〉What is Xero?
〉Why should you back up your Xero data?
In this episode of the Power Up Project, we’re going to talk about whether you should be backing up your Xero data.
Hi, welcome back to the Power Up Project. I’m your host for today’s episode, Ben Love. Today we’re going to be touching on the topic of whether you should be backing up your Xero cloud accounting data. Now, I’m going to touch specifically on Xero in this case but the same discussion holds true for any other cloud accounting system you may be using. You might be using MYOB Online, you might be using QuickBooks Online, FreshBooks. There’s a few of them out there but Xero is definitely one of the more popular ones around at the moment. It’s the one we use here, at Grassroots IT, so it’s certainly something that I can talk about and that I’m familiar with.
Xero is a cloud-based accounting package. We put all of our financial information in there. Some us invoice from there. Some of us, it’s our CRM, where we keep our client information, supplier information. It’s pretty fundamental to running our business. So are we confident that that data is safe up there in the cloud? Look, I’m confident that the data is secure, that Xero themselves are doing a fantastic job of making sure that their platform is reliable and no one can access my data without my authorization. I also am confident that they’re doing a good job of backing up that data, right. So they take their own backup, so if they have internal failures within their system, they know that they’ve got copies of that data everywhere.
But you know what? I still want a copy of my Xero data for myself, because what does happen if Xero themselves do have a catastrophic failure? What happens, perhaps, if maybe some of that data in there gets corrupt? What happens if it’s human error, even? Perhaps I have a trainee bookkeeper come and join my organisation here who makes a heck of a mess of my books and we don’t discover that for a day, or a week, or a month later. How do I roll back to a previous backup or how do I look and see what the books are meant to look like? Interesting question, isn’t it?
Well, the good news is that there are options for backing up your Xero data. I actually had to reach out to some of my professional peers on this one. I’ve got friends who specialise in the world of cloud accounting, and the answer they came back with was a little product called ControlC. You’ll find it if you Google it, control-c.com. It’s a New Zealand-based company and they provide a product which does exactly this; it backs up your Xero accounting data.
It does some really interesting things, too. So it’ll take the daily backups, it gives you full access to historical data, so it keeps all of that history of those backups so if you need to go back and reference a particular point in time, you can. It gives you the option of local storage so you can actually store it in New Zealand data centres, and they also have other options in other countries if that’s of interest to you. But one of the really interesting things here is actually about the restoration or the restore if you actually need to get into one of those backups to get some information out. The way ControlC works is that they have an app and it gives you full access on your computer, in your office there, totally offline, you don’t need an internet connection once you’ve obviously got the backup down, to go through your historical accounting information and get access to what you want.
It’s also very cheap. It starts at about $5 a month, so for a little bit of peace of mind around your Xero accounting data, if that is something that interests you, I’d encourage you to go and have a look, control-c.com, but obviously, Google it, or of course, talk to your IT people. See if they’ve got any other products they suggest to do this job.
Thanks for listening to this episode of the Power Up Project, brought to you by Grassroots IT and Digit IT. Please, leave us a review wherever you get your podcasts, and until next time, keep powering up.
In this episode of The Power Up Project, we cover:
〉How to set up virtual meeting in Outlook.
〉How Skype helps in making a scheduled video conference call happen.
In this episode of the Power Up Project we talk about turning your Outlook meetings into video conference calls.
Welcome back to the Power Up Project. I’m your host, Ben Love, and today we’re going to power up your business by using Outlook, and those Outlook meetings that you’re already using there and with one click turning them into video conferences for all of your attendees.
So, there is one assumption that I’m working from here and that assumption is that you are using Microsoft Office 365 for your email and as part of your Microsoft Office 365 subscription that you have Skype for Business. Now, in most cases, you’re going to have all those bits of the puzzle and so many people are using Microsoft office 365 these days for these pieces of their IT infrastructure it’s almost a given.
So let’s get straight into it. We’re going to be short and sweet today.
We all know Microsoft Outlook, and we all know that Microsoft Outlook has got the calendar section in there. This is where you can keep track of all of your upcoming meetings but what you can also do is you can create new meetings in there and invite other people. Now you probably already know this, so you would go to your calendar in Outlook, you would click on the area you want and click on new meeting or new appointment and up comes the little appointment window. You can type in the subject and location, you can invite attendees.
There is a button at the top there that says invite attendees. This is where after you click that, you type in the names, or the email addresses of the other people who you would like to join you at this meeting, and they will get an email in their inbox with all the details of this meeting. And on that email they can click on accept or decline, whatever the case may be.
And Outlook with all of its magic will track who has accepted your meeting invitation and who has not. Now, what we are going to do today is take that one step further though, and what we’re going to do is we’re going to use that meeting or that appointment invite and Outlook to coordinate a Skype meeting. And when I say a Skype meeting I mean a video conference. So if you’re trying to coordinate a meeting here between multiple people who are not in the same office, but they’re all sitting at a computer and ideally they’ve all got a web cam on their computer, then what you can do is you can click the little button at the top of that meeting request page that says Skype meeting.
It’s literally as simple as that. Now there is a whole lot of magic that’s happening behind the scenes right now when you click that button but what you will actually see is that within your meeting invite there, some blue text is going to appear there, which is actually a link, which says join Skype meeting.
Now, really simply, when the time comes for this meeting to actually occur all of your meeting attendees will be able to open their meeting invite from their calendar, and they will click on the blue link. A whole lot of tech-o magic behind the scenes is going to happen. Skype for business is going to open on their computer and on your computer and you will all be automatically joined into the one meeting with one click of that little button.
So, that’s it. It really is as simple as that. If you’ve ever struggled to coordinate multiple people, getting them all in the one video call, inviting other attendees, losing the original attendees, you know the song and dance, then try doing this. Use Microsoft Outlook, create a meeting and in that meeting click the button at the top that says Skype meeting and Outlook will automatically do all the coordinating behind the scenes to coordinate that video conference call.
Thanks for listening to this episode of the Power Up Project brought to you by Grassroots IT and Digit IT. Please leave us a review wherever you get your podcasts and until next time, keep powering up.
In this episode of The Power Up Project, we cover:
〉Should you be backing up your Office365 data?
〉Can you trust Microsoft to protect your data?
〉How to back up your Office365 data.
Today on The Power Up Project, we’re going to ask the question should I be backing up my Office 365 data?
Hey, welcome back to The Power Up Project. My name is Ben Love and I’m your host for this episode, where we’re going to be checking in on the question should you be backing up your Office 365 information? Fantastic question.
Office 365, just to recap, is Microsoft’s big platform in the cloud there, which these days is really where all the focus is going for hosting our email and our file storage and our team communications, and our phone systems and video libraries. You name it, all that sort of stuff. We are putting so much of our vital corporate knowledge and content up in that cloud and we’re putting all that trust in Microsoft, that they will keep that information safe. The question? Is our trust being put in the right place? Are we right to trust Microsoft with this? There are two parts to the answer. Well, it depends specifically what the question is that you’re asking, I guess.
Can we trust Microsoft to actually protect all that information in a security sense? The answer is yes. Microsoft do an incredibly good job of security around Office 365. Can we trust Microsoft to protect all of that information in terms of a backup? What happens if Office 365 itself fails or crashes? Could we lose all of that information that we’ve stored in there? The short answer on that is theoretically yes, but in practise I’m confident that the answer is no. Microsoft have invested so much money and have designed an architecture around Office 365 that is so massively redundant and resilient that there is no chance that that information is going to be accidentally lost. However, does that mean that we should not backup that data ourselves? On that point, I’m going to say no, it does not mean that.
For example, when Microsoft backup and protect our data in Office 365, they’re not doing so for archival purposes for example. When we delete a mailbox or we delete some data out of our Office 365 tenant, that information will be deleted from that Office 365 tenant. Now, Microsoft will hold that for maybe 60 days or 90 days, or something or other. You may be able to get it back, you may not, during that recovery period. The point is, at no stage there has Microsoft failed in what they were intending to do. They protect your live active data, and they do that very well. But, there are definitely scenarios under which you would be advised to have your own backup of your Office 365 data. It’s not because Office 365 is going to crash, it’s for other situations.
How do you do that? The answer, thankfully, is very easily and also really quite cheaply. There’s a number of products on the market at the moment that are getting very, very good. There’s currently various tussles for leadership of which is going to be the better product. They leapfrog each other every few months, as these things tend to do until they all settle down. The product that we’re using at the moment with a lot of our clients, which is doing a fantastic job, is one called Backupify. There are absolutely other alternatives out there on the market that also do a very good job. By all means, google it yourself, or of course, touch base with your IT people, but these solutions themselves are also cloud based. They’re based in other data centres somewhere, not in the Office 365 cloud, for obvious reasons. You subscribe to them on a monthly basis or an annual basis and you pay a certain amount of money based on how many users you have in your Office 365 tenant that need to be backed up.
The pricing is not expensive. It could be $10 or $100 or something, depending on how many users you need to backup. Very easy to set up. It’s a very simple subscription to put in place and it’ll give you that peace of mind and that confidence that your Office 365 data is actually being backed up. So, if something does accidentally get deleted and you don’t discover that deletion for a long period of time, you will have those backups in place.
Thanks for listening to this episode of The Power Up Project, brought to you by Grassroots IT and Digit IT. Please leave us a review wherever you get your podcasts, and until next time, keep powering up.
〉What is Office365 Secure Score?
〉How does Office365 Secure Score work?
〉How to increase your Office 365 Secure Score?
In this episode of The Power Up Project, we talk about the Office 365 Secure Score.
Welcome back to The Power Up Project. I’m your host, Ben Dampney, and today we’re going to power up your business by increasing your Office 365 Secure Score. So this episode is for the Office 365 users out there. Specifically, we’re talking about Microsoft and it’s Secure Score which they give you on your Office 365 service. This score is based on a number of best practise factors. The idea is that you set a score that you’d like to achieve, up to 470 points, and Secure Score can give you an action list to help you achieve this. So to get there you go up in Office 365 and go to the Security and Compliance Admin Centre. Alternatively, you can actually go directly via the securescore.microsoft.com website.
Now, at the Security and Compliance Admin Centre you can view lots of different reports and dashboards about your Office 365 tenant. But more specifically, we’re looking at the Secure Score on that home page, there. Now, there are two components to Secure Score – the dashboard and the Score Analyzer. The dashboard gives you your account score. It allows you to set the target score that you’d like, whether it’s basic, balanced, or aggressive. And then you can view the recommended actions in the queue and compare your score.
So the target score can be set to your specifications but it’s starting at balance will be a reasonably achievable setting for many businesses. Aggressive would take a rather in-depth configuration and basic, I think, probably doesn’t cover many of the things that I would consider to be critical for your Office 365 security. Now, the actions in the queue that you have there are basically open activities for you to complete to progress your score. So some examples might be, multifactor authentication, which is the subject of another Power Up Project podcast. There’s mailbox auditing, reviewing malware detections, or reviewing mailbox access, to give you an example.
Now, you can compare your score, which shows how you compare to other 365 users of a similar size to your business and also against others in your industry. Now, this could be important, for instance, if you’re in the medical industry and you’d like to know how you compare against other medical practices, how secure you are in comparison to them. The Score Analyzer shows your score over different time periods and also your completed and incomplete actions. Now, by selecting an incomplete action, you can apply that setting. So, for example, one might be Enable Client Rules Forward Block. A bit of a mouthful but if a user has a client-created email forward, so, therefore, a rule in Outlook that automatically forwards an email to an external email account, to a Hotmail account as an example, you can disable this at a system level. So you’re able to apply exceptions to this rule, also by clicking Learn More, it tells you what you’re about to change and how it will affect users so you can say, “Okay, do I actually want to do this? Is this relevant to my business?”
And then once you apply the change it tells you the points increase, but more importantly, what was potentially affected by the change. So in my example, when we enabled Client Forward Rules Block, it told me that there were potentially three rules that it affected and in this instance it didn’t actually have an effect on those. So we didn’t have an adverse effect to what was already in place. So, look, that’s a really simple explanation of how that works. There is a More option on each of those actions or activities that gives you the Microsoft website link where you can go into greater detail. But I’d like to encourage you to check out Microsoft Office Secure Score. If you have any questions around it, please contact us to discuss how we can implement some of these strategies for your business and how we can improve your overall Microsoft Office 365 Secure Score.
Thanks for listening to this episode of the Power Up Project, brought to you by Grassroots IT and Digit IT. Please leave us a review wherever you get your podcasts. And until next time, keep powering up.
〉What lesson can we get from the “minor” network error on Coles that kept the supermarket chain closed until late morning?
Welcome to the Power Up Project. In this episode we talk about Coles’ nationwide outage.
Ben Dampney: Welcome back to the Power Up Project. I’m your co-host Ben Dampney, here with Ben Love. How are you, Ben?
Ben Love: Mate, I’m really well. But I tell you what, I’m glad I was not planning on doing the shopping this morning.
Ben Dampney: That’s right. So, it’s a Sunday morning here in Australia. And we saw, came across a news article that was quite interesting about one of the very large supermarket chains having some problems. Tell us about it, Ben.
Ben Love: [00:00:30] Well mate, this is directly from the ABC News homepage, “Coles supermarkets open after early morning technical glitch kept stores shut across Australia.” So, Coles supermarkets across the country were unable to open on time this morning due to a network error. Ouch.
Ben Dampney: Indeed, ouch indeed. Yeah, that’s a massive outage for every store in the country to be closed. It obviously shows the widespread effect that their particular network outage had. What’s the lesson here for us, Ben? As business owners and IT consultants?
Ben Love: [00:01:00] Mate, the lesson here I think, is that outages can and probably will happen, even if you’ve got the resources behind you of Coles, bad stuff can still happen. So, in our businesses, we certainly don’t have the resources of Coles to keep everything running and nor do all of our clients, but there are ways to be ready for when this does happen, and that’s called business continuity.
Ben Dampney: [00:01:30] Yes, indeed. So having a plan in place to make sure your systems are functional to some degree. Whether or not that’s … hey, even back to paper. Having something that you can rely on to do your business and your trade is really important.
Ben Love: Absolutely. Hey, I’ve got a quote here from a Cole’s spokeswoman. And I love some of the lessons this brings to us. “Earlier this morning we had some minor IT problems, in some of our supermarkets, which were out of our team members control.” So just think about all those key words that that spokeswoman has put in there. This was not a major problem. This was not a catastrophe. This was nothing in their control. But look at the flow an effect, their stores have been closed for a period of time. Can you imagine the money that did not go through the cash registers for Coles. And this was ‘minor’ IT problem that caused that. Anyway, we’re talking in circles here. The lesson for your listeners though, is that bad things do happen, no matter how prepared you might be or how many resources you throw at this. So, move your thinking a little bit sideways, away from purely technology and think more about business continuity planning. If or when your technology does fail, how are you gonna keep your business running?
Ben Dampney: [00:02:30] Good question. Something worth thinking about. All right. Thanks Ben. And thanks for listening guys, we’ll catch you on the next episode. Bye.
Ben Love: Thanks for listening to this episode of the Power Up Project, brought to you by Grassroots IT and Digit IT. Please leave us a review wherever you get your podcasts and until next time, keep powering up.
〉Recap on Multi-factor Authentication(MFA) topic.
〉Reasons why you need to enable MFA.
In this episode of the Power Up Project, we are going to talk about multi-factor authentication again.
Hey, welcome back to the Power Up Project. I’m your host for this episode, Ben Love. Today we’re going to retouch on multi-factor authentication. Now, we have touched on this before across many channels. We’ve spoken about this in blog posts, in podcasts, in YouTube and Facebook videos. We’re gonna touch on it again, because this is a really … this is low hanging fruit, folks. This is a really powerful way of improving the security of your systems and it’s easy to do.
So what I want to do, first we’re gonna recap. What is multi-factor authentication? Multi-factor authentication can otherwise be known as MFA, two factor authentication, 2FA, so on, you get the idea, is an additional layer of security on your user accounts that you use to access things such as e-mail or your accounting system and so on. Normally you would use your username and your password to log on to these systems. When you have MFA enabled, there is a third step.
Now, usually that third step will be a randomly changing numeric code that you get from a little key fob or an app on your smartphone and you enter that code in and then it allows you to log on to the system. What I want to talk you through today, three reasons why you need to enable multi-factor authentication. First of all, it is free. Pretty much every modern application, especially the cloud based ones, which obviously we’re all moving towards in a big way, have MFA functionality built in. All you need to do is turn it on. Simple as that.
If you are using older legacy systems, MFA functionality may not be built in, so you may need some sort of a third party product on top of that to give you MFA functionality. If that has to happen, there will be cost involved because of the third party application. But we are seeing less and less of those legacy systems around these days. Most of your systems, you will probably find, have some MFA support in them. Ask the question. Go to Google. Search for the name of your application and then MFA. See what you can find.
Point number two. It is super easy to use. It really is. Most MFA on cloud apps, for example, is provided via an app on your phone. Google Authenticator and Microsoft Authenticator are the two main ones that most of the platforms seem to choose between. It is very easy. You go to log on your application exactly the same way you normally would. You may enter your username and password the same way you normally would. But then there will just be this extra step. All you need to do is open the app on your phone, it will give you a code, normally about six numbers. You type that in as part of the login process and you’re done. That’s it.
With a lot of the Microsoft stuff it’s even easier. When you go to log on to your application, the app on your phone will simply pop up a message saying, “This login is in process, would you like to approve it to proceed,” and you just tap the button on your phone saying, “Yes, approve this authentication attempt.” Very, very easy to use.
Point number three is that it is massively effective at increasing the security of your user accounts. Now, security needs to come in many layers. We need firewalls, we need anti-virus, we need best practise configurations, we need all of these things. There is no silver bullet. There never will be. But MFA is an extremely effective way of protecting those user accounts, because those user accounts are the keys to the front door of all of that important information and all of that authority and power that happens within your organisations.
MFA is a very, very important piece of the whole security picture. Please, have a look at MFA if you haven’t already. We will keep harping on about this.
To recap, it’s free in most cases. Number two, it is super easy to use. Number three, it’s massively effective at increasing the security on your user accounts.
Thanks for listening to this episode of the Power Up Project, brought to you by Grassroots IT and Digit IT. Please leave us a review wherever you get your podcasts and until next time, keep Powering Up.
〉How to power up your business with videos for staff training.
〉How you can power up your process of knowledge transfer.
〉Powerful tools for uploading and streaming your training videos.
In this episode of the Power Up Podcast, we talk about powering up your staff training with video.
Welcome back to the Power Up Podcast. I’m your host, Ben Love, and today we’re going to power up your business with two fantastic tools that we use here at Grassroots IT all the time. One of them is called Snagit, and the other one, Microsoft Stream. What am I talking about here? What I’m talking about is developing a library of video content that you create yourself in your business to help with staff training, knowledge retention and that knowledge transfer. The reason this came to me that this was such a good thing to talk about is that I was meeting with the client early this week. Lovely group of people. Simply because of the nature of their business, they have a fairly high staff turnover. One of the things that they always have to pay attention to is the onboarding of new staff, training, and really not losing that organisational knowledge as that knowledge walks out the door as staff turnover, just through the course of business.
One of the points that we discussed was using video to capture a lot of this knowledge to pass on to newer staff members. How do we do that? There are two parts to this. The first part is using a little tool on a Windows computer called Snagit. It is a commercial tool you need to pay for but it’s not very expensive. Do a Google search for Snagit and you’ll find it. If you’re working on a Mac, then you can actually just use the QuickTime player that’s built in and it will do exactly the same job. What Snagit and the QuickTime player can do is record your screen. Everything you move around on your screen, the mouse clicks, the applications you open, et cetera, can be recorded into a video. If you have a microphone on your computer, I suggest a headset just for the quality of the audio there. You can record a running commentary on what you’re doing at the same time.
What you can do, let’s say you have a particular process that you need to follow to create an invoice for a client. Oftentimes, writing that down step by step in written language can be quite laborious and as such, often doesn’t get done. It gets put in the too hard basket. With a tool like Snagit, all you need to do is click the record button on Snagit and then actually start doing the process. Actually generate an invoice for a client and talk out loud into your microphone while you’re doing it. All that knowledge will be recorded into a video. It is very easy to do. It’s remarkably easy to do. At the end of all that, you’ll have a file saved on your computer which is the recording of that particular process or workflow you’ve just stepped through. But what do you do with it now? How do you make sure it’s available to all of those staff members, the rest of your organisation? This is where the second piece of our puzzle comes in.
This is a little tool called Microsoft Stream. Essentially Microsoft Stream is part of the Microsoft Office 365 suite of products and services. If you use Office 365, which most people seem to be doing these days, you probably already have Microsoft Stream. Go and have a look for it. Essentially Stream, it’s like a YouTube, if you will, in that you can upload videos to it and then people can browse them, search them, play them, so on and so forth. It’s private and secure for just your organisation. If you’re recording some confidential information in your videos, you don’t need to worry about that information getting outside the organisation. Upload the video to Microsoft Stream. It really is super simple. You just need to go to Microsoft Stream and you can access it through your Office 365 portal or from any other Office 365 apps using the app chooser button in the top left. When you go there, you’ll see a very clear sign where you click to upload a new video and you just really follow the steps. Super easy. You can drag your video file on top of the Stream web page or you can click the button to browse for a video to upload.
When it’s uploading, you can give it a nice title, which is very descriptive of what it’s all about. You can add various comments to it. You can even get fancy and start filing your videos into different channels or categories to make them easier for people to find and access. We use this a lot here at Grassroots IT for a lot of internal training materials so when we have a particular process to work through that can be a little complex in some cases, we’ll record one of these videos and save it up there so that anybody else who needs to follow through afterwards and do that same process can very easily see how we’ve done things, listen to our commentary as to how we’re doing things, but also oftentimes listen to our commentary on why we do things a certain way.
There you go. That’s this episode’s tip on powering up your staff training and knowledge transfer using Snagit, QuickTime player, and Microsoft Stream. Thanks for listening to this Episode of The Power Up Project brought to you by Grassroots IT and Digit IT. Please leave us a review wherever you get your podcasts and until next time, keep powering up.
〉Two fantastic new updates from Microsoft Teams.
〉What is Microsoft Teams?
In this episode of the Power Up Project, we talk about two fantastic new updates from Microsoft Teams.
Hey, welcome back to the Power Up Project. We’ve got some great updates today from the world of Microsoft Teams. So there’s a couple of interesting things that have crossed my newsfeed in the last couple of days. The first one is that Microsoft Teams is now available in a free version.
So just to recap for everybody, Microsoft Teams is, in a very simplistic sense, it’s a team chat tool, similar to Slack or Hipchat, or one of those ones. But, Microsoft Teams is so much more because instead of just having a chat channel in there, you actually use Microsoft Teams to bring together a whole lot of the other features and services within the Office 365 ecosystem.
So for example, when you create a new Team within Microsoft Teams, you will also have a SharePoint site sitting behind that to hold files that you might share with that team. You also have a OneNote file. You can also have a whole lot of other stuff in there, like it also still does just have that text chat. Teams on the longer term roadmap, is also slated to replace Skype for Business, or more accurately, the Skype for Business functionality, which is voice and video calling, is going to be merged into the Teams product set.
So keep an eye out for Microsoft Teams. It really does seem to be getting a lot of attention from the development world at the moment. So back to these updates that came across the newsfeed this morning. Like I said, the first one is that Microsoft Teams is now available in a free version. So to date, you could only use Teams if you used Office 365. Now I know so many of us use Office 365 these days, but you know what? There are still some people out there who don’t. So for those people, you can actually access Teams for free. That’s very exciting.
The other really cool part, and I love this. This is kind of, you know, the kind of big Cloud geeky bit. Microsoft has announced that Teams is now supporting in-line message translation. So think about that for a minute. In-line message translation. This is like BabelFish stuff for typed chat. So you can be chatting with multiple people, by text here, this is not spoken words here, this is not verbal. You can be text chatting with multiple people in multiple different languages, and Microsoft Teams is now capable of translating those other languages, on the fly, to whatever your selected base language is.
How cool is that? This stuff just blows me away. Isn’t technology amazing? Anyway. This is just a brand new announcement from Microsoft. It is apparently out there in the Teams Enterprise Tenants. I have not enabled it on our Tenant yet, but I will be doing so within the next 24 hours, and testing this bad boy out because I think that’s really cool.
We’ve got, I don’t know whether you remember this, but Grassroots IT, we have staff in multiple locations, so this may be a really fun too for us to test out, to communicate a lot easier with our staff over in the Philippines, and of course with our staff over in New Zealand. So stay tuned as we enable this fantastic new stuff and test it out. I will report back once I’ve had a chance to play.
Thanks for listening to this episode of the Power Up Project, brought to you by Grassroots IT, and Digit IT. Please leave us review wherever you get your podcasts, and until next time, keep powering up.
〉Testing your backups.
〉How to make sure you can restore your business after a power outage?
〉How important ensuring an effective data backup is.
In this episode of The Power Up Project we talk about testing your backups.
Welcome back to The Power Up Project. I’m your host, Ben Dampney, and today we’re going to power up your business by making sure you test your backups, or perhaps that should be making sure you can restore your business in the event it powers down.
So you have backups right? We certainly hope so. Now, we consider data backed up when we’ve used the three-two-one method. That’s three copies of any piece of data, be it a Word document, picture file, email, et cetera, and that’s stored on two different types of media. For example, on a network share and also on a USB hard drive. Now one of these backups must be at a location where the data is not usually stored, so a great example offsite, at your house or maybe in a cloud service.
Now, what types of data should be backed up? Typically, your onsite data, such as your My Documents folder, server file shares, maybe your application database and also cloud services, such as Office 365, Exchange, SharePoint, G Suite, and also your financial packages, such as Xero, MYOB, Reckon, et cetera.
Now, presumably you get reports that the backups are completing okay, or perhaps your IT provider get these alerts and lets you know if there’s an issue. But more importantly than that is, are the backups tested? Now, it’s critical not just to complete a backup but to actually test them. Imagine the feeling that someone has when a critical file is deleted. You might think to yourself, “Okay, well, it’s not a problem, we have backups. We can go and restore the file.” Yet, when you attempt to recover the file, the restore process fails. Depending on the file, you may be able to recreate it or maybe not. If it’s a very large spreadsheet with lots of details about a supplier for example, that could be very difficult to restore or recover or reenter.
Even worse than that, if a CryptoLocker attack on your network encrypts all your files so you cannot access them, that’s really disastrous if you can’t get a recoverable backup, say if it’s a few months old since it was last functionally working for you. According to a major antivirus vendor, one in five small businesses that get affected by CryptoLocker go out of business. Most businesses can recover from data loss for a certain period. For some, it might be a couple of hours. For others, a few days. So I’d like you to take the time to think about any particular system or file in your business, what sort of window could you recover or restore or recreate, and how you might go about doing that.
Testing your backups can mean exploring a backup and restoring a single file, but it can also mean a full disaster recovery test, restoring servers, databases and applications to a test environment to make sure that we can functionally get it working for you. And, I guess, how often is regularly, is a pretty flexible question. It really depends on how you are testing. If you’re manually testing, then exploring a backup might occur once a month. But for a full disaster recovery, maybe it’s every three to six months. However, some of the products that we recommend, such as StorageCraft and Datto, can actually automate the testing of your backups and some of these are done daily. It certainly helps us, as IT providers, sleep at night.
Most importantly, I think it’s critical for managers and business owners to understand where their backups are stored, how often they are being tested, and what timeframe recovery is likely to be. Testing can obviously help you with this understanding. So as part of any good disaster recovery and business continuity plan, you should have an understanding of the process, and whilst you can rely on a good IT provider to assist you, ultimately these plans need your active engagement and ownership, and regular testing. So for my sanity and yours, please, review your backup testing procedures, make sure someone is actually doing it, and look at it today.
Thanks for listening to this episode of The Power Up Project, brought to you by Grassroots IT and Digit IT. Please, leave us a review wherever you get your podcasts, and until next time, keep powering up.
In this episode of the Power Up Project, we’re going to talk about:
〉What is Multi-factor Authentication (MFA)?
〉How MFA can help you avoid cyber attacks.
〉What systems you can use MFA on.
Hey, welcome back to the Power Up Project. I am your host for this episode, my name is Ben Love. Great to have you with us. Today we’re going to be talking about multifactor authentication, otherwise known as maybe two-factor authentication, MFA, 2FA, whatever, they’re all acronyms, they all mean the same thing. Basically, it means adding another authentication step in addition to your username and password to access a system.
Now it’s very simple to do, but it’s also becoming very, very important that you do this. A lot of us have got little physical dangles from the bank that are attached to our keyring and it’s got that little code that constantly changes, so if we need to do a transfer of money from our business bank account, the internet banking site will pop up another window saying please enter your code. And that’s when you need to enter that ever-changing code from your little keyring before the transfer will be authorised. That is multifactor authentication. That’s exactly what it is.
So you are already using this on your bank accounts. But what you may not be using it for is to access other pieces of software such as Xero, your cloud accounting platform or MAIB online, or any of your Office 365 environments such as your email or your SharePoint or your One Drive files
Now what we are seeing across our client base is that multifactor authentication is becoming critical to the point of becoming non-negotiable in most environments because it is the single most effective thing that we’re seeing at the moment for stopping user accounts being compromised. So what would happen if your account, if your password were to be compromised somehow by a malicious party, by a hacker we’ll call them. They would know your user name, and they would know your password, and they would then be able to log on to, let’s say your email.
They would then be able to log on to your email as if they were you. So we’re seeing a lot of things like this occur now. We have seen a couple of our clients targeted with this, but it’s also in the news. You might have heard about it. They’re calling it, well, you’ve heard the term phishing, which is an email spam type attack. And then there’s spear phishing where it’s an email that is sent to specific people and customised to try and get their attention and get them to click on a malicious link or compromise their security in some way.
Well the next step on that, that we’re seeing is called whaling. This is where the malicious parties identify the whales within your organisation, so that might be the CEO, the CFO, somebody with a particular authority. And if they’re then able to compromise, let’s say the email account of your CFO for example, then they could send emails around purportedly from the CFO requesting all sorts of activity, mainly that money be transferred to certain bank accounts. Now this actually is happening in real life. People are falling for this, and money is being lost with this particular approach.
But think about this. If the malicious party had your username and password to access your email to be able to send these emails, if you had multifactor authentication in place, if you had another little random security code that was constantly changing on your keyring or your smartphone app that you needed to enter in to your email before you could log on, then it would not matter that that malicious party had your username and password, because they would not have your randomly changing code. So what we are seeing is that multifactor authentication is really becoming absolutely critical, especially for those people in an organisation who have the most authority, who have the most access to different systems.
So what I really want to encourage you to do after you finish listening to this episode is have a think about where in your digital existence you are currently using multifactor authentication. You’re almost certainly using it in your internet banking for your business bank accounts. But are you using multifactor authentication to log on to your accounting system or to log on to your email? Or to log onto One Drive, where you keep all those HR documents. Or to log on to any of these other online platforms that are crucial to your business.
If you’re not using multifactor authentication in those places, please think about turning it on. It is very easy to turn on, there are instructions that you can very easily google, otherwise of course, call your friendly, handy IT company for help. In most cases, all it requires is a couple of setting changes to your account within the application in question, and an app on your smartphone, such as the Google Authenticator App or the Microsoft Authenticator App. And it literally is as easy as that. It will slow you down logging on to these applications by all of maybe four or five seconds, but the big leap forward that you will take in how secure your accounts are is well and truly worth that four or five seconds worth of log time.
So in summary, people, we now know what MFA is, and you now also know that it is critical that you look at your platforms, you look at what you’re using, and you turn on MFA wherever possible.
Thanks for listening to this episode of the Power Up Project, brought to you by Grassroots IT and Digit IT. Please leave us a review wherever you get your podcasts, and until next time keep powering up.