October means the month of Oktoberfest for everyone who loves a beer. But for those of us in technology, October is really a time to party because it is National Cyber Security Awareness Month! WooHoo!
Okay, maybe it doesn’t sound so fun, but for those of us in the business, maybe we can think of this as a time to avoid deep and lasting pain. Sounds fun?
To make this even more fun, answer this question: How do you know when you are getting old? Answer: When you take cyber security seriously. This actually gives us a leg up on Millennials with regard to something technical. They all pretty much ignore it.
They key to understanding cyber security is to simply be interested. You can understand and manage this from a high level. Make sure your company follows the 10 basics, below, and you will have earned the title, “Top 1% Cyber Executive.”
1. Use Two Factor Authentication for Business and Personal email. You log in to your account, for the 1st time with each new device, and receive a PIN to your phone that must be entered in to register that device. No one else can use their device to access your email. This must be a corporate policy for all employees, for both personal and business accounts. How can you prescribe such an invasion of personal privacy? Because, sooner or later, everyone does something for their work on their personal device.
2. Enable HTTPs on Your Company Website(s). HTTPs websites have a certificate that encrypts all data transmitted from your website. This helps visitors know that your site is actually run by your company and not an imposter (i.e. phishing site).
3. Use Strong Passwords, Don’t Re-Use Them, and change at least every 90 days. Most experts would say change every 30 days. A password with upper and lower case plus a number plus a symbol is a strong password. The one you are using now is a terrible password! Sorry to criticize you but toughen up, you cyber sissy.
4. Run All Software Updates. Hacked companies, usually get hacked because known vulnerabilities have been left unattended for YEARS! All your IT people have to do is update the software. This is the simple truth where most vulnerabilities lie: True for servers, true for personal computers and phones, and true for security appliances (Firewalls). Run the operating and security software updates and you most probably are safe.
5. Make sure your security software and devices are turned on! For one reason or another, IT turn these things off, or open an unsecure port in a security device to solve some problem or allow temporary access for a particular purpose. Then they leave them open. Periodically ask your people, “Are there any unsecure ports in our firewall. Are we running all of our updates? All of them?? All??? Are you sure?” That’s how you do it.
6. Make Sure Employees Look for the S in HTTPs When Searching the Web.
7. Encourage Senior Leadership to your Spearhead Cybersecurity Culture.
8. Generate Phishing Simulation Tests to Keep Staff Alert. Hire a 3rd party to test and train your people. This can be a mostly automated service, so it does not have to cost much.
9. Conduct a 3rd Party Cyber Security Audit. Depending upon your company size, this doesn’t have to be expensive, but it may be if you have more than fifty employees. What you don’t know definitely will hurt you. Take the results seriously and do every single thing recommended.
10. Make Sure Your Company Is Cyber-Insured. Standard insurance policies don’t normally cover the loss of data; or cyber crime. This is where cyber-insurance comes into play. Know your industry exposure, from a punitive perspective. Think about business interruption. Next week will be dedicated to Cyber Insurance.
Now that you are one of the top 1%, get back to that beer and enjoy Oktober secure in the knowledge that you!
Brian Desrosier has been serving the Greenwich community for over thirty years as the owner of local technology powerhouse, Lighthouse Technology Partners.
There is so much happening in the Cyber Security front. It affects you. You can learn from it. As a bonus, you can rant along with me. Hardly anyone takes the time to read insurance policy fine print. Likewise, few business people really want to deal with cyber security. Dig in and understand it.
According to Microsoft, in companies with less that 250 employees, 75% use the same two to four passwords on nearly everything. In fact, 87% of senior managers have unwittingly leaked corporate data; 57% sent it to the wrong person. Top executives and administration officials alike, use personal email accounts for official business. Do not be like them. (Go back and read the last two week’s columns to learn how to save yourself, if you can’t wait until next week: Would You Know if You Had Been Hacked? and An Ounce of Data Loss Prevention is Worth a Pound of Cure) Did you know, on average, over 200 days pass before organizations realize their data or network has been hacked? More than 300,000 new malicious files are created every day. Cut this article out. It’ll make great cocktail party conversation. Everyone loves to talk about how “scary it is!”
Does your organization have a “diligence in depth” plan to combat these vulnerabilities? Today, every company can afford to take advantage of fantastic protection tools. Pay attention and spend just a little.
What’s been happening lately?
According to FedEx, a June 27 “Petya” attack cost them $300,000. DLA Piper, one of the world’s largest law firms, was crippled for over three weeks this summer, and continues to reel in the devastation of lost revenue and client confidence. Princeton Hospital was forced to scrap and replace its entire computer network this summer. These were all ransomware or faux-ransomware attacks. Avoidable, all of it.
You are lucky if your breach is just about a ransom payment. Maybe your data is worth more.
Take Equifax. The Wall Street Journal reports, “Hackers roamed undetected in the Equifax computer network for more than four months.” Experts believe bad guys gained entry simply because DinosaurFax hadn’t patched their systems. Even a small company can do that, right? (See how I am giving you hints along the way?) On Tuesday, CEO Richard Smith resigned as I predicted. Last week, the SEC announced hackers penetrated their systems, and may have even traded, undetected, for over a year!
This of course came from the institution that allowed big traders pre-knowledge of market disclosures – ahead of the rest of us. I think it is better they get hacked and embarrassed than be allowed to operate with total impunity. Gosh, they don’t even have to disclose their breaches like the rest of you. Sorry to rant. SEC Chairman, Jay Clayton, cannot discuss the details due to, “an ongoing enforcement probe.” Sounds very official. Accounting firm Deloitte just reported a hacker accessed “very few” client records, and there was “no disruption of client business.” Sounds like a huge cover-up to me. The “Krebs on Security” website quoted a Deloitte insider who indicated the hacker, through their email system, accessed all of their internal systems and all administrative accounts.
This week, the Commodity Futures Trading Commission advocated significantly reduced fines for companies who report breaches. The idea being, breached companies would be more likely to come forward if they didn’t face such huge punitive penalties. But that won’t work because most breaches occur because of gross negligence, and nobody wants to admit to their customers, shareholders, and the world at large that they are inept executives. Especially not a “master of the universe.” Just ask Richard Smith, though he is certain to be paid handsomely for his fine work not paying attention and obscuring the truth. You see, protecting against most threats is not “high cyber science,” just common sense and fundamental management. This is what explains the lies we read each week. I guess it is easier to lie than do your job.
Bet you didn’t know that the SEC applies its cyber security rules in mysterious ways. Jay Clayton, now a beacon on this subject, says recent cyber security lapses have, “highlighted the importance of cyber security…to market participants.” Why then, doesn’t Congress and the Commission work toward changing application and adherence to Reg SCI. Reg SCI is a requirement that, if it applies, requires complete, deep procedures to ensure robust and resilient technological trading systems and controls are in place. This is a rather vague regulation and is applied to exchanges and certain trading venues. Not all. It doesn’t apply to Morgan Stanley, Charles Schwab, E-Trade, Scottrade, or Citadel, who handles over one-third of all trades executed in the United States. Nor does the SEC publish a list of who needs to comply. This sort of reminds me of “double secret probation” in the movie, “Animal House.” I guess it really matters, but we don’t need to know who is cyber secure or not?
To wrap all this directionlessness (new word just invented) up, according to a recent Wall Street Journal headline, “In Today’s Cyber War, Everyone Is a Target.” The FBI agrees, threats against small business are growing at an escalating rate (over 35% annually). So, if these large outfits, with all sorts of resources can’t keep out the bad guys, should smaller outfits even try?
Yes, and yes, bad things will happen to your company if you don’t. The reason small companies are a target is they pay even less attention to security than your higher paid brethren. Bad actors can gain access to your best customers (who are much bigger than you) through you. Sound like a good deal? It is much worse than you think. In spite of all you read, most cybercrime is not reported. Again, business executives don’t like advertising they are unconscientious. You might even say unconscious. I think it was Dan Quale who said, “What a waste it is to lose one’s mind. Or not to have a mind is being very wasteful. How true that is.”
Sorry, we used up too much space ranting today. Next week we will discuss what you can do, without breaking the bank, to protect your business and critical customer relationships. In half the space! In the meantime, do worry about it, and what you will do if a weather disaster strikes our area again.
Brian Desrosier has been serving the Greenwich community for over thirty years as the owner of Lighthouse Technology Partners.
So much has been written about the bad actors that break into organizations and steal valuable data. Has anyone heard of Equifax? The Latin root of this company’s name is “fax,” short for facsimile. Talk about a dinosaur of a name, and one that sort of infers the organization isn’t too current with technology. Well, this has proven to be true, and therefore, the truly worst actors must be the people inside Equifax itself. I don’t mean the crooked top executives. You have to blame the employees, right? Then again, maybe the executives are to blame because they know all about their stock value, but not so much about making sure their customers’ data was secure. Even worse, a lot of us aren’t even customers! Did you know the majority of this data about you and me – Equifax makes their money selling our very personal information without our approval or any type of compensation. Great business model. Thank you, Mr. Richard Smith, Equifax CEO.
This isn’t what I want to write about today, though. The conversation turns to what can organizations do to protect themselves from themselves. Employee behavior, whether malicious or unwitting, is certainly the doorway to loss into most organizations. Yes, we tend to give our crucial information away like upcoming Halloween candy. Trick or treat? Hey, there is no trick to being stupid!
This turns our attention to the concept of Data Loss Prevention (DLP). DLP is both a business strategy and software technology for making sure that end users (employees) do not send sensitive or critical information outside their corporate network. I’ll discuss the technology aspect below.
Software today can inspect information throughout an organization, large or small. This information is then dynamically classified and policies are dynamically applied. That sounds pretty technical, so go back and read that last sentence again. Software examines all of your data, and then depending upon the organization’s policies, the software decides what can and cannot happen with that information. It is all super-fast and invisible to employees.
How does it work?
With DLP, for example, if a top executive attempts to send an email containing social security numbers outside the organization, “Sorry, Boss, it just won’t go outside this organization.” According to Microsoft, an astounding 87% of corporate executives have accidentally leaked corporate data. If a staff member in Human Resources erroneously attaches a payroll spreadsheet to an email destined for a B2B partner, “ALERT! The data you are sending is highly sensitive and has been blocked.” Simple.
Why isn’t DLP more widely used?
There are some common themes among larger customers who do not invest in DLP:
- On a high level, larger organizations are extremely slow to adopt technology they need because top executives do not have the confidence to know what is best. They simply do not take the time to understand it.
On a level down, the technical professionals reporting to the above executives are not provided with the budgets they need to deploy preventative technologies. By the way, technical professionals really hate change because adopting new technology is a painful learning process for them. They might perform a single DLP initiative in their entire career. It is a sophisticated deployment. This all sets the stage for what follows.
This happens every day with larger “enterprises:”
On a typical day, bosses are impatient. They want everything done yesterday, and they really don’t understand how much work goes into their peoples’ work. Follow this…
- A mid-level, star employee gets an email from the boss. Sometimes the boss’s demands come from the boss’s personal email account. Not this time, though. He wants a PDF of the top 100 customer information – This has everything in it including account names, how they pay with bank account numbers, key contacts, phone numbers, tax ID numbers, everything.
- He replies, “This will take probably twenty minutes.” The boss needs it right away before he catches a flight. The star employee doesn’t annoy the boss with any more questions. He doesn’t waste a second showing the boss how efficient he is.
- Twenty minutes later, the information is delivered.
- Later that day, the star employee had a sinking doubt. He went back and looked at that email from the boss. It looked right displayed in the mailbox, but when he opened the email and carefully examined the “From;” inside the actual email [this is the un-spoof-able “Header” in every email], he realized he had been the recipient of a LIVE phishing attack. This wasn’t a benign, “click on an Amazon gift card” SPAM phishing attack. Re-read #4, it really is not as complex as it seems, first reading.
- This was an active, live event. Like I said, this happens every day. (Phishing is an email that looks like it comes from a trusted source that attempts to get the recipient to give up your own valuable information.) If he just took a little more care, it was obvious.
- If the company had a DLP strategy, he would not have been allowed to give up the data.
With an effective DLP strategy governed by the business, implemented by IT, and communicated to your staff, catastrophic and embarrassing data leaks are prevented. This occurs in real-time, no need to scramble the jets, put out fires, or summon your counsel. The philosophy behind preventative data protection and proactive risk management should be the cornerstone of every organizations modern IT Policies.
Everyone wants to be productive, work efficiently, and perform to the best of their abilities, however with hectic schedules and cross-departmental collaboration, mistakes can be made by good, honest workers who may have simply clicked A instead of B or typed “Apple” instead of “Banana.” Allow your workers to feel safe and secure, empowered and focused, knowing there are safeguards in place in case a mistake is made. Mistakes happen.
Executives everywhere, you must be aggressive, informed, and vigilant. That’s your job. Protect the fort! You don’t want to end up like Richard Smith, selling your shares before you publicly disclose the fact you were caught with your pants down!
My next-door office neighbor’s mom had just died. It was a Friday and the first day I saw him come into the office for several days. Later, when I was emailing, in real time, he asked me to log on to his Dropbox account. I asked him why, and he thanked me for double checking this was legitimate. (He knew that is why I asked.)
‘An invitation…’ to the private funeral, I supposed. Such a horrible, sad time. My neighbor is not technologically savvy, and of course the Dropbox login, didn’t work. It asked me to confirm my cell phone number to authenticate, but then nothing happened. It was 5:30 p.m. by now, and I was in a rush to “get out of Dodge.” I’ll just go talk to him, I thought.
He had just left, and I had to chase him down in the parking lot. He happened to mention his email had been hacked, and he’d spent all day straightening things out. Oh, that’s too bad. But he hadn’t sent me anything.
That’s when I realized that I had been hacked, in real-time!! Everyone in my neighbor’s email address book had been hacked along with him, and he did not even know that he should notify us all.
I have numerous passwords but was not absolutely certain this same password wasn’t used elsewhere. Not every account is multifactor authenticated (extra device password in addition to normal password protection) because some sites just don’t do that.
I was not even sure who performed the last reset in my business accounts. I had to be certain and I had to act fast. My company locked everything down, private and personal. Disabled my email. Froze all personal and corporate bank and investment accounts. Investigated, exactly where the criminals had been and what they had done.
Getting into just one information store can unveil enormous key details. I thought I had used Dropbox before, but I hadn’t. We knew the last hop to who I had been communicating with was in the Washington, DC area. They were unable to gain access to anything at all because everything was shut down so quickly. I told the bank not to reactivate transactions, business and personal, until I personally walked in on Monday morning.
I left my email shut down all weekend. That was kind of refreshing – why do we let this technology rule our consciousness?
It was just a big scare. Maybe it was more. I did a lot of research into potential recourse, liability-wise. Who is responsible in these types of matters? What would have happened if my bank account was drained? Did my office neighbor have some responsibilities? I started talking to lawyers and bankers. One of the nation’s largest and most successful investment advisors had no clue, nor did I.
If you give up your credentials and your bank account is drained, MOST people have NO INSURANCE COVERAGE. NO PROTECTIONS. NO RECOURSE. Yes, we are all responsible for our own stupidity!
Did you know that most breaches are not detected for over 250 days? The bad guys patiently wait and watch for the perfect time.
If this is making you nervous, it should. Some very intelligent, savvy people have been there. Last month, it was reported in the Wall Street Journal that New York State Supreme Court Justice Lori Sattler was in the process of selling her apartment and buying another, when she received an email that seemed like it was coming from her lawyer. Closings get complicated and crazy at the last minute. Her lawyer instructed her to wire a little over $1 million to the bank account he provided. Phew, she got it done in time!
Unfortunately, it was the wrong bank account and not her lawyer! Lori lost all of her money. No insurance, no recourse. How did they get such detailed information? Was it her realtor, attorney, mortgage broker, or her other buyer or seller…or was it the bank? Wow. We are as strong as our weakest link, and it might have nothing to do with us.
Phony emails (Phishing) getting in the middle of last minute real estate transactions are skyrocketing. These losses are happening every day, and people are losing their life saving. I can tell you, I am a “pro,” and these emails are convincing. So are the Amazon gift card emails going around.
I hear all the time, “Oh, all this is crazy technology and I don’t understand it. It is so scary.”
Everyone needs to wake up or else! Don’t tell me you don’t know about auto insurance or car brakes not working if you want to drive a car.
Don’t tell yourself you don’t know what phishing or multi-factor authentication is…if you want to survive in the world today. You must have a unique password for each of your accounts.
You must have two-step (multi-factor) verification for access to your mail and bank accounts. The way the latter works is when you attempt access your account with a new device, a one-time PIN is sent to your phone. In addition to your password, you need to enter your special PIN to access your account with that particular device. Only then, are you trusted.
No, actually, you are not alone. Every single CEO of a top technology company has been hacked. Yes, Tim Cook and Mark Zuckerberg. They have both said exactly what I am telling you today. And, Oh, did you read that the Apple iPhone device security has been compromised. Only you can save yourself.
Okay, so this takes care of you, Mr. and Ms. Reader. Actually, this is just the start. Next week we will explore Data Loss Protection (DLP) for Compliance Officers of “Main Street Financial” firms (Investment advisors, Hedge Funds, Broker- Dealers, etc…with less than 150 employees).
Blog post author, Brian Desrosier has been serving the Greenwich community for over thirty years as the owner of the tech firm, Lighthouse Technology Partners, and the retail store, the Computer Super Center
I’ve thought quite a bit about the ten sailors who died at sea on the American destroyer, USS John S. McCain. All of their bodies have finally been recovered. Looking at the faces of these fine men, it struck me just how young most of them were. Many younger than my own two kids, who I still think of as kids at 23 and 27 years old. Reading about each sailor’s aspirations, I realized every single one of them served in technology roles: Communications, Electronics, or Information Systems. I can think of no more appropriate use of this space than to comment on and acknowledge those Americans who can no longer do so for themselves.
According to the Government Accountability Office, the Navy was warned, in three separate reports, sailors do not receive proper training, and work an average of 108 hours a week. Apparently, sailors are asked to do more than their duty. Then, sleep.
In our crazy world, no sailor, or for that matter, no one in any uniform should ever assume they are safe. However, these sailors deserved to know that when they finally put their head on the pillow, someone else was doing their duty by watching over that ship. Yes, of course their shipmates, but particularly their commanders.
With the June 17 collision of the USS Fitzgerald this has been a tragic summer, especially because the Navy’s own report placed blame with a “flawed watch stander teamwork and inadequate leadership”. The official report has not been issued on last week’s collision, but evidence so far suggests the same.
Anyone who has seen the movie, “Dunkirk,” had this visceral experiential message: drowning in the hull of a ship is horrifying. When this happens because of gross mismanagement and ship-level dereliction of duty, what a horrific waste of lives. Ten times over. Back to the McCain, could anyone imagine the devastation of losing ten separate sons? It is not even possible to comprehend. Even worse, this devastation hit ten separate sons and ten separate families. What a shame. What a loss of treasure. National treasure. Family treasure.
God Bless Kenneth Aaron Smith, 22; Charles Nathan Findley, 31; Abraham Lopez, 39; Kevin Sayer Bushell, 26; Jacob Daniel Drake, 21; Timothy Thomas Eckels Jr., 23; Corey George Ingram, 28; Dustin Louis Doyon, 26; John Henry Hoagland III, 20; and Logan Stephen Palmer, 23. Correction: Make that seventeen times over, including the seven boys lost on the destroyer, Fitzgerald. God bless Dakota Rigsby who was only 19 years old. He went to bed believing in the Navy, and believing someone else was doing their duty, on watch. God bless his shipmates: Shingo Alexander Douglass, 25; Ngoc T Truong Huynh, 25; Noe Hernandez, 26; Victor Ganzon Sibayan, 23; Xavier Alec Martin, 24; Gary Leo Rehm Jr., 37.
Rest in peace. Thank you for your service.
Post Author, Brian Desrosier has been serving the Greenwich community for over thirty years as the owner of Lighthouse Technology Partners and the Computer Super Center.
Microsoft Enterprise Mobility Suite is now becoming Microsoft Enterprise Mobility + Security (EMS). It provides an identity-driven security solution that offers a holistic approach to the security challenges in this mobile-first, cloud-first era. Our technologies not only help your customers protect their organizations but also identify breaches before they cause damage.
Enterprise Mobility + Security E5 is a new tier of EMS that will include new capabilities previously available standalone (Cloud App Security) or in preview (Active Directory Identity Protection & Privileged Identity Management, and Azure Information Protection). EMS E5 will also include the existing EMS capabilities as well as these new technologies.
The existing EMS offer is being renamed EMS E3 and will include Azure Active Directory Premium P1, Intune, Azure Information Protection P1, and Advanced Threat Analytics and the Windows Server CAL rights-same as it does currently.
What is Azure Information Protection?
Azure Information Protection is a new service made up of the existing Azure Rights Management service with new capabilities acquired from Secure Islands.
- Azure Information Protection Premium P1 – which includes all the current Azure RMS capabilities.
- Azure Information Protection Premium P2 – which will include all the capabilities in Azure Information Protection Premium Pa and the intelligent classification and labelling technology from Secure Islands
- Windows Server Active Directory Rights Management will continue to exist in its current form and name
- Azure RMS for Office 365 (included in Office 365 E3 and E5 plans) will also be unchanged.
- See the updated EMS overview deck here for further feature breakdown details
What is Azure Active Directory Premium P2?
A: Azure Active Directory Premium continues to be our cloud identity and access management solution included in EMS. Azure Active Directory Premium P1 contains all the existing capabilities of Azure Active Directory Premium and is included in EMS E3. Azure Active Directory Premium P2 is a new service that includes all the capabilities of Azure Active Directory Premium P1 plus Azure Active Directory Identity Protection and Privileged Identity Management.
What is the Secure Productive Enterprise?
Secure Productive Enterprise is Microsoft’s new offer to deliver important Microsoft capabilities to assist customers as they transition to a digital world.
What is Azure Active Directory Premium P2?
Cloud identity and access management solution included in EMS. Azure Active Directory Premium P1 contains all the existing capabilities of Active Directory Premium and is included in EMS E3. Azure Active Directory Premium P2 is a new service that includes all the capabilities of Azure Active Directory Premium P1 plus Active Directory Identity Protection and Privileged Identity Management.
When healthcare organizations take advantage of the Azure Cloud platform, they can use the IoT Suite to run and expand their business. The Microsoft Azure IoT Suite is a collection of integrated cloud services (analytics, computing, database, mobile, networking, storage, and web) that help you move faster and save money.
Healthcare with the cloud
With the use of smart, connected devices like patient wearables, diagnostic and imaging equipment, and complex surgical machines, healthcare institutions are empowered with enormous insights. Health systems built on Windows 10 IoT allows for enhanced patient care, increase in collaboration, easier access to specialists, and an overall path to smarter and smoother operations. Increasing medical device interoperability could save the healthcare industry $30 billion annually by reducing drug errors and missed diagnoses according to the West Health Institute. Additionally, by helping providers and individuals monitor patient illness and disease and increase human wellness, IoT is estimated to drive an economic value of $200 billion to $1.6 trillion by 2025, according to McKinsey. Healthcare is second only to manufacturing in its adoption of the Internet of Things. Ninety percent of hospitals use six or more medical devices that can be integrated with electronic health records, yet only a third do.
One common platform
Ready to run on devices of every shape and size, with one universal app platform, one security model, and one deployment and management approach. Windows 10 IoT reduces infrastructure complexity, enabling healthcare organizations to link disparate devices and systems and connect them to EHRs more easily and quickly.
Whether used by physicians in exam rooms, healthcare providers, lab technicians in hospitals, or home healthcare aides on location, the same app can be tailored and delivered through multiple form factors to provide
seamless quality care when and where it’s needed.
Windows 10 IoT introduces a number of advancements in security and identity protection features that are easy to deploy and manage without compromising the user experience. Windows 10 IoT safeguards patient data—both protected health information (PHI) and personally identifiable information (PII)—in a variety of ways. Data is always encrypted when it is transmitted or at rest. Windows 10 IoT devices have access controls with biometrics and multi-factor authentication, enabling only authorized staff to access patient data. You can use devices and controls to isolate key processes and protect operating systems and devices from running unwanted apps. You can manage large device fleets with ease, knowing who is using them, what they are running, and where they are at all times.
Windows 10 IoT is designed to work with the devices you already own—as well as the new, innovative devices you deploy to gain powerful new capabilities. Ensure interoperability across your device fleet, incorporate new sensors and peripherals easily, and connect seamlessly. Empower healthcare providers with mobile devices that enable them to capture data, perform critical operations, and increase daily productivity. Use the Microsoft Azure IoT Suite to extend access to vital patient, organization, and network data; store and analyze it; and act with confidence from wherever your work takes you.
Windows 10 IoT is delivered as a service, giving healthcare providers and networks more choice and flexibility by allowing them to select the speed of innovation that is right for each group of users or devices. Healthcare organizations can elect to provide frequent updates to certain segments of users and provide only security and essential updates to non-mission-critical systems.
Synonymous with productivity, Office continues to be very favorable among businesses. There are over 1 billion users worldwide, with one new copy of Office being bought every second.
There is so much more that Office 2016 provides over previous versions.
- Do your best work, anywhere, anytime
- Access your files whenever you need to, thanks to integration with Microsoft OneDrive, Microsoft OneDrive for Business and SharePoint.
- With roaming recent files, you can quickly pick up from where you left off on any device.
- The new Insights pane in Word, powered by Bing, shows relevant contextual information from the Web within the reading and authoring experience.
- Excel takes the guesswork out of visualizing your data: it recommends charts best suited for your numbers, and lets you preview different options.
- Presenter View in PowerPoint gives you the tools to present with confidence – displaying the current slide, next slide, speaker notes and a timer on your Mac, while projecting only the presentation to your audience on the big screen.
- Outlook automatically organizes your inbox in conversations, without inadvertently including messages with the same subject that belong to a different conversation.
- Made for teamwork
- Easily share your documents and invite others to review or edit them.
- Co-authoring in Word and PowerPoint enables several people to work simultaneously in the same document from different devices in different locations.
- Threaded comments in Word and PowerPoint enable you to have useful conversations right next to relevant text. You can quickly see who replied to whom and when.
- The new Conflict Resolution view in PowerPoint lets you visually compare conflicting changes, so you can easily decide what version to keep.
- Share a OneNote notebook with friends, family or colleagues so everyone can add their notes and work together on travel plans, household tasks or work projects.
The most beneficial cloud security tip is to utilize multi-factor authentication (MFA). MFA adds a crucial layer of security to a user’s sign-ins and transactions, making it significantly difficult for cyber attackers to access information. It works by requiring multiple verification methods; typically a password, trusted device (phone or text message), and/or biometrics. Breaches, identity theft, spear phishing, etc., can cost a company millions, not to mention a loss of reputation, if critical information is stolen (or changed/destroyed). Being proactive with a layered security approach is the best practice for securing user data in the cloud, especially with the increase cyber-crime and hacking.
As more and more companies digitally transform, securing productivity, collaboration and data is imperative.
This offering brings together Office 365, Windows 10 Enterprise, and the Enterprise Mobility + Security suite into a single licensing, giving customers the most advanced technology for their employees.
Enterprise Mobility + Security will offer both an E3 and E5 version. Formerly Enterprise Mobility Suite, Enterprise Mobility + Security E3 will offer a tremendous new security value while the new Enterprise Mobility + Security E5 offering includes the latest, most advanced enterprise security, management, collaboration and analytics.
Earlier announced cloud-based security capabilities will also be included in the Secure Productive Enterprise offering including, Windows Defender Advanced Threat Protection for end point protection, Cloud App Security for controlling SaaS apps, Azure Information Protection to ensure data remains secure, and Office 365 Advanced Security Management for better visibility over your environment. Additionally, Secure Productive Enterprise will include Delve Analytics, Skype for Business PSTN conferencing and Cloud PBX, Power BI, and Advanced e-Discovery. All in one package.
Enterprise Mobility + Security
Windows 10 Enterprise
A complete and secure digital workplace.
- Core Office apps
- Mail & social
- Content management
- Meetings & voice
Innovative security in your cloud-first, mobile world.
- Access management
- Identity management
- Managed mobile productivity
- Information protection
The most trusted platform for your business.
- Powerful devices
The Secure Productive Enterprise offering is coming soon. If you have any questions or are interested in learning more give us a call today.