Blog

Author Archive

Technology and Workplace Culture

With our workplaces more technology-driven than ever, the decisions that managers and executives make regarding a nonprofit’s investments on technology are difficult. How much, how new, how efficient?

More and more, however, nuanced decisions are needed around technology’s impact on the culture and stress level of staff members.

Consider the following questions:

Does your staff have adequate tools to do their jobs?

Do we expect builders to reuse old nails or a hammer with a broken handle?

When staff members waste large blocks of time waiting for software to load, using work arounds for hardware that doesn’t function or routinely lose work because of glitchy tech – it’s hard for them to feel good about the workday.

Solution: Develop an equipment life-cycle plan.  Document your equipment deployment dates and warranty information, and then plan for (and budget for) replacing equipment as it reaches its end of life.

With the availability of e-mail on phones, text messaging, and social media – are you expecting your staff members to be available 24/7/365? 

A recent trend coming to the attention of executives and HR professionals is the “overwhelmed employee.”  With availability 24/7/365, staff members often feel pressure to be not only proactive – but predictive in their work.  If your workplace culture has an expectation of response after hours or whether the staff member is on vacation, you may be paving the way for overwhelmed, burned out, and discouraged staff.

Solution: Providing a clear mobile policy can go a long way in setting solid expectations and mitigating turnover.

Is social media use frowned upon, encouraged or not addressed in your policies and culture?

Social media can be a black hole where daily productivity goes to hide.  Individuals may resent that their colleagues spend time on social media (even if it’s part of their job descriptions), while others may take advantage of a lack of a policy.

Solution: Create a clear and concise policy around acceptable social media use.

 

Do you use technology to create benefits for your staff or is it a stress creation tool?

The benefits of the tech savvy workplace are many.  The ability to collaborate with colleagues in the next office or the next continent with ease; the ability to search for forms, items and records without pilfering through stacks of paper and boxes of files, flexible work schedules.

Solution: The secret to a workplace that uses technology as a tool rather than weapon is to be mindful of the way people and technology interact.

 

The following aren’t new ideas but a reminder that thoughtful consideration can embrace the future:

Set boundaries

Encourage staff to set boundaries and be clear about the organization’s expectations.  Some staff members might work late or use flexible hours, but is everyone required to respond immediately?  Make sure everyone understands what is expected – and the policy is reasonable!

Establish acceptable use policies

Acceptable use policies are a must have in the technological age.  If your staff has his or her own smart phone, does the policy allow him or her to have company e-mail on it?  Can they access organizational data?

Templates for mobile device policies, and social media policies are readily available. Net Standard has some good guidelines to reference: http://www.netstandard.com/13-best-practices-for-developing-your-mobile-device-policy/

If management doesn’t set the tone for acceptable use, tribal policies will prevail and that may not be in the best interest of your organization’s culture or future.

Get input from staff on equipment needs

Small changes can make a large difference to an individual, and just the act of asking for input (and taking it to heart) will make a staff member feel respected and valued.

Technology is now pervasive in and out of the workplace, and employers need to mindful of how employees are using it.  Arbitrary limitations (blocking sites) won’t work as well as clear policies and standards that staff members understand and agree to abide by.  Also remember that technology tools are tools and need to be maintained and/ replaced as they age.

Finally, as an executive or manager of your organization, you don’t have to understand and do all of technology on your own.  Empower your supervisors, your IT department or find a resource to help in this critical area.

Teddie Linder is the Operations Manager for Netlink, Inc.  She has over 20 years experience in helping businesses use technology to accomplish their strategic goals.

Posted in: Tech Tips for Business Owners

Leave a Comment (0) →

Avoid the dread and shakedown of ransomware

If you were within an earshot of current events in the last few weeks, you didn’t escape the news coverage of the high stakes ransomware attack known as WannaCry. While it may have felt like a Y2K– “The Sky Is Falling” – sequel for a couple of days, in the U.S., we managed to avoid the brunt of the latest major exploit that affected much of the globe.

The ransomware exploitation, known as WannaCry, started in May and affected hundreds of thousands of users in government agencies and private businesses around the globe.

An unexpected kill switch was found over the first weekend and that limited the U.S. impact on business Monday. The U.S. avoided the wrath that affected the National Health System in the United Kingdom, as well as Germany’s rail systemRenault and Nissan factoriesFedEx,Spanish telecom Telefonica.

Ransomware like WannaCry isn’t new. Rooted in a simple hacker tactic, ransomware has morphed into a remarkably effective exploit, motivated by profit potential.  In the past, hackers might steal data to sell for pennies on the dollar.  With ransomware, cyber criminals can command fees that are hundreds or thousands of dollars per instance, making it a much more appealing and rewarding pursuit.

Plenty has been written about WannaCry and I won’t rehash the many tech centric articles recounting this particular ransomware or its interesting US National Security Agency (NSA) origins in this article. The Atlantic wrote a solid story that does a great job chronicling this exploit.

The more relevant and less sexy story here is the reminder of the ongoing security susceptibilities that persist for organizations of all sizes, but particularly small organizations.  Ransomware is a uniquely effective threat to small businesses and nonprofits, mostly because many of these organizations haven’t entirely shielded themselves from the morphing threats.  This shortfall isn’t due to lack of desire but usually tied to the realities of economics, adequate knowledge or priority on the TO DO list.

To combat the sense of unease that intensifies during these high-profile security exploits, a non-technical understanding of what ransomware is, why it is a big deal and how to offset exposure to future attacks is most critical for small businesses, nonprofits and smaller organizations.

The creativity with how exploits continue to evolve (think Chipotle’s recent credit card breach) doesn’t mean we should give undue energy to the increased anxiety or fear.  Acknowledging the potential for exploitation and taking some prudent steps for predictable recovery will go a long way to reducing elevated concern.

What is WannaCry
WannaCry is in a category of malware known as “ransomware,” a malicious software that generally infects a computer to prevent normal usage while encrypting the documents and files to prevent access to saved data. Ransomware can prevent you from accessing network shares and stop programs from running. Those who were infected with WannaCry found their computers locked, with hackers demanding a $300-$600 ransom – hence the name Ransomware —  to unlock a device and its files. WannaCry is the noisiest example of the Ransomware problem to date.

Why does ransomware work so well?

Ransomware is the digital extortion. And like most budding exploits, money is the motive.  Unlike hackers who silently steal data, the ransomware class of criminals prey upon basic human emotions.  Because emotions can elicit immediate calls to action, this has proven to be very effective. Ransomware motivates a user to complete an action out of fear or embarrassment, which in the case of most ransomware exploits, starts the process of encrypting the data files or files shared on a network.  A few examples of some of the easiest routes to exposure:

  • A person gets a troubling message that they have somehow violated Internet protocol by visiting inappropriate or illegal sites and must pay a fine by clicking a link or downloading a file.
  • An employee receives an email from a trusted friend or work colleague. They are told to download the attached file or click on a link.
  • A person receives an email masquerading as a purchase, credit card statement or well-recognized online store invoice with excessive amounts listed as due. Links or attachments files are included that bait the user into trying to learn more.

After following the initial instructions, the user may receive an ominous message that they violated internet protocol by visiting inappropriate or illegal sites and are prompted to act by paying up.  If they don’t pay up, they will lose their files due to the encryption step. Sometimes, users are threatened with having the files published on the internet. It sounds real. It looks real. And contacting the IT department before opening an email is unlikely, so employees are often easily tricked into this scenario.  

With so many threats, as a small organization, how do I keep up?

Budget and resource limits are ever present for smaller organizations. Those limitations may have you perpetually questioning how you can possibly avoid the exploits and affect your security and technology backbone favorably if those with many more resources and larger budgets – larger organizations – have so much trouble.  The clichéd “less is more” favors the small organization.  As a smaller organization or business, you have an advantage in nimbleness that larger organizations are challenged to match where security and redundancy are concerned.  Where larger companies have a much larger footprint to maintain in equipment, data, software, end users, training etc., smaller organizations are arguably more nimble and easier to manage.  Less to manage is a huge advantage.

Having a smaller footprint allows you to have control of your security and technology setups in a way that can be monitored and maintained efficiently­ –  so you can sleep at night knowing you can recover in short order.

Regardless of whether you work with an IT advisor/consultant, or whether you handle in-house, plan around the usual catastrophes (fire, theft, disaster) and give equal weight to suffering an exploit like ransomware. What does that look like at every level for your organization or staff to maintain continuity?

Starting from there, focus on a backstop that includes best practices minimums to protect and recover your business to normal operations.  Broadly speaking, these practices include creating and maintaining regular backupstraining employees to avoid being baited into infectionpatching applications and operating systems, and limiting administrator privileges.

Below is a simplified checklist to protect and remediate after a Ransomware exploit:

  1. Whatever your level of IT complexity, approach IT as if you will encounter an exploit or hack. Have a clear, tested plan in place to remediate systems, recover data and resume normal business operations in a timeframe commensurate with your particular needs.
  1. Back up your files and computing environments regularly. The only way to ensure that you can immediately handle a ransomware or other exploit is to mandate a backup process and schedule so your company can get access to the files and data it needs without dealing with the cybercriminals. The Cloud gives increasingly flexibility to automate backups – recovering in short order and should be part of any IT roadmap.
  1. Test and verify your backups on schedule appropriate for your business (monthly, quarterly).  There are times when something can damage your files. Be sure to check regularly that your backups are in good shape by testing recovery timeline and reliability.
  1. Automate your operating systems and applications patch routine. Cybercriminals tend to exploit vulnerabilities in software to compromise systems.
  1. Protect against phishing attacks. Cybercriminals often distribute fake email messages that look like an official message from a vendor or bank, luring a user to click on a download or malicious link and download malware. Train staff to avoid attachments from an unknown sender or even suspicious attachments from a friend in case they have been hacked.
  1. Walk lightly with web links (hyperlinks) by verifying the source. Malicious links can be sent by your friends or your colleagues whose accounts have been hacked. Let employees know that if they receive something out of the ordinary from a friend, they should call that person directly to verify that they sent it and find out if their accounts have been compromised.
  1. If you still use older — legacy antivirus/anti-malware programs, check with your IT solutions provider and consider a managed security model that includes end-point protection, or newer behavior-based approaches to protect your system from ransomware.
  1. If ransomware or a suspected exploit hits… Cut off your internet connection immediately. If you discover Ransomware, shut off your internet connection immediately.
  1. If your files become encrypted, don’t pay the ransom.  By paying criminals, you’re giving them an incentive and the means to develop better ransomware. This is where your approach to Best Practices and a solid backup rountine comes into play.

The bottomline:  by accepting the potential for exploit, planning, implementing and testing for a predictable recovery, smaller firms can be surprisingly nimble in combatting the possibly of compromise, remaining assured of any recovery if needed.

There is an abundance of tools and services to accomplish these tasks and they aren’t hard or expensive to implement.  A simple, high confidence plan is the surest way to remove future anxiety and the perpetual dread associated with the certainty of additional highly visible exploits to come.

 

Posted in: Tech Tips for Business Owners

Leave a Comment (0) →

Security 2017 update: Spotting and stopping everyday hacking attempts

By Teddie Linder, business manager, Netlink Inc.

Technology security is an ever-changing landscape, with new risks coming quickly and that are subtler.  The three examples are from real situations that Netlink has helped clients with in the last six months.  Our intention is that in sharing them, you will note the sophistication and follow our recommended precautions to keep your organization safe.

  • Physical security risks: In 2016, an individual entered an apartment leasing office posing as a printer repair technician.  The individual inserted a USB Flash Drive in several desktop computers.  The office manager called our company and we investigated each computer, changing passwords, checking for malware and making sure each machine was secure.  All the company’s sensitive data was stored on an offsite main server, which couldn’t be accessed by the USB Flash Drive).
  • Phishing scams: A dental office received an email on mock HHS (Health and Human Services) Departmental letterhead signed by an OCR’s (Office of Civil Rights) Director, Jocelyn Samuels.  This email appears to be an official government communication, and targets employees of HIPAA covered entities and their business associates. The email prompted recipients to click a link regarding possible inclusion in the HIPAA Privacy, Security, and Breach Rules Audit Program.  The link directs individuals to a non-governmental website marketing a firm’s cybersecurity services.
  • Wireless network takeover attempt: An attempt to takeover a wireless network (the attempt created issues with accessing the network, which was how it was detected).  If successful the hacker could have traced keystrokes and accessed passwords, which led to sensitive data (personal identification records, financial records).

 

Preventing cyber technology breaches like the ones above requires awareness and understanding that clicking on a link can be dangerous.

Make it a point to talk to staff members about technology security.  Everyone should know whom to call in case of a problem and not to accept “help” from unknown individuals.  Don’t assume that your staff knows about scams.  It only takes a few minutes to remind them about e-mail and office security.  Below are talking points for both your staff and your executive team on this important topic.

Staff members must be aware.  If a technician appears to work on a computer or printer, make sure to ask for identification or to call the company represented to ensure that they really sent a tech to your office.

Be suspicious of the unexpected. Before clicking on links sent by e-mail, check what the e-mail address looks like.  An “official” government e-mail sent from a gmail e-mail account?  That should raise a red flag for managers and staff members alike.  Don’t click on links sent from e-mail accounts that you don’t know or from senders that are unexpected.  Validate ANY link in ANY unfamiliar email before clicking on it. Malicious links arrive in spam emails —  many disguised as FedEx, UPS, or USPS shipping updates — every day. Make sure you hover over all links and look for legitimate IP addresses, not long strings of random characters, before clicking. If you weren’t expecting anything, don’t open the attachment.  All it takes is one click by one employee in his or her personal email account while at work to compromise the data of your entire organization.

Finally, at the organizational level, it is a necessity to make sure your network, workstations and infrastructure is up to date for security.  If you take donations, keep sensitive data on your network devices, your IT professional can also scan your network infrastructure for irregularities indicating potential breach risks. Have a trusted IT professional assess and baseline the security of your systems.

Posted in: Tech Tips for Business Owners

Leave a Comment (0) →

Integrate IT for mission success

Over the past several years, technology has begun to transform the nonprofit sector, and has tremendous opportunity to help deliver on their missions in effective and scalable ways.

However, the strategy and planning for technology has not always been integrated. Too often an organization’s map shows the operational functions on one side and IT on the other or not there at all.  When this is the case, the organization’s goals aren’t driving technology strategy, so they aren’t driving its tactics, either. The misalignment is costly with technology purchases happening when critical, and not necessarily budgeted for nor planned.

If it is not part of your organization’s goals for next year, consider this: a convergence between technology and the organization’s mission.  The value of technology solutions should be the value provided to the nonprofit, and should be determined by how well they support the organizational strategy.

Important questions

Organizational leaders who are concerned about controlling technology investment in a pro-active manner should start with considering the following points:

  1. Have you assessed (either internally or with an outside expert) the current state of your network’s infrastructure and staff workstations?
    • The assessment should examine how your staff members work and make sure the systems support them adequately.
      1. Field staff members might need laptops and the ability to remote send to premise servers or access files and applications in other ways.
      2. Security and compliance should be current.
      3. Line of business applications, such as a donor connection tool or a development tool, should be supported.
  1. Is there a planned replacement schedule for outdated equipment?
    • Waiting too long to replace equipment can create hidden costs in lost time while staff members struggle with poor equipment.  By correctly assessing the state of equipment and budgeting for replacement — rather than waiting until you’re forced to replace — can relieve stress.
  1. Is there a budget line item for technology and equipment?
    • Breakage and the need for repairs don’t give warnings.  Things like lightning induced power surges can be a budget breaker, taking multiple pieces of equipment out simultaneously.  Check your insurance to see if the event is covered, but make sure you have funds available to cover contingencies as in other areas of your operation.

Keys to success

The key to successful management of technology is to be mindful of it as a supporting player for the mission of the organization.  Technology should be an ally rather than a necessary evil.  Objectively assessing the technology needs of the organization is as critical, as creating the budget to fund those needs and can take some of the stress out of this area of your organization.

The board or executive team who regards technology as an “extra cost” in the current environment may find itself consistently behind the curve and have a staff that is struggling to execute with inadequate tools.

Going into 2017, especially when considering hardware or infrastructure investments, thinking convergence and support could make an enormous difference to how your organization functions.  Technology should be seamless; the tools your organization uses to accomplish the tactics and strategy ultimately lead to impacting the mission.

by Teddie Linder, Business Manager, Netlink

Posted in: Tech Tips for Business Owners

Leave a Comment (0) →

Don’t let outdated practices hamstring your nonprofit

By Teddie Linder, Business Manager, Netlink, Inc.

Recently, Netlink assisted a for-profit property-management company in its acquisition of multiple apartment complexes in another state.  The client planned the acquisition and worked with us to ensure a timely takeover regarding technology.  In advance of the transition, the only variable not completed involved obtaining master settings, licensing and passwords from the previous IT management resource. This info is needed to make sense of what is in place, make changes, install new software, create new accounts and connect to the new management company’s network and IT resources.

Unfortunately, the property-management company’s existing IT provider wouldn’t address any needs in advance of the changeover.

The staff arrived to work on the first day under new management only to find their systems didn’t work properly.  They were unable to conduct the routine daily business like moving tenants in and out, and handling maintenance requests. The manager in charge of the transition was upset, frustrated and angry; the transition took longer and was going to be more expensive.

Even after it was resolved, a single question remains: What happened?

Instead of handing off the administration rights, the IT staff simply wiped settings and licensing from the computers.  All of the programs were removed. Netlink’s staff faced a long day of configuration, relicensing programs and resetting equipment in multiple offices, before the company’s staff was back online.

Did the previous company do anything wrong?  Not really; they simply followed a system that was advantageous for them, but one that hamstrung the client.  The end-result was that it made life difficult for the owners, executives and staff by creating an unneeded “hostage situation” for technology assets and tools: the servers, workstations, software and subscriptions that allow a business to operate.

This “standard practice” involves the IT company setting up accounts in its name, not under the client’s.  It is an outdated approach that many times involves billing the client for additional services with a markup.  The problem with this relationship is the client doesn’t “own” the setup, server, the subscription or the license.  So when it is time for the client to make a change or move on, they have to start with brand new setup, sometime new subscriptions (increasingly used for software licensing or programs), and migrate company data to the new setup.

This practice creates a level of stress and a lack of mobility that is unnecessary.

A different model to consider is “client-owned, provider-managed.”  Each account is established with the client as the owner of the account.  Payment is made directly by the client company to the vendor of the service(s) and the IT provider is paid only for managing those services.  This keeps the role of the client, the IT Management provider, and the services vendor clear and allows the client to change as the market or other forces require.

The bottom-line is business owners or executives should ALWAYS maintain access to their own information technology framework where possible.  The client’s business should always have access to licensing, passwords, and configuration details that a reputable IT provider maintains on the company’s behalf, and can be repurposed when needed.  Examples include:

  • E-mail hosting (Office 365/Google Apps/other)
  • Server & file access
  • Internet ISP connection (know who Internet service provider is, and have the account information accessible)
  • Domain network/registrar info
  • Website hosting info

Netlink, Inc. shifted to the client-owned, provider-managed model several years ago sensing the limitations and wanting to combat the perception of holding IT information hostage.  It is a cleaner, clearer, and more customer-centric approach, different than reselling or recreating setups from scratch.  Our clients own their configurations, which will travel with the them, regardless of whether Netlink manages the company’s IT or not.

The clarity of succession brings benefits to both the client and the IT provider.  Both parties are clear on the IT provider’s role, as well as the cumulative benefit of maintaining configurations and documentation on the client-owned setup.

At Netlink, we believe strongly in the power of the client relationship — keeping the optimal customer experience as the guide for all that we do.  Adding predictability and removing ambiguity benefits everyone.  Like any good business relationship, simplicity, clarity and transparency are minimums and benefit everyone regardless.

 

Teddie Linder is the business manager for Netlink.  A certified Green Belt in Six Sigma through Paradigm Group, she focuses on process improvement that benefits the customer and the business.  Six Sigma is a process improvement tool set, that follows a model of data driven improvement.  She can be reached at teddie@netlinkinc.net.

 

Posted in: Tech Tips for Business Owners

Leave a Comment (0) →

Tablet or Laptop – What drives the decision?

By Chip Heberden, owner and president, Netlink, Inc.

Unless your organization supports the increasing trend toward BYOD (Bring Your Own Device), the laptop or tablet battle may still be unresolved.

Decision-makers, especially in smaller organizations, are continually tasked with making sense of these devices, navigating the hype, and ultimately finding the right fit for their staffs.  Sometimes there is an IT partner to assist, other times it can be a solo effort with everyone having an opinion.

To help navigate this murky, ambiguous topic, here are some musings on the subject.

Increasingly, the first question seems to be:  Is a laptop even necessary when tablets can perform so many of the same functions?  The short answer is — it depends. Apple’s iOS, Android and Microsoft all offer different ideas on what a tablet is.  Generally, it is a device designed to work from an application framework always connected to the Web. Every person uses his or her technology differently. Some can easily get by with a tablet working only from the Web. For others, additional capabilities are needed.

Below are some points to consider on each type of device, along with the current state of the ultimate fence-sitter: hybrid devices.

 

The download on tablets

The design of the current tablets — mainly touch screen — is extremely intuitive, especially when paired with touch-friendly operating systems of Windows 10, Android or Apple’s iOS.

Most tablets support some level of multitasking, allowing you to run one or more apps in the background while working in another.  The full-screen focus of tablets is also seen as a distraction-free alternative to multitasking.

The small size of tablets inherently means more mobility, and is tailored for use on the go. The smaller size makes it more comfortable to use the device casually. A tablet can be used at the library, but also on the subway, in the kitchen, on the couch, in bed and everywhere in between. The small screens are also well-suited to personal media consumption, whether it’s watching shows, movies or reading.

Tablets offer excellent battery life. This efficiency is the upside of smaller, less powerful mobile processors that are more battery efficient.

Tablets are all apps, all the time. Always requiring available Internet connection, apps are a slightly different approach to software delivery.  They are task specific and generally less expensive than PC software, with many selections completely free.

The process of buying and consuming digital media is often simpler on a tablet than anywhere else. Broadcasters and movie studios in particular are bending over backwards with apps and services that put their content into the hands of iOS and Android users, and digital distribution through iTunes, Amazon and Google Play have supplanted many of the traditional outlets as the go-to source for media.

If your daily computer use revolves around the Internet and social media, streaming services like Spotify and Netflix, and only light productivity, then you may be able to make do with a tablet alone.  Other individuals require additional capacity. And for those users, there are some compromises required for the tablet-only lifestyle that they are unable — or don’t want — to make.

The download on laptops

Laptops, like desktop PCs, have a built-in benefit over tablets, and that advantage is power. Generally, laptops have more powerful processing hardware, allowing for a wider range of uses, faster performance and better multitasking.  Laptops easily handle common tablet uses — like Web browsing and media and app streaming — but then go significantly further, with uses ranging from simple data entry to complex tasks like photo and video editing and other full-blown applications.

Additionally, there’s the form-factor reality. Laptops have the benefit of having a keyboard and mouse built-in, allowing you to do all of the typing and mouse-related work you would do on a desktop, with greater control. A physical keyboard is a must for entering long blocks of text, and a mouse is far more efficient than a touchscreen for frequent swapping of windows, clicking of links and generally mousing around. This is even more important in the workplace, where those very tasks may make up the bulk of your day.

If you need to do complex work, need powerful processing or multitasking, or need compatibility with a specific accessory or storage device, there’s no superior alternative to the laptop.

Hybrids: the technology coming along
With all of this laptop-versus-tablet talk, it’s worth noting that companies are hard at work to bring users the best of both worlds.

These laptop/tablet hybrids are made to close the gap between laptop power and tablet convenience.  Many of these designs are still a work in progress.  As of now, these blended devices continue to be collections of accessories that may be hit-or-miss experiments in design, although designers and engineers are working out the bugs with every iteration, and soon the laptop vs. tablet question may disappear entirely.

The hybrid category will only get better over time as technologies improve and designs are refined.

Bottom line

Though there are clear reasons to favor one device over the other for certain uses, the laptop versus tablet debate may ultimately be a moot point.

In today’s connected world, laptops and tablets are likely best used together as companion devices. For the business user, a single device that does it all has its devotees.  The one exception may be the Surface Pro.  Some users have found this to be the best of both worlds on one device.

The optimal setup will vary from one organization to the next. There isn’t a right or wrong and it will change over time.  Taking a closer look at how your organization utilizes technology and how users prefer to work will bring clarity to the selection, and guide the choice of the proper device.

Chip Heberden is the owner and president of Netlink, Inc. For over 20 years, he has supported local community businesses through IT managed services.

Posted in: Tech Tips for Business Owners

Leave a Comment (0) →

Multi-Tasking Myths and Reality

Chip Heberden, Netlink, Inc.

The turmoil of a typical workday creates endless opportunities and constant pressure to do many things concurrently.  Our technology lets us conference call during our commute, email during meetings, and channel the great football commentator John Madden by handling a continuous stream of inbound pings as we tackle the workday requests from co-workers, customers, clients, and our social networks.

Multitasking is the universally accepted vernacular we use to reassure ourselves that our technology is allowing us to do more, keep up, and get us better all the time.  Whether it’s the constant pull of texting, reviewing pings, or tending to the self-imposed requirements of email, your mind has many opportunities to get sidetracked with the fix of the moment.

Adopting more of its increasing capabilities, multitasking tools seem very natural: why not attend a meeting or a workshop while browsing the web at courtesy of ubiquitous wi-fi. Or document your lunch hour outing with pictures via Instagram for your social network, or respond to messages as soon as they arrive in your inbox while you are working to complete an unrelated proposl.   Multitasking means you are getting it “ALL” done at once, doesn’t it?

But are we getting it done?  Several years ago, a Frontline documentary called Digital Nation delved into some overlooked realities of multi-tasking. The program illustrated the potential shortcomings by chronicling a Stanford experiment that tested college-age students and their success at multitasking. The results from this research showed the students who multi-tasked had issues thinking clearly, mostly because they tried to pay attention to everything. The non-multi-task group was more focused and more efficient at completing tasks as well as more proficient at filtering out irrelevant data. (To read more about the Stanford study, click here: http://news.stanford.edu/news/2009/august24/multitask-research-study-082409.html

More recent research shows that multitasking is a serious drain on productivity.  Instead of advancing multiple tasks at once, it increasingly looks like multitasking causes us to do things poorly, and perhaps, where it relates to work, we create more work.  According to Andrew Filev, CEO and founder of Wrike, shifting between tasks can cost as much as 40 percent of someone’s productive time. If an individual works 40 hours per week, that’s 16 hours of lost time—two full days per week. That is a number that can’t be ignored.

In today’s fast-moving, always-on office environment, employees and managers alike have to understand the potential high cost of inefficient multitasking and how to employ strategies to keep the chaos to a minimum.  According to the American Psychological Association, there are four common types of multitaskers:

  1. You are approach-oriented or reward-focused. Your brain says “If I do more work at once, I can complete more work at once.”  While this seems intuitive, the reality is this doesn’t work.
  2. You are a high-sensation seeker. These are people who use multitasking to fight boredom (or because of boredom). By shifting focus periodically, you keep your mind engaged with a new task.  This may lead to incomplete tasks as you shift to another focus.
  3. You’re convinced you’re part of the 2 percent of people who can multitask effectively. It’s normal for us to think we’re better at multitasking than we are. Be cognizant of your actual productivity, and see if you’re really as good as you think.
  4. You have trouble focusing. You may not be multitasking intentionally. Use technology as a tool for focus, rather than distraction. Mute your notifications, minimize your tabs, and avoid your inbox while focusing on work.

So how do we take back our attention and advance our quality of work from the digital distractions?  Here are some simple strategies to make those devices and apps allies instead of obstacles to productivity:

  • Take back your time by being mindful of your goals for the day: When a new task pops up, ask yourself, “Is this important for meeting today’s goals or objectives?” If not, it’s probably not something you urgently need to shift your attention toward.
  • Adjust your settings/surroundings to cut down on distractions: If you can’t mute everything, funnel your inbound alerts into a single stream where you can prioritize some items and reject others. You can also use apps to help you bundle and channel the noise. A little bit of time spent adjusting notification settings or process on the worst offenders (e.g., instant messaging) is a worthwhile endeavor. Set aside a few minutes at the top of an hour or every 90 minutes when you check in to see if anything needs immediate attention. For those moments when you need to get into the flow, enforce solitude by silencing notifications entirely.
     
  • Utilize features of your e-mail client to reduce the visual clutter of your mailbox: Send all of your e-newsletters to another folder, and read them when you have time, and so they won’t distract you when they appear throughout the day. Better, ask yourself if you need to actually monitor your inbox on your phone or computer in real time.  For the most part, most emails shouldn’t require your immediate attention.

The technologies we adopt unquestionably allow for doing things differently and, many times, more efficiently. We should, however, be mindful that the technology we introduce, increasingly competes for our attention.  Most people are not proficient multitaskers and constant distractions from technology can cloud the intended benefits of the tools.  Understanding how we work best and where technology belongs most in our work is the ongoing chore.  If additional focus, increased efficiency, and improved productivity are desired, being attentive to the flow of the moment-to-moment and eliminating distractions in the form of excessive interruptions may get us closer to getting it ALL done moreso than adding an additional tool with the potential to interrupt our Groove.

 

Chip Heberden,  Netlink, Inc..  Netlink is committed to supporting local businesses with a portfolio of  predictable and flexible IT Professional Services.

Posted in: Tech Tips for Business Owners

Leave a Comment (0) →

Understanding the risks and benefits of cloud computing

By Chip Heberden, owner and president, Netlink, Inc.

Cloud computing is a boon to small businesses and organizations. With cloud services handling specific technology tasks, small organizations can reap the benefits. They don’t have to deploy physical infrastructure like servers, storage systems or expensive software.

The “anywhere, anytime” availability of these solutions, means hassle-free collaboration among partners, managers, and employees by using web browsers. It’s not a reach to say that aside from a locally installed desktop operating system and browser (and increasingly, mobile devices) a lot of today’s daily office technology needs can be fulfilled almost completely with applications accessed through the Internet’s cloud.

However, with all the technology readily available, it can make it a challenge for staff to understand and keep track of all the service possibilities out there.  The reality is that each time a cloud subscription is created to solve a particular problem, the company’s need for managing these services grows. Cloud services are generally not “set it and forget it.” There is some work required to manage the intricacies of a given service and its integration with other services.

What The Cloud Can Be

Many still see the concept of cloud computing as a marketing term to define centralized, mainframe computing. However, the model of today’s cloud computing is drastically different from the mainframes of the past.

First, the sheer amount of unique Internet resources available makes today’s cloud computing incomparable to mainframe/terminal host computing.

Secondly, cloud computing is a broad umbrella under which many sub-divisions fall. Most small businesses and organizations’ first exposure to the cloud is with a SaaS (Software-as-a-Service) offering. SaaS is where a specific application or service is offered to a customer as a subscription. Office 365, Dropbox, Salesforce.com, and Hosted QuickBooks are all examples of SaaS.  The value of SaaS is that it provides a method of delivering a host of software and tools much better than the legacy method of heavy and difficult to manage standalone solutions. SaaS is delivering the same beneficial software tool used in the past, but much improved and distributed centrally from the provider in the cloud.

As with all technology tools, improvements in workflow, process, collaboration, and integration are where the biggest efficiency gains (and cost savings) are made.  Justifying and setting up a given service is the easy part.  Understanding what efficiency gains are possible and knowing how to track and leverage the services are where success is ultimately found in this increasingly ubiquitous technology.

Cloud Considerations

For many, cloud computing means inherent concerns about security, stability and data ownership. For the small business owner or organization manager, these downsides are a tolerable risk in the value exchange for the subscription price entry points.

One extreme example of a cloud downtime a few years back had Intuit’s website down for two days, leaving its customers unable to access their data in Intuit’s online offerings including Quicken, QuickBooks and TurboTax. Such downtime stories serve as a sobering reminder that trusting your data and technology services to an off-site third-party places you at the mercy of that third-party’s uptime reliability.  While downtime is universally not desirable at any time, it is usually a short interruption. The larger challenges come from what and how to manage.

Improper management of cloud services can give any organization grief. This survey published in PC Magazine found that with cloud computing adoption rates ever increasing, executives’ concerns over efficiently managing disparate cloud services was rising. This is an issue for executives of any size organization. Protecting cloud data, planning for backstops in workflow, integrating services or managing the layers within various cloud services, mandate the need for effective management of technology with cloud services. With the tectonic shift being made away from maintenance and legacy (server/client) infrastructure, tending to one’s cloud organization, management, and processes are where the conscientious executive will ensure cloud success.

Without attention, IT sprawl will take over.  If someone on staff cannot handle, document, or maintain the particulars, the next best approach to avoiding having services in disarray is to engage an IT advisor that can guide your journey.  A qualified IT resource doesn’t have to be expensive, but it does require intent.  A qualified advisor will benchmark your services, provide a repository for documenting the roll up all of the sprouting services, helping the organization make sense of the particulars.

As the adage goes, you might think you are getting by, but you run the risk of spending a dime to save a nickel

 

Chip Heberden is the owner and president of Netlink, Inc. For over 20 years, he has supported local community businesses through IT managed services.

Posted in: Tech Tips for Business Owners

Leave a Comment (0) →

Prevention and planning: keys to avoiding and surviving a computer exploit

Understanding computer exploits like malware and viruses and how to prevent them, are basic business survival skills these days regardless of your organization’s size.   Just like other technologies, security compromises are getting more innovative.  It pays to be aware of how to prevent infection and if compromised, lessen the risk of damage.

A computer exploit can involve any number of malicious codes that can be designed to capture personal information (name, address, passwords, even financial information), destroy data, or hold your data for ransom!  Exploits such as viruses and malware may use a variety of delivery methods, and cause different types of damage.  The malware designers take advantage of the same technology and processes that we use every day, stealthily working out ways to lure unsuspecting users into executing the code.

Here are two current trends using computer exploits:

Phishing/extortion scams

The purpose of typical phishing or extortion scams is to get the recipient to provide personal information, or introduce malware into his or her their system by clicking an attachment or link, which executes malicious code.  Whether a mistyped webpage that strikes fear imploring you to call a number, or a message that arrives in your inbox under the illusion that it has been sent by a legitimate institution, the methods are endlessly creative to compel you to take action.   Many of web and spam filters are aware of these core threats, and actively block content containing elements of suspected viruses or malware, but it is important to understand that NO filtering can be 100 percent effective given the pace that these threats morph and change.  The end user has to be vigilant in his or her scrutiny during day-to-day work and processes.

Prevention for phishing

If you receive an email that is a suspected phishing scam or unsolicited email with suspicious attachments, DO NOT CLICK ON ANY LINK, OPEN ANY ATTACHMENTS (usually sent as compressed, .zip files), supply personal information, click a link or attempt to contact the sender in any way. If you are compromised, shutdown your system and contact your IT service provider to quarantine possible damage.

Ransomware

Ransomware is the one of the more severe exploits of late that, once it gets inside a host computer, it can render most of your data unusable. If installed, the process connects to illicit servers; uploads sensitive info like your public IP address, location, and system information; and generates a random encryption key. That key begins encrypting individual files, both on your computer and on any mapped, shared or external drives, shared networks or cloud-based storage. Once encrypted copies of those files are created, originals are deleted from the hard drive, preventing users from accessing them.

The scariest aspect of the latest ransomware, called CryptoWall, is that it’s spreading via spoofed email arriving as an apparent pdf attachment (but it really isn’t).  Worse yet is “malvertising,” via compromised banner ads on legitimate websites like Yahoo, AOL and MSN. The infection is transmitted via Flash, so if a user simply visits an affected website with Flash enabled his or her browsers, the user’s PC can be infected without even clicking on anything malicious. This means most anti-virus programs are unable to prevent CryptoWall, leaving the computer and user vulnerable.

There are two telltale signs of infection by ransomware: 1) If you attempt to open a file and the data is jumbled or not displaying properly, and 2) If you attempt to open a file and get something like “DECRYPT_INSTRUCTION” instead. This will provide instruction for paying a ransom (usually $300 to $1,000) and obtaining a decryption key, which sometimes works to retrieve data and sometimes doesn’t. Even when it does, it’s a time-consuming task.

Prevention for ransomware

Have a trusted IT professional assess and baseline the security of your systems.  Limiting admin rights for user PCs, applying DNS filters, implementing strict browser settings and employing constantly updated behavioral anti-spyware can help. But these are complicated measures with which most managers, directors or staff doesn’t have the time or ability to keep up. Only proactive security steps and nonstop vigilance will properly address the morphing nature of these technological threats.

Validate ANY link in ANY unfamiliar email before clicking on it. Malicious links arrive in spam emails —  many disguised as FedEx, UPS, or USPS shipping updates — every day. Make sure you hover over all links and look for legitimate IP addresses, not long strings of random characters, before clicking. If you weren’t expecting anything, don’t open the attachment.  All it takes is one click by one employee in his or her personal email account while at work to compromise the data of your entire organization.

Avoiding the threat of viruses like CryptoWall is possible with diligent and continuously updated security measures.  Even with the best security efforts, there still will be potential for errors with browsing and email use, which makes a strong backup solution critical to the ability to recover your business data.

Disaster recovery planning

Exploits can be minimized but aren’t always possible to stop.  Planning for a backstop and thriving after a virus attack is a must. Organizations should be creating comprehensive image-based off-site backups at a minimum once a day. There are subscription services that can do this effectively and economically, and the small investment is more than worth the lost time and productivity of reconstructing your organizations data and environment.

Exploits don’t have to have the last say where your data is concerned.  While prevention is most desirable, a bit of planning and ongoing attention will allow for a predictable recovery path if the worst does happen.

Posted in: Tech Tips for Business Owners

Leave a Comment (0) →

Be savvy with in-kind software donations

Technology expenses stack up quickly, so it’s a good idea to keep up on where you can maximize your budget and value.  One easy way that that many nonprofits use is in-kind donated software offerings from major software suppliers.

Here are some options for donated or discounted software that we recommend to clients. You may be aware of some or all of these, but it’s a good idea to keep up with new offerings.  This isn’t a comprehensive list, but many of most widely used.

In addition, some words of caution:  like any really good deal, there may be unintended consequences.  When registering for any program, be sure and read the fine print, and check in with colleagues who have used the product or service before you sign up and get too far down the road.  In addition, the migration to a new product can be complex. Before you switch, be sure to do your homework, and ask the question:  Do I need a new product or do I need to better use the one I have?

Resources available to nonprofits

TechSoup:  This organization is a 501C3 that serves other nonprofits.  Not only does it provide software resources, but it also provides training and insights on its website to help educate nonprofit organizations on technology.  Its mission is to connect nonprofits, charities and libraries with technology resources and to help the members of those organizations make educated decisions about those choices.

Many well-known software providers (you HAVE heard of Microsoft?) donate software to TechSoup for licensing to qualified organizations.  TechSoup is a preferred clearinghouse because it is a nonprofit and isn’t in the business of selling software.

Google:  Just like all the cool products aren’t available at your local retailer, not all great software resources are available at one location.  Google has a robust nonprofit program, including its Google Apps for Nonprofits.

Your organization’s program or outreach manager might be interested in Google Ad Grants, another in-kind product available from Google that can help promote your nonprofit’s website and track donations. It’s another way to use technology to further your organization’s reach.

Office365:  This suite is similar to Google Apps and since last year has been free to nonprofit organizations.  It is an online suite and does not include a local, desktop, version of the Microsoft Office software.

Salesforce.com:  The arm of Salesforce that supports nonprofits is Salesforce Foundation.  The key to many connectivity efforts where technology assists is integration.  Salesforce is very good at integration and its program has helped organizations, such as the Polaris Project and the American Red Cross.

Take advantage of educational resources

While taking advantage these programs, don’t pass by user forums and online communities. They can provide information about technology-based resources or companies offering in-kind donations of software or services.  Just because something is free or very low cost doesn’t mean it’s the right solution for your organization.  Education is a powerful ally when making technology decisions.

 

Chip Heberden is the owner and president of Netlink, Inc. For over 20 years, he has supported local community businesses through IT managed services.

Posted in: Tech Tips for Business Owners

Leave a Comment (0) →
Page 1 of 2 12