Blog

The term, “meta description” may seem foreign to some but we all see these descriptions each time we search for something online. The meta description can contain up to 320 characters and should be an interesting summary of what your website is all about. It shows up in the search results as those first few words/lines that explain the essence of your website or post.

How Meta Descriptions Work

Each time we type a search term in the browser, a number of results will come up. For each one, there’s a 320 character description of the site or page. People usually decide which site to click on based on what these meta descriptions say. That means it has to be snappy and fresh. The wording needs to grab your attention. It has to sound enticing. Think of it as a short, but powerful sales pitch. Potential customers are far more likely to visit a site that sounds unique, interesting or entertaining than one that sounds boring.

Though search engines make it clear that there’s no direct advantage from writing good meta descriptions, there is a very strong indirect benefit. If you’ve written a good meta description, then this will improve your click-through-rate (CTR). As visitors click-through to your site, the search engine uses that information as a way of determining that your site was aptly and well described. This will improve your position in the search results.

It is important to point out here that Google will not always show your unique meta description. Sometimes they generate their own description of your business based on factors like the search term and type of business it is. This is where keywords come into play. Most business owners now understand at least the basics of keywords and how they work. If your content is well-optimized, then it should reflect that by serving as a great meta description.

Google changes the way their search engine works at times and this can certainly throw a wrench in all your good plans. However, that should not stop business owners from doing sound keyword research and creating unique content with those keywords. It goes without saying that keyword stuffing is bad and should be avoided at all costs. Always observe the current standards for keyword density in a page of text, which usually runs around 2 to 2.5 percent.

Yoast Free or Premium?

Yoast offers a free and a premium SEO service. With the free service, you get one keyword for each page of content. The premium service allows five keywords for each page. The premium service also does a readability check using the Flesch Kincaid test which measures the grade level of your writing. Since the world wide web is filled with people from all backgrounds and educations, Flesch Kincaid usually recommends writing copy that would be easy reading for a third to fifth grader.

Use short concise sentences. Avoid big words that are not readily understood unless you are writing technical information for a specific audience, like IT experts. Try to use action verbs instead of passive verbs. Use subheadings and catchy taglines. Whatever you can do to make your site more attractive, unique and fun, will help. You can count on getting more traffic and higher conversion rates.

How to Use Yoast SEO to Write Meta Descriptions

If you don’t write a unique meta description, Yoast will produce one. Usually, it simply takes the first three lines of content on your page or post and uses that. If you’d like to edit that, then click on the “edit snippet” button. This opens the snippet editor. There are fields there to edit the SEO title, slug and meta description. As you type, your new meta description will show up. You can make changes until you feel it’s just right. The snippet editor has an orange bar at the bottom that will become green once you’ve typed enough information.

Many site owners use the first few lines of content on their page or post as the meta description. If your site has good, professionally written content on it, then there’s nothing wrong with that. However, if you feel you could improve the text, then, by all means, do so. If you can get the hang of this and really write powerful meta descriptions, it can greatly improve your click-through rates.

How to Write a Superb Meta Description

Once you’ve decided that this is something worthwhile that could improve your bottom line, it’s important to put your best foot forward. In order to write effective meta descriptions, you may need the help of a good copywriter. Copywriting is all about utilizing words to persuade searchers to click on your page. With only 320 characters or about two to three lines of text, it’s important to make every word count. Below are two writing examples to show you the difference between professionally written text and that of an amateur.

Good Meta Description:

Apple

https://www.apple.com/

Discover the innovative world of Apple and shop everything iPhone, iPad, Apple Watch, Mac, and AppleTV, plus explore accessories, entertainment, and expert device support.

The above meta description from Apple does contain some good keywords but it doesn’t feel awkward or forced. It’s informative. It’s also important to note that this meta description was written using the older rules where 155 characters were the rule. Today, we’re seeing longer snippets that contain more information to help searchers decide what to click on.

Bad Meta Description:

Mary’s Bakery

https://www.marysbakery.com/

Get some good donuts and cakes at Mary’s Bakery located in downtown Minneapolis. We cater and deliver. Our baked goods are tasty and made with quality ingredients.

Though the above meta description does contain some valuable information, it’s boring. The shop owner wastes valuable space here to tell consumers where they’re located. This is something that many searchers will not care about in their initial search. Use this space to talk about delicious pastries, cakes, and donuts. Talk about your award-winning cupcakes with buttercream icing. This is how you get people to visit your site and look around.

Caution!

Be sure that your meta description accurately describes your page or post. Yes, the wording can be flowery, powerful, strangely attractive, etc. But it should also be truthful. If you make promises you can’t keep, then searchers will quickly hit the “back” button. This can cause your site to fall in the search listings.

As mentioned above, avoid keyword stuffing. Just about all web visitors today understand what keyword stuffing is and most don’t like it. The reason? Keyword stuffing makes a section of text read awkwardly. It is typically not well-written content and it doesn’t make sense to your human visitors. Remember to write your meta description for humans, not for search engines.

Instead, focus on writing interesting descriptions and unique content for your human visitors. In the end, search engines will not be purchasing your products and services. Humans will, so cater to their needs, wants, desires, whims—and you’ll be rewarded with higher click-through rates and stronger sales.

We all hear the rumors, the buzz, and constant speculation any time there is a hotly-anticipated iOS release hyped at an Apple keynote. We read the online gossip about the features announced and compare past keynotes.

If you’re reading this, you’ve been there. We have, too. More importantly, we ask the same questions. Will my current iPhone or iPad be supported? Will there be settings to make my iPhone or iPad operate more efficiently, and improve battery life? That’s the ultimate goal for every Apple product user. That, and the glittering unicorn emoji, naturally.

So, let’s dive right into Apple iOS 11.3, shall we?

The release of iOS 11.3 is the third follow-up to the overhaul that was iOS 11 from 2017, and – if Apple is being honest – it’s entirely due to the scandal for which news broke just before Christmas.

Owners of older iPhones are going to love Apple iOS 11.3 because it’s the promised “fix” to the controversial iPhone-slowing process that Apple covertly implanted in our beloved iDevices, intended to slow down the operations of dated models to prevent “sudden shutdown” of the iPhone. (Pssst…Apple…we didn’t believe you!)

Unless you’ve been comatose for the last six months, you’ve heard of Apple’s scandal in admitting it slowed down older phones. There were vague excuses, but it felt like a confirmation to many who joked that it seemed like Apple implanted alarm clocks of sorts that made iDevices slow to a crawl around the 20-month mark, fueling the desire to upgrade the device to the latest version – a well-controlled supply and demand market. Cue Apple’s admission and iDevice owners worldwide felt vindicated, completely ignoring that gnawing feeling of how many devices we feel we’d been tricked into purchasing since the release of the very first iPhone over a decade ago. It wasn’t until after Apple’s offer of battery replacements – at a “discount” – and this release to put control back in the hands of the user that we began to realize that we feel a bit violated.

Looking more closely, Apple offers several features in iOS 11.3, so let’s take a closer look at the highlights of what we get with our digital apology.

• Animoji: Have you ever wanted to turn yourself into a bearmoji? Available in the Messages app, now users can select the bear, dragon, skull and sullen lion characters to mimic facial movements and include voice recordings.
• Apple News: Apple News: A new, customizable “For You” section with personalized content, including video.
• Advanced Mobile Location: An improvement on Location Services, when toggled on this setting automatically shares a user’s location with emergency services when an emergency call is initiated.
• App Store Updates: Updates impacting user experience, like the ability to sort reviews by Most Recent, Most Helpful, Most Favorable, and Most Critical, have been long awaited. Thanks, Apple, for catching up and giving users what is most helpful! Apple is recognizing that users want more control and customization of their devices and this update, which also includes file size of updates, will make the App Store more useful in general.
• Security Improvements: Ever a concern, Apple detected cybersecurity vulnerabilities in Mail, Find My iPhone, iCloud Drive, and the Phone and Clock apps and patches for these were included in the 11.3 release.
• Battery Health: The infamous battery issue has its own setting! Users can get up close and personal with their battery details in Settings, Battery, Battery Health (Beta), and see maximum charge capacity and peak performance capability – and the battery will also indicate if it needs replacing.
  • It’s only when the charge capacity is less than 100% that users will see a message that “performance management” features have been applied (aka, the slowing-down effect) and offering the user the ability to disable this. Users might notice increased operation speed, but Apple warns to expect sudden shutdowns.
  • Note: Disabling this feature is semi-permanent; you cannot turn this feature back on unless a sudden shutdown occurs and then this message reverts.

• Health Records: iPhone owners can now store personal medical records on the iPhone, including the ability to connect to medical providers and download encrypted records. Have information about allergies, medications, tests, and results, vaccinations, and a plethora of medical details at your fingertips. We expect this feature to continue to evolve.

The Big One:

• Updated Privacy: Apple is recognizing that their community greatly values their privacy, and is vowing to help do more to safeguard it.

After installation of iOS 11.3, users are greeted with a welcome message going into more detail about its new Data & Privacy feature that states, “Apple believes privacy is a fundamental human right.” The good news is that Apple is now trying to be very transparent with regard to what data it collects from users. To be fair, iPhone owners are Apple customers, and with this relationship, a degree of consumer information is expected in a transaction. Is Apple not held responsible for maintaining the security on our iPhones? We, therefore, assume they require tidbits of consumer information but also have ironclad security with which to protect us – fair trade on the smallest scale. Apple now tells users what data it collects and why just inside Apple apps with a small icon that looks like two shaking hands. The irony is that much of this information has been included in the privacy policy offered by Apple for iTunes transactions (over 1,000 words, roughly).

Compatible iDevices – iPhone 5S or newer, iPad mini 2 or later, 6^th generation iPod Touch or newer, and the 2018 iPad – will (or will have already) receive automatic prompts to install iOS 11.3, but it can also be manually installed via Settings, General, Software Update. The focus with 11.3 is the iPhone, but iOS doesn’t only run on phones, so the new operating system comes with the goal of overall efficiency and privacy.

We love our iPhones (and iPads, too), and we keep endless information on these tiny pocket computers that run our daily lives. From phone calls to text messages, from email to apps, from appointments to reminders, our iPhones hold the key to our productivity and our connectivity, and we want control over how they function. Apple finally recognizes and concedes (some) control to users with iOS 11.3, and we expect even bigger things to come from this.

Apple, this is the beginning of an even better, stronger relationship!

Social media is big business and has the potential to drive millions of visitors to websites, engage directly with customers on a public platform, and solve – or create – problems in real time. What is the future of “social business”?

Twenty years ago, marketing and promotions were simple and straightforward. The majority of efforts were focused on print: newspaper and magazine advertising, The Yellow Pages, direct mail, billboards, and perhaps flyers. Email marketing was in its infancy, and digital marketing wasn’t quite yet an industry – though there are firms that argue this time frame. Metrics were relatively predictable, and results were in the form of sales and revenue.

• Yes, The Yellow Pages telephone directories still offer printed books. Publishers of “phone books”, as they’re often referred to, reduced paper usage by half before 2013, and major efforts are in place to ensure unused or outdated materials are recycled.

This is not the case today! There are so many facets to “digital marketing” that it’s safe to say the industry is constantly evolving. Yes, constantly. The rules change just as often, and the de facto rule-maker is Google. Google has the famous “Google algorithm”, by which all search parameters are defined. If a business or brand doesn’t meet Google’s search preferences, they’ve wasted their time and won’t make the first page of a user’s search results – and when was the last time you clicked past the first page of results in an average Google search?

There are ads within emails and ads on websites, and even “sponsored results” in an Internet search. Consumers have ads coming at them from every angle of the Internet, so why would social media – including the King of Social Media, Facebook – be any different? It’s not. In fact, a Facebook user is valued even more highly than a search user. The Facebook user is already engaged with a website, and it’s one where the content that loads is customized and personalized for each user. Google tries to do this with search results, but there’s only so much Google can do with a string of words and no context. Both Google and Facebook have the user’s history of cookies, but Facebook has the incredibly valuable position of knowing a user’s friends, families, what content a user likes – literally “likes” by clicking the blue-and-white thumbs-up symbol – and what news stories, photos, and content a user clicks on and engages with. In this context, Google’s metric is the click in terms of the value of a visitor, whereas Facebook’s value of a click is a highly-engaged user already on the website and opting to give more of their time and attention. The ultimate competition comes down to the value of a visitor versus the value of a click.

After evolving from a social platform into a platform that can be highly monetized, Facebook turned the digital marketing industry upside down with the newly-invented notion of advertising right in front of Facebook users. Any organization or brand that has ever paid for advertising on Facebook is used to Facebook changing things up by now – after all, Facebook changes their approach on a regular basis. After seizing the lead and maintaining this very profitable position for years – and years – the brain trust recently announced a bold decision to simplify their overall approach – after long being the primary innovator in social media and marketing and carving the path which others follow today.

Facebook Advertisers Are Users, Too

Facebook users fondly recall a time when privacy settings at the user level resembled a “stealth” mode when users had the ability to set their account information, including their names and other details, as completely private and would not show in other Facebook user searches. The added bonus was the implied guarantee that photos, posts, and other user content had this same level of protection. Sometime around 2009, Facebook implemented a pretty major privacy settings overhaul and many users who long enjoyed stealth status were suddenly thrust into the spotlight – and was no longer “invisible”. In all fairness, Facebook gave plenty of advance notice this change was coming. Their public reason was that Facebook is a social media platform, not a private website where a user could have total control – and this is a fair position. Facebook is a free website for users, but it’s not a nonprofit organization. Ever evolving, their approach has tweaked and allowed users to choose various privacy settings for posts, images, etc., which are highly customizable if the user chooses to take the time.

In 2017, Facebook recognized a growing dissatisfaction from its users and tried to pinpoint the cause. After much speculation, Facebook realized the greatest impact to the user experience is the allowance of brands to intermingle with users in their feeds, detracting from the social purpose of the channel. Thus, more major changes were in store. Facebook announced a desire to go “back to basics” and return the focus of a user’s feed to posts shared by friends and family members and make it harder for brands to get their content seen (unless advertisers were willing to pay). The result was that post reach – the number of people that see a post in their feed – plummeted. The plan was for average Facebook users to see fewer news stories, cat videos, political posts, or branded content, but rather see more photos shared by friends of birthday parties, graduations, and other significant events entirely unrelated to corporate messaging.

Privacy, Redefined

The change to the Facebook feed was a welcome change to users and required a major adjustment to social media marketing efforts for companies. Details of how the changes rolled out and the reasons for these changes trickled into news stories until major news broke that Facebook sold private user information on more than 87 million Facebook accounts to an organization involved in the political arena in 2016. Users worldwide felt violated that a trusted entity would share such private details – a harsh reminder that Facebook is a for-profit entity and users need to read the “fine print” and not just agree to Terms and Conditions without reading. Your digital life is not your own when using a website owned by someone other than yourself.

So, what can Facebook users do to protect themselves? Without deleting your Facebook account, it’s wise to do a once-over on user privacy settings every few months to verify what might have changed and safeguard your information.

• Check your privacy settings
• Facebook offers a variety of user settings allowing for a spectrum of privacy, though most remain a mystery to users. Under “Settings”, click “Privacy” and control how visible information like posts, account information like phone numbers and email addresses, and friend requests and more are.
• Keep friends close
• Friends’ activity can impact others. If a user allows tagging in a friend’s activity, this is then affected by their privacy settings and is subject to sharing or visibility by others.
• Beware third-party apps
• At first, it seemed benign to click “accept” when a third-party app or quiz intrigued a user enough to click content, with the innocent warning that the app would thus be granted access to a user’s profile and list of friends. That list of friends became an incredibly valuable commodity in an environment where privacy settings were controlled by a user – a tricky little workaround.
• Users can adjust these settings quickly and easily but often didn’t go back to limit access.
• Review security alerts
• Users can opt for security alerts when Facebook detects a new login from a different device or browser. Two-factor authentication is also an option. To enable, access the same “Settings” menu, and click “Security and Login” from the left navigation and choose “Setting Up Extra Security”.

Security considerations impact all Facebook users, regardless if a user is also an advertiser. Before abandoning Facebook entirely, employ additional efforts to protect user data and your privacy. This type of “social security” has nothing to do with the government-issued card Americans carry, and a few additional steps will help secure user information and improve the Facebook user experience.

An efficient and secure running IT system is essential for any organization, and especially so for today’s law practices. Your work relies on secure and ready access to your data when you’re in the office, courtroom or when on the road. You need the ability to interface your Line of Business applications with other IT solutions you and your staff depend on each day. In order to remain competitive, you must use the most advanced legal technology solutions available and use them to your best advantage. And, any form of downtime is totally unacceptable because can cost you your clients. For all this, you need a Technology Solutions Provider who can build an IT infrastructure from the ground up to meet your high-security, high-availability, high-efficiency requirements.

The Seven IT Headaches All Lawyers Face Today (And Their Remedies)

Technology challenges can lead to significant IT headaches, especially for small and medium-sized firms that manage their own infrastructure. They often “tag” the one employee who knows the most about technology. But today, it’s impossible for a non-professional to provide the 24/7 IT support, expertise and defense-in-depth protection required today.

Even law firms with a professional IT employee struggle with their changing and increasing technology demands and the need for 24/7 IT remote management. IT headaches in the legal industry vary. But the common factor is that they are pervasive and never-ending unless they are prevented by qualified Legal IT experts.

Headache #1 – Cybersecurity

Client confidentiality is a priority for every law firm. And without the proper IT management, your data can be at great risk.

Many lawyers aren’t aware that their critical data is at risk. The chance that data is breached has increased as attorneys, and their employees use mobile devices and email outside the office. They don’t realize that at a moment’s notice their IT system could be hacked, and confidential information stolen.

Cybercriminals have discovered new, creative ways to steal data. Hackers are increasingly targeting law firms to steal clients’ confidential data. Additionally, unethical competitors engage in illegal eDiscovery to harm a competing law firm, or to win a lawsuit.

Many say, “This only happens to larger legal organizations, not small ones like mine, right? Wrong–Small and mid-sized law firms are a more attractive target for hackers because they typically don’t have the right security solutions in place, nor do they train their employees to recognize phishing and ransomware threats like their larger counterparts do.

Building a cybersecurity infrastructure today can be a daunting task with all the attack vectors in play. The most important challenge comes from the requirement to protect clients’ private information. Client confidentiality is at the top of every attorney’s mind, and without the right IT management, this confidentiality can be breached. Cybersecurity should be the primary concern for litigation attorneys who handle confidential electronically stored information.

“To maintain the required level of competence, a lawyer should develop and maintain a facility with technology relevant to the nature and area of the lawyer’s practice and responsibilities. A lawyer should understand the benefits and risks associated with relevant technology, recognizing the lawyer’s duty to protect confidential information.”

Law firms must prevent:

• Unauthorized access to both their wired and wireless networks.
• Malware from corrupting their network.
• Their employees from clicking on malicious links or unknowingly revealing confidential information to a hacker.
• The disclosure of electronically transmitted communications.
• Data loss from both manmade attempts or natural disasters.

Law firms must ensure:

• Data is encrypted and safeguarded.
• Compliance with legal, regulatory and confidentiality requirements when using technology.
• Files are properly backed up both onsite and offsite, and that they are easily recoverable.
• A secure email-archiving and retention strategy for both data at rest and in transit.
• Cybersecurity is confirmed with regular Vulnerability and Risk Assessments.

The situation demands a defense-in-depth security plan that employs multiple security measures to protect confidential data. Defense-in-depth security was originally conceived by the NSA to provide a comprehensive approach for cybersecurity.

By using multiple layers of automated and remote security solutions, where the outer layers provide a first line of defense, and deeper more concentrated layers stop anything that gets through, lawyers can stop worrying about cyber threats and concentrate on their work at hand. And, as each law firm is unique, this protection requires an IT professional with the knowledge and expertise to find the right combination of security techniques and solutions.

The Remedy: The answer is to rely on a Technology Solutions Provider who will avert security risks and compliance issues that can cost you in legal liabilities, regulatory penalties, and your good reputation.

Headache #2 – Downtime

Every hour lost to downtime means lost billable hours. Time is money when it comes to law practices. Downtime due to power failures, ransomware, natural disasters and more mean your firm is paralyzed and unable to operate.

The increasing digitization of information over the last 20 years has increased productivity for law firms. When IT runs as it should, it helps you save time, and work more efficiently. However, this also means that when it doesn’t, and you’re faced with downtime that your clients, who are used to your efficiency, don’t understand and become angered when their cases come to a standstill.

This causes headaches for you, your employees and your clients. It’s critical that you recover as quickly as possible. When your IT goes down, even for a few hours during a workday, you lose billable hours, lose the ability to send and receive emails, and risk damaging your firm’s reputation.

It doesn’t matter how long downtime persists. It’s unacceptable in any case because it’s preventable. You can mitigate the risk of downtime by having the right technology in place.

The Remedy: Preventive IT measures are key to protecting your confidential data. With the right enterprise cloud backup and recovery system, and the services and support from a Technology Solutions Provider, your firm will benefit from complete system monitoring, secured servers, safeguarded data and upwards of a 99% guaranteed uptime.

Headache #3 – Inefficient IT Performance

In today’s digital world, a slow-performing IT system is like a wound that can drain the life’s blood out of your law firm. You can’t afford to wait this out and hope that things will improve. Time is money, and inefficient IT solutions are not only frustrating, but they can also impede your ability to meet your clients’ demands.

Increased IT performance is one of the biggest benefits of outsourcing your IT service and support. Often, an in-house technical staff creates new problems by overcomplicating basic configurations, because they lack the skill and experience required.

The Remedy: A Technology Solutions Provider offers a higher level of expertise and establishes a highly performing IT system to keep your law firm up and running.

Plus:

• You’ll save money. Unlike with in-house staff, you won’t have to provide benefits like healthcare coverage, sick and vacation days and workman’s compensation.
• You’ll have 24/7 Live Help Desk Support, to ensure your issues are resolved quickly, and your IT systems stay up and running at all times.
• You’ll save time with the resources to start new IT solutions quickly as opposed to waiting for in-house techs who will need to be trained.

Headache #4 – Poor Integration of Line of Business Solutions

You need your Line of Business (LOB) applications to complete your responsibilities each day for Practice Management, Document Management, Time & Billing, and Legal Document Generation.

Applications like:

• PCLaw
• Prolaw
• Juris
• Clio
• Timeslips
• Amicus
• Abacus
• Tabs3 / Practice Master
• Timeslips
• ProDocs

You also need these applications to integrate with popular software programs like Microsoft Office. And when they don’t run as expected, this can cause major headaches.

The Remedy: This requires assistance from a Technology Solution Provider with expertise in legal IT programs.

Headache # 5 How to Maintain Client Confidentiality While Using the Cloud.

Attorneys are using the Cloud in their law practices. However, this can present significant challenges when it comes to their ethical and legal obligations to maintain client confidentiality.

Your law firm can benefit immensely from cloud computing services. However, it’s important to fulfill all of your legal and ethical duties to your clients.

As an attorney, you are subject to ethical rules that make it difficult to use certain types of cloud services. But how do you know what ethical rules apply to your law firm when it comes to using the Cloud? Plus, these ethical rules vary from one jurisdiction to another. If you have firms in multiple locations, how do you manage this?

The more questions you have about cloud solutions, the greater the potential for more headaches:

Confidentiality & Integrity?

Does cloud computing threaten the confidentiality or integrity of your data? Most ethical rules contain a duty of confidentiality and competence.

Third Party Providers?

If you’re assigning responsibilities to the third-party cloud provider, you must make a reasonable effort to ensure that their conduct is compatible with your legal and ethical obligations. Most ethical rules maintain that you must supervise third parties.

Communicating with Clients about Cloud Services?

Must you ask each of your clients if you can store their data in a third party’s cloud? Most ethical rules contain a duty to seek consent for decisions regarding clients’ data.

Safeguarding of Data?

How do you know that your cloud provider can ensure the proper safeguarding of your clients’ files and documents? Are you liable if they don’t? After all, it’s your responsibility to safeguard your clients’ property.

But, cloud computing provides many benefits for the small law practice. You don’t want to miss out on these:

Low Cost

Most enterprise cloud-based services can be obtained at a very reasonable cost. Law firms typically find that it’s less expensive to use these services than running and maintaining their own servers. With cloud computing, you don’t have to pay for your additional servers and hardware.

Less Maintenance

Enterprise cloud services often include maintenance in their offerings. As an attorney, your workday is too busy to worry about updating programs and patching software. The right cloud provider will automatically install all updates for you.

Greater Accessibility

With cloud computing, you and your authorized employees can access your data from any computer, in any location where you have internet access. If you need to work long hours outside the office, you can still access the IT resources you need remotely.

More Flexibility

Cloud computing services are often sold on a subscription and month-to-month basis. They are based on the number of users who access the solution. If your workload increases, you can up the number of subscriptions. If it declines, you can reduce them. on demand.

Security

Most cloud providers employ sophisticated security measures, so you don’t need to worry about client confidentiality. Also, their staff is trained and experienced in the implementation of security measures that align with current security risks.

Cloud computing offers many benefits for your law firm. Don’t let the potential risks stop you from experiencing those benefits. But you must mitigate your risks.

Review the ethical rules that apply to your jurisdiction and determine what type of cloud services would be best for your law firm.

• Make sure you’re clear about the particular service you’re planning to purchase.
• Where are the servers located?
• How will the servers be used to process your data?
• Make sure the service is reliable and secure.

If you’re ready to purchase cloud computing services be sure to review the proposed contract carefully.

Pay attention to the disclaimers of liability, intellectual property, confidentiality, and security provisions. Also, does the service provider have a robust disaster recovery plan in place? It’s critical to ensure that the cloud service provides alternative access to data in the event of a service outage.

The top two important risks to consider include:

Security Breaches

Does the cloud provider protect your data from unauthorized access or modification? Make sure you’re informed about any security breaches that affect your data. Discuss compensation in case a security breach is caused by the cloud provider.

Data Ownership

Read the contract and look for clauses that might give the cloud provider ownership of data stored in the Cloud. Make sure the contract acknowledges that your data is owned by your law firm.

The Cloud provider may offer recommendations for security measures. Your staff must understand these security measures and sign a written agreement to comply with them, such as the prohibition of shared passwords.

The Remedy: Ask Technology Solutions Provider to address these concerns and help you choose the right cloud solutions for your law firm.  

Law firms that want to compete in today’s technology-driven environment must depend on reliable, up-to-date hardware and software solutions. But, with the complexities and rapid changes in IT today, they’re realizing the need to also outsource IT services to experts like Technology Solution Providers, so they can focus on their core competencies, and benefit from increased security, innovation, cost savings, efficiency, and productivity.

Headache # 6– How to Keep Up with Ever-Changing Legal Technology Solutions

The digitization of legal documents and the use of use of electronic word processing, databases, and research software has gone mainstream today. Most law practices now manage case files by electronic means and rely on software programs to search, edit, track, archive and distribute documents.

From legal technology in the courtroom, in corporate environments, for paralegals, for electronic discovery, to BYOD solutions, and even for Artificial Intelligence, all of these enable you and your employees to do your job more efficiently.

But these technologies are ever-changing and evolving. How are you supposed to know which ones to use, which will provide the most benefits, and how to find the time to train your employees to use them properly and securely? How can you keep up?

The Remedy: Choose a Technology Solutions Provider who is adept at keeping up with today’s legal technology solutions and can help you select which are best for your unique requirements.

Technology helps today’s lawyer carry out essential tasks, exercise professional judgment, engage with and represent clients, provide advice and settle key commercial dealings. Those who view technology as an opportunity—rather than a threat—will prosper, and more easily reap the rewards from their efforts. Those who don’t will fall behind the competition.

Headache # 7– Lack of IT Talent

Even if you wanted to hire a full-time IT staff, the talent pool is quickly shrinking if you run a small practice. Even your larger competitors are having difficulty finding the IT talent they need to compete.

Most techs in the workplace lack the breadth and depth of knowledge and experience to stay up to date on today’s ever-changing technology resources. Plus, your law firm has very specific requirements when it comes to IT.

You need the expertise of an IT professional who understands your needs, work processes, regulations, the applications you use, and your unique technology challenges. One who knows the complexities you face and can help you improve the way you use technology by:

• Automating routine legal transactions,
• Assuring you can share and store documents securely,
• Optimizing your work processes,
• Deploying mobility solutions that keep data secure, and
• Helping you capitalize on tools like electronic data discovery.

The Remedy: The only way to get this kind of IT talent is with a Service Level Agreement from a Technology Solutions Provider who specializes in Legal IT Services.

In Conclusion

Today’s law firms are moving to a Managed Services Model where their Technology Solutions Providers have the expertise and credentials to provide the proactive support they require to keep their IT systems secure and running at peak performance. When they do, they no longer suffer from the IT headaches that can put them at a competitive disadvantage.

Technology Solution Providers are helping law firms use technology efficiently and safely. The result? – Increased value from your technology assets, and no IT headaches for both you and your clients.

Here’s Some Up-to-Date Info That Should Be of “Interest”!

Accounting software is much-needed tool today. Gone are the days of manually writing down copious amounts of figures in heavy, dusty logbooks, or using calculators to add up debits and credits. Our computers do this for us now. Accounting software makes the process of bookkeeping more efficient and accurate.

What else is different than in years past? Today’s newest accounting solutions are now cloud-based, and they provide many advantages.

No more shelling out a large amount of cash to purchase expensive business accounting software. Instead, you can pay for a web-based accounting service via a convenient subscription.

Online accounting services are used via the Internet rather than being installed on your organization’s computers. They allow you to access the information you need through an Internet browser like Internet Explorer, Firefox, Chrome or Safari. You can access the service from anywhere you have an internet connection, and it will always look like the same wherever you use it.

Plus, you won’t have to worry about technology requirements, if you have the right operating system, backing up your accounting data, installing updates or dealing with maintenance issues. You get all this and more handled for you–And all for a convenient monthly or annual fee.

Just like any accounting software, cloud-based accounting services allow you to perform all the accounting tasks your business needs, and they include features you’re familiar with like an online general ledger, invoicing and accounts receivable capabilities, purchase histories, business inventories and much more.

And, because upgrades and data backup are managed by the accounting service vendor, cloud-based accounting services are an attractive option for small businesses.

Although these new solutions are cloud-based, you can still buy desktop accounting software if you wish. But due to their popularity, most small businesses are now using online accounting services. Because of their anywhere availability via the Internet, crunching numbers is now much easier than ever before.

What Do Online the Different Accounting Services Have in Common?

Each solution is different, but they all have the following features in common.

They are available via a subscription. Accounting software has always been expensive and needs to be updated every year. With the online version, you pay for only as many users as you need, and you can pay on a monthly or annual basis. Many offer a free trial that converts when you sign up for a service. They cost anywhere from $5 to $70 a month depending on what you require. You won’t be locked into a contract, and all the upgrades are provided. Another plus is that your data will automatically be backed up to a secure cloud.

They’re easy to navigate. Online accounting services try to make your job less taxing with intuitive, easy-to-navigate platforms where you can easily find the features you want. Toolbars, drop-down lists, fill-in-the-blank fields, buttons and icons, all help you enter the numbers for whatever calculations and financial forms you require.

They use language that you’re familiar with. Although we still refer to terms like credits, debits, and chart of accounts, online accounting solutions only use arcane financial language when absolutely needed. The developers are trying to use every-day language whenever possible. However, although centuries old, double-entry accounting is a process we all need to use, and it’s here to stay, the developers let the “wizards” handle the complex processes behind the scenes.

They provide mobile versions. If you’re on the road, traveling for business meetings, or even need to do a little work when you’re on vacation, you can access your web-based accounting services securely from your mobile devices.

You have the choice of different levels of service. Some of the best cloud-based accounting solutions provide more than one level of service at different prices. This way you can purchase just what you need and nothing more. If you need to switch to a different level, most allow you to do this easily.

You can integrate them with other solutions. As your business grows, you may find that you need to use a variety of cloud-based financial management solutions. In this case, many of the best cloud-based accounting solutions allow you to connect to other services that you may already be using.

Dashboards. Interactive home pages or dashboards will help you keep track of your finances by flagging tasks that need attention and providing visuals like graphs and charts to give you a high-level view of where you stand. They summarize data like income, expenses and cash flow in easy-to-read images, so you and your team can more easily comprehend data and can make decisions about what to do.

Which Solution is the Best for Your Business?

So, how do you decide which online accounting solution is best for your small business? You might not be able to find a perfect match, but because they are flexible and provided on a monthly basis, you can find the best one for you and tweak it along the way.

As mentioned, many offer a free trial, so you can “road test” them. Give them a try and consider the following questions when you do:

• Can you import your existing data?
• Are the tasks you perform most often supported? (recordkeeping, billing, purchasing, etc.)
• Do you like the interface? Is it easy to navigate?
• Will it support the number of users you need?
• Are there any restrictions on actions you’ll need to take?
• Is it customizable?
• Is it scalable?
• What is the quality of the mobile application?
• Are add-ons supported?
• Do they provide a help desk or support solutions?
• Is the subscription fee something that your budget will allow?

While you’re at it, we did some homework for you. Below are some of the top online accounting services for small businesses.

Consider these and take advantage of the free trials they offer. Don’t worry if these might not work for you five years from now. Assess them based on your needs for the upcoming year.

Remember, you aren’t purchasing the product. Instead, you’re signing up for a subscription that you can change or upgrade/downgrade as you need. In other words, you aren’t stuck with these like you are with regular accounting software programs.

• Freshbooks
• Zoho
• Intuit
• Xero
• GoDaddy
• Wave
• QuickBooks
• Oneup
• Kashoo
• Sage
• MYOB
• Alignbooks
• Kashflow
• CloudbusinessLLC
• Panhandle

No matter which online accounting solution you choose, you’ll have peace of mind because you won’t have to worry about security. Online accounting services have stringent security requirements to ensure that your data is safely protected from hackers and any kind of loss. Even if your physical office is destroyed, or an employee accidentally deletes information, your online accounting service will be able to retrieve your data for you.

Microsoft Outlook is a professional email and calendar program that’s been used by businesses for over 15 years. It’s had many iterations over the years, but with 2016, and its integration with Office 365, Microsoft has taken Outlook to the next level. Today, small and medium-sized businesses that couldn’t afford the enterprise-level application can now benefit from Outlook 2016.

The following are 3 ways to help you use Outlook 2016 more efficiently.

1. Keyboard Shortcuts

Using keyboard shortcuts in Outlook on Windows will help you work more efficiently. It’s also handy for those who have mobility or vision disabilities because using keyboard shortcuts can often be easier than using a touchscreen or mouse. Here are some popular keyboard shortcuts you should try.

And there are more. Here are popular keyboard shortcuts for NAVIGATION:

When searching, try these handy keyboard shortcuts:

 

To create an item or a file keep these shortcuts in mind.

Shortcuts in Mail.

To see more Outlook 2016 Shortcuts go here.

2. Use Quick Steps

Right-click any email, choose Quick Steps and choose from the list.

We’re going to choose Team Email. The first time we use this, Outlook asks you to name your team and enter their email addresses.

Then create a Keyboard Shortcut for this. So, the next time you hit Control Shift 1, an email to your entire team can be composed.

You can also create new Quick Step. Simply choose Create New Quick Step.

Here are some other Quick Steps to try: ¹

• Move to Folder: This is essentially the same as Move To.
• Categorize & Move: This moves the selected message to a specific folder, marks the message as read, and assigns a category color and name to the message.
• Flag & Move: This moves the selected message to a specific folder, marks the message as read, and assigns a flag to the message.
• New Email To: This opens a New Message form with the To field already filled out with a particular recipient.
• Forward To: This is essentially the same as To Manager.
• New Meeting: If you often send meeting invites to the same group of people, use this Quick Step to open a New Meeting form with the To field already filled in with the invitees.
• Custom: This opens the Edit Quick Step dialog box so that you can create your own custom Quick Step.

3. Use Conditional Formatting

This is used to change the look of a particular email. You do this in the View Menu.

Here, we just click on Conditional Formatting and create an email called Microsoft.

Next, we choose a condition, where the word Microsoft appears anywhere in an email.

Then, we ask it to appear in a bold red font.

Now, any new email we receive with the word Microsoft in it will show up in red. This is a great way for us to recognize the importance of an email. You may want to do this for any email with your boss’s name in it!

And, there are more ways you can get the most from Outlook 2016. Here are a few ideas:

EMAIL

• Change the color and contrast of Outlook: You can also use a picture or color as the background, add a text watermark to your emails.
• Customize emails with the fonts you prefer: Change the default font for various email messages you send, or a particular font for messages that you forward or reply to.
• Create signatures for your different email accounts: Create personalized signatures for your email messages: include text, images, your electronic business card, a logo, or even an image of your handwritten signature. Signatures can be added automatically to all outgoing messages, or you can choose which messages should use a particular signature.
• Setup sound alerts when new emails come in: A sound can play when a new email message arrives. The default sound is a short .wav audio file, but you can change it to any .wav file of your choice.
• Establish tracking options with delivery receipts: A delivery receipt confirms delivery of your email message to the recipient’s mailbox.
• Use Outlook’s templates for your messages or create your own: Use email templates to send messages that include information that rarely changes from message to message. You can also insert icons, photos, and tables into your messages.
• Embed voting buttons in your email to survey your recipients about a particular topic (such as, “When’s the best date and time for a meeting?”): Voting buttons are an excellent way to poll people, especially when communicating with large groups.
• Use Quickparts to insert a standard set of words you often use: Use the Quick Parts Gallery to create, store, and locate content, including AutoText, document properties such as title and author, and fields.
• Clutter: This is where you can place low priority emails you want to read later. Clutter helps you filter these low-priority emails saving time for your most important messages. Office 2016 remembers “Clutter” emails if you want.  If Clutter isn’t for you, you can TURN IT OFF.
• Create folders and subfolders: You can base these on topics, senders, organizations, projects, etc.—Whatever works for you and organize your emails under the subjects you choose. Use folders in Outlook to move email messages, add a folder to your Favorites, and set a rule to move specific emails out of your inbox.

CALENDAR

Outlook 2016 calendars have all the tools and functionality you’ve relied on in the past, with improved features to help you manage your time. 

• Set up multiple calendars (e.g., personal, business, health, etc.).
• Create appointments quickly and share them with your contacts.
• Scheduling assistant lets you access others’ calendars that you’re authorized to view (and vice versa).
• Set reminders, reoccurring appointments/meetings, alerts, and more.
• View your calendar by day, week, month, and year.

CONTACTS

• You can also import contacts to Outlook from other email providers using the Outlook Import/Export wizard. Import a CSV file, Excel spreadsheet, or vCard.
• Your contacts are linked to your email accounts, so you can simply key a name in the “To” field, and your contact’s email address will appear.
• Set permission for a particular contact (delegate) to view your emails while you’re on vacation. Plus, you can give this person access to your calendar, tasks, and so on, as appropriate. One delegate can take care of your email, another your tasks, etc.

TOOLS

• Always know how much space is left in your account.
• Notify those emailing you that you aren’t available during a particular period with Out of Office. You set up a special message you want others to see.
• Even set up different messages for people inside or outside your organization. (Outlook will remind you that the “Out of Office” message is turned on, so you don’t forget when you return.)
• As mentioned above, similar to having an assistant help you manage your incoming paper mail, you can use Microsoft Outlook to allow a delegate, to receive and respond to e-mail messages and meeting requests and responses on your behalf.
• You can also grant additional permissions that allow your delegate to read, create, or have more control over items in your Microsoft Exchange Server mailbox—And, set more than one delegate and permissions for various tasks.

TASKS

Outlook 2016’s task management helps you accomplish to-dos faster and easier.

• Categorize your tasks with color codes.
• Ping reminders for tasks.
• Check-off tasks when complete.
• Create tasks for others as well. Outlook integrates tasks with your emails so that you can assign a task to a recipient.  The task will show up on their task list.

To learn more about how you can get the most from Outlook 2016 contact us.

Your cybersecurity practices shouldn’t be treated like a game of chance unless you are 300% certain you’re going to win. What can you do to make sure your business isn’t the ultimate loser?

Is technology today the endless cycle of cat-and-mouse, with the bad guys always one step ahead? A quick search for “cybersecurity best practices” will yield millions of results, all with their ideas of what you can do – but does any of it make sense? Someone busy running a company faces a complex dichotomy: Being too busy running their company to worry about something that won’t directly generate revenue, but not giving enough time and attention to something that could directly impact revenue. Those are two very distinct and different thoughts, but still closely related.

Not only is cybersecurity a critical focus of business today, but it’s also the easiest way to fail. Cybercriminals – hackers – are usually one step ahead of us good guys, but that’s the “cat and mouse” game to them. We respond to cybersecurity breaches that make the news with preventive measures to avoid the same fate and do our best to have enough safeguards in place to protect every element we can.

Hackers seek a cybersecurity vulnerability to exploit to their advantage. Their reasons don’t matter – it’s the result that affects their victims. Why do we still have vulnerabilities when we know better?

Myth: Half of small businesses think they’re “too small” for a hacker to target.

Truth: Small businesses make easier targets for many reasons. They often don’t have the tech budgets that the Fortune 500 companies do in order to take every precautionary measure to avoid being hacked.

Smartphones are major targets of hackers now, given more than half of all web traffic is reported to take place via mobile devices. Smartphones don’t have the same level of protection, making them easy targets, and therefore easy points of entry to a cybersecurity vulnerability. Imagine pressing a thumbtack into a hairline fracture on a porcelain plate – this one weak spot has the potential for this singular action to shatter the plate into thousands of pieces. Now, imagine this plate is your proprietary data, and this thumbtack is a hacker. Can you see the potential damage?

Myth: Employees of small businesses know more about the company and are more invested in its success, therefore take the time to safeguard their actions.

Truth: The dedication of staff to their employer has nothing to do with cybersecurity.

Modern cybercriminals are targeting critical data: consumer information, accounts with intellectual property, financial information about both the company and consumers. Three out of every four small businesses have no formal cybersecurity policies or protocols in place for staff, nor training to discuss the latest threats and how to thwart them. Hackers know this – oh, yes, they know – and they also know the small business is less protected than those Fortune 500 companies. This is a lethal combination.

• Nearly two-thirds of small businesses have yet to address security regarding mobile devices or enact formal policies for mobile device use as it pertains to professional operations.

Myth: Small businesses can bounce back faster after a breach.

Truth: Half of all small businesses don’t have a disaster preparedness plan in place for recovery should they be impacted by a cybersecurity threat, a “data breach”.

It’s reported that less than half of all small businesses back up their data weekly. Let that sink in. The data loss in the event of a hack could have catastrophic results for as many as half of all small businesses. In the event of a breach, companies of any size consider the data loss and downtime to have the greatest impact, followed by the revenue loss – but most of the time, the impact to a company’s reputation isn’t considered until already in clean-up mode.

If you’re ready to win at “Tech Truth or Dare”, here are the new rules of the game:

Do you know what needs to be protected?

What data do you store? How is your data stored? What protective measures and security protocols are in place? Where are the “holes”? This last question is the most important, and it’s a smart decision to hire an expert to help you with this one.

What formal policies need to be updated – or put in place?

Every business needs an official cybersecurity policy. This policy should also be updated annually, at the minimum. Formalizing a policy can make sure everyone that has access to your data follows the same procedures and the strongest safeguards are in place.

This should include:

• Password protocols
  • Passwords should be unique, complex, and changed regularly
• System updates
  • Check for the latest updates to all applications and security releases
• Privacy settings
  • Verify that users have the most secure privacy settings on their desktop and laptop computers, and smartphones and mobile devices

What is your plan for how to handle a disaster?

Perhaps an extension of the previous question, but no less important is how to handle a hack or breach should one occur. You’ve taken all the necessary steps and precautions, but you still had a disaster – now what? Best practices include daily back-up of your critical resources – which you’ll need to identify – and then test the process to ensure it’s sufficient, just in case.

Talk to experts.

You are an authority in what you do, and your sales pitch to your customers focuses on your expertise. Why wouldn’t you hire experts to protect your business?

Is your training sufficient?

Make sure your staff is aware of the steps needed for Internet safety, email security, network threats, and how to detect and protect in the event of each. Equally important is what need to be done if something happens and they suspect a threat.

Prevent your business from becoming a victim of a hacker this year and win the game!

Make 2018 the year you have an ironclad cybersecurity program, for your home and your office!

The digital revolution has changed our world in unimaginable ways – and for the better! Tools and applications like Microsoft Word and Microsoft OneNote aim to make our lives easier, in one simple step.

Have you ever stopped to think about Microsoft’s naming convention? It’s probably not something that crosses your mind as you open a Microsoft application, like Word or Excel or Outlook. There are teams and departments at Microsoft whose roles include the creative scope for brainstorming names for new products in the Microsoft line-up. If you look deeper, there are not only subtle references to what each does within the name, but there are also psychological implications – like subliminal messaging – within the product names.

Microsoft Word is a word processor, but has a vast array of built-in tools to help users improve their finished written product, like a wordsmith! Its thesaurus feature aids users looking for just the right word when the typed word is close but not “it”. The spelling and grammar check gets many a student through assigned papers – and, more importantly, helps prevent professionals from making expensive errors, like errors that affect professional reputations and can impact revenue and profit. Microsoft Word can perform a mail merge, so users can send letters to clients with just a few clicks – after using the app to perfect their letter, of course. Contracts and agreements depend on accuracy!

Microsoft Excel is a bit of a double entendre. To excel is to show an exceptional skill or quality in a particular activity or subject. Within the word “excel” is “cel”, a homonym of “cell” or the individual areas within a spreadsheet where data can be entered. Lots of dry, technical information in that sentence, but the meaning is the same: a database tool that is superior to other database applications for the professional user base. Here is where Microsoft Excel outshines the competition – and why its previous competition, Lotus 1-2-3, is no longer used. Aside from being a spreadsheet application, Excel offers users an endless variety of tools to really make Excel the go-to platform for data analysis. Including charts, data manipulation, and tools like creating pivot tables in Excel was Microsoft’s act of establishing their superior position with this app.

In the list above, we also mention Microsoft Outlook. Outlook reigned king of email for a very long time in the professional kingdom, but Google’s G Suite is a strong competitor for small and medium businesses (SMBs). Outlook, again, tries to be an all-in-one package for professionals, with email communication but also a calendar feature, a reminder system, user-friendly meeting tools and a variety of user settings to customize the experience.

These applications speak to Microsoft’s dedication to being the full professional package for businesses – and their full Office 365 suite is proof. Included are products like OneDrive, SharePoint, and OneNote. OneNote is one of the most underutilized products in the Microsoft line-up, and with new features being added all the time, we think this is because users aren’t aware of the full extent of what OneNote has to offer.

Microsoft designed OneNote as the digital solution for those who grab the nearest sticky note or doodle pad – or open a new Note on their iPhone – to jot down a quick scribble to remember for later. OneNote helps users gather notes, thoughts, and ideas, all in one centralized and organized location. Users can store everything from quickly-jotted notes to meeting minutes, to lengthy details about projects for home or work, in the same place. What’s even cooler about OneNote is that Notes are searchable and sharable.

• Did you see where we mentioned the iPhone? That’s right – iPhone users rejoice! OneNote is also available for Mac.

To clarify, OneNote is part of the subscription-based Office 365, but OneNote is free as a stand-alone product. To get Microsoft OneNote, follow these steps:

• From a desktop or laptop computer, open a web browser window
• Enter OneNote.com
• Download the latest version for free

New users will be excited to see that Notebooks stored in multiple locations (SharePoint, OneDrive, etc.) show up within the application the same way, simplifying the user experience. These same users will become experts in no time with the classically straight-forward way Microsoft presents the tools at your disposal.

Cool features inside OneNote for users underscore the built-in ability to share your information across all your devices and with other people. Check out some of these:

Email to Yourself

Set up your email from any email service provider supported, like Yahoo or Gmail, and of course, Outlook, within OneNote and you can send any email in your mailbox to your OneNote with a simple one-step task: forward the email to [email protected], and you’ll see it in OneNote!

Office Lens

This handy little tool lets you capture documents and photos with the camera on your phone, and then send that photo to OneNote – try the Email to Yourself trick we just talked about! OneNote and Office Lens will add some filters, adjust lighting, crop out backgrounds, etc., and show up clearly in OneNote. This is great for receipts you’re afraid you might lose, or other situations you might forget about later.

Clipper

This one helps users integrate OneNote with their web browser.

• Go to OneNote.com/clipper
• Click on the button to download the extension to your web browser

Now users can “clip” a page into OneNote, like clipping a coupon from a physical newspaper, except it’s now forever stored digitally in OneNote (until a user deletes it). Text on these pages is searchable within OneNote, too, which is very helpful if a user can remember the context of the page clipped but not necessarily when or exactly what was clipped. This is true of words within a picture on the clipped page, too.

OneNote boasts a number of partners that allow users to integrate with featured apps so that the apps can be used conjointly. A few of these partner apps include:

News360

This is a news reader, offering users news stories much like on a news website. Users can click on a story, and with OneNote integration, the story will show a “Save to OneNote” button. As long as a user is signed into their account in OneNote, the story will save in OneNote. Again, words in the story are searchable.

Feedly

Feedly is a website aggregator, bringing together all the pages a user wants to see in a centralized location and updates the pages as they update. This works similarly to RSS feeds and has the same “Save to OneNote” button that News360 has, as well as the words in the story remaining searchable.

Doxie

This one is for users of Doxie portable scanners. If you have one of these lightweight and portable gadgets, you’re going to love saving your scanned documents to OneNote! Any of the text can still be found with a simple search.

Integration is wonderful! Technology is amazing! With OneNote, Microsoft welcomes developers to make their own services with which to integrate for OneNote and share with users. Make OneNote your new best friend today.

Over Easter weekend, hackers stole 5 million credit and debit card numbers that were used at Saks Fifth Avenue, Saks Off Fifth, Lord & Taylor, and Canada-based Hudson’s Bay Company. The personal information of customers who shopped at these stores is now compromised.

Most of the stolen card data — which goes all the way back to May 17 — was obtained from these stores in the New York City metro area, and other stores in the Northeast U.S. It appears that these stores weren’t using a secure credit card payment system. Security firm Gemini Advisory reported:

“The attack is amongst the biggest and most damaging to ever hit retail companies...Credit card data was obtained for sales dating back to May 2017. The breach likely impacted more than 130 Saks and Lord & Taylor locations across the country, but the majority of stolen credit cards were obtained from New York and New Jersey locations.”

Gemini Advisory says that the hacking group JokerStash/Fin7 boasted about their success on the Dark Web and that the data is now for sale. The name of their “product” is BIGBADABOOM-2. Gemini Advisory’s co-founder and chief technology officer said that this group previously targeted major hotel and restaurant chains. They were also responsible for other data breaches like the ones that affected companies including Whole Foods, Chipotle, Omni Hotels & Resorts and Trump Hotels.

The hackers typically use phishing emails to gain confidential information. They send the emails to company employees including managers and supervisors who are key decision makers. They disguise themselves as an entity these people would recognize as legitimate. The email contains an invoice and asks them to pay it via a link provided. Once clicked, their IT system is infected.

No store is immune from this type of breach. However, you can protect your business from phishing attacks by educating your employees.

Cybersecurity training is a must for all businesses today. You can have all the right security technology in place, but if one of your employees unknowingly clicks a malicious link, or visits a counterfeit website, your business can be ruined.

Phishing is when a scammer uses fraudulent emails, texts, or copycat websites to get you to click a link so that they can steal your confidential information like Social Security numbers, account numbers, login IDs, and passwords. They use this information to rob you of your money and your identity.

The majority of account takeovers come from simple phishing attacks where you or someone in your organization gets tricked into releasing private credentials and information.

Scammers also use phishing emails to get access to your computer or network, so they can install programs like ransomware that lock you out of your important files unless you pay a ransom.

Spoofing

Phishing scammers try to lure you or your employees into a false sense of security by pretending to be a trusted source like a legitimate company, the IRS, a colleague, vendor, or even a friend or family member.

Phishers create a sense of urgency, making it seem like they require your information right away or something terrible will happen to you. They may threaten to hold back a tax refund or close your bank account. Essentially, they lie to get your information.

Here are things that you and your employees should do to protect your business.

Be cautious about opening attachments and clicking links in emails.

Files and links may contain malware that can infect and weaken your computer’s security.

Type in URLs and email addresses.

If a company or organization you know sends you a link or phone number, don’t click the link or call the number. Go to your search engine and type in the correct URL for the company’s site and find the legitimate phone number.

Call the source. Don’t respond to emails that request confidential or financial information. Phishers use strategies that prey on fear. If you think the contact in the email needs this information, refer to the phone number in your address book, not the one posted in the email, and call them to verify the request.

Use Two–Factor Authentication. For accounts that support this, two-factor authentication is an extra step to ensure the security of your information. It requires both your password and an additional piece of information to log in to your account. The second piece might be a code the company sends to your phone or a random number generated by an application or token. Two-factor authentication protects your account even if your password is compromised.

 Update your applications and Operating System. Use a good security software you trust, and make sure you set it to update automatically. Also, make sure you update all your applications and your Operating System when you receive patches from the manufacturer. Don’t delay, as there are good reasons for these updates, and they will protect your information from the latest threats.

Back up your files to an external hard drive and enterprise-based cloud storage. Back up your files regularly to ensure you have a duplicate of all your files and applications if your network is compromised.

Google conducted a study between March 2016 and March 2017 in conjunction with researchers from the University of California, Berkeley. The results revealed that phishing is far riskier for users than data breaches because of the additional information phishers collect.

Use a unique email address.

Spammers send out millions of messages to name combinations hoping to find a valid email address. If you use a common name like Joe, you’ll receive more spam than with a name like Wwmj4itvi. It’s harder to remember an unusual name like this. Try using an acronym like: “We were married June 4 in the Virgin Isles (Wwmj4itvi).

Use an email filter.

If your email account provides a solution that filters out potential spam or will channel it into a bulk email folder, opt for this. If they don’t, you might want to consider another Internet Service Provider.

Use more than one email address.

Consider using a disposable email address service that forwards messages to your permanent account. If the disposable address receives a lot of spam, you can shut it off without affecting your permanent address.

Limit your exposure.

Don’t share your email address in public. This includes blog posts, chat rooms, social networking sites, or in online membership directories. Spammers use the web to obtain email addresses.

Check privacy policies and uncheck boxes.

Before submitting your email address to a website, determine if they can sell your email to others. Don’t provide your address to sites that won’t protect it.

Be wary of messages that:

• Try to solicit your curiosity or trust.
• Contain a link that you must “check out now”.
• Contain a downloadable file like a photo, music, document or pdf.

Don’t believe messages that contain an urgent call to action:

• With an immediate need to address a problem that requires you to verify information.
• Urgently asks for your help.
• Asks you to donate to a charitable cause.
• Indicates you are a “Winner” in a lottery or other contest, or that you’ve inherited money from a deceased relative.

Watch for messages that:

• Respond to a question you never asked.
• Create distrust.
• Try to start a conflict.

Watch for flags like:

• Misspellings
• Typos

 Always Use Secure Passwords.

• Use Two-Factor Authentication if it’s available.
• Never use words found in the dictionary or your family name.
• Never reuse passwords across your various accounts.
• Consider using a Password Manager (e.g., LastPass or 1Password).
• Use complex passwords.
• Create a unique password for work.
• Change passwords on at least a quarterly basis.
• Use passwords with 9+ characters.

Keep Your Passwords Secure.

• Don’t tell anyone your passwords.
• Don’t write them down or email them.
• Never include a password in a non-encrypted stored document.
• Don’t speak your password over the phone.
• Don’t hint at the format of your password.
• Don’t use “Remember Password” feature of application programs such as Internet Explorer, Portfolio Center or others.
• Don’t use your corporate or network password on an account over the Internet that doesn’t have a secure login starting with https://. If the web address begins with https:// your computer is talking to the website in a secure code that no one can access. There should be a small lock next to the address. If not, don’t type in your password.

If you believe your password may have been compromised, you should change it.

Regularly Backup Your Data Both Onsite and Remotely.

• Maintain at least three copies of everything.
• Store all data on at least two types of media.
• Keep a copy of your data in an alternate location.

If you haven’t backed up your data and you’re attacked, it’s gone forever.

Ask Your IT support to Conduct Testing and Security Awareness Training for Your Employees.

• Give a social engineering test.
• Share the results with your staff.
• Debrief and train your users.
• Test again each year.

 Report Phishing Emails and Texts to the Federal Trade Commission.

Forward phishing emails to the Federal Trade Commission at spam@uce.gov – as well as the organization that was impersonated in the phishing email. Include the full email header if it’s available.

File a report with the Federal Trade Commission at FTC.gov/complaint.

Visit Identitytheft.gov. Victims of phishing could become victims of identity theft; there are steps you can take to minimize your risk.

You can also report phishing emails to reportphishing@apwg.org. The Anti-Phishing Working Group which includes Internet Service Providers, security vendors, financial institutions and law enforcement agencies uses these reports to fight phishing.

How Would It Cost Your Business If This Happened To You?

Have you read the news? According to Reuters, Under Armour Inc., headquartered in Baltimore, Maryland, recently suffered a breach of the private information for their 150 million MyFitnessPal app users.

This is the largest breach this year according to experts. It included account usernames, email addresses, and passwords. Lucky for them, Social Security numbers, driver license numbers, and payment card data weren’t stolen like they usually are in data breaches of this kind.

Once again we learn that keeping up to date on cybersecurity, changing passwords often, and using an IT support provider to implement a layered approach to security is essential if you want your business to stay safe in today’s digital world.

Perhaps, if Under Armour had used these services, they could have prevented this breach. Now, their reputation has been ruined.

Would you trust your private data to them?

I wouldn’t.

With so many data breaches today, they should have known better and considered the privacy of their customers. How can they salvage their creditability now?

As a business technology professional, I know that data protection costs much less than what I’d face from a breach – legal liability, fines, and lost customers.

With the rising number of cyber thefts, numerous lawsuits have been filed against businesses like Under Armour. In the last few years, data breaches have become so prevalent that it’s almost commonplace to hear that a company has been breached.

Learning that all their personal information is in the hands of thieves causes a significant change in the behavior of customers. One study found that consumers who learned of a data breach at their favorite retail store significantly cut back on their purchases.

With over 1,500 data breaches in 2017, consumers responded in this way:

• 84 percent said they might not consider doing business with a retailer who had experienced a data breach.
• 57 percent of holiday shoppers felt that identity theft and data breaches would be a significant threat during the holiday season.
• Four in 10 consumers said they believed businesses aren’t doing the best they can to protect them.
• 38 percent said they weren’t sure all companies were doing everything possible to stop data breaches.

I know that my business has the best cybersecurity and IT management that money can buy. I take full responsibility for this and all my customers’ private data.

After what I’ve learned, this is what I would tell the CEO of Under Armour, and others to do from now on:

Protecting your security isn’t only a job for your IT support provider but one for you as a CEO as well. You must understand that any interruption in your information systems can hinder your operations, negatively impact your reputation, and compromise your customers’ private data.

Many CEOs don’t fully understand this. They spend their energy developing new products and services and managing current ones. Security comes in second. Maybe they’re unaware of the risks or feel that it’s solely an IT concern. Some may not be very technical and fear to discuss what could be an intimidating topic, but this isn’t wise.

The Department of Homeland Security recommends five questions that CEOs should ask themselves to lower the risk of cyber attacks:

1) What is the current level and business impact of cyber risks to our company? What is our plan to address identified risks?

2) How is our executive leadership informed about the current level and business impact of cyber risks to our company?

3) How does our cybersecurity program apply industry standards and best practices?

4) How many and what types of cyber incidents do we detect in a normal week? What is the threshold for notifying our executive leadership?

5) How comprehensive is our cyber-incident response plan? How often is the plan tested?

We also need to train our employees on cybersecurity practices like recognizing phishing attacks and using secure passwords. The folks at OneSource handle this for us. Here are some of the topics they cover:

Lesson 1: Ignore Ransomware-Threat Popups and Don’t Fall for Phishing Attacks.

These threats look like they’re from an official entity like the IRS or FBI. If a screen pops up that says you’ll be fined if you don’t follow their instructions, beware! If you do, the criminal will encrypt all your data and prevent you and your employees from accessing it.

Watch out for messages that:

• Try to solicit your curiosity or trust.
• Contain a link that you must “check out now”.
• Contain a downloadable file like a photo, music, document or pdf file.

Don’t believe messages that contain an urgent call to action:

• With an immediate need to address a problem that requires you to verify information.
• Urgently asks for your help.
• Asks you to donate to a charitable cause.
• Indicates you are a “Winner” in a lottery or other contest, or that you’ve inherited money from a deceased relative.

Be on the lookout for messages that:

• Respond to a question you never asked.
• Create distrust.
• Try to start a conflict.

Watch for flags like:

• Misspellings
• Typos

Lesson 2: Always Use Secure Passwords.

• Never use words found in the dictionary or your family names.
• Never reuse passwords across your various accounts.
• Never write down your passwords.
• Consider using a Password Manager (e.g., LastPass or 1Password)
• Use password complexity (e.g., P@ssword1).
• Create a unique password for work.
• Change passwords at least quarterly.
• Use passwords with 9+ characters.
  • A criminal can crack a 5-character password in 16 minutes.
  • It takes 5 hours to crack a 6-character password.
  • 3 days for a 7-character one
  • 4 months for 8 characters
  • 26 years for 9 characters
  • centuries for 10+ characters
• Turn on Two-Factor Authentication if it’s available.

Lesson 3: Keep Your Passwords Secure

• Don’t email them.
• Don’t include a password in a non-encrypted stored document.
• Don’t tell anyone your password.
• Don’t speak your password over the phone.
• Don’t hint at the format of your password.
• Don’t use “Remember Password” feature of application programs such as Internet Explorer, Portfolio Center or others.
• Don’t use your corporate or network password on an account over the Internet that doesn’t have a secure login where the web browser address starts with http:// instead of https:// If the web address begins with https:// your computer is talking to the website in a secure code that no one can eavesdrop on. There should be a small lock next to the address. If not, don’t type in your password.

Lesson 4: Backup Your Data Onsite/Remotely and Securely

• Maintain at least three copies of everything.
• Store all data on at least two types of media (one offsite in a secure enterprise cloud solution).
• Keep a copy of your data in an alternate location.

If you haven’t backed up your data, and you’re attacked, it’s gone forever.

Lesson 5: Secure Open Wi-Fi with a VPN.

• Don’t go to sites that require your personal information like your username or password.
• Use VPN whenever possible. Limit your access to using sites with: https://
• Don’t connect if all the Wi-Fi networks you have ever accessed appear as “Available”.

We have our tech support professionals train our employees a few times a year because the threats keep changing. Plus, we have them conduct Vulnerability Assessments to make sure our cybersecurity “armor” stays strong and intact.

Don’t risk your data. Keep your data secure and your employees educated. I recommend that if you’re in an area they serve, that you should contact us immediately.