Patching computers is very important for modern cybersecurity.

By: Russ Hensley, CEO CISSP
Lexington, KY

Day in and day out we’re asked about operating system patching and it’s role in managed services or managed cybersecurity.

What is patching? What happens to cause patching? Do I need patching? Why is patching important to cybersecurity or normal operations? Why did the patch break my computer? Who’s fault is it when the patch break the machine?

How did it start?

Starting in 2003 Microsoft started to get structured about patching because honestly, it broke a lot of things and random sporadic chaotic patching was not efficient to say the least. Since then the patching process has evolved into a tier of patching from security, critical, emergency and application, workstation and server patching to name a common groups.

Cybersecurity firms and software developers produce a list of “holes” in software called vulnerabilities through intentional or unintentional discovery. The process of the vulnerability identification is a double edged sword. Once confirmed, it can alert the developer, Microsoft or Adobe for example, that there is in fact a confirmed hole, the nature of the hole and give it an entry in a database for identification. The downside, is well now not only does the developer know and the user, but also the threat actor who might look it over and choose to figure out how to exploit this vulnerability to use it for a hack.

Now a days with ransomware and the internet, these patches are often and plentiful and come very fast some times when there are really bad vulnerabilities. Just last week patch Tuesday alone (May 11 2021) contained 55 vulnerability patches, 4 were Critical and 50 Important and 1 Moderate just from Microsoft’s resources. The break down is here from the CompTIA ISAO weekly update video.

Surface devices get firmware updates for example now on the the Third Tuesday and non-security patches for Office are on the First Tuesday.

Patching in general is developed with the white box and tested as best as it can to not nuke your machine and create Crash Wednesday when the patch actually might get applied to your system and a reboot if you’re not on a managed patch plan. Sometimes, the patches are just not compatible or fail and if you’re in a patch management system then you might see a scenario where bad patches are Blacklisted and will not get applied to other machines once they fail in either testing or deployment. Microsoft delivers the best product they can but the customers environment can vary dramatically from a testing scenario.

How much is enough?

I personally believe in aggressive patching where they’re downloaded and workstations are rebooted frequently and servers as needed based on the patch level no less than once a week in some cases. When businesses have users with internet access and email access involved it patching is critical to address security issues and in fact in environments where consumer data is held should be taken very seriously but anywhere that production is based around technology working should be managed.   These environments are typically the best suited for managed services and managed cybersecurity services.

What drives cost?

Some customers opt to not patch or be on a patch management process for various reasons. Perhaps conflicts with software applications, or budgetary constraints. However, with the interconnected tissues of virtual machines, hardware firmware levels and so on it’s almost impossible to not have to catch up patching at some point for security reasons. All of this of course is not talking about software versions that have been end-of-support marked and not receiving any patches, but current production operating systems. Even the End-point-detection and response engines require the operating systems to be patched in order to provide the security levels necessary for them to operate successfully. Otherwise, it’s like sailing a leaking boat.

Our clients who aren’t in a patch management or managed services process opt to pay for exorbitant service fees for patching rather than our fixed managed services fees. Our NOC team tests, blacklists, deploys and remediates any server operating system patches and some applications in our fixed fees in the long run saving thousands of dollars through continuously patching and keeping the operating systems up to date.

It is a complex discussion and some times there are complex answers, but for the most part, managed services addresses the huge amount of patching that is going on for the best value.

Cybersecurity is broken because of the loose approach by business management

By: Russ Hensley, CEO CISSP
Lexington, KY

The current approach to cybersecurity is broken.   In general, the public has embraced the “it won’t happen to me” mentality.  In the end, the safety net is that the IT service provider or in-house IT admin is “taking care of that.”

If you are one of our clients, you have been presented with a set of quotes that we internally call our security stack.  Our stack is built around the National Institutes of Standards and Technology’s Cybersecurity Frameworks (CSF).    The NIST CSF is a derivative of computer security guidance that is woven into healthcare, banking and national security information security policies.    Quite simply, ALL businesses should understand what these frameworks are telling your business to have in place.   If your business is technology driven and if you think that there would be OUTRAGE if the business was off-line for 3 days then you should already have implemented it.

Our job is to work with our clients to provide the technical tools to help prevent intrusion.    With our assistance, our clients must also invest by implementing frameworks and structuring policies.   Security program recommendations for data backup policies, remote worker policies, password policy and security training program for employees are the foundation to protect your business.

Our banking and healthcare clients have lived in overload dealing with these requirements.  However, many businesses in the nation pay little to no attention to the threat.   Often cybersecurity services are viewed as unnecessary overhead UNTIL something happens.    At that point the “overhead” is exorbitant and they realize they do not have insurance that will be needed to pay for the $100,000 or more labor bill to cover recovery, the $30,000 legal bill for their attorney’s, the $80,000 cyber forensics investigators, not to mention the media/pr control and loss of revenue while they are down.     Insurance companies are not shy about letting it be known that they are reducing payouts and increasing premiums because of the lack of implementation and rise in the number of attacks.

Something needs to be done to better prevent and inspect actions that are being taken with incidents like the Colonial Pipeline ransomware attack.   A single attack CAN affect the average American.  “It can’t happen to me” is no longer adequate.

Fixing the approach begins with our legislators starting to understand these issues not from the nerdy intrusion and penetration hacker level, but policies being implemented and educational programs about what it is that is to be dealt with.

How growing hybrid cloud usage will double in two years


 

This article excerpt, by author David Deans, originally appeared here: http://www.cloudcomputing-news…/


Cloud enables IT agility, empowers DevOps teams and helps to transform legacy business models. The fifth annual Future of Cloud Computing survey investigates key trends in corporate cloud usage. This year’s insightful survey findings offer perspective from cloud service practitioners across all industry sectors.

“Cloud has been gaining momentum year­-over-­year since the Future of Cloud Computing survey was launched five years ago. Looking at the adoption rates and trends at such a detailed level, it’s undeniable that the most successful technology leaders of today and tomorrow are scaling in the cloud,” said Jim Moran, General Partner at North Bridge.

“Last year, we discussed the second cloud front and the rise of cloud­-native companies. This year, we’re seeing the pervasiveness of cloud disrupt industries across the board as companies look to maximize and implement cloud as a strategic and integral technology,” Moran added.

“We’re also seeing the emergence of the cloud as the only way businesses can truly get more out of their data including analysing and executing on it in real-­time. This will be a huge opportunity, but as the survey showed, because data rarely moves between clouds companies must first learn how to interconnect disparate data sources into new applications.”

Savvy business leaders are no longer debating whether or not to use cloud, but how pervasively they will use it in their digital transformation plans. The latest survey results highlight record levels of corporate adoption of cloud computing, both for business functions and in areas such as content management and application development in the cloud.

Even the most traditional IT teams are finally evolving. Some are taking back technology strategy from the forward­-looking line of business leaders that led the way to progress. Therefore, North Bridge believes that digital technologies – delivered from the cloud – are becoming differentiating factors for more businesses.

Cloud is the business transformation catalyst

  • Significant processing, systems of engagement and systems of insight are moving to the cloud ­­– 81.3 percent of sales and marketing, 79.9 percent of business analytics, 79.1 percent of customer service and 73.5 percent of HR & Payroll activities have already transitioned to the cloud.
  • IT is moving significant processing to the cloud with 85.9 percent of web content management, 82.7 percent of communications, 80 percent of app development and 78.9 percent of disaster recovery now clou­d-based.
  • While business users have been a fan of cloud’s ease of use, accessibility and scalability since 2011, the importance of cloud agility has jumped from fourth to second in importance within five years.
  • Among all survey respondents, the top inhibitors to cloud adoption are security (45.2%), regulatory/compliance (36%), privacy (28.7%), vendor lock-­in (25.8%) and complexity (23.1%).
  • Concerns regarding interoperability and reliability have fallen off significantly since 2011 (15.7% and 9.9% respectively in 2015). However, the cost of cloud services are now three times as likely to be a concern today, versus five years ago.

Raised expectations for public and hybrid cloud

  • Today, three quarters of company data in significant volumes is living in private or public clouds. However, company data in hybrid cloud systems is forecast to double over the next two years.
  • Corporate cloud computing strategies are focusing on public (up 43.3%) and hybrid (up 19.2%) while private cloud has taken a significant back seat in comparison (down by 48.4%).
  • SaaS is the most pervasive cloud technology used today with a presence in 77.3 percent of all organizations, an increase of 9 percent since 2014.
  • Accordingly, ROI expectations are high with 78 percent expecting to see results within three months. Fifty eight percent expect ROI in less than three months for PaaS services.
  • Among users taking the survey, the biggest factors preventing use of public cloud offerings are security (38.6%), privacy (29.8%) and expertise (22.8%). Regardless, the outlook for ongoing cloud service adoption is very bright.

Azure Partner Community: Business continuity and disaster recovery



This article excerpt, by US Partner Technology Strategist Nick Johnson, originally appeared here: http://blogs.technet.com/b/msuspartner/archive/2015/11/05/azure-partner-community-business-continuity-and-disaster-recovery.aspx

This month we’re talking about business continuity and disaster recovery, two of my favorite IT topics. While they might not sound exciting, they are critical for customers to think about. A good plan for each can mean the difference between long-term success or being one of the 40% of businesses that never re-open following a disaster (as cited in this PDF from the FEMA website).

For partners, helping your customers go through the process of robust business continuity planning, implementation, and testing can solidify your trusted partner status. It can also be a source of revenue when added to your existing capabilities or as a new practice altogether.

Microsoft Azure has two fantastic services, Azure Backup and Azure Site Recovery, that enable a host of use cases.

Identifying the opportunity

As a partner, how do you uncover the opportunity and determine what your customers need? I encourage partners to stop talking and listen more when in customer conversations. Listen for these statements that relate to business continuity—then ask clarifying questions.

  • “We have distributed systems across Windows Server, Hyper-V, and VMWare. They all need protection.”
  • “Protecting data and applications continues to grow in complexity.”
  • “We have so much data and we’re not sure if we’re protecting it all properly.”
  • “Are we spending too much money and effort, or too little?”
  • “Our industry requires long data-retention for compliance reasons.”
  • “Our legacy recovery plan is very labor intensive.”
  • “Testing disaster recovery is hard and often does not work as expected.”
  • “The tier 1 workloads are protected, but protecting tier 2 and 3 has been a challenge.”

If you’re not hearing these things from your customers, use the list above to create a few questions that you can use. I think you’ll find that when you dig into this topic that the need is there.

Assess your current practices

Once the need is identified, you need to spend time assessing your own practices. These questions will help you connect what you have been doing with new opportunities.

Question Opportunity
Have you been designing storage solutions using on premise solutions?
  • Extend those solutions to leverage Azure storage
Have you been designing disaster recovery solutions for on premise solutions on physical hardware, Hyper-V, or VMWare?
  • Begin using Azure as the failover site for the solutions
Are you using System Center DPM, Windows Server Backup, or third-party backup solutions with your customers?
  • Extend current solutions to leverage Azure
Have you sold Azure disaster recovery or backup solutions?
  • Assess implementation status and drive further Azure consumption
  • Extend the solutions to other parts of the customer’s business
  • Turn them into reference customers
What are your sales motions for backup and recovery solutions?
  • Build a pipeline with existing customers
  • Train your current sales teams on selling backup and recovery solutions
Do you have anyone trained on Azure backup or recovery solutions implementation?
  • Train your technical staff and sellers

If you are going to add new practices or capabilities, it needs to make financial sense. Use our new Microsoft Cloud Profitability Scenarios and financial models to understand the considerations for investing in a new cloud-oriented practice. For more partner profitability resources, refer to our online guide.

Recommendations for monetizing a business continuity practice

Assessments

  • Design a Disaster Preparation evaluation to go through with your customers. This should provide opportunity to discover all the servers that need to be backed up or opportunity for Azure Backup to be used for data storage. May also stretch to StorSimple.

Upgrades to on-premises systems

  • Customers that want to run Azure Site Recovery will need Server 2012 R2 if using Hyper-V. Earlier versions of Hyper-V hosts will present an upgrade opportunity.

Setup

  • Drive services revenue through setup of the plan
  • Build repeatable IP with scripting/tools

Maintenance

  • Provide regular monitoring and maintenance

Ongoing testing

  • Run regular test failovers and validation for customers

Ongoing assessments

  • Regular assessment to review new parts of the business and make sure the overall DR plan still meets the needs for the customer.

Consumption

  • Regular, predictable Azure consumption

Apps are going to get a lot smarter with help from Microsoft Office



This article excerpt, by Business Insider author Matt Weinberger, originally appeared here: http://www.businessinsider.com/microsoft-graph-goes-into-general-availability-2015-11


Today, Microsoft officially released the Microsoft Graph, a nerdy solution that opens the doors wide for developers to do a lot more with Microsoft Office.

The critical idea here is the “application programming interface,” or API. Programs use APIs to talk to each other — popular fitness app Runtastic, for example, uses the Google Maps API to display a real-time map on the app.

The Microsoft Graph, first announced in beta back in April, is a set of APIs that blow open theMicrosoft Office 365 productivity cloud to developers, letting them build apps that take a user’s data and put it to use in cool, new ways. 

Basically, it means that any developer can build an app that taps straight into the data that lives inside Office 365, making their wares smarter and faster.

“It’s not just all about Microsoft,” says Rob Lefferts, Microsoft general manager of Office exentensibility.  “It’s a huge starting set of information.” 

And just like Facebook’s famous social graph, the Microsoft Graph lets developers ask questions of the data like, “Who does my customer work closely with?” The intelligence is handled by Microsoft on the back end. (And no, it’s not as creepy as it might sound — like any other app, you’d have to give it permission to access data.)

For instance, Lefferts says, over 850 million meetings per month get booked via Microsoft Outlook for Office 365. That means that there’s tons of data there for an enterprising app developer to build a predictive calendar based on how users spend their time. 

At launch, the Microsoft Graph supports data from sources like e-mail, the address book, and calendars. Later, it’ll be able to support data taken from OneDrive storage, OneNote cloud notes, and other Microsoft data.

The Office Graph also goes both ways. For example, security startup Skyhigh Networks is already using the Microsoft Graph to enforce enterprise policies on customers’ Office 365 installations, scanning and quarantining files that live in the cloud.

For developers, the first taste of Microsoft Graph is free, Lefferts says. But if they’re using Microsoft Office data at volume in their own apps via Microsoft Graph, the company will collect a fee.

It will be a while before most developers figure out how to best access all that data, since the Microsoft Graph is new.

But it has the potential to make apps much smarter, in a behind-the-scenes kind of way. And it’s good for Microsoft, because it means that customers can get more out of the money they’re sinking into Office 365.

“The demand of customers is to say, ‘make it seamless, make it great,” says Lefferts.


    10 Ways Microsoft Office 2016 Could Improve Your Productivity




    This article excerpt, by TechRepublic, originally appeared here: http://www.techrepublic.com/bl…/

    On September 22, 2015, Microsoft released Office 2016 to the masses. At first glance, you may not notice much has changed since Office 2013. But when you look deeper, you will find some interesting and productivity-enhancing differences.

    For years we’ve been promised wonderful benefits from cloud computing, and Microsoft Office 2016 is trying to deliver on those promises. It’s designed to meet our expectations of what a cloud-based, mobile-ready productivity suite can and should be. Only time will tell if Office 2016 actually delivers the goods, but the initial reviews are promising.

    Here are 10 things Microsoft Office 2016 offers as it aspires to be the last productivity suite you are ever going to need.

    1: Real-time co-authoring

    Co-authoring has been around for a long time for many Office apps, but with Office 2016 that collaboration can now take place in real time. That means you will be able to see what your co-conspirators are doing in a Word document or PowerPoint presentation as they do it—and conversely they will be able to see what you are doing. It won’t even matter where you are or what device you are using.

    2: OneNote notebook sharing

    OneNote is one of the most useful applications available in Microsoft Office, and it is also one of the least appreciated. Office 2016 allows you to share a OneNote notebook with as many people as you want. And because OneNote works with text, images, worksheets, emails, and just about any other document type you can think of, it can be a great central resource for a team working on a project. That is, if they know to use it.

    3: Simplified document sharing

    Office 2016 simplifies sharing of documents by adding a Share button to the upper-right corner of your Office apps. Clicking that button will give you one-click access to share your document with anyone in your contacts list. You don’t even have to leave the document to do it. That does sound pretty simple.

    4: Smart attachments

    If you’re like me, you have to send email attachments just about every day. In previous versions of Office, adding attachments to an email required you to navigate to the location where the document was stored. You can still do that in Office 2016, but if the document in question was one you worked on recently, it will now show up in a list of shareable documents right there in Outlook. Essentially, Office 2016 keeps a universal recently worked on list for you.

    5: Clutter for Outlook

    Like most of us, you probably get a ton of email every day. Wading through the Outlook inbox to prioritize each email takes time and hampers your ability to be productive. Office 2016 adds a new category to your inbox triage toolbox, called Clutter. You can designate certain emails as low priority and they, and future similar emails, will be deposited automatically into a Clutter folder in Outlook. So now you have four categories for email: important, clutter, junk, and delete.

    6: Better version history

    Collaboration and creativity can be a messy process, with shared documents changing drastically over time. Office 2016 compensates for potentially lost ideas by keeping past versions of documents and making them available directly from Office applications under the History section of the File menu.

    7: New chart types in Excel

    The ability to visualize data with an Excel chart has always been a welcome and powerful capability. However, the list of available chart types found in previous versions of Excel needed an update. Office 2016 adds several new chart types to the templates list, including Waterfall, which is great chart if you like to track the stock market. Other new chart types include Treemap, Pareto, Histogram, Box and Whisker, and Sunburst.

    8: Power BI

    Between the release of Office 2013 and Office 2016, Microsoft spent a great amount of time and capital acquiring technologies that shore up its business intelligence and analytical applications. Power BI, a powerful analytics tool, now comes bundled with your Office 365 subscription. Knowing every little detail about how your business is running is essential information, and Power BI can bring it all together for you.

    9: Delve

    Delve is another new tool that comes with an Office 365 subscription. The best way to describe Delve is as a central location that gives you access to everything you have created, shared, or collaborated on using Office 2016. It is another recently worked on list, only this version of the list is stored in the cloud—so you can access it from anywhere with any device using the Office 365 Portal.

    10: Purchase choices

    Office 2016 is generally available only as a subscription. Even if you buy a boxed version of Office 2016, you are buying access to an annual subscription, with one exception. If you purchase the Office Home & Student 2016 box, you pay a one-time fee of $149.99 for just the basic Office apps.

    Microsoft has definitely stacked the deck so that the best bang for the buck is a subscription to Office 365, which includes Office 2016 plus all the cloud services. Businesses should be looking at one of the Office 365 for Business subscriptions. It is also going to be your best deal.

    10 REASONS WHY SMALL BUSINESSES CHOOSE OFFICE 365 OVER GOOGLE APPS


    This article excerpt originally appeared here: http://managedsolution.com/off…/

    As any business owner knows, staying competitive means doing more with less. It’s about being nimble, looking professional online, and getting more done in less time. But, with the many choices that are available these days, it’s difficult to find the right tools to accomplish your goals.

    Office 365 delivers a full-featured, business-centric online productivity experience. It is designed from the ground up to meet business requirements for security, privacy, reliability, and manageability. Now, of course, Google also offers online productivity services with Google Apps for Work, so why should small and midsize businesses choose Office 365 over Google Apps?

    Below are ten 10 reasons:

    1. ENSURE THE PRIVACY OF YOUR BUSINESS INFORMATION. Your private business information should be just that—private. Your customers and partners trust you with their sensitive information as well, and Office 365 provides enhanced security by design with our state-of-the-art data centers, premium anti-spam and antivirus protection, and encrypted anywhere access to data. Google Apps for Work adheres to Google’s single privacy policy, which is shared across business and consumer applications.

    2. WORK VIRTUALLY ANYTIME, ANYWHERE. In today’s always-on business world, being able to get work done anywhere can be a significant competitive advantage—especially for small and midsize businesses looking to deliver superior customer service and to differentiate themselves from larger competitors. Office 365 delivers a familiar, yet powerful user experience across PC, phone, and browser, intelligently tailored for each platform. Google has limited offline capabilities for its services. They are only limited to Chrome browser. And the experience is inconsistent across services.

    3. BOOST PRODUCTIVITY AND EFFICIENCY WITH A COMPLETE SOLUTION. Microsoft has been improving Office productivity applications for decades, and Office 365 is a natural extension of that process. With Office 365, you get everything you love about Microsoft Office, and then some. Instant messaging, Yammer Enterprise, real-time presence, video conferencing, and more are built right in and accessible from desktop applications or in the web browser. Customers using Google Apps for Work must rely on third-party solutions for core features such as Mail Merge, Bibliography etc.

    4. GET UP AND RUNNING FAST WITH A FAMILIAR, STRAIGHTFORWARD INTERFACE. Office 365 mobile, online, and desktop applications share a consistent yet tailored experience to give users instant familiarity across devices and locations. You get the familiar Microsoft Outlook® and Office productivity applications you already use—now powered by and working seamlessly with cloud services. Share a file in Word, Microsoft Excel®, or Microsoft PowerPoint® and almost anyone will be able to use it without thinking twice. Customers using Google Apps for Work must rely on third-party tools such as OffiSync and Memeo for functionality that is similar to what is offered in Office 365.

    5. MAKE LIFE EASY FOR CUSTOMERS AND PARTNERS. Office 365 makes it easy for users to create rich documents that convince customers, preserve ideas, and drive innovation. All that richness is preserved whether documents are edited using Office tools on a desktop computer, a tablet, through a browser, or on a mobile device. Google Docs is limited in functionality compared to Office, despite recent efforts to improve.

    6. REDUCE IT COMPLEXITY. Even if you have dedicated IT staff, it’s still likely that you want to minimize the amount of time and money you spend managing systems. Office 365 is designed to be easy for most users to administer and manage, and provides the power of trusted business solutions to meet even the most advanced IT needs. Google Apps does not provide the same level of IT management functionality as Office 365.

    7. MEET YOUR BUSINESS NEEDS WITH A FLEXIBLE SOLUTION. Microsoft believes in giving customers the flexibility to choose what works for their business. That’s why Office 365 offers a choice of easy-to-buy plans to help you get the best solution whether you are a company of one or one thousand. Google’s approach is simple, but it may not satisfy all of your business needs.

    8. RELY ON A FINANCIALLY-BACKED 99.9 PERCENT SERVICE LEVEL AGREEMENT. Office 365 has been built from the ground up for reliability, availability, and performance. Our proven service is powered by the same Microsoft email and collaboration products that businesses have been using for decades. Because of this commitment to reliability and availability, Microsoft is one of the very few cloud services providers that offer a financially-backed service level agreement (SLA) when any Office 365 service drops below 99.9 percent availability.

    9. PLAN EFFECTIVELY WITH A CLEAR ROADMAP AND ALL-INCLUSIVE PRICING. Microsoft updates Office 365 on a regular schedule and provides customers with 12 months’ notice of significant changes to Office 365. Microsoft also contractually commits to maintaining core Office 365 features for the term of the customer’s subscription. With a new customer roadmap to help businesses set their technical strategy, Microsoft helps you understand the company’s vision and innovations. Flexible, predictable, pay-as-you-go pricing options include everything that is listed, so you can rest-assured that Microsoft will support all of the features you purchased, helping you plan budgets more effectively and avoid unexpected expenditures. Google’s approach to innovation is to release beta features with little or no advance warning.

    10. GET THE SUPPORT YOU NEED WHEN YOU NEED IT. Small and midsize businesses don’t have the time to be disrupted. Microsoft provides easy-to-access support options that meet a variety of needs. For small-business customers, Microsoft provides moderated community forums to find quick solutions to problems faced by businesses just like yours. For businesses with advanced technology needs, Office 365 Enterprise plans supplement community support with 24/7 phone support for even single-user outages. And, of course, Office 365 is designed to be easy to manage, even for non-technical people.

    Small Business, Large Cybersecurity Risks?


    This article excerpt, by Tab Wilkins, originally appeared here: http://bit.ly/1qDXT1m
    Is cybersecurity something you need to worry about as a small manufacturer? In 2011, 50 percent of small businesses thought they were too small to be a hacker target, while the Verizon 2013 Data Breach Investigations Report found that 62 percent of breaches impacted smaller organizations. In 2011, the average cost to a small or medium-sized business from a cyber-attack was over $188,000.
    What can be done to try and limit such attacks?
    Jim Watson, President of California Manufacturing Technology Consulting, Inc., (CMTC), the MEP Center serving southern California suggests several tips:
    Limit use and distribution of personal credit cards as payment method for company expenditures
    Train employees on security principles and practices and limit employee access to data and information
    Find and Install the most recent security software and make sure it is updated and current
    Secure wi-fi networks, password protect access to routers and change ALL passwords quarterly
    Install security apps on business cell phones
    There are several web resources available that can help small businesses understand the cybersecurity environment and develop risk-management strategies.  Five of those include:
    The FCC Small Biz Cyber Planner 2.0 helps companies develop a custom cybersecurity plan via an on-line guidance. The custom guide, while not a substitute for consulting with trained security professionals, can help benchmark current practices.
    Another valuable website by the FCC includes additional tips for a small business dealing with cybersecurity as well as references to select articles and other websites with important information. Of particular note are 10 Cyber Security Tips for Small Businesses along with potential solution providers to consider.
    StaySafeOnline.org by the National Cyber Security Alliance has current information on trending topics and how to stay safe on-line.  It offers opportunities to get involved in the cybersecurity community and has tips on teaching online safety.
    Finally NIST has several tools and workshops to help companies better understand and respond to cybersecurity issues such as the Cybersecurity Framework within the Computer Security Division Computer Security Resource Center.  Planning is underway for a series of small business workshops to help owners and managers understand better risk management strategies.
    While the Internet provides significant business advantages and opportunities to all companies of all sizes, every business should think about incorporating practices and tools to guard against cyber-attacks and significant losses.

    Choosing Office 365 to Reduce the Stress of Starting a New Practice


    This article excerpt, by Dr. Vikram Gandhi, originally appeared here: http://bit.ly/11yXkhp
    When I finished my three-year residency in Periodontics at Texas A&M Baylor College of Dentistry, I didn’t think I would purchase a dental practice and remodel a new office that same year. But that’s what happened. When I bought Firewheel Dental Implants and Periodontics in August 2013, it was in an older building and staff used snail mail to communicate with referring dental practices.
    I wanted to modernize the practice and work in a paperless office, so when the opportunity came along, I took it. Making decisions about permits and dental equipment took a lot of my time, so I wasn’t thinking much about business technology. I used Gmail and that was about it. I was living at my brother’s house, and one day he heard me complaining about how difficult it was to find a contractor’s email. Then, when I told him how expensive it was to hire someone to build a website, he told me about Office 365.
    I’m not really a technology person. I like working with my hands and meeting people. That’s why I chose dentistry. So for me, Office 365 is perfect. I have everything I need at my fingertips: email and the Office applications for collaboration as well as web design and development tools. Everything is easy to use and familiar, and it’s cloud-based so I don’t have to worry about servers in the office. I have a professional-looking email address that includes our company name. And compared to Gmail, it’s so much easier to organize my business correspondence using folders that I assign to different topics and vendors. I’m saving a lot of time not searching through my emails. Office 365 is HIPAA-compliant and has email encryption capabilities, so I can send emails that contain patient data to referring dentists without worrying about breaching confidentiality regulations.
    But the biggest surprise for me was how easy it was to build my own website using SharePoint Online. I saved approximately $5,000 USD in web development fees. In basically one weekend, I built a website (www.dentalimplantsandperio.com) that matched my expectations. There’s lots of educational content, with videos that walk patients through the procedures and pre- and post-op instructions. I don’t want people to leave my website to learn what a periodontist does or what a gum graft looks like because if they go back to search the Internet, my competition could pop up. Now I’m busier with my practice, but it doesn’t take long to add a new page or a new tab. Right now, I’m looking into creating a page where patients can provide reviews of their experience at Firewheel.
    I have five computers and laptops with the latest version of Office applications on all of them, thanks to Office 365 ProPlus. This comes in handy when I teach at the dental school every Wednesday afternoon. I can store all my PowerPoint presentations and lecture notes online in OneDrive for Business, and if I tweak my notes or make a change to the presentation during class, they are saved the next time I upload the files. Now I never have to figure out which device has the latest version of a document.
    This is especially true with OneNote. No matter what device I pick up, it has all my notebooks up to date. One of the ways I use OneNote is for employee reviews. We go over the review together, they sign it at the end, and I email them the OneNote page. It’s as easy as that. There are so many ways that Office 365 has simplified the first year of my practice, but the most important thing is that I’ve been able to devote more time to building the business instead of worrying about technology. I can’t see running my practice without it.

    Choosing Office 365 to Reduce the Stress of Starting a New Practice


    This article excerpt, by Dr. Vikram Gandhi, originally appeared here: http://bit.ly/11yXkhp
    When I finished my three-year residency in Periodontics at Texas A&M Baylor College of Dentistry, I didn’t think I would purchase a dental practice and remodel a new office that same year. But that’s what happened. When I bought Firewheel Dental Implants and Periodontics in August 2013, it was in an older building and staff used snail mail to communicate with referring dental practices.
    I wanted to modernize the practice and work in a paperless office, so when the opportunity came along, I took it. Making decisions about permits and dental equipment took a lot of my time, so I wasn’t thinking much about business technology. I used Gmail and that was about it. I was living at my brother’s house, and one day he heard me complaining about how difficult it was to find a contractor’s email. Then, when I told him how expensive it was to hire someone to build a website, he told me about Office 365.
    I’m not really a technology person. I like working with my hands and meeting people. That’s why I chose dentistry. So for me, Office 365 is perfect. I have everything I need at my fingertips: email and the Office applications for collaboration as well as web design and development tools. Everything is easy to use and familiar, and it’s cloud-based so I don’t have to worry about servers in the office. I have a professional-looking email address that includes our company name. And compared to Gmail, it’s so much easier to organize my business correspondence using folders that I assign to different topics and vendors. I’m saving a lot of time not searching through my emails. Office 365 is HIPAA-compliant and has email encryption capabilities, so I can send emails that contain patient data to referring dentists without worrying about breaching confidentiality regulations.
    But the biggest surprise for me was how easy it was to build my own website using SharePoint Online. I saved approximately $5,000 USD in web development fees. In basically one weekend, I built a website (www.dentalimplantsandperio.com) that matched my expectations. There’s lots of educational content, with videos that walk patients through the procedures and pre- and post-op instructions. I don’t want people to leave my website to learn what a periodontist does or what a gum graft looks like because if they go back to search the Internet, my competition could pop up. Now I’m busier with my practice, but it doesn’t take long to add a new page or a new tab. Right now, I’m looking into creating a page where patients can provide reviews of their experience at Firewheel.
    I have five computers and laptops with the latest version of Office applications on all of them, thanks to Office 365 ProPlus. This comes in handy when I teach at the dental school every Wednesday afternoon. I can store all my PowerPoint presentations and lecture notes online in OneDrive for Business, and if I tweak my notes or make a change to the presentation during class, they are saved the next time I upload the files. Now I never have to figure out which device has the latest version of a document.
    This is especially true with OneNote. No matter what device I pick up, it has all my notebooks up to date. One of the ways I use OneNote is for employee reviews. We go over the review together, they sign it at the end, and I email them the OneNote page. It’s as easy as that. There are so many ways that Office 365 has simplified the first year of my practice, but the most important thing is that I’ve been able to devote more time to building the business instead of worrying about technology. I can’t see running my practice without it.