Holy Moly, Ransomware Dominates 41% of All Cyber Insurance Claims in H1 2020

Just-released data from cyber insurer Coalition shows massive increases in both the frequency of ransomware attacks and the ransom demand with Maze and Ryuk leading the way.

We’ve been seeing more and more cybercriminals turning to ransomware as a go-to strategy to generate their criminal revenue. Many are turning to using both encryption and the theft and threatened publishing of victim data to double-up the chances of getting a payoff. This has led to hearing about larger and larger ransoms demanded.

Cyber insurer Coalition’s H1 2020 Cyber Insurance Claims Report points out the increases are more than just anecdotal. According to the report in the first half of 2020:

• Ransomware attack frequency increased 260%
• Ransom demands increased 47%
• Maze and Ryuk ransomware variants represented 53% of all attacks
• Ransoms ranged from $1,000 to over $2,000,000

According to Coalition, over half (54 percent) of attacks used email phishing attacks as the initial attack vector.

This massive increase is concerning. Organizations need to see these trends and heed their warning. With phishing being the primary vehicle, and remote workers being a consistent enabler of attacks, it’s time to educate your users via new-school security awareness training on both why and how to have security top of mind when using email and the web.

Ransomware gangs are only getting more cunning and greedy. The impact of their attacks will likely worsen, so it’s time to create a strong human firewall to stop these attacks to avoid becoming just another claim.

Article provided by our partners at KnowBe4.

A recently discovered threat targeting Windows Servers, called Zerologon, allows any device connected to a network to obtain domain admin rights with no authentication required. The flaw presents a specially crafted network command to the environment servers, bypassing user login information. The attacker will have the ability to take control of the Domain Controller and obtain domain administrator permissions (highest level security rights). 

Once the attacker has obtained domain administrator permissions they can do anything they want in the environment. This vulnerability has already been weaponized into a script that any attacker can easily run once in a client environment, which makes this threat very serious.

Microsoft has released a patch for Domain Controllers to eliminate the vulnerability and it has been applied to all YeoCare clients. YYTECH strongly encourages all clients to apply this patch as soon as possible. Please contact your YYTECH representative if you have any questions about how to apply the patch.

Contact YYTECH if you have any security questions regarding Zerologon. 

The information security landscape seems to evolve at a faster pace with each passing year. For organizations of all sizes, it’s critical to not only remain up to date on current attack techniques and defenses but also to look ahead at potential security developments and circumstances that have yet to come. That’s why each year, the research team at Forbes takes a step back to develop a series of predictions about emerging security trends that could have the biggest impact, new threats that might rear their ugly heads, and how cutting-edge attacks will affect the industry.

Let’s take a look at three key cybersecurity predictions for 2020 — and what you need to know to prepare:

1. The Cybersecurity Skills Gap Will Widen

The cybersecurity industry has exploded over the past decade. As the realities of data breaches and online attacks have penetrated mainstream consciousness, demand for skilled security professionals is at an all-time high. However, the current supply isn’t sufficient. A recent (ISC)2 study found that businesses are currently suffering a cybersecurity workforce gap of over 4 million employees (up from a gap of 1.8 million in 2017). And according to one ESG report, 29% of organizations see insufficient security staffing as their top challenge, while 74% have already witnessed the cybersecurity skills gap take a toll on their business.

Unfortunately, targeted adjustments in security education and recruiting aren’t likely to take effect quickly enough to right the ship in the immediate future. As there continues to be a swell in demand for skilled infosec professionals, the cybersecurity skills shortage will continue to increase in 2020. Until this can quell growing scarcity, organizations will be forced to find other ways to prevent advanced and frequent cyberattacks.

The good news is that more and more managed service providers (MSPs) have taken notice of the opportunity and begun to offer specialized security services. With the availability of both cloud-managed, layered security protections and the managed security service providers (MSSPs) to deliver them, enterprise-grade security has never been as simple, accessible, and cost-effective for businesses of all sizes as it is today. In the face of this ongoing security skills shortage, organizations of all types and sizes will engage with MSSPs to outsource their security needs.

2. Ransomware Will Target The Cloud

Ransomware has been a major payload for cyber criminals over the past decade. To rake in profits, hackers have moved away from the “shotgun blast” approach to ransomware attacks (pursuing as many victims as possible) in favor of targeting healthcare providers, governmental groups, industrial groups , and other organizations for which downtime is unacceptable. These targets are most likely to pay to resolve a ransomware infection quickly. Anticipate that cybercriminals will begin using ransomware to target public cloud properties.

One reason the cloud represents such an enticing target for attackers is that it’s now a critical uptime resource for vital network and web applications. Beyond that, the cloud also offers an attractive central aggregation point ransomware attackers can leverage to access a much larger pool of victims simultaneously.

According to research from WachGuard, legacy signature-based anti-malware services fail to block half of today’s evasive malware attacks. As ransomware variants continue to become more evasive, organizations must deploy more proactive malware detection solutions that leverage advanced behavioral analysis with cloud sandboxing and machine learning.

Because many businesses rely heavily on cloud resources for day-to-day operations, deploying these advanced antivirus solutions in cloud environments will be key to preventing cloud-specific ransomware attacks in 2020. Every organization using cloud architecture today — whether it be a public or private cloud — can and should harden those environments using basic techniques like securing their S3 bucket configurations, closely managing file permissions, requiring multifactor authentication for access, and more. Finally, one benefit the cloud offers is automated backup and imaging of resources as part of version control. Be sure to leverage these features to quickly recover to a clean state if you ever suffer a cloud store ransomware attack.

3. Individual States Will Enact Regulations Inspired by GDPR and CCPA

It’s been two years since the European Union came out with the General Data Protection Regulation (GDPR) to better protect the privacy of its citizens’ data. The level of protection the law provides to individuals has been immensely popular among consumers to date, and companies like Google and Marriott have already faced fines for their violations. As organizations continue to mishandle the data of American citizens whose appetite for privacy is growing by the day, in 2020, 10 or more states will enact privacy laws similar to GDPR.

California has already passed its own California Consumer Privacy Act (CCPA), which will begin administering fines by midyear. Although some lawmakers are pushing for a similar regulation at the federal level, don’t believe the movement will gain the support it needs this year. Why? This is based on the fact that most individual states passed mandatory data breach disclosure laws in the mid2000s (led again by California in 2002), but a federal version still hasn’t passed yet. So to better protect their citizens quickly, expect this state-level trend will continue.

Individuals concerned with personal privacy should petition their local representatives for state-level regulations and advocate for federal action as well. For businesses across the country, it will be important to proactively study CCPA requirements, as it will likely serve as a template for new states working to roll out their privacy regulations.

As we move deeper into 2020, it will be important for your business to keep up to date with these trends — and their long-reaching implications in near and future years.

*Article provided by PartnerOn and Forbes.

Many organizations have changed how they do business and communicate. As you look to restart your operations, it’s important to consider implementing a unified communication strategy.

We understand that every organization and its employees are in a sensitive situation as they return to work, stay remote, or consider a hybrid of both. With your employees scattered, it’s vital to have a communication system that you can trust in place.

Download our PDF “Sustaining Business in an Uncertain World” to learn more about many of the steps utilized in a unified communication strategy and why unified communication systems are a must-have for remote or in-office workers.

Read “Sustaining Business in an Uncertain World”

Unified communication systems are more than just phones; they incorporate many tools to help your employees stay productive regardless of their work location. Consider the following benefits that unified communications provide.

Full Cloud Communication System: Highly reliable phone service for making crystal clear calls, plus chat, file sharing, video conferencing, and more, all rolled into a single platform – accessible from virtually any device, anytime, anywhere.

Video Conferencing: Meet from anywhere with high-quality 720p HD video and audio meetings, and don’t sacrifice the benefits of a ‘face-to-face’ meeting.

Webinar Platform: Telling your story to customers is easier with a reliable platform. Presenters can use video, audio, and screen sharing to market products and services to audiences anywhere. It can help build personal connections, engagements, and trust by simply allowing attendees to see the presenter in real-time and engage through Q&A and live polls.

If you would like to learn more about how YYTECH can help you implement a unified communication strategy, contact us today.

Contact Us

Cyberattacks are a threat to businesses of all sizes. In many organizations, the owner, president, CEO, or CFO has the difficult responsibility of overseeing the IT department (or working closely with the IT vendor). We understand this can be challenging. Your role is focused on business strategy, yet you have to ensure your company data and customer data are secure.

While you may not be adept at tech issues, you can work with your IT team to make sure the company is doing everything possible to prevent cyberattacks. Communication is the key. Below are three questions to ask your IT team so you can be confident when reporting to your board or company executives about the security of your company’s data, and your role in overseeing IT.

1. How susceptible are our employees to a phishing attack?

A phishing attack is a form of social engineering that cybercriminals use to deceive users and exploit weaknesses in your network security. These attacks often come in the form of an email and look very real, but they lead to malicious downloads that could hold your data for ransom.

Additionally, what is our plan to reduce our vulnerability?

Of the organizations and companies we have worked with to determine their overall vulnerability, we have found that while their initial vulnerability tests may be high, there are proven, quick and efficient ways to train and educate employees to spot cybersecurity threats. The bottom line is, your company can purchase the most advanced firewalls and security software there is, but one wrong click could result in all of the data on your network being hijacked by a ransomware virus.

Find out what percentage of your employees are phish-prone by requesting our phishing cybersecurity assessment. Contact us today to facilitate your phish-prone assessment and see how your organization compares to others in your industry.

2. What is our password policy?

It doesn’t take an IT whiz to figure out that the more complex your passwords are, the more difficult they are to crack. While at least having a password policy is great, having a complex password policy is preferred. We recommend your complex password policy includes, but is not limited to:

1. Change passwords regularly – at a minimum, every 90 days.
2. Set a minimum password length – for example, 14 characters.
3. Require special characters and capital letters.

PRO TIP: Consider implementing a policy that recommends that employees use “passphrases” rather than passwords as they can be more complicated to crack, but easier for the employee to remember.

Don’t be afraid to ask these questions to get a better understanding of how your company is currently handling the cybersecurity threat. Even if you are not directly responsible, if there is ever a cybersecurity attack on your company, someone will pay for it – figuratively, and literally. We want you to be prepared, so you can take comfort knowing that if (or grimly, when) the day comes, at least you can say you and your employees did everything you could.

You may not be an IT expert, but having a good understanding of what your company policies are regarding cybersecurity doesn’t take years of IT experience, it just takes asking the right questions and ensuring the work is being done.

3. When was our last software update and patch?

It is critical to keep all of your computers’ software and patches as current as possible. I know what you are thinking – that is great, but what is a patch? Software companies, such as Microsoft, constantly release software security updates and “patches” that need to be applied to the computers on your network to keep them as secure as possible. When your patches and software are not up to date, you are significantly more vulnerable to viruses and malware.

PRO TIP: Request regular patch reports that you can keep on file should you ever be in a situation that you need to prove your software is up to date. It is a simple way for you to be sure your team is updating all computers on the network regularly, and these reports may also come in handy when negotiating cybersecurity insurance.

Bonus. Where and how do we back up critical data and how do we restore it?

Have you ever thought about what course of action you would take should your data become compromised? It’s an important matter that is often overlooked. In the event of a ransomware attack or disaster, have you considered where your data is and how you can recover it? Many organizations have a good backup and recovery solution in place but fail to test it regularly. Just checking regularly to see if the backup has run “successfully” is just not good enough. Recovery of backup data needs to be tested regularly to ensure if (or more likely when) you need it, the data can be restored as quickly and efficiently as possible to ensure as little downtime for the organization as possible.

PRO TIP: Having a business continuity and disaster recovery plan in place will protect your business from catastrophic data loss.

YYYC can support your IT team in the defense against cyberattacks with YeoSecure.

Our comprehensive cybersecurity monitoring and compliance solution, YeoSecure, transforms the way companies detect, investigate, and respond to cyber threats. YeoSecure provides 24/7/365, enterprise-grade cybersecurity monitoring and support while cutting costs and keeping your IT team from scrambling to detect and troubleshoot cyberattacks.

Learn more about how YeoSecure can help your organization detect, respond, and comply.

Cloud-based application use continues to grow at a fast pace, yet managing cloud software can be complex on traditional network structures. With businesses transitioning to a virtual work environment, more organizations are switching from performance-inhibited wide-area networks (WANs) to a software-defined wide-area network (SD-WAN). SD-WAN can benefit your organization in many ways. Let’s look at five of them.

First, let’s review what SD-WAN is. SD-WAN solutions leverage corporate WAN as well as multi-cloud connectivity to deliver high-speed application performance at the WAN Edge of branch sites. SD-WAN provides a dynamic path selection between MPLS, 4G/5G, or broadband. This ensures organizations can quickly and easily access business-critical cloud applications. Secure SD-WAN enables organizations to enable next-generation firewall (NGFW) with SD-WAN in the simplified offering.

Here are 5 Ways SD-WAN Technology Benefits Your Organization

1. Strengthens security. Security is the number one priority. Expanding your digital presence can open your organization to cybersecurity attacks. Many SD-WAN solutions offer built-in cybersecurity through integrated security features, such as NGFW, encryption, and antivirus that can help prevent data loss and downtime.
2. Reduces cost. Security is the most important factor when adding new technology to your organization – so is cost. The more applications a business adds, the more the cost of data use rises. Fortunately, SD-WAN can reduce this price tag by leveraging low-cost local Internet access through direct cloud access, and reduced traffic flow through the network.
3. Improves performance = improved employee productivity. SD-WAN can be configured to prioritize business-critical traffic and real-time services like Voice over Internet Protocol (VoIP) phone systems. Your business-critical applications operate through reliable, high-performance connections and allow for reduced packet loss and latency issues.
4. Lowers complexity. More technology and digital assets add layers of complexity to your network. This can hurt network performance and add difficulty to the management of the network for your IT staff. SD-WAN can simplify WAN infrastructure, using broadband to off-load non-critical business apps, automating monitoring tasks, and managing traffic through a centralized controller.
5. Enables cloud usage. More and more organizations are adopting multi-cloud strategies. SD-WAN offers direct cloud access for your employees to directly and securely access their applications regardless of their location. This is done without adding extra traffic that can burden your network.

SD-WAN solutions offer features and benefits that traditional WAN is simply unable to provide. Organizations not only save money but benefit from increased business agility, worker productivity, and faster application deployment. It is the preferred choice of organizations looking to make the switch.

Yeo & Yeo Technology is the first IT company in Michigan to receive the Fortinet SD-WAN Specialization designation. Contact us today to learn more about how SD-WAN can benefit your business.

*Some information for this article was sourced from Fortinet.com.

Your home office ecosystem encompasses everything you need to tackle your day. Take care of your most important essential—your body—with an ergonomic fit.

• Keep your body in a neutral posture with your elbows close to your core, shoulders open and chin level with the floor.
• Adjust the monitor height so that the top of the screen is at eye level, and the monitor is about an arm’s length away.
• Follow the Sit-Stand Switch™ and alternate every 30 minutes between sitting and standing to improve your circulation, calorie-burn and insulin management.
• And don’t forget about rest time. Take regular breaks to relax your eyes, wrists and body.

Learn more from Ergotron.

As a movement company, Ergotron understands “ergonomics” is widely known, but narrowly understood. That’s why we’re sharing insights on vital ergonomic topics to help you move forward while you work from home.

Support a healthy mind and body. To make a stronger, healthier and more comfortable you, we need to talk about your physical and mental health. Did you know that movement has a positive impact on your mental health? Here’s how.

Thrive with movement. Taking care of your body and supporting a feel-good workday starts by merely adding regular movement to your work style. Whether it’s using a sit-stand workstation or leading a walking meeting, research shows that our heart, mood, back and neck will thank you.

Fire that frontal lobe. Did you know that your posture and your brain’s frontal lobe have a shared interest? Research shows that bad posture does more than hurt your neck and spine. It negatively affects the frontal lobe, which is responsible for critical tasks like problem solving and memory.

Get into the zone – your comfort zone, that is! The three-part ergonomic equation provides answers to the ergonomic problems you might face. Consider your workspace in terms of Neutral Posture + Voluntary Motion + Rest Time to find your fit.

Article provided by Ergotron.

Cybersecurity is mission-critical in today’s digital-first world, especially with news of data hacks and breaches that seem to happen daily. Thanks to this fever pitch of online threats, security has become the go-to answer for staying safe and controlling the online experience. But is security the only solution — or even the best solution — for keeping your organization safe and its most critical data private online?

In the digital world, security has become synonymous with privacy. But the truth of the matter is that they are not the same at all. As long as these two terms continue to be misunderstood or interchanged for one another, businesses will struggle to protect the privacy of consumers online.

Security: Privacy’s Poser

Security comes in a myriad of shapes and sizes and is defined as being free from danger or protected against it. It is anything from the lock on your front door to the online protection package recommended by your favorite cybersecurity provider.

Cybersecurity, in particular, protects users from infiltration and cyberattacks of internet systems, hardware and software. Security is an important element of any connected device because it helps keep user information protected from unwanted, malicious interruptions. In other words, security for businesses and their customers is mostly about keeping data secure from incoming threats to their devices.

Due to several high-profile data breaches in recent years, consumers have become more aware of their own need for protection against such crimes. For example, early in 2017, hackers gained access to the data of nearly 150 million users during the Equifax breach. Without warning (and without any say in how their data was stored and used), this put customer names and even driver’s license data in the hands of cybercriminals who are capable of storing and accessing the data for years to come. In 2018, Marriott International announced cyberattackers had stolen the data of 500 million customers, leaving their personal information exposed.

Privacy: Security’s Ally

Privacy, on the other hand, is a more complex idea than security. When we experience true privacy, we are free from uninvited observers and disturbances. Security software may address the challenge of protecting your devices from viruses and intruders, but it doesn’t provide control over how your information is shared online. It also doesn’t give you the choice of what to share or with whom. Security software is important in that it safeguards your devices from incoming threats, but it is ineffective when your data is shared with others.

Along with an awareness of the need for security, consumers have become increasingly conscientious of their individual need to be private as we continue to lose trust in significant names like Facebook and Google in terms of using our data carefully.

To better understand why privacy matters, imagine enjoying a beautiful, sunny day from your backyard. A few minutes later, imagine your neighbors decide to do the same thing next door. Instantly, the environment would likely change from one of relaxation to one of interaction, entertainment or uncomfortably pretending the others don’t exist by attempting to avoid eye contact. For this reason, we put up privacy fences in our yards that protect us from unwanted company or observation. It’s important to note that a privacy fence is not necessarily a form of security. It is not impenetrable and could easily be scaled by a physical intruder, but it does allow you to control who sees you and when.

The same expectation of privacy should exist in the cyber world. The most imperative and valuable part of true privacy is the ability to dictate how and when your information is used and by whom. How do we accomplish this sense of privacy?

We’ve reached a tipping point where everything we search, look at and (sometimes it seems) think about is tracked online, and it’s starting to spill over into our physical lives, leaving us feeling as though we’ve been followed all day. Imagine the possibilities if we had the choice to be private and could enjoy an entirely private landscape online when we desired. Without worrying who might be in the background silently taking notes, we would be empowered to live more freely, openly and creatively.

Becoming Both Private and Secure

The good news is we may be closer to the freedoms privacy allows than we think. By taking a few simple precautions, companies can help ensure the private data of consumers remains private. The following are a few ways to stay secure and private in an increasingly connected world.

Be sure to look for these features when choosing the security suite for your company’s devices:

• Fraud alerts/vulnerability detectors
• Antivirus software
• Anti-malware/anti-ransomware
• Firewalls

Your customers’ privacy should be an embedded experience that gives them the control in choosing when to be tracked, ensures a secure connection and allows them to make changes to personal details at will. Must-haves in your privacy software should include the ability  to:

• Check whether or not your customer data has been exposed.
• Keep your customers’ personal information private.
• Stay private on public Wi-Fi.
• Log in easily and privately.
• Block trackers.

Security and privacy have been treated as interchangeable terms for too long. As you work to make our world both secure and private, keep in mind their innate differences and the need for each in creating a truly safe online experience.

This article is provided by ContentMX and Forbes.

How confident is your business in recovering from a breach? Earlier this year, the AppRiver Cyberthreat Index for Business took the pulse of cybersecurity readiness among small and medium-sized businesses.

AppRiver, which is owned by my company, Zix, surveyed 1,059 decision makers, including CEOs, presidents, owners and others, who seemed to indicate that leadership takes cyberthreats seriously. A 58% majority felt that data breaches have become more detrimental than traditional disasters, such as break-ins, fires or floods.

Data breaches are on the rise, and they’re becoming more expensive as companies collect and store an increasing amount of data. According to Accenture and Ponemon Institute, breaches could cost a total of $5.2 trillion over the next five years, and companies suffer an average loss of $13 million for each cyberattack. That price tag is high enough to close the doors of 48% of small businesses.

The fact that 90% of small businesses ignore data protection entirely is an indication that they are either small enough to work completely within secure, cloud-based apps or that they don’t understand the risks. To count yourself among the 10% that take strong precautions, follow these three steps:

1. Evaluate your needs and assess your budget.

Establishing a budget is a foundational part of the defense against cyberthreats. Between cloud-based email services and managed network access, you should look at allocating several hundred dollars per employee per year.

2. Address gaps in cybersecurity information.

The entire C-suite needs at least some knowledge of cybersecurity basics. Too often, cybersecurity responsibility is delegated solely to the CIO, but that means the rest of the organization operates with almost complete ignorance. To be effective, leaders should understand the basic risks and how to mitigate them. Making case studies out of well-known lapses (such as the Equifax breach) is a good way to provide a basic overview of cybersecurity and communicate what’s at stake.

Just because an organization spends money doesn’t mean it effectively mitigates risk. For example, spending a fortune training employees to spot phishing attempts might reduce the chance of a breach, but a more efficient expenditure could be stopping the phishing attempts from ever reaching inboxes. Once you have a budget and the right expertise, you can decide how to use it most effectively.

3. Acquire or access the right cybersecurity talent.

Thanks in part to the well-documented skills gap in the tech world, hiring cybersecurity professionals internally is cost-prohibitive for most small and medium-sized businesses. For those that can afford it, building a team internally might be the right move. Otherwise, outsourcing needs to a managed service provider (MSP) can be a cost-effective decision.

In fact, we estimate that there are more than 100,000 MSPs across the United States that can serve as a new civil defense force for cybersecurity — one that could help bridge the gap between governments or enterprises and the SMBs that need higher levels of protection they can’t afford on their own.

The right MSP offers several advantages to clients. First, cloud computing allows organizations to mitigate the risks of storing data on-premise while eliminating expensive and often irregular hardware purchases. Instead, businesses that choose cloud computing operate with a fixed cost that allows for easy scaling as the needs of the organization grow. In addition, MSPs can keep applications updated to the most secure versions and intervene at the earliest signs of a cyberthreat so that it doesn’t result in a costly breach.

Organizations need to determine whether they have the breadth of knowledge necessary to protect themselves or whether they can acquire the right internal expertise. If the answer to both is “no,” outsourcing to an MSP is the right move. Most small and medium-sized businesses won’t recover from a data breach, and those that do will have to overcome severe setbacks. Regardless of company size or budget, the best way to deal with cybersecurity risks is to establish a strong defense against them.

This article was provided by Forbes and Partner On.

Mobile devices have shifted customer and employee behaviors and expectations-and put your traditional on-premises phone system, and your business, at a disadvantage.

Our white paper “3 ways cloud phone systems benefit your business” outlines how and where cloud phones deliver. Download it today to learn how cloud phones:

• Improve customer experience
• Attract higher quality talent
• Cut costs and eliminate budget surprises

Don’t let legacy on-premises phone systems put your business success on hold. Download our white paper today and see why it makes sense to switch:

3 Ways Cloud Phone Systems Benefit Your Business

We want your business to continue operating effectively during these uncertain times and believe these tools and resources can help. Contact us to get started today at 989.797.4075.

Learn the Hidden Costs of Your Old Phone System

Many businesses were unprepared when the novel coronavirus (COVID-19) pandemic required them to close their physical offices and shift to remote operations. Your company, for example, may have had to scramble to set up a virtual private network (VPN) or move files to the cloud. And while adapting to working from home, employees may have let your usual security procedures slide.

From a cybercrime perspective, working from home generally isn’t as safe as working in the office. So you need to look for ways to protect your disbursed workforce and prevent criminals from gaining access to your digital assets.

Here are five ideas:

1. Invest in education. Require remote employees to participate in security-related training that covers “old-school” phishing scams as well as new COVID-19 variations. As schemes emerge (check the Federal Trade Commission’s website at ftc.gov for the latest), notify employees and remind them what to do if they think they’ve fallen victim to a scam.
2. Enable automatic updates. To keep the operating systems of employee computers safely patched, remind workers to enable automatic software updates. Also, double-check that every employee-assigned device is fortified with current malware and antivirus software.
3. Revisit access privileges. To maintain productivity, most employees need access to the same systems at home as they had in the office. However, consider reviewing which workers have access to certain files, network controls and cloud accounts — and whether they really need access now. Remember that when employees work from home, their partners, children and visitors may have easy access to their computers. To protect your company, ensure systems generate user audit trails that can be followed in the event of a breach.
4. Protect WiFi connections. While working from home, employees use their personal WiFi connections to access your company’s IT environment. Unfortunately, many people use the default WiFi password or a simple password that hackers can easily break. To foil fraud perpetrators, employees should change it to a complex combination of letters and other characters. If possible, require them to use a VPN with two-factor authentication.
5. Secure your videoconferences. Most videoconferencing services employ multiple layers of security. But some platforms offer greater protection than others. Before choosing one, perform a simple Google search to read user reviews and security bug reports. Once you’ve selected a service, communicate security protocols before allowing employees to use it for company business.

Finally, provide employees with access to a technical support desk so they can report problems — and get solutions — as quickly as possible. Working from home may be new for a lot of Americans, but fraud is a familiar foe for most. If can be defeated with appropriate knowledge and tools.

© 2020

The global climate has forced employees to work differently. From juggling childcare to following quarantine guidelines, workers must alter both how they work and where they work.

Many office-based employees don’t have an ideal setup at home. Some don’t have a dedicated home office or the ergonomic equipment to work comfortably during the long workdays.

There are many opinions about how to work best at home, especially during these unprecedented times. Our recommendation is simple: Ergotron’s MoveMore®.

Research shows that movement is key not only to physical health, but our mental health. By simply switching from sitting to standing every 30 minutes (what we call the Sit-Stand Switch™), you can positively impact your health, mind, and body.

During these stressful times, caring for yourself holistically is key. Here are five ways you can add movement and comfort to your workday for a more productive, peaceful you, even amid the unexpected:

1. Build an ergonomic workspace

Sitting hunched over a small laptop or working on your couch for eight-plus hours can mean bad news for your neck and back. Look into professional-grade, height-adjustable workstations that will let you add low-level physical activity throughout your day without disrupting your work routine.

The WorkFit® Z-Mini Standing Desk works on an existing desk and is ready to go out-of-the-box, while options like the new Mobile Desk can move wherever you want to work. For the most comfortable views, add a flexible monitor arm. For a productivity boost, consider a second or third screen. Our workspace planner will help you choose the right install heights for an ergonomic fit.

2. Set a timer for the Sit-Stand Switch™:

Prevent the all-day sit fest by setting a timer on your fitness tracker, smartphone, or in your kitchen to ring at 30-minute intervals.

3. Get some fresh air

Enjoy the outdoors while getting your steps in by taking a short walk outside. Block a half-hour meeting on your calendar to walk your dog or make a loop around the block. There are many health benefits to sunshine and fresh air, including boosting your immunity. 

4. Find new ways to exercise

Even if you can’t head to the gym or the weather doesn’t cooperate, you can still exercise at home. You just need to get creative! Search online for free resources tailored for at-home workouts. If you only have a few minutes to spare, try these simple exercises to sharpen your focus as you stretch your muscles.

5. Have a standing meeting

Employees, on average, attend 62 meetings per month. Make the most of your meeting time at home by standing while you’re on the phone. Better yet, take a lap around your house or head outside (see tip #2). Movement increases your blood flow and circulation, which translates to a natural jolt of energy.

We hope you’re inspired to add movement to your workday! Have other ideas? Be sure to share them on our social channels!

• Review the Top 10 Tips for Working at Home Effectively 
• Get FREE HD Video Conferencing for your entire business for the rest of the year and have reliable, stress-free meetings to stay connected and share business information with anyone, anywhere, anytime.  

4 Benefits of Unified Business Communications