Capstone Works, Inc. Blog

We are in the business of making sure you are prepared for whatever today’s ever-changing technology environment will throw your way. One of the biggest current trends is Bring Your Own Device, or BYOD. BYOD is exactly what it sounds like — your employees using their own devices in the work-place. With the holidays coming up, and employees receiving new devices, much of your workforce will be equipped to handle a BYOD policy. As this practice becomes more common, it is time to craft an official policy to help protect your business from the risks.

A Bring Your Own Device Policy outlines the rules around employees using their own laptops, tablets, and smartphones for work, whether that means in-office work, or work from home. Today, much of the workforce accesses work files remotely on personal devices. If you do not yet have a BYOD poli-cy, it is time to build one.

Why do you need to set a policy?

There are particular risks and benefits that arise when employees use their own devices. To be sure you enjoy the benefits and decrease the risks, you need a policy that helps employees understand how best to utilize their personal devices in the workplace. You need a formalized document that sets rules and protections in place so that employees have the tools to use their own devices without put-ting your network at risk.

Given that human error is the biggest flaw that hackers exploit, developing a policy and educating your employees as to BYOD best practices is critical to the health of the modern business. But first, do you even want to permit this practice? When making this decision, it’s important to know the benefits you can expect.

What are the benefits of BYOD?

Employee morale
Team members get to work on the devices with which they are most confident and familiar. For example, instead of being a Mac user at home who has to adjust to a PC at the office, or vice versa. Em-power them to work when they feel most efficient and creative, rather than having to wait to get to their office desktop device. Additionally, they may enjoy access to business software in their down-time that they would not have bought themselves, like Adobe Creative Cloud, and come to view it as another perk of the job.

Newer technology
Your employees may opt to upgrade their devices more frequently than the company does.

Reduced costs
When your employees use their existing smartphone rather than a work-provided device, you can en-joy a cost-savings. Similarly, instead of buying a laptop when you onboard a new employee, you may only need to purchase supplemental software like Photoshop and antivirus solutions.

Convenience
Save your team the annoyance of switching between personal and work phones, or accidentally leaving an important document on their workplace desktop and being unable to retrieve it when they want to continue the project over the weekend.

While you can see there are many benefits of allowing your team to work on their own devices, there are many risks and complications that can arise if this practice is not implemented with a policy in place.

Your employees are not all going to be IT professionals, and that means that BYOD policies leave more room for user error and security risks than if every worker is using devices selected and maintained by your IT department. You will need to set specific security policies, and look at providing a secure net-work for your employees to access from home, rather than accessing unsecured WiFi networks. When you implement a BYOD policy, you necessarily give up a level of control; and when an employee leaves, that device goes with them. If you do not have a set policy, there is a risk they could be taking potentially sensitive information with them, like company passwords. That doesn’t mean you shouldn’t implement BYOD at your company, only that you need IT experts in your corner to help you do it. That’s what Capstone Works is here for. Contact us with any of your BYOD questions and we can help you determine your next steps. We help you anticipate the pitfalls of empowering employees to bring their own devices into the workplace so that you can avoid them, and enjoy the benefits instead.

We have outlined some of the general productivity, cost and convenience considerations. We can also help you assess the costs and benefits of a BYOD policy for your unique business, and create a strategy for you. Ultimately, BYOD is becoming a more and more common business practice, but is it right for your company? We can answer that together. Contact Capstone Works today!

Do you know every web application your employees are using? There is a high probability that your workforce is utilizing many devices and applications without explicit approval. Collectively, these programs and devices are called Shadow IT. Shadow IT is essentially any application employees download or IT service they sign up for without vetting by your IT provider. October is National Cyber Security Awareness Month, the perfect time to address the hidden risk of Shadow IT. If you aren’t dealing with your Shadow IT problem, your business is not as secure as you think it is!

There was a time in business when any piece of software would go through a thorough vetting process. These days, times have changed. In today’s technology environment, employees are always looking for the next new app or platform to increase productivity. Employees are more tech savvy, and that makes it is less likely that every piece of IT in use has gone through a thorough vetting process or a risk assessment.

Shadow IT also includes personal devices. There is a growing tendency for team members to get work done at home using their own laptops, iPads, or desktop devices. Personal devices are notorious for lax cybersecurity practices. When employees sign onto the business network using their own devices, there is a major risk that they will bring a virus into that business network.

At this point, it is difficult to imagine an organization that is not implementing Shadow IT, whether deliberately or not. There are countless tools that employees and departments may start implementing innocently without thinking they need to involve your IT provider. Many managers and employees are now selecting their own IT services independently, without checking with an IT expert. From file sharing solutions like Dropbox, to free project management platforms, employees are constantly finding new ways to efficiently collaborate and share information from wherever they happen to be. They no longer need to be in the office to check on the status of a project, or access a sensitive document. Employees are looking for ways to hit and exceed their goals, and they are not necessarily thinking about cybersecurity or the risks they are taking.

As a decision-maker, you must always balance risk and reward. The cost of increased employee productivity may be security, and that may not be a cost you want to cover. They are likely to choose programs for ease of use and convenience, without noticing a lack of important security features like two-factor authorization or encryption. Shadow IT may also lead to mounting costs as different teams pay individually for software that would have a lower group or business rate.

What can you do to protect your business in this climate? You certainly don’t want to discourage employees from building better processes and working when they feel inspired. Yet there are many ways in which Shadow IT puts your business at risk and creates cost inefficiencies. Don’t feel overwhelmed. Contact Capstone Works today. We can work with you to assess Shadow IT usage, then build and implement a new Shadow IT strategy. If we find your team members using unsecured tools, our experts can recommend alternatives. Don’t wait to get started! We will bring your Shadow IT into the light.

When was the last time your business underwent a Network Assessment? As a business decision-maker, there are many moving parts to keep track of, and IT monitoring can easily fall through the cracks until something breaks. This approach can lead to unexpected expenses and business downtime. With a Network Assessment, you can anticipate and plan for potential IT snags, and resolve issues before they become major problems.

First, it is important to understand what a Network Assessment is and what it can mean for your business. This service assesses your IT infrastructure, including processes, security, and performance to identify problems and solutions. It is your first step toward improving IT efficiency and data security.

Now that you understand what a Network Assessment is and why it would benefit your company, it is time to find the right IT provider to manage the process. Partner with Capstone Works and get your Network Assessment scheduled. We’ll help you to:

• Understand network vulnerabilities
• Identify bandwidth bottlenecks
• Increase IT performance and efficiency
• Shore up your cybersecurity defenses

When do you want to have a Network Assessment performed? A Network Assessment is especially critical if you are planning any major IT roll-outs, like a transition to cloud storage solutions, changing to VoIP phones, or if any of your infrastructure is nearing end-of-support or end-of-life. This service can also help shed light on any ongoing issues you have been experiencing, like slow performance speeds.

In the event that issues are identified during the Network Assessment, it is time to determine which actions you should take with the data you have obtained. This is where many business owners and decision-makers may begin to feel overwhelmed. How do you make the best decisions without comprehensive IT expertise? Many small-to-medium sized companies have limited or even no IT staff, or team members who are spread too thin. That’s why Capstone Works is here for you as you navigate these concerns. You do not have to deal with these issues alone. We understand that discovering IT problems can feel overwhelming. At Capstone Works, we believe your IT should be an asset to your business, not a headache. Not only will we perform a full Network Assessment, but we will also work with you to build a plan of action that has you feeling confident. Even if it sounds overwhelming, being proactive can make a big difference, and identifying IT issues is actually the first step to creating an IT infrastructure that works better for your business.

Ready to learn more about our Network Assessment services? Contact Capstone Works today. With our trusted, vetted IT experts on your side, your Network Assessment will provide you with both an understanding of your current IT infrastructure issues and a solution-oriented approach to identifying your next steps.

Ransomware attacks are a serious threat to any size business. For a small business, a ransomware attack can even result in the company going out of business. Last year, ransomware was found to be the most prevalent form of malware connected to company data breaches; cybersecurity provider Malwarebytes cited a staggering 90 percent increase in detected ransomware attacks. Being vigilant and armed with a ransomware plan is not just another best practice, it’s necessary to company survival.

There are two types of ransomware to look out for: encryptors and lockers. Encryption ransomware programs take your files hostage, converting them into a code that will require decrypting. Locker ransomware takes entire networks and devices hostage, sometimes even preventing a computer from booting up. Both types of ransomware tend to have a time limit associated with them. If the ransom is not paid within the time frame, the hackers threaten further sabotage. You do not want to find yourself pitted against criminals like these without a trusted IT partner by your side.

Systems can be infected in several ways. One common method is through phishing attacks, which are communications that pose as content from trusted sources like banks, governments, or popular businesses. These attacks ask users to click on an attachment or a link that then invades the network. Other tactics include pop-up ads and exploiting browser vulnerabilities. There is even a new trend of demanding a ransom without actually infecting the network or device! This method is executed by hackers sending multiple emails threatening users that there is a destructive malware infection on their computer waiting to be activated unless the ransom is paid. At Capstone Works, it is our job to make sure we stay on top of the common tactics so that your network is always protected.

Don’t face the threat of ransomware attacks alone. These attacks can quickly escalate into extremely high-cost disasters. The price of a ransomware attack goes beyond the ransom you pay. For example, the Erie County Medical Center reported it recently spent an estimated $10 million on a $30,000 ransom. How did this happen? Responding to the attack can lead to additional high-cost consequences like staff overtime, lost revenue, emergency IT services, and staff training to prevent another mishap. These costs may be even higher if you are caught without a plan in place and a trusted IT partner like Capstone Works in your corner.

Prevention is your best strategy. Our goal is to work with you to recognize common tactics and train your employees so that we can decrease the likelihood that a ransomware attack will find its way into your network or device. We will monitor your network for suspicious activity, and help you back up your files so that you, and not the hackers, are in control – even if they infect your system. We can also help you manage and predict costs by building a ransomware plan as part of a comprehensive disaster recovery strategy.

Contact Capstone Works today. We will make sure you are ready for whatever hackers could throw your way.

The summer season has arrived! Warmer weather means families are spending time enjoying outdoor activities like hiking, bike rides, and beach days. With less time in the office comes more time on other devices, especially wearable technology like Apple Watches or FitBits. In other words, it is time to think about IoT security.

IoT stands for Internet of Things. Today, we are interconnected like never before, and more and more of our everyday devices are connecting to the internet and to each other. Consequently, more personal and business data is being shared. Your IT strategy must now encompass all the different ways through which you and your team are connecting to your business network.

You are probably wondering how an employee’s fitness tracker affects your cybersecurity strategy. Fitness trackers need to connect to another device like a computer or smartphone in order for the user to view all of the data they collect throughout the day, or input information like foods eaten or how many glasses of water they had. In this example, your employee might be connecting their fitness tracker to both their work and home computers. If their home computer is less secure, a hacker may be able to use the fitness tracker to also infiltrate your network. This is just one example. New IoT devices are now coming onto the market constantly. Soon, smart home assistants could be as common as smartphones. You may even make use of them in your office. With all of this innovation and change, it can be hard for your IT strategy to keep up.

IoT devices are known for being unsecured and lacking built-in security systems. They are also designed to be found and recognized by other devices, so if the default password has not been changed, it can be extremely easy for a hacker to find and access a device by exploiting a known default password. In order to secure your network in the face of increased connectivity, you need to put proactive policies in place, rather than depending on the device’s security systems. Hackers are sophisticated, and their favorite targets are those they expect to be unsecured. They assume that small-to-medium sized businesses are not investing in cybersecurity and will not keep up with the latest technology trends.

We’re here to prove the hackers wrong. With Capstone Works in your corner, you can be confident that we will keep you up-to-date on the latest cybersecurity best practices. We can also help you develop and implement policies that will help manage which personal devices your employees connect to your business network, and educate them around the security steps they need to take when doing so. Even seemingly small steps, like making sure they change their devices’ default password, can make a big difference.

Contact Capstone Works today. Partner with us to keep up with today’s latest technology trends and manage the risks so that hackers never catch you off guard.