Category Archives: Business

Eliminate headaches and save money

Just a few short years ago, the image of an IT department for small and medium businesses was one of Dilbert-looking technicians noodling around with Cat 5 cable and speaking in a blend of Klingon and Robot. In other words, IT seemed completely remote, complicated and inaccessible to most employees. Additionally, each new hardware and software deployment, including installing malware protection, could take weeks to manually implement across the enterprise, and rarely went smoothly.

One solution – outsourced IT – has found greater acceptance in the past few years as its benefits have become more tangible to even small businesses. It is estimated that globally, 74 percent of companies use some form of outsourced IT solution, up 25 percent from 2009.

 

Read further for compelling reasons why a small or medium business should consider the IT-outsourcing trend.

 

Cost savings

Moving IT off-site can save an SMB thousands of dollars per year. As most business decisions are predicated on the bottom line, this is often the main driver in the decision to migrate. Areas of savings include:

Reducing hardware expenses. Servers, storage, cabling, cooling, and datacenter square footage expense can now be on a cloud vendor’s dime, not yours.

No salary or benefits expenses for IT employees.

Potential tax savings by converting capital expenditures (servers), that depreciate slowly over time, to a monthly cost which can potentially be deducted in the current tax year.

 

The latest software versions – hassle-free

Outsourcing IT means software, including malware protection for endpoints, can be updated automatically by the provider. This obviates the need for a local tech to run around taking workstations offline for upgrades.

Furthermore, updating software not only unlocks newer features, but also closes exploits in older versions that might allow hacker penetration. So it’sworth exploring any platform that can make this process painless and automatic, such as a cloud service.

 

Focus on your business, not technical issues

Anyone who survived working in Corporate America from the 1980s onwards is familiar with the spectacle and lost productivity that accompanies the proverbial “system going down.”

When outsourcing IT to the cloud, this nightmare occurs less often as data is often distributed redundantly across many servers that are monitored constantly, leading to greater stability and uptime, and less worrying about IT matters.

Tips for Keep your network secure

Are you tiring of users continuously badgering you to get corporate network access for their mobile devices?  Does your corporate management want to buy tablets for the sales team? If so, your small- to medium-sized business (SMB) needs to start proactively addressing mobile security breaches such as malware.

Modifying your existing security policies and protocols, establishing new policies and educating your mobile workforce are economically sound frontline solutions for securing your corporate enterprise and trade secrets.

Here are some tips on how to address mobile device security breaches beforethey happen:

  • Establish corporate information access guidelines. It’s important to pre-determine how mobile device users will access corporate information. Will users download data to devices? Will they access the data remotely? The answer will vary from company to company, so be sure to consider your situation uniquely.  If your company has to be in compliance with a regulatory body like PCI Data Security Standards (DSS) or the Health Insurance Portability and Accountability Act (HIPAA), then consult with your auditor before enabling network access to mobile devices.
  • Establish device control policies. Bring Your Own Device (BYOD) can be full of benefits like saving on corporate hardware purchases and increasing productivity for your mobile workforce and SMB. However, the negatives can outweigh all those positives when a BYOD device brings malware into your network. Create a policy that governs how your corporate IT staff can gain control over a personal device, while maintaining your network security. Include information about how to keep personal information private (e.g., via a mobile device backup strategy that doesn’t touch personal data) and define corporate ownership over data and applications.
  • Enforce device-level security.  Both corporate-owned and personal devices should have secure passwords and screen locks; document this requirement in your mobile device policies. In addition, make sure it’s clear that both personal and corporate mobile devices maintain up-to-date corporate-approved (and preferably corporate-managed) antivirus and security software installed to guard against malware and other security risks.
  • Develop and deliver mobile workforce security training. Education can be just as powerful a security tool as technology. Develop and deliver mobile workforce security training built around keeping your mobile workforce productive and prepared to be the first line of defense against malware and other security threats to their mobile devices. Spell out your corporate policies and include a participant sign-off stating that they understand and will abide by the policies.
  • Determine deal breakers for your mobile device policies. In establishing mobile security policies – regardless of your industry – there are going to be deal breakers when you have to deny certain user requests.
    Deal breakers might include devices not running the current version of its OS, or they may be jail broken. There should also be a defined escalation path for deal breakers so the denial can be dealt with in an official manner with reasons formally documented in your mobile device security policies.

Reduce Your Investment In Endpoint Security

Trojans, worms and spyware sound like elements straight from a summer blockbuster, but the kind of action/adventure they provide on your PCs, Macs, smartphones and tablets make them more like a horror movie.

By deploying effective endpoint security, you can help prevent attacks and keep your users safe from viruses and other malware, such as spear phishing and advanced persistent threats. Today’s  state-of-the-art endpoint security has come a long way from its early roots in “antivirus” and has morphed into a complex suite of sophisticated protections against modern threats.

 

But good protection isn’t free; so, how can you save money, while still protecting your computers? Here’s how to reduce your investment….

 

Keeping users safe

In an ideal world, users would be perfectly security conscious. These mythical users wouldn’t:

  • Click on suspicious links.
  • Open file attachments emailed by criminals pretending to be their friends.
  • Respond to phishing messages that appear to be from a bank.
  • Disable software updates because warnings and reboots are annoying.
  • Disable a security product because it slows down their PC.
  • Install free software from an untrustworthy developer, because their friend liked it on Facebook.

Sadly, our world is less than ideal. Much, much less: A recent report said that 86 percent of U.S. businesses surveyed had lost sensitive data during the previous year.

User awareness training helps, but it isn’t sufficient. That’s why your endpoints need securing. Doing so helps prevent your users from accidentally exposing sensitive business information, such as your  banking credentials, secret-sauce recipes or future product plans.

 

Save time and money on endpoint security

Your challenge is to protect your users while minimizing costs: How do you save time and money, while keeping your company safe?

Look for a modern endpoint security solution – not one thrown together from an old antivirus program and a fresh coat of paint.

 

How can you tell?

A start-of-the-art solution does the following:

  • Works intelligently in the background, without bogging down the user’s computer
  • Scans for malware in seconds, not hours
  • Uses a reliable, built-from-the-ground-up cloud security service to identify malware, not a huge signature file that’s quickly out-of-date
  • Works intelligently while offline, reconnecting with the cloud service to check changes made while disconnected
  • Fixes infected PCs, if necessary, by rolling back the computer’s state to a known-good point
  • Automatically monitors untrusted software executions to prevent infection
  • Allows you to enforce certain policy settings, such as use of USB ports, and prevents users from disabling security features
  • Doesn’t fight with competing installed products, to allow you to test it safely

Against and Handle Security Breaches

In the last 12 months, the number of cybersecurity attacks has grown significantly. The potential ramifications of a cybersecurity breach to a business can be devastating, such as loss of customer confidence, damage to company reputation, theft of assets and extensive administrative costs in dealing with all affected stakeholders. However, there are a number of actions a business can take to reduce the likelihood of a cybersecurity breach and deal with the consequences where the company suffers an attack, writes Barry Connolly of Flynn O’Driscoll.

Risk assessment. Similar to any other risks that a business may face, when seeking to prevent cybersecurity breaches, the first step should include quantifying the risk. In the cybersecurity context, this will include identifying certain elements of a business’s system that are particularly exposed. This will range from the vulnerability of the company’s online web presence to the possibility of physical access (on-site) to a networked platform. Risk assessments should be carried out on a regular basis so that new threats can be identified and the business remains aware of current trends in cyber threats.

 

Software Security Measures. Having identified areas of risk, tailored security measures should be put in place to address these concerns. The company’s IT environment should include effective firewalls and antivirus software to deal with threats. It should also ensure that software used in the business is kept up-to-date with the latest security patches and updates.

On-Site Security Measures. The most effective software solutions will often be rendered useless where a breach of cybersecurity occurs through a breach of the company’s system from within. Sensitive computer systems should include effective access control restrictions, server rooms should be secured at all times and disposal of IT equipment should be handled securely by competent staff.

 

Service Providers. A cybersecurity breach in a third party, providing services to a business can be just as damaging as a breach in the business itself. Unfortunately, the business is likely to have even less control in this scenario; therefore, it is essential that all relevant contracts clearly delineate responsibility between the parties. On the occurrence of a cybersecurity breach, when time is critical, protracted negotiations on liability should always be avoided. Contracts with software providers should also be reviewed to ensure that maintenance services and bug patches apply to earlier versions of the software that may still be in use, and that any software updates are made available to the company on release.

Testing. One of the best ways to reduce the risk of a cybersecurity breach is to undergo testing, such as system penetration testing. Companies can avail of a range of tools from cybersecurity providers that will simulate an attempted system intrusion or a widespread DDoS (Distributed Denial of Service) attack.

How to Secure Mobile Workforce Devices

Bluetooth is best known as the wireless technology that powers hands-free earpieces. Depending on your point of view, people who wear them either:

a) Look ridiculous (especially if shining a bright blue LED from their ear);
b) Appear mad (when apparently talking to themselves); or
c) Are sensible, law-abiding, safety-conscious drivers.

 

Whichever letter you pick, insidious security issues remain around Bluetooth attacks and mobile devices. While most of the problems identified five to 10 years ago have been straightened out by now, some still remain. And there’s also good reason to be cautious about new, undiscovered problems.

 

Here are a few examples of the mobile security threats in which Bluetooth makes us vulnerable, along with tips to secure your mobile workforce devices.

 

General software vulnerabilities

Software in Bluetooth devices – especially those using the newer Bluetooth 4.0 specification – will not be perfect. It’s unheard of to find software that has zero security vulnerabilities.

As Finnish security researchers Tommi Mäkilä, Jukka Taimisto and Miia Vuontisjärvi demonstrated in 2011, it’s easy for attackers to discover new, previously unknown vulnerabilities in Bluetooth devices. Potential impacts could include charges for expensive premium-rate or international calls, theft of sensitive data or drive-by malware downloads.

To combat this threat: Switch off your Bluetooth when you’re not using it.

 

Eavesdropping

Bluetooth – named after the Viking king, Harald Bluetooth Gormsson, thanks to his abilities to make 10th-century European factions communicate – is all about wireless communication. Just like with Wi-Fi, Bluetooth encryption is supposed to stop criminals listening in to your data or phone calls.

In other words, eavesdropping shouldn’t be a problem. However, older Bluetooth devices use versions of the Bluetooth protocol that have more security holes than a tasty slice of Swiss. Even the latest specification (4.0) has a similar problem with its low-energy (LE) variant.

To combat this threat: Ban devices that use Bluetooth 1.x, 2.0 or 4.0-LE.

 

Denial of service

Malicious attackers can crash your devices, block them from receiving phone calls and drain your battery.

To combat this threat: Again, switch off your Bluetooth when you’re not using it.

 

Bluetooth range is greater than you think

Bluetooth is designed to be a “personal area network.” That is to say, devices that are more than a few feet away should not be accessible via Bluetooth.

However, you’re not safe if you simply ensure there’s distance between you and a potential attacker; hackers have been known to use directional, high-gain antennae to successfully communicate over much greater distances. For example, security researcher Joshua Wright demonstrated the use of such an antenna to hack a Bluetooth device in a Starbucks from across the street.

Keep your statutory registers up to date

When you incorporate a limited company in Ireland, one of your main concerns should to be to keep the company (and directors) fully compliant from a legal, company secretarial, taxation and accounting perspective. With the level of corporate regulation continuously increasing in Ireland, it is of vital importance to the company and its officers to ensure all such legal responsibilities are met. If you are the director of an Irish company, these tips from Andrew Lambe of Company Bureau Formations Limited can help you and your company stay on the right track

Hire a good Accountant

One of your main priorities as a business owner is to oversee your company’s accounting and tax obligations. A good Accountant is worth their weight in gold, and can take a huge burden off your shoulders. They can take care of your company’s annual returns, payroll, VAT returns, CT returns and statutory annual accounts. It is vital that you choose a dependable Accountant to carry out these tasks as mistakes can be costly.

 

Ensure your company secretary is capable and keep your statutory registers up to date

By law, every Irish company is required to appoint a company secretary. The main duties of a company secretary are to ensure that the company complies with the law, manage the company’s daily administration and any additional duties that company directors may delegate. Whilst there is no qualification requirement for this role, it is important that your company secretary possesses the skillset and knowledge required to keep your company compliant.

The secretary will generally maintain the statutory company registers, which are required to be maintained under the Companies Act. The statutory registers include the register of directors and secretary, members, beneficial owners, transfers, directors and secretary’s interests and debenture holders.

 

Know your dates and put your company on a ‘watch list’

Once your company has been incorporated, it is good practice to add your company to a ‘watch list’.  A watch list will remind you via email that your company’s Annual Return Date is approaching and it will alert you should any changes be made to the company at the Companies Registration Office. Core.ie provides this service free of charge once you register with them.

 

Understand your role as a director

Company directors’ have a wide range of responsibilities which can be quite diverse. Company directors have to comply with the Companies Act 2014 and have duties under Common law. If a director is found to have breached company law, he or she can be liable to penalties that can range from a fine up to €500,000 or a maximum jail sentence of 10 years. There are different categories of offences ranging from 1-4 under the Companies Act.

To avoid such circumstances, company directors should become familiar with the responsibilities and duties of the role. Information can be found on both the CRO and ODCE websites.

 

Know the requirements for company letterheads and websites

One requirement that often gets overlooked is the requirement for Limited companies to list their full legal title on company letterheads. This includes the company name, company number and registered office address. As well as this, the company directors must also be listed by name in the footer. Both forename and surname must be included and the nationality in brackets beside any director who is in not Irish.

Company websites are another location where a company’s details must be displayed. This includes the company name, number and place of registration. This must be located on the website’s homepage or must be on an alternative web page that is to linked to from the homepage which is easily accessible.

If you have a database of customers or potential customers, it is important that you are aware of your requirements under Data Protection legislation.

 

Keep minutes of meetings and have an AGM

Keeping minutes of directors’ meetings is a requirement under the Companies Act and is prudent to ensure key decisions and matters are noted and dealt with. The Annual General Meeting (AGM) is a meeting of shareholders (and directors) of a company where they have the opportunity to ask questions and get information about the company. Whilst this is no longer a legal requirement for most companies, it is a good idea to ensure this takes place. It is usually the duty of the secretary to call the AGM and give 21 days’ notice to the members.

Know the risks of managing remote workers

Visions of kicking back and working from the beach with a piña colada in one hand and an iPad in the other are no longer just flights of fancy for many workers. Businesses are finding that it really is possible for employees to work remotely on their own devices without losing any productivity.

 

As a result, many companies are measuring the benefits of employees working remotely against the logistical issues inherent in developing a mobile device management plan.

There are many tangible benefits of BYOD (Bring Your Own Device), including:

  • Reduced equipment costs
  • Increased employee satisfaction and efficiency
  • Decreased IT staff burden (since employees maintain their own equipment)
  • Reduced office space square footage (as workers are mostly off-site)

The risk in BYOD is that these devices can potentially expose security vulnerabilities not directly supervised by IT staff or addressed by corporate antivirus solutions. This is where the need for mobile device management comes in.

 

A new landscape of threats

Tablets and smartphones are arguably less secure than desktop PCs and laptops because they lack pre-installed malware protection. Most computers include at least a trial version of an antivirus suite, but for the newest mobile gadgets, individual users and IT managers are on their own to search for and install mobile endpoint security management.

This vulnerability has not escaped the attention of hackers, who unleash creative new threats like SMS text messaged-based attacks on a daily basis. The old-school virus, while still annoying, does not hold a candle to the damage caused by these new approaches in cybercrime, which include more sophisticated Trojans, keyloggers, phishing attacks and malicious apps than ever before.

 

Maintaining security while not breaking the bank

Enforcing a ban on these devices is a near impossibility, but there are options for businesses on a tight budget to maintain security:

  1. The first cost-effective step is to immediately establish protocols regarding these devices in the workplace, including guidelines for acceptable use, forbidden applications and how to avoid dangerous activities, such as browsing certain questionable sites while connected to the company’s Wi-Fi.
  2. Next, evaluate your current solutions to see if they can be modified to protect BYOD devices through password enforcement, remote wiping or other protective measures.
  3. If the quantity of devices or sensitivity of data requires a more robust solution, explore whether the use of Mobile Device Management (MDM) software makes sense. MDM provides a centralized platform to manage all BYOD devices and is recommended if IT personnel are spending an inordinate amount of time securing tablets and smartphones – or if the sheer variety of devices and new threats tests their expertise.

 

Main components of an effective MDM program

If you determine that an MDM service is appropriate, how do you choose one? Use the following as a mini-checklist to cover the major recommended features:

  • Cloud-based, so updates are automatic and painless
  • Remote configuration and monitoring
  • Passwords, blacklists and other security policies enforcement
  • Backup/restore functionality of corporate data
  • Logging/reporting for compliance purposes
  • Remote disconnection or disabling of unauthorized devices and applications
  • Scalable, so new users and increasingly sophisticated devices can be accommodated easily

Whats The Big Data Mean for Your Business

First there was dot-com. Then web 2.0. Then cloud computing. Now it seems “big data” is catching all the headlines.

Big data is the term used to describe the enormous datasets that have grown beyond the ability for most software to capture, manage and process the information.  But volume is not the only way to define big data. The three Vs generally used to describe big data also include the multiple types – and sources – of data (variety) as well as the speed (velocity) at which data is produced.

 

If you need more perspective, think about this for a second: According to IBM, 90 percent of the data in the world today has been created over the past two years. That amounts to 2.5 quintillion bytes of data being created every day.

 

How can big data help me?

Big data may seem to be a bit out of reach for SMBs, non-profits and government agencies that don’t have the funds to buy into this trend. After all, big usually means expensive right?

But big data isn’t really about using more resources; it’s about effectively using the resources at hand. Take this analogy from Christopher Frank of Forbes who likened big data to the movie Moneyball: “If you have read Moneyball, or seen the movie, you witnessed the power of big data – it is the story about the ability to compete and win with few resources and limited dollars. This sums up the hopes and challenge of business today.”

Specifically, it shows how organizations with limited financial resources can stay competitive and grow. But first, you have to understand where you can find this data and what you can do with it.

 

Big data strategies

Ideally, big data can help resource-strapped organizations:

  • Target their market
  • Make better decisions
  • Measure feelings and emotions

 

Targeted marketing

Small businesses can’t compete with the enormous advertising budgets that large corporations have at their disposal. To remain in the game, they need to spend less to reach qualified buyers. This is where it becomes essential to analyze and measure data to target the person most likely to convert.

There is so much data freely accessible through tools like Google Insights that organizations can pinpoint exactly what people are looking for, when they are looking for it and where they are located. For example, the CDC used big data provided by Google to analyze the number of searches related to the flu. With this data, they were able to focus efforts where there was a greater need for flu vaccines. The same can be done for other products.

 

Decide

Big data can be like drinking from a fire hose if you don’t know how to turn all the facts and figures into something useable. But once an organization learns how to master the analytical tools that turn its metrics into readable reports, charts and graphs, it can make decisions that are more proactive and targeted. And only then will it have an intimate relationship with the “big problems” affecting the business and an understanding of how to improve its situation.

Learn more about job

He’s only been in business for five years, but Evan Doherty has already gained a reputation as one of the most sought after photographers in Dublin. The 31-year-old from Bayside counts Dunnes Stores, Debenhams and Ryanair amongst his many commercial clients. What’s more, he regularly shoots fashion advertorials with the top models like Vogue Williams, Rozanna Purcell and Teodora Sutra.

“Most days I’m so busy that the phone is constantly ringing,” he says. “It’s hard work but I’m not complaining.” Although he has long had a love of photography and always showed an artistic flair, Evan studied Sound Engineering after school. He soon found it was not for him and left after a few months to take up a role as an assistant chef working on Irish Ferries. It was only when he was made redundant in 2011 that he decided to study photography.

 

A Change of Direction

“Taking pictures was always a hobby for me. It never occurred to me to try to make a living from it,” he says. “But when my friend’s mother suggested that I do a year-long course in photography at Marino College of Further Education, I decided to give it a go. After that, I did work experience with fashion photographer Barry McCall.”

Evan was then offered a place on a fine art photography course in Dun Laoghaire Institute of Art, Design and Technology. Although it was a four-year course, Evan found he was being offered work with top clients after just two years and decided to leave. He hasn’t looked back since.

 

Learning on the Job

“I threw myself into it head first,” he laughs. “And in many ways, I learnt on the job. It helped that it was around the time of the changeover to digital from analogue photography.”

However, he emphasises that it’s not just the ability to take a good photograph that makes a good photography business. “You have to have people skills too,” he says. “And be good at marketing yourself. Of course, there is all the admin to manage too. It may sound glamorous – and believe me, it is at times. I travel all the time, work with celebrities and shoot in exotic locations. But it is a lot of hard work and you’ve got to have a good work ethic.”

 

Getting the House in Order

That’s where AIB’s MyBusinessToolkit came into play. Evan discovered the service when he opened a business account with AIB last year and has found it an invaluable tool ever since. “My accountant used to laugh at my accounts,” he says. “Realistically, it’s hard to keep track of finances when you are working all day on the job and you’re tired in the evenings.”

“What’s more, in the first couple of years I had to spend money to update my equipment on a regular basis. I needed a good computer and hired a studio on George’s Street. I used to just spend without thinking about what money was coming into my account, and I used a personal account for business so I mixed the two.”

Start up a Fighting Chance

As coach to ‘The Notorious’ Conor McGregor, John Kavanagh is someone who knows a great deal about the dedication, effort and commitment that goes into achieving success. After starting off teaching martial arts in a small shed in Dublin, John now runs the globally-renowned Straight Blast Gym which has eleven locations around the country.

We caught up with John at the recent AIB Start-up Academy Dublin Summit and asked him about the importance of self-belief and mentorship.

How important is it to have belief in yourself when starting off in business?

It’s a bit scary and a bit daunting to do something from scratch on your own. There will be days where you doubt yourself, so you definitely need to have that self-belief. I also think that you need to surround yourself with people who are similar to you and who can pick you up when you’re having a down day. You’ll be able to do it vice-versa with them. I’m pretty selective about the people I hang out with. I want to be around high-energy people who can boost me along when I’m not quite there.

As a coach, you act as a mentor to your fighters. How do you approach this role?

When a fighter is starting off, they’re able to lean on me a little bit because they’ve seen the experience I’ve had and the success I’ve had with different fighters. One of my main roles with them is to make them accountable. If they tell me they want to be a champion, I measure the hours they’ve been training. If they’re not training like a champion, they’re not going to be a champion!

Is there any advice you’d give to someone who was considering starting their own business?

Number one for me, in whatever you’re doing, is to make sure you really really enjoy it, because you’ve got to be ready for long, long hours. An average week for me is 60-70 hours and anybody I know who works for themselves would have a similar story. Unless you really enjoy something, you won’t stick with it!