Why Choose Office 365? Savvy Business Results Await….

Are you tired of passing around the same spreadsheet to members of a team only to be faced with comments like, “I didn’t have the latest version” and “My changes didn’t get attached”? These complaints are true time wasters creating an unproductive work environment. Switching to an Office 365 subscription will provide your team with up-to-date software and speed like never before!

Featured within Office 356 is Microsoft Teams – a space where teams can collaborate and share information via chat, video conferencing, data storage and application implementation. The best part about Microsoft Teams is the ability to work remotely and connect with clients and staff wherever they may be. TimbukTech will tailor-make the platform for your business needs so that your employees can collaborate on projects that currently live in many different locations. This platform acts as a project manager so your staff can share files and make live updates to documents in real time – creating simultaneous applause around the office!

There are many packages and bundle opportunities from an email-only option to adding in Word, Excel, etc., making the options more affordable then traditional Office products. This variability can save you money by only buying what you really need for each employee and customizing each user to their role in the company. Office 365 can also connect to five devices – making your life more efficient and organized! Your laptop, phone, tablet, desktop – all connected versus being chained to your desk and non-mobile responsive!

Not to forget the tech specs, Office 365 is secure and can be configured with MFA (Multi-Factor Authentication) to legitimize logging in from each device. Real-time updates are a big deal when it comes to utilizing the features of Office 365 – users get the benefit of the latest upgrades possible versus living with what you bought one time in the past – why not be up-to-date all the time? TimbukTech bundles Office 365 with third-party security software, such as Proofpoint Essentials to provide enhanced spam protection, email encryption, and spoofing prevention. If your server goes down, Proofpoint serves as a bridge for email continuity by queuing up messages; you can access Proofpoint simply by logging on and proceeding business-as-usual without disruption and continual communication. Pairing these products together allows for a rigorous strategy of user-friendly work environments, workplace efficiencies, and hard-working network protection.

Contact us to visit with our team to get started with Office 365 today!


Don’t be a Cyber Crime Statistic – Why Your Business Needs Multi-Factor Authentication Now

Multi-Factor authentication or MFA is a process of verifying the credentials of a user attempting to connect to protected data. MFA is commonly described as something you have, as well as something you know. For example, a user has an email address and logs into their credit card information after receiving a text message with a code in order to proceed to the protected data. After receiving the authentication, users can rest assured, knowing they were the only user to receive this special code, confirming the security of the session.

Won’t this slow down my ability to quickly get the information I need?
No. MFA is easy to use and becomes a habit, just like any other security measure you have implemented into your security regime. The moment or two it takes to receive the authentication, can mean the difference between maintaining your company’s identity or letting it slip away by ignoring the challenges networks face in the age of criminal cyber activity.

With MFA enabled, hackers are less likely to be able to access both a user’s credentials and the resources the user is attempting to access. Two-factor authentication (2FA) or dual authentication, a subgroup of MFA indicating it takes two types of factors for identification purposes, is a common practice by which users produce two unique forms of credential confirmation. For example, a user may log into a banking website, possess a pin number AND a unique one-time passcode in order to access the information. This dual authentication allows for a unique-in-time-visitor-circumstance, allowing for peace of mind and corroboration that proper security measures are in place.

TimbukTech’s Managed IT Services guard against vulnerabilities and create long-lasting secure habits that lead to a healthy, robust network.

Contact us today to receive more information on implementing MFA in your network.


business partners shaking hands

Making your company more cyber aware

The biggest problem companies face when it comes to cybersecurity is often not the technology; it’s the people.  And hackers know this. That’s why it takes more than strong IT to keep your company safe.

Beyond technology, the best way to protect your business from cybercriminals is with a trained and educated cyber aware company culture. It may seem like a large and daunting company initiative, but it isn’t.  There are a few corner stones that continue to build up, along with continuing education and strong corporate communication.

Let them know cybersecurity is everyone’s job

Leadership is always where a company culture starts. Employees and contractors, from entry-level to senior management, need to feel that cybersecurity is important to the company. If the executive leadership team values cyber safety, it will trickle its way down to all corners of workplace.

Cybersecurity should be more than just the responsibility of the Information Technology department. A statement by leadership must be delivered that it is up to everyone, beyond IT, to keep cyber criminals out of the company’s network.

Management shouldn’t be the exception to the rule.  Management most often have the highest privileged accounts.  Allowing management to bypass those safeguard not only put the organization at risk but sets a bad tone from the top.

Train and test your staff

Posters, employee newsletters, training sessions and regular meetings are avenues to communicate across the organization about how everyone can be more cyber aware. Regardless of what methods you choose, you should train staff on a regular basis. Monthly training is highly suggested. It can be via email or face-to-face. Or both.

Beyond training, it is good to see that employees are understanding and retaining the cybersecurity information. While you can trust that the staff is paying attention, it is recommended to test your staff as well.

Send a mock phishing email a little while after a training session or communication. It would be interesting to see who, if anyone, falls prey to the false hack.  This shouldn’t be a gotcha for those employees but a change for the organization to focus on more advanced training.

Teach your team that the inbox is the hacker’s favorite target

Based on current trends, cyber attackers are finding email to be the best route for penetrating a company’s security defenses. Trends Labs reports that 91% of targeted cyber-attacks use email as their way to breach networks. Likewise, Ponemon reports that 78% of targeted email cyber-attacks use malware embedded in an attachment.

Addressing targeted email attacks from leadership and your technology department is an essential piece of puzzle when creating a cyber safe culture. This should certainly be a topic addressed in employee training and even onboarding.

Have a password update plan

According to Verizon’s 2017 Data Breach Investigations Report, as many as 81% of hacking-related breaches were caused by leveraging stolen or weak passwords.

Often, employees are not aware of the risks. That is why password education is a great topic to include in cybersecurity training. Require complex password structures and explain the reasoning behind it.  Do not allow people to use the default password for more than the first login.

Have a formal cybersecurity plan

Your technology team should contribute significantly to a cyber aware culture and with cybersecurity training. Have the IT folks develop formal cybersecurity training with a documented plan to accompany it. The plan should be reviewed and updated often. Too many companies create cybersecurity plans and teams only to find that the plan becomes dusty and the teams include staff that’s no longer at your company.

Ask for a cyber security advocate from each of your departments like HR, Finance, Sales & Marketing, etc. since this casts a wider net to learn about targeted phishing and helps show that cyber security isn’t just for IT anymore.

No matter how great your CIO or CTO might be, one person alone cannot fight cybercriminals. Create a cyber aware culture and get everyone at your organization involved.


Disaster Recovery Plan

Some stats on disaster recovery

If you’ve ever known disaster, whether it be natural or cyber, you know just how serious it can be. Obvious causes include storms that inflict on-site damage or malicious attacks, but even user error can trigger disaster at a moment’s notice. Regardless of how your business conceives of these threats, the cruel fact remains: 93% of companies without a data recovery plan face closure within a year of a major disaster.

According to phoenixNAP, over the past five years, half of all businesses have weathered a downtime event longer than a full working day. The most common causes are:

  • 45% - hardware failure
  • 35% - loss of power
  • 34% - software failure
  • 23% - external security breaches
  • 20% - accidental user error

According to DataCore, for the businesses that experienced a downtime event, only half were confident they could restore 100% of their data. Smaller and medium sized businesses face greater fallout from these disasters, often because they have fewer IT staff, and a smaller portion of funding allocated towards technology resources.

Reports have also found that 75% of small businesses do not have a disaster recovery plan in place, creating a huge liability for an already overtaxed budget. Given the tremendous cost associated with data recovery, roughly $100,000 per incident, small businesses face a more arduous recovery process.

Keep in mind that 1 in 3 businesses reported a virus or malware attack in the last five years. Also, 58% of businesses breaches in the last 12 months have been due to viruses and malware and only 2% of businesses were able to recover from their latest security event within an hour.

Fortunately, the majority of these problems are avoidable through strategic planning. 96% of companies with thorough disaster recovery and data backup plans were able to avoid the fallout from ransomware attacks. By leveraging a resource such as TimbukTech, your company will have the benefit of:

  • Disaster recovery
  • Retention and reporting
  • Data backup and restoration
  • High availability and shared storage
  • Infrastructure design and architecture

If you're looking to outfit your business with affordable, enterprise protection, contact a TimbukTech expert today.


5 problems with legacy technology

According to a survey by Riverbed Technology, of 1,000 IT leaders from across the world, 97 percent say that legacy technology is holding them back. A definition of legacy technology describes the term as “an old method, technology, computer system or application program, of, relating to, or being a previous or outdated computer system.”

Even in the digital business era, legacy applications are a reality for most organizations from small and medium-sized businesses to enterprises. The reality is that those businesses that have not reached the tipping point where they can take advantage of the latest technologies are facing numerous risks every day. Here are just five of the most prevalent problems that dated technology can bring to businesses.

  1. Increasing operational costs and system downtime

The true cost of legacy technology far outweighs the investment. Because legacy applications cost more to run and maintain, they make the business highly inefficient in terms of OPEX.

Moreover, these systems crash often and require constant attention from the IT department, eating away at employee resources. That constant attention pulls IT personnel away from projects that increase business opportunities and operational efficiency.

Because they suffer a higher failure rate, these technologies require tracking down increasingly rare replacement parts that manufacturers may have stopped supplying. In addition, the constant threat of downtime means that the workforce cannot be productive and the customer base will suffer as even a single downed system ripples throughout the operation.

  1. Security vulnerabilities

Cyber criminals love legacy technology. This is because they are extremely vulnerable to attack. Unfortunately, businesses face a one in four chance of falling victim to a cyber-attack that could cripple them permanently.

Because many of these outdated systems are no longer supported by the manufacturer, a single unpatched vulnerability can enable attackers to access all applications, middleware, and databases running on the server platform. Plus, without modern backup and disaster recovery solutions and other security solutions and services, the business will never be able to properly safeguard its data today and tomorrow.

For businesses operating under stringent regulatory compliance requirements, the cost of outdated technology can compound those serious repercussions. Compliance standards require that your technology be supported. Not only are audits difficult and costly to conduct in environments with legacy technology, but a breach sets the business up for expensive fees and penalties.

The loss of reputation and customer trust alone could send the business into a financial spiral. Ultimately, the need for comprehensive network and infrastructure solutions that can make the business more agile, as well as secure, is crucial to phasing out or integrating the applications in ways that further the business.

  1. System incompatibility

Another problem with using outdated technology is that most legacy systems are incompatible with newer systems, which is essential to effectively running the business in the digital age. This also compounds ongoing financial loss as IT-aware competitors reap the benefits of a growing customer base that requires speed, convenience, and security.

  1. Less support

As legacy technology moves further past the point of manufacturer support, fewer and fewer IT professionals with the knowledge of those systems are available to support them. As these application experts retire or leave the business, the costs of the smaller pool of experts in that technology grow.

  1. Inability to compete

In the era of cloud services, virtualization, and software-defined everything, legacy technologies can no longer enable the business to remain competitive as customers and clients demand faster responses, products, and solutions.

Consequently, the adoption of cloud via infrastructure as a service, platform as a service, and software as a service enables businesses to move from CAPEX to much lower OPEX models. The need for mobility and secure remote access by the workforce to applications and collaboration tools is an imperative for the smallest business to the largest global corporation.

Every business today is faced with a landscape of accelerating technology that is changing the way business is conducted. Legacy technology systems inhibit business scalability and growth in that constantly evolving digital business landscape. With increased scale and demand, businesses require better throughput capacity and a modern IT architecture to manage operations or face the real prospect of losing relevance and an ability to compete.

If you need assistance assessing your legacy technology and considering new options, give TimbukTech a call at 309-444-7263. We’re prepared to learn more about your business and give expert advice that can make a difference in your performance and budget.


repair icon

Let’s talk tech upgrades

Tech upgrades can be daunting. There are budgets and capabilities to stay on top of, not to mention how easy it is to overspend or get the wrong thing.

Business owners and management can often forget that even the newest and most cutting-edge technology will someday have to be replaced. No matter how fast or feature-rich that network or computer seems right now, there will come a time when it will need to be upgraded.

It’s best to keep in mind that you may be buying a replacement for current technology in as little as a year or two. How do you factor that into your plans? Let’s go through three factors that could affect your process.

Expected Life Cycle

Most pieces of technology have an expected life cycle that can be predicted. A phone might last a few years, while an external hard drive might make it to ten years of service. When making your plans, consult the manufacturer’s warranties. You can also talk to TimbukTech on what to expect.

You don’t want to count on a piece of technology to last any longer than it’s supposed to. At the same time, you don’t want to plan for those expensive upgrades long before they’re necessary, either.

Device Reliability

Reliability is a separate factor. While there is an anticipated life cycle, you should also be aware that some brands and manufacturers are more dependable than others. You may have Microsoft devices around your home or office that continue to work even though they are several generations old.

In many cases it’s better to buy a quality product that you can count on for a little more money than it is to deal with unexpected expenses later on.

Compatibility

Your tech devices may not stop working. They may just stop working with newer hardware and apps.

Newer and faster things are coming out all the time and you need to anticipate that you’re eventually going to start using tools that outstrip your current devices. That means that it’s better to be slightly more aggressive with your upgrade plans when you aren’t for sure. TimbukTech is ready to provide guidance and advice here, too!

The smartest thing you can do for your business is develop a tech strategy. Your decisions should be based on sound advice from a trusted IT provider like TimbukTech. If you feel like you’re spending too much, getting too little, or not utilizing the right tools, it’s time to call us at 309-444-7263.

Our Canton, Macomb, and Washington, Illinois-based team at TimbukTech knows what it takes to keep a growing business going strong. Contact us today to schedule an initial consultation and learn why so many businesses across mid-Illinois trust us with their computers, networks, and devices.


Managed IT Service

What to look for in Managed IT Services in central Illinois

Outsourcing your company’s IT can be complex. There are many factors to consider and many IT solutions out there. Before you start looking for managed IT services, you need to know what you’re looking for.

Not all IT solutions in central Illinois a created equal. A managed IT service may offer very minimal services or very extensive services and it’s up to you to determine what level of service you need.

On-premise or off-premise IT administration services.

A Managed Service Provider, or MSP, may provide services either on-site or remotely. If services are provided on-site, an MSP may complete hardware upgrades and troubleshoot hardware problems, while working directly with employees to resolve issues. If services are provided remotely, an MSP may operate primarily server-side and through screen sharing. Either way, IT administrative services will bridge any gaps a company currently has with its internal IT department.

Managed cloud services.

Many companies are moving towards cloud-based solutions. MSPs that specialize in cloud services will secure, protect, monitor, and maintain the company's cloud solutions, providing an as-a-Service infrastructure for the company. Companies that want to outsource their software solutions may want to establish a relationship with a cloud-based MSP, as they will be able to deploy the needed cloud-based solutions.

Help desk solutions.

Companies that don't have an internal IT department (or who want to refocus their IT department to higher priority tasks) can use the services of a help desk solution. A help desk solution will respond to trouble tickets from within the company, addressing internal issues and putting out fires. This frees up the company's own IT staff for more important tasks.

Data backup and protection.

Data is central to the operations of the modern business. MSPs may provide advanced data backup and protection suites, which will protect the company's data from malicious attacks or negligence. Frequently, cloud-based backup solutions are used to redundantly sync and protect data.

Security solutions.

Security-as-a-Service is becoming a more popular way to protect a company's infrastructure and its data. Advanced security solutions are able to monitor a network environment and identify potentially malicious behavior. An MSP will be alerted to security issues and can work to mitigate them quickly.

TimbukTech offers all of these services, so it’s time to assess your current IT infrastructure and pain points to determine the services that you need. We can walk you through the assessment in a short meeting to begin to develop a plan for your business going forward.

The needs of a company can vary depending on its industry. TimbukTech specializes in quite a few industries including financial, healthcare, local government, manufacturing, retail, and small business. Our experience in these industries makes us very knowledgeable and ready to take on industries beyond these as well!

A managed IT service provider is going to work with you as a partner. Once you find the right fit, you’re sure to improve upon and optimize your company’s entire IT infrastructure. Give TimbukTech a call at 309-444-7263 to begin exploring your options close to home!


Anonymous hacker at work

Protect your information

Scamming people has been around for ages and as long as people continue to fall for them, people will continue to set them into motion. New scams and new mediums with which to create them are changing and growing constantly. The new thing? Computers and interactive scams. As long as people use computers, criminals will continue to use them in their scamming efforts.

Some examples of common scams include:

  • The Nigerian Prince check scam
  • Winning a fake lottery or prize
  • Travel scams
  • Disaster relief scams
  • Phishing

We know people are falling for these because studies show a good percentage of people are willing to give out personal information voluntarily to people they may or may not know. This can be interpreted as a majority of the population is not careful enough with their information. It’s scary to find the numbers are sometimes in favor of the criminals.

Avoid being the victim of a scam

Education is key when it comes to scams. You should stay on top of current techniques scammers are using so you know what to look for in a scam.

How do you know if it’s legit or fraudulent?

To protect yourself, your company, and your customers from these cyber attacks you need to be up to date with current scamming trends and also know some best practices to follow in case you are suspicious of something.

Here are a list of cyber safety tips and best practices to follow to help minimize your chances of falling victim to a scam:

  1. Pop-ups
  • Make sure your browser has a pop-up blocker turned on.
  • Be suspicious of any pop-ups.
  1. Spelling errors
  2. Email
  • Be cautious of all links and attachments.
  • If you are not expecting or not familiar with an email address, be cautious.
  • Be cautious the email body is vague.
  • If you are possibly familiar with sender but were not expecting the email, reach out to the person to see if they did in fact try to email you.
  1. Familiarize yourself with popular scams or social engineering tactics
  • There are many great news websites with articles on current scams.
  • Example: JohnD@marrillych.com (Notice "Merrill Lynch" is spelled incorrectly?)
  1. If something says, “time sensitive” and you’re not familiar with the contents, do not feel the pressure to be rushed.

It’s not a bad thing to be suspicious! If something seems suspicious, consult us here at TimbukTech or do some further research to determine what the best course of action should be. Remember that like a fence or a firewall, you are the first line of defense to your money and information.

What is the best way to defend yourself against cybercrimes?

The best advice for defending against these scams is to be aware. Be aware that people are trying to scam you and be aware that the resources exist to help you spot these scams. If you follow these cyber safety tips, stay vigilant, and stay updated – You should feel more confident that you’re protecting your money and your information.


Busy man working with computer while talking on phone

Your IT guy won’t beat an MSP

Does your company work with a Managed Services Provider (MSP) like TimbukTech or are you relying on a “tech guy” in-house? We’re willing to bet that you’re relying heavily on a “tech guy” and hoping you don’t run into any difficulties. There are some drawbacks to that logic. Let’s take a look.

IT is the secondary role of your employee

Often, we find that your employee was not hired to be the IT guy, but in fact he’s the receptionist first and IT guy second. His core duties are scheduling, taking and making phone calls, routing email, directing visitors around, and much more. On top of these primary duties, your whole company is calling on this employee to fix their tech issues. At this point, he’s doing two jobs. It’s highly likely that this employee is not doing either job to his fullest ability as he can’t focus on one at a time.

Employee burnout

When one person is handling two jobs at the same time, the effort can really bog them down. He was asked to be a tech person because he knows a few things about computers and now that everyone’s aware of that, they’ll be calling upon him frequently. Anyone who has taken on extra duties beyond their core role knows that it is easy to get burnt out fairly quickly.

So now we ask, what if that employee quits? What happens when things turn ugly late at night? Is it up to this overworked employee to get up and come in to handle the situation? If he can’t come in until the next day, what does this mean for the company? Downtime can be costly.

Employee limitations

“The tech guy” can come with many limitations. Out of 40 hours in the workweek, how many are to be spent on their primary occupation and how many are to be spent on tech?

Another limitation might be training. It’s likely that this person has never read a page of a Network+ book, taken the MCSE test, or had any other IT training. Yet your company has him poking around in the network. What happens when he makes a mistake that brings the network down? Now you’re hiring a 3rd party anyway to come in and fix what’s broken. That can be expensive … often over $120 an hour, plus loss of business!

MSPs can help

When we come across a client that uses a “tech guy” in-house, we ask the following questions to assess lost revenue.

  • When was the last time your server was down?
  • How long did it take to bring it back up?
  • Were you able to conduct business without the server?
  • Did your tech person know how to fix the IT issue?
  • Did you need to call in a 3rd party to fix the IT issue?
  • How many times has the server or network gone down? Is this a fairly common occurrence?

The underlying cost of downtime could equate to a lot more than a monthly agreement with TimbukTech as your MSP. We’re here to help you understand the implications of not having a solid IT solution. Let’s explore your business’ options. Give us a call at 309-444-7263 and we’ll go through your specific needs and weigh your options.


Login and password

They’re fired, but what about their passwords?

It can be difficult to fire or part ways with an employee. You’re losing a valuable asset if they’re leaving voluntarily, but someone being fired can leave you in a lurch. You have the task of launching a disciplinary process and then holding a meeting at the time of termination. But there are other things to think about. Primarily security and the ex-employee’s access to company data.

It’s important to have a process in place so that whenever a termination or parting of ways occurs, nothing slips through the cracks regarding your business’ security. Here are some considerations regarding passwords and voluntary termination or involuntary termination.

When an employee is let go, immediately change all the passwords to anything the employee had access to. You should have a few days to make a plan and define the process for cancelling access. Don’t make the changes in security before your final meeting and dismissal. Instead, plan ahead and assign someone to disable their passwords during the time you are having the termination meeting. Before the meeting, be sure you have a list of all access cards, keys, etc. prepared so they can be cancelled before the employee leaves the building.

If your company has, let’s say, a Twitter account, you don’t want the ex-employee tweeting through it, so be prepared to change all social media passwords. We mention this because often companies and organizations either forget about these kinds of access or hesitate to change passwords due to hardships that occur and getting everyone access again. Trust us. The effort is worth it!

The possibility of having to lock out an employee may make you consider measures you have avoided so far. Consider a shared wifi password. Do you really want to change it for everyone or is it time to use a managed router and individual authentication?

If someone voluntarily leaves your employment, you hopefully have 2 weeks or so to implement a similar plan as above. Use your best judgement as to whether the soon to be ex-employee will be up to no good during their final days. That is only something you can judge on an individual basis.

Make sure you have a solid data backup and continuity strategy in place. You may need to compare data after the employee is gone to see if any sensitive data was moved or deleted.

We always recommend that you force a password change for immediately surrounding co-workers and consider a company wide reset. You may be unaware of shared passwords. Even though they are not supposed to use each other’s passwords, it may be going on anyways.

Lastly, you should consider pushing a remote wipe to the terminated employee’s BYOD devices from your Exchange server. This should remove only company data and reboot the phone to prevent access. Be aware that you might end up wiping all data from the phone, so you might openly ask them to delete company data on the device while they’re with you in the office. It will make it easier on themselves in the long run.

If you have questions on how to deal with departing employees, give us a call at 309-444-7263. TimbukTech can help you develop an employee termination procedure.