TechTidBit - Tips and advice for small business computing - Tech Experts™ - Monroe Michigan

Brought to you by Tech Experts™

Remote Work

Securing Remote Access Technology: What Every Small Business Owner Needs to Know

Remote access technology has become essential for modern businesses. Whether your employees work from home, connect to the office while traveling, or access critical systems after hours, secure remote access can greatly enhance productivity and flexibility.

However, without proper security measures, it can also open the door to significant risks, including data breaches, ransomware attacks, and unauthorized access to sensitive information.

Here’s what small business owners need to know about securing their remote access technology.

Why secure remote access matters

Remote access allows users to connect to your business’s network or systems from anywhere. While this connectivity is convenient, it also presents a larger attack surface for cybercriminals.

Hackers often target remote access solutions because they can be a weak link in your cybersecurity strategy if not properly secured.

The consequences of a breach can be devastating: financial losses, reputational damage, and even legal penalties for failing to protect customer or employee data.

The good news is that implementing secure remote access methods doesn’t have to be complicated. With the right tools and practices, you can greatly reduce your risk while enabling your team to work efficiently from anywhere.

Key strategies for securing remote access

Use strong authentication methods

Passwords alone are no longer enough to protect remote access. Instead, implement multi-factor authentication (MFA). MFA requires users to verify their identity using two or more factors, such as a password, a smartphone app, or a fingerprint.

This adds an extra layer of security, making it much harder for attackers to gain access, even if a password is compromised.

Deploy a virtual private network (VPN)

A VPN creates a secure, encrypted connection between a remote user and your business network. This ensures that sensitive data, such as login credentials or customer information, cannot be intercepted by hackers.

Ensure your VPN is configured properly and use strong encryption protocols to maximize its effectiveness.

Limit access privileges

Not all employees need full access to all systems. Use the principle of least privilege to limit access based on each user’s specific role. By restricting what employees can see or do within your network, you reduce the potential damage if their credentials are ever compromised.

Keep software up to date

Outdated software can contain vulnerabilities that hackers exploit to gain unauthorized access. Regularly update remote access tools, operating systems, and any third-party applications your business relies on.

Enable automatic updates whenever possible to ensure you don’t miss critical security patches.

Educate employees on cybersecurity

Even the most secure systems can be compromised by human error. Train your employees on best practices for cybersecurity, including recognizing phishing attempts, creating strong passwords, and avoiding suspicious links or downloads. An informed workforce is one of your strongest defenses against cyber threats.

Monitor and audit remote access activity

Use monitoring tools to track who is accessing your network and when. Unusual activity, such as login attempts from unfamiliar locations, can be an early warning sign of a potential breach. Regular audits can help you identify and address vulnerabilities before they are exploited.

The cost of neglecting security

Some small business owners hesitate to invest in secure remote access solutions, viewing them as unnecessary expenses. However, the cost of a data breach or cyberattack often far exceeds the cost of preventive measures. Beyond financial losses, you could face downtime, lost trust from customers, and even regulatory fines.

By prioritizing secure remote access, you’re not only protecting your business but also demonstrating to clients and partners that you take cybersecurity seriously. This can enhance your reputation and give you a competitive edge in an increasingly digital world.

Take action today

If your remote access technology isn’t as secure as it should be, now is the time to act. Consult with IT professionals to evaluate your current setup, identify vulnerabilities, and implement a security plan tailored to your needs.

With the right measures in place, you can enjoy the benefits of remote access without compromising your business’s security.

Enhancing Employee Performance With A Mobile-Optimized Workspace

Workspaces have evolved significantly, allowing employees to work and collaborate from virtually anywhere. Whether they’re at a café, at home, or traveling, the ability to stay connected and productive is transforming how businesses operate. This shift toward mobility is driven by the adoption of mobile-optimized workspaces, which enhance both performance and productivity.

At the heart of a mobile-optimized workspace is the ability to access files, applications, and communication tools seamlessly, regardless of location. By leveraging cloud-based systems, employees can quickly retrieve and work on the documents they need, collaborate with team members, and continue to meet deadlines without needing to be in the office. Cloud integration is key to maintaining this flexibility, enabling work to continue uninterrupted from any device.

Mobile-first applications play an important role as well. They ensure that the same functionalities available on a desktop computer are accessible from a mobile device. A well-designed mobile application should be intuitive, responsive, and reliable, ensuring employees can work efficiently from their phones or tablets. When an app provides the same user experience as its desktop version, employees are more likely to embrace the mobile work environment, leading to higher productivity levels.

Effective collaboration tools are another core component of a mobile-optimized workspace. Real-time editing, video conferencing, and seamless file sharing allow teams to stay connected, regardless of where they are. These tools create a dynamic and flexible work environment, where decisions can be made more quickly, ideas are shared easily, and teams can stay aligned.

Security is always a top concern in a mobile work environment. Increased mobile device usage expands the potential for security risks. Managing this risk requires the implementation of secure mobile device management (MDM) solutions.

Employee training is essential to the success of a mobile team. It’s important to ensure that employees not only understand how to use mobile devices and applications but also know how to do so safely. Training programs should focus on both the functionality of the tools and security best practices, helping employees avoid the pitfalls of mobile work while maximizing its potential.

Adopting a mobile-optimized workspace offers several key benefits. It increases productivity by allowing employees to work from any location without the limitations of being tied to a desk. The ability to collaborate more effectively leads to better decision-making as teams can communicate and share information in real time.

This flexibility also positions your company as a forward-thinking employer, which is crucial in attracting and retaining top talent. Additionally, a mobile-optimized setup often leads to cost savings as businesses can reduce their reliance on physical office space and the associated overhead costs.

However, there are challenges to consider. With employees working from various locations and devices, the risk of security breaches increases. Implementing robust security measures, such as encryption and two-factor authentication, helps mitigate these risks.

Additionally, mobile devices can lead to distractions. It’s important to encourage employees to use focus apps or features that reduce interruptions during work hours. Data usage is another consideration. High mobile data consumption can become costly, so providing mobile hotspots or Wi-Fi allowances may be a practical solution.

While there are challenges associated with creating a mobile-optimized workspace, the benefits far outweigh them. With the right tools, training, and security measures, businesses can create a flexible, productive work environment that not only enhances performance but also prepares them for future growth.

Wallet? Check. Planner? Check. Laptop? Uh oh… Laptop…? Laptop???

Thomas Fox is president of Tech Experts, southeast Michigan’s leading small business computer support company.

Summer time is travel time! Whether it’s a trip across the state or across the country, everyone needs a break. But picture this: You’ve had a great trip up north with the family, and you’re packing to head home. You’re balancing your luggage, kids, shopping bags, and your laptop case. It’s only when you get home that you realize, with a sinking feeling, that your laptop is nowhere to be found. Is it still at the hotel, maybe?

And then panic sets in as you remember all the sensitive data stored on that device.

This scenario is a nightmare, but it doesn’t have to turn into a full-blown crisis. Having a solid plan in place can mitigate the risks associated with a lost or stolen work device.

Here’s what you should do if you find yourself in this situation:

First and foremost, create an environment where employees feel comfortable reporting a lost or stolen device immediately. Your team needs to know that the sooner they inform the company, the better. Emphasize that there will be no blame or punishment – what matters most is safeguarding the data.

Ensure that all work-issued devices have remote wiping capabilities. This is your first line of defense. When a team member reports a laptop missing, your IT team should be able to remotely wipe the device, erasing all data to prevent unauthorized access.

Before a device is lost, proactive measures can make a world of difference. Make sure all company devices are encrypted. Encryption converts data into a code to prevent unauthorized access. Even if someone gets hold of a company laptop, encrypted data remains inaccessible without the proper decryption key. Most modern operating systems offer robust encryption options.

Always enforce strong password policies. All company laptops should have a complex password and, ideally, two-factor authentication (2FA). This adds an extra layer of security, making it harder for anyone to access the data if they bypass the initial password protection.

Regular training is vital. Employees should understand the importance of device security and the steps to take if a device is lost or stolen. Conduct workshops and send reminders about security protocols. The more informed everyone is, the quicker and more effectively they can respond to the loss.

Why are these steps so crucial? If a business laptop falls into the wrong hands, the consequences can be severe. Unauthorized access to customer files can lead to identity theft and loss of client trust. Exposure of financial data could result in significant loss and legal consequences. Proprietary information could be stolen and sold. It’s a nightmare.

By implementing these strategies, you can sleep easier knowing that your company’s data remains secure, even if a device goes missing. It becomes a minor annoyance, not a disaster.

Five Habits Your Smart Remote Workers Should Have

Thomas Fox is president of Tech Experts, southeast Michigan’s leading small business computer support company.

Remote work has become a way of life very quickly, hasn’t it? Loads of businesses and their people are reaping the rewards of flexibility and convenience.

But it also brings cyber security challenges that demand your attention. Of course, this should always be a concern, but when you have employees working from home, a coffee shop, or anywhere else for that matter, you need to make sure they’re making wise decisions that put the security of your data at the forefront.

These are five habits your remote workers should adopt straight away.

Choose your work location wisely

Working from a favorite coffee shop or a picturesque park may seem like a dream come true, but it can expose you to more cyber security risks.

Over-the-shoulder attacks, where cyber criminals discreetly snoop on your screen in public spaces, might seem unlikely, but they have real potential to lead to data breaches. Employees should choose to work in quieter, more private settings to minimize this risk. [Read more…] about Five Habits Your Smart Remote Workers Should Have

Your Remote Workers Aren’t Using Computers That Look Like This, Are They?

Thomas Fox is president of Tech Experts, southeast Michigan’s leading small business computer support company.

When did you last check everything was OK with the devices your team uses when they work remotely?

That might sound like a strange question. But a recent survey discovered that 67% of remote workers are using faulty devices to work from home. And the reason?

They’ve likely damaged the device themselves and are too scared to tell you!

Laptops, keyboards, and monitors are most likely to be damaged (in that order). And it’s usually because of food or drink spills… though some people blame their partners, children, and even their pets!

We’ve all watched in horror as a cat rubs itself against a full glass of water next to a laptop…

[Read more…] about Your Remote Workers Aren’t Using Computers That Look Like This, Are They?

Should You Monitor Your Remote Workers?

At the end of last year, Microsoft announced it would be adding increased employee surveillance to Microsoft Edge.

The changes mean admins can access compliance monitoring through the browser, such as seeing which files have been printed or copied to USB devices.

Machine learning is being used to increase this visibility of what’s happening to sensitive files. But how will this impact employees? Will they feel that their privacy is being invaded? Will it cause trust issues? And do you think this is an appropriate level of monitoring when people have proved that remote work can be just as productive – if not more – than working from the office?

Our advice would be not to buy into this increased employee surveillance, unless you want to damage the delicate trust you’ve no doubt worked hard to build with your team.

There are other, more open ways to help your people get their work done. For example, there are plenty of tools that help limit distractions like notifications or temporarily block apps and websites to allow better focus. Your employees can choose to activate these to aid their productivity when they need a boost.

You’ll find some within your Microsoft 365 subscription – that means more tools at no extra cost.

If you want some suggestions personalized to your business, give us a call.

Five Things You Should Never Do On A Work Computer

Whether you work remotely or in an office, the line between personal and work tasks can become blurred when working on your company computer. If you’re in front of a computer for most of your time during work, then it’s not unusual to get attached to your desktop PC.

Over time, this can lead to doing personal things on a work computer. At first, it might just be checking personal email while on a lunch break. But as the line continues to get crossed, it can end up with someone using their work computer just as much for personal reasons as work tasks.

In a survey of over 900 employees, it was found that only 30% said they never used their work PC for personal activities. The other 70% admitted to using their work computer for various personal reasons.

Some of the non-work-related things that people do on a work computer include:

  • Reading and sending personal email
  • Scanning news headlines
  • Shopping online
  • Online banking
  • Checking social media
  • Streaming music
  • Streaming videos/movies

It’s a bad idea to mix work and personal, no matter how much more convenient it is to use your work PC for a personal task during the day. You can end up getting reprimanded, causing a data breach at your company, or possibly losing your job. Here are several things you should never do on your work PC.

Save personal passwords in the browser
Many people manage their passwords by allowing their browser to save and then auto-fill them. This can be convenient, but it’s not very secure should you lose access to that PC.

When the computer you use isn’t yours, it can be taken away at any time for a number of reasons, such as an upgrade, repair, or during an unexpected termination.

If someone else accesses that device and you never signed out of the browser, that means they can leverage your passwords to access your cloud accounts.

Store personal data
It’s easy to get in the habit of storing personal data on your work computer, especially if your home PC doesn’t have a lot of storage space. But this is a bad habit and leaves you wide open to a couple of major problems:

Loss of your files: If you lose access to the PC for any reason, your files can be lost forever.

Your personal files being company-accessible: Many companies have backups of employee devices to protect against data loss. So, those beach photos stored on your work PC that you’d rather not have anyone else see could be accessible company-wide because they’re captured in a backup process.

Visit sketchy websites
You should assume that any activity you are doing on a work device is being monitored and is accessible by your boss. Companies often have cybersecurity measures in place like DNS filtering that is designed to protect against phishing websites.

This same type of software can also send an alert should an employee be frequenting a sketchy website deemed dangerous to security (which many sketchy websites are).

You should never visit any website on your work computer that you wouldn’t be comfortable visiting with your boss looking over your shoulder.

Allow friends or family to use it
When you work remotely and your work computer is a permanent fixture in your home, it can be tempting to allow a friend or family member to use it if asked. Often, work PCs are more powerful than a typical home computer and may even have company-supplied software that someone wouldn’t purchase on their own.

But allowing anyone else to use your work computer could constitute a compliance breach of data protection regulations that your company needs to adhere to.

Just the fact that the personal data of your customers or other employees could be accessed by someone not authorized to do so can mean a stiff penalty.

Additionally, a child or friend not well-versed in cybersecurity could end up visiting a phishing site and infecting your work device, which in turn infects your company cloud storage, leaving you responsible for a breach.

At least 20% of companies have experienced a data breach during the pandemic due to a remote worker.

Turn off company-installed apps like backups and antivirus
If you’re trying to get work done and a backup kicks in and slows your PC down to a crawl, it can be tempting to turn off the backup process. But this can leave the data on your computer unprotected and unrecoverable in the case of a hard drive crash or ransomware infection.

Company-installed apps are there for a reason and it’s usually for cybersecurity and business continuity. These should not be turned off unless given express permission by your supervisor or company’s IT team.

Companies Must Address Employees’ Lax Cybersecurity Habits

A third of employees picked up bad cyber security behaviors while working from home, according to Tessian’s Back to Work Security Behaviors report.

Despite the remote workers’ bad security practices, 9 out of 10 organizations prefer the hybrid workplace as COVID-19 restrictions eased. Similarly, 89% of employees want to work remotely during the week.

The firm advises business owners to consider the bad employee behaviors as organizations transition to hybrid workplace models.

As employees go back to the office, businesses need to address changes to employees’ security behaviors since they have been working remotely.

Most employers are wary that the post-pandemic hybrid workforce would bring bad cybersecurity behaviors.

More than half (56%) of employers believed that employees had picked bad security practices while working remotely.

Similarly, nearly two-fifths (39%) of employees also admitted that their employee behaviors differed significantly while working from home compared to the office.

Additionally, nearly a third (36%) admitted discovering ‘workarounds’ since they started working remotely.

Close to half of workers adopted the risky behavior because they felt that they weren’t being watched by IT departments. Nearly a third (30%) said they felt that they could get away with the risky employee behaviors while working away from the office.

However, small businesses placed more confidence in their employees while transitioning to the hybrid workplace.

Over two-thirds of business owners believed that their staff would observe their company’s cybersecurity policies.

Many employees are unlikely to admit cutting corners

The fear or failure to report cybersecurity mistakes was a huge cybersecurity risk for organizations. A quarter of employees refused to report such mistakes believing that nobody would ever discover them.

Similarly, more than a quarter feared reporting cybersecurity mistakes to avoid potential disciplinary actions or being forced to take additional security training.

However, younger employees are more likely to admit cutting corners, according to the Tessian report.

More than half (51%) of employees between 16-24 years old and 46% of those between 25-34 years old were more likely to admit circumventing the company’s security protocols.

“Create a security culture that encourages people to come forward about their mistakes, and support them when they do,” the authors suggested.

Personal devices will undermine the network perimeter in the hybrid workplace

Some of the security threats and challenges experienced when people work fully remotely would be imported into the new hybrid workplace.

While many employees used infected devices for remote access during the pandemic, some would bring them to the hybrid office. Company leaders now have to shift to a new security architecture for good – one that involves zero-trust network access, endpoint security, and multi-factor authentication.

Phishing and ransomware attacks are major challenges in the hybrid workplace

Ransomware attacks were also a major concern for more than two-thirds (69%) of companies who believed that the hybrid work environment would be a target for ransomware attacks. These attacks posed a business continuity threat to targeted companies.

Similarly, phishing attacks concerned over three-quarters of IT decision-makers who believed that credential phishing would only exacerbate in a hybrid workplace.

They believed that employees were more likely to expose company data in public or fall for phishing scams impersonating airlines, booking companies, hotels, or senior executives on a business trip. In fact, “back to work” phishing emails were a concern for 67% of IT leaders.

Phishing was the gateway to ransomware attacks. Consequently, successfully blocking phishing exploits reduces the chances of a ransomware attack.

“Stop phishing, business email compromise, account takeover attacks, and social engineering scams, and you significantly reduce the risk of ransomware,” the report authors noted.

However, bad employee behaviors, such as failing to report clicking phishing links, made it harder to stop these attacks.

Three Trillion Minutes On Zoom (Is That Just This Week?)

Zoom calls… Teams meetings… Google Meets… whichever tech platform your business uses*, do you ever get to a Friday evening and feel a bit “over Zoomed?” Especially if you then have ANOTHER Zoom arranged with friends or family?

According to estimates, over three trillion minutes will be spent on Zoom this year. That’s about 5.5 million years!

As much as they’re a pain when you have them all day, video calls really do help us be productive and get things done while we’re working remotely.

76% of all employees use video calling for remote work, according to some stats we’ve been reading. Three quarters of those say it makes them more productive. 41% of employers believe video calls lead to better engaged teams.

How to feel less “over Zoomed” then… here are three suggested rules that have worked well for us.

1. Do a tech test before every meeting: Check your video and sound are working. Zoom has a test call facility at www.zoom.us/test

2. Never meet unless you have a written agenda: And put the agenda on screen using screen share. This stops meetings from dragging on.

3. Stand up, especially if you’re the organizer: This is good for real life meetings, too. When you stand for a meeting, your body will give you feedback when the meeting’s dragging. Standing desks are a great idea for productivity and keeping energy levels high.

* Side note: Do you remember in the old days (2018) when people used GoToMeeting for video calls? Or the really, really old days (2017) when we used Skype?

Do We Have A Connection Here Or What?

Most businesses are heavily reliant on the internet. Everything is cloud-based and streamed. And it’s especially important now we have more people working from home than ever before.

Without the Internet, those Zoom chats wouldn’t work. We’d spend the day with a mobile phone glued to our ear, and probably with chronic neck ache. Ouch.

So how do you cope if one or more of your remote workers has a poor Internet connection? That can quickly become a frustrating experience for everyone.

Your first port of call would be to run a speed test and then shop around. Find out which providers offer the best speed in their area.

And if they need to, switch. You might choose as a business to financially help them with upgrading their home Internet.

If that’s not an option, then we need to get a little more creative. In extreme cases, you can look at alternatives such as satellite Internet, or a Wi-Fi router that uses 4G.

You can also check their Wi-Fi router to see if an upgrade would be beneficial. And there are things called range extenders that boost the Wi-Fi to reach different parts of their home.

If you’re not sure what you’re looking for or could use some advice on helping your staff get more done from home, call us.