Blog

June 22nd, 2016

2016June22_Web_BIf the longevity of a content management system’s (CMS) history is an important factor for you, Squarespace is one of the first and oldest. If ecommerce and analysis is an even bigger factor, they’re definitely for you. With their announcement and demonstration last week, Squarespace solidified itself as an excellent choice for SMBs focusing on internet-driven ecommerce. Read on for more details on how their new service helps you achieve better conversions.

Squarespace publicly admits that their earliest iterations of Commerce, the platform’s ecommerce tool, were targeted at businesses that didn’t see their online sales as their number one objective. Unsurprisingly, that mentality didn’t last long and the website creation company caved in to consumer demands for deeper functionality.

Squarespace Commerce originally did offer some data analysis via a service titled ‘Metrics’, but was recently granted a huge upgrade and the new title of ‘Advanced Analytics’. To access it, simply click ‘Analytics’ from the ‘Home Menu’ on your site. From there, you are taken to a dashboard that displays an overview of seven of your most important data points: Revenue, Units Sold, Orders, Visits, Conversion Rate, Average Order Volume and Revenue per Visit. You can see the performance of these variables over any period of time you set and exact values can be found by clicking on the graph wherever you need more specific information.

So far this isn’t anything that several other CMS platforms can offer you. What begins to set Squarespace Commerce apart is the ability to sift these seven data points by source. You can filter the indicators by sources such as device (desktop, mobile, tablet), site/social network (Google, Facebook, direct, etc.) or by specifying which product produced the data. Although, potentially the most helpful upgrade of all is the ‘Abandoned Checkout’ feature. As one of the biggest problems among ecommerce sites, Squarespace sets its sights on determining why your customers fail to finish their purchase in your online store. It does this by tracking data from all seven of the aforementioned data points and allowing you to create custom followup emails for anyone that has entered their email address and added items to their cart without finishing their purchase. The email can act as a simple reminder or even include a ‘Complete your Order’ call to action in the text of the message.

And since Squarespace is putting such a huge emphasis on data, there’s a whole tab under the Analytics menu titled ‘Purchase Funnel’ that allows you to see how far into the shopping process your customers get. You can compare the number of site visits to the number of users that viewed a product, added an item to a cart and completed a purchase, all in one screen. This will allow you to see where in your sales process you’re losing customer interest.

Of course with any announcement comes all of the finer details like adding templates for ecommerce websites, the addition of a mobile app that allows store managers to keep an eye on their ecommerce from mobile devices and an order delivery calculator.

Although Squarespace promises more availability of customer data is on the way, it still believes that business owners don’t want to be inundated with overly verbose data. Right now they want to focus on simple, key indicators that result in higher profits.

Nowadays the vast majority of SMBs will be offering at least one product or service for sale over the internet. There are a lot of different ways to go about it, but something as simple as improved conversion tracking or mobile management on your ecommerce store could become the reason your company is in the black, or the red. We’re well versed in all of the CMS vendors operating today and we’d love to help you find out which one is best for you -- ask us today!

Published with permission from TechAdvisory.org. Source.

Topic Web & Cloud
June 21st, 2016

2016June21_SocialMedia_BYou can easily measure any celebrity’s success by one thing: their reputation. Celebs with questionable track records tend to star in less movies and make less money. This same notion can be applied to your company. By investing in the creation of a well-liked and interactive online reputation, the chances of skyrocketing towards success is a mere hop, skip and a jump away. Here are ten tried and tested reputation marketing tools you should consider:

ConsumerAffairs

Businesses can forge a strong online reputation and boost revenue with an array of advanced features. Namely, unpaid business plans along with third-party accreditation programs coupled with powerful software as a service (SaaS) platforms - offering companies various resources to convert customer engagement into cash.

BazaarVoice

Ideal for companies with deeper budgets, BazaarVoice extends the online marketing potential of customers’ voices to shopping portals, offline channels as well as natural search. Customers are also able to leave reviews, rating, questions and other customer-generated content on client websites which will then be shared on social media.

Better Business Bureau

Suitable for entrepreneurs and SMBs, not only does this non-profit group mediate and resolve customer-business disputes but also helps you to personally interact with customers - other networking services are also available at an affordable price.

Yotpo

The mechanism behind this ecommerce-oriented plug and play solution is that if you have made online purchases via Yotpo, after receiving them you will get an email asking you to review the product(s). This Mail After Purchase (MAP) provides more verified reviews since they are sent directly to the customer.

Cision

Focusing more on public relations, Cision allows your company to connect with over 1.6 million contacts and outlets, including influential journalists, bloggers and social influencers that would normally be inaccessible.

Percolate

Create campaigns, store files, create content and manage your business’s marketing efforts with Percolate. It takes into account all your details, target audience, brand identity and objectives, after which it provides a cross-channel marketing calendar that helps you plan ahead and eases the process of sharing content with consumers on social media, the Internet and other methods.

Reputation Loop

Similar to Yotpo, Reputation Loop primarily works by automatically emailing customers for product reviews but with this tool, additional features such as real-time reporting, review monitoring on Yelp and Google+ are at your brand manager's disposal.

TinyTorch

Utilizing social influencers and user-generated content (UGC) to build your online profile, TinyTorch is a social platform that allows brands to identify, monitor and manage their online presence. The tool helps you locate your most influential customers and redistribute their stories and photos across multiple marketing channels.

HootSuite

This social media management platform allows your business to monitor and sync all social media accounts onto one interface. HootSuite makes it easier to monitor customer feedback on their social media accounts and share positive reviews across multiple social media networks at once.

TrustPilot

TrustPilot is ideal for businesses looking for something simple to work with. Users get to leave business reviews on its website while offering both free and paid brand listings. It’s an easily-navigable site equipped with an assortment of analytic and engagement tools,

Building a credible and consistent brand reputation might not be easy, but it isn’t an impossible task to complete. Whether or not you have one, it’s never too late to start. Please contact us if you have any questions regarding the efficient tools that’ll help you get started on creating your own company’s reputation.

Published with permission from TechAdvisory.org. Source.

Topic Social Media
June 20th, 2016

p

For some NBA fans, the Milwaukee Bucks have long been a laughingstock on court. However, their most recent loss is no laughing matter. According to Yahoo! Sports, last month a team employee unknowingly sent out names, addresses, Social Security numbers, compensation information and dates of birth of players to a spoofed email account operated by a hacker. However, the Bucks are simply the latest victim in what is a threat to businesses of all sizes. We’ve come up with some pointers on how to protect your business from spoofed emails.

Education is key There are countless cliches out there promoting the importance of education, but when it comes to cyber security, you might as well embrace them all. In the case of spoofed emails, you need to make sure your employees know what these are and how they can harm your company. They can come in several forms and look to attack your organization in a number of different ways. A good defense starts with trained employees using best security practices when it comes to emails. Knowledge isn’t just the key to success, it’s the building block of a comprehensive email security plan.

Check the sender The easiest way to determine a real email from a spoofed one is to view who is sending it. While your basic junk mail folder will screen the really lazy attempts at spoofing, you and your employees can’t rely on it to weed out everything. A lot of cybercriminals have gotten skilled at mimicking the look and feel of companies through professional looking graphics and signatures. For starters, you are going to want to ignore email display names as these can be deceptive. The domain name provides the best clues as to who the sender really is. For instance, if an email requesting your company’s financial documents claims to be from the IRS but the domain reads IRSgov.com, it’s a spoof email since that domain is not what the IRS uses. If you ever spot an email containing a domain you consider to be suspicious, delete it immediately. If it is from a legitimate sender, they will send you a follow up email in a couple of days.

Embrace DMARC Domain-based Message Authentication, Reporting and Conformance (DMARC) can help reduce the risk of spoofed emails being sent internally. For businesses that do not set this up, it is possible for someone to spoof an email account that looks like it is from your business or a current employee and send it from a different server. As we saw in the case with the Bucks, these can appear legitimate to employees who will then in turn do what is requested such as turn off security settings or handover sensitive data. With DMARC in place you can prevent spoofed emails from utilizing your domains by requiring any email sent by your domain to come from your server. This greatly reduces the risk of an internal spoofed email showing up in the inbox of your employees.

Utilize email protections A lot of companies believe they can get by with the simple protections that come standard with an email client. However, doing the bare minimum is rarely enough to stop spoofed emails, not to mention all of the other threats lurking in your inbox, and high-powered email and spam protection will give your organization the added layer of security it needs. Much like elite-level basketball players need the best coaching and equipment to succeed, the only way to truly reduce the risk of falling victim of a spoofed email is to educate your staff properly and then equip them with email filtering. This ensures they aren’t wasting their time constantly trying to identify legitimate emails from fake ones but are prepared when the situation presents itself.

When it comes to email security, working with us is a slam dunk. We may not have the skills of Steph Curry on the basketball court but when in the realm of IT, competitors say they want to be like us. Give us a call today to find out more.

Published with permission from TechAdvisory.org. Source.

Topic Security
June 17th, 2016

2016June17_VoIP_BMost of us have heard of the wonders that VoIP can provide to businesses, cheaper telephony, more diverse functionalities and increased mobility -- but have you heard about the better access to customer data? As technology continues to connect us in new and exciting ways there is an endless supply of data to interpret. VoIP is no different, which is why we’re going to outline 5 innovative ways to make your VoIP data work for you.

Time/Date Data

One source of information that nearly any VoIP system should be able to easily access is time, date and duration of calls. As a small or medium-sized business, you probably work on a tight budget. Properly analyzing this data can be invaluable when deciding how many staff you need on the phones and on what schedule.

For example, you may notice that on Mondays you get a rush of calls in the morning, but by Tuesday afternoon the lines are dead. Just asking your employees when the phones are dead may work, but consider looking for more specific trends to better assign call responsibilities to your staff. You may find that there is a particular combination of time and day that simply doesn’t generate a need for anyone to work the phones.

The more agreeable the person on the other end of the line is, the more likely they are to vote for your company with their dollars. If you’re making outbound calls, pay close attention to when you see the most success. Everyone knows that no one likes to get a call during dinner time, VoIP allows you to take this one step further and find other stress points in your call schedule.

Location Data

Location data is also easy to track and a simple way to make your call strategy more agile. Understanding how purchasing or support habits differ between different locations can improve your marketing, customer service and client retention.

Ask your VoIP service provider about call-routing options so that whoever answers your phones is an expert on the area the caller is from. With the right amount of preparation you can help a client on the other side of the country as if your company was right around the corner, and there are few things as valuable as being helped by a local.

Customer Intelligence

Combining your VoIP services with your Customer Relationship Management (CRM) software opens up entirely new data points. How many times have you called a support line with an issue and have had to explain all of your history with the company? Even if you somehow did win the customer service lottery and got the same representative every time, the chances of them remembering you and your story are slim to none. With proper CRM integration, your VoIP system can route callers to the same service representative every time they call and provide your staff with a detailed support history.

Customer Habits/Personalities

Analyze client call habits and predict how to contact them and offer assistance before they even realize they need it. Does your data show that one of your clients generally calls once a week, but missed last week’s? Give them a call and check up on them.

If you want to really get in the weeds with your data, you can begin to match clients with your service and sales representatives based on ‘personality’ data. Data points like staff’s age, gender and average call time can potentially be used to route customers to the best possible representative.

Product/Service Trends

Whenever possible, tie data to specific products and services in each call and look for the most consistent patterns that result in a successful contact. If you notice that most of the customers that buy your flagship product come back and buy an accessory to it within three months, stop dumping money into marketing the accessory products during the original sale and trust what your data tells you. Follow up in a month and ask if they’re interested in that ancillary product.

You may be thinking that some of these data points were accessible with your legacy systems by simply logging the information separately. Tracking data that way is prone to user error and requires a pre-meditated plan. VoIP services track all of your data, all the time. Your SMB can easily view and analyze up-to-date data in no time. This agility and efficiency can revolutionize how you design your customer interaction strategies.

Do you feel like you could be getting a better ROI from your VoIP services by taking another look at your calling data? It could be as simple as better organizing your usage statistics, or as intricate as installing specialized analytics software. Regardless of how you want to go about it, we’re the ones to do it -- contact us today!

Published with permission from TechAdvisory.org. Source.

Topic VoIP
June 16th, 2016

2016June16_Office_BRecent research by Burning Glass revealed that nearly 8 in 10 middle-skill jobs now require digital proficiency - and jobs that require digital skills pay an average of 18% more than those that don't. Essentially, the more literate you are digitally, the more money you will make. This means paying extra attention in class (instead of skipping it) might actually benefit you in the long run. If classes aren’t a viable option, here are seven beneficial skills to help switch up your tech game:

Easy as pie Charts

If you’d still like stakeholders to continue investing in your business, bombarding them with endless numbers and decimal points might not be the wisest thing to do. It might be better to compile the data into a comprehensive chart. Enter the Recommended Charts tool that offers a basic visuals that depict the latest data trends. More than one set of numbers? No problem, since you can insert multiple charts onto one sheet. After entering the data into the column headers, head to Insert > Chart > Chart Type and choose whichever one you’d like.

Conditional Formatting

This tool helps you highlight any points of interest within your dataset, for example, you are presenting the latest numbers on project efficiency - any numbers lower than 80% are highlighted in red, making it easier for everyone in the office to not only see but also understand the dataset. If red isn’t your favorite color, the formatting is fully-customizable. Select the cell, click Home > Conditional Formatting > Add and voila!

Quick Analysis

Lessen the time needed to sift through and compile numbers from small data sets while also reducing time needed to create charts. Select the data, then click on the icon in the bottom right corner and bring up the Quick Analysis menu - this comprises a variety of tools such as formatting, charts, tables, totals and Sparklines.

Autofill

After Excel picks up on the pattern within your data, Autofill fills in the other rows and columns for you. This saves you time by removing the need of having to manually enter row upon row of data. Just click and hold the lower-right column of the cell and drag the column the down.

Power View

After making yourself comfortable, allow this Microsoft Powerpoint-compatible data exploration and visualization tool to help decipher large datasets to create interactive, presentation-grade reports. With Power View, not only are you saving copious amounts of working time but also minimizing any human errors that could affect the accuracy of the report. For Excel 2013, click Insert > Report.

Pivot Tables

When it comes to data analysis, Pivot Tables might be one of the most powerful yet intimidating tools in Excel’s arsenal. Summarize large amounts of data in lists or tables without having to use a single formula. Head over to Insert > Pivot Tables and select the data range, then select the fields in the top-half of the right-hand sidebar to generate the table.

VLookUp

If you think using Excel was challenging, try working across multiple sheets and workbooks, now that’s a challenge. With the help of VLookUp, you can create reports and/or summaries by collating data from the multiple sheets. For example, sales professionals can pull information on item descriptions, prices, inventory etc. without having to endlessly wander between rows and columns. Start off by selecting the VLOOKUP formula in the formula menu, then enter the cell containing the reference number. Then enter the range of data you want to pull the data from, the column for the data point you’re looking and click either “True” or “False”.

It’s safe to say that Excel is one of the most commonly used business software on the market. And yet not everyone is able to fully utilize it. For any questions on the previously mentioned, or other features on Excel give us a call and allow us to help elevate your user status from beginner to pro.

Published with permission from TechAdvisory.org. Source.

Topic Office
June 15th, 2016

2016June15_HealthcareArticles_AESPN recently reported that a laptop containing the medical records of thousands of NFL players was stolen from the car of a Washington Redskins’ trainer. And while the team released a statement saying no health information protected under HIPAA guidelines was at risk, the incident shows that EMRs are vulnerable no matter the size of your company. That’s why you need to have all medical records completely protected no matter where they are being stored.

And while the Redskins’ situation was bad, an NFL spokesperson did state that the NFL EMR system was not compromised and the league believes the thief was unable to gain access to the intercepted computer or its files. However, this does not mean the situation is resolved and the team is now in the process of informing every person who could be affected.

Not only is this embarrassing but the Redskins could also be vulnerable to civil lawsuits from players affected even if no HIPAA protected information was accessed. If this sensitive data had been breached the team would have faced a significant fine from the federal government in addition to these lawsuits.

According to Bloomberg Business News, a Massachusetts hospital was required to pay the federal government $850,000 for HIPAA violations last year after a laptop containing private health information was stolen. This event triggered a system-wide analysis which revealed several other areas of non-compliance. Not only was the hospital required to pay the fine, but it also had to invest heavily to upgrade their technology systems.

These two stories can serve as a valuable learning tool for any organization that stores documents or files that are regulated under HIPAA guidelines. For starters, it is important to understand that while email threats like phishing are very real and dangerous, the easiest way for a person to gain access to medical records is to simply take the device they are physically stored on.

That is why it is absolutely vital to have any device, be it a smartphone, a computer or tablet, password protected and encrypted should it store or transmit medical information of any sort. This, however, is simply the bare minimum and you might want to consider additional security measures such as two-factor authentication to add an extra level of protection to your devices.

Another thing to consider is storing your EMR using the cloud. When files are stored on the cloud, it means you have complete control over who is able to access these documents and where they can be accessed from. In the case of a missing laptop, once it has been reported as lost, you can immediately block it from retrieving any files and perform a remote wipe which will erase anything currently stored on it.

It is important to remember that every device, even those at companies that use the cloud for document access and storage, still need to have strong passwords and encryption in place. Also, it should be noted that transferring HIPAA-protected data to the cloud is a process that must be handled with care. There are several things which must be addressed to ensure your data is protected in line with all government regulations. Bringing in a cloud service provider who specializes in HIPAA storage can make this process a smooth one for you, your staff, and your patients.

Need help protecting your EMR? Interested in learning more about utilizing the cloud to store your documents? Contact us today. We’re experts in HIPAA-related matters and will guarantee your information remains safe and compliant.

Published with permission from TechAdvisory.org. Source.

Topic Healthcare
June 15th, 2016

By Andy Bailey

Many of America’s favorite companies began as a small start-up.

Ben & Jerry’s sold ice cream out of an old gas station when they first opened in 1979. Mark Zuckerberg created Facebook in his college dorm room. Starbucks started with just one location in Seattle, Washington.

The ability to scale up is a defining trait among businesses that want to move ahead of the start-up pack. To do that, companies must learn how to lose the start-up mentality and focus on a few key areas.

Building A Great Team
Nancy McCord, chief talent officer at Netflix, said, “The best thing you can do for employees – a perk better than foosball or free sushi – is hire only ‘A’ players to work alongside them.”

Top talent likes to work with other top talent. Create a culture where team members challenge each other, learn together and propel the company forward. If your top talent is too busy managing disengaged, subpar workers, the work will get old very quickly. No one wants to go to work and babysit fellow team members.

To create a team of top-tier talent, focus your energy on engaging current members and improving the hiring process. Create a company scorecard for job candidates. Outline the type of person who excels in the position and the character traits they must possess. If an applicant doesn’t meet the criteria, politely decline to pursue them further.

Choosing The Right Strategy
Your company’s strategy is the roadmap that tells you how to get from where you are to where you want to be. It’s the defined path that your start-up will take in order to grow and become a leader in your industry. You should live, breathe and make decisions based on this strategy.

This requires more than just vague goal-setting. What matters most to your organization? What’s your mission? All of these should be taken into consideration before you pick a strategy. Once this strategy is established, your senior leadership should meet weekly to discuss its progress.

Include your entire team in the execution of the strategy and educate them on the “why” behind it. Each employee should have a solid knowledge of the company values, foundation and proposed direction of the company. This transparency will also aid in retaining the top talent you worked hard to recruit.

Improving Your Cash Flow
Your cash conversion cycle (CCC), or the amount of time it takes for a dollar spent to make its way back into your bank account, is one of the most important metrics to watch while scaling your business up. Growth requires money, and the faster you scale up, the more money you need. Learn how cash flows through your organization.

Scaling up is possible, but it takes focus and dedication to these three areas. Every industry-leading company started somewhere, and there’s no reason why your organization can’t be next.

Andy Bailey can cut through organizational BS faster than a hot knife through butter, showing organizations the logjams thwarting their success and coaching them past the excuses. After all, as he tells his clients, 100% annual growth is only 2% growth every week. It’s not easy. But possible. Andy learned how to build great organizations by building a great business, which he started in college then, grew into an Inc. 500 multi-million dollar national company that he successfully sold and exited. He founded Petra to pass on to other entrepreneurs, business owners and leaders the principles and practices he used to build his successful enterprise, which are rooted in the Rockefeller Habits methodology.

Topic Articles
June 14th, 2016

2016June14_Productivity_BWhat do circuses, the Internet and Harry Potter fans have in common? They are all communities that house numerous individuals sharing experiences and showing support on a common interest that defies geographical limitations. The 21st Century is an age where information reaches thousands in mere seconds, and what that can do for your business is astounding, to say the least. Like Rome, online communities aren’t built in a day. It takes time, patience, and the following tips to make it happen:

Make sure your customers are passionate

The number one rule of online community is that it should be a place where like-minded people are genuinely interested in your brand and are able to engage, if that’s not the case, it won’t be any different from throwing a party that everyone ignored. Make sure you have brand appeal, pick up on vibes your customers are giving off and figure out what they really want. The size of your online community isn’t what’s important, customer’s annual revenue and genuine passion for your products play a much bigger role.

Loosen the reins

It’s an undeniable fact that you have put copious amounts of time and energy into building and managing your business - so you can’t help but develop an attachment to it. What business owners have to realize is that your company really belongs to your users. This is a difficult obstacle to overcome, but when you are still clinging on for dear life and discouraging open discussion, you’ve basically shot yourself in the foot. Several times.

Another rule to follow is NEVER delete a post (unless it’s spam), under no circumstances would you want to hide negative feedback. Online communities might be the reality check you’ve been looking for, so accept honest feedback with open arms.

Create a rich experience

Thriving communities are the ones that engage in numerous activities, the same can be said for online communities as well. An example to help put things in perspective is bird watching. Let's say one community only has support forums dedicated to basic subjects whereas the other community offers a feature request area that allow customers to give their thoughts on what they want to see next as well as a visual library on local species. Ensure that there’s always something for your community to do.

Invest in infrastructure

Dedicated team members and the right software are essential components required in taking on an online community - don’t pinch any pennies here. Growing the team and utilizing suitable tech resources are necessary steps that (although nerve-wracking) need to be taken. Entice customers further by tying up all the technological loose ends, make it easy-to-use and devoid of downtime.

Don’t stress over measurements

We live in a time where numbers hold immeasurable power and people expect dashboards to show trending activity constantly. It’s a fact that measuring the ROI of an online community is like trying to find a needle in a haystack. There is one way of measuring your community’s value, not with a measuring tape, but by looking at the number of posts.

If you're aiming to establish higher brand credibility, corporate integrity and customer loyalty but aren’t exactly sure how to go about it, just give us a call! We’ll help you with any questions you may have about building an online community for your business.

Published with permission from TechAdvisory.org. Source.

Topic business
June 10th, 2016

2016June10_Virtualization_BAccording to a Research and Markets report, client virtualization is expected to drive continual growth in the IT sector. Long gone are the days of tedious one-on-one interaction between servers and systems, it is now time to embrace the automated and virtualized alternative. Mainly, there are three options and here they are:

Presentation virtualization

As hinted in the name, it is an application delivery method that delivers desktops or applications from a shared server. This enables access to client applications from a central server that is connected with clients. This initiates a presentation session through a web portal while giving them access to a virtualized application instance on a shared Windows Server OS. The only resources shared with the client is the graphical user interface as well as the mouse/keyboard.

Benefits of this presentation virtualization range from reduced user resource needs to simplicity, since applications are installed only once despite multiple users sharing the same application instance and even server level administration since multiple users are sharing the resources of the same system.

Virtual Desktop Infrastructure (VDI)

Sharing similarities with presentation virtualization, VDI solutions are also a remote display protocol that hosts centrally-managed virtual machines (VMs) that client PCs are connected to on a one-on-one network relationship. Also known as desktop virtualization, this method utilizes a hypervisor that is in charge of hosting a dedicated operating system VM for each client individually. Due to the fact that each client is totally separate from one another on the server, this option allows for flexibility, management and security.

Why VDI? Firstly, it saves you more money since it has smaller software licensing requirements and it also reduces the need for staff to manage and troubleshoot problems. It also allows for secure mobile access to applications by enabling hardware-based GPU sharing through a secure connection from any device as well as better desktop security thanks to customizable permissions and settings. Lastly, it allows for easier maintenance - after logging off at the end of the day the desktop can be reset wiping clean any downloaded software customizations.

Application virtualization

Application virtualization is capable of allowing applications to run in environments that are foreign to the them, for example Wine allows some Microsoft Windows apps to run on Linux. By establishing a common software baseline across multiple computers within an organization, application virtualization also reduces system integration and administration costs. Finally, it enables simplified operating system migrations, whereby applications can be transferred to removable media or between computers without having to install them: effectively becoming portable software.

Not only has virtualization revolutionized the world of IT and computing, but it also has the potential to do the same for your business. Give us a call and find out which option is best for you and your unique business requirements.

Published with permission from TechAdvisory.org. Source.

June 9th, 2016

2016June9_Security_BThe worrisome rise of ransomware doesn’t seem to be slowing as Microsoft recently announced the detection of self-propagating iterations of the malware. With this evolution, it is essential for SMBs to update their understanding of this security threat in order to properly protect themselves. Keep reading to learn how ransomware is continuing to extend its reach.

Ransomware, the malware that locks up infected systems and demands payment to return access to users, has been steadily increasing its infection rate over the course of this year. Enigma Software reported that, “After staying steady for the last six months of 2015, ransomware detection has begun to climb; February saw a 19 percent increase over January, while March had almost a 10 percent increase over February. Then, in April, infections more than doubled.”

And as if that wasn’t frightening enough, Microsoft announced last week that a recently detected ransomware software was found copying itself onto USB and network drives. The ransomware, titled ZCryptor, disguises itself as either an Adobe Flash installer or a Microsoft Office file to trick users into opening it.

Once opened, it displays a prompt that says “There is no disk in the drive. Please insert a disk into drive D:”. If you see this after opening a suspicious file, it is most likely ZCryptor trying to distract you while it works in the background to add a registry key that buries itself deep in your system and begins to encrypt your files.

Although previous ransomware iterations like Alpha Ransomware had the ability to find and encrypt files on shared network drives, security experts believe this is the first time a ransomware variant has included self-replication via removable drives into its framework.

When it was first detected in May, Microsoft found ZCryptor singling out 88 different file types for encryption. However, later on a security expert analyzed the ransomware and found 121 targeted file types -- inferring that creators of the malware were continuing to develop its source code.

It’s commonplace for ransomware to demand payment to be made in Bitcoins as they’re an almost totally untraceable online currency. ZCryptor is no different, demanding 1.2 Bitcoins (500 USD) unless payment is more than four days after infection -- then it increases to five Bitcoins (2,700 USD).

Compared to other more complex security threats, ransomware is still relatively easy to avoid. Always verify the source of email attachments and website downloads before opening files, disable macros in Microsoft Office programs, maintain regular backups and update your security software.

Still concerned about security at your SMB? It doesn’t have to be as difficult and draining as you may think. Contact us today for advice on keeping your network protected around the clock.

Published with permission from TechAdvisory.org. Source.

Topic Security