When small- and medium-sized businesses expand, they need tools that can support their growth. For many, this includes cloud productivity software and managed IT services. And if you need tools for accounting, project planning, supply chain management, and sales, there’s enterprise resource planning (ERP) software.

What is ERP?
Simply put, ERP software integrates various aspects of your business — from accounting and human resources to production and sales — into one system where you can easily manage tasks and process data.

The key feature of any ERP system is a central database that gives users a complete summary of financials, sales figures, and other important metrics. In practice, this means employees in different departments can rely on the same information without your having to reenter that information into a different database.

But simplicity is only one of many benefits.

Enhanced reporting
With business information consolidated in one location, you can generate comprehensive reports and analytics at any time.

One of the most popular uses for this feature is financial reporting. General ledgers, revenue recognition, and tax reporting functionality are built into most ERP software solutions, allowing you to balance the books in seconds.

In addition to this, ERP systems come equipped with business intelligence features that provide intuitive analysis into your operations and forecast the growth of your company. This helps you and other executives find fresh business opportunities and make better-informed decisions.

Better customer service
Access to up-to-date business information also makes it easy to provide high-quality customer service. Suppose a customer inquired whether or not an item was still in stock. Rather than wasting five minutes asking your supply manager, who then checks his or her own records, representatives can access the ERP database to provide the customer with information in half the time.

Simplified compliance
Until recently, most organizations were forced to rely on impractical spreadsheets and manual processes to meet compliance requirements; but with ERP, you can easily and consistently achieve this.

ERP software generally comes with audit functionality, giving you full visibility into your processes. What’s more, it provides templates and guidance to help you meet regulations within your industry, such as the Sarbanes-Oxley Act and the International Financial Reporting Standards.

Streamlined workflow
Another key feature is automation. Repetitive tasks that eat a huge chunk of your time can be eliminated by programming automated workflows. For example, you can set your ERP to instantly reorder materials when stock levels have reached a certain threshold. This ensures that your shop never experiences out-of-stock or overstocked incidents.

You can even assign workflows that route invoices and reimbursements to the right accountant to make sure tasks are handled quickly and efficiently.

Rich integrations
The beauty of ERP software is that you can integrate it with other services to extend its capabilities. If you need to track customer information and sales figures, you can combine it with customer relationship management software or pair it with e-commerce services to streamline web-based purchases.

ERP systems can adapt to your ever-changing needs, which is incredibly valuable for your rapidly growing business. If you need more ideas or solutions that can add value to your business other than ERP, call us today!

Published with permission from TechAdvisory.org. Source.

With the popularity of Office 365, hackers are trying to find new ways to exploit its users, and they’ve come up with a new idea: a credential-harvesting campaign that uses personalized spear-phishing mails as a tool. If you’re an Office 365 user and don’t want your account compromised, read on.

What makes it different from other scams?

The new threat comes in the form of spear phishing, an old familiar method in which hackers send emails that purport to be from trusted sources and dupe you into disclosing sensitive information. In this particular attack, the email messages are admirably well-crafted, making them even harder to spot.

The emails are also rid of the usual telltale signs such as misspelled words, suspicious attachments, and dubious requests. You might have to recalibrate what you know about phishing scams, because this new threat ticks all the boxes that make it look legitimate.

How does it work?

The hackers behind the attack craft personalized messages, pretending to be from trusted sources, such as your colleagues or Microsoft itself, and send them to your inbox. The messages could contain a link or a PDF file that leads to a legitimate-looking landing page. Upon clicking the link, the user will be prompted to enter his or her credentials, which the hacker will use to launch attacks within the organization.

Once they gain control of your account, they might set up new forwarding rules to monitor your communication patterns, which will be useful for their future attacks. They might even use your account to send further phishing emails to your co-workers to collect more sensitive information.

As for the phishing emails with PDF attachments, there will be instructions to fill in username and password to view the document. And once you do, your account is no longer yours.

Another way they can get your credentials is by sending an invoice that requires you to log on to a web portal to view the file. Attackers can also use this technique to trick you into performing a certain action, such as forwarding sensitive information or paying an invoice.

What can you do to stay protected?

Your first line of defense is multi-factor authentication, whereby you use a password and another authentication method — like an SMS code — to secure your account. This function is already included in Office 365 and here’s a step-by-step guide on how to activate it.

The second line of defense is training yourself and your employees to spot common phishing techniques. In particular, verify the accuracy of the wording and the sensibility of the requests in the messages.

For good measure, your organization can also install an email-validation system which is designed to detect and prevent email spoofing, such as the Domain-based Message Authentication, Reporting and Conformance (DMARC).

Identifying phishing emails and planning and implementing a robust defense system are ways to protect you and your organization against the new Office 365 threat. For tips on how to spot this type of scam and how to plan thorough security practices, contact our experts today.

Published with permission from TechAdvisory.org. Source.

Hurricanes Harvey and Irma have already caused billions of dollars in damages, but hurricane season is far from over. Experts are predicting that there will be five more major tropical storms through October, and if they present risks to your business, it’s time to establish a watertight disaster recovery (DR) plan. Here are a few things you need to consider.

Pay attention to location
First and foremost, your backup site should be in a hurricane-free zone. Ideally, your offsite facility should be located at least 100 miles away from your main location. If this isn’t possible, make sure it is built to withstand wind speeds of 160 mph (as fast as Category 5 storms), and is supported by backup generators and uninterruptible power supplies.

You should also request an upper floor installation or, at the very least, keep critical IT equipment 18 inches off the ground to prevent water damage.

Determine recovery hierarchy
Certain parts of your IT are more mission-critical than others. Ask yourself which systems or data must be recovered in minutes, hours, or days to get your business back to running efficiently.

For example, you may find that recovering sensitive customer information and e-commerce systems take priority over recovering your email server. Whatever the case may be, prioritizing your systems ensures that the right ones are recovered quickly after a disaster.

Use image-based backups
Unlike fragile tape backups, image-based backups take “snapshots” of your systems, creating a copy of the OS, software, and data stored in it. From here, you can easily boot the virtual image on any device, allowing you to back up and restore critical business systems in seconds.

Take advantage of the cloud
The cloud allows you to host applications and store data in high-availability, geo-redundant servers. This means your backups can be accessed via the internet, allowing authorized users to access critical files from any device. Expert technicians will also watch over and secure your backups, allowing you to enjoy the benefits of enterprise-level backup facilities and IT support.

Back up your data frequently
Back up your data often, especially during disaster season. If your latest backups were created on the 15th of September and the next storm, Hurricane Jose, makes landfall on the 28th, you could lose nearly two weeks of data.

Get in the habit of replicating your files at the end of each day, which should be easy if you’ve opted for image-based backups.

Test your DR plan
After setting up your backups, check whether they are restoring your files accurately and on time. Your employees should be drilled on the recovery procedures and their responsibilities during and after disaster strikes. Your DR team should also be trained on how to failover to the backup site before the storm hits. Finally, providers, contractors, and customers need to be notified about how the hurricane will affect your operations.

As cell towers and internet connections may be affected during this time, make sure your company forums are online and have your employees register with the Red Cross Safe and Well website so you can check their statuses.

It’s nearly impossible to experience little-to-no disruptions during disasters like Harvey or Irma, but with the right support, you can minimize downtime. If you’re concerned about any natural disasters putting you out of business, call us today. We offer comprehensive business continuity services that every company must have.

Published with permission from TechAdvisory.org. Source.

Despite the apparent break from international ransomware attacks, hackers are still keeping themselves busy, this time using an adware campaign that could easily be one of their most cunning tricks yet. If you use Facebook Messenger, you need to read this.

What is it?

Little is known about the adware itself or those behind it, but it was uncovered by David Jacoby, senior security researcher at Kaspersky Lab, when he received a Facebook message from one of his friends, only to find out that wasn’t the case.

Basically, the adware uses Facebook Messenger to track your browser activity and pushes you to click on malicious ads or give out personal information.

How does it work?

By clickjacking and hijacking credentials of Facebook users, the adware is able to send messages to people in the victim’s contact list. If you’re one of those people, you’ll receive a phony message from your friend’s compromised Facebook account.

The message includes your friend’s name followed by the word “Video,” a shocked face emoji, and a shortened URL. Once clicked, the URL will redirect you to a Google Doc with a blurred photo taken from your friend’s Facebook page, disguised as a video. If you click on the “video”, you’ll be redirected to one of a number of targeted websites based on your browser, operating system, and location.

For instance, if you use Google Chrome, you’ll be sent to a website that looks exactly like YouTube, complete with the official logo. The hoax website will show you a fake error message to trick you into downloading a malicious Chrome extension.

If you’re on Firefox, you’ll be sent to a site with a false Flash Player update notice and a Windows adware executable; the same goes with OS X except the adware is hidden in a .dmg file.

The goal here is to move your browser through a set of websites so tracking cookies can monitor your activity and display malicious ads or you can be “social engineered” to give up confidential information.

How do you avoid falling victim?

Facebook has rolled out a number of automated systems to stop harmful links and files. What’s more, they will provide you with a free antivirus scan if they suspect that your account has been compromised by adware.

Still, you should be very skeptical about any shortened URL links sent to you by your Facebook friends, no matter how long you’ve been friends.

Due to their low key nature as potential security endpoints, cyber criminals are turning to social media platforms as their new medium of choice. To keep your business safe, you need to stay up-to-date and educate your employees. If you have any other questions about social media and how it can impact your business, just give us a call.

Published with permission from TechAdvisory.org. Source.