Answers to Four Common Questions Business Owners Have in 2022

It’s time to break out the crystal ball to see what 2022 has in store for business owners. Will this year finally bring us relief from coronavirus in its many forms? Will taxes go up? Will inflation go down?

Here are the four most common questions that keep business owners up at night—and our advice on how to get a better night’s sleep:

What is the Ripple Effect?

The “ripple effect” occurs when the normal flow of business is interrupted and affects every stage downstream. The ripple effect can be found in labor, supply chain, and inflation (to name a few areas of concern).

You need to ask, “what will the ripple effect do to my business?” Every time you read a business article, listen to a podcast or watch a webinar, use the ripple effect to connect the dots on what is being said to your business.

Inflation in China? What does that mean for my retail business in Chicago? Coronavirus outbreak in India? Will that hurt my company in Indiana? The quick answer may be “no,” but if your wholesalers or partners do business in those countries, it could harm your business.

Tip: Play the “What If” game with your business to spot potential ripple effects. For example: “What if my wholesaler’s supplier has to shut down due to the pandemic. How will it affect my business?” Or “What if I own a landscaping company and my customers get hit by a natural disaster? How long will my projects be delayed? Am I caught up with Receivables?” Your answers to all the “What If” questions could make the difference between getting knocked down in business versus getting knocked out of business.

Will the labor shortage continue this year?

The quick answer is yes. But depending on your business, there are options for dealing with a smaller labor pool.

Can you automate any part of your operations, like customer service or inventory control? This would allow your employees to focus on your company’s priority areas. Can you outsource any part of your business? This option also helps deal with having fewer employees.

Tip: Have you tapped into new sources of labor—retirees, friends and family, parents returning to work? One way to find new employees is by offering them the opportunity to work remotely. It is now a competitive advantage for business owners and a reward for employees.

When will my supply chain get back on track?

Probably not as soon as you would like it to be. Everything is backed up! Container ships are sitting out at sea, trucks sit in parking lots waiting for drivers, and shelves sit barren waiting for products.

Tip: This is a painful example of the ripple effect. To counter that, we recommend that you look at alternative options for sourcing materials or buying goods this year. The closer to your home base you can find them, the better your chance of minimizing the ripple effect.

Will Inflation Go Down in 2022?

According to the Federal Reserve, it should, but not right away. They plan to raise interest rates three times this year to combat skyrocketing inflation—last November’s rate was the highest in 39 years.

The first increase is planned for March, which means higher interest rates on everything from credit cards to lines of credit.

Higher inflation creates higher variable costs for your business. Gas, shipping, materials, and so on will be more expensive this year. Until we can control coronavirus, supply chain, and labor issues, inflation will continue to hover above the 5% rate, when ideally, we would have it under 2%.

Tip: Assume higher variable costs in the first half of this year. If they turn out to be lower, your company has better cash flow. If not, you won’t have to deal with negative cash flow because you built higher costs into your plan.

If you have other pressing questions, we would love to hear them and help you develop solutions to better navigate your business through the uncharted waters of 2022. Contact Yeo & Yeo today.

Information used in this article was provided by our partners at Sage.

Despite the world’s best efforts to get everyone off passwords and onto something else (e.g., MFA, password-less authentication, biometrics, zero trust, etc.) for decades, passwords have persisted. Today, nearly everyone has multiple forms of MFA for different applications and websites, and many passwords.

The average person has between three to seven unique passwords that they share among over 170 websites and services. And unfortunately, those passwords often get stolen or guessed by cybercriminals.

According to Hive Systems, any 8-character password can be cracked in less than an hour through brute force. Further, any password containing less than seven characters can be cracked instantly.

Password Attack Defenses

The password attack defenses can be summarized by the following, in order of importance:

Use multifactor authentication (MFA) whenever possible
Be cognizant about what you put on social media
Use a different, non-guessable password for each site and service
Use a password manager wherever you can to allow perfectly random passwords to be created and used
Where a password manager cannot be allowed, users should create long and/or complex passwords or passphrases, different for each site and service
All passwords should be changed at least annually

Whenever possible, use multifactor authentication (MFA) to provide another layer of security. The best tactic a user can do to prevent password hacking (after using MFA) is to avoid being socially engineered, which takes a good, in-depth combination of policies, technical defenses, and end-user education.

In closing, password attacks are widespread and one of the highest cybersecurity risks to any user and organization. Most password attacks happen because a user’s password (or password hash) is stolen or guessed. Users who follow the password defense recommendations above are far less likely to be hacked because of their passwords.

Information in this article was provided by our partners at KnowBe4.

Now that the cloud has become a mainstay in the business world, we’re seeing the true impact of cloud business communications.

Most companies use the cloud — 91 percent use the public cloud, and 72 percent utilize private cloud solutions. With the cloud, teams can work from anywhere—productivity increases. And the reliance on traditional phone systems and expensive hardware is over, making industry-leading business communications accessible to even small companies.

Cloud business communications have turned out to be far more than an option for cutting costs and making scaling easier. It’s shifting the way people work, collaborate, and share information. Let’s dive into the specific ways that the cloud enables business communications.

1. Teams Can Work from Wherever

With the cloud, teams can work from any location with an internet connection. Cloud phones transmit voice data over the internet, so there’s no need to be connected to a traditional PBX phone system to communicate with customers and partners. Your users can also access your cloud communications platforms from anywhere.

Because of the cloud, more businesses are shifting to remote or hybrid work models, which can create a range of benefits, including lower real estate costs, more flexible scheduling, and the ability to tap into a wider talent pool.

2. Data Is More Secure

Before the cloud, data security fell entirely on the shoulders of the company. You had to ensure all your hardware and software were maintained, updated, and protected.

With cloud business communications, your cloud provider shoulders some of the burden.

It’s still up to you to protect your devices, provide security training to employees, and follow best practices such as email encryption and multi-factor authentication. However, it’s up to them to secure their data centers and networks. This shared responsibility enables your teams to use advanced communications technology with confidence.

3. Cloud Business Communications Boost Productivity

Being able to work from anywhere and on any device is also helping to boost productivity. With cloud communication tools such as video conferencing and UCaaS (unified communications as a service), co-workers can connect virtually. They can also share files in real-time and collaborate on projects as if they were physically together.

Additionally, cloud platforms can integrate with other business applications, syncing data and simplifying work processes. Employees can access customer information, analytical insights, and other data without jumping to different applications. This saves time and reduces employee errors.

4. Cloud Technology Is More Reliable

Another way that the cloud enables better business communications is through performance. As long as you work with a provider that guarantees near-flawless uptime, your teams don’t have to worry about reliability issues. Look for a provider that offers a 99.999% uptime guarantee in their service level agreement and say goodbye to business downtime.

Empower Your Teams with Cloud Communications

The cloud has revolutionized business technology. But no area has been more profoundly transformed as much as business communications. With cloud communications, the office has become obsolete, high-level security and compliance aren’t just possible, they’re streamlined, and even low-budget companies can access powerful communications tools.

The best part is that migrating to the cloud and getting started with leading-edge cloud business communications is simple. Just reach out to the team at Yeo & Yeo Technology today and let us know your cloud communication needs. From cloud phones to integrated communication platforms, we’ll help you thrive with the cloud.

Information used in this article was provided by our partners at Intermedia.

How can I make my display more organized?

Consider adding a second monitor. This will allow you to better organize your apps and windows and give you more workspace.

Can my phone be hacked?

Yes! As well as the risk of phishing and smishing (that’s phishing via text message), you also put your data at risk by connecting to public Wi-Fi. Fake apps can be an issue too.

How do I know if my Teams app is up to date?

Click on the three dots next to your profile picture and select ‘Check for Updates’ from the menu. If you’re using Windows 11, you’ll need to check under settings -> about Teams.

Information used in this article was provided by our partners at MSP Marketing Edge.

The FBI published a public service announcement updating its warnings about the continuing threat of business email compromise (BEC, also called CEO fraud). The problem has reached shocking proportions: between June 2016 and December 2021, the Bureau counted 241,206 domestic and international business email compromise incidents. The “exposed dollar loss” (including actual and attempted losses) is the real shocker: $43,312,749,946, more than forty-three billion dollars.

At its root, BEC is a social engineering problem. “The scam is frequently carried out when an individual compromises legitimate business or personal email accounts through social engineering or computer intrusion to conduct unauthorized funds transfers,” the FBI explains.

Some variants don’t necessarily involve a direct, unauthorized funds transfer. The crooks also look for “Personally Identifiable Information, Wage and Tax Statement (W-2) forms, or even cryptocurrency wallets.”

And the problem is growing worse. “Between July 2019 and December 2021, there was a 65% increase in global exposed losses.” Part of the increase may be attributable to the growing use of cryptocurrencies, which are well adapted to fast funds transfers and have a reputation for anonymity.

“The IC3 has received an increased number of BEC complaints involving cryptocurrency. Cryptocurrency is a virtual asset that uses cryptography (the use of coded messages to secure communications) to secure financial transactions. It is popular among illicit actors due to the high degree of anonymity associated with it and the speed at which transactions occur.”

The public service announcement offers some suggestions businesses might follow to protect themselves. Some of them involve instituting sound policies, like using “secondary channels or two-factor authentication to verify requests for changes in account information” or seeing that “the settings in employees’ computers are enabled to allow full email extensions to be viewed.”

Many of them, however, are matters of training:

Ensure the email URL is associated with the business/individual it claims to be from.
Be alert to hyperlinks that may contain misspellings of the actual domain name.
Refrain from supplying login credentials or PII of any sort via email. Be aware that many emails requesting your personal information may appear legitimate.
Verify the email address used to send emails, especially when using a mobile or handheld device, by ensuring the sender’s address matches who it is coming from.
Monitor your personal financial accounts regularly for irregularities, such as missing deposits.

These, and other points, can be addressed in new-school security awareness training that can enable your employees to recognize business email compromise.

Information in this article was provided by our partners at KnowBe4.

When did you last check if everything was okay with the devices your team uses when they work remotely? According to a report by EuroPC, 67% of remote workers are using faulty devices for work. And the reason?

They’ve likely damaged the device themselves and are too scared to tell you!

Laptops, keyboards, and monitors are most likely to be damaged (in that order). And it’s usually because of food or drink spills … though some blame their partners, children, and even their pets.

Using a device that doesn’t work properly is a problem.

First, it’s going to damage your team’s productivity. Tasks might take longer or be more difficult to complete. Employees who try to fix the problem themselves risk causing further damage. But the other issue is that of security.

In some cases, your people will stop using their damaged company-issued device and use a personal device instead, which puts your data at risk because their personal devices won’t have the same level of protection as your business devices.

It also means that if they’re connecting to your network, it might not be a safe connection, potentially leaving the door open for cybercriminals.

And because your IT partner may not monitor personal devices, they won’t spot an intrusion until it’s too late.

Our advice? Make it a routine to check that everyone’s happy with their devices. And have a policy that they won’t get in trouble for accidental damage, so long as it’s reported immediately.

If you need help replacing your organization’s hardware, contact Yeo & Yeo Technology.

Information used in this article was provided by our partners at MSP Marketing Edge.

Email is a foundational communication tool for every business. Unfortunately, it’s often the source of cyberattacks. Ensuring your organization’s email security is ready for hackers’ new methods is paramount to keeping data safe. Here are some of the most common email-based cyberattacks and how to protect against them.

Malicious Attachments

The use of attachments to spread malware is still a favorite of hackers. They often combine this form of social engineering with other techniques. The scenario seems legit because the receiver was expecting it. However, one click to download, and the hackers can penetrate your network and steal sensitive information.

How to Protect Against It

You’ll need an email protection feature that scans attachments in real time. Additionally, a solution that flags suspicious emails is valuable. Such a feature can automatically remediate potential threats based on preconfigured actions.

Phishing Attacks

Protecting email from opportunists has become more complex since the pandemic. Phishing attacks are no longer easily detectable based on misspellings and obvious “scam” language. These more sophisticated deployments impersonate companies, vendors, and colleagues believably. One example is supply chain phishing. Companies are reaching out to new sources for materials and products. A supplier’s website may be labeled as “trusted,” but it’s really a spoofed site.

How to Protect Against It

Phishing email detection will also benefit from the flagging feature mentioned above. Another tool to use is link protection. This functionality prevents users from accessing sites blacklisted as phishing sites or having malicious code. If your user clicks, the technology checks the reputation of the page. If unknown, it completes a real-time scan. Users then receive warnings if the feature marks it as suspicious.

Another critical aspect of mitigating phishing is ongoing employee training. Make this part of your culture so that employees can recognize these attempts. Most research on cyberattacks points to humans as the weakest link. Therefore, continuously educating and informing your people is crucial.

Ransomware

A survey from 2021 found that 51 percent of U.S. companies suffered a ransomware attack in the year prior. Most of those were SMBs. In all, there were 304 million attacks in 2020.

The increase in these attacks demonstrates that hackers are often successful. Money motivates ransomware attacks. They also see an opportunity with SMBs that don’t have the same advanced security layers as larger companies. Again, email can be a way in for these criminals.

How to Protect Against It

SMBs should upgrade their email system to gain the same robust protocols as enterprises. Securing the email channel from viruses, spam, malware, and targeted attacks is essential. A trusted technology partner can provide this to you affordably and deploy it.

Outbound Email Leakages

With the shift to remote or hybrid workforces, email usage is up for many companies. Sending attachments that contain confidential or proprietary information is, as well. However, just sending a document like this as an attachment could be risky.

Developing protocols on what is acceptable is good, but having a process still may not prevent problems. You need technology to make sure everyone follows it, without exception. This is even more urgent for highly regulated industries like healthcare and finance.

How to Protect Against It

The best way to mitigate intentional or accidental leakage is with email encryption for outbound messages. It monitors email content to identify anything that appears confidential. It also tracks the distribution of the content. You prescribe the policies for the feature to meet your regulatory environment.

Another way to protect against this is to keep documents in a secure file share system. By doing so, the data never leaves this secure ecosystem. You may consider including this to keep confidential content out of emails.

Email Security with an Easy Interface

Having an email protection solution doesn’t have to be cumbersome or expensive. With an intuitive interface, you can achieve the control you want. Contact Yeo & Yeo Technology to learn more.

Information used in this article was provided by our partners at Intermedia.

If you’re responsible for managing your organization’s fixed assets, you understand the challenge of efficiently accounting for inventory and tracking everything. This high-priority task leaves little room for inaccuracies as the cost of getting it wrong can add up in a big way.

In today’s competitive market, it is more important than ever for companies to minimize their compliance risks by properly depreciating their fixed assets. If a company does not know what fixed assets it has on the books, it will soon have a complex and time-consuming problem.

What are ghost and zombie assets?

Failing to adhere to correct depreciation schedules can create ghost and zombie assets. Ghost assets are visible on the balance sheet but can’t be physically located, while zombie assets exist within the company but aren’t added into a depreciation schedule.

Ghost assets can result in false decreases in tax liability and compliance standard violations. Zombie assets can cause companies to overpay on property taxes and insurance costs.

Both ghost and zombie assets arise from improper tracking of fixed assets. Managing fixed assets on spreadsheets, while commonplace, leaves you more susceptible to ghost and zombie assets as it doesn’t provide real-time visibility and relies on error-prone manual data entry.

Like virtually every other business challenge, technology through digital transformation offers a solution. Adding fixed assets software to your existing ERP or accounting system can automate your asset tracking to help you easily plan, depreciate, track, and report.

Below are five ways technology can mitigate the risks of ghost and zombie assets.

Inventory management

To support optimal management, fixed assets should be inventoried regularly using a consistent method at every business location. A fixed asset management solution includes built-in quality and accuracy checks to assist with physical inventories and managing data in one central location. The accounting and facilities departments and any other stakeholders should be able to easily access inventory data to establish a system for conducting inventories, as well as creating new assets in the fixed asset management system upon purchase. In this way, both the facilities team and fixed asset accounting managers can be confident that ongoing operational procedures will result in the most accurate information possible in the companywide fixed asset management system.

Asset tagging

If your organization owns multiple fixed assets that are nearly identical, it can be easy to dispose of the incorrect asset when assets are being retired. The best practice is to tag each asset with a unique identifier in the form of bar code labels. This provides the additional advantage of speeding up the inventory process through handheld technology that can scan and record each bar code in seconds. Labels are an essential aspect of fixed asset management that is often overlooked. Due to environmental requirements, bar code necessities, and custom printing needs, your solution should offer a variety of labels that can be printed on-demand to meet your specifications.

Tracking and depreciating fixed assets

Using a spreadsheet, essential data and details about assets can be difficult to manage. Tracking disposals, transfers, labor, locations, materials, and capital investments, as well as generally accepted accounting principles (GAAP), are examples of the key information you’ll want to easily access and filter on one platform for a pulse on self-constructed assets. Digital tracking allows you to customize the specific data points you’d like to track through automation, saving you the time it would take to search manually and facilitating a confident analysis. Robust solutions allow you to create custom depreciation methods, so you can track hundreds of different types of assets comprehensively and in real-time, in most cases.

Workflow integration

Many stakeholders feed into the fixed asset management process, and your solution should support this level of collaboration. Spreadsheet formulas can break when passed from one employee to another, or improper cell reference can lead to inaccurate values. These inaccuracies can then lead to bigger problems.

A centralized repository of asset, lifecycle, and performance data as part of your fixed asset management solution can help resolve these data challenges. Integration with your organization’s purchasing or accounting software adds another layer of control and simplicity. Purchasing data is automatically loaded from one business stream to another, reducing human error and ensuring accuracy at each touch point. An integrated accounting and fixed asset reporting system eliminates the need to duplicate entries or export data between systems.

Project management

As time progresses and assets need to be replaced (or depreciated), you’ll want to start planning for the budget and other resources, especially if you have multiple locations. This allows you to track assets through the entire life cycle and reduce the risk of zombie assets from conception.

Conclusion

Manually managing fixed assets can eat up a considerable amount of staff time that could be better invested elsewhere. A dedicated solution, such as ERP Software, can provide real-time visibility into your fixed assets and protect your organization from excess loss and avoidable risk.

Information used in this article was provided by our partners at Sage.

The United States FBI has warned that scammers on LinkedIn are a “significant threat,” CNBC reports. Sean Ragan, the FBI’s special agent in charge of the San Francisco and Sacramento field offices, told CNBC in an interview that cryptocurrency scams have been prevalent recently.

“This type of fraudulent activity is significant. There are many potential victims, and there are many past and current victims,” Ragan said. “Cybercriminals are always thinking about different ways to victimize people and companies. And they spend their time doing their homework, defining their goals and strategies, and the tools and tactics they use.”

LinkedIn stated in a blog post last week, “While our defenses catch the vast majority of abusive activity, our members can also help keep LinkedIn safe, trusted, and professional. If you encounter any content on our platform you believe could be a scam, be sure to report it so our team can take action quickly. This includes anyone asking you for personal information, including your LinkedIn account credentials, financial account information, or other sensitive personal data. We also encourage you to only connect with people you know and trust. If you’d like to keep up with someone you don’t know but that publishes content that is relevant to you, we encourage you to follow them instead.”

LinkedIn also offered the following red flags to watch for:

“People asking you for money who you don’t know in person. This can include people asking you to send them money, cryptocurrency, or gift cards to receive a loan, prize, or other winnings.”
“Job postings that sound too good to be true or ask you to pay anything upfront. These opportunities can include mystery shopper, company impersonator, or personal assistant posts.”
“Romantic messages or gestures, which are inappropriate on our platform, can indicate a possible fraud attempt. This can include people using fake accounts to develop personal relationships and encourage financial requests.”

Don’t get scammed by social media attacks!

Many of your users are active on Facebook, LinkedIn, and Twitter. New-school security awareness training can teach your employees to follow security best practices, so they can avoid falling for social media attacks.

This article was provided by our partners at KnowBe4.

According to new research, four in five malware attacks delivered by encrypted connections evade detection. And since two-thirds of malware is now arriving this way, it has the potential to be a big problem for your business.

This type of threat has already hit record levels and continues to grow. So, if you don’t yet have a response and recovery plan in place, now’s the time to create one.

It sits alongside your cybersecurity software protection and regular staff training. The plan details what you do in the event of a cyberattack.

Having the right plan in place means all your people will know how to sound the alarm if something is wrong. It ensures downtime and damage are kept to an absolute minimum.

The faster you respond to an attack, the less data you should lose and the less it should cost you to put things right.

Of course, you should also follow the usual security guidelines, ensuring that updates and patches are installed immediately, and regularly checking your backup is working and verified.

Businesses that don’t place high importance on their own cybersecurity planning are the ones hit hardest by such an attack.

Can we help you create your response and recovery plan? Contact Yeo & Yeo Technology today.

Information used in this article was provided by our partners at MSP Marketing Edge.

Accounting software provider Intuit has warned of a phishing scam targeting its customers, BleepingComputer reports. The phishing campaign affected users of Intuit’s QuickBooks product, informing them that their account was put on hold.

“Intuit has recently received reports from customers that they have received emails similar to the one below,” the company said in an alert. “This email did not come from Intuit. The sender is not associated with Intuit, is not an authorized agent of Intuit, nor is their use of Intuit’s brands authorized by Intuit. Please don’t click on any links or attachments, or reply to the email. We recommend you delete the email.”

If a user has clicked on a link or downloaded something from the email, Intuit offers the following recommendations:

Delete the download immediately.
Scan your system using an up-to-date anti-virus program.
Change your passwords.

The phishing emails appear convincing and contain good grammar, stating, “Dear Customer, We’re writing to let you know that, after conducting a review of your business, we have been unable to verify some information on your account. For that reason, we have put a temporary hold on your account. If you believe that we’ve made a mistake, we’d like to remedy the situation as soon as possible. To help us effectively revisit your account, please complete the following verification form. Once the verification has completed, we will re-review your account within 24-48 hours.”

The email contains a button that says “Complete Verification.” If a user clicks this link, they’ll either be asked to download a malicious file or taken to a site designed to steal their information. Intuit notes that users can verify if they’ve received a legitimate email from Intuit by signing into their account and checking to see if they’ve received the same message online.

Be Proactive – Don’t Wait to Fall Victim!

Cyberattacks are likely taking place every day on your business, with email responsible for 91% of all attacks. Small to mid-size companies are the prime target and most vulnerable.

Our 13 Ways to Protect Your Business Against Cyberattacks checklist, provides steps to improve your cybersecurity. Developing a comprehensive cybersecurity program that includes a plan for educating your workforce is the best defense.

This article was provided by our partners at KnowBe4.

If you’re reading this, you’ve already heard ‘digital transformation’ somewhere. In a nutshell, this refers to an organization adopting digital technology to improve efficiency, add value, and drive innovation across the business.

Every organization moves at its own speed when rolling out new tech. An organization’s digital transformation strategy is a plan of action to reposition itself in the digital economy. Like the world we live in, customer habits are constantly evolving—so too should the way companies operate if they want to keep people engaged and stay successful.

Getting human buy-in for digital transformation

Winning businesses innovate, tapping into emerging technology to change how their employees work. But for a truly successful transformation, you need buy-in from the top down.

To help your coworkers understand the need for innovation, take a practical approach using examples like buying groceries or fueling up a car. Most people don’t realize that they’re interacting daily with BOTs that use RPA, ML and AI, paying with NFC, and doing so from the Digital Operating Platform (DOP) that they hold in their hand.

Wait a minute. What does all that mean?

That is a pretty wordy statement, so let’s break it down.

A BOT is a software program that performs repetitive tasks. BOTs are used to take orders, such as an order for Starbucks that we place on our phones.

Through AI—Artificial Intelligence—the BOT may also suggest or ask if you want to order something additional such as “Egg bites are frequently ordered with this coffee. Would you like to add them to your order?”
Through ML (machine learning), the BOT might say, “Last time you purchased a croissant, would you like to add this to your order?”

Ask your team to use personal buying experiences to relate back to your organization’s customer buying experience and how it can be improved through technology. That’s the key to understanding the tech, the benefits it might have, and the direct correlation it might have with your customers.

Dream it, then do it

Getting staff to envision better, more efficient ways of working will help propel your business forward with your digital transformation projects, no matter the size.

The hardest part? Getting everyone in the organization comfortable with the change in processes. The move from the way things have been done for years to a more efficient, happier place to work.

The International Data Corporation (IDC) reports that digital transformation initiatives led, on average, to a 14% financial uplift during the pandemic.

Empowering people with the knowledge they need to use emerging technologies is a big deal for organizations investing in digital strategies. That covers everything from taking manual administrative tasks and automating them to free up valuable resources to streamlining processes that create more time for strategic activities, like revenue generation and cost mitigation.

Above all, it gives employees something priceless: the sense of empowerment and self-worth that comes with knowing they can use technology to amplify their impact on your organization.

Information used in this article was provided by our partners at Sage.

Many companies are using hybrid work models instead of expecting employees to go back to the office full-time. With a hybrid model, business leaders can realize the benefits of both in-office and remote work.

Here’s a look at the hybrid work model and what employers can do to support a more flexible workplace.

What Will Hybrid Work Look Like?

A hybrid work model refers to any model that involves a combination of in-office work time and work-from-home time. The specifics of your model will depend on several factors, such as office space, what your employees prefer, and how many staff members you need in the office.

Here are some questions to consider when creating your business’s hybrid model:

Will employees come to the office on a set number of days, such as two days in the office and three at home?
Are those days fixed, or can they change each week?
Are there specific requirements for meetings, or will your company offer the flexibility of virtual meetings, giving your employees more agency over where they work?
How will these changes impact scheduling if your organization cuts back on office space? Will employees have to follow a staggered schedule so that there are never too many people in the office?

5 Ways Employers Can Support Hybrid Workers

A hybrid work model doesn’t guarantee a productive, engaged, and efficient workforce. Employers need to take action to ensure all employees are supported.

Talk to your staff to find out what their preferences are. Just because global and national surveys say that a certain percentage of employees want two or three days of remote work doesn’t mean that’s what your employees want. Take an in-house survey to determine where your team stands on the remote work debate.
Set clear goals. Make clear what’s expected in terms of productivity, in-person and virtual participation, and check-ins.
Onboard new employees. While your existing team may be remote-work pros at this point, your new employees may need help adapting to a hybrid work model. Create a system for onboarding new employees. For example, put together training material on remote work best practices and cybersecurity essentials, meet with new employees every day for an initial period and invite feedback on your organization’s model.
Provide resources for remote employees to keep them engaged and ensure they have the proper setup at home. Ergonomic office furniture, suggestions on privacy and quiet time, and secure hardware can all help to boost productivity.
Support your employees with the right tools. With cloud communications technology, collaboration and productivity will be seamless whether employees are at home, in the office, or working in another location.

Here are some of the essential tools for hybrid work:

Cloud-based phone system. With VoIP technology, calls are sent via the internet. Employees can make calls from anywhere they have an internet connection – they don’t have to be in the office to make and receive business calls.
Unified communications. A UCaaS solution streamlines communication by housing all of your tools in one platform and integrating data. Video conferencing, phone, chat, and file sharing all happen from one place.
Contact center software. If you have contact center agents, use a cloud-based contact center solution to empower them to work from wherever.

Find Your Hybrid Happy Medium

Hybrid work models are a balance between remote and in-office. When done well, they provide the structure and social interaction that comes with working in an office and the agility and independence of working from home. As your organization establishes a post-pandemic work model, be flexible with the details until you hit the perfect balance for your teams.

Information used in this article was provided by our partners at Intermedia.

A few years ago, companies thought very little about video conferencing. It was nice to have and used by some progressive companies with remote workers. Now, it’s one of the most valuable pieces of technology a business has. With the shift to either fully remote or hybrid work, a video conferencing solution must meet today’s needs.

Determining which platform is right for you depends on reliability, security, features, and cost. A key consideration is implementing something that will work for you today and in the years to come.

Assessing Your Needs

Before you go to the market to see what’s available, you’ll benefit from a needs analysis.

Accessibility: Do workers need to use it on any device and from anywhere?
Budget: What are you comfortable spending on the solution?
Usage: Will you use it for company-wide meetings, smaller department sessions, webinars, customer calls, etc.?
Features: What are the must-haves that will make the tool valuable?
Users: How many will you have? Will there be anticipated monthly meetings?
Security: What are any concerns you have about this channel of communication?
System configuration: Will it be part of a unified communication(UC) platform or a single application?

Once you answer these questions, you can begin to compare offerings. In doing so, there are some key things to prioritize.

Video Conferencing Should Provide an Easy User Experience

Ideally, you’ll find a solution that requires no training. Starting and joining sessions should take seconds with one click. Users can participate on their desktop with a headset or mobile device with no issues.

Screen Sharing and Annotation Plus Meeting Notes

In addition to screen sharing, screen annotation supports better collaboration. This feature is beneficial if you need to work on a document or detail the next steps. Further, having a notes feature makes follow-up simple. The system captures notes in real-time. Post-meeting, all attendees receive a copy.

Integrations Provide a Streamlined Process

Depending on your tools, most video conferencing solutions can integrate with Outlook, G-Suite, Slack, Microsoft Teams, and other comparable applications. Having the ability to connect programs will be a time-saver for busy employees.

Added Features That Deliver Value

Several additional features that not all platforms provide may be vital to your business.

Can the meetings be recorded?
Does the platform have the ability to transcribe?
Are there remote control options that allow participants to control a keyboard or mouse?

Security Shouldn’t Be an Afterthought

Security should be a priority in implementing a platform. Be sure to evaluate products based on their adherence to regulations and best-in-class data security measures.

Reliability Means Everything

A video conferencing solution can have all the bells and whistles, but it won’t mean much if the system is unreliable. Ask providers questions about their uptime availability and support capabilities should problems arise.

Explore YeoVoice powered by Elevate

In implementing a video conferencing system, you want one that checks all the boxes and is easy to use and affordable. That’s what you’ll find with YeoVoice. Contact us to learn more and schedule a demo.

Information used in this article was provided by our partners at Intermedia.

How does speech recognition work?

Software breaks down your speech into individual sounds, then analyses them using algorithms to find the most probable word that fits. It will also look at sentence structure that humans typically use.

How can I make my passwords more secure?

Use a password manager. It will generate and store strong, random passwords for all your accounts. We can recommend the best one for your business.

Is a paperless office better for security?

While paper documents are impossible to steal remotely, there’s no chance of recovery once they are lost. Go paperless and invest in a good backup. Just make sure your IT partner is regularly checking it’s working correctly.

Information used in this article was provided by our partners at MSP Marketing Edge.

The Verizon Business 2022 Data Breach Investigations Report (2022 DBIR) examines an unprecedented year in cybersecurity history and sheds light on some of the leading issues affecting the cybersecurity landscape.

Of particular concern is the rise in ransomware breaches, which increased by 13 percent in a single year – representing a jump greater than the past five years combined. As criminals look to leverage increasingly sophisticated forms of malware, ransomware continues to prove particularly successful in exploiting and monetizing illegal access to private information.

Where once threat groups would use ransomware to encrypt a victim’s data and refuse to release the decryption keys unless the ransom was paid, they now are getting deeper into extortion. This includes exfiltrating the data and threatening to release it publicly, wiping storage drives clean unless demands are met, or going after a victim’s customers.

Organized crime also continues to be a pervasive force in cybersecurity. Roughly 4 in 5 breaches can be attributed to organized crime – with external actors approximately four times more likely to cause breaches in an organization than internal actors.

Heightened geopolitical tensions also drive increased sophistication, visibility, and awareness around nation-state affiliated cyberattacks.

In a finding that exposes the cost of human influence, people remain – by far – the weakest link in an organization’s cybersecurity defenses. Twenty-five percent of total breaches in the 2022 report resulted from social engineering attacks. When you add human errors and misuse of privilege, the human element accounts for 82 percent of analyzed breaches over the past year.

In today’s day and age, security awareness training is a vital tool to educate employees and build a human firewall capable of decreasing the chances of human error and preventing cyberattacks. Interested in learning more about our security awareness training solutions? Contact Yeo & Yeo Technology.

Sources: https://www.theregister.com/2022/05/26/verizon-cybersecurity-report-ransomware/

https://www.verizon.com/about/news/ransomware-threat-rises-verizon-2022-data-breach-investigations-report

Many U.S. cyber insurers dramatically increased their rates in 2021, alarmed by increased cyberattacks that struck companies worldwide and drew the attention of national governments. Data from regulatory filings and collated by rating agencies shows that among the largest insurers, direct written premiums rose a whopping 92%, while direct loss ratios fell slightly.

Insurers significantly increased premiums for cyber coverage throughout 2021, as a string of high-profile attacks and government action helped boost demand for products, data collected by industry bodies shows. Analysts say the increase primarily reflects higher rates rather than insurers expanding the amount of money they are willing to cover.

Cyber insurers are also taking a tougher line on would-be clients, demanding security measures such as multi-factor authentication and more sophisticated endpoint protection, brokers say.

Although insurance qualification standards vary depending on the industry and the organization’s size, providers will typically look at a company’s internal controls to determine whether they want to offer coverage. Like many other forms of insurance, the better controls your company has, the better rates you will receive. Examples of cybersecurity controls include:

Data encryption and backup
Continuous vulnerability testing and remediation
Employee security awareness training
Patch management
Anti-malware defenses
Wireless device control

Is Your Business Protected?

Although cybersecurity insurance is a nice safety net, most companies never want to use it. Studies show that many small and medium-sized businesses won’t recover from a data breach, and those that do will have to overcome severe setbacks.

Organizations need to determine whether they have the breadth of knowledge necessary to implement their own controls or whether they can acquire the right internal expertise. If the answer to both is “no,” outsourcing to an MSP is the right move. Contact Yeo & Yeo Technology to learn about our managed services.

Information used in this article was provided by our partners at SentinelOne and KnowBe4.

Researchers at Netskope have observed a 450% increase in phishing downloads over the past twelve months, driven mainly by attackers using SEO (search engine optimization) to improve the search engine ranking of malicious sites. Most of these downloads were malware-laden PDF files.

“The top web referrer categories contained some categories traditionally associated with malware, particularly shareware/freeware, but were dominated by more unconventional categories,” Netskope says. “The ascension of the use of search engines to deliver malware over the past 12 months provides insight into how adept some attackers have become at SEO. Malware downloads referred by search engines were predominantly malicious PDF files, including many malicious fake CAPTCHAs that redirected users to phishing, spam, scam, and malware websites.”

Additionally, the researchers found that attackers are increasingly hosting their malware in the regions they’re targeting, which improves their chances of success.

“The report also found that most malware over the past 12 months was downloaded from within the same region as its victim, a growing trend that points to the increasing sophistication of cybercriminals, which more frequently stage malware to avoid geofencing filters and other traditional prevention measures,” Netskope says. “The findings reveal that attackers tend to target victims in a specific region with malware hosted within the same region. In most regions, the plurality of malware downloads originated from the same region as the victim. This is especially true for North America, where 84% of all malware downloads by victims in North America were downloaded from websites hosted in North America.”

Ray Canzanese, Threat Research Director at Netskope, stated, “Malware is no longer confined to traditional risky web categories. It is now lurking everywhere, from cloud apps to search engines, leaving organizations at greater risk than ever before. To avoid falling victim to these social engineering techniques and targeted attack methods, security leaders must regularly revisit their malware protection strategy and ensure all possible entry points are accounted for.”

Security awareness training can give your organization an essential layer of defense by teaching your employees to follow security best practices.

Information in this article was provided by our partners at KnowBe4.

Are your servers, your systems and your network all in-house? Or have you – like countless other businesses – moved everything over to the cloud?

Migrating your business systems to the cloud can be a big and scary process. Then why are we seeing so many companies doing it?

It’s simple – there are many benefits.

First, it saves you money. You only pay for the data you need rather than having a little more just in case. And it means that your systems won’t hold you back as your business grows.

But then there’s the security aspect too. When you migrate to cloud services, you benefit from a higher level of protection against data breaches and theft. Cybersecurity aside, if you had a disaster in the office, such as a burglary or a fire, you know your data is safe.

Of course, it’s a tricky process, and there’s a lot of planning involved. But if you’re working with an expert to make the transition, you can rest assured things will go to plan.

Our technology professionals can help you on your journey to migrate to the cloud. Contact Yeo & Yeo Technology today.

Information used in this article was provided by our partners at MSP Marketing Edge.

Microsoft has introduced a new commerce experience (NCE) for license-based services. The new commerce experience offers partners more flexibility and capabilities when purchasing and managing products like Microsoft 365, Dynamics 365, Windows Intune, and other services that have been available for years.

These changes came in January of this year, and as of March 10, 2022, all new subscriptions are provisioned in NCE. As of July 1, 2022, any renewals must be renewed in NCE. If your renewal date is 7/1/22 or after, you will be made aware of the changes to renew through NCE upon this next renewal.

Key Differences Between CSP and NCE Licensing

Pricing – There will be no changes to pricing unless you choose to have a month-to-month plan. In CSP (the legacy licensing), you could pay monthly or annually, and it was the same cost overall. With NCE, if you opt to stick with monthly, there is a 20% premium charge.
Cancellation Options – In CSP, we could offer a prorated refund on any cancellations at any time. With NCE, you receive a prorated refund only within the first 72 hours of the subscription purchase or renewal.
Trials – In CSP, there was a manual conversion to a paid subscription. In NCE, you get auto-converted to a paid subscription.
Terms – In CSP, it was always annual terms, even if you paid monthly. In NCE, you can opt for monthly, annual, and multi-year.

Before the renewal date of your current CSP, your Yeo & Yeo Technology Account Manager will reach out to discuss your options and create an appropriate plan that meets your organization’s needs.

Have any questions about Microsoft NCE licensing? Contact us.

Sources: https://www.microsoft.com/en-us/licensing/news/new-azure-experience-in-csp