SpireTech Blog - Tag: Management
Business management topics and tips.
used with permission from SBA.gov., by Anita Campbell
Bad online reviews can cause potential customers to shop elsewhere, negatively impacting your business’ bottom line. If your business has received a bad online review, here are steps you can take to handle it and minimize the damage.
Respond to Customer Reviews
Ignoring a bad review won’t make it go away. On the other hand, responding to customer reviews can result in better ratings and improve your business’ online reputation.
The Harvard Business Review analyzed tens of thousands of hotel reviews and responses from TripAdvisor. The study found that around a third of reviews on TripAdvisor receive a response and almost a half of hotels respond to reviews. According to the study, hotels that respond to customer reviews receive 12 percent more reviews and their ratings increase by an average of 0.12 stars.
used with permission from Tektonika (HP), by Karen Gilleland
“Gimme the dough—or you’ll never see your files again!” In this scenario, the thug in the mask is ransomware, and it’s only one of the ways cybercriminals attack businesses—which are often left vulnerable due to poor business security or cybersecurity practices. Alongside the devastating effects cyber attacks can have on individuals, cybercriminals are sucking billions of dollars out of the economy, and you do not want your business in that position.
Toward the end of 2017, the US government passed H.R.2105, a law aimed at helping businesses beef up their cybersecurity by providing guidelines about effective tools and strategies to combat the rise of cybercrime. The National Institute of Standards and Technology (NIST) has been charged with developing a comprehensive set of guidelines by October 2018, but what can you do while waiting around for that to happen? Start firming up your IT environment with the following tips, of course. Read more...
The Technical Client Manager (TCM) is a new, enhanced role available to SpireTech’s VIP support clients. The TCM meets regularly with clients to collaboratively discuss ways to achieve their current and future technology needs and goals. The TCM holds a senior-level technical role and is responsible for understanding and connecting your IT processes with business results.
TCM’s meet with clients to discuss and undertake this work through periodic business reviews, or PBR’s. In a client PBR with the TCM, possible topics include improvements to existing systems, 1-3 year capital and operating budget planning, evaluation of current or future projects, and updates about new technologies that might benefit a client’s business.
Additionally, TCM’s manage projects and all major issues with clients, coordinate service delivery deadlines, and interface between SpireTech staff to select the most appropriate staff to perform specific technical work for our clients.
We’re in the process of reaching out to all VIP support clients to schedule these Periodic Business Reviews, and we prefer to meet with all clients at least once a year — and sometimes as often as 3 or 4 times a year. Read more...
Ask a business person where their office is located and the likely answer is “everywhere.” They’re working from home, staying in the loop while traveling, and catching up on email between sales calls. For productivity’s sake, many companies give their employees – and perhaps clients or service providers – remote access to their networks. Are you taking steps to ensure those outside entryways into your systems are sensibly defended?
If your business wants to start with security, it’s important to secure remote access to your network. Here are some examples based on FTC investigations, law enforcement actions, and questions that businesses have asked us.
Ensure Endpoint Security.
Your network is only as secure as the least safe device that connects to it – and there’s no guarantee that an employee’s home computer, a client’s laptop, or a service provider’s smartphone meets your standards for security. Before allowing them to access your network remotely, set security ground rules, communicate them clearly, and verify that the employee, client, or service provider is in compliance. Read more...
2018 is right around the corner, and here are our top five tips for things you can do to improve your cybersecurity in the new year. Cybersecurity has been the most critical issue in 2017, and that’s not going to change. If you haven’t begun addressing your organization’s cybersecurity defense, let’s start now!
#1 Train Your Employees
The best way to improve your IT security is to train your employees on best security practices. Educate them so they can recognize and avoid cyber threats like phishing and scams. Teach them about protecting sensitive information. Humans are the weakest link in your security defense: with a single click in an email they can open the door for hackers. You should have a network firewall, but don’t forget your employees are a firewall too.
#2 Create Security Policies & Enforce Them
Do your employees know what they are expected to do and not do to protect your data? Read more...
Much has been said about data security practices and cybersecurity measures that businesses should follow. All the information and recommendations out there can be confusing and overwhelming. Large data breaches and multiple scary ransomware attacks have dominated the news for years now. Each time businesses have to ask, “Should we be worried? Are we a target? What can we do to defend ourselves?” So here’s a short beginner’s guide on keeping your data safe and your risks low.
#1 Don’t ask for information you don’t need
Don’t ask for and don’t hold confidential information “just because”. If you don’t store Personally Identifiable Information (PII) or collect other sensitive, confidential data, you don’t have to worry so much about protecting it. Do you really need to ask for Social Security numbers? Do you need a customer’s full birth date? Ask yourself what is truly appropriate and necessary for each situation. By reducing the amount of unnecessary sensitive information you ask for, you can reduce your risks and your liability in case of a data breach. Read more...
When was the last time you thought about software updates and hardware upgraes? For many, updating software and hardware is not a priority because “If it ain’t broke, don’t fix it”. However, it’s clear that today’s cyber attacks prey on vulnerabilities present in old software and hardware. (This holds especially true for operating systems such as Microsoft Windows.)
It may not be “broke”, but it’s still old. “Working” does not mean “secure”. Old software and hardware simply do not have the latest defenses like security patches and advances in firmware to keep you safe from new and ever-evolving threats.
Update your software
It’s not uncommon to see people working on outdated, unpatched Windows operating systems or other software that is sometimes 6 or more years old. You’ve probably heard this before, but it always bears repeating: Keep your software updated and patched regularly and automatically, and upgrade to newer software versions as frequently as you can. Read more...
used with permission from SBA.gov, by Thomas B. Pahl, Acting Director, FTC Bureau of Consumer Protection
When it comes to data security, what’s reasonable will depend on the size and nature of your business and the kind of data you deal with. But certain principles apply across the board: Don’t collect sensitive information you don’t need. Protect the information you maintain. And train your staff to carry out your policies.
The FTC’s Start with Security initiative was built on those fundamentals. As we mentioned in last week’s introductory post, we’re calling this series Stick with Security because each blog post will offer a deeper dive into one of the ten principles discussed in Start with Security. Although the principles remain unchanged, we’ll use these posts – one every Friday for the next several months – to explore the lessons of law enforcement actions announced since Start with Security, to reflect on what businesses can learn from investigations that FTC staff ultimately closed, and to address experiences businesses have shared with us about how they implement Start with Security in their workplaces. Read more...
used with permission from HP Technology at Work
More than half of small and midsize businesses in the U.S. have suffered a cyber attack in the past year—but despite this frightening reality, very few businesses are making IT security a priority this year. That’s a big mistake, because small business owners are at a greater risk than they may think for data security problems and cybercrime.
Your businesses at risk
Businesses are starting to wake up to the risk of cybercrime. In a 2016 survey by the Ponemon Institute, more than half of businesses surveyed believe cyber attacks are becoming more targeted, more sophisticated, and more costly.
Cyber attacks are also targeting small businesses to a greater degree than in the past. Some 55% of respondents in the Ponemon study experienced a cyber attack in the past 12 months, and 50% had a data breach in the past year.
Cyber attacks are costly and disruptive. Read more...
used with permission from Norton by Symantec, by Nadia Kovacs
Whether you own a small business or a big one, you live in a world where cybersecurity is of paramount importance. Big business, small business, academic institutions, government agencies, nonprofits… all of these need to take an interest in cybersecurity or pay the price. It’s a matter or success, but also a matter of national security. Those working in critical infrastructure have a special obligation to make sure that they’re securing the workplace. Here are some of the best ways to create a culture of cybersecurity where you work.
It All Starts With Education and Training
Cybersecurity around your office begins with education and training: education in best practices and training in how best to execute those best practices, as well as making them a daily habit. Some key areas to hit include:
- App Updating: The main way that hackers are going to find a way into your system is through outdated app with known exploits.