With Office 365, it seems common sense has finally prevailed, giving business the changes they actually want. It’s still Office, and your staff will still know exactly how to work it, but they’ll get so much more done.
1. The whole Mac/Windows drama is over
Office 365 brings with it a stack of benefits, but perhaps the most relieving is the in-built file compatibility across all platforms. No more converting (or corrupting) files back and forth, productivity black holes have essentially been eliminated.

2. It’s always ready to go
Microsoft is so confident in their cloud-based software and data storage; they’re giving a 99.9% uptime guarantee. You can even call a real life human for support.
Work online, offline or mobile – the choice is yours.
3. Security is built in
A large part of Microsoft’s uptime certainty comes from their extremely robust security protocols. Office 365 offers enterprise-grade admin controls at your end, as well as government-grade security at their end.
4. Generous data allowances
Each user gets 1TB of cloud space for file storage, which can be shared at folder or file level.
5. Work anywhere, anytime
Previously, staff needed to establish a VPN or manage security concerns which made working off-site difficult and cumbersome. Office 365 has solved that problem and working from anywhere is now easy.

6. Integrated organization

 Calendar, email and contacts are all synced and updated across multiple devices: Laptop, desktop & mobile.
7. Yours for no upfront costs
Once upon a time, updating your Office version meant paying a small fortune and half a day downtime. Office 365 changes that, with no upfront cost or installation delay.
8. Mailbox storage through the roof
Forget the days of ‘user mailbox is full’ – each user is given a whopping 50GB in a gorgeous, easy-to-use mailbox.
9. Built in malware and spam protection
Data security doesn’t stop at file storage: email is scanned for malware and spam, protecting your organization from all manner of attacks before they happen.

10. Collaboration tools and virtual meeting
Cancel your 3rd party services and bring all your collaborations into the one platform.
11. Integrated Team planning
Schedule tasks, meetings and track allocations from a top-down level to know exactly how projects are progressing.
We can help with your Office 365 migration and setup – give us a call today at 520-355-7553!

The executives of your company are the big fish in your sea. Yet cybercriminals think of them as whales. In fact, whaling is a new cybersecurity threat targeting the C-suite level.
You’ve likely heard of phishing attacks. Phishers use scam emails or spoofed websites to obtain user credentials or financial information. This might be an email that looks like it is from your bank asking you to log in and update your details, or a supposed tax alert needing immediate action.
A vishing attack is another fraudulent attempt to steal protected data, but the cybercriminals are going to use the phone to make contact. They might pretend to be a vendor needing to confirm account details for bill payment.
There’s also spear phishing. In these cases, the attackers do their homework first and target a specific company. They scour directories and employee social media to gather information to gain credibility.
Now, there are whaling attacks, too. The high-value target is a senior-level employee. The fraudster typically also impersonates one of the target’s C-suite counterparts.
What You Need to Know About Whaling
A whaling attack uses the same methods as phishing but focuses on top-level targets. The goal is to get “whales” to reveal sensitive information or transfer money to fraudsters’ accounts.
Whale attacks are intentional. Phishing can see attackers baiting hundreds of hooks to get nibbles. In whaling, information gathered in advance adds credibility to the social engineering. The target has higher value, so it’s worth their time to appear knowledgeable and make a request to and from someone important.
The sender’s email address will look convincing (e.g. from smithj@companyx.co instead of smithj@companyx.com). The messages will have corporate logos and legitimate links to the company site. Because humans want to help, the communications typically involve an urgent matter.
Whaling attacks are on the rise. In 2016, Snapchat admitted compromising employee data after receiving an email, seemingly from its CEO, asking for payroll information.
In another high-profile example, Mattel nearly transferred $3 million to a Chinese account. Company policy required two signatures, but the attackers (taking advantage of a recent shakeup) faked the new CEO’s signature. The second executive went ahead and added a signature. The only thing that saved the company was that it was a Chinese bank holiday.
Protecting Against Whale Attacks
As with phishing or vishing, the primary way to protect against whaling attacks is to question everything. Train your key staff members to guard what they share on social media. Encourage them to question any unsolicited request. If they weren’t expecting an attachment or link, they should follow up. If a request is unusual, they should trust their spidey-sense and proceed with caution.
It’s also a good idea to develop a policy for handling requests for money or personal information. By requiring that two people must always weigh in, you're more likely to catch a scam before it’s too late.
Also, train all your employees to look carefully at email addresses and sender names. They should also know to hover over links (without clicking on them) to reveal the full URL.
Security awareness is crucial. It’s also a good idea to test your employees with mock phishing emails.
Need help training employees or testing social engineering? Contact our experts today, call us at 520-355-7553.

Let’s address the (ahem …) hippo in the room. HIPAA compliance continues to be a real challenge for small and midsized businesses.
HIPAA is an acronym for the Health Insurance Portability and Accountability Act, which has very specific rules and regulations around a patient’s health information.
Larger healthcare organizations – hospitals and insurance companies – have in-house information technology teams, but smaller businesses don’t have the same depth of IT help on hand. Yet they must abide by the same rules.
Risking a HIPAA violation can be costly. Fines reach up to $50,000 US dollars per occurrence.
Common violations include:

• Keeping records unsecured. WellPoint didn’t secure an online health database and paid $1.7 million
• Not encrypting data. The Massachusetts Eye and Ear Infirmary failed to encrypt physicians’ laptops, which led to a $1.5 million fine.
• Loss or theft of devices containing personal health information (PHI). A pediatric practice in Massachusetts lost a flash drive and settled for a $150,000 fine.
• Failing to train employees in HIPAA compliance. A Walgreens in Indiana breached a single patient’s privacy and paid her $1.44 million.
• Disposing of records improperly. Affinity Health Plan paid $1.2 million after failing to erase the photocopier drives before returning them to the leasing company.
• Releasing information without authorization. Phoenix Cardiac Surgery posted a patient’s appointment on an online calendar and paid $100,000.
• Disclosing PHI to third parties who do not have access rights. A medical practice in Phoenix sent patient data over insecure email and was fined $100,000.

Tips for HIPAA Compliance
Be aware of HIPAA requirements. Smaller businesses can have a tougher time remaining up to date on technology and guidelines. But that doesn’t make them any less accountable for understanding HIPAA compliance. It’s important to do the research and get educated, or partner with an IT provider with the expertise to prevent possible violations.
Embrace encryption. If your business deals with any confidential information, encryption and firewalls are necessary. Prevent outside traffic from accessing your systems. Ensure data can’t be read if there is unauthorized access. If there is a breach, or a lost or stolen device, the HIPAA penalties are reduced if encryption is used.
Protect all your endpoints. Any mobile devices that have access to patient data need to be secured. With mobile device management, for instance, you can lock down and wipe lost or stolen devices.
Err on the side of caution. Employees gossiping over coffee in a dentist’s office could share patient information, or someone might be sending an email with unencrypted data, or a health announcement with recipient names visible. All these are HIPAA violations. Humans will make mistakes, yes, but it’s less likely if you educate about regulations and the importance of being careful.
Get a HIPAA Check-Up
HIPAA has been around since 1996. In 2005, regulators got more serious about electronic versions of PHI. Yet there are still some businesses out there with only a vague idea of what it means to be compliant.
Heavy hitters in healthcare already take HIPAA seriously. You should, too. So, you haven’t been audited yet, but that doesn’t mean you won’t be. A $50,000 HIPAA fine could make the difference in your business staying afloat another year.
HIPAA compliance is critical for many organizations. Set policies and procedures. Put in place security awareness training. Start using encryption, and assess for risks.
Be proactive with your IT management. By working with IT experts, you can stay on top of HIPAA and remain complaint. A managed services provider can assess risk, identify improvement areas, and propose new tech.
Call us at 520-355-7553 to get your IT and access management policies in healthy shape.

How to Make Computer Issues A Thing of the Past
We repair many computers and laptops each week, but unfortunately this is often ‘closing the barn door after the horse has bolted’. Computers have a habit of dying at the worst possible time – like when an important project is due tomorrow, or before you copy family photos to a backup. We’ve combined our repair services with preventative measures to ensure this doesn’t happen to you. Our managed IT services can remotely take care of all the computers in your house, protecting you against both threats and system failure.
Anti-virus always up-to-date:  While many homes have anti-virus software installed, they don’t often have the latest virus and threat definitions. These systems are at risk every minute they spend online, as the anti-virus simply will not pick up and stop an unknown threat.
New viruses and hacking threats arise every day, and there are entire companies dedicated to creating anti-virus updates to catch them. We can make sure your anti-virus definitions are always up-to-date, keeping your computer secure against even the newest viruses.
Software patches: Hackers like to spend their time figuring out new ways to break into computer systems. Software companies like Microsoft and Apple release regular patches to close these security holes. The patches are supposed to be applied automatically, but we often find that isn’t the case – patches didn’t download, were canceled or produced an error. Our services involve remotely checking that each patch has been applied successfully, and troubleshooting if required. As an added advantage, any time new features are packaged into an update, you’ll find them already installed for you.
Early failure detection: Some parts in your computer send out alarm bells when they’re about to die. Unfortunately, they’re not literal alarm bells (that would be too convenient), but information in the background that needs to be interpreted or manually checked. We can monitor these and advise repairs as required.
Data protection: Hard drives which store your information do eventually wear out, but they’re one of the parts that send out early failure warnings. We can monitor this and give you ample warning so that you have time to back up your important files. When it’s time, we’ll work with you to arrange drive replacement, making sure to either clone or re-install your operating system, whichever suits your needs best.
Tune-ups: Even the most cared for computer will slow down over time. Hard drives become cluttered, operating systems corrupt and ghosts of uninstalled programs still remain. We can remotely schedule and run a regular maintenance routine that will keep your system running in top condition and lightning speeds.
Our managed IT service happens entirely behind the scenes, so there is no disruption to your experience. You simply enjoy the benefits of having your own IT specialist team at one flat, low cost. You and your family continue to use your computer/s as normal, the only difference is problems are fixed BEFORE they happen and your system has the very best security against threats.

To Backup or To Archive? ’Tis The Question
Hamlet worried about whether to be or not. You may be more preoccupied with whether backup or archiving is better for your business. You know you need to secure your data, but how? This article examines the different benefits of both options.
Back in the day, businesses kept important information on paper. They stored important records and notes in nearby filing cabinets for easy access.
When there were too many files to close the cabinet drawers any longer, someone would do a big clean out. Older, important documents would get boxed for the basement or other storage area. They might still be needed for tax, or compliance, or other reasons. But you didn’t need those files readily accessible any longer.
A similar scenario is true of digital business data. You can back it up to recover from hardware failure, cyberattack, or disaster event. Or you might archive the data for space management and long-term retrieval.
Deciding Between Backup and Archive
When it comes to the right form of data storage you’ll need to weigh:

• the period of time you need to keep the data;
• what protections from loss or illicit access your method offers;
• whether the data can be easily restored or retrieved;
• how accessible, searchable, and quickly available the data will be;
• any industry or compliance standards that need to be met.

The backup is a copy of your data. On a regular basis you’ll make a copy of the business data to provide you with a starting point in the event of a disaster. You'll decide how often to backup based on how often the data changes and the importance of data currency.
Backing up data, an operating system, or application files, doesn't delete the originals. However, your older backup may be deleted when you make the new copy. If not, the backup can have another use. It can allow users to go back and review or recover earlier versions.
It’s not a bad idea to have several backups. We recommend the “3-2-1” backup strategy. You’ll have three copies of your business data. One would be on the cloud, the other two on different devices (e.g. on your local computer and on a backup drive).
Archiving puts a copy of business data into long-term storage. This is the data equivalent of moving that box of files to the basement. Typically, the archived version becomes the only available copy of that data.
The archives’ permanent record of data may prove useful in future legal disputes. Archived data is often tagged to enable streamlined search down the road. Moving information to archive can also improve processing speed and storage capacity.
While a backup may be overwritten, archived data is generally not altered or deleted. In fact, it’s often physically disconnected from the computer or network. So, you’ll turn to a backup to restore your data if necessary, and to archives to retrieve information data.
Key Takeaway
Both backup and archive can prove useful. It’s not going to happen every day, but entire digital archives can be lost if a server is drowned by a flash flood. All the paper backups can be burnt to cinders in an electrical fire. That external hard drive could be stolen or crushed by falling debris in a hurricane.
It’s best to avoid having a single point of failure. Both backing up and archiving business data is a smart precaution. Ensure business continuity by preparing for the worst. Our computer experts can help you backup, archive, or both. Start securing your business data with our support today! Call us at 520-355-7553.

The new year can mean resolutions and promises for a “new you.” One way to start this year feeling more in control is to clean up your computer. Follow these simple steps!
Tackle the inbox
We do a lot of shopping at the end of the year. Whether you shop online or in stores, you’re asked to provide your email address when you buy, which multiplies the number of mailing lists you’re on. Don’t start the new year deluged by unwanted newsletters and advertising emails.
The extra messages in your inbox distract you from the messages that matter. Instead of deleting every new unread message from “Let’s Make Cookies,” click on one and unsubscribe. Usually, there’s a link that lets you do this at the bottom of the email. If you’re a Gmail user, start your effort to cut down on unwanted mail in your Promotions tab. Google’s algorithm sends sales pitches here, so cut messages from this section first.
Clear bookmarks
The internet is built for browsing. We’ve all lost hours to clicking and linking in this vortex of information. “Wait. How did I end up here looking at kittens eating cupcakes?!” To make things easier, we’ll bookmark sites we visit often or put a page we want to return to on a reading list.
By the end of the year, we have marked many sites that we don’t even remember favoriting in the first place. “When was I interested in this?” Getting rid of any bookmarks for passing interests can help you navigate the Web better this year.
In Google Chrome, click on the three dots in the upper-right of your browser window (to the left of your profile icon). The drop-down menu will have a Bookmarks option. Click on this to see another drop-down menu with Bookmark Manager on it. On the next screen every one of your bookmarks will have three dots beside it. Click on this to select the delete option, and get rid of the ones you don’t need any longer.
Safari users can click on Bookmarks on the top menu or the sidebar icon on the tool bar (to the right of the arrows on the left). Then edit your bookmarks by clicking on sites you no longer want and hitting your delete button.
Sort through downloads
We also download a lot of stuff in a year. Sometimes, because we’re impatient or don’t realize we’ve already hit download, we get multiple copies of the same file! A full download folder takes up storage space on your computer and can slow your computer down.
On a Mac, go to the Finder and click on Downloads on the “Go” drop-down menu. You’ll find a folder filled with .pdfs, .docs, and .jpegs you long forgot about. Click on those you don’t need any more and drag them to your trash can.
On Windows, you can usually go to the “This PC” icon and then the “Downloads” Folder. Right-click on the files you don’t want, and choose “Delete.”
Empty trash/recycling bins
Items you put in the trash or recycling bins at home take up space until you take those bins to the curb or the dump, and the same is true of your computer trash or recycling. Empty these bins by selecting “empty trash” on your Mac Finder menu, or “empty recycle bin” after clicking on the bin icon in Windows 10.
Remove unused programs/apps - If you’re not using a program or app, don’t give it computer space. On a Mac, you can click on the icon for that program and drag it to the Trash. With Windows, you’ll open the Start menu, click on Settings, then System, then Apps and Features from the left pane to select what you want to uninstall. Click the uninstall button, and you’ve decluttered your computer that little bit more for the new year. If you need help with any of these streamlining measures, let us know. We can help! Call 520-355-7553.

Small business owners are proud of getting everything done with few people. Every team member wears many hats. They are part of a family, devoted to the firm’s success. But that doesn’t make them qualified to handle IT. Really, you’re never too small to outsource your technology needs.
A small business may only have a few computers for its handful of employees. Having an in-house person dedicated to IT support would be overkill. But just because the technology is working fine today doesn’t mean your IT is performing at its best. That’s why it can be beneficial to outsource IT.
Having someone who knows technology working for your team can pay huge dividends. Your outsourcing partner will add value by:

• helping you avoid bad tech purchases or buying software you don’t need;
• identifying where you can be more efficient with tools you already have, which can save money;
• providing knowledgeable support and IT help;
• learning business needs and making recommendations about the best IT for your goals;
• protecting your business technology and ensuring computers are up to date with security patches.

Small Business Breaches
Cybercriminals don’t care about business size. In fact, according to Accenture, 43% of cyberattacks were aimed at small businesses, and only 14% of the SMBs were prepared for defending their networks and sensitive data.
In fact, a small business can be a particularly appealing target. Hackers will exploit a small business as part of a campaign to attack a larger business. They know the SMB is less likely to have the same level of security as the bigger target in their sights.
Accenture’s 2019 study found that more than half of all small businesses had suffered a breach in the last year. These attacks can be crippling for SMBs. According to insurance carrier Hiscox, the average cyberattack costs a business $200,000. That figure can be a killer blow for a small business. Some 60% of SMBs hacked go out of business within six months of the attack. Even if they can survive the financial hit, damage to brand reputation and customer goodwill is devastating.
Advantages of Outsourcing
You may not have a clear picture of your cybersecurity status right now, but by working with a managed services provider (MSP) you’ll get one. Your partner will conduct an informal audit of your current technology and learn your short- and long-term goals.
Your small business, for instance, may not have a data protection procedure. You might be thinking you don’t have a lot to backup and store. But the quantity may not be the primary concern. Can you recover if your business loses an email chain it was keeping for legal or compliance reasons? What would happen if the computer holding your accounting database died? An MSP can identify where tech changes can better ensure business continuity.
When you outsource, your partner will also inventory all your tech assets. They’ll need to know everything about your infrastructure and your business’s technology capabilities. Your current team may recognize the importance of securing the business’s intellectual property, but are they also protecting customer data and employee records? Your business needs to be intentional about confidentiality, availability, and safety. An MSP can help.
The cost of outsourcing is often a stumbling block for the budget-conscious SMB. Managed IT services can often lower costs for clients by streamlining processes, managing vendor relationships, and ensuring that the business technology is best suited to current needs. And you'll pay a fixed regular fee for a technology team member who will help you avoid big, costly tech surprises.
No business is too small to outsource IT. Having access to a full-time IT professional via a managed service provider can improve your operations, enhance productivity, and lower cybersecurity risk.
Find out more about what we can do for you! Call us at 520-355-7553.

Does Dropbox Make Sense For Your Business?
It seems so easy! Drag your files into a Dropbox folder and you’ve got yourself a file sharing system that brings your business in line with modern expectations. But then again, maybe not.
Dropbox has grown to become one of the main file sharing and cloud storage solutions of choice, with a core simplicity that’s hard to deny. But for business, that simplicity comes with a catch.  In some cases, sticking with the familiar blue box can provide good value, and of course, it never hurts when your staff already know how to use your software. In other cases, you’ll need to consider alternatives designed to meet your needs more explicitly.
When Dropbox is a Good Choice
Micro-sized: If your business is small with no more than a handful of employees (or none);
No sensitive information: This includes accounts, customer details, vendor, staff or proprietary data; plus
Nobody ever accidentally deletes anything: Dropbox is a syncing service, which means when a file is deleted, it deletes it from all machines. While the file is recoverable from the Dropbox website within 30 days, by the time you notice it's missing, it might be too late.
If you’re thinking those attributes sound more like a fictional business, you’re not far off.    Somehow, Dropbox’s popularity in the consumer sphere has snuck into business environments, despite the risks.  Key among these is the fact that Dropbox is designed for syncing, NOT backup. This means while your data is sprawling across all connected devices, it’s a mirror of the source only – when you delete or change the original file, the Dropbox version immediately syncs with it.  In some cases, this can spread malware between your connected devices and put all of them at risk.
Your business also misses out on important security controls, such as user-level access control and password protected links. Rather like a free-for-all, the shared files are sitting there available to anyone with either a connected device or an insecure web link. You’ll also miss collaborative editing, losing out in productivity and data resilience as multiple employees overwrite each other simultaneously, with no record of who even opened the file, let alone changed it.
If Dropbox makes sense for your business, there’s no reason to change. But if it’s clearly not a good choice for you, there are multiple corporate grade syncing solutions. These are designed for business with security, encryption and collaboration controls built in. Rather than the easiest solution which may pose a risk to your business and digital security, consider implementing a salable solution that meets all your needs.

Ransomware
This is the recent heavy hitter, the one we are all hearing about. In a nutshell, ransomware encrypts all your data, holding it hostage until a ransom is paid, usually in the form of bitcoin, to an untraceable wallet. We NEVER recommend paying the ransom, since you should have good backups in place. Once ransomware hits, it is IMPOSSIBLE to tell if any confidential data was stolen or if any backdoor access was allowed. If you are hit, wipe everything out, and pull from backups. This also falls under data breach, so you should inform the parties involved.

​Data Breach
This is a bad one, but easier to track down whether or not confidential data was stolen. Data breaches can consist of different types of hacks, but it's worth talking about on its own. If you have a data breach, you must notify your customers and any compliance organization you must follow, like HIPAA. If you have a data breach, the first thing to do is secure the entry point of the breach. Usually, it's less technical than you think. Some data breaches come from physical stolen computers/phones/server, and some come from disgruntled employees. Keeping track of access logs will allow you to figure out what happened. 

Email Hacks
These are simple, sometimes more annoying than anything. Email hacks fall under the phishing category. We'll talk about that more in another post. Email hacks are easy to identify, easy to stop, but can cause real problems. Remember when you got that spam email from a client, business, or friend? They probably got hacked and their email is sending out garbage and spam in an effort to hack others. ​

Password Management
If you are still saving passwords in a word doc or on sticky notes, STOP NOW!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
Using a free password manager like LastPass or Bitwarden (our favorite) allows you to safely store all your passwords. This comes to point 2, you should NEVER reuse passwords. This is how the most recent hack on 400 dental offices came about-a management company reused a password and forgot the account was there. Using a password manager means you don't have to remember all those passwords you create. It will keep track of them, log you in, etc all without racking your brain over complex passwords. Also, changing your passwords every 90 days makes sure leaked passwords are unusable. 

2 Factor Authentication 
Another very easy one, 2 factor involves sending a text or entering a random code when you sign in. This means that someone singing in from an unknown location won't be able to get past unless you give them the random code. This means you must always have your mobile or other trusted device with you, but it is an EASY and HIGHLY secure way to prevent hacking. We recommend you go turn it on right now on everything you can. 

Phishing Training
Clicking on bad links on email is the # 1-way hacks start. Training staff is an easy and cost-effective way to stop hacks before they even get past the email. Most phishing emails are easy to spot, and if your service provider gives you an advanced spam filter, you may never even see them. Training staff on what to look for may save your business from disaster and expensive recovery.