Our Streamlined Custom Domain Process Saves You Time & Money

We’re excited to announce that we’ve streamlined our entire custom domain process. The new process significantly reduces the number of steps to set up a new custom domain, eliminates the need for you to purchase an SSL certificate, and automatically renews your SSL certificate for as long as your Onehub account is active.

For existing users, that means you never have to think about replacing your expiring certificates again! And not only that, because we’ve integrated with the non-profit Let’s Encrypt, you no longer have to pay a certificate authority to issue your certificates, saving you precious time and money.

Setting Up Your Custom Domain

For users new to our custom domains, the setup process has been dramatically simplified. First, choose your custom domain. Second, navigate to the “Custom Domain & White Label” section in your Admin tab and enter your new custom domain. Press “Accept Changes & Activate.” Finally, you’ll receive instructions to set up a DNS record. And that’s it! Onehub will do the work to confirm your CNAME is correct, get your SSL certificate, and manage all renewals going forward. Three easy steps for your new custom domain!

Benefits of a Custom Domain

Adding a custom domain to your Onehub account puts your Onehub Workspaces on a domain that you control. Instead of your users visiting Onehub.com to access their files, they navigate to their Workspaces and files through your site.

Having a custom domain may seem like a small change but it can have a significant impact on your business.

  • Consistency. Both your clients and your internal team members will access all of their data through your domain when working on projects. This can reduce confusion and friction in your business efforts.
  • More polished. Running Onehub on your domain gives your collaboration tools a more professional look. Having a custom domain provides clients with a level of familiarity and promotes trust in the professionalism of your company.
  • Control. You decide where and how your data is accessible.

Easy Customization with Onehub

Customizing your Onehub Account helps to provide a consistent and professional experience to your clients and team.  We hope this new feature simplifies the customization process, reduces some logistical overhead, and frees up you and your team to focus on more critical tasks.

As always, if you have any questions or comments, please don’t hesitate to reach out to our wonderful support team by emailing support@onehub.com or by calling 1-877-644-7774.

You’ve Secured Your Computer, but What About Your Business Printer?

You know all about the cybersecurity threats associated with your computer and know the importance of secure cloud storage for your business, but did you know your company printers are equally vulnerable? Business printers are an often overlooked security risk that can cause major business disruptions, financial losses, and data breaches. 

In 2020, cybersecurity experts from CyberNews hacked 28,000 business printers. Fortunately for those companies, it wasn’t a malicious attack. These ethical hackers were trying to raise awareness about printer security issues, and they only used their access to print a helpful guide called “How to Secure Your Printer.” 

Printers are a tempting target for hackers because they’re connected to the internet, store important information, and are rarely thought of as a security risk. Even a company that’s diligent about protecting work computers from viruses and hackers probably hasn’t given much consideration to securing the printers. (After all, it’s just a printer, right?) With no defense in sight, it’s an easy point of entry. Hackers can quickly gain control of your printer and then infiltrate your corporate network.  

How can a printer be hacked? 

The CyberNews team used specialized search engines to locate IP addresses with open ports. A port is essentially a communication channel that a computer or program uses to connect and transfer information. An open port is one that’s “listening” for connections and, if unsecured, can be used by hackers to gain access to the printer or computer.  

After searching for these open ports and confirming they were actual printers, CyberNews had a list of nearly 1 million vulnerable business printers. To keep the companies’ data private, they created a custom script that would only target the printer’s printing capabilities. An unscrupulous hacker could create a script that’s designed to do much worse.

In 2018, a hacker called TheHackerGiraffe also used an open port to hijack thousands of printers. TheHackerGiraffe forced them to print documents, though their chosen message was about subscribing to a YouTube channel called PewDiePie rather than a guide to securing printers. 

Despite these two “white hat” hackers revealing the extent to which business printers are vulnerable, not much has been done about it. In August 2020, TheHackerGiraffe tweeted, “About 2 years after the printer hacks, still not much has changed. The only way this will change is that if someone starts spam printing large amounts of unwanted ads or harmful content.”

What type of damage can be done with a hacked printer?

In an interview with The Verge confirming he or she was behind the PewDiePie printer hack, TheHackerGiraffe said, “People underestimate how easy a malicious hacker could have used a vulnerability like this to cause major havoc. Hackers could have stolen files, installed malware, caused physical damage to the printers and even used the printer as a foothold into the inner network.”

Let’s break down what each of those possibilities looks like.

Stealing files

Most modern business printers store copies of recently scanned or printed documents. Printing and scanning important documents are part of daily life in an office, so there’s likely to be a lot of sensitive data stored on your printer. These types of business files contain valuable information about your business and your employees. A hacker could easily exploit this data after gaining access to your printer.

Installing malware

Printers are rarely protected by antivirus or anti-malware programs. Hackers can install malware on them by pushing through an update that contains a virus or sending employees malicious (but legitimate looking) attachments from the printer. 

The goal here isn’t usually to simply infect the printer. The real targets are the devices connected to your printer and your corporate network. Once the hacker controls these, they have all the data they need to steal employee identities or intellectual property, launch ransomware attacks, and any number of other exploits.

Causing physical damage

Business printers are an expensive investment and are an integral part of a functioning office. If a hacker infiltrates your printer (or, even worse, a fleet of printers), they can “brick” it, rendering it useless. It’s a costly problem to fix and can wreak major havoc to your business operations. 

Accessing the inner network

A hijacked printer can serve as a path to connected devices and your computer network. This gives the hacker unrestricted access to your company’s confidential information (think: customer lists, credit card numbers, login credentials, employee social security numbers). They can also use this position to launch any number of attacks, from holding your business data ransom to taking down an entire network through a distributed denial of service (DDoS). 

How to protect your business printers

CyberNews created a detailed guide explaining how to protect your printer from hackers. We’ve broken down the main points below, and you can access the step-by-step guide here.

  1. Disable network printing.
  2. Secure printing ports 515, 721-731, and 9100. 
  3. Use a firewall to restrict access to network traffic.
  4. Update your printer firmware to the latest version. Firmware updates are often issued to patch security weaknesses, so it’s important to stay on top of them.
  5. Update your login credentials. Create a unique and complex password that’s at least 16 characters long.

Keep your business data secure

Technology is steadily becoming more complex and hackers more sophisticated. Protecting your business files and other data is an ongoing challenge, but it’s vital to your company’s success. After taking steps to secure your printers, be sure to evaluate the safety of your file storage and file-sharing methods. If they’re not up to snuff, we can help. Try Onehub’s secure cloud storage and file sharing free for 14 days

6 Tips to Create Strong Passwords & Keep Your Accounts Secure

In 2014, eBay was targeted by hackers. They stole the credentials of three employees and had 229 days of total access to eBay’s network. They used that time to steal the personal information and passwords of 145 million users. 

Breaches like this are becoming increasingly common, so your employees must understand how to create strong passwords and keep their business accounts secure. 

6 best practices to create strong passwords and keep your business accounts secure 

1. Create long, complex, and unique passwords 

It’s no surprise that people often create short, simple passwords; they’re just easier to remember. Unfortunately, they’re also a cinch to crack. 

Hackers can crack a simple and commonly used password such as “password123” in approximately .29 milliseconds. An account with a password like that might as well not even have one. In contrast, a long, unique, and complex password such as “DOfi8!ryODoyEsNe8b” would take about 1 trillion years to crack. No one’s got that much time to spare, so your account is much safer. 

A strong password has a minimum of 16 characters and includes a mix of upper and lowercase letters, numbers, and symbols. It also has to be unique. Without the unique factor, it’s entirely possible to have a terrible password that follows all of these guidelines (e.g., Iloveyou1234567!). 

If you combine a solid password with smart cybersecurity practices such as keeping your devices updated, you can rest easy knowing your accounts are about as safe as they can get. 

2. Sentences or phrases are better than single words

It’s quick and easy for single-word passwords to be compromised. Never make your password a single word, even if it’s “disenfranchisement” or something similarly long. Hackers can use dictionary attacks to crack this using software that tries all the words in a dictionary or other word list successively until it finds a match. 

3. Don’t include personal information in your passwords

The amount of personal information that’s readily available on social media and other public websites is staggering. It’s no trouble for a hacker to find out your full name, date of birth, partner’s name, pet’s name, etc. This type of information should never be used in your passwords.

4. Use two-factor authentication to render stolen passwords useless

Two-factor authentication is a method of account verification that requires a password and a second piece of information to complete your login. The second factor is often a PIN, a security code sent to a mobile device, or security questions. For more advanced 2FA, the second factor could include biometrics such as voice or facial recognition. 

Two-factor authentication provides an added level of security for your accounts, and it should be used with any business accounts that offer it. Some users find 2FA frustrating because it adds additional time to the login process; however, this extra step takes less than a handful of seconds. The reward is well worth it as 2FA seriously ups the security level of your accounts by rendering stolen passwords useless. 

Because some employees find the extra step of two-factor authentication frustrating, they may opt not to use it on their business accounts despite company policy. Onehub addresses this issue with our Advanced, Data Room, and Unlimited plans. Administrators can require two-factor authentication across the entire account to ensure secure, stress-free cloud storage and file sharing. 

5. Encrypt stored passwords

One drawback of having unique and complex passwords is that they’re difficult to remember. If you’ve created a document to track your passwords, make sure it’s encrypted. Encryption makes your text unreadable to unauthorized people who don’t have the decryption key. 

The type of encryption you use matters, too. For example, Onehub uses 256-bit encryption to protect data both in transit and at rest. This is the same level of encryption used by banks and the CIA. Cracking it would take approximately 27 vigintillion years, which is longer than our universe has even existed. 

6. Don’t use the same password for multiple accounts

You’re probably tired of hearing this, but 51% of people keep doing it, so it bears repeating — do not reuse passwords. None of your accounts, personal or professional, should ever share a password. If your password is stolen or hacked, you can minimize the damage by keeping the breach to one account. 

Onehub is all about security. We offer two-factor authentication, 256-bit encryption, and strong password requirements. We can keep your passwords and other business data safely encrypted and stored within your Workspace for easy access. Try us out for free for 14 days!

How to Get Your Work Email Under Control

Why is work email so stressful? Most emails can be read and responded to in under a minute, so the amount of anxiety we feel when checking our inboxes seems disproportionate to the amount of effort the task takes. 

In an interview with Business Insider, psychologist Ron Friedman explains why work email takes such a toll on employees. He says, “The reason it can feel overwhelming to find lots of emails in your work inbox is that each message represents another demand on your time and another decision you have to make. Even deciphering a generic announcement about the office coffee maker requires effort, which leaves less energy for work that matters.”

Work email also has a sneaky way of monopolizing your time. All those “quick” emails add up to an alarming number of hours each day. Adobe did an email usage study in 2016 that found employees spend over four hours every weekday on work emails. 

While you can’t simply stop checking your inbox, there are many ways to optimize it so it’s less stressful.

Secure your inbox

Cybersecurity is so important in today’s workplace, but very few companies make it a priority to train employees on common security threats. If you think an endless sea of unread emails is stressful, just wait until the sensitive business file you emailed gets hacked. 

The first step in your email management plan should be to protect your business data from outside threats so you never have to worry about causing a serious security breach. 

Follow these three tips to make your email more secure:

  1. Never send files via email

Intercepting an emailed file is child’s play for a hacker. Email providers simply aren’t set up to keep attachments safe. Instead, use a file sharing service such as Onehub that offers bank-level encryption and secure network connections to protect your messages and files. 

An added benefit of using a file-sharing service is never having to dig through huge email threads looking for files. Onehub keeps files organized and has a powerful search tool to ensure you can always find what you’re looking for.

  1. Don’t open links or attachments from unfamiliar email addresses.

Clicking a link or opening an attachment in a spam email is the most common way computers get infected with malware. If you accidentally open a spam email, you’re ok as long as you don’t click anything. Delete it or report it as spam to get it out of your inbox. 

  1. Keep your computer, phone, antivirus software, and internet browser updated.

Updates can be annoying because they sometimes take a while and can interrupt your work; however, it’s essential to stay on top of them. Updates are often issued after a security vulnerability has been discovered. If you postpone updates, your devices and software could be vulnerable to cyber attacks.

Organize your emails

Ever wonder how those “inbox zero” people do it? We did, too, so we looked into it. It turns out the answer is simple: They have a system. They’ve utilized every trick they know to customize their inboxes to a system that works best for them, and they maintain it. There isn’t a one-size-fits-all solution for inbox organization, but we’ve collected the best tips for you to test out on your journey to inbox perfection. 

Create folders, but keep them simple

It’s much easier to keep your emails organized if you sort them into different folders; however, you don’t want to go overboard with it. Having too many will make it harder to keep track of things and organizing emails into their respective folders will become too time consuming. 

The goal with folders is to essentially turn your primary inbox into a holding zone where you quickly review new emails and either respond immediately or send them to the appropriate folder to be dealt with later. 

Try to create a system with no more than five custom folders. The types of folders you make will depend on your personal preferences. For example, you could create a folder for emails that need to be handled before the end of the day and another folder for emails that require a response but aren’t time sensitive. 

Another helpful option to consider is an “FYI” folder. This folder is for emails that don’t require a response and contain important information you’ll likely need to reference in the future. 

Play around with different folder combinations until you find the right system for you.

Here’s how to create folders in Outlook and Gmail

Archive

You never know when you might need an email, so hitting “delete” can feel too permanent. You can still clean up your inbox by archiving old emails. Archiving emails transfers them out of your inbox and into an archive folder where they can be retrieved later if needed. 

Here’s how to archive emails in Outlook and Gmail.

Unsubscribe 

If you’ve acquired email subscriptions that aren’t useful to you anymore, unsubscribe from them. Even if you know you don’t have to read or respond to them, seeing unread emails in your inbox is visually distracting and creates unnecessary clutter.

Save time and stress

Create canned messages

Templated messages can save you an enormous amount of time, but they do come with one caveat. Always make sure you’ve customized any placeholder text in your message before you hit send. 

No one wants to feel like they weren’t worth an original response, so receiving an obviously templated message can sting a bit. This is especially important if you’re sending a canned message to a customer or client. 

A good failsafe is to cut the recipient’s email from the address field, select the canned response, customize the message, and then paste their email back in. If you get ahead of yourself and press the send button before you’ve updated the placeholders, you’ll receive an error message. This is your sign to review the text and make the necessary changes before pasting in the email address and hitting send again.

Here are three situations that are perfect candidates for a canned response:

  1. Declining an offer or request

A canned response is perfect if you regularly receive offers or requests from vendors, nonprofits, or other external sources. Keep it short and to the point to discourage follow-up emails.

“Thank you for reaching out, but I’m not interested. 

Best, 

[Name]”

  1. Scheduling a meeting

Avoid all the back-and-forth that comes with trying to schedule a meeting with someone. Instead, send a templated response with a link to your calendar.

“Hi [Name],

I’m looking forward to meeting with you about [XYZ]. Here is a link to my calendar. [Link] Please choose a time that works best for you.

Kind regards, 

[Name]”

  1. Avoiding a meeting

Meetings are time and energy intensive. If you’re too busy for a meeting or you’re not convinced yet that the topic is worthy of a meeting, send a canned response that will keep the discussion on email. 

“Hi [Name],

I’m interested in learning more about [XYZ], but my schedule is full at the moment. Let’s continue the discussion via email for now. 

Thank you!

[Name]”

Here’s how to create email templates in Outlook and Gmail.

Turn off desktop notifications for new emails

New email notifications can quickly derail your productivity. If you’re working on something, you don’t need to be interrupted every time a message lands in your inbox. Most employees obsessively check their work email, so even if you receive an important message, it won’t sit in your inbox unseen for too long. 

Here’s how to turn off desktop notifications for Outlook and Gmail.

When all else fails, abandon ship

If your inbox is so out of hand that you don’t feel you can salvage it with the tips above, it’s time for extreme measures. 

Create a folder called “Old Email” or something similar, and move all of your emails into that folder. If any current messages still need your attention, you can handpick them out of the “Old Email” folder and move them back to the main one. 

After this, your primary folder will be a clean slate. You can use the tips we’ve covered to create a new system to prevent another inbox implosion. 

Here’s how to move emails in bulk for Outlook and Gmail.

Email is always going to be part of your work day, so it’s worth investing some time to keep things organized. An organized and secure inbox will pay long-term dividends. It gives you peace of mind and allows you to use your energy for work that actually matters. 

If you’re starting your journey to inbox zero, Onehub can give you a much safer alternative to emailing files. Sign up today for a free 14-day trial!

Streamlining Document Approvals for Better Project Management

Project managers are the unsung superheroes of the professional world, but document approvals are their kryptonite. All the delicate work of navigating a team’s disparate personalities, accounting for their strengths and weaknesses, and keeping a close eye on approaching deadlines is for naught if the work isn’t approved in a timely manner. 

Every project reaches a point where work can’t continue without another person’s approval, usually a paying client. So, how do you get a document approved on time without harassing your client? 

Create a secure, standardized system for document approvals

Select the right business software

We’re well past the days of managing projects with paper files strewn across desks or never-ending email threads with attachments buried so deep you’ll never see them again. 

Successful companies need technology solutions such as Onehub to keep documents organized, provide secure file sharing and storage, enable easy collaboration, and give admins total control over each users’ access level. 

If your company doesn’t have designated software for file sharing and project management, or what you have isn’t fully meeting your team’s needs, it’s time to find a better way. 

A great tech solution for project management will include: 

Secure file sharing

File security is number one on this list because it should be a non-negotiable requirement for any business software you’re considering. Business files are too valuable to risk a security breach. It puts your company’s intellectual property at risk and can permanently damage your brand’s reputation if your customer data is leaked. 

Onehub uses bank-level encryption to provide the best protection for your company’s files and communications. We take data security very seriously, and any business software provider you’re considering should do the same.

Easy approvals

It’s human nature to put off tasks that seem like a hassle, so document approvals need to be as easy as possible to ensure clients get to them quickly.

Look for software that conveniently keeps everything in one place and sends automatic notifications about approval tasks. Automatic notifications mean you don’t have to worry about informing your clients about the documents waiting for their review.

For maximum convenience, when clients click the link within their notification, they should be able to easily access the document and read any related comments left for them by your team.

In-browser document previews are another great feature to look for. It saves clients time and hassle by eliminating the need to download the file and open it in another application. When the moment finally comes for the client’s approval, they should be able to do it with one simple click. 

Roles and permissions for security

While you need client approvals to complete projects, you don’t necessarily want to give them free rein within the project management platform. 

Most projects have a mix of files that are client facing and ones that are only meant for internal use. It’s important to keep all these project files together for organization and convenience, but you need to control what your clients can see. Software with precise roles and permissions makes this easy.

It’s also important to consider what you want your clients to do with the files. For example, if you’ve submitted a document for approval that contains carefully worded legal statements, you probably don’t want your client changing those directly in the document. Instead, you can give view-only privileges, and the client can leave a comment with the concerns they want addressed before final approval. 

To keep approvals on track and sensitive files secure, be sure to select a provider that offers granular control over roles and permissions.

Collaboration tools

Collaboration is an essential part of any well-functioning business. An all-in-one platform that provides collaboration features in addition to data security and easy approvals will ensure you get the most out of your project management solution. 

Some of the most important collaboration tools are messaging, task assignments, file synchronization, and file version control. Messaging and tasks support easy communication between colleagues and make it clear what work needs to be done. File syncing and version control keep everyone working with the most up-to-date information no matter what devices they’re using. 

Standardize the procedure

Have a written plan for document approvals. Include this information as part of your onboarding and make the information easily accessible to all employees.

The plan should cover these basics:

  1. How to submit a document for approval
  2. How to notify the client that there’s a document ready for them to review
  3. What level of file access clients need for approval 
  4. How to set a deadline for the approval

The details of how these steps work will vary depending on the business software your company uses. 

In Onehub, admins can invite clients to a digital Workspace or Client Portal and choose the level of access they should have. Employees can then add the document that needs approval to the platform and create an approval task for the client that includes a deadline. The client will automatically receive a notification once the task has been assigned. They can easily view the task, notes, and document in one place, and they can finalize the approval with one click. 

When you make your document approvals simple, clients are less likely to put off doing them. It also makes it much easier for the team to keep track of any comments or questions a client may have in addition to tracking approvals.

Educate your clients on document approvals

One big reason clients may delay approving a project milestone is that they’re not sure how to do it properly. Managers tend to focus on instructing their teams on what needs to be done for a client’s project and often overlook the fact that the client needs instruction, too. 

Clients need to know 2 key things about document approvals

How do they approve a document? 

Your client needs to know how to provide approvals. These days, most companies use business software to share files securely, communicate with their teams efficiently, and keep important documents organized. 

The software your company uses may not be familiar to your client. Document approvals that seem obvious to you could leave your clients feeling overwhelmed or confused as they navigate an unfamiliar platform. 

It only takes a few minutes to educate your clients on where to find the documents submitted for approval, how to leave comments or questions for your team, and how to finalize approval.

What is the deadline for the document approval?

Your team may need approvals done within a specific time period to keep the project on deadline, but did anyone tell the client that? 

Clients don’t know how your team works or how long specific tasks will take to complete. If the final project deadline is weeks away, they may feel they have plenty of time to review milestone documents. Meanwhile, your team is staring at the clock trying to figure out how they’ll manage to complete the rest of their work within the ever-shrinking time frame.

With just a little instruction, your clients will feel more confident with the document review process and will understand the need for prompt approvals. Rather than a hindrance, client approvals will become a valuable part of your project management. 

Putting it all together

To keep your projects running smoothly, you need a document approval plan, client education, and a robust technology solution that provides secure file sharing, simple approvals, and valuable collaboration features.

Try out Onehub’s file-sharing and project management tools to see how much better document approvals can be. Sign up today for our free 14-day trial!

Is Shadow IT Putting Your Business Data at Risk?

What is shadow IT?

Shadow IT refers to your employees’ use of software, apps, email, browsers, or devices that aren’t part of your company’s approved technology plan. This tech is outside your IT team’s control and may violate security protocols. It creates a serious cybersecurity risk that could cost your company millions. It also means all the money spent on authorized devices, apps, and software is going to waste. 

What does shadow IT look like in action?

  • Employees sending work documents to their personal emails to use when working remotely
  • Departments deciding independently to adopt a new collaboration app they prefer 
  • Employees saving business data to personal cloud storage that doesn’t have enterprise-level security
  • Workers storing confidential business files in apps on their unsecured mobile devices
  • An IT team that becomes ineffective at controlling security risks because they have no idea what random tech employees are using

It’s chilling to realize your employees may be putting intellectual property and other sensitive data at risk. Though it’s a serious security threat, try to keep in mind that employees don’t do this with malicious intent; they’re simply trying to provide themselves with the tools they need to perform their jobs well.

To solve this problem, you must get a comprehensive look at the scope of your company’s shadow IT and understand why employees are choosing to use this unauthorized technology. 

How to eliminate the threat

Identify the scope of shadow IT within your organization

You can’t protect against unknown threats, so the first step is to shine a light on all the shadowy activity in your business. 

Tracking apps such as Microsoft 365 Cloud App Security can pinpoint what applications are running on your network. Shadow IT accounts for 50% of the tech used in most companies, so don’t be shocked if you see a figure close to that. 

Tracking apps can help you evaluate the security threat level associated with each shadow app so your IT team can take action if needed. These apps can also help you determine which employees are using the shadow tech so you can talk to them about the threats involved and, most importantly, find out why they’ve gone outside of recommended technology solutions.

Understand why employees prefer using shadow IT 

Now that you have a clear understanding of all the errant technology your employees are using, it’s time to identify why they prefer this over the sanctioned options. You can do this by comparing the features of the shadow IT to the software and other tech in your company’s official technology plan. You can also conduct a survey asking employees what they like about the unauthorized programs and what they dislike about the company-approved technology. 

Common reasons employees ditch authorized technology in favor of shadow IT

  1. The user interface is outdated or difficult to use
  2. It lacks the tools and features they need 
  3. It’s painfully slow
  4. There’s no mobile option

Moving forward with a better technology solution

After evaluating the various shadow software and gathering firsthand information from employees, you may find that one or more of the shadow IT options is a better fit for your business. There’s no reason to hold on to antiquated technology that no one wants to use. If the shadow tech has the features your team wants, provides the level of security your business needs, and fits the budget, go for it! 

If none of the currently used shadow IT is appropriate for your business, it’s time to look for better options. Compile a list of the features your team wants most and the security protocols that are non-negotiable. 

Ideally, you want to find a solution that fits as many needed features as possible into one service. If employees have to navigate half a dozen apps to complete a task, they’re going to continue circumventing your company’s software solutions in favor of a more convenient option. 

What security measures do you need to keep your business data secure?

Encryption

Encryption is a process that makes your data useless to unauthorized users. If a hacker manages to get their hands on an important file, they won’t be able to read the information. Look for a business software provider that offers 256-bit encryption (i.e., the same encryption the U.S. government trusts to protect top secret files). 

Also, keep in mind that your business data needs to be encrypted when in transit (sharing a file) and at rest (in storage). Only 9.4% of cloud service providers encrypt data at rest, which means they aren’t providing secure data storage. 

Hackers are well aware of this vulnerability and will exploit it whenever they can. Just ask Equifax; they learned this lesson the hard way in 2017 when attackers stole the unencrypted stored data of over 145 million people. 

Two-factor authentication

Two-factor authentication is a user authentication method that requires a password and an additional step such as a code sent to a mobile device or an ID card. It’s a much safer method of authenticating a user than password-only logins. 

Most of us are guilty of reusing passwords, and it creates a huge security risk. If an employee is reusing a work password — or, even worse, a work password and work email— any data breach in a secondary site will jeopardize the work account. It’s essentially putting the keys to the castle right in the hacker’s hands. 

Two-factor authentication dramatically reduces this security threat. If an unauthorized user gets hold of an employee’s login credentials, it won’t matter. The second level of authentication isn’t available to them, so they can’t access the account. 

Precise roles and user permissions

Software that allows you to customize the way each employee, client, or vendor can interact with your business files is an essential security feature. Granular roles and permissions let you decide what information a user sees and how they interact with it. 

When evaluating various providers, get a clear idea of the amount of control and customization their roles and user permissions allow. You should easily be able to do things such as add or remove permissions at any time, “view as” each role to ensure it provides the level of access you expected, and dictate whether users are allowed to edit, print, or download documents. 

Strong password enforcement

Two-factor authentication is the best way to authenticate accounts securely, but that doesn’t mean it’s ok to use a simple password. Technology advances rapidly, as do the tricks available to hackers. Ensure your employees’ accounts are as secure as possible by enforcing strong passwords. 

The anatomy of a strong password:

  • No sequential numbers
  • No personal information such as name or date of birth
  • At least 12 characters long
  • No common substitutions such as a dollar sign to replace an “s”
  • Use a mix of uppercase and lowercase letters, numbers, and symbols

What software features do most employees want?

Easy file sharing

Employees need to be able to securely share business files with colleagues, vendors, and clients. For the most convenience and flexibility, your employees should have various file-sharing options such as secure direct links for people who don’t have account access, password-protecting files, and setting expiration dates for access.

Communication tools

Good communication is the foundation of a good business. A technology solution that enables fast, easy communication across teams is a valuable asset that boosts productivity and employee engagement. Set your team up for success with features such as leaving comments on specific files or folders, sending messages within the platform, and assigning tasks. 

File syncing and version control

Automatic file syncing and version control make collaboration a breeze. 

Ever been stuck trying to figure out which version of a project file is the most recent? How about working hard on a document and then realizing it doesn’t reflect the team’s recent additions? At best, those issues are extremely frustrating. At worst, they derail important projects and could lose your company money.

Secure data storage providers such as Onehub make sure this never happens to you or your employees. Files are automatically synced across devices, so an employee can go from their laptop to their phone and still have the correct file information at hand. 

Software integrations

Microsoft Office Online and Google Docs are two standard options for creating and editing files. You can save your employees a ton of time by selecting a software provider integrated with both. That means employees can preview, create, and edit documents without having to leave the platform. If you consider the number of files an employee works with daily, you can see how that time savings add up. 

DocuSign is another great integration to look for. If your company regularly needs clients to sign non-disclosure agreements, contracts, or other important documents, this is a valuable feature to consider. Not only is it faster and easier for your employees, but your clients will also appreciate not having to print, sign, scan, and email the files back. 

The best way to prevent the security threats that come with shadow IT is to provide employees with a robust software option. Onehub provides all the security features your company needs and all the tools your employees want. For the best of both worlds, sign up today for our free 14-day trial

Your Guide to Collaboration That Empowers Your Team

Collaboration is an essential tool for an organization’s success. It’s also one of the most difficult to master. Many company executives have gone to great lengths to foster workplace collaboration, from open-plan offices to extravagant team-building retreats. 

Judging by the responses to a recent survey, these efforts haven’t been successful. Nearly 90% of employees blame workplace failures on a lack of collaboration or ineffective communication. 

Designing office spaces to enhance teamwork and encouraging employees to meet in person regularly have long been the go-to tactics for fostering a collaborative work environment. As the general workforce becomes more distributed and focused on remote technology, companies face even more challenges.

Whether your team works together in person or on separate continents, the tips below will empower your employees’ collaborative efforts. 

Improve communication 

Collaboration centers around communication, so it’s the perfect place to start building a team that works together well. 

Make communication a standard practice in the office. Have regular staff meetings to remind everyone of the company’s goals and keep them informed about the progress and remaining tasks on any big projects. This will also give employees ample opportunities to ask questions and present their ideas within a group setting. When this becomes the modus operandi, your team will begin to feel more comfortable working alongside their colleagues (literally or remotely). 

Online collaboration tools can help you establish this new communication-focused routine. With Onehub, you can create a digital Workspace dedicated to your team’s collaborative efforts. All relevant files are stored in the Workspace for easy access, and comments and messaging allow colleagues to reach out at any time with questions or ideas.

By providing specific collaboration tools and making it clear to your team that communication is a priority, you’re establishing a positive environment where collaboration can thrive. 

Share resources 

The adage “Knowledge is power” is especially fitting in the workplace. It’s no coincidence that companies store hundreds of terabytes of data. All that information is a valuable resource, and employees need to access it regularly to do their jobs well. 

In addition to accessing information resources, your employees also need help in the form of online collaboration tools. These types of digital resources aren’t only for remote teams. The Millennial generation will soon make up the majority of the workforce, and they’re much more productive when communicating and collaborating through technology. They are radically changing the workplace dynamic, and digital team tools are becoming a basic necessity for good collaboration.  

When evaluating online collaboration tools to offer your team, think safety first. Secure file storage and sharing are of the utmost importance. Earlier, we mentioned that data is a valuable resource for your team. Unfortunately, it is also valuable to hackers. That means your business files need to be protected by high-level security protocols such as encryption, two-factor authentication, and granular access permissions.

Once you’ve ensured the cloud storage and file-sharing provider has your data security covered, the next feature to look at is functionality. Is the software easy to use? Does it provide ways for your team to communicate within the platform? Does it offer a robust selection of document collaboration tools? 

Collaborative team tools such as Onehub’s file versioning and syncing allow employees to work together more efficiently. Nothing brings document collaboration to a halt faster than someone working from the wrong version of a file or in a file that isn’t synced. It’s a trainwreck, and workers lose precious time and momentum as they try to fix it. You can make sure no one on your team has to suffer through that fate again by providing them with the online collaboration tools they need. 

Define roles

Unclear expectations can derail a project quickly (and may also lead to employee burnout). You can encourage better collaboration by defining each member’s role. If multiple departments are working together, be sure to identify each team’s overall purpose within the project. 

If certain roles require access to sensitive business files, Onehub can help you create digital roles within the platform. With granular permission settings, you can store all project files in one convenient location while only allowing certain users to access confidential information. Our “view as” feature allows you to preview the Workspace in different roles to double check that everyone’s been assigned the correct level of access.

Employees also need clear guidance on what tasks they need to complete. For complex projects, especially ones with multiple deadlines, it’s helpful to have a “task” tool in your chosen business software that allows you to assign tasks to each team member. 

In Onehub’s interface, admins can view all assigned tasks or sort them by employee to check overall or individual progress. Each employee can see what tasks they have assigned to them, so they always know exactly what’s expected of them. This feature also allows managers to monitor everyone’s workload and prevent anyone from being buried under a mountain of work.

Whether you choose to go digital or analog to assign project roles and tasks, this level of clarity is essential for good workplace collaboration. 

Encourage brainstorming

Create a physical or digital workspace where employees can connect to brainstorm. There should be a strict “no bad ideas” policy to encourage everyone to share their thoughts, even if they aren’t fully formed yet. This establishes a creative, collaborative atmosphere where all employees have equal opportunities to be heard without judgment. This is a fantastic way to come up with fresh ideas to move your business forward, and it doubles as a team-building exercise that will enhance future collaborations. 

To ensure no brilliant ideas get overlooked, create and share a file with the team that recaps each brainstorming session. Team members can easily access the document whenever they need some inspiration. You never know — there may be some gems in there that will inspire a future project!

Onehub can set your team up for successful collaboration. Sign up today for a free 14-day trial to see all the ways we can help. 

Data Encryption: Learn the Basics to Protect Your Business Files

What exactly is data encryption?

Data encryption is a complex facet of data security that consists of high-level mathematics and cryptography. Encryption protects data such as business files by making the information unreadable to unauthorized users. An algorithm processes the regular data (plaintext) into an encrypted format (ciphertext) that requires a key to access. If a hacker intercepts encrypted data, it’s useless without the decryption key.

Fully understanding data encryption would require a stack of reference texts and countless hours of study. Luckily, a deep understanding isn’t necessary to make informed decisions about protecting your business data.

If we told you right now that Onehub uses 256-bit encryption to protect your data both in transit and at rest, would you know if that’s good? If your answer is no, that’s okay. We’re going to cover common questions and terms that will give you sufficient working knowledge of data encryption for your business. 

Do I really need to encrypt business files? 

Yes, urgently. 

In a report to Congress, the Congressional Research Service stated, “[Strong encryption] is important because the world has become more connected, and attackers have become more persistent and pervasive. It is difficult to overemphasize the extent to which Internet-connected systems are under attack.” 

The average cost of a data breach for a U.S. company is nearly $4 million. On top of that, customers are wary about continuing to do business with a company that exposed their personal information. 

Avoid this nightmare scenario with sensible cybersecurity protocols. Encrypting your company’s data should be standard practice because it renders any stolen data useless. 

Why can’t I just password protect files?

Some people rely on password-protected files or password-protected folders to keep their information safe, but this is a woefully inadequate security measure. 

Passwords are easy to crack. In 2020, nearly all of the most commonly used passwords could be cracked in under one second. (Not surprising considering the most common password was “123456”.) Hackers can even avoid this half-second inconvenience if they’ve acquired your passwords from a data breach. They simply log in, collect all the juicy information they can find, and then sell it for easy money.

To give you a real-world comparison, password-protecting a file is like the lock on your child’s diary, and data encryption is Fort Knox. If you encrypt your data, no one is getting access unless you want them to.   

How does encryption work?

A cryptosystem, a complex series of algorithms, controls data encryption. The system uses encryption and decryption algorithms to switch up the characters contained within the data. The encryption algorithm is responsible for substituting plaintext characters to turn the data into unreadable ciphertext. The decryption algorithm reverses this process, changing the protected information back into readable plaintext.

To give you a visual of how the process works, imagine you need to send a box full of diamonds to a very lucky friend. Obviously, the diamonds are valuable, and many people would love to get their hands on them. You decide to secure the box with a padlock. Before sending the locked box to your friend, you send them the padlock key. Once you use the padlock to secure the box, the only person who can open it is your friend who has the key. 

That is encryption and decryption in a nutshell, though it does leave out one crucial aspect. A padlocked box can be broken into by brute force, whereas encrypted data is impenetrable without the key.

What’s the difference between 128-, 192- and 256-bit encryption?

The number in front of “bit” represents the numeric length of the key used to encrypt data. The difference between them is simply the number of bits in the encryption key. The more bits, the more time it will take a hacker to crack the ciphertext.

128-bit and 192-bit encryption are both considered relatively safe to use right now, but they are becoming increasingly less secure as technology advances. 256-bit encryption is one of the most secure data encryption methods available today. Banks use this encryption method to protect sensitive financial information, and the U.S. government trusts 256-bit encryption to protect top secret information

Can encrypted data be cracked?

In theory, yes. It’s a math problem, and it can be solved, but the security of data encryption lies in its mathematical complexity. While it’s technically possible to crack encrypted data by brute force, the amount of time it would take is astonishing. 

For a hacker to crack 256-bit encryption without the key, it would take approximately 27 trillion trillion trillion trillion trillion years (aka vigintillion years). For context, our universe is less than 15 billion years old.  It’s more likely that the universe would end before the encryption was ever broken (Scrambox).

What does it mean to encrypt data in transit and at rest?

When you share a file via the internet, that data is in transit. The thousands of business files saved to your local or cloud server are at rest. Files are vulnerable in both states, though at-rest data is overlooked in many security plans.

According to a study by McAfee, 81.8% of cloud storage providers encrypt in-transit data; however, only 9.4% encrypt data at rest. Hackers know this, so instead of trying to crack encrypted in-transit data, they look for unprotected data at rest.

Equifax’s 2017 data breach is a prime example of why encrypting both is essential. The personal information of over 143 million customers was breached because the company did not encrypt its stored data. 

Ex-CEO Richard Smith confirmed that the stolen data was stored in plaintext. He went on to say, “There are varying levels of security techniques that the team deploys in different environments around the business” (Wired). 

Is it just us, or is that statement meaningless? 

Generalized statements like Smith’s should be a red flag to anyone evaluating data security or cloud storage providers. If they can’t plainly state their security strategies, strike them off your list and continue your search. Companies with solid security and encryption protocols will be happy to share the methods they use to keep your business data safe. 

Safeguard your business data today

Protecting your business files should be a top priority in 2021. The internet can be a scary place for data, and there’s too much at risk to leave valuable company information unprotected. Encrypted files give you the peace-of-mind you want for your most sensitive data.

Onehub takes data security seriously. Our 256-bit encryption protects data both in transit and at rest, so our clients’ business information is as secure as top secret government files. Sign up today for our free 14-day trial, and rest easy knowing we’ve got you covered.