Thinking of adopting a "bring your own device", or BYOD, policy at work? Learn more about what it is, why it's becoming popular – and what you need to consider before rolling it out.

You may have noticed more and more of your employees or colleagues bringing their own computing devices to work—be it their mobile phone, tablet, or laptop. Or perhaps in your company or in other companies you may have seen, they have let people decide which device they prefer because they are used to it at home. You may not realize it, but this is all part of a large trend called the "consumerization" of IT, in which the influence of consumer technology is being increasingly felt in the workplace. With the wide availability of cheap but powerful mobile devices and online services, a growing number of people are being exposed to the latest technology at home first—adopting them at a rate faster than most businesses are able to manage. This flips on its head the old paradigm in which traditionally new technologies would be rolled out to businesses first, before they would find their way to consumers.

This trend, plus the increasing sophistication of young workers today and their frustration with the tools available to them at the office, is pushing some companies to adopt a "bring your own device" or BYOD policy at work. They are not alone. According to research by technology analyst group Gartner, end users, not the IT department, will soon be responsible for 50 percent of business IT procurement decisions—ultimately bringing and running their own systems on company networks. Meanwhile, according to management consultants Accenture, around one-third of today's younger generation of workers (a group called "millenials") not only wants to use the computer of their choice at work, but also wants control of the applications they use too.

The benefits companies cite to adopting a BYOD policy are many, among them:

• Savings on capital expenses and training costs in using company equipment—compensating employees instead via other means such as flexible work hours, subsidized purchases, insurance, and other benefits.
• Less management headache—effectively letting employees decide what to use releases the company from some overhead and management responsibilities.
• Improved employee satisfaction—by giving employees the freedom to use devices and applications that they prefer.

However, before you consider letting employees bring their own personal technology to the work place, be aware that there are also disadvantages, and sometimes very real dangers in doing so. These include:

• Non-standardization of hardware, operating systems, and applications. If your business operations require that some equipment is integrated with others, then BYOD can in the long run actually increase IT management costs and decrease efficiency.
• Exposing your network to malware or security vulnerabilities and breaches. When your employees bring their own devices to work, you lose important control over their security. Consumer devices often don't employ comparable bullet-proof security technologies mandated by businesses.
• Leakage of confidential or proprietary information. Employees will naturally do what they want with the data on their devices, even if it doesn't belong to them, or it's against company policies. Employees can also lose precious company data when they misplace or damage their personal devices.
• Lower economies of scale in procurement. Essentially because everyone is buying devices on their own, you miss out on the chance to consolidate purchases and lower purchase costs for everybody.

Have you adopted a BYOD policy at work? Thinking about it? Worried about this trend? If you need to understand BYOD better so you can define a policy for your staff, contact us and see how we can help.

For smaller companies and businesses who are constantly on the lookout for great free finds on the web: here are a few nifty and free online tools that might potentially help you, both in saving costs and boosting your productivity and efficiency.

It is a constant challenge for small businesses to meet ever-changing and ever-evolving IT requirements while balancing a budget and keeping costs reasonable. And with software applications being one of the major factors that contribute to IT maintenance costs, it is always welcome news to come across free tools that work well and efficiently despite the lack of a price tag.

ThinkFree Online Office One of these applications is ThinkFree Online Office, which is a cloud application that enables you to create and edit documents in common formats. It also comes with free 1GB of storage and allows you to work from anywhere, since the documents are stored online. And with its own app for Android users, ThinkFree is particularly advantageous to people who need to work on the go.

ReqMan Another free cloud-based application that can prove useful is ReqMan, an online project management tool. You can use this to manage and track your different projects using various templates the service provides. And since it's in the cloud, mobile personnel and staff who are given access to your ReqMan account can work even when they're out of the office.

Gliffy Gliffy is a free tool that you can use to create all sorts of technical illustrations – diagrams, floor plans, flowcharts, and more. The basic plan is free, but you also have the option to subscribe to their more fully featured plans for a minimal fee.

ScheduleOnce For managing schedules, calendars, and the like, ScheduleOnce allows you to keep better track of all your appointments, meetings, and deadlines through a single tool. It integrates with your calendar on Google, and then allows other people to see your open times when they can schedule a meeting with you. Think of it as a one-stop-shop for your scheduling needs.

If you want to know more about these tools and how you can best utilize them, please feel free to contact us. We’ll be happy to guide you and help you make the most out of these types of applications to improve your efficiency and bottom line.

A worldwide shortage of hard drives is expected in the near future as many of the Thai-based factories continue to struggle with flooding.

In the same way the massive earthquake and tsunami damaged Japan’s electronics industry, the flood crisis in Thailand is causing concern for companies that require hard drives for production.

The majority of the world's hard drives are produced in factories located in Thailand, where the flood crisis has put a damper on many industries, hard drive producers included.

According to reports, the shortage is already driving hard drive costs up and may just be the beginning of that trend. As companies like Hewlett Packard respond to the situation, the outlook remains unclear. PC sales could be affected well into 2012 and beyond. With flooding still an issue for some producers the shortage could expand.

As of now, there is still no concrete solution in sight for the problem with the supply of hard drives in the world, and while reconstruction efforts in Thailand are ongoing, getting the hard drive industry on its feet will take a while. As for the effects on the computing world as a whole, PC prices will likely rise as pre-flood inventories are sold out and replacement stock is delayed.

The use of social networks has changed the way many people communicate with each other online. In the same vein, internal social networks can also enhance communications within a given organization, but only if the right policies to govern its use are developed and implemented by the company it belongs to.

With the waves created by social networking in how companies do business nowadays, many have also utilized the same principle to develop internal social networks to enhance their in-house communications as well. However, the use of this new medium of communication also requires that companies develop new policies to cover its use.

One concern that may leave you apprehensive about creating an internal social network might be the fear that it could be abused by employees. However, reports have shown that introducing an in-house social network has produced generally positive results.

As long as company policies regarding the use of internal social networks are developed and implemented properly, employees will view such a network as an extension of the workplace, and will try to put their best foot forward. Such policies must specifically tackle the use of the internal social network, and many experts recommend revising existing company rules that govern the use of email, IT resources, and even external social networks. To be on the safe side, it's a good idea to consult with a lawyer to avoid any legal problems with the policy in the future.

Who's going to be in charge? Your managers, of course. Since the social network will be for company use, it follows that department heads should be given administrative duties and permissions which they will use for moderating communications and discussions in and pertaining do their respective sections.

While an internal social network can do wonders for your in-house communications, good policies and rules pertaining to its use will be what keep it working like a well-oiled machine.

It doesn't matter how solid your security system is –any hacker or online thief can figure out a weak password in a couple of hours through trial and error. Don't risk being a victim of a security breach and data theft. Avoid these passwords that are especially easy to crack.

If you think using 'password' as your password is no big deal, then it's time to rethink.

Security experts have recently compiled a list of the worst passwords users can choose, and 'password' is at the very top of the list. Weak passwords make your information more vulnerable simply because hackers can guess them. It may be easier to pick a password that you don't have to think about, but it's a choice that you may come to regret.

To help you avoid common password choice mistakes that users make, management application provider SplashData has compiled a list of the 25 worst passwords to use:

1. password
2. 123456
3. 12345678
4. qwerty
5. abc123
6. monkey
7. 1234567
8. letmein
9. trustno1
10. dragon
11. baseball
12. 111111
13. iloveyou
14. master
15. sunshine
16. ashley
17. bailey
18. passw0rd
19. shadow
20. 123123
21. 654321
22. superman
23. qazwsx
24. michael
25. football

Make a smart password choice Experts advise using a combination of letters and numbers when creating your passwords, and to avoid things that anyone might be able to guess, such as birthdays and anniversary dates. Passwords with eight characters or more are safer and it's best to use different passwords for different accounts and websites. Use a password manager to help you keep track of all of your passwords if you're finding it difficult to remember them all..

No matter how sophisticated your security system is, a weak password gives hackers and online thieves an advantage. Helping all the users in your organization understand the importance of password strength will help you secure the IT systems in your organization.

If you're interested in learning more, please contact us so we can develop a comprehensive and custom security blueprint that meets your specific needs.

Reference: Worst Internet Passwords

In an unprecedented move against online fraudsters and hackers, the United States Federal Bureau of Investigation (FBI) and authorities in Estonia, aided by information from security firm Trend Micro, recently conducted a raid that brought down an enormous bot network made up of at least 4 million bots.

Four million is a big number – which makes four million bots, in security terms, a staggering and frightening number as well.

It is a good thing, then, that four million is also the number of bots taken down in a recent bust by the United States Federal Bureau of Investigation, the Estonian Police, and security firm Trend Micro. Data centers in New York City, Chicago, and Estonia were raided by authorities, shutting down hundreds of servers used to create a network of bots that spanned some 100 countries.

The said bust, dubbed “Operation Ghost Click”, is one of – if not THE – largest cybercriminal bust in history, putting to sleep a sophisticated scamming operation that victimized 4 to 5 million users and was said to have generated at least $14 million in illegal revenue.

The scam mainly involved hijacking Domain Name Server (DNS) settings in infected computers, which can be used not only to introduce more malware into an IT system, but also to hijack search results and replace advertisements loaded on websites visited through an infected computer.

While this bust does bode well for all IT users everywhere in the world, it also illustrates the scope of influence and level of organization behind security threats. Since this is probably not the only scam / fraud / botnet operation in the world, it is always best to have a comprehensive security policy for your IT infrastructure to minimize the risk of compromising your company’s data and information.

For more details on the bust, check out Trend Micro’s blog post here.

Employees using their own mobile devices for work may seem like a good idea at first – it's less expense for you, the employer, and they can also make employees more productive. However, it also means that you are allowing potentially unsecure devices to access your company's data. The solution? An effective IT security policy that balances personal freedom to use these devices and your need to secure important business information.

As technology continues to become more affordable and accessible to consumers, it's an inevitable fact that employers will see more and more of their employees using their own personal devices such as laptops and mobile phones to access the company's IT system.

This can be a dangerous thing. Since these devices aren't company owned and regulated, you have limited access and control over how they are used. Employees could download all sorts of malware and viruses on their devices and pass the infection along to your IT system when they access it.

The solution: a comprehensive IT security policy. It's important that you find a compromise between the freedom of the employee to use the device as desired and your need to keep your IT system safe from viruses and other threats to your data's security. Steps such as having employees run mobile device management (MDM) software on their devices is one of many actions you can take to lessen the risk of security breaches. You may also want to implement applications and software that check and screen for malware, both for laptops and mobile devices. And don't forget that while Android seems to have a bigger problem with malicious software, Apple isn't exactly virus-free, either.

Employees have a right to use their personal devices as they see fit, but not at the expense of important company information stored in your IT system. Running a tight ship in terms of security is an effective way to protect your business interests and your sensitive company data. If you are interested in knowing more about developing a concrete and effective IT security policy for personal device use as well as general system access, please don't hesitate to give us a call so we can sit down with you and discuss a custom security blueprint that's just right for you.

Fact: all it takes is one security breach to destroy a company. But few - especially small businesses - seem to realize it, according to a recent survey released by StaySafeOnline.org. Results show that few small businesses see themselves as a target of online thieves or hackers, resulting in many having only token security policies in place.

StaySafeOnline.org, a website of the National Cyber Security Alliance, has recently released a study that chronicles the cyber security practices and attitudes of small businesses. Conducted in partnership with Visa, the study shows some interesting, if not disturbing, results.

It turns out that many small businesses (about 65% of the respondents) are highly dependent on their computer / IT / data systems, where they store important information, from sensitive company financial records to personal client information such as credit card info, addresses and phone numbers, and more. However, as many as 85% believe that they will not be targeted by hackers and online thieves, and less than half have data security systems in which they are confident. In general, small businesses have, at best, a mediocre security system.

Few realize, though, that it only takes one breach to compromise a company's finances and relationships with clients. And if you have less than stellar security, stealing from you is easier. You might not have as many online assets as big businesses, but hackers can make a hefty profit by victimizing several easy marks as opposed to bigger and riskier efforts with more secure systems of larger firms.

Don't take a risk with important data, and don't compromise the relationships and reputation you've built with your clients over the years. Good security is always worth it. If you're interested in knowing more about beefing up your security through company policies, software, and user education, please don't hesitate to contact us. We'd be happy to sit down with you and discuss a security blueprint that's cost effective and custom built to meet your specific needs.

Reference: National Small Business Study

When it comes to your business there are many dangers that could negatively impact your bottom line, or even force you out of business. As such, it's a good idea to have a plan in place to help keep your business operational during any disaster. This strategy is commonly referred to as a Business Continuity Plan, and is something that companies will benefit from looking into.

While a Business Continuity Plan (BCP) can be complicated, and comprised of many different objectives, the main reason companies include this in their business strategy is to build up resilience. Disasters of many kinds can result in either lost data, sales or even business. While a BCP won't prevent large-scale disasters, it will help your business recover quicker.

When looking at how resilient your business is, there are three main aspects to consider.

RTO RTO stands for Recovery Time Objective and is the time period from the beginning of the disaster to recovery of operations. This number, or time period, will be different for every company. For example, companies that operate online stores will likely have a short RTO, as they rely on 24/7 uptime to conduct business and sales.

In general the RTO is an objective, one that employees and stakeholders should strive for. Having one can help planners identify potential problem areas along with critical functions that must be recovered and any preparations that will be necessary. If a business does not address, or identify a set time to recovery they could see an unnecessary increase in recovery times, or worse lost profits.

RPO RPO stands for Recovery Point Objective and represents the amount of data a business is willing, or can afford, to lose. The easiest way to figure this out is to look at your systems and think about how much data or information you personally can lose before being unable to do your job. From there, you can work out the frequency with which you should back up your systems.

For example: If you figure that you can lose a day's worth of data, then your backup should be done on a daily basis. If you currently back up your data or systems once a week, and figure you can only miss a day, then RPO helps you realize this is not enough and that you need a system or plan that better meets your needs.

The difference between RTO and RPO is that RTO is a broad process that covers the whole Business Continuity timeline, while RPO is focused on data and backup.

ROI When looking at different Business Continuity systems, it is always a good idea to calculate the ROI, or Return on Investment. You can calculate the cost of the integrating any plan, time to implement and recovery, expected value it can bring your business and avoided losses. This will give you a pretty good picture on whether current systems are strong enough, and if new alternatives are better.

By figuring out the time you expect to recover, how often you should back up and the total ROI of proposed, or existing, systems you can gain a clearer picture of how resilient your company is.

If you're looking to make your company a little more resilient, why not get in touch with us? We are happy to sit down and discuss your options with you.

Long-term cost-effectiveness. Simple, but comprehensive and updated solutions. Dependable and stable. These are just some of the advantages of using Managed Services to deliver efficient and custom designed IT solutions that meet your specific needs.

Many large businesses prefer the use of Managed Services to meet their IT needs, but many smaller organizations continue to be skeptical of this solution. Here are five reasons that will make you think twice about dismissing Managed Services:

Managed Services help control costs. In any kind of business, it's important to be as cost-effective as possible. Especially in IT, where unbridled or poorly managed systems cost way more that they're worth, it's essential to have a system that works with your budget but doesn't compromise on quality. Managed Services is the most feasible and practical way to accomplish that, especially in the long term.

Managed Services help you deal with increasingly complex IT solutions. With both hardware and software components of IT systems constantly evolving, businesses with limited resources may very well find themselves left behind after a while. But with Managed Services, you are able to enjoy the advantages of the latest IT solutions at a fraction of the cost – enabling you to provide the best possible service to your clients.

Managed Services give you a better, more dependable IT infrastructure. Especially for smaller businesses, it can be tedious to maintain an in-house IT arm; and you run the risk of stretching resources too thinly, which can compromise the quality and output of your IT department. Managed Services allow you to have a stable and dependable IT arm that's dedicated to meeting your specific needs in a cost-effective manner.

Managed Services offer more comprehensive and complete IT solutions. More often than not, small and undermanned IT departments are more of a burden to the organization they belong to – errors are more likely to occur, response and problem solving is a slow process, and staff members are probably overworked and underpaid, making them both unhappy and less productive. Managed Services, on the other hand, are completely the opposite, allowing you to utilize efficient and comprehensive solutions that are tailor-made to fit your specific requirements.

Managed Services help you maintain compliance. With the marketplace becoming more and more competitive, meeting different regulatory compliances has become a fundamental need. From Sarbanes-Oxley to the Health Insurance Portability and Accountability Act (HIPAA), smaller companies can often find themselves lost. It’s Managed Services that helps these companies not only fully understand the requirements of these regulations, but also comply with them.

If you want to know more about how Managed Services can directly benefit your day to day operations, please do not hesitate to give us a call – we'd be happy to sit down and discuss a custom solution that works for you.