BizTech Magazine - Technology Solutions That Drive Business en Credit Unions Can Do More to Prevent Email Fraud <span>Credit Unions Can Do More to Prevent Email Fraud</span> <span><span lang="" about="/dashboard/bobkeaveneyu64t" typeof="schema:Person" property="schema:name" datatype="">Bob.Keaveney_u64t</span></span> <span>Thu, 03/21/2019 - 15:42</span> <div><p>In late January and early February, <a href="" target="_blank">U.S. credit unions became the target</a> of a <strong>massive malware-laced phishing campaign</strong>, aimed specifically at the contacts credit unions have named as Bank Secrecy Act (BSA) officials overseeing <a href="" target="_blank">money laundering</a> information under the direction of the USA PATRIOT Act.</p> <p>The <strong>act requires all U.S. financial institutions to designate at least two BSA contacts</strong>, who are responsible for flagging and reporting suspicious transactions that may be associated with money laundering, explains the Krebs on Security blog. U.S. credit unions are required to register those BSA officers with the National Credit Union Administration.</p> <p>At the end of January, BSA officers at many U.S. credit unions began receiving phishing emails designed to look like they were sent by BSA officers at other credit unions, Krebs on Security further reports.</p> <p>“The missives addressed each contact by name, claimed that a suspicious transfer from one of the recipient credit union’s customers was put on hold for suspected money laundering, and encouraged recipients to open an attached PDF to review the suspect transaction. The PDF itself comes back clean via a scan at, but the body of the <strong>PDF includes a link to a malicious site</strong>,” Krebs on Security’s post states.</p> <p>The campaign eventually made its way to BSA contacts at other financial institutions, not just credit unions.</p> <p>At the time, the NCUA conducted a review of its security logs and alerts but did not find any indication that information was compromised. The association asked all credit unions to be wary of any suspicious emails and referred anyone interested in learning more to its <a href="" target="_blank">Cybersecurity Resources webpage</a>.</p> <p><a data-entity-type="" data-entity-uuid="" href="" target="_blank" title="CDW Cybersecurity Insight Report"><img alt="Cybersecurity-report_EasyTarget.jpg" data-entity-type="" data-entity-uuid="" src="/sites/" /></a></p> <h2>Who’s at Risk for Email Fraud?</h2> <p>In its white paper “Understanding Email Fraud: A Global Survey of IT Leaders in the U.S., the U.K., Australia, France, and Germany,” <a href=";CM_CAT=CATPAGE&amp;CM_PLA=MKT33111ODADU44365" target="_blank">Proofpoint </a>surveyed more than 2,250 IT decision-makers in those countries in January 2018. It found that email fraud “is pervasive, disruptive, and in many cases, catching businesses unprepared.” Only <strong>40 percent of respondents said they had “full visibility into email fraud threats</strong> in their environment, and even fewer have controls in place to stop them.”</p> <p>More than half <strong>(55 percent) of respondents said their finance team is most at risk for email fraud</strong>, the report goes on to state. It’s no surprise, then, that financial institutions themselves are under such relentless attack.</p> <p><a href="" target="_blank">CDW’s Cybersecurity Insight Report,</a> published in 2018, found that when compared to malware, viruses, data tampering and unauthorized access to financial data, fraud was considered a lesser threat, “often ignored — even though it has become the top cause of security breaches.”</p> <p>The report outlines how <strong>focusing on people</strong> better helps organizations mitigate such risks.</p> <p>“We believe that making security awareness personal helps instill good practices,” writes Mike Pflieger, vice president of enterprise information management and CISO for CDW. “Organizations can’t expect each employee to read and understand a comprehensive security policy. They can, however, extract those parts which are important and apply to them. Through targeted communication, training and handbooks, we can<strong> educate employees on their specific role-based responsibilities</strong> when it comes to protecting data.”</p> <p>Proofpoint’s survey also found that more than half of respondents (57 percent) offer an end-user awareness program on phishing, and 32 percent planned to deploy one. Among industries, 66 percent of finance and professional services companies train employees on how to spot phishing emails.</p> <p><a href="" target="_blank"><strong><em>MORE FROM BIZTECH: </em></strong><em>For more on the latest threats and defense tactics, check out our coverage RSA, the biggest cybersecurity event of the year.</em></a></p> <h2>4 Steps Credit Unions Can Take to Fight Email Fraud</h2> <p>That’s a good start. What else can credit unions do to better protect their data and networks? <a href="">This recent EquITy blog post</a> highlights advice from Karen Scarfone, principal consultant for Scarfone Cybersecurity:</p> <ol><li><strong>Protect vulnerable sessions.</strong> When email client software establishes a session with a server, it’s often not protected. Credit unions and other businesses have a couple of options here: Transport Layer Security (formerly known as Secure Sockets Layer) protects all sessions using email protocols, including IMAP, POP and SMTP. Second, a web-based email service instead of locally installed email client software ensures TLS will protect the web traffic. Both options also require strong passwords and multifactor authentication.</li> <li><strong>Check out modern anti-malware</strong>. New solutions incorporate artificial intelligence and other tools that can detect and protect against as-yet-unknown malware and help users stay a step ahead.</li> <li><strong>Monitor the health of all email client devices</strong>. Automated health checks will flag problematic accounts and identify emerging security problems, such as end-user systems that use weak security settings or lack OS and email client software patches.</li> <li><strong>Incorporate data loss prevention tools.</strong> “Cyberthieves commonly use email as a preferred mechanism for exfiltration — the unauthorized transfer of sensitive information outside the business or organization,” <a href="">Scarfone writes</a>. “Malicious insiders often use their email accounts to forward sensitive data files to other email addresses, and attackers use compromised accounts similarly. Data loss prevention technologies can detect and stop these threats.”</li> </ol><p>“Whenever possible, DLP tools should be used to monitor email servers and any client devices with access to sensitive data that might be an enticing target,” she continues.</p> <p>Common DLP tools include <a href="" target="_blank">Symantec’s Data Loss Prevention Network Monitor and Network Prevent for Email and IBM InfoSphere, among others</a>.</p> </div> <div> <div class="field-author"><a href="/author/tara-e-buck" hreflang="en">Tara E. Buck</a></div> </div> Thu, 21 Mar 2019 19:42:51 +0000 Bob.Keaveney_u64t 43481 at How to Scale RPA with Intelligent Automation <span>How to Scale RPA with Intelligent Automation</span> <span><span lang="" about="/dashboard/julietvanwagenen22746" typeof="schema:Person" property="schema:name" datatype="" content="juliet.vanwagenen_22746">juliet.vanwage…</span></span> <span>Wed, 03/20/2019 - 09:35</span> <div><p>Whether you’re setting out to hike Grand Teton or deciding which room to tackle first during a home remodel, a fundamental truth holds: You must have a solid grasp of where you are before you can make a plan for getting to where you want to be.</p> <p>The same principle holds when it comes to establishing a digital workforce enabled by robotic process automation, with the aim of automating tasks across an organization. </p> <p>But figuring out where to get started with a technology like RPA can prove difficult. Here are a few insights on how businesses are implementing RPA, as well as the value they recognize in embracing the next-generation of RPA: intelligent automation.</p> <p><em><a href=""><strong>MORE FROM BIZTECH: </strong>Find out what RPA can offer small businesses.</a></em></p> <h2>Business Leaders Are Onboard with RPA</h2> <p>When it comes to tapping RPA to automate repetitive tasks, the C-suite, at least, is sold. Ninety percent of respondents to the <a href=";gclid=EAIaIQobChMI8e6FoZD23wIVEyCtBh3TZg78EAAYASAAEgKyKfD_BwE" target="_blank">2019 Kofax Intelligent Automation Benchmark Study</a> — which asked more than <strong>300 senior executives </strong>around the world to weigh in on the current state of process automation in their organizations, its benefits and barriers to doing more — agreed that “leadership recognizes the importance of process automation to our future success.” </p> <p>Further, more than three-quarters of respondents said that <strong>60 percent </strong>or more of process work could be automated; almost half said that <strong>80 percent</strong> or more could be automated.</p> <p><em><a href=""><strong>MORE FROM BIZTECH:</strong> See how BPM and RPA can make the perfect pair.</a></em></p> <h2>RPA Is Still on a Path to Optimization</h2> <p>Companies still have a long way to go to optimize key processes before automating.</p> <p>Although <strong>60 percent</strong> of respondents wanted their processes to be automated or mostly automated, only 38 percent said they had achieved that benchmark. </p> <p>Moreover, Centers of Excellence are widely acknowledged as essential when it comes to successful RPA implementations. Fifty-one percent of respondents reported they have a COE for process automation, and 41 percent acknowledged its importance as part of an enterprisewide initiative and reported having a plan for creating one. Less than <strong>8 percent </strong>had no COE plan. </p> <p><a data-entity-type="" data-entity-uuid="" href="" target="_blank"><img alt="IT%20Infrastructure_IR_2.jpg" data-entity-type="" data-entity-uuid="" src="/sites/" /></a></p> <h2>Executives See the Value of RPA </h2> <p>Even companies that are implementing RPA solely to automate processes are realizing significant benefits. Organizations are seeing the greatest improvements  — more than 25 percent — in the areas of employee satisfaction, efficiency and customer retention. </p> <p>Many, however, have questions about how to scale RPA to hundreds, thousands or even hundreds of thousands of software robots, and how to efficiently manage the “bot teams” across the enterprise.</p> <h2>Intelligent Automation Could Be a Blueprint for RPA Success</h2> <p>The truth is that the ability to maximize and extend the scope and degree to which processes can be optimized is <strong>redefining how organizations “work.”</strong> With intelligent automation, organizations can start, scale or expand the intelligent digital workforce on their terms and timelines.</p> <p>RPA at scale requires the ability to <strong>apply RPA across the enterprise and on processes ranging from simple to complex</strong>. For the more complex processes that include unstructured data and managing work between RPA bots and employees, RPA alone is insufficient. An enterprise automation solution requires seamless interoperability of “smart automation” platform capabilities, such as cognitive capture, intelligent optical character recognition, process orchestration, analytics and RPA. Beyond automating rules-based tasks with RPA, intelligent automation enables true end-to-end automation of more complex processes.</p> <p>The result could be a digital workforce consisting of humans and bots collaborating to provide increased capacity to the organization, while empowering the employee and driving an improved customer experience.</p> </div> <div> <div class="field-author"><a href="/taxonomy/term/12106" hreflang="en">Chris Huff</a></div> </div> Wed, 20 Mar 2019 13:35:36 +0000 juliet.vanwagenen_22746 43476 at How the Everything as a Service Model Can Boost Small Business ROI <span>How the Everything as a Service Model Can Boost Small Business ROI</span> <span><span lang="" about="/dashboard/julietvanwagenen22746" typeof="schema:Person" property="schema:name" datatype="" content="juliet.vanwagenen_22746">juliet.vanwage…</span></span> <span>Tue, 03/19/2019 - 11:39</span> <div><p>Businesses and IT teams are well acquainted with the advantages of tapping managed service providers for Platform, Software or Infrastructure as a Service solutions. But the next big trend combines them all: Everything as a service (XaaS).</p> <p>The XaaS trend seeks to <strong>unite the disparate services model</strong> and is becoming a growing reality as the cloud evolves, allowing everything from devices to security to be managed remotely as opposed to on-site.</p> <p><em><a href="" target="_blank"><strong>MORE FROM BIZTECH:</strong> See how ‘as a Service’ models can make businesses more sustainable.</a></em></p> <h2>What Does the XaaS Model Look Like?</h2> <p>The advantage for any business, and especially small businesses with tight resources, is that companies can keep up with growing IT demands by moving away from on-site resources as is appropriate.</p> <p>In fact, <a href="" target="_blank">Deloitte predicts</a> that in the near future, the <strong>XaaS model could begin to upend traditional business models</strong>, moving instead toward a holistic view of services.</p> <p>“XaaS envisions business capabilities, products, and processes not as discreet vertical offerings operating individually in silos but, rather, as a collection of horizontal services that can be accessed and leveraged across organizational boundaries,” Deloitte notes. “So, with a few technical upgrades and strategically deployed APIs, the customer service module in your ERP system that is used exclusively to support external customers can now be leveraged by other departments as well: by IT for help-desk queries, by HR for internal customers, and by logistics for vendor support, for instance.”</p> <p>Further, Deloitte predicts that XaaS could put modernization goals on a new track.</p> <p>“What was primarily a technical process of overhauling legacy systems becomes a broader operational and business effort to <strong>create greater efficiencies and to engage customers, employees, and business partners in new ways</strong>.”</p> <p>Moreover, the model could bring new processes and products to light, since it requires companies to undertake a complete catalog of assets and plan for investments that impact the entire ecosystem.</p> <p><em><a href="" target="_blank"><strong>SEE MORE:</strong> Can Analytics as a Service help your business derive insights?</a></em></p> <h2>The Benefits of XaaS for Businesses</h2> <p>If this disruption to business models seems daunting, it <strong>comes with some clear advantages</strong>, many of which manifest themselves from day one.</p> <p>“Services offer significant benefits for businesses out of the gate, including simplified IT deployment, a smaller on-premises physical footprint, and fewer wasted assets by only using and paying for what you need, when you need it,” Grad Rosenbaum, vice president and general manager of the Americas Solutions Business at <a href="" target="_blank">HP</a>, <a href="">writes in a recent <em>BizTech</em></a> article.</p> <p>XaaS models can also be <strong>more secure</strong> — devices are never out of reach of the cloud, meaning that patches and updates can be administered automatically, and lost or stolen devices can be locked or the data wiped. And, with all the data stored in the cloud, XaaS can also make room for businesses to better glean operational efficiencies.</p> <p>Not to mention, as <strong>IT teams and other employees are freed up from everyday tasks</strong>, it can make room for innovation as well. And without all that extra equipment in IT closets, businesses can easily become more sustainable operations.</p> <p>One of the greatest advantages, however, is that XaaS can allow businesses to be nimbler, pivoting services as they see fit without the need to build out on-premises underlying IT.</p> <p>According to Deloitte's <a href=";pkid=1005281" target="_blank">2018 Flexible Consumption Models Study</a>, released in late 2018, <strong>greater agility is one of the main advantages of XaaS models</strong>. In fact, <strong>75 percent </strong>of respondents said XaaS makes it easier and faster for them to prototype new solutions, while <strong>70 percent </strong>noted the offering made it possible for them to access tools that would otherwise be too expensive.</p> <p>The bottom line is while on-premises solutions are likely to remain vital to many businesses and their operations for several years, for small businesses looking for a way to stay competitive and streamline IT, XaaS could certainly be the future.</p> <p><em>This article is part of </em>BizTech<em>'s <a href="">AgilITy blog series</a>. Please join the discussion on Twitter <em>by</em></em><em> using the <a href=";src=typd">#SmallBizIT </a>hashtag</em>.</p> <p><a data-entity-type="" data-entity-uuid="" href=""><img alt="Agility_Logo_sized.jpg" data-entity-type="" data-entity-uuid="" src="/sites/" /></a></p> </div> <div> <div class="field-author"><a href="/taxonomy/term/11306" hreflang="en">Larry Burt </a></div> </div> Tue, 19 Mar 2019 15:39:35 +0000 juliet.vanwagenen_22746 43471 at New Tech Could Make Translation a Snap for Businesses <span>New Tech Could Make Translation a Snap for Businesses</span> <span><span lang="" about="/dashboard/julietvanwagenen22746" typeof="schema:Person" property="schema:name" datatype="" content="juliet.vanwagenen_22746">juliet.vanwage…</span></span> <span>Mon, 03/18/2019 - 14:36</span> <div><p>Is technology about to make language ­barriers a thing of the past? At the <a href="" target="_blank">International Consumer Electronics Show</a> in January, Google announced that its <a href="" target="_blank">Google Assistant</a> technology can <strong>now translate 27 languages in near-real time</strong>. The technology could be revolutionary for organizations with customers and business partners around the world.</p> <p>Here’s how it works: A person using the <a href="" target="_blank">Google Home Hub</a>, where the translation ­feature will first appear, can speak in their native tongue, and Google Assistant will repeat the speaker’s words in a designated language and display them on the hub screen. The person on the other side of the conversation can then speak, and their words will likewise be translated.</p> <p>Does it work? Not perfectly, but well enough to carry on a basic conversation, <a href="" target="_blank">according to a writer for The Verge</a>, who tried it out by speaking Mandarin. It’s “<strong>a little unnatural in practice</strong>” to have to wait for Google Assistant to translate a speaker’s words before responding, and Google might miss some things, Shannon Liao reported.</p> <p>Still, it’s another step forward in Google’s development of tech that <strong>smashes the language barrier</strong>, including its Pixel Buds, <strong>earbuds that include a more rudimentary translation feature</strong>. And it’s likely to inspire competitors in the smart home device market to develop their own translation features.</p> </div> <div> <div class="field-author"><a href="/author/bob-keaveney" hreflang="en">Bob Keaveney</a></div> </div> Mon, 18 Mar 2019 18:36:12 +0000 juliet.vanwagenen_22746 43466 at Should Banks and Credit Unions Reinvent Their Call Centers? <span>Should Banks and Credit Unions Reinvent Their Call Centers?</span> <span><span lang="" about="/dashboard/julietvanwagenen22746" typeof="schema:Person" property="schema:name" datatype="" content="juliet.vanwagenen_22746">juliet.vanwage…</span></span> <span>Mon, 03/18/2019 - 10:56</span> <div><p>Banks are thinking hard these days about how to deploy modern technology within physical branches — part of an overdue effort to <a href="">fuse the online banking experience</a> with the in-branch services, both of which are important to consumers when choosing a bank, <a href="" target="_blank">according to multiple surveys</a>.</p> <p>But what about the humble contact center? Could it, too, be in for a transformation? It certainly looks possible.</p> <p>Banks and credit unions began using phone-based contact centers in the early <strong>1980s </strong>as part of a cost-reduction strategy. The idea was to move “low-value transactions” out of high-touch branches and into centralized locations where they could be handled remotely.</p> <p>But banks found that <strong>contact centers did not reduce overall operating costs</strong>. Rather, as the management consultant <a href="" target="_blank">Strategy&amp; explains</a>, they “had simply created yet another channel that required ongoing cost management.”</p> <p>Yet bank contact centers haven’t changed much since. Employees still typically work at phone banks in single, centralized locations, equipped with computers and headsets, and they continue to interact with bank customers only remotely— never in person, and never in a branch.</p> <p>That might be changing.</p> <p>As banks and credit unions both <a href="" target="_blank">reduce the numbers of branches they operate</a> and <a href="" target="_blank">reinvent the ones that remain</a>, the opportunity is presenting itself to shift from centralized to distributed call centers — that is, to move employees away from phone banks and into branches where they can handle customer service tasks <strong>both on the phone and in person</strong>. </p> <p>Technology is making this more possible than ever. Brands like <a href="" target="_blank">Cisco</a>, <a href="" target="_blank">Avaya</a>, <a href="">Mitel</a>, <a href="" target="_blank">Ring Central</a> and others offer advanced contact center solutions that enable employees to manage their call center responsibilities without being colocated in a single setting.</p> <p><a href="" target="_blank"><em><strong>MORE FROM BIZTECH: </strong>Customer engagement centers can boost compliance and security.</em></a></p> <h2>Do Banks Need Traditional Call Centers?</h2> <p>Contact center interactions are vitally important to banks: While they constitute less than <strong>10 percent</strong> of customer interactions at most banks, according to <a href="" target="_blank">research by the consulting firm Bain,</a> they account for more than <strong>30 percent</strong> of what Bain calls “moment-of-truth encounters,” those that “have higher emotional stakes for the customers, such as calling to report a stolen credit card.”</p> <p>And traditional bank call centers are not performing well: When <strong>115,000 banking customers </strong>were asked in a Bain survey to evaluate their experiences interacting with their bank through various channels, they ranked contact centers last.</p> <p>Given the high stakes of such interactions, it makes sense that banks and credit unions would look for ways to integrate call center staff more thoroughly with the institutions and their customers. At the same time, cross-training employees to handle both call center and in-branch interactions offers banks and credit unions a number of advantages, from staffing flexibility to improved customer service to lower costs.</p> <p><a href="" target="_blank"><em><strong>MORE FROM BIZTECH:</strong> Will W</em><em>ebAuthn</em><em> make passwords obsolete?</em></a></p> <h2>Cross-Training Staff Offers Banks Numerous Advantages</h2> <p>Bain’s Nikola Glusac and Corrie Carrigan envision banks employing better-trained call center employees to <strong>focus on providing more complex services</strong>, like loan consultations, as more consumers shift to digital apps for basic services. In fact, they say banks are “rethinking their sourcing and location strategies” for call centers, “to ensure they’re able to tap into skilled labor pools.”</p> <p>At the same time, banks and credit unions are rethinking the way they staff branches generally. For example, when iQ Credit Union opened a new flagship branch in Vancouver, Wash., in December 2017, it decided that all employees working there would be <strong>trained to help customers with anything they needed</strong>.</p> <p>“They can start the member with a teller transaction and invite them into an office for a more in-depth loan discussion,” Danette LaChappelle, iQ’s senior vice president of marketing, <a href="" target="_blank">told <em>Credit Union Times</em></a>. “There is no need to hand them off to someone else. That is what helps to deepen the relationships.”</p> <p>Given these converging trends — the modernization of the bank branch, banks’ need to reduce operating costs while meeting customer demands and the increased cross-training of staff — it makes sense that a rethinking is in order for call centers to be next in line for digital transformation. <strong>The technology exists today to make it happen.</strong></p> <p><em>This article is part of </em>BizTech<em>'s <a href="">EquITy blog series</a>. Please join the discussion on Twitter by using the <a href=";src=typd">#FinanceTech</a> hashtag.</em></p> <p><a data-entity-type="" data-entity-uuid="" href=""><img alt="Equity_logo_sized.jpg" data-entity-type="" data-entity-uuid="" src="/sites/" /></a></p> </div> <div> <div class="field-author"><a href="/taxonomy/term/11986" hreflang="en">Justin Hester</a></div> </div> Mon, 18 Mar 2019 14:56:29 +0000 juliet.vanwagenen_22746 43461 at Spring 2019 <span>Spring 2019</span> <span><span lang="" about="/dashboard/julietvanwagenen22746" typeof="schema:Person" property="schema:name" datatype="" content="juliet.vanwagenen_22746">juliet.vanwage…</span></span> <span>Thu, 03/14/2019 - 14:20</span> <div class="pw-widget pw-size-medium pw-layout-vertical" data-layout="vertical" data-url="" data-title="Spring 2019" data-via="BizTechMagazine" data-button-background="none"> <span> <span>Mar</span> <span>14</span> <span>2019</span> </span> <a class="pw-button-twitter cdw-taboola-social"></a> <a class="pw-button-facebook cdw-taboola-social"></a> <a class="pw-button-linkedin cdw-taboola-social"></a> <a class="pw-button-reddit cdw-taboola-social"></a> <a class="pw-button-flipboard cdw-taboola-social"></a> <a class="pw-button-email cdw-taboola-social"></a> <!-- Pinterest button is in EdTechk12 theme's vertical template --> </div> <div class="pw-widget pw-size-medium pw-layout-horizontal" data-counter="true" data-url="" data-title="Spring 2019" data-via="BizTechMagazine" data-button-background="none"> <div> <a class="pw-button-twitter cdw-taboola-social"></a> <a href=";" target="_blank"><span class="pw-box-counter cdw-taboola" data-channel="twitter"></span></a> </div> <div> <a class="pw-button-facebook cdw-taboola-social"></a> </div> <div> <a class="pw-button-linkedin cdw-taboola-social"></a> </div> <div> <a class="pw-button-reddit cdw-taboola-social"></a> </div> <div> <a class="pw-button-flipboard cdw-taboola-social"></a> </div> <div> <a class="pw-button-email cdw-taboola-social"></a> </div> <!-- Pinterest button is in EdTechk12 theme's horizontal template --> </div> <div class="pw-widget pw-size-medium pw-layout-horizontal" data-url="" data-title="Spring 2019" data-via="BizTechMagazine" data-button-background="none"> <div> <a class="pw-button-twitter"></a> <span class="pw-box-counter" pw:channel="twitter"></span> </div> <div> <a class="pw-button-facebook"></a> <span class="pw-box-counter" pw:channel="facebook"></span> </div> </div> Thu, 14 Mar 2019 18:20:19 +0000 juliet.vanwagenen_22746 43456 at How Businesses Foil Phishing Attacks with Security Awareness Training <span>How Businesses Foil Phishing Attacks with Security Awareness Training</span> <span><span lang="" about="/dashboard/julietvanwagenen22746" typeof="schema:Person" property="schema:name" datatype="" content="juliet.vanwagenen_22746">juliet.vanwage…</span></span> <span>Thu, 03/14/2019 - 10:49</span> <div><p>Employees at <a href="" target="_blank">Picatinny Federal Credit Union</a> recently received an email from <a href=""></a> with the subject line “re: bank details confirmation.” It looked like a routine email for a financial institution, but those who double-clicked the attached invoice were rewarded with a stark break from their regular workday.</p> <p>They were <strong>directed to a page explaining that they had fallen for a phishing attack</strong>, but they were lucky — it was only a test. “We’re in the financial industry, so one of my big jobs is to stay in front of as much of this as possible,” explains Rich Engle, Picatinny FCU’s director of IT. “It’s like a fire drill. As an organization, you have to practice what to do if there is a breach.”</p> <p>Businesses across industries erect security defenses ranging from firewalls to intrusion prevention systems, but such <strong>technologies don’t protect organizations from one of their top vulnerabilities: their employees</strong>. Many have responded to internal threats by instituting training solutions that educate, test and track employees on their success or failure at avoiding phishing attempts.</p> <p><a href="" target="_blank"><em><strong>MORE FROM BIZTECH: </strong>Phishing is only one of the ways hackers exploit employees. Learn more about solving the people problem.</em></a></p> <h2 id="toc_0">Train Employees Effectively to Keep Phishing at Bay</h2> <p>In a <a href="" target="_blank">recent survey</a> of 1,100 organizations conducted by security awareness company KnowBe4 and ITIC, a research firm, <strong>86 percent </strong>said they conduct randomized phishing simulations. In fact, phishing is such a hot-button issue that <strong>65 percent </strong>of respondents gave feedback through the survey’s optional essay question, compared with the standard response rate of<strong> 10 percent or less</strong>, says Laura DiDio, principal of ITIC. “There is obviously a heightened awareness about this problem,” she says.</p> <p><img alt="Rich Engle" data-entity-type="" data-entity-uuid="" src="/sites/" /></p> <p><span style="font-size: 11px; line-height: 20.8px;">“As an organization, you have to ­practice what to do if there is a breach,” says Rich Engle, IT Director of Picatinny Federal Credit Union. Photography by Andrew Kist.</span></p> <p>Picatinny FCU trains employees on phishing attacks annually, but before implementing <a href="" target="_blank">Cofense’s PhishMe</a> solution in summer 2017, the credit union was making up examples of attacks and presenting them as hypothetical situations. Now its tests use real-world phishing scams. “That helps drive the message home, because I can say, ‘This actually happened,’” says Engle.</p> <p>A simulated attack is also more ­effective than a training session, he adds. “<strong>That real-life scenario is invaluable</strong>, as opposed to once every quarter sitting in a conference room and being told, ‘Phishing is out there. Don’t open these emails.’”</p> <p><a data-entity-type="" data-entity-uuid="" href="" target="_blank" title="CDW Cybersecurity Insight Report"><img alt="Cybersecurity-report_EasyTarget.jpg" data-entity-type="" data-entity-uuid="" src="/sites/" /></a></p> <h2 id="toc_1">Businesses Use Past Breaches as Learning Opportunities</h2> <p>Before launching the first PhishMe campaign, all Engle had to do was add the IP addresses for the whitelist and configure the spam filter so it didn’t block the test emails. Once that was done, Engle began launching simulated attacks randomly, at least four times per year — more if he saw an uptick in attacks or heard about them in the news.</p> <p>PhishMe <strong>updates the simulations frequently</strong> so that employees don’t learn to spot them. “If they were the same old emails, it wouldn’t have extended value,” Engle says. When employees click on links in phishing simulations, not only are they led through training, but the program reports back to Engle who opened the emails, who double-clicked the links and who clicked through pages within a link.</p> <p>Some people are embarrassed that they fell for the scam, while others feel tricked. But Engle explains that they’re better off being fooled by him than by a malicious actor. “Hackers work very hard not to have to get a legitimate job,” Engle notes. “At the end of the day, I think everybody gets it: Every employee is a potential breach point.”</p> <p>Like Picatinny FCU, <a href=";gclid=EAIaIQobChMI1ISW9oeC4QIVF1uGCh3kxwWAEAAYASAAEgJCz_D_BwE" target="_blank">Patriot Software</a> uses real-world scenarios in its simulated phishing attacks, but not only from vendor templates. The company <strong>trains employees to spot phishing attacks</strong> by telling them about ones they’ve faced.</p> <p>For instance, a few years ago, an employee got an email from Patriot CEO Michael J. Kappel, who was out of the office, asking him to send over workers’ W-2 forms. The employee began preparing to send them when a colleague questioned what he was doing. Ultimately, they decided to ask the CEO if the email was really from him.</p> <p>It wasn’t.</p> <p>“We had no idea how vulnerable we were,” says Elliot Bailey, principal ­systems engineer at Patriot, an accounting and payroll software firm based in Canton, Ohio. “We’re definitely way ­better off now.”</p> <p><a href="" target="_blank"><em>MORE FROM BIZTECH:</em> How to use hackers’ tactics to create a cybersecurity culture.</a></p> <h2 id="toc_2">Build Trust Around Security Awareness</h2> <p>Bailey <strong>launched a security awareness program</strong> after attending the 2016 annual conference by <a href="" target="_blank">Proofpoint</a>’s Wombat Security. But the program got off to a slow start because he was more focused on securing systems than educating users. So, when Hannah Fricker, who had recently started with Patriot in a help desk role, showed an interest in the program, he put her in charge of security awareness.</p> </div> <div> <div class="field-author"><a href="/author/melissa-delaney" hreflang="en">Melissa Delaney</a></div> </div> Thu, 14 Mar 2019 14:49:22 +0000 juliet.vanwagenen_22746 43451 at The Energy Industry Is Changing Fast, and Most Utilities Aren’t Ready <span>The Energy Industry Is Changing Fast, and Most Utilities Aren’t Ready</span> <span><span lang="" about="/dashboard/bobkeaveneyu64t" typeof="schema:Person" property="schema:name" datatype="">Bob.Keaveney_u64t</span></span> <span>Thu, 03/14/2019 - 09:16</span> <div><p>The “twin forces of changing customer expectations and rapid technological evolution” are forcing a “global energy transformation,” yet most companies within the sector admit they are not close to being ready, according to consulting firm PwC.</p> <p>In its recent survey of energy and utility executives, “<a href="" target="_blank">The Narrowing Window for Energy Transformation</a>,” PwC reports <strong>that 82 percent of respondents admit their company is behind the curve</strong> when it comes to making the changes demanded by a digital world. “In the meantime,” PwC argues, “new players from outside the sector are sizing up opportunities in energy markets around the world.”</p> <p>“Traditional utility companies are aware that there is a narrow window of opportunity — about five years — to build and acquire the strategies and capabilities needed to stay ahead,” the report states. But five years may, in fact, be more time than companies actually have to make needed changes.</p> <p><a href="" target="_blank"><em><strong>MORE FROM BIZTECH:</strong> Find out how to choose the right data center storage solution.</em></a></p> <h2>The Energy Market Is Changing</h2> <p>Several <strong>factors are converging to force transformation in every part of the power and utility industry</strong>, including power generation, <a href="">grid operation</a> and <a href="">meters</a>. In just a few years, and at a pace that is surprising executives, the industry is moving from “an analogue, scale-driven, centralized and standardized model to one that is digital, distributed and personalized,” PwC says.</p> <p>This is prompting <strong>culture shock for the normally staid, slow-moving utility business.</strong> An industry accustomed to long time horizons for asset investment and tech adoption must adapt to short-term digital investments.</p> <p>Executives responding to the survey suggested that the changes they need to make can wait a few years. Only <strong>5 percent said strategic changes need to be made by next year</strong>, while 85 percent said it can wait at least three years. The other 10 percent expect to take more than five years.</p> <p>That attitude is unwise, PwC argues. “The danger for some companies is the temptation to kick the can down the road and hope that they will not be overtaken in the meantime. With each passing month, customers increasingly expect more convenience and control, power generation becomes more distributed, and the expanding array of digital tools and platforms become more central to operations and customer relationships — and, as a result, to competitive advantage,” PwC says.</p> <p>In its survey of utility and power executives, the consultant found that:</p> <ul><li>90 percent have stepped up enterprise innovation initiatives.</li> <li>90 percent say the window of opportunity for readiness will close within five years.</li> <li>86 percent of North American utilities cited technology advancement as driving industry evolution.</li> <li>Only 15 percent are focusing on breakthrough (business models) innovation.</li> </ul><p><a data-entity-type="" data-entity-uuid="" href="" target="_blank"><img alt="IT%20Infrastructure_IR_2.jpg" data-entity-type="" data-entity-uuid="" src="/sites/" /></a></p> <h2 id="toc_0">For Utilities, Upgrading Customer Experience Is a Vital Task</h2> <p>One major force behind all this disruption is customer empowerment, much of it enabled by technology, PwC notes. Smart grids, microgrids and local power generation and storage, as well as myriad information technologies, are empowering customers to expect greater control over, and insight into, their power consumption.</p> <p>“The upshot is that <strong>business and residential customers are becoming empowered in unexpected and potent ways</strong>,” PwC says. “This trend is as relevant in regulated monopoly markets as it is in open competitive markets.”</p> <p>That means optimizing the customer experience should top the must-do lists of companies that haven’t always been well known for customer service. But it’s not clear that utilities are getting the message yet. For example, when asked what they think their customers want from them, just <strong>47 percent say that consumers are seeking insights into their energy consumption</strong>. PwC maintains that most customers want simplicity, choice and control from their relationships with utilities, yet fewer than a third of utilities think so.</p> <h2>‘Tech Savvy’ Is a Critical Need for Utilities</h2> <p>Finally, utilities acknowledge that their ability to deploy innovative information technology is among the most critical factors for their long-term success. “Tech savvy” and “innovation acumen" were cited by 84 and 81 percent of respondents, respectively, as important internal capabilities needed to compete successfully.</p> <p>In particular, utilities are focused Internet of Things deployments as the single most important tech priority. The reason is simple, says PwC: <a href="">IoT technologies</a> lie “at the heart of many aspects of energy transformation, including grid modernization, demand response, the integration of distributed energy resources and, of course, smart homes and workplaces.”</p> </div> <div> <div class="field-author"><a href="/author/bob-keaveney" hreflang="en">Bob Keaveney</a></div> </div> Thu, 14 Mar 2019 13:16:13 +0000 Bob.Keaveney_u64t 43446 at VDI or DaaS? IT Directors Must Decide Between Two Desktop Management Solutions <span>VDI or DaaS? IT Directors Must Decide Between Two Desktop Management Solutions</span> <span><span lang="" about="/dashboard/julietvanwagenen22746" typeof="schema:Person" property="schema:name" datatype="" content="juliet.vanwagenen_22746">juliet.vanwage…</span></span> <span>Wed, 03/13/2019 - 16:41</span> <div><p>When it comes to managing desktops, numbers can be deceiving. Even at small companies, each employee may use two or three laptops, tablets or smartphones throughout the day. All those endpoints can keep lean IT departments scrambling to address service problems and install patches and application updates.</p> <p>This helps explain why small and midsized organizations have embraced virtual desktop infrastructure. VDI sends the latest IT-approved images to devices each time users log on to the network. Rather than touching each device to keep it secure and up to date, IT staffers load standard images on ­centrally managed servers that blast the virtual desktops to end users.</p> <p>This brings order to what can easily be chaos. Adam Martin, IT director at American Structurepoint, is a VDI true believer.</p> <p>The engineering and architecture firm runs <strong>17 offices throughout the country</strong>, including its Indianapolis ­headquarters. It runs a VDI environment supported by <a href="" target="_blank">Citrix Virtual Apps and Virtual Desktops</a>. “We have a complex desktop footprint, with more than <strong>400 employees </strong>and more computers than people,” Martin says. “We didn’t want to deploy IT infrastructure at all of these locations; that would have been too difficult to manage.”</p> <p>But now, there’s an alternative to traditional VDI. Desktop as a Service delivers virtual desktops without the need for on-premises resources to support them. Microsoft announced its DaaS offering last September, joining companies such as <a href="" target="_blank">Citrix</a>, <a href="" target="_blank">HP</a>, <a href="" target="_blank">VMware</a> and others.</p> <p>But like most decisions regarding ­on-premises versus cloud, <strong>IT managers must carefully weigh which option is right for their organization</strong>. “In terms of performance, most VDI solutions offer graphics acceleration that can mitigate performance issues,” says Charles King, principal analyst at Pund-IT. “However, leading cloud-based solutions offer bundles for graphics workloads that could fit the bill.”</p> <p>IT management also <strong>presents nuanced trade-offs</strong>, argues King: “In terms of management, customers usually deal with a single vendor, which can simplify support and maintenance issues. Enlisting a cloud vendor for DaaS injects another party into the mix, but it takes a host of management responsibilities off the table. The best choice for each ­organization depends largely on the applications involved and their system requirements.”</p> <p><a href="" target="_blank"><em><strong>MORE FROM BIZTECH:</strong> For users of Microsoft Windows 10, VDI offers additional benefits, especially in disaster recovery.</em></a></p> <h2 id="toc_0">VDI Streamlines the Remote and In-Office Worker Experience</h2> <p>American Structurepoint’s VDI journey began five years ago when it launched an aggressive growth campaign to double its size. Today, VDI helps the IT department effectively manage hundreds of desktops.</p> <p>Martin and his staff took an uncommon approach to deploying VDI. Many companies target light workloads to start to get a feel for the technology. “We did the opposite by delivering AutoCAD applications so people in field offices could create complex engineering designs and 3D models without us deploying infrastructure at those locations,” he says.</p> <p> </p> </div> <div> <div class="field-author"><a href="/author/alan-joch" hreflang="en">Alan Joch</a></div> </div> Wed, 13 Mar 2019 20:41:34 +0000 juliet.vanwagenen_22746 43441 at Why Businesses Should Wait No Longer to Upgrade to Windows 10 <span>Why Businesses Should Wait No Longer to Upgrade to Windows 10</span> <span><span lang="" about="/dashboard/julietvanwagenen22746" typeof="schema:Person" property="schema:name" datatype="" content="juliet.vanwagenen_22746">juliet.vanwage…</span></span> <span>Wed, 03/13/2019 - 15:29</span> <div><p>When you’re a one-man IT band, it helps to have some powerful instruments in your ensemble.</p> <p>That’s why Antonio Palumbo, chief technology officer of the <a href="" target="_blank">National Development Council</a>, moved his entire organization to <a href="" target="_blank">Windows 10</a> and<a href="" target="_blank"> Microsoft</a>’s cloud. Since 1969, this nationwide nonprofit organization has brought together advisory services and ­capital for community and economic investment. About 60 of NDC’s <strong>roughly 100 employees work from home or the road</strong>; the rest are split between four offices across the country, Palumbo says.</p> <p>Before Palumbo came on board as the NDC’s first and only IT employee in 2012, staffers made their own decisions about what computers and software they used, he says. They were also accessing remote desktops via a managed service ­provider that cost the organization <strong>$40,000 a month</strong>.</p> <p>By dropping its MSP, adopting cloud-based solutions such as <a href="" target="_blank">Office 365</a> and upgrading to Windows 10, NDC has cut its monthly IT spend by <strong>80 percent</strong>, he says. Over the past three years, Palumbo has been replacing employees’ Windows 7 machines with <a href="" target="_blank">Lenovo ThinkPad X280</a> laptops running Windows 10, tied to <a href="" target="_blank">Azure Active Directory</a> and Office 365.</p> <p>“The moment I tied the machines to Office 365, all of their documents and email were there,” he says. “It was easy to hand them machines, then schedule a <a href="" target="_blank">Skype</a> call so they could share their screens and I could show them how to do things in Windows 10.”</p> <p>When you’re the <strong>sole IT guy for a team of 100</strong>, anything that makes your job a little easier is a plus, he adds. “It’s worth the time investment to ­hand-hold employees through the process on the front end,” he says. “Once they get the new machines, I don’t hear from them again after the first week.”</p> <p>Besides <strong>lower costs and easier management</strong>, Windows 10 also provides enhanced security features. Palumbo says managing passwords and enabling two-factor authentication are much easier in Windows 10. And once NDC, which works with local and state governments and other partners to increase capital investments in low-income communities, is fully migrated by the end of this year, Palumbo plans to enable Windows 10’s mobile device management tools so he can push out updates and control everyone’s machines from a single console.</p> <p><strong>Changing how people do their jobs is always difficult</strong>, he admits. But once they realize what a new OS can do for them, they immediately get on board.</p> <p>“It goes from, ‘Oh man, I think it’s my turn to get upgraded next’ to, ‘Hey Antonio, when can I get on?’” he says. “That’s the conversation we’re having now.”</p> <p><a href="" target="_blank"><em><strong>SEE MORE: </strong>Learn how to think through the options for businesses that are still using Windows 7.</em></a></p> <h2 id="toc_0">How to Overcome Windows 10 Adoption Challenges</h2> <p>Despite Windows 10’s clear benefits, only about half of SMBs have made the switch, most of them within the past year, says Anurag Agrawal, analyst at Techaisle.</p> </div> <div> <div class="field-author"><a href="/author/dan-tynan" hreflang="en">Dan Tynan</a></div> </div> Wed, 13 Mar 2019 19:29:18 +0000 juliet.vanwagenen_22746 43436 at