Nonprofits need tech solutions that work: Here’s how the market is helping out.

Screen-Shot-2017-05-25-at-1.00.45-PM

Technology and NPOs have always had an interesting relationship: Nonprofits tend to be less impressed customer-focused marketing, and less willing to invest in new long-term technology unless the ROI is visible, preferably with a few industry examples to back it up. However, a technology used correctly can be an advantageous source of savings and efficiency for NPOs, often targeting the very problems they want to get rid of.

The key is finding the latest tech solutions that are having a provable impact on organizations beyond the hype for “the most recent thing.” Let’s take a look at the top trends that impress us the most.

The Cloud Continues to Revolutionize Structure

Cloud data means less dependence on hardware and the enablement of flexible, fast organizations that don’t have to rely on traditional structures when their important data can be anywhere, at any time. This has proven particularly beneficial for NPOs, which tend to prefer more adaptability and more flexible work arrangements including remote work, working from home, scheduling trading, and more. In other words, your data is better off if it can be accessed from the cloud.

The key, however, is finding cloud services that you can trust. It is not a good idea to change your organizational structure based on cloud services without proper encryption and verification. The good news is that professional options like OneDrive and Google Storage have proven to been reliable storage options, and are available free or with discounts for NPOs.

The New Age of Digital Payments

NPOs love digital payments, and for a good reason: They enable immediate payment based on appropriate calls to action that can be connected compelling content or messages, giving donors something to do with their emotions while bringing in funds more reliably. But today’s digital payment options go far beyond the normal PayPal link: Facebook now has an option that allows people to donate while they are still on the social network. YouTube has donation cards that can carry viewers away to an online payment option. Twitter and Snapchat are experimenting with $Cashtags and Snapcash for instant methods of giving away money. Even Gmail has an automatic money transfer option for those you exchange emails with. It’s an exciting time for digital payments, and a good idea to review the latest technology services for nonprofits to see how they are changing.

Chatbots for More Than Just Selling

Chatbots are finally coming into their own, and that includes a lot of interesting applications for non-profits that sometimes have trouble communicating their full mission. For those who haven’t encountered many before, a chatbot is a system that pops open a chat window on a website and offers information or services for visitors. These are automated systems with AI capabilities, so a real person doesn’t need to manage them – they can explain things all on their own, and well-crafted chatbots are skilled at making conversations look as normal as possible.

These days, chatbots are a popular marketing topic and are likely to become ubiquitous as time goes on. You can craft them in Facebook, buy them for your website, and program them for your Skype software. For nonprofits, this means the bot can pop up ready to have a conversation with any visitors about what the nonprofit is, how it works, and what connections it has to local events or news. Since chatbots are already being used to sell products within the app, we also expect to see donation options that the bot can offer interested visitors, increasing funding as well as awareness.

CRM for Donors

Today’s customer relationship management solutions are diverse and, thankfully, much more modular than in the past, allowing organizations to pick out the services they need with the guarantee they are all designed to work together across the same platform. And these vendors have no trouble working with NPOs – after all, a customer and a donor share most things in common when it comes to managing and using data. So a good CRM system can help reach more donors, utilize information more effectively, and create more powerful sales funnel.

One way we’re seeing this benefit today’s donors is via email: While it’s trendy to think of email as an “old” method of communication, it’s actually doing very well on the marketing front – indeed, when it comes to results, good old fashioned emails keep on improving, especially in the mobile sector: Social media remains popular for personal use, but many people just prefer to conduct more professional matters, including donations, through email.. If you don’t have a CRM system set up to take advantage of email messaging, it’s time to consider one.

More Applications for the IoT

The Internet of Things, in abstract, is pretty easy to understanding: A bunch of smart devices send data to their respective services, and we learn more about things while also gaining greater control over the technology around. However, finding specific ways this impacts NPOs is a bit more challenging: However, there’s a ton of potential in the IoT and the ideas currently being tested here are exciting.

Roughly, smart devices for non-profits fall into two different groups. The first is infrastructure: When smart devices can tell you how well concrete pillars are holding up, how much heat buildings are retaining, and how efficiently energy or water are used, then nonprofits become very interested in accessing that data for their reports and fundraising. The second group are sensors that can be used in marketing. For example, we are entirely making up: “Thanks to our new partnership with GeoTesla, every time your car passes a local city park you can choose to automatically donate $1 to our land improvement project!”

App Partnerships

One of the greatest advantages of today’s apps is that they can be created by even small organizations, and they are adaptable enough that any NPO can find a way to use apps. Not sure where they may fit in with your goals or partnerships? Check out some of the more innovative uses of non-profit apps currently at work for ideas. However, app creation requires a lot of cost-benefit analysis and asks quite a lot of donors (when was the last time you wanted to download another app on your phone?). Remember to stay creative!

For more information on our non-profit managed services and other IT services for nonprofits (including consultations on what you need), contact Cenetric at info@cenetric.com or (913) 210-1950!

The Benefits of Structured Cabling for Your Business

  • How much do you know about your company’s IT network?
  • What type of cabling system do you use? 
  • When was the last time you upgraded your network cabling?

These are questions any business owner should have answers for. However, if you’re like most that we consult for, your answers aren’t sufficient.  Your IT network is the backbone of your organization. Without a strong network, your employees are wasting time and losing productivity every day.

cabling

Are you using old technology and running your business on an out-of-date network?

If so, it’s time for an update.

One of the most useful updates you can make to your network is to switch from that old point-to-point cabling system to a highly functioning structured cabling system.

Point-to-Point Cabling vs. Structured Cabling Systems

These are the only two methods for transporting data through network cables. Many continue to use the old point-to-point cable method for their data infrastructure. A point-to-point cabling system has a tendency to cause problems as your network needs expand is size and complexity. To understand why, you must know how a point-to-point cabling system works:

A point-to-point cabling is set up by connecting one component of a network, a server, switch or a device, directly to another component of the network using a fiber-optic cable. Twenty years ago, this type of wiring was an elegant solution for quickly and easily stringing together a network. At that time, most networks were small, and IT departments were smaller.

Today, as networks grow, and fast transfers of huge amounts of data are more essential, maintaining these older point-to-point cabling system, along with the thousands of cords necessary to operate them, places a big strain on a company’s IT resources.

To avoid dealing with this, many companies have switched to a structured cabling system. Instead of connecting each individual component of a network directly to another, a structured cabling system connects the servers and storage units directly to a communication backbone.

Local cabling panels are installed throughout the office and connected to the communication backbone with a single cable. A user can then connect his device to the entire network by simply plugging a short cable into the closest cabling panel.

The Benefits of Structured Cabling

You may be thinking, “Hey, isn’t adding a communication backbone and redoing all the cable systems in my office going to be expensive?” The answer is yes. Installing a structured cabling system can be costly, but it’s an investment in the future of your business.

Why is it such a good investment? There are many reasons. A structured cabling system:

  • Pays for itself. It’s true that changing from a point-to-point cabling system to a structured cabling system isn’t cheap. The cost of installing a structured cabling system can range from $100 to $500 for each connection. Companies in older buildings with less access to the ceiling and subfloor can expect to pay even more. But the investment will eventually pay for itself by both making your employees more effective and lowering IT costs.
  • Reduces the time necessary to make repairs. Since a structured cabling system is segregated into a group of devices connected to a single local cabling panel, it’s easy for your IT professional to identify problems and solve issues. An additional benefit is that users’ work won’t be disrupted if their devices aren’t connected to the cabling panel being serviced.
  • Helps you plan for the future. A cable has an average useful lifespan of 15 years. That’s two to three times longer than most devices.  The cabling system you install today is going to be around for a long time, and will handle several generations of devices. No one knows how large your business will grow, or what future devices you may require.  However, when you switch to a structured cabling system, you’re helping to future-proof your network.
  • Offers increased flexibility. Adding more devices to the network is much easier when using a structured cabling system. Instead of running a new cable from additional devices to a switch or server using a long cable, your IT professional can simply connect the device to the closest cabling panel. Removing devices is just as easy.  Simply disconnect the device from the cabling panel and the job is done. No more orphaned cables to find and remove, like when using a point-to-point cabling system.

Isn’t it time for you to make the switch from point-to-point cabling? Cenetric can install a structured cabling system for your business in Kansas. Contact us for a complimentary assessment of your cabling needs. (913) 210-1950 or email us at info@cenetric.com

6 Lessons Every Company Should Learn from the WannaCry Ransomware

WannaCry’s ransomware attack is mostly over – here are the lessons businesses must learn from the experience.

WannaCry

WannaCry was a particularly nasty bit of ransomware that infected Windows systems via network connections and encrypted important files to hold them as a ransom for bitcoins. The first wave of WannaCry is over, and we can learn a lot of important lessons from its rise and fall.

1. Operating Systems Change for a Reason

This is probably the number one lesson from WannaCry: The disappointing thing is that is a very familiar lesson that every security experts know well. You have to keep updating your operating system, not just to keep up with the times, but also to protect your business data.

This advice is so common that the real problem is probably something more insidious: Business leaders refuse to take responsibility for the platforms and operating systems they are using. WannaCry is the consequence for that leadership failure, and the sooner organizations recognize that, the better they will be able to plan for the future. Windows XP was particularly vulnerable to WannaCry – that’s an operating system that’s 1)12 years old, 2)surpassed by 4 newer versions of the operating systems with far more advanced tools and integration, and 3)an OS that hasn’t had any support at all from Microsoft (outside of this emergency patch) for nearly three years.

The very common excuse that business makes here is that, “We can’t update because of this regulation, or that compliance issue, or the need to maintain services to our customers.” First, these are incredibly weak excuses. A full upgrade will always take time, resources, and careful planning to meet necessary regulations. That’s part of the process, not an excuse to avoid it. Second, many organizations don’t even realize these are poor excuses because they haven’t actually asked experts. The first thing an organization should do if they are worried about upgrading an older operating system is to bring in an IT expert that has experience in these types of upgrades and ask for a consultation, advice, and ultimately a game plan for the best possible outcome.

2. Patches Don’t Just Get in the Way – They Protect Against Threats

Close behind the lesson about upgrading to new versions of your operating system is the importance of patching. Let’s divided this into two steps. First, your company must be aware of available patches, as they come out, and what they do. This is really easy, even if you aren’t in IT. New patches are heralded by blogs, emails, tweets and many other sources of information explaining what they are and what they accomplish.

Second, give top priority to any patches that are designed to fix vulnerabilities and increase security. Require all employees to download that patch on all machines, that day. Period. You don’t even have to turn on automatic updates, just make sure those patches are downloaded. WannaCry was patched back in March, but guess what? A lot of organizations have no patch plan or requirements, so it didn’t matter.

3. Lack of Awareness is a Vulnerability

Combine both our first lessons, and you get a reminder worth noting – companies cannot claim ignorance here. We have to be aware of the current security dangers, and how to deal with them. That means paying attention to what IT says, understanding how the business systems work, and knowing when a new malware or virus attack hits. These days, no manager can say, “Well, it’s not my problem.” It is.

4. A Single Good Practice Can’t Protect You From All Malware

In the past, most ransomware like WannaCry was spread primarily through phishing emails, and strong anti-phishing strategy was very effective at dealing with the threat. But guess what? Things changes. Cyberattacks regularly evolve and find different, more insidious ways to locate new victims. You cannot count on a single strategy to prevent any particular threat.

5. Network Segmentation May Be Growing More Important

Network segmentation refers to devices that avoid connecting to the business network or connect only briefly in closely monitored situations to avoid data vulnerabilities and malware. Especially after WannaCry, this is looking like a good strategy for companies that handle a lot of sensitive information.

6. The Consequences Will Always Be Worse Than Necessary Preparation

Some of the organizations affected by WannaCry include the UK National Health Service, the South Korean and Chinese governments, and organizations in more than 150 countries. Emergency health services were canceled, governments were unable to offer services, factories were suddenly shut down, and much more. This led to tremendous losses, and will probably lead yet again to a whole lot of fines, firings, and the loss of contracts. It doesn’t matter how demanding security changes are, they are always easier than dealing with the aftermath of a bad attack.

For more information on how to prevent the latest malware attacks, contact Cenetric at (913) 210-1950 or by sending us a message at support@cenetric.com.

It’s Not Even Close to Over… Wanna Cry?

In case you have been living in a cave the past three days…

Wanna Cry is a ransomware that spreads like wildfire by leveraging a Windows SMB exploit to remotely access and infect computers running on unpatched or unsupported versions of Windows. It infects the targeted computer then moves on to others on the network and those it can find on the open internet.

need-know-wannacry-virus

237,000 computers across 99 countries have been infected thus far.

The news has reported that a 22-year-old security researcher has stopped the Wanna Cry ransomware plague.

That’s only partially true.

He found a “kill switch” in the code of Wanna Cry that will keep one strain of Wanna Cry from infecting computers.

Here’s the problem…

Now there are multiple strains of Wanna Cry cropping up across the globe.

Some with a different URL “kill switch,” and if reports can be believed, at least one strain with no “kill switch” at all. This “no kill switch” variant is believed to have been created by parties not related to the criminals who developed the first Wanna Cry code.

Whatever the final number of Wanna Cry strains ends up being, the truth is that we aren’t even close to being done with Wanna Cry. And the criminals in control of this cyber-WMD aren’t done with causing us pain.

Yes, the infection rate has slowed, but that lull is likely only the calm before the second wave of the storm – according to industry experts.

Where did Wanna Cry come from?

There is no public information on the criminals behind Wanna Cry, but the SMB exploit they are utilizing is believed to be part of a hacking toolset that the NSA allegedly created and lost control of when a group of hackers called “The Shadow Brokers” stole it and dumped it onto the dark web.

Currently, the predominant strains of Wanna Cry are being thwarted before they infect computers by utilizing the method discovered by 22-year-old MalwareTech.

He discovered that by registering a domain name that was buried in the ransomware’s code, he was able to create a “sinkhole” that didn’t allow the virus to infect the computer.

The problem is that if the connection to this “sinkhole” domain is lost, Wanna Cry will move into “infect” mode.

As we have stated above, there are now several strains of Wanna Cry out there with a “kill switch” domain name in their code. Each unique domain name must be registered so that a “sinkhole” is created for that strain.

Even with these domain name “sinkholes,” we aren’t out of the woods.

Malware Tech, the security researcher who found the first “kill switch” buried in Wanna Cry code, has stated that “WannaCrypt (or Wanna Cry) ransomware was spread normally long before this and will be long after, what we stopped was the SMB worm variant.”

There are some scenarios that will allow your unpatched computer to be infected – even with the kill switch in place. Here they are

  • If Wanna Cry comes to you via an email, a malicious torrent, or other vectors (instead of SMB protocol).
  • If your ISP or antivirus or firewall revokes access to the “sinkhole.”
  • If your system requires a proxy to access the internet – common in corporate networks.
  • If someone utilizes a DDoS attack to makes the sinkhole domain inaccessible.

What to do…

The cyber-security experts of Cenetric advise you to:

  • Patch your computers
  • Run a decent anti-virus (We highly recommend Webroot)
  • Make sure your backups are current and secure

Because of the high-profile nature of this ransomware attack, there will be copycats that make Wanna Cry even more virulent and destructive.

Wanna Cry 2.0 is inevitable.

It’s important that you act proactively for your company now and get the Cenetric cyber-security team on your side.

We have the resources to help you stay running and safe.

Contact Cenetric today at (913) 210-1950 or info@cenetric.com

Dangerous Google Docs Phishing Scam on the Loose

 

This is a copy of a letter sent to our clients yesterday:

Please be aware that the964345bedcd94234a11f9eb0940fa2eere is an extremely sophisticated and real-seeming Google Drive phishing attack making the rounds right now. The attack appears to be an invite to a shared Google Doc, usually from a trusted sender. Clicking the link will take you to Google’s  sign-in page, just like a normal Google doc invite. However, by accessing the document, you grant it full permission to your account details, including the ability to access Gmail, Google Drive, and a wealth of other information.

Thankfully, the email is pretty easy to spot. It is addressed to hhhhhhhhhhhhhh@domain.com, and doesn’t quite look the same as a standard google doc share. If you receive an email like this, please delete it immediately. If you have already opened the document within, please contact Cenetric immediately for assistance revoking the associated permissions.

The below image is what the header looks like:

phish

Thank you,

Cenetric Support

From Telegraphs to USENET and How to Protect Yourself from Spam

When someone thinks of spam they typically think of unsolicited bulk commercial email they receive in their inbox. However, the concept of spam started a little earlier than you might think. How far back? How does 1864 sound? Spam in 1864 you say? Yes, in the form of a telegraph, advertising a local dentistry actually. The Telegraph was so much news that the local paper even reprinted the telegraph that was sent to many households, further propagating the message.

More recently, people consider the first spam email coming out of Digital Equipment in 1978 which went to a total of 393 people promoting their latest computer model. You can thank a Monty Python sketch based on a cafe that only served the canned spiced ham SPAM for the origin of the name. Another early spammer was the lawyers Canter and Siegel posting their “Green Card Lottery” message to USENET, a shared messaging system.

What does all this have to do with today? You don’t want to be known as a spammer. There are three ways to attack the spam problem. First off, you don’t want your marketing emails to be classified as spam. Secondly, you don’t want your mail server to be abused where someone sends spam through your hardware. While this wasn’t sent to you directly, your hardware could be blacklisted, thus affecting your own emails. Lastly, you don’t want your employees to respond to spam. There are ways to filter this at the mail server to prevent them from seeing the messages, or at least classify messages as fishy before their opened. Cenetric can help you to protect your business from being labeled a bad apple in the email business.

Starting with the most important avenue, ensuring your marketing messages get through, there are some best practices to know about. For starters, don’t just send emails directly to your clients. Putting everyone’s email in the “To:” field of a message is bound to cause problems when someone does a reply-all. If you absolutely have to send a message to LOTS of people, it is better to use the BCC (for blind carbon copy) field of a message. Better yet, rely on a mailing list management package like that offered by Constant Contact. Typically, you don’t want to add people to the mailing list yourself. Instead, people should opt-in. More importantly, with each message you send, there should be unsubscribed instructions.

Protecting your mail server is not an easy task. There are some simple steps you can do like requiring that users are authenticated before sending a message, but someone can just spoof the email headers to make it appear messages came through your server. To best protect your server, in 2012 DMARC, or Domain-based Message Authentication, Reporting, and Conformance was introduced. Combined with the earlier introduced SPF, Sender Policy Framework, this makes sure that any messages appearing to come from your mail server actually came from your mail server. Cenetric can help you keep up with the latest ways to protect your email servers and thus getting your marketing messages through.

Lastly, it is important to look at the inbound side of spam. With all the talk of Russians hacking servers and the release of inappropriate celebrity photos, most of these attempts are triggered by phishing attacks of targets. You still need to worry about viruses being sent through email, but phishing involves fraudsters sending what look like real emails in the attempt to reveal personal information like passwords and bank account info. You don’t want your employees giving away the farm so that others can then get into your company network or your employees worried about identity theft. Cenetric can help protect your mail servers from letting these unsolicited emails through.

Call us at (913) 210-1950 or email sales@cenetric.com to learn more about how we can help keep your organization spam-free from all sides!

Are Your IT Policies Putting you at Risk of Security Breach?

Companies have solid reasons for embracing Bring Your Own Device (BYOD) and allowing for telecommuting so personnel can work from home or on the road, but doing so can increase the risk of data breaches for the company.  

Image result for security breachRemote Access policies are currently in favor with hundreds of
thousands of businesses across the United States, and the globe. While companies have solid reasons for embracing Bring Your Own Device (BYOD) and allowing for telecommuting so personnel can work from home or on the road, they increase the risk of data breaches for the company.

The Problem

The two problems are closely related. The first has to do with the concept of BYOD. The reason companies choose to allow this is that it allows their staff to have the most up-to-date technology without having to acquire advanced technology themselves. The second is telecommuting. Workers that telecommute only need an internet connection to log into their workplace computer systems.

By the Numbers

So, let’s look at some numbers concerning both problems. An article published in Great Britain tells about a survey of 500 companies in the UK and Germany. Among their findings:

  • 44% of organizations had a member of senior management lose a mobile device; and
  • 39% had a member of executives report a stolen device.
  • 54% of survey respondents noted that a non-senior management employee lost a device and 49% said a device that was stolen
  • 93% of these devices contained work-related data
  • 49% had work-related emails on them
  • 38% had confidential data or files
  • 24% contained customer data
  • 15% had company financial information

Results of similar surveys in North America, Europe, and the Pacific Rim all returned similar results.

What are the implications?

Many of these devices when lost or stolen have passwords stored without any protection. This means thieves have easy access to your company data. Often, lost or stolen devices have personal identifying information, personal financial information, or personal health information that can number in the tens of thousands. If this data, or other data such as customer lists or proprietary information, is breached, companies can see losses that go to the tens of millions of dollars.

More Numbers

  • 48% of companies reported they are unable to keep track of what data leaves the office and who is taking it off premise.
  • 54% agree that data can be safeguarded more securely
  • 67% of responding companies acknowledged they know that employees break the rules concerning removing data from the workplace, but, have not yet addressed the issue.

What Makes This Such a Big Problem?

Breaches are very expensive.

  • Your company reputation will suffer if your data is compromised. This isRelated image particularly the case if customer/client/patient information is breached. It is probable that your company will lose business directly because of the breach, and finding new business becomes harder too.
  • Most companies pay for identity theft monitoring and restoration for one year following a breach – this is an additional cost to the business and depending on the size of the breach can be very costly.
  • In many instances of data breaches, affected customers or business partners sue or join a class action suit against the company that was breached. Defense, settlements or jury awards is also a new expense.
  • Fines are often levied against companies that have preventable breaches and they can be in the millions – many small or medium-sized businesses can be driven to bankruptcy by these fines.

What You Can Do to Protect Your Data

  • Make sure your data is securely stored and require two-factor authorization for access to your system.
  • Install remote wiping applications on devices used by employees for remote or BYOD work
  • Perform routine penetration tests so your company can identify potential security flaws

For more network security information or for a free network assessment, contact Cenetric today at (913) 210-1950 or support@cenetric.com