2022 has been a big year for IT with the way we work firmly changing after the last few years.
The IT Alliance, which Decision1 is a part of, are a group of IT companies across New Zealand. In conjunction with the other members, we have put together our thoughts on the biggest trends that we have all seen across many varied clients, throughout New Zealand, in 2022. The IT Alliance members deal with real New Zealand companies who may be facing similar IT issues as yourself. The businesses are generally small to medium sized businesses, often time poor, resource limited and with some cash flow restrictions. These are not multi-million dollar US companies. Here we share the key trends that we are seeing with I.T in New Zealand companies as we round up 2022. #1. Teams The culmination of the past few years has seen a huge shift towards remote and hybrid ways of working. Teams has become much more popular across clients who wish to collaborate on projects from remote locations. In a case study about Northland Kindergarten Association, they share how Teams has helped them through the past few years, and how it can also help your business. We are seeing companies begin to explore the many options within Teams, and begin to utilise these within their businesses. Sharepoint and power apps are being picked up more for helping companies streamline internal processes and communication. #2. Security No longer are Cyber threats something that happen to big overseas companies. New Zealand companies both large and small have been hit by Cyber attacks and have paid the price in time, money and reputation. The realization that we are not “so far away that this could never happen to us”’ has vanished, and been replaced for a healthy respect for Security. Nothing can take 100% of the threats away, but having an IT provider making sure that your whole system is as secure as possible, should make any Kiwi business owner sleep more soundly. 2FA and MFA: 2FA or Two Factor Authentication or MFA Multifactor Authentication are now being widely used. Password Management System: Password management systems are being taken on by most clients. Monitoring and Maintenance: Companies now realise the value in having this taken care of on a 24/7 basis by an MSP (managed service provider). #3. Supply Chain Issues: 2022 has still seen some post-Covid delays with computer shortages. Whilst that supply chain is now largely back to a good time frame, it has made companies aware of the value of creating a plan for the future. You can read about how to create a plan for computer hardware here. #4. The move to a Managed Service Provider: As I.T becomes even more integral in your companies success, companies are realising the benefits of having a Managed Service provider as opposed to “someone you ring when something stops working.” A Managed Service provider is like your outsourced I.T department, who runs all of the checks and balances remotely, and someone that you build an ongoing business relationship with, so that your IT supports your business key objectives. If you would like help or advice with any of the above key trends that we are seeing, please do not hesitate to reach out. No question is too silly, and we make it as easy and simple for you because this is what we do! Contact us here.
0 Comments
Teams and Channels may seem fairly easy to set up, however taking some time to assess your needs before embarking on set up, is time well invested.
Here we break down what Teams and Channels are, along with a basic how to for setting teams up. Teams! Let’s talk Teams. Think of teams as a group of people who come together to collaborate. In the olden days, this may have been in meeting rooms, with shared brown manilla folders passed between one another. Nowadays you can collaborate easily with Teams either for a one-off project, or maybe as an ongoing internal department that work together e.g. the accounts team, marketing team, sales team or admin team. The teams can be created to be both private or public, addressing a broad range of communication requirements, both inside your organisation and with parties outside your organisation. Whatever the ‘team’ is, Microsoft teams is like a centralised place where you can chat, share files, store information, and easily find information pertaining to your ‘team’. No more going over to Jim’s office to ‘find the file’. Because it is all here. In one place. Advantages of Teams:
Channels: What about Channels? Think of Teams as a way to ring fence people together, there are no hard and fast rules. Teams is like Netflix, and Channels as the genres within Netflix – anyone for a good Drama? Sci-Fi? Thriller? That’s the one. Channels are the segments within Teams. Your teams Channels are dedicated sections within a Team to keep conversations organized by specific topics, projects, discipline. Channels are places where conversations happen and where a lot of collaborative work gets done. Different types of Channels:
Private channels: Each private channel has its own settings that the channel owner can manage, including the ability to add and remove members, add tabs, and @mentioning for the entire channel. Shared channels: These create collaboration spaces where you can invite people who are not in the team. Only the users who are owners or members of the shared channel can access the channel The setup for a shared channel requires some knowledge and thought about how you go about it. They are really powerful if used correctly, you can have one channel that lives in many teams, cool right? THE HOW TO PART….. Creating a team is easy, like really easy. So easy that they can become messy fast. Before we create a team it pays to spend a bit of time thinking about the structure of the teams in relation to the business. For example a team for each sector, the partners, customers, suppliers, projects, business, job types, locations, level (SLT, management, everyone), department. As well as this we also want to look at the work stream, the companies growth and who will be accessing teams. To make teams scalable you need to do some business analysis, which is where we can help. Understanding the full picture of technology and where this intersects with your business and how you can efficiently deliver teams to ‘make it work’ is the ultimate plan. Technology projects are there to provide improvement, not just change for change sake. Create a team Creating a team is simple. All you need to do is go to the left side of Teams, click Teams, at the bottom of the teams list, click Join or create a team, and then click Create a new team. Once you’ve created the team, invite people to join it. Boom easy! Create a channel in a teamThe next thing you will want to do is to find the team that you created, click More options … > Add channel. You can also click Manage team and add a channel in the Channels tab. In Summary: Teams and Channels are simple in theory but can be really hard to understand and to implement in a way that works for your business. Talking about how it works won’t show the benefit or the full picture. Having a demo of teams can take you through how it all works and explain it in simple terms. For further assistance, please reach out to us here. If you own a business, it is important to have a cyber security policy:
This is not only a guide and reference to be used internally with your employees, but also as a reference point to deal with any external data from customers. Your Cyber Security policy should be thought of as a moving, changing entity that will need to be updated regularly to keep up with technological advancements, and any changes within your business. What does your Cyber Security policy need to cover? Firstly no two cyber security policies will be the same. Your Cyber Security policy will be unique to your business, depending on your particular type of business, and what kind of data you deal with. The first thing you need to do is to identify the particular risks for your business. If you are an accountant for example, your focus is on how you deal with customers’ personal information, bank details, IRD number etc. Once you have worked to clarify your specific risks, you can then prepare for what to do if something goes wrong. Your IT Alliance member has knowledge of a wide variety of industries, and will be able to assist you to clarify what you need to be mindful of. Having a clear plan in place, means that everyone in your organisation knows what to do, who is responsible for what, and what processes you have in place to mitigate the risks. You will also need to create two cyber security policies. One, an internal one for employees, and the second one is a public one for customers. What needs to be included in the Policy? The below information has been taken from the Cert nz website Cert NZ suggests that you break your internal policy down into different areas. This should cover how you handle data safely and securely — both your business’s data and your customers’. Think about: Data
Systems It’s important to identify what systems you have, and which ones are critical to your work. Consider:
Security and protection Security and protection covers how your staff and customers access your systems and data. It means thinking about:
People and users You need to think about what you consider to be acceptable use of your business’s systems. How do you expect your staff and your customers to interact with them? Make sure you set expectations so they know:
Physical devices and systems When you think about protecting your business’s devices and systems, make sure you cover both:
Problems and incidents You’ll need to define what you and your team will do when things go wrong. This means creating an incident response plan to map out what you’ll do during, and after, a security incident. It can be a stressful time for both you and your staff, so it’s good to be prepared in advance. What next? Our team are used to helping companies like yourself with creating a Cyber Security policy for your business. Contact us here to discuss this further. Internationally well know companies such as Apple, Meta, Twitter, and Samsung have all disclosed cybersecurity attacks this year.
In the most recent quarter, CERT NZ responded to 2,001 incident reports about individuals and businesses from all over New Zealand. In New Zealand Phishing and credential harvesting remains the most reported incident category (from CertNZ) Australian telecoms company Optus – which has 9.7 million subscribers, suffered a “massive” data breach this year. According to reports, names, dates of birth, phone numbers, and email addresses may have been exposed, while a group of customers may have also had their physical addresses and documents like driving licenses and passport numbers accessed. IBM found the cost of a breach hit a record high this year, at nearly $4.4 million. So how does a data breach happen? Data breaches happen mainly when hackers can exploit user behaviour or technology vulnerabilities. A data breach involves any unauthorized access to confidential, sensitive, or protected information, and it can happen to anyone. The threat surface continues to grow exponentially. We are increasingly reliant on digital tools such as smartphones and laptops. With the Internet of Things (IoT), we’re adding even more endpoints that unauthorized users can access. Popular methods for executing malicious data breaches include:
Data breaches cause business downtime and can cost your reputation and bottom line. Once you’ve had a data breach and it has been made public, your customers may lose faith in your ability to protect their private information. Universal Support can support you with this. Please contact us here. Network monitoring continues to be crucial for businesses in order to be productive and avoid serious threats from network failures and server downtime.
What is monitoring? Monitoring is the practice of routinely monitoring all the components within an organization’s network to track, measure, and troubleshoot performance issues, failures, or deficiencies. The advantage of automated monitoring software is that it speeds up the very time-consuming areas of network monitoring. These tools help uncover what might be overlooked with manual network monitoring. Why monitor your network?
Some of the most common performance issues include:
How should I monitor? When establishing your monitoring practices, you need to consider which reports you use as measurements. These are some common ones:
Failure to monitor your network will cost you lost time and profits. Your IT Alliance member will establish a comprehensive monitoring program to meet the many challenges that your system faces. At a minimum, your monitoring program should employ the following steps:
In Summary: There are many involved reports that can be automatically generated by the monitoring software. The good thing about having all of this done automatically by your IT Alliance member is that anything outside of the parameters of normal will (mostly) be flagged immediately, and automatically fixed. Failure to monitor in this modern way of working with remote users now becoming an everyday occurrence could cost your company in downtime as well as many other issues. Contact us here to discuss your individual needs Nothing is more true than the fact that IT moves quickly these days!
Part of keeping up with IT and the rapid changes is making sure that your business has the right equipment to do the task. In this article we will be providing a few ideas for how to make a plan/budget for new or replacement equipment, as well as offering you some information on leasing. Firstly budgeting for IT hardware Most businesses will have a budget for IT hardware and other goods and services that they need to operate. Our advice is that if you have more than a handful of computers, you will benefit from forecasting and budgeting for IT expenditure. Once your business is established, there is a very good chance that you will need to replace your IT equipment every few years. Such a good chance, in fact, that you can plan on it! Drawing up an IT replacement schedule helps you plan well, and helps ensure you have the funds when you need them. This can be done in conjunction with our team at Decision1. If you don’t have a list already, we can do an audit of the IT equipment that you have, the date it was installed, and therefore when it is likely to need replacing based on its expected life. This asset management plan needs to be revised every year for budgeting purposes. We strongly suggest that you do this years in advance of when you actually require upgrades. It’s not hard to do. This list can help you have a clear and actionable plan on existing equipment, when warranties expire, and the requirements for a staggered plan for new hardware. A look at leasing: Whilst many of our clients purchase outright as the overall cost is lower, leasing can be a good option for when you are starting out, if your business is expanding rapidly, or if cash flow is wrapped up in other parts of the business. Leasing turns capital expenditure which has to be depreciated, into a monthly payment that is immediately expensed. It can also be an advantage in keeping assets off your balance sheet – speak with your accountant or advisor about this. Obviously the disadvantage of leasing is that you are using someone else’s money and so they will need to charge you for that, as well as for their efforts! You could arrange your own finance and purchase, instead of leasing, in which case it pays to do your research on interest rates. Upgrading your technology for modernisation and expansion and to get more reliable up-to-date technology is very important, as using outdated technology can cost money and time (and expensive IT call outs!). Sometimes it is a case of weighing up your options here. Using leasing options, your business may be able to move forward more quickly then it otherwise may have been able to, financed in a way that suits your budget or cash flow. Whilst leasing is more costly than buying in the long run, one of the advantages is that you can establish predictable payment structures aligned to your needs, taking the stress out of an upfront payment. This all means that you can get the technology you need with the budget you have today by utilizing IT leasing arrangements. “When I became self-employed 20 years ago, I got my first laptop and setup via Flexirent, as it meant I didn’t need to spend the cash and then have the asset/depreciation. Instead, I kept the cash, and the entire cost was a relatively small monthly expense. So, sometimes, especially for new start-ups, it means you can save your cash for something you do need, or as a reserve. For more mature companies, taking a lease for gear, means that the cash can stay with you, which can help with liquidity.” Comment from ITA member. Leasing options: These are just a few of the leasing options that some of our IT Alliance members use. This is by no means conclusive, and we are not aligned with any of these companies. All of our advice is simply that, advice. Please make sure you do your own thorough research on this subject. Never before has the saying ‘read the small print’ been more applicable. We strongly advise that you speak with your financial advisor and or accountant about this. Feefunders From Fee Funders website: Your business receives 100% of the customer invoice paid upfront, whilst your customers enjoy the flexibility of monthly installments. Fee Funders manages the monthly customer’s payments by direct debit over three, six, nine or twelve months . Your business achieves upfront cash flow at no cost. Your clients pay a basic interest rate to achieve a spread of their outgoings. It’s like outsourcing a spread payment option for free!
Flexicommercial Flexicommercial offers your business flexible equipment finance solutions. The credit criteria for finance varies depending on whether you are an existing or new business and the required amount of finance.
Hint – Leasing companies will usually be quite happy to include IT engineer setup costs in the value of the lease. For larger or more complicated systems, this can be quite a substantial part of the project costs. This means you can also expense those costs as well. In summary working closely with us to do an audit of your current equipment, and make a plan for future expenditure, makes good business sense. Something that makes this type of IT cash-flow of forecasting easier, is if you work with an MSP (managed service provider). Being on a Managed Service agreement removes many of the fluctuations of IT budgeting as generally you pay a fixed monthly fee for IT support. Reach out to us here What should I be doing to secure my business?
One of the first things about Security is realizing that security is much more than stopping people “hacking in”. It is fundamental to any business to have a business continuity plan (BCP). If you plan for a power outage what happens? Your IT systems will be down. Can I use the same plan if an outage occurs to my IT systems and it’s not a power problem? Security is the foundation of resilience. The hardest part about security is getting started. Often, it’s on the “to do list” until it’s too late. Hopefully you have already talked to your IT Alliance partner and had the security business continuity conversation. If not “What should I do first” is a common question? Rather than recommend one single thing, the answer should be – “Have a plan” So, what does your plan need to cover?
Look at your plan as being a holistic business continuity plan, that is a living document. Continually revisit, update, fire drill, and improve. Many of the incidents we see disrupt business are due to poor Cyber hygiene not some advanced nation state hack. Do the following to enhance your security:
Can my staff trust that the Cyber workplace is as safe and secure as possible? If it is, you will see productivity and creativity flourish, staff retention rises as well as the ability to recruit new staff. “She’ll be right” – Is not a plan! “No surprises” is a plan. For further advice, contact us to discuss creating a plan for your business. By Paul Caldwell – Microsoft Security BDM Often people are suprised by the costs of owning a website, as well as what is required to actually get the most out of your website.
Here we look at the costs, and ways that you can maximise benefits from your website: 1) Hosting: this can be either a monthly or annual fee. 2) Regular maintenance, security and updates: A service provided by your IT provider to help stop your site failing, glitching or getting hacked, 3) Routine backend maintenance of your site. 4) Keeping your website updated and fresh: This includes adding fresh content and articles, for example updating photos and keeping product details updated. 5) Small change requests: Whilst many web development companies might build you a site, they may not be equipped or even well suited to handling small change requests. Finding someone who handles IT tickets all the time every day means that you can just email your request and it will be done. 6) Knowing who is visiting your website. This is crucial to the success of your website. You must analyse who is visiting and how you can improve your organic reach. You can get reports for as little as $5 a month, or more detailed custom report which help to understand who is visiting your website. 7) Marketing your website: In other words actually getting visitors to your website
More on website Hosting: Once your website is developed you may find that there are so many web hosting options, that it feels slightly overwhelming. Before you go with the one with the cute adverts, or the cheapest ones, here are a few crucial things to consider:
What you need to know about Web Hosting ?
Your ITA member will ensure that the hosting they provide for you is high functioning and gives you good value. With the myriad of options that are available, this saves you valuable time and money. In Summary: Knowing some of the costs of owning a website at the outset helps with budgeting for success with your website. The advantages of having a good quality web host are many. It really does help with the success of your website in the long run, as well as stand you in good stead with your website security. We can help you with this important decision by providing information on how best to progress with your budget and strategy. Contact us here What actually is the CLOUD?
Great question. The term ‘cloud’ can cause some confusion as it can make us believe that data is stored somewhere in the sky. The truth is that data is still physically stored by companies who offer cloud storage. The cloud is basically “a large computer somewhere else.” Cloud storage warehouses are huge business. They have dedicated servers whose sole job is to send and receive data all day. The spaces are massive, with rows and rows of servers, sometimes upwards of 1 million square feet. There are two key types of cloud-based services:
Why would you move to the Cloud? Storage Space: When you move to the cloud, you no longer have to store all that data on your own hardware. You still have access to your documents, media, or reports, but the third-party provider will likely have more storage space and processing speed, making your onsite technology function better. Minimising Risks: By moving to the cloud, you are cutting out common cybersecurity risks. You don’t risk storing data on laptops, which can get lost or stolen. You also end the need for thumb drives (or USB drives), which can also be stolen or lost. Plus plugging in these external devices can also expose you to viruses or other risks. Security: Sometimes we feel our data is more secure having our data on-premises, but these days that isn’t always the case. Data can be safer in the cloud than on-site at your business. Advantages of the Cloud:
When the Cloud might not be your best option: Internet Connectivity: Cloud migration makes your business reliant on internet connectivity. If you have frequent outages or slow speeds, these conditions are not great hosts for cloud computing. Make sure to get this sorted out with your IT Alliance member first. Large amounts of Data: For some companies that have huge amounts of data transfer, such as video editing, the cloud may not be the best option. Limited local support: A lot of the Cloud storage centres are overseas, which may mean that the support is limited, and service sub-par. Costs of the Cloud: The costs can be high with cloud hosting and sometimes. In talking with your IT Alliance member, you can work out what is the best option for your business. “One IT Alliance member moved their client from Cloud hosting to a physical server as the client had experienced such rapid growth that the fees for the cloud were becoming hefty. The savings worked out to be over $50,000 to purchase a physical server and pay for the IT Alliance members services” Making your data more secure in the Cloud: Encrypt your data: Make sure you contract with a provider who will encrypt data in transit. This makes it more difficult for hackers to get at your information. Multi-Factor Authentication: Enabling multi-factor authentication can also help secure data by adding layers of security. It moves your data security beyond just asking for a username and password. Compliance Regulations: Depending on your industry, there may be particular standards for data storage. Encryption is a common compliance expectation. Training your team: Training your team on the importance of securing data is important, especially with people working remotely and connecting from off-site locations. What next? To cloud or not to cloud is a question that requires discussion. Our team can help you sort out what the best option is for your specific needs. Contact us here. All about a Cyber Security Policy:
If you own a business, it is important to have a cyber security policy. This is not only a guide and reference to be used internally with your employees, but also as a reference point to deal with any external data from customers. Your Cyber Security policy should be thought of as a moving, changing entity that will need to be updated regularly to keep up with technological advancements, and any changes within your business. What does your Cyber Security policy need to cover? Firstly no two cyber security policies will be the same. Your Cyber Security policy will be unique to your business, depending on your particular type of business, and what kind of data you deal with. The first thing you need to do is to identify the particular risks for your business. If you are an accountant for example, your focus is on how you deal with customers’ personal information, bank details, IRD number etc. Once you have worked to clarify your specific risks, you can then prepare for what to do if something goes wrong. Your IT Alliance member has knowledge of a wide variety of industries, and will be able to assist you to clarify what you need to be mindful of. Having a clear plan in place, means that everyone in your organisation knows what to do, who is responsible for what, and what processes you have in place to mitigate the risks. You will also need to create two cyber security policies. One, an internal one for employees, and the second one is a public one for customers. What needs to be included in the Policy? The below information has been taken from the Cert nz website Cert NZ suggests that you break your internal policy down into different areas. Data This should cover how you handle data safely and securely — both your business’s data and your customers’. Think about:
Systems It’s important to identify what systems you have, and which ones are critical to your work. Consider:
Security and protection Security and protection covers how your staff and customers access your systems and data. It means thinking about:
People and users You need to think about what you consider to be acceptable use of your business’s systems. How do you expect your staff and your customers to interact with them? Make sure you set expectations so they know:
Physical devices and systems When you think about protecting your business’s devices and systems, make sure you cover both:
Problems and incidents You’ll need to define what you and your team will do when things go wrong. This means creating an incident response plan to map out what you’ll do during, and after, a security incident. It can be a stressful time for both you and your staff, so it’s good to be prepared in advance. What next? The team at Decision1 are used to helping clients with their Cyber Security policies. Reach out to us here and we will be able to assist you. We love an upgrade, and the IT button is no different! We have been very busy making this neat little tool even better. Do you have any thoughts for our next upgrade? We would love to hear your ideas and suggestions. Send them to ask@universalsupport.co.nz
Many IT technicians had call-outs from clients after the recent storms. Thunderstorms can literally fry electronics, and this causes not just replacement cost, but also work disruption and even possibly data loss.
Given the recent spate of storm events, and the weather experts saying we’re going to get more in the future, now is the time to check your IT gear is protected from weather events. New research from NIWA (National Institute of Water and Atmospheric Research) has shown that extreme events have occurred four to five times more frequently in the last decade. Many technicians carry surge protectors in their cars, so that whenever they are working, they can ensure that sensitive IT equipment is at least surge protected. But for clients we see less often, or who are not on a managed service agreement, it’s easy for IT devices to not be surge protected. Your staff, cleaners or others will sometimes move plugs about. Be aware that this does matter. Now is a good time to have a look at your computer equipment, or ask your IT Alliance partner to do it for you next time they are onsite. Here are our top tips to protect your IT – how do you stack up?Surge protectors A surge protector guards against the damage that sudden power surges can cause.
An uninterruptible power supply (UPS) is an electrical apparatus that provides emergency power when the mains power fails.
While surge protectors can last for years, it pays to keep a close eye on them and replace them if needed. :
So it didn’t work with your newest employee, in fact it didn’t work out would be an understatement…they left under quite a cloud! A recent Symantec study states that “half of the employees who left or lost their jobs in the last 12 months kept confidential corporate data and 40 percent plan to use it in their new jobs.” You’ve got the work laptop/computer back, but have they deleted things? How do you know what they were doing and looking at before they left? They used their own devices for work, do they still have their work material? What to do when employees don't leave on the best terms? The vast majority of staff finish employment and move on with no issues. But occasionally people leave in less harmonious circumstances, or they are just plain dishonest. We’d like to cover off on some of the basics to ensure that your risks are minimised for if, or when, this happens to you. Importantly, it makes a big difference what systems you use and how you are set up, so keep that in mind. For the purposes of this simple article, we assume you are a small to medium kiwi business, with a fairly simple IT setup, using one of the lower-level Microsoft 365 licences for your email document storage and sharing. Set up the employee properly when they join and have proper security. To get the best outcome when an employee leaves you need to start when they join the company. Practice ‘need to know’ access to systems and data:
Set up an off-boarding system The obvious (we don’t want to tell you how to suck eggs with your HR, but people sometimes don’t do these things, or forget) things to do when the person leaves:
The not so obvious things Of course IT being the mysterious being it is to most of us you might not consider the less obvious things to do:
Use technology to protect your organisation. If you are on a lower level 365 licence, such as Exchange Online, Business Basic or Business Standard, then talk to us about the benefits and costs of moving to a higher licence with more security features such as 365 Business Premium. For example, configure 365 to prevent bulk downloading of company data, etc. In Summary: Put in place protections now, so that you have them there before you have a problem. Once the person has left, it is often too late. In general, these suggestions are a good place to start with ensuring your business is protected. If you need a hand with any of these steps get in touch with the team at Decision1 In IT we love to use fancy jargon, and Managed Service provider or MSP is no exception. In this article we will break down what an MSP is, how it can help your business, and use some real-life examples of businesses. like you, who have made the switch to an MSP.
Firstly, what is a Managed Service Provider??? In a nutshell an MSP is your ‘outsourced IT Dept’ that provides proactive IT support. An MSP provides preventative measures, detecting most issues long before they become a problem. The mission of an MSP is to protect your business from costly downtime and ensure that business continues seamlessly. What is the break-fix model of IT support? In contrast the ‘break-fix’ model of IT support is when you call an IT company when something breaks, and they come and fix it, on an adhoc pay by hour model. There is no ongoing support or preventative security measures taken. Top advantages of an MSP for your business: We become an IT partner to your business: As an MSP we are interested in understanding your entire business. We see ourselves as a business partner who wants to help your business to succeed and grow. This is quite different from the ‘break-fix’ model. We anticipate a long-term working relationship with your business. Proactive IT Support: As an MSP, our mission is to keep your business technology safe and available, and to anticipate your needs and requirements. This means minimum costly down time, and maximum business continuity. Knowledge of your needs: As we have a long-term relationship with your business, we become closely acquainted with your IT systems, and your personnel. Because of this we understand how the parts make up the whole, rather than just offering a quick short-term solution, which may be costly in the future. Cost savings: By outsourcing your IT management to us, you get a well-informed IT department on your team, without the cost and responsibility of training, recruiting, and retaining staff. Case-Study “An IT Alliance member had a company who was reaching out to them on a ‘break-fix’ basis. During Covid the IT Alliance member reached out to them to discuss become their MSP. They sat down and discussed what this actually meant, the services that the MSP offers, and the priority that is given to MSP clients. The client has been using them as an MSP for over two years now, and happily sings their praises, saying that having an MSP has revolutionised their business. No more waiting for IT support, no more downtime and so much more alignment” So, what does an MSP actually do? Remote Monitoring: An MSP proactively monitors, patches, and updates your software on an ongoing basis with 24/7 monitoring. This is all done in the background on an ongoing basis and requires no input from you. Security: As an MSP we constantly review your systems to identify and address vulnerabilities. We can keep up with system updates, software patching, antivirus and more. It would be difficult for any business to keep up to date with all the daily security alerts. With an MSP this is all taken care of and is one less thing to worry about, so you can focus on your business. Optimising hardware: An MSP provides information on optimal hardware that synchronises across your business. This includes laptops, desktops, and mobile devices, plus your network and servers. We can work with you to understand your growth requirements and work on the best timeline for your budget. Strategic advice: As IT is our passion, we hear about a myriad of tools that may be of benefit for business goals. We share this advice with you, rather then you having to research or find out how you can optimise technology for your needs. Regular reviews: As an MSP client, you are a priority which means that we schedule in regular proactive reviews. No more waiting on the phone to talk to someone to get IT support. Business Continuity and disaster-recovery strategy: Nowadays it is crucial that you have a solid data-backup plan. We can help you with this process and ensure that everything can be efficiently restored should the need arise. So what do I do now? So now you have an overview of what an MSP is, and how they can help your business. The next step is talking to the team at Decision1 about your specific needs. Please feel free to reach out here for further advice. Cyber Insurance – Do I really need it?
Cyber Security is a very real threat to businesses in New Zealand these days. Here we look at Cyber Insurance, what it is, what the laws are and why you need it. Why do you need Cyber Insurance? Cyber attacks on businesses in New Zealand are increasing in both sophistication and frequency. High profile companies like Air New Zealand partner Travelex, Fisher & Paykel Appliances, Toll Group, Garmin, Canon, Honda, BlueScope Steel, Lion, transport giant Toll Group, Twitter, MetService and most recently even the NZX, are just some of the organisations to have been targeted by cyber criminals. However it is not just the big companies, many small businesses are also being targeted. It really is a matter of ‘when not if’. What is cyber insurance? Cyber insurance is designed to fill the gap that traditional insurance policies don’t cover, minimising the impact of cyber incidents by providing cover for your own loss and third party costs. It provides your business with a structured crisis response plan and assists with returning to ‘business as usual’. 1.Won’t my general liability policy cover cyber liability? General liability insurance covers bodily injuries and property damage resulting from your products, services or operations. Cyber insurance is often excluded from a general liability policy. It pays to check your current policies and ask questions. You may find that your other business cover won’t respond to a cyber or data breach claim. The law has changed The new Privacy Act 2020 which came into effect on 1 December 2020 means that all businesses now have legal requirements surrounding The new Act requires mandatory data breach reporting if it’s reasonable to believe that the breach would cause serious harm to an individual. For example: If you’re engaging with a service provider to hold your clients’ personal data, for example a cloud-based CRM system, you remain responsible for the security and use of that personal information. If a Cyber breach were to occur, you would be held liable. What does Cyber Insurance cover? Ensuring business continuity and safeguarding your business from Business Interruption will enable you to return to the same financial position you were in before a Cyber event. The benefits of Cyber Insurance will depend on the type of policy you take out but can include: - Access to a dedicated and experienced team of experts if an attack occurs - Protection from loss where you are legally liable to others - Cover for your financial loss if your business is interrupted due to a Cyber event. Things to look out for in your Cyber Insurance policy:
What is the likely cost of Cyber Insurance? Like most insurance, premiums vary by insurer, the type of cover selected and your risk profile. As an estimate a policy with $100,000 cover could cost as little as $600 per annum. All businesses need a security plan to protect their business and they should consider a Cyber Insurance policy as an essential part of this plan. What else can you do in the war against Cybercrime? There are basic things that you can do to ensure good Cyber security. In this recent blog we share some top tips for your company. Top tips to avoid cyber security threats: CERT NZ has a number of useful and practical resources for businesses on keeping systems and data safe from cyber security attacks, including cyber security risk assessments for business, cyber security awareness for staff, phishing scams and your business and protecting your business online. CERT NZ offers the following tips for simple, practical steps for businesses. 1. Install software updates 2. Implement two-factor authentication (2FA) 3. Back up your data 4. Set up logs 5. Create a plan for when things go wrong 6. Update your default credentials 7. Choose the right cloud services for your business 8. Only collect the data you really need 9. Secure your devices 10. Secure your network 11. Manually check financial details For more info and links click here: https://www.fma.govt.nz/assets/Guidance/Developing-cyber-resilience-for-financial-advice-providers.pdf Cyber Security is a very real issue facing business owners these days. If you would like further advice on Cyber Insurance please feel free to reach out to us here Meet Quality Food Southland:
Meet Quality Food Southland or QFS for short. What started as a humble bakery and Café in the 1900’s by Annie C Miller, grew into New Zealand’s leading manufacturer in butter-based bakery products and sauces. They are the largest exporter of butter pastry in NZ. Up until a few years ago they were struggling with their systems and processes. Document Management and Approvals headache! Their document management and approval systems were completely manual. This meant a LOT of paperwork, and complex filing systems as each product version had to be kept on hand. There could be many iterations which make things complicated. Their approval process was also a headache. QFS had eight different approval processes. At each stage, approval had to be signed off by three different signatories. As you can imagine there was a lot of paper, storage and wasted time, not to mention the risk of making a mistake, was really high. Aiming for Change: Ideally, the team at QFS were keen to make a few improvements. Document storage and security were key. They wanted to get rid of the complex document folder structure while managing and keeping all their file changes. They wanted to replace the manual time-consuming approval process for an online version, complete with change notifications, tracked changes and approval process stage indicators. Essentially, they wanted to have the process more manageable, consistent and streamlined. Empowering QFS with Microsoft: After consulting with an IT Alliance Member, the QFS team decided that the best course of action was to have these seasoned professionals cook up a nicely balanced solution using some Microsoft products called SharePoint, Power Automate, and power apps. These were all available through having Microsoft 365. SharePoint helped create an online document management system that had version control, search features and navigation that made finding documents and using them easier. It even had a check in and out function. You could track your changes so that everyone was always up to speed on any project. Power Automate helped QFS to automate their business processes and approvals using tailored notifications and automated data entry, saving plenty of time and increasing the accuracy of the approval process. Power apps helped to collect information and display where everything was in the process so that the project could be managed much more easily. The End Result: QFS ended up with a very slick looking web-based system thanks to Microsoft 365 and its added products. The best part is that it is all in one place. The new system stores all documents, manages document check-in/out, maintains all version history and records document changes. It allows users to check-out a document, make the required changes then completes the document approval process from start to finish. It includes notifications to stakeholders, updates progress and document control lists throughout the process. On approval, it creates a pdf version and stores it in a duplicate SharePoint suite used by “view only” staff. The result helps their business run more efficiently, with less risk. Sounds too good to be true, right? To find out more contact us here WINDOWS 11 – STOP THE BUS!
So many of our clients around New Zealand have been asking us about Microsoft 11. “Should I upgrade?” “Should I wait?”. It’s new and everyone wants the latest and greatest right. In this case, however, it may be best to WAIT With most upgrades, updates are something to install as a matter of course. The manufacturer, after all, is delivering new efficiencies, improved processes, and increased security, so why wouldn’t you? Well with Windows 11 it’s not quite that simple: First of all, Windows 11 has been called “the biggest update we’ve seen to Microsoft PC software in more than half a decade.” Why you don’t need to rush this upgrade:
Most importantly, Microsoft has said it will support Windows 10 until October 14, 2025, so there is no need to rush any decision.
A sneak peek of what can you expect from Windows 11: Windows 11 is a redesigned operating system aiming at improved user navigation. Expect:
If you do decide to go ahead here are some things you need to know….
Other tips: If you are in the market for a new laptop, make sure you’re getting one with Windows 11 pre-installed. That way, you’ll be sure to get one that will be able to run the new operating system without hassle. Your IT specialist may have already suppressed some of the reminder notices for you, so that you don’t get asked to upgrade all of the time. However, they can’t stop them all. If you see the official Microsoft screens saying ‘click here to install Windows 11’ our suggestion is to not do anything and just wait. It might be a good idea to also inform your team to do the same. Conclusion: One thing to be mindful of is that if you do go ahead and install Windows 11, any problems you encounter may not be covered by your IT specialist under your current plan. However, if you are sitting at your computer reading this and are still using Windows 7 and Windows 8, its definitely time for an upgrade to at least Windows 10. Windows 7 and 8 are no longer supported by the manufacturer and without support or security updates, these systems are vulnerable to malware attacks. In conclusion the best thing to do is to talk to us about this upgrade to Windows 11 to see when and if it is right for you. The POWER Trifecta Solution for Document Automation
The environment in which we operate has significantly changed. Businesses in New Zealand have been driven to embrace remote working. Every good business is constantly on the hunt for new ways to improve their efficiency, keep their costs down, and increase productivity and profit and decrease risk. What if we told you that you might be sitting on a goldmine of opportunity? Having Microsoft 365 is bit like owning a spaceship. You know what it’s used for, but how to use it? Let’s unpack it a bit further. Most Common Problems The most common problems we hear of through our IT Alliance network around the country are:
Making the most of Your Microsoft 365 Sharepoint and Power Automate are both free with your business Subscription. Did you know you could use them in these ways? Microsoft SharePoint SharePoint (their free document management system) can seem overly complicated because it can offer so much. But it doesn’t need to be so scary. You can start small and use more functionality as needed or as you grow. Basically, it’s a platform that offers content management and collaboration. It helps with reducing duplicate files, gives you remote access (needed more than ever!) and allows you to work on the same document at the same time. Find out more about SharePoint here: Microsoft Power Automate This is another free app that allows you to automate workflows across applications. You can use it to connect email and instant message alerts, synchronize files between applications, copy files from one service to another, collect data from one app and store it in another, and much more. Templates are available to get you started. Efficiency is key for sustained success across businesses and Power Automate assists this by simplifying workflows with the automation of repetitive tasks. Power Apps This is a low-code application development platform that integrates with Microsoft 365, Dynamics 365, Azure and more. With Power Apps, web and mobile applications can be built without writing code. Instead, you can use pre-built templates and components with drag-and-drop simplicity. Power Apps has been described as a bit like a meal delivery kit. The ingredients are pre-measured and chopped. The instructions are ready to go. All you have to do is prep and cook. Because Power Apps has advanced logic and rules built-in, development time is cut by 70%. In some cases, it takes just a few hours to build an app. Or you can customize one of the pre-built templates in just minutes. Plus, Power apps connects to hundreds of business systems and databases. Here are some impressive statistics to show how Power apps is super useful.
Real Business, Real Change Quality Food Services is the largest exporter of butter pastry in NZ. Up until a few years ago they were struggling with their documents and approvals as they were complicated and manual. They used SharePoint to create an online document management system that had version control, search features and navigation that made finding documents and using them easier. You could track your changes so that everyone was always up to speed on any project. Power Automate helped QFS to automate their business processes and approvals using tailored notifications and automated data entry, saving plenty of time and increasing the accuracy of the approval process. Power apps helped to collect information and display where everything was in the process so that the project could be managed much more easily. All of this saved them time, money and decreased their risk significantly. Contact us to find out more. Meet Northland Kindergarten Association:
The Northland Kindergarten Association or NKA, has 25 kindergartens between Kaitaia in the Far North, to Ruawai in the heart of Kaipara. NKA were concerned about their IT setup, so they approached an IT Alliance member with the below key issues:
What was discovered:
Empowering Kindergartens with 365 Teams: The IT Alliance member suggested to NKA that they could use Microsoft 365 Teams to empower their kindergartens using the following steps:
How it helped them: They moved all their documents into the cloud using a feature of Microsoft 365 called SharePoint. It helped them organize their document management so that they could share and manage content across the entire network of kindergartens. This saved them time, improved consistency and made their documents more secure. They also improved training, communication and connectivity within their team. They had a whopping 120+ attendees at their annual conference. Due to Covid, they had to host the event online. Microsoft 365 Teams came in very useful. Again, training was provided, and they had two run throughs so that they could help anyone with login, microphone and camera issues. Their event went on for 5-6 hours and went off without a hitch! The Education Review Office, and five other national guests were able to present vital information easily. They broke out into subgroups for discussions using the meeting room function. Their CEO even pre-recorded his video message. One of the risks of always being online is that they were worried that they might miss a quality engagement. Luckily 365 Teams gave them the ability to engage. They were able to raise a hand, ask questions in the chat and follow along from home. Overall, it was much less expense than an in-person event! The end result: Overall, implementing Microsoft 365 Teams into NKA empowered their association with better cybersecurity, improved communications, empowered resource sharing that saved time and decreased event costs whilst maintaining event engagement. Not bad for one system in one place! “We were grateful to have streamlined our processes and we now have one point of contact for all our sites. We enjoy having a consistent service throughout our organization. It means that the team understands what we need, and we know we are providing top notch service to our kindergartens.” Lloyd Gurr Head of Projects, Northland Kindergarten Association. Learn more by contacting us here Microsoft Planner is a tool within the Microsoft 365 suite. Planner is an easy way to organize teamwork with intuitive, collaborative, and visual task management. Planner is simple, easy to use for new users, and included in the licensing for all enterprise plans, education plans, business essentials and the Microsoft 365 business premium plan.
Advantages of Planner:Planner improves teamwork by organizing a Microsoft 365 group or team’s tasks, files, and conversations. Planner helps to organize your tasks by adding one or more Planner tabs to a team channel. You can then work on your plan from within Teams, remove or delete your plan, and get notified in Teams when a task is assigned to you in Planner. All tasks are easily accessible in one place: Plans comprise content-rich tasks that contain expected details, such as due dates, and extra elements like color-coded labels and files. Automatic chart report: Planner automatically visualizes task status into pie and bar charts for you with no setup required. Work where you want: Use Planner wherever you’re working. At your desk? Open Planner from tasks.office.com. On the go? Update tasks from your mobile device. In Microsoft Teams? Select the Tasks app powered by Planner and Microsoft To Do. Connect across Microsoft 365: Planner is part of Microsoft 365, so it’s highly secure like your other Microsoft 365 apps. Microsoft 365 also connects Planner with Microsoft to Do, SharePoint, Power Automate, and other apps for efficient task management. Manage all your tasks in Microsoft Teams: Planner and Microsoft Teams work well together. The Tasks app in Microsoft Teams combines all your team tasks from Planner and individual tasks from Microsoft To Do with advanced collaboration tools. How to add planner: In your team channel, select Add a tab +. In the Add a tab dialog box, choose Tasks by Planner and To Do. Create a new task list to make a new Planner plan and add it as a tab to this channel. Use an existing task list to choose an existing Planner plan to add to a tab in this channel. Choose whether to post to the channel about the tab, and then select Save. The tab will be added alongside your other team channel tabs, and you'll be able to start adding tasks to your board. Six Tips to use planner wellUse the buckets: Microsoft Planner lets you create buckets for various tasks. Within each bucket, you can create specific assignments. The calendar feature: The calendar is very important for keeping everyone on task. Items in the calendar can be assigned both due dates and a specific task owner. This helps individuals know who is responsible for what and whether or not they are on schedule. Checklist: You can create a checklist to keep on top of tasks. This checklist can be a list of necessary actions for this project. As the assigned user works their way through the project, they can check off individual items on the list. This creates an effortlessly easy visual to be able to track progress. Categorise tasks easily You can create easy visual categories for tasks by color-coded labels and priority. For example, you might split things up into “low-priority,” “medium- priority,” and “high-priority” based on deadlines. This is visually easy for your team to follow as they can see what is coming up on their calendar and what is a priority. Easily integrates with 365 With Microsoft Planner, you can integrate easily with 365. This means that you can take advantage of Outlooks calendar and reminder features. This helps keep your employees focused and on track every time they open their e-mail. Connects to the Cloud Members of the team can upload various files as attachments to different projects and cards. Once the file is attached to Microsoft 365 Planner, everyone has access to it via the cloud. You no longer have to worry about vital information being unavailable to the rest of the group. In Conclusion: Planner is a wonderfully simple, yet effective way to manage projects across a team and to improve communication and efficiencies. More then just that flashing box, lighting up like a disco in the corner of the room, routers play a particularly important role in keeping your business safe, and your data secure, as well as creating efficient, and safe remote working conditions.
Here we look at the role of the router, and what you can do to ensure you have the right one for your business. Think of your router like an important Traffic Officer only allowing approved content in and out of your business. The difference between an entry level router and a higher quality router, provided by your IT Alliance member is a lot. Sometimes it pays to think outside the box, and not just take the router provided for free in the box. Top reasons why you need a good quality Router:
SECURITY TIP“You must always change the factory default password for the router and ensure that the firewall and other security features are in fact enabled”. Ever been confused by the codes that come up when you go to log in to your network? WPA2 and AES are the best settings to secure your Wi-Fi from hackers. Remember that if a hacker is able to breach your network, they could steal important information, like bank details, or even your identity. We strongly suggest against using an open network. An open network means you won’t have a password, so anyone can have access to your Wi-Fi and all of your devices. Make sure to apply WPA2 to your router for improved protection of your online information. In Conclusion:Routers can be complex and can create harmony or havoc depending on the route you choose to follow. Buying a router with the highest security is crucial to protect your network. Remote working conditions are the new normal, which means that many of us may need to upgrade our home routers too. By speaking to your IT Alliance local member, you could find quick connectivity and security gains with an upgraded router. To save time and money and to make sure that you have done all that you can to make your business safe, speak to us here and find out what is the best and most secure router for you. We have seen an explosion in the ways we communicate, and, in the ways, we use these forms of communication. The last few years have seen people that would have rather picked up their land line, now reaching for their laptop or tablet to make a video call.
Our original and oldest form of distant communication, the letter, has been branded snail mail and the volume of snail mail has steadily decreased to the point that the humble letter box is on the verge of redundancy. We have transitioned from the art of formal letter writing, taught with passion by our English teachers, to communicating in text or even emojis. We are evolving not just our means of communication but also the way we use these tools. In business, while an initial introduction is more commonly made in person, or by voice, further contact takes the form of electronic mail. This leads to a bombardment of the recipient’s inbox and the frustration of unread emails at the end of the working day. It is true to say that if our humble letter box had to deal with our daily volume of mail, it would have long since collapsed to the ground. Getting on top of email The first thing is to ask ourselves is “Should this communication take the form of an email?”. If you yourself are not part of the solution, you are part of the problem. Solve as much of the problem at the source not at the destination. If your email is urgent, short, or to a large audience question the medium you are using, would communication be better served by picking up the phone, chatting in teams, or holding a team’s meeting or presentation. When should I use email? We all unconsciously know that email is great when we need a record of a communication, date, or action. For example, if I was to respond to a work order or quote, I would reply via email and simultaneously schedule a task. If I was going to tell a colleague a joke or organize a get together, I would do that in person, via voice or message via teams. A matter of etiquette: Remember to use email to “create a record or reminder”. There are certain things that you can do to ensure your message is heard.
Sorting your inbox: Which brings us to organizing the inbox. How can we work more efficiently, giving emails the priority, they deserve? If an email has been cced to you, it automatically implies that it does not requiring my immediate attention. You can even create a rule outlook to move these to another folder called cced emails. These rules can be as simple or as complex as you decide. If the cced email has a mention of you in it, or is marked high importance, you can ignore the move rule. You can also do the same for group, broadcast or “send to all” emails. When it comes to the external mail, you can sort the rules sender and or subject line. For example, an email from an IT alliance member with the subject containing “communication is key” goes to “webinarblogs” folder in the sub folder “ITA”. How you build your rules is up to you and it does take some initial work and experimentation, but the gains will be worth it. A great example is a company in New Zealand that uses some of the AI engine’s ability to determine a customer’s tone in an email to prioritize unhappy customer. This allows them to be more responsive when required. It can also be implemented to send an automatic response such as “we are sorry to hear about your recent experience with Contoso and would like to speak with you to resolve this issue at your earliest convenience. Please press here to schedule a call with our team”. Can I have emails go to a team? Of course, if you have all the sales team respond to emails sent to enquiries@contoso.co.nz then you can have a shared mailbox. Members that are granted access to the shared mailbox can be setup to send as enquiries@contoso.co.nz or as themselves salesguy@contoso.co.nz However a shared mailbox does require its own license. What about a public folder? A public folder is designed for shared access across the whole organization, it can be enabled with a mail address so that when added to the address field can be forward to a folder for centralized record keeping but it does not allow controlled access, hence public. Email security As with phones and postal services there will be abuse. The more a communication tool is used the more likely some people will see an opportunity to scam others. As “email is a record” as postulated earlier, do you retain and control access to these records. Do your emails contain personally identifiable information or other forms of sensitive information? How can you ensure emails are not sent to the wrong person? Digital communications are more secure than physical forms of communication as technology “can” ensure trust and authentication at every step of the path between sender and recipient. We stress the word “can” in the previous sentence! You may be surprised to learn that you can encrypt your email so only the intended recipient can read it. Even more surprising you can encrypt the email so it cannot be forwarded, printed or copied. You can even stop sensitive information being sent outside the organisation automatically. Technology is available to digitally sign all email from your business to stop imposters posing as your business via email. Technology can check links and attachments in emails for malicious behaviour. What next? Casting the human eye over an email, no matter how much training they received, will never match the ability of the technology to weigh the huge amount of data necessary to make a good decision. Technology can make our digital communication more secure, as with all communication it is up to us to evolve to use our tools to their full potential. Talk, email, send a letter (maybe not!) or message us to discuss how to take your next step. MICROSOFT TEAMS VS ZOOM - Which one is the best for you?
Meeting anyone? Remember the good ole days when we all used to cram in to a conference room, pass around the muffins, slurp on our takeaway lattes, and talk over the top of each other? Nowadays, with the new remote way of working, video calls ARE the new “business meeting” and often the new “phone call”. Top perks of video Technology:
What is Microsoft Teams? Microsoft Teams is a communication platform included in Microsoft 365. Though Teams offers video conferencing capabilities, that’s far from its only use. The platform also includes chat and voice calling functionality and enables teams to share and edit files in real time via a shared virtual workspace. Teams is highly integrated with other products in the Microsoft suite, including Word, PowerPoint and Excel, making it a true collaboration platform. What is Zoom?Zoom is a communications platform that encompasses audio and video conferencing, chat functionality, video webinars and more. Zoom offers an entire marketplace of application integrations, including MailChimp, Zendesk, Marketo and even Microsoft Teams for additional extensibility. Though Zoom has been around since 2011, it’s seen stunning growth in 2020, increasing from 10 million daily meeting participants in December 2019 to over 300 million daily meeting participants in April 2020. Consider your audience? The first step is to consider who and what you are using video calling for. If the main focus is meetings amongst colleagues at an organisation that already uses Microsoft products—especially Office365—then the obvious choice for video calls is Microsoft Teams. Even if you do use Teams at work, you still might want to use Zoom for meetings with people external to your organisation as Zoom is still more well-known than Teams. The nuts and the bolts: But how easy are each to use? Both Teams and Zoom give users the option to join via the browser rather than downloading. This means that you can just send them an invitation, they click on the invitation, and the application will open up automatically. Easy! User Interface New users may find Teams more complicated to use than Zoom since it is part of Microsoft’s much larger universe of productivity, collaboration, and communication tools. There is an initial learning curve because of the many ways Teams integrates with other Office apps. That said, the integrations are intuitive, and their usefulness outweighs the required learning. The Zoom video conference controls are similarly simple and user-friendly. Microsoft Teams and Zoom share many of the same features. Both providers offer:
Both Teams and Zoom have free and paid versions. Microsoft offers a number of different pricing tiers for Teams, some of which come with varying degrees of access to other Office365 apps The main differences between free and paid versions are meeting duration limits, participant capacity, file storage and the Microsoft apps you gain access to with each plan Free plans:
Zoom’s paid plans:
So who is the top dog on the day? As you can see, Microsoft Teams and Zoom are both highly intuitive, very comparable platforms, which can be useful in different situations. Teams also offers so many other benefits beyond just video conferencing including
Remembering passwords on top of the million other things to do in any given day is a lot. Are your teams passwords fairly similar across multiple online accounts? It’s okay, you are not the only business.
Most people reuse their passwords over many different applications, and have one or two passwords only. With the increased need for security, however, there are now much better ways to protect your accounts and provide additional layers of security. Nowadays almost all online services, banks, social media, shopping have added a way for your accounts to be more secure. Here we help you to understand MFA and 2FA plus introduce you to LastPass to manage your passwords. What is MFA and 2FA? Maybe you’ve heard of the term MFA or 2FA and are slightly confused. Let us help you break what this is and why you need it. MFA = Multifactor authentication 2FA = Two factor authentication In the old days! In the old way of doing things you signed in to your online accounts in a process called ‘authentication’. That included a basic login and password. For example Login = Matt@olddays.co.nz Password = Matts dog or Matts birthday (something that Matt could remember easily and something that Matt used across all of his accounts) Multifactor Authentication (MFA), however, works by adding additional layers of security to your online accounts. This provides a “second” thing - what we call a second "factor" - to prove who you are. Yes, the first layer remains as your username and password, however now you can add another layer of protection. For example:
How does MFA work? What this additional level of protection does is helps to ensure that you are who you say you are when logging into your online account. So even if someone gets your user name and password, and logs in with your credentials, they will be stopped! You will get an immediate notification on your phone to indicate that someone is trying to login to your account. You can then decline the authorisation, locking them out. This also tells you that your password has been guessed, so you know to change your password. How do I get MFA? Many of your current apps will have an MFA feature that you can turn on. For other things like email, you can enable MFA. This may mean talking to us here at Decision1 so that we can assist you to help turn on your Microsoft 365 MFA feature. Once it is turned on, you and your team will need to use MFA before you can next access you emails/Teams and other applications. Make sure that everyone is ready for this and knows what to do. It isn’t hard, but like with all changes, its best to ensure that you have support from the rollout. What about Passwords? 1. Can I re-use Passwords? Reusing the same passwords across multiple accounts is not a safe idea as it creates an opportunity for credential stuffing attacks. A credential stuffing attack is one where leaked credentials from one site/service are used on another site/service to see if they work. It would be like using the same key for your car and your house. For example, if you use the same password on your online bank account and Facebook, an attacker can easily breach both of your accounts even though you may not have reused the same password on your email account. This potential harm this practice can cause may be a monetary loss, data loss or loss of sensitive personal details. Here at Decision1 we recommend that you update your password after every three months, unless you have been the victim of a cyber-attack, then you should change your password immediately. This ensures that if your credentials are breached, then they are not able to immediately breach other accounts also. How strong is my password? Password strength is a big topic of discussion. You know the drill, you must use lower and uppercase letters, use numbers, use special characters, make sure it is long. But even after all this effort, your password can still be weak! You can test your passwords out before you use them at these websites. They give you slight different information about the strength of your password, which should help you to strengthen your password choices: https://www.passwordmonster.com/ https://password.kaspersky.com/ (Note: Your password is not collected or stored at either of these websites. They are well known secure sources of information that you can trust) Should I use a Password Manager like LastPass? Yes, it is definitely best practice to use a Password Manager. Password Managers allows you to keep track of your passwords without having to remember them. The advantages of a password manager are:
A good quality password manager is a safe, trustworthy and highly recommended security tool. Known trustworthy tools such as LastPass can be trusted to protect your account logins. LastPass is a free or paid personal password manager for an individual, however, if you want to protect your business, you need LastPass Business. In conclusion: Having MFA or 2FA is an essential these days, and so is having decent and unique passwords. For practical reasons you need to have a business password solution in place to ensure your team are password secure. Here at Decision1, we can help you to simplify this process, and provide you with support to easily and effortlessly apply these tips. If you would like to discuss your specific needs, please feel free to reach out to us here. |
AuthorVictoria Murgatroyd-McNoe has been working in the IT sector helping businesses achieve their technology goals for over 20 years. Archives
November 2022
Categories |