Skip to main content
Alpha IT Solutions | 02 8071 4180 | Unit 2, 141 Hartley Road, Smeaton Grange, NSW, 2567

Author: Emily Douglas

Change Management Basics for Technology

Change produces stress in technology environments and among those who implement or are affected by the change. This is why change management is so critical for successful implementation.

Change management is an approach that deals with the change or transformation of organizational processes, objectives and technologies. The goal of change management is to find strategies to implement and govern transformation while also assisting people in getting accustomed to it.

Applying change management best practices can enable your organization, regardless of size or industry, to scale and adapt to changing market conditions without losing key team players.

Five elements of effective change management for technology refreshes

1. Identify

Most change management strategies recognize that identifying what to improve creates a solid foundation for clarity, ease of execution and success.

Since most changes are made to improve a process, a technology or a result, identifying the objective and clarifying goals is crucial. This also involves selecting the resources and individuals capable of facilitating and leading the initiative.

Start by asking the following questions to gain a better understanding of your core mission:

  • What are you changing?
  • Why is this change occurring?
  • Which systems and processes might be affected?
  • How would this affect employees, customers and others?

2. Evaluate

Change evaluation attempts to analyze crucial transformations before letting those changes integrate into usual operations.

Here are a few suggestions for the evaluation stage:

  • Examine technology mapping and dependencies to ensure you understand the implications of pulling specific systems offline for updates.
  • If the failover* operation isn’t an option, assess peak usage for all affected users to ensure that system downtime isn’t scheduled during peak usage times.
  • Determine the processes that need to be modified as well as the individuals who oversee them.
  • Define how various internal and external user groups will be affected.

* The capability to switch to a reliable backup system instantly and seamlessly is known as failover.

3. Manage

These are the areas that require your attention:

  • Seek an executive sponsor to propel your project forward and hold you accountable for deviation from your objectives.
  • Before detailing your change management strategy, meet with appropriate team leaders to discuss your plan and solicit their views.
  • List and connect with relevant process owners and provide them with implementation deadlines.
  • Know which platforms and technologies will be affected by upcoming changes. Remember to gather emergency contacts to tackle unforeseen mishaps.

4. Create

After completing the previous steps, create a change management strategy and draft an expected implementation timeframe.

The change management strategy you create must be comprehensive to act as a roadmap defining the concrete steps your organization will have to take to implement the change management process. This is crucial to avoid disrupting workflows and assist your team in navigating this change.

5. Implement

Once all key stakeholders have approved the change management strategy, it’s time to put the changes into effect. This frequently requires cross-team collaboration and, on occasion, the support of third parties such as technology suppliers, consultants or a managed service provider (MSP).

Microsoft Productivity Score Overview

Productivity can be challenging to track, no matter where employees are working. How do you know they’re using their tools as effectively as possible? How can you enable them to adopt best practices?

These are questions that managers often ask themselves. If they’re looking at the wrong things, it can get in the way of empowering their team. For example, you can’t grade productivity simply by “clock in/clock out” times.

In today’s hybrid and mobile offices, the value and work product an employee brings is a better gauge. But you also must look at what may be getting in the way of great employees doing great work.

Technology tools can slow down dedicated workers if they’re not familiar with them. Employees may be doing things the way they always have been, and not realize there is a better way. A faster way.

But productivity can be a tricky area to address. You don’t want to invade a remote employee’s privacy by tracking their every keystroke. Nor would that likely help with positive forward motion.

What’s the answer?

If your company uses Microsoft 365 then you have a tool you can use to find nuggets of productivity gold. This tool is Microsoft Productivity Score.

What Does Microsoft Productivity Score Do?

Microsoft Productivity Score looks at some core areas of your employees’ workflow. It also looks at them in aggregate. Because it’s looking at your team as a whole, you avoid issues with employees feeling personally spied on.

The tool gives you helpful insights that you can share with your staff. These insights help to boost their performance. It also includes hardware-related information. You can use this to see if your company tools are holding people back.

MS Productivity Score looks at the following areas.

People Experiences

This category looks at how people work. Are they using best practices for collaboration or are they doing things the hard way? Do meetings go on forever? Are employees still emailing attachments instead of using shared cloud storage links?

One example of an insight from this category is as follows. Each employee can save an average of 100 minutes per week by collaborating with online files. Productivity Score can show you where your team stands in this metric, and many others.

Saving 100 minutes per week is equal to approximately 86.6 hours per year. That’s over 2 full workweeks!

People experiences
All Productivity Score images are from Microsoft.

The subcategories within people experiences are:

  • Communication
  • Content collaboration
  • Mobility
  • Meetings
  • Teamwork

Technology Experiences

Technology experiences look at the health and performance of your devices. Do you have hardware and software on endpoints that are causing issues? Is it slowing your team down? Are there network connectivity problems? Are apps updated as they should be?

This category will look at the technology that your team works with and let you know of any risk areas. When technology is not functioning well or isn’t secure, it can slow your business down.

You’ll find these three subcategories in the technology experiences area:

  • Endpoint analytics (You need Intune for these)
  • Network connectivity
  • Microsoft 365 apps health

Special Reports

Besides the people and technology experiences, there is more. Microsoft Productivity Score has a special reports area. It provides details on business continuity.

This report can show you how employee collaboration and other activities are changing. It looks at these as your company goes through transitions. Such as when you transition to remote working or back to in-office work. This report tells you how these changes impact your team’s productivity.

Special-reports

How Productivity Score Helps Your Company

Automatic Metrics Tracking

Microsoft Productivity Score tracks your team’s use of Microsoft 365 applications automatically. It then will provide you with helpful information on how staff use their digital tools.

These metrics give you a good picture of whether employees are using best practices. Often, they simply need guidance to learn a more efficient way of doing something.

Insights to Understand the Data

The tool provides you with helpful insights to understand the data. You won’t only get the metrics; you’ll get the context. This allows you to educate yourself. Then you can educate your employees on things that improve workflow and save time.

For example, getting a response quickly to a question saves time. But you may not realize that using @mentions can help achieve that. Productivity Score will tell you how many people use @mentions in team communications. And also, how much this increases the response rate.

Insights to understand the Data

Recommended Actions to Take

The third piece of guidance you gain is what to do about the information. Productivity Score will give you actionable recommendations to improve a metric. This helps you to improve productivity.

The combination of the metric, insight, and recommendation make this a comprehensive tool.

Would You Like to Get Started with Microsoft Productivity Score?

We can help you get your organization started with this great tool. And provide solutions to increase company productivity. Give us a call and let’s chat!


Featured Image Credit

This Article has been Republished with Permission from The Technology Press.

Helpful Tips for Keeping Your Shared Cloud Storage Organized

Cloud file storage revolutionized the way we handle documents. No more having to email files back and forth. No more wondering which person in the office has the most recent copy of a document.

Between 2015 and 2022, the percentage of worldwide corporate data stored in the cloud doubled. It went from 30% to 60%. A majority of organizations use cloud storage of some type. Typical services include OneDrive, Google Drive, Dropbox, and others.

But just like the storage on your computer’s hard drive, cloud storage can also get messy. Files get saved in the wrong place and duplicate folders get created. When employees are sharing the same cloud space it’s hard to keep things organized. Storage can be difficult to keep efficient.

Disorganized cloud storage systems lead to problems. This includes having a hard time finding files. As well as spending a lot of extra time finding needed documents. It’s estimated that 50% of office workers spend more time looking for files than they do actually working

Has your office been suffering from messy cloud storage? Does it seem to get harder and harder to find what you need? Review the tips below. They include several ways to tidy up shared cloud storage spaces and save time.

Use a Universal Folder Naming Structure

One person in an office might choose to name a folder by client name. Another person might use the type of industry. When people use different naming structures for folders, it’s harder for everyone. They often can’t find what they need. It also leads to the creation of duplicate folders for the same thing.

Use a universal folder naming structure that everyone follows. Map out the hierarchy of folders and how to name each thing. For example, you might have “departments” as an outer folder and nest “projects” inside.

With everyone using the same naming system, it will be easier for everyone to find things. You also reduce the risk of having duplicate folders.

Keep File Structure to 2-3 Folders Deep

When you have too many folders nested, it can take forever to find a file. You feel like you must click down one rabbit hole after another. When people need to click into several folders, it discourages them from saving a file in the right place.

To avoid this issue, keep your file structure only two to three folders deep. This makes files easier to find and keeps your cloud storage more usable.

Don’t Create Folders for Fewer Than 10 Files

The more folders people have to click into to find a document, the more time it takes. Folders can quickly add up as employees create them, not knowing where a file should go.

Use a rule for your cloud storage that restricts folder creation to 10 files or more. This avoids having tons of folders with less than a handful of files in them. Have someone that can act as a storage administrator as well. This can then be the person someone asks if they’re not sure where to store a file.

Promote the Slogan “Take Time to Save It Right”

File storage can get disorganized fast when people save files to a general folder. We’re all guilty from time to time of saving to something general, like the desktop on a PC. We tell ourselves that we’ll go back at some point and move the file where it should be.

This issue multiplies when you have many people sharing the same cloud storage space. Files that aren’t where they belong add up fast. This makes it harder for everyone to find things.

Promote the slogan “take time to save it right” among the staff. This means that they should take the extra few seconds to navigate where the file should be to save it. This keeps things from getting unmanageable. If you use a file structure that’s only 2-3 folders deep, then this should be easier for everyone to abide by.

Use Folder Tags or Colors for Easier Recognition

Many cloud file systems allow you to use color tagging on folders. Using this can make a folder or group of folders instantly recognizable. This reduces the time it takes to find and store files.

For example, you could color all folders dealing with sales as green. Folders for marketing could be orange, and so on. The brain can make the connection to a topic faster when you look at a color than when reading through text,

Declutter & Archive Regularly

Files get created at a dizzying pace these days. The more files you add to a cloud storage system, the harder it is to sort through to find what you need. This is true even if the file storage is well organized.

Keep older files from making it harder to find new ones. Do this by decluttering and archiving on a regular basis. This involves having an admin delete any unnecessary files once per month. For example, duplicate files or old draft versions of a document.

You should also have an archiving system in place that puts all older files in one big archive folder. This keeps files that aren’t actively used any longer out of the main file path.

Come to Us for Efficient Cloud Solutions

Is your cloud storage doing what you need it to do? Do you have a disconnection between cloud storage and your other apps? We can help. Reach out and let’s chat.


Featured Image Credit

This Article has been Republished with Permission from The Technology Press.

6 Important IT Policies Any Size Company Should Implement

Many small businesses make the mistake of skipping policies. They feel that things don’t need to be so formal. They’ll just tell staff what’s expected when it comes up and think that’s good enough.

But this way of thinking can cause issues for small and mid-sized business owners. Employees aren’t mind readers. Things that you think are obvious, might not be to them.

Not having policies can also leave you in poor legal standing should a problem occur. Such as a lawsuit due to misuse of a company device or email account.

Did you know that 77% of employees access their social media accounts while at work? Further, 19% of them average 1 full working hour a day spent on social media. In some cases, employees are ignoring a company policy. But in others, there is no specific policy for them to follow.

IT policies are an important part of your IT security and technology management. So, no matter what size your business is, you should have them. We’ll get you started with some of the most important IT policies your company should have in place.

Do You Have These IT Policies? (If Not, You Should)

Password Security Policy

About 77% of all cloud data breaches originate from compromised passwords. Compromised credentials are also now the number one cause of data breaches globally.

A password security policy will lay out for your team how to handle their login passwords. It should include things like:

  • How long passwords should be
  • How to construct passwords (e.g., using at least one number and symbol)
  • Where and how to store passwords
  • The use of multi-factor authentication (if it’s required)
  • How often to change passwords

Acceptable Use Policy (AUP)

The Acceptable Use Policy is an overarching policy. It includes how to properly use technology and data in your organization. This policy will govern things like device security. For example, you may need employees to keep devices updated. If this is the case, You should include that in this policy.

Another thing to include in your AUP would be where it is acceptable to use company devices. You may also restrict remote employees from sharing work devices with family members.

Data is another area of the AUP. It should dictate how to store and handle data. The policy might require an encrypted environment for security.

Cloud & App Use Policy

The use of unauthorized cloud applications by employees has become a big problem. It’s estimated that the use of this “shadow IT” ranges from 30% to 60% of a company’s cloud use.

Often, employees use cloud apps on their own because they don’t know any better. They don’t realize that using unapproved cloud tools for company data is a major security risk.

A cloud and app use policy will tell employees what cloud and mobile apps are okay to use for business data. It should restrict the use of unapproved applications. It should also provide a way to suggest apps that would enhance productivity.

Bring Your Own Device (BYOD) Policy

Approximately 83% of companies use a BYOD approach for employee mobile use. Allowing employees to use their own smartphones for work saves companies money. It can also be more convenient for employees because they don’t need to carry around a second device.

But if you don’t have a policy that dictates the use of BYOD, there can be security and other issues. Employee devices may be vulnerable to attack if the operating system isn’t updated. There can also be confusion about compensation for the use of personal devices at work.

The BYOD policy clarifies the use of employee devices for business. Including the required security of those devices. It may also note the required installation of an endpoint management app. It should also cover compensation for business use of personal devices.

Wi-Fi Use Policy

Public Wi-Fi is an issue when it comes to cybersecurity. 61% of surveyed companies say employees connect to public Wi-Fi from company-owned devices.

Many employees won’t think twice about logging in to a company app or email account. Even when on a public internet connection. This could expose those credentials and lead to a breach of your company network.

Your Wi-Fi use policy will explain how employees are to ensure they have safe connections. It may dictate the use of a company VPN. Your policy may also restrict the activities employees can do when on public Wi-Fi. Such as not entering passwords or payment card details into a form.

Social Media Use Policy

With social media use at work so common, it’s important to address it. Otherwise, endless scrolling and posting could steal hours of productivity every week.

Include details in your social media policy, such as:

  • Restricting when employees can access personal social media
  • Restricting what employees can post about the company
  • Noting “safe selfie zones” or facility areas that are not okay for public images

Get Help Improving Your IT Policy Documentation & Security

We can help your organization address IT policy deficiencies and security issues. Reach out today to schedule a consultation to get started.


Featured Image Credit

This Article has been Republished with Permission from The Technology Press.

How Often Do You Need to Train Employees on Cybersecurity Awareness?

You’ve completed your annual phishing training. This includes teaching employees how to spot phishing emails. You’re feeling good about it. That is until about 5-6 months later. Your company suffers a costly ransomware infection due to a click on a phishing link.

You wonder why you seem to need to train on the same information every year. But you still suffer from security incidents. The problem is that you’re not training your employees often enough.

People can’t change behaviors if training isn’t reinforced. They can also easily forget what they’ve learned after several months go by.

So, how often is often enough to improve your team’s cybersecurity awareness? It turns out that training every four months is the “sweet spot.” This is when you see more consistent results in your IT security.

Why Is Cybersecurity Awareness Training Each 4-Months Recommended?

So, where does this four-month recommendation come from? There was a study presented at the USENIX SOUPS security conference recently. It looked at users’ ability to detect phishing emails versus training frequency. It looked at training on phishing awareness and IT security.

Employees took phishing identification tests at several different time increments:

  • 4-months
  • 6-months
  • 8-months
  • 10-months
  • 12-months

The study found that four months after their training scores were good. Employees were still able to accurately identify and avoid clicking on phishing emails. But after 6-months, their scores started to get worse. Scores continued to decline the more months that passed after their initial training.

To keep employees well prepared, they need training and refreshers on security awareness. This will help them to act as a positive agent in your cybersecurity strategy.

Tips on What & How to Train Employees to Develop a Cybersecure Culture

The gold standard for security awareness training is to develop a cybersecure culture. This is one where everyone is cognizant of the need to protect sensitive data. As well as avoid phishing scams, and keep passwords secured.

This is not the case in most organizations, According to the 2021 Sophos Threat Report. One of the biggest threats to network security is a lack of good security practices.

The report states the following,

“A lack of attention to one or more aspects of basic security hygiene has been found to be at the root cause of many of the most damaging attacks we’ve investigated.”

Well-trained employees significantly reduce a company’s risk. They reduce the chance of falling victim to any number of different online attacks. To be well-trained doesn’t mean you have to conduct a long day of cybersecurity training. It’s better to mix up the delivery methods.

Here are some examples of engaging ways to train employees on cybersecurity. You can include these in your training plan:

  • Self-service videos that get emailed once per month
  • Team-based roundtable discussions
  • Security “Tip of the Week” in company newsletters or messaging channels
  • Training session given by an IT professional
  • Simulated phishing tests
  • Cybersecurity posters
  • Celebrate Cybersecurity Awareness Month in October

When conducting training, phishing is a big topic to cover, but it’s not the only one. Here are some important topics that you want to include in your mix of awareness training.

Phishing by Email, Text & Social Media

Email phishing is still the most prevalent form. But SMS phishing (“smishing”) and phishing over social media are both growing. Employees must know what these look like, so they can avoid falling for these sinister scams.

Credential & Password Security

Many businesses have moved most of their data and processes to cloud-based platforms. This has led to a steep increase in credential theft because it’s the easiest way to breach SaaS cloud tools.

Credential theft is now the #1 cause of data breaches globally. This makes it a topic that is critical to address with your team. Discuss the need to keep passwords secure and the use of strong passwords. Also, help them learn tools like a business password manager.

Mobile Device Security

Mobile devices are now used for a large part of the workload in a typical office. They’re handy for reading and replying to an email from anywhere. Most companies will not even consider using software these days if it doesn’t have a great mobile app.

Review security needs for employee devices that access business data and apps. Such as securing the phone with a passcode and keeping it properly updated.

Data Security

Data privacy regulations are something else that has been rising over the years. Most companies have more than one data privacy regulation requiring compliance.

Train employees on proper data handling and security procedures. This reduces the risk you’ll fall victim to a data leak or breach that can end up in a costly compliance penalty.

Need Help Keeping Your Team Trained on Cybersecurity?

Take training off your plate and train your team with cybersecurity professionals. We can help you with an engaging training program. One that helps your team change their behaviors to improve cyber hygiene.


Featured Image Credit

This Article has been Republished with Permission from The Technology Press.

6 Discontinued Technology Tools You Should Not Be Using Any Longer

One constant about technology is that it changes rapidly. Tools that were once staples, like Internet Explorer and Adobe Flash, age out. New tools replace those that are obsolete. Discontinued technology can leave computers and networks vulnerable to attacks.

While older technology may still run fine on your systems that doesn’t mean that it’s okay to use. One of the biggest dangers of using outdated technology is that it can lead to a data breach.

Outdated software and hardware no longer receive vital security updates. Updates often patch newly found and exploited system vulnerabilities. No security patches means a device is a sitting duck for a cybersecurity breach.

Approximately 1 in 3 data breaches are due to unpatched system vulnerabilities.

Another problem with using discontinued technology is that it can leave you behind. Your business can end up looking like you’re in the stone ages to your customers, and they can lose faith and trust.

Important reasons to keep your technology updated to a supported version are:

  • Reduce the risk of a data breach or malware infection
  • Meet data privacy compliance requirements
  • To keep a good reputation and foster customer trust
  • To be competitive in your market
  • To mitigate hardware and software compatibility issues
  • To enable employee productivity

Older systems are clunky and get in the way of employee productivity. If you keep these older systems in use, it can lead to the loss of good team members due to frustration.

49% of surveyed workers say they would consider leaving their jobs due to poor technology.

Following is a list of outdated technology tools that you should replace as soon as possible. Are any of these still in use on your home computer or within your business?

Get Rid of This Tech Now If You’re Still Using It

Internet Explorer

Many moons ago, Internet Explorer (IE) used to be the number one browser in the world. But, over time, Google Chrome and other browsers edged it out. Including its replacement, Microsoft Edge.

Microsoft began phasing out IE with the introduction of Microsoft Edge in 2015. In recent years, fewer applications have been supporting use in IE. The browser loses all support beginning on June 15, 2022.

Adobe Flash

Millions of websites used Adobe Flash in the early 2000s. But other tools can now do the animations and other neat things Flash could do. This made the tool obsolete, and Adobe ended it.

The Adobe Flash Player lost all support, including security updates, as of January 1, 2021. Do you still have this lingering on any of your computers? If so, you should uninstall the browser plugin and any Flash software.

Windows 7 and Earlier

Windows 7 was a very popular operating system, but it’s now gone the way of the dinosaur. Replacements, Windows 10 and Windows 11 are now in widespread use. The Windows 7 OS lost support on January 14, 2020.

While it may still technically run, it’s very vulnerable to hacks. Microsoft Windows OS is also a high-value target for hackers. So, you can be sure they are out there looking for systems still running this obsolete version of Windows.

macOS 10.14 Mojave and Earlier

Because of the cost of iMacs and MacBooks, people tend to hang onto them as long as possible. Once these devices get to a certain point, updates no longer work. This leaves the hardware stuck on an older and non-supported macOS version.

If you are running macOS 10.14 Mojave or earlier, then your OS is no longer supported by Apple, and you need to upgrade.

Oracle 18c Database

If your business uses Oracle databases, then you may want to check your current version. If you are running the Oracle 18C Database, then you are vulnerable. Breaches can easily happen due to unpatched system vulnerabilities.

The Oracle 18C Database lost all support in June of 2021. If you have upgraded, then you’ll want to keep an eye out for another upcoming end-of-support date. Both Oracle 19C and 21C will lose premiere support in April of 2024.

Microsoft SQL Server 2014

Another popular database tool is Microsoft’s SQL. If you are using SQL Server 2014, then mainstream support has already ended. And in July of 2024, all support, including security updates will stop.

This gives you a little more time to upgrade before you’re in danger of not getting security patches. But it is better to upgrade sooner rather than later. This leaves plenty of time for testing and verification of the upgrade.

Get Help Upgrading Your Technology & Reducing Risk

Upgrades can be scary, especially if everything has been running great. You may be afraid that a migration or upgrade will cause issues. We can help you upgrade your technology smoothly and do thorough testing afterward. Schedule a technology review today.


Featured Image Credit

This Article has been Republished with Permission from The Technology Press.

You Need to Watch Out for Reply-Chain Phishing Attacks

Phishing. It seems you can’t read an article on cybersecurity without it coming up. That’s because phishing is still the number one delivery vehicle for cyberattacks.

A cybercriminal may want to steal employee login credentials. Or wish to launch a ransomware attack for a payout. Or possibly plant spyware to steal sensitive info. Sending a phishing email can do them all

80% of surveyed security professionals say that phishing campaigns have significantly increased post-pandemic.

Phishing not only continues to work, but it’s also increasing in volume due to the move to remote teams. Many employees are now working from home. They don’t have the same network protections they had when working at the office.

Why has phishing continued to work so well after all these years? Aren’t people finally learning what phishing looks like?

It’s true that people are generally more aware of phishing emails and how to spot them than a decade ago. But it’s also true that these emails are becoming harder to spot as scammers evolve their tactics.

One of the newest tactics is particularly hard to detect. It is the reply-chain phishing attack.

What is a Reply-Chain Phishing Attack?

Just about everyone is familiar with reply chains in email. An email is copied to one or more people, one replies, and that reply sits at the bottom of the new message. Then another person chimes in on the conversation, replying to the same email.

Soon, you have a chain of email replies on a particular topic. It lists each reply one under the other so everyone can follow the conversation.

You don’t expect a phishing email tucked inside that ongoing email conversation. Most people are expecting phishing to come in as a new message, not a message included in an ongoing reply chain.

The reply-chain phishing attack is particularly insidious because it does exactly that. It inserts a convincing phishing email in the ongoing thread of an email reply chain.

How Does a Hacker Gain Access to the Reply Chain?

How does a hacker gain access to the reply chain conversation? By hacking the email account of one of those people copied on the email chain.

The hacker can email from an email address that the other recipients recognize and trust. They also gain the benefit of reading down through the chain of replies. This enables them to craft a response that looks like it fits.

For example, they may see that everyone has been weighing in on a new product idea for a product called Superbug. So, they send a reply that says, “I’ve drafted up some thoughts on the new Superbug product, here’s a link to see them.”

The link will go to a malicious phishing site. The site might infect a visitor’s system with malware or present a form to steal more login credentials.

The reply won’t seem like a phishing email at all. It will be convincing because:

  • It comes from an email address of a colleague. This address has already been participating in the email conversation.
  • It may sound natural and reference items in the discussion.
  • It may use personalization. The email can call others by the names the hacker has seen in the reply chain.

Business Email Compromise is Increasing

Business email compromise (BEC) is so common that it now has its own acronym. Weak and unsecured passwords lead to email breaches. So do data breaches that reveal databases full of user logins. Both are contributors to how common BEC is becoming.

In 2021, 77% of organizations saw business email compromise attacks. This is up from 65% the year before.

Credential theft has become the main cause of data breaches globally. So, there is a pretty good chance of a compromise of one of your company’s email accounts at some point.

The reply-chain phishing attack is one of the ways that hackers turn that BEC into money. They either use it to plant ransomware or other malware or to steal sensitive data to sell on the Dark Web.

Tips for Addressing Reply-Chain Phishing

Here are some ways that you can lessen the risk of reply-chain phishing in your organization:

  • Use a Business Password Manager:

This reduces the risk that employees will reuse passwords across many apps. It also keeps them from using weak passwords since they won’t need to remember them anymore.

  • Put Multi-Factor Controls on Email Accounts:

Present a system challenge (question or required code). Using this for email logins from a strange IP address can stop account compromise.

  • Teach Employees to be Aware:

Awareness is a big part of catching anything that might be slightly “off” in an email reply. Many attackers do make mistakes.

How Strong Are Your Email Account Protections?

Do you have enough protection in place on your business email accounts to prevent a breach? Let us know if you’d like some help! We have email security solutions that can keep you better protected.


Featured Image Credit

This Article has been Republished with Permission from The Technology Press.

Where We Service

Alpha IT Solutions is an Australian based and family operated business, we support the Sydney or metropolitan area of New South Wales. We look forward to discussing your computer support, maintenance, and service needs.