and money is being lost with this particular approach.

But think about this. If the malicious party had your username and password to access your email to be able to send these emails, if you had multifactor authentication in place, if you had another little random security code that was constantly changing on your keyring or your smartphone app that you needed to enter in to your email before you could log on, then it would not matter that that malicious party had your username and password, because they would not have your randomly changing code. So what we are seeing is that multifactor authentication is really becoming absolutely critical, especially for those people in an organisation who have the most authority, who have the most access to different systems.

So what I really want to encourage you to do after you finish listening to this episode is have a think about where in your digital existence you are currently using multifactor authentication. You’re almost certainly using it in your internet banking for your business bank accounts. But are you using multifactor authentication to log on to your accounting system or to log on to your email? Or to log onto One Drive, where you keep all those HR documents. Or to log on to any of these other online platforms that are crucial to your business.

If you’re not using multifactor authentication in those places, please think about turning it on. It is very easy to turn on, there are instructions that you can very easily google, otherwise of course, call your friendly, handy IT company for help. In most cases, all it requires is a couple of setting changes to your account within the application in question, and an app on your smartphone, such as the Google Authenticator App or the Microsoft Authenticator App. And it literally is as easy as that. It will slow you down logging on to these applications by all of maybe four or five seconds, but the big leap forward that you will take in how secure your accounts are is well and truly worth that four or five seconds worth of log time.

So in summary, people, we now know what MFA is, and you now also know that it is critical that you look at your platforms, you look at what you’re using, and you turn on MFA wherever possible.

Thanks for listening to this episode of the Power Up Project, brought to you by Grassroots IT and Digit IT. Please leave us a review wherever you get your podcasts, and until next time keep powering up.

#002: Keep Your Business Running when the Internet Fails

In this episode of The Power Up Project, we cover:

〉What can you do to keep your business running when your Internet connection suddenly fails you?

〉Why you should consider getting a second internet connection such as an ADSL connection or NBN connection.

〉Why you should consider having a 4g backup connection.

 

 

Transcript:

In this episode of The Power Up Project, we’re going to be talking about how to keep your business running when the internet fails.

Welcome back to The Power Up Project. I’m your host Ben Love and today we’re going to be talking about how to keep your business running when your internet connection fails. You see, we had a hell of a week last week. One of the major upstream internet providers, we don’t know who at this stage, could have been APT, or Vocus, or Telstra or one of those, had a fairly major outage in some equipment somewhere.

Which meant that quite a few of our clients were impacted with either a total internet outage, or in some cases the internet was still kind of working but kind of really not. In either case, some of those clients coped better than others with that particular internet outage. That really can depend in a lot of cases on the nature of the business that is being done. Some businesses are very time critical and depend on that internet connection. Other businesses, you know it wasn’t such of an issue to be offline for a couple of hours.

What do you do when your business suffers an internet outage like that? What would the impact be on your clients, on your staff, on your productivity? Would it make a big impact or would it really not? Could you go and have a coffee and just wait for it all to pass by?

If you do need to really keep that internet connection going because your business really does depend on it, and those outages can cost you a lot of money, or a lot of goodwill with your clients; you really need to have a backup internet connection. It really is as simple as that.

That backup internet connection could be your mobile phone, for example. You could tether your laptop to your mobile phone hot spot and keep working that way. We certainly have a lot of clients who do that and not just small clients, but big clients too with a significant head count who use that method. It works very well.

That’s particularly useful when some or all their services are up in the cloud, because it doesn’t matter how they connect to the internet to get to them or where they connect to it from.

Some other options you might like to consider for that continuity piece for your internet there, you could get a second internet connection into the building such as a ADSL connection or maybe an NBN connection. The thing you need to keep in mind when you’re dealing with internet connections like that is that they all come into the building via a physical cable.

A lot of the times when you do lose that primary internet connection, it can be because there has been some physical damage to the cable coming into your building. You might have some roadwork going on down the street, or you might have some linesmen doing some work on the cables and maybe a backhoe or bobcat has accidentally dug through some cables.

If your primary internet connection and your secondary internet connection both come in on cables through that same hole in the ground, there’s a fair chance that both of those internet connections are going to be offline while those cables get repaired. That really doesn’t do you much good, does it?

Probably one of the best options we’re seeing at the moment is 4G, leaning on the mobile phone networks for that internet connectivity. As I said, you can certainly hotspot to a mobile phone. You can get standalone 4G routers, which are separate little devices. They’re not expensive.

You put a sim card in them with your favourite telecom, might be Telstra or Vodafone, whoever. That can provide connectivity for your office. There can be a little bit of fiddling around with that type of setup, particularly if you’ve got services both inside the building that you need access to, as well as services such as cloud services that are outside the building.

We can still set it up, there’s just a little bit of configuration that can get a bit fiddly sometimes. One of the really killer solutions we’re seeing emerging more and more is having that primary internet connection with that backup 4G connection built into the router, built into the system you’re already using.

In the event that your primary internet connection does fail, you can have automatic failover to that 4G connection. In a lot of cases, that failover can happen so quickly that you won’t even notice that you’re not running on that primary internet connection anymore.

All of these solutions are available. You need to have a think about your business, think about how important the internet connection is to your business, and how time critical it is more to the point. Put yourself in that hypothetical scenario where the primary internet connection has failed, and it’s not just for a couple minutes but it might be for an hour, or half a day, or two days. Think about what you would do in that instance. Can you work from home? Do you need to set up some sort of a 4G connection for your office so that’s really not an issue?

I’ll leave you with those thoughts for now. Please, give us a call if we can help with any of that. Thanks for listening to this episode of The Power Up Project brought to you by Grassroots IT and Digit IT. Please leave us a review wherever you get your podcasts. Until next time, keep powering up.

#001: Welcome to The Power Up Project


Welcome to The Power Up Project!

In this episode, we give you a quick rundown on who we are, what we do and why we’ve started The Power Up Project.

So great to have you here. We really hope you enjoy our new podcast, and that it helps you power up your business.