Regular Software Updates Keep Your Business Secure and Productive

Installing updates is one of the simplest ways to protect your company’s files and keep your business running smoothly. Devices and software that are up to date provide data protection, improved functionality, and helpful integrations. 

Why do companies issue software updates?

To improve security

A known vulnerability is a glitch or weakness in software or operating systems that hackers can exploit. When a software company identifies a vulnerability and finds a solution, they release a security patch to fix it. This patch comes in the form of a software update. 

There are many reasons it’s essential to stay on top of updates, but digital security is one of the most important. Cybercrimes are steadily increasing, and businesses are a favorite target for hackers. Companies store sensitive data ranging from customers’ credit card numbers to intellectual property, and this data is incredibly valuable. Hackers can encrypt this data and demand a ransom for the decryption key, use a known vulnerability to take your business offline, or conduct any number of other malicious schemes. 

To add or remove features

Software updates are also issued to add new features, remove outdated features, and improve functionality. These updates can enhance the user experience and offer your company better tools for productivity and efficiency.

To offer new integrations

Updates can also be issued to make the software more compatible with popular programs. For example, Onehub recently updated its file-sharing and cloud storage platform to integrate DocuSign. This allows Onehub users to get electronic signatures from clients quickly and easily. 

What are the risks of not installing updates promptly?

It’s important to install software updates as soon as possible. We’re all guilty of hitting the “install update later” button when we’re in the middle of something, but consistently putting off updates can have significant consequences.

Data breaches

The biggest risk of not staying on top of software updates is a cybersecurity attack. Updates act as a data safeguard, ensuring a malicious individual can’t easily steal sensitive business information or hold your data for ransom. 

Once software has a known vulnerability, it becomes a favorite target for hackers because they already know exactly how to exploit it. There’s no time-consuming guesswork involved. Even after a software company releases a security patch, hackers will still target these programs. They know that many people, especially employees, don’t bother to update their computers or software. 

A good digital security plan can help employees understand the importance of data safeguards such as regular software updates.

Lower productivity

Not installing software updates also means your company is missing out on great new features that could dramatically improve collaboration, productivity, or efficiency. This risk is often overlooked since you’re unlikely to know what you’re missing out on. But competition among businesses is tight, and if your competitors are benefitting from faster, better tools, your business could fall behind. 

Unusable software

Installing updates ensures that your software stays compatible with your operating system and the other programs it interacts with. If you’re behind on updates, you may find that some or all of the features of your software stop functioning. 

Lost time

The longer you put off computer updates, the more updates you’ll need to install. If you stay on top of updates, you most likely won’t have to wait very long for a single one to install. But if they’ve been piling up for months, it may take ages to complete all the updates. During that time, you’re essentially out of commission work-wise. 

This is especially frustrating if your software has stopped working and you need it updated ASAP so you can meet an important deadline. You resign yourself to restarting your computer, anticipating a brief, single update, and instead, you have three months’ work of updates being installed in succession. It’s an easy situation to avoid; simply make software updates a regular part of your work routine.

Ensuring your business software stays updated company-wide

Choose cloud-based software

Cloud-based software such as Onehub doesn’t require users to install updates. Every time you log in, you’re accessing the most up-to-date version of your cloud software. This makes it extremely efficient and more secure since there’s never any delay in installing vital security patches. 

Allow automatic updates

Many devices and software have an option to install updates automatically. Allowing automatic updates means you don’t have to worry about remembering to check for or install updates. If you choose to do manual updates, it’s helpful to pencil them into your work schedule so you don’t forget.

Create a digital security plan

The best way to ensure software and devices are being regularly updated company-wide is to create a digital security plan. The plan should cover common cybersecurity threats and effective data safeguards such as regular updates, strong passwords, and two-factor authentication. Make sure employees know they are responsible for keeping their work devices updated, as well as any personal devices that they use for work.

Onehub can keep your company’s data secure while providing first-class business tools for collaboration and productivity. Try Onehub for free for 14 days!

7 Browser Extensions to Increase Your Work Productivity

Thanks to extensions, browsers aren’t just for navigation anymore. Extensions are add-on features that extend the capabilities of your browser. Extensions fall into many categories such as productivity, communication, fun, and security. 

Onehub was founded on a passion for business productivity, so it should come as no surprise that we love finding new tools to help us get the job done. We’ve put together a collection of browser extensions for Firefox and Chrome that we think you’ll love. Though we’ve focused on the two most popular internet browsers, nearly all offer extensions, and many of these add-ons are available on multiple browsers.

Safety first

Before we dive into the list, let’s talk about safety. 

Chrome and Firefox both do a good job of reviewing extensions before adding them to their respective web stores, but there’s always a possibility that some bad apples sneak by. Before you download any browser extension, even ones on this list, always do your due diligence to ensure it meets your (or your company’s) standards for security. 

Check the permission requests

Many apps need certain permissions to function correctly. Always review the permission requests to determine if they align with the app’s purported functionality. For example, the NicCage extension requests access to your website data so it can replace web images with pictures of Nicolas Cage. That makes sense, relatively speaking. If this extension requested the ability to open files downloaded on your computer, that would be a red flag. 

Evaluate the creator

If a company developed an extension, check out their website. Do they seem reputable? A badly designed website and copy that’s full of grammatical errors are signs that a company isn’t legitimate. 

Individual developers create many extensions, so the lack of a website shouldn’t automatically deter you. You can make a security judgment for these using the other tips on the list.

Read the reviews

What do people have to say about the extension? It may seem counterintuitive, but look for extensions that have both good and bad reviews. It’s impossible to please everyone, so if an extension with many downloads has only glowing reviews, that’s a bit suspicious. Check the dates of the reviews. Were they all published on the same day? Do they sound similar? If so, they’re from bots or someone paid to write good reviews. 

Stick to browser-recommended extensions

If you aren’t comfortable evaluating the security of extensions, you can check for extensions created by or recommended by your browser provider. Firefox has a list of extensions it recommends after putting them through rigorous security checks. Chrome allows you to filter your extension search “By Chrome,” so you only see add-ons it has developed.

Browser extensions for work productivity


Fireshot allows you to take full webpage screenshots. You can highlight important areas of the page such as confirmation numbers, add notes to the screenshot, and save it as a PDF with links or as an image. There are countless ways this can be handy in your own work, and it’s also a great feature to recommend to clients. If they’re having a technical issue with your website, you can have them use Fireshot to capture it for you. This speeds up the troubleshooting process immensely and saves your customer the hassle of trying to explain what type of error is occurring. 

“I’m super grateful to FireShot for providing an excellent screenshot service with cropping capabilities and the choice to save a document as an image or a PDF! I use it regularly and rely on it for my business. It’s wonderful!” — Christine Bode 

Available for Chrome and Firefox


The TickTick browser extension allows you to keep your to-do list organized. It syncs across all your devices, and its deadline feature ensures due dates never sneak up on you. It’s simple to add notes to tasks, drag and drop to reorder your priorities, and convert Gmail messages into tasks. It’s got all the features you need to keep your workload organized so you can focus on the tasks at hand. 

“I love TickTick! It is the best to-do list/task tool I have found and I’ve tried A LOT of them. It is basic, but has enough features to make it incredibly useful. Other tools such as Evernote, etc. are too much for a basic task list (I use those for other items) and Google Keep/similar tools do not provide the organizational structure I need. At first I didn’t care for the deadline options, but I actually really enjoy it now, as it keeps items that are further out away from view and helps me focus on the priorities at hand.” — Jana Ferguson

Available for Chrome and Firefox

Impulse Blocker

It’s not entirely your fault that you can’t pull yourself away from a site to focus on your work. Websites are designed to be “sticky” so they hold your attention for as long as possible. With Impulse Blocker, you’ll never log onto Instagram for “just a minute” and find yourself still scrolling two hours later. When you need to focus on your work without the siren call of your favorite websites distracting you, just add them to your block list and decide how long you want to pause access.

“I think it’s the cleanest site blocking extension I found so far, really easy to add and remove sites, has timed pausing, and it’s perfect for when I have trouble procrastinating and need nudging back to work.” — FunnyBunny581

Available for Firefox

Dark Reader

Staring at a computer screen for hours each day takes a serious toll on your eyes. Dark Reader applies a dark-colored theme to webpages to reduce eye strain. This allows you to work as long as you need to without having to take breaks due to the eye irritation and tension headaches caused by a too-bright screen. 

“One of the best dark mode extensions I’ve ever used. Excellent contrast, immediate satisfaction guaranteed. It’s one of the only dark mode extensions to work well with Google Docs, and I couldn’t be happier, 10/10.” — Epsyle Factkin

Available for Firefox and Chrome


Productivity isn’t always about powering through task after task. To do your best work, you have to manage your stress levels. Current helps with this by serving up a microdose of mindfulness every time you open a new browser tab. It provides mindfulness tips, guided breathing, and short meditations perfect for taking the stress out of your workday. 

“Such a great idea! I practice meditation every day but having these little breaks at work is wonderful. Well designed and the speaker’s voice is nice.” — Marriki Eva

Available for Chrome

RoboForm Password Manager

By 2022, the average internet user will have approximately 300 online accounts that require passwords to log in. We know you would never reuse the same password for multiple accounts, so that’s a lot of passwords to try to remember. RoboForm manages your passwords for you, so you only have to remember one master password. It will also generate unique and complex passwords to keep your accounts more secure. RoboForm saves you time at work by ensuring you never have to go through the password reset process or manually enter your passwords every time you login.

“The extension works great! I had an issue with recent and popular boxes not populating. Emailed support and found it was something in my desktop settings that was causing the problem. I have been a long-time user and am very pleased with Roboform including the great support team.” — Bob Higgins

Available on Firefox and Chrome

Laser Cat  

Sometimes the best way to boost your productivity is to take a break. When you need to power down for a few minutes, Laser Cat provides quality mindless entertainment by blasting lasers at anything you want on a webpage. According to reviewer Hiland Hall, Laser Cat can also land you a new job. 

“This was really helpful in a job interview once. I used Laser Cat in a presentation and they loved it so much they offered me a job on the spot.” — Hiland Hall

Available for Firefox and Chrome

Improve Business File Organization and Collaboration With Document Control

What is document control?

Document control is a standardized system of file management within a business. Document control sets protocols for the lifecycle and use of documents, from creation to deletion and everything in between. With proper management, employees will always have access to accurate and up-to-date information at any point in a document’s lifecycle. 

Document management is important for most companies, especially for highly regulated industries such as healthcare or industries such as engineering or architecture where precision is of the utmost importance. Document control helps businesses stay compliant with legal requirements and reduces errors.

Even companies that aren’t operating in heavily regulated or precise industries can reap the benefits of document management such as quick file searches, up-to-date information, and improved collaboration. While standards for document control apply to both physical and digital files, we’ll focus on digital files in this article since this is the predominant method of corporate document storage today. 

The risks of poor document management

Employees waste time searching for files

The larger a company is, the more complex the task of document control becomes. An enterprise-level organization can generate thousands of new files each day, which quickly turns to chaos without organizational parameters. 

On average, employees spend nearly two hours each day searching for files due to ineffective file management. When employees finally give up searching for the document they need, they often resort to recreating the file from scratch. The time employees spend searching for documents or duplicating work is a huge waste of company resources. 

Higher chance of errors

Working from an outdated iteration of a file is easy to do when there’s no standard for version control. Without proper document control, your company risks making costly mistakes. For instance, if an architect developed blueprints based on an older version of a file with inaccurate measurements, it could cost the company millions and even endanger lives. When accuracy is essential, you don’t want to leave anything to chance. Employees should be able to immediately identify the most up-to-date version of a file so they can complete their work with total confidence. 

Ineffective workflows and collaboration

In addition to wasting employee time, poor document control also inhibits collaboration. Without consistent rules governing approvals and revisions, document collaboration can get messy. Document control ensures that when a file is approved, everyone working on it knows. When revisions are made, efficient document control makes it easy to identify versions and what changes have been made. 

How Onehub supports document control

Implementing document control protocols can streamline your file management and make your business more efficient and profitable. Onehub’s robust business software can help you create an effective system to govern your business files and document worfklow.

Document creation

Document control standards for new files may govern things like where certain types of documents are stored, file naming conventions, document formatting, and access levels. 

Onehub facilitates fast and easy document creation with its Microsoft Office Online and Google Drive integrations. Users can create new documents directly in the Onehub platform, so they don’t have to switch between multiple applications to get the job done. 

Document approval

Document control improves workflows by standardizing the approval process. Each type of document should have a designated person in charge of approvals, and it should be clear to all involved parties when a file has been approved. Onehub makes this simple with one-click approvals and automatic notifications. 

Document revision

Documents can spend a lot of time in the revision process, so it’s important to have a set of standards to control this phase. The biggest hurdles in the revision stage are identifying the most current version of a document, ensuring that updates are synced, and viewing what changes have been made. 

With Onehub’s automatic file versioning, it’s always clear whether you’re looking at the first iteration of a document or the third. Our automated file syncing means that changes are synced across devices in real-time so employees are on the same page no matter where they access the file from. Users can view or restore all changes within a file, and it’s easy to identify who made those changes. These features make document control simple and team collaboration seamless. 

Document access

Companies often handle sensitive information about employees, customers, or finances that could cause a lot of trouble in the wrong hands. For your company’s digital security, assign every file an appropriate level of access. 

As a general rule, provide employees with the lowest level of access possible. You don’t want to inhibit their productivity with parameters that are too restrictive, but you need to ensure that confidential business information is protected. 

Onehub provides administrators with granular control over roles and permissions to make it quick and easy to customize individual access at the file or folder level. You can grant, modify, or revoke an employee or client’s access to a document with one click. You can also use the “preview as” feature to ensure you’ve set the correct permission level for a file. 

To see all the ways Onehub can support your company’s document control procedures, sign up today for our free 14-day trial

The Pros and Cons of FTP for Secure Business File Sharing

File transfer protocol (FTP) turned 50 this year. In the fast-moving world of technology, that’s an eternity. File sharing looks much different now than it did half a century ago, but some companies are still using FTP to share their business files.

Is it time to say goodbye to file transfer protocol, or is it an oldie but goodie? That depends on a few factors. Before reading the pros and cons of FTP, answer these questions to help you get a better understanding of your file-sharing needs:   

  1. Does your business routinely share very large files or entire directories?
  2. Do you share files that contain sensitive information such as financial details, customer data, or intellectual property?
  3. Are you, your team, and your clients tech savvy?
  4. Do you have an in-house IT team?
  5. Does your business involve collaboration within your team or with clients?

The pros of FTP for file sharing

Move many large files at once 

If your business requires you to share huge amounts of data (think gigabytes, not megabytes) at once, FTP is a great option. Companies specializing in design such as engineers, architects, and graphic designers often have extremely large files that are impossible to transfer via email and slow to share via HTTPS. Using FTP is a big advantage in these situations because it can transfer large files more quickly. 

Transfer multiple file directories at once 

File transfer protocol doesn’t usually have the file size restrictions you see with email and other file-sharing programs. This means you can transfer multiple file directories at once, saving you from the time-consuming process of sharing these files or folders individually. FTP also facilitates a faster transfer speed while doing this than many FTP alternatives.

Never lose file transfer progress 

With FTP, you never have to worry about losing your transfer progress if you get disconnected from the network. FTP will automatically reconnect when the network is available and pick up right where it left off.

The cons of FTP for sharing business files

Not secure

With cybercrimes steadily on the rise, protecting your business data is more important than ever before. Unfortunately, FTP falls short in this area. Considering it was invented in the 1970s, before cybersecurity was a real concern, that’s not surprising.

FTP security concerns:

  • Your username, password, and files are all sent in plaintext. This means they’re not encrypted, and anyone listening in on your connection can easily steal your credentials and your business files.
  • Many security-conscious businesses use firewalls as a foundational layer of protection from digital security threats. Because of the multiple TCP/IP connections FTP uses, it doesn’t work well with firewalls. 
  • FTP is vulnerable to brute force attacks, and any weak or reused passwords will be cracked quickly. Most FTP clients don’t offer strong password enforcement, so you just have to trust that your employees are following password best practices. 

Difficult to use 

To say FTP isn’t user friendly is an understatement. The interface is overwhelming and intimidating. At first glance (and many subsequent glances), it looks like something only an IT person could understand. This is a serious drawback because it requires training — for your employees and your clients — to use correctly. 

Employees who are used to using cloud file-sharing and storage will not be easily persuaded to use FTP, and the same is true of your clients. Most clients won’t be happy having to use a clunky file-sharing solution when competitors are offering easier alternatives. 

No roles and permissions to customize access

FTP clients don’t usually offer the option to set customized levels of access for different users. Any user with the FTP credentials will have access to everything on the FTP server. This goes against modern cybersecurity protocols which recommend assigning employees the lowest level of access possible based on their job duties. Creating varying permission levels allows you to customize what every user can access. This is a proven digital security  method that lowers your risk of a data breach. 

No audit trails to track leaks

It’s a huge security advantage to be able to see who has viewed, edited, or downloaded a file and when they did it. Audit trails also provide important information for project collaboration such as a history of approvals and edits. Audit trails aren’t an option with FTP, making it difficult to track down the source of a leak or monitor project progress. 

Doesn’t support collaboration

Collaboration is essential for most businesses, whether exclusively between colleagues or between employees and clients. FTP makes it difficult to collaborate on a document with others as there’s no file syncing or version control available. Projects quickly devolve into chaos when people are working on a file in parallel rather than simultaneously or when no one can identify which file is the most updated version. 

Onehub offers the best of both worlds

You can weigh the pros and cons to decide whether you want to use FTP or a browser-based alternative. Or, you can choose Onehub and have modern, web-based file-sharing as well as a secure FTP gateway. 

Onehub user David Winters-McDonald, general manager of MPC Studios Inc., shares his experience with this hybrid file-transfer solution:  

“We decided to use Onehub rather than a traditional FTP server because of the easy-to-use interface and because it was very simple to set up. It was not unusual for us to have to train our clients to use FTP, whereas with Onehub it was all very intuitive… My favorite feature is that file sharing can be accessed through an easy-to-use web interface or through a traditional FTP client. This suits both the tech savvy and the tech novices.”

A secure FTP option

Unlike traditional options, Onehub’s FTP gateway is protected with bank-level encryption. Your username, password, and files are encrypted and transferred over a secure connection, providing your business with enterprise-level digital security protection. This allows you to enjoy the benefits of file transfer protocol without any of the security disadvantages. 

Browser-based file sharing 

Using the cloud for file sharing is a modern solution that supports the way businesses operate today. Remote working and collaborative efforts are the norm now, so teams need a file-sharing option that provides file version control, real-time file syncing, easy remote access from any device, and effective communication tools. 

Try our free 14-day trial to experience Onehub’s cloud-based file sharing and secure FTP option.

How to Move Your Business Files From Local Storage to Cloud Storage

So, you’ve decided it’s time to level up your business storage and join the cloud. It’s a smart decision that will improve the security of your business files, increase productivity and collaboration, and allow easier remote access. It will also generate big savings since you won’t have to worry about expensive server maintenance and upgrades. 

These benefits are great motivation, but transferring all of your company’s valuable data can still be a daunting task. We’ve put together the tips below to help you easily transition from local storage to cloud storage. 

How to find the best cloud storage solution for your business

The first step is to evaluate different cloud storage and file-sharing providers to determine which will best meet your needs. Every platform offers something different, so it’s important to identify your “must-haves.” 

These are four of the biggest concerns companies have when moving to the cloud.


It’s a common misconception that local servers are more secure than cloud servers. Your files are at greater risk. As servers age, their failure increases drastically. A new server has a failure rate of 5%, but fast-forward five years, and you’re looking at a 13% failure rate. Physical servers are costly, and few companies have the resources to invest in a brand new server every few years. 

In addition to a higher failure rate, local servers have less secure backups than the cloud. It’s standard practice for cloud drives to be backed up across multiple devices and facilities, ensuring your data stays safe when disaster strikes. 

Cloud storage providers such as Onehub can keep your company information secure. We use bank-level encryption, secure direct links, granular roles and permissions, two-factor authentication, and strong password enforcement. Our system is monitored 24/7 and has multiple redundancies. This is the appropriate level of security to look for as you seek out the perfect cloud storage provider.  


Functionality is a more flexible criterion that will depend on your industry and the way your team works. Cloud storage providers offer a wide range of tools to improve productivity, collaboration, and communication, so you’re sure to find a solution that provides everything you need. 

When evaluating functionality, consider the following:

  • Do your employees collaborate often, or do they work solo?
  • What software does your company currently use that you’d want to integrate into your cloud platform? 
  • Does your team only share files internally, or do they frequently share files with clients or vendors?
  • How important is communication within your team?
  • Do employees need easy remote access to company files?
  • Is increased productivity an important reason for switching to the cloud?
  • Do you need additional services such as virtual data rooms or client portals?

Keep the answers to these questions in mind as you review the features offered by providers. For example, if you know that your team frequently uses Google Docs or Microsoft Office Online, you’ll want to find a platform such as Onehub that provides easy integration with them. If your team shares files externally, it will be important to find cloud storage that allows employees to share secure direct links with non-account holders.


Every company has to adhere to a budget, so cost will always be a deciding factor in choosing a cloud storage solution. You can use what you’ve learned from the security and functionality sections to narrow down your choices, and from there, you can rank them by price. 

Luckily, there are cost-effective options that offer robust tools as well as a high level of security. Onehub is an affordable cloud storage and file-sharing solution that can meet all of your needs without stretching your budget.

How to prepare for the big move from local to cloud storage

Once you’ve found your perfect cloud storage solution, it’s time to consider the practical steps involved with moving from local storage to the cloud. 

Back up your local server before beginning

Regular backups should be part of your company’s standard procedures. Some companies do this daily, but if yours doesn’t, be sure to schedule a time to back up all of your data before the cloud migration begins. 

Delete unnecessary data 

With the daily demands of work, it’s unlikely that anyone from your team has had time to do any digital file maintenance such as deleting irrelevant data. Make it a priority to do this before the transition begins. Only move the data your company actually needs. This will reduce the time spent transferring files and will keep your cloud storage streamlined. 

Not only are outdated files visual clutter, they can also cause costly errors or general confusion if employees mistakenly incorporate old information into current projects or decisions. If you have files that aren’t in current use but have historical value for things such as analytics, be sure to store these in an “archive” folder. This will make it easy for employees to distinguish between current and outdated information. 

Reassess your file hierarchy

Because data is such an integral part of modern business, it’s likely your company created some type of file hierarchy from day one. Unfortunately, many people create folder structures without considering how they will function as the business grows. Often companies continue to work from this initial structure for years and add new filing systems to make it work. This results in an illogical file hierarchy that’s confusing and difficult to use, especially for new employees. 

Don’t simply drag and drop this mutant file hierarchy into your new cloud storage. This is the perfect opportunity to address the problem. Our guide to business file organization can help you create an orderly filing system that serves you and your team well.

Decide how you’ll transfer the files 

It’s important to figure out what method you’ll use to transfer your files. Depending on the options offered by the cloud storage provider you choose, this may be a time-consuming process. 

Onehub offers users two fast and easy options for transferring files. You can use a simple drag-and-drop method, or you can use FTP. FTP is a great option if you’re already happy with your file structure. You can move the entire thing over in one go, and everything will be set up exactly as you’re used to. 

If you’re in the process of building a better digital filing system, you can focus on updating individual departments and transferring the files in batches. This reduces the scope and makes the project feel more manageable. Batching your transfers will also reduce the load on your network connection. 

Train employees to use the new cloud platform

Your employees will need training for the new cloud storage solution. At Onehub, we’re proud to offer an intuitive platform that most users understand immediately, but you may have employees that aren’t familiar with the cloud at all. Some cloud platforms are complex and require more intensive training. 

Even if your chosen platform is essentially “plug and play,” all employees will benefit from a brief overview of the new tools available to them. Cloud storage offers many more features than a local server, so be sure to cover all the new tools your team can use to increase their efficiency and productivity. 

It’s also important to cover cloud security during your training. Now that your team can easily access company files remotely, they may want to connect from a coffee shop or other location with public Wi-Fi. Public connections are not secure and should never be used for business unless you have a company VPN they can use. A VPN turns a public network into a secure private connection where employees can safely access and share company data. 

Is Onehub right for your business? 

Onehub offers a robust platform for cloud storage, secure file sharing, virtual data rooms, and client portals. We maintain strict security protocols that include bank-level encryption that makes your data unreadable to hackers, multiple redundancies for backups, two-factor authentication for increased account security, and much more. 

Our users benefit from enhanced communication and collaboration tools such as tasks, folder and file-level comments, document approvals, messaging, and automatic file synchronization, to name just a few. 

To find out all the ways Onehub can help your business, sign up for a free 14-day trial or reach out to our team to discuss your cloud storage needs. 

How to Create an Effective Digital Security Plan for Your Business

Both large and small businesses should be concerned about digital security. Hackers look to large companies for expensive ransomware attacks and focus on small businesses for identity theft. No matter the method or reason behind the attack, your business’s fate will likely include financial losses, a damaged reputation, and business disruption. 

A digital security plan is your company’s best defense against cybercrime. Implementing cybersecurity best practices makes your business a less appealing target to hackers. There will always be businesses that have yet to overhaul their digital security measures, making them much more tempting targets.

We’ve put together tips to help you create an effective digital security strategy that will protect your employees, customers, and assets. 

Understand common digital security risks  

Privilege abuse 

It’s important to have a plan for privileged access management (PAM) to control access to sensitive company data and limit the risk of security breaches. Privileged accounts are an appealing target for hackers because gaining entry at the highest level of access gives them the biggest advantages. 

As part of your digital security plan, define protocols for PAM. For example, many companies require privileged accounts to be secured with two-factor authentication, or that all work-issued devices be granted the least amount of access possible. 

Abuse of privileged accounts is one of the leading causes of corporate data breaches, so it’s important to implement a system that ensures only leadership and departments such as IT have high-level access to company data.

Weak passwords

Many people get frustrated typing in long, complicated passwords or simply can’t remember them, so they default to weak passwords. Weak passwords like the ever-popular “123456” can be cracked within milliseconds. It takes zero effort, so hackers are always looking for these weak spots to quickly gain access to confidential information. Enforce strong passwords on all employee accounts.  

Phishing attacks  

Phishing attacks have been around for a long time, and they’re still as effective as ever. Over 90% of targeted attacks use spear phishing, a type of phishing email where the hacker spoofs a known individual’s email address. 

Employees should be trained to identify phishing emails and understand the risks involved with clicking a malicious link or opening a compromised attachment. Some more sophisticated phishing emails don’t include attachments or dangerous links. Instead, they focus on winning over the recipient’s trust by posing as a colleague or authority figure within the organization. These are particularly insidious cybersecurity threats because they can be hard to spot. 

Public Wi-Fi 

Workers are using public Wi-Fi more than ever now that remote and hybrid work is becoming the norm. This poses a significant risk to your company’s digital security because these connections are not secure. Hackers commonly use the “man in the middle” attack to steal data from people using unprotected public Wi-Fi.

Secure your network

Install a network firewall

A firewall is a must for corporate networks. It monitors incoming and outgoing traffic and uses a defined set of security protocols to identify suspicious activity (e.g., malware or ransomware) and block it from accessing the network. It also protects ports that hackers commonly use to access your network and steal data. 

Use a VPN

A VPN, or virtual private network, creates an encrypted internet connection that protects your online activities from prying eyes. It’s especially useful for workers who use public Wi-Fi when traveling or working remotely. A VPN can protect against “the man in the middle” attack, one of the most common attacks used against vulnerable public networks.

Update router firmware

All of your company’s sensitive information passes through your router, and outdated router firmware makes your network a tasty target for hackers. Always stay on top of firmware updates to fix bugs and patch known security issues. 

Backup your data

Modern companies run on digital data, and losing this information can bring your business to a screeching halt or even shut it down permanently. 

Your backups should be encrypted and stored across multiple devices and facilities. This means that if one server fails or is destroyed in a natural disaster, your data is still safe and easily recoverable. 

To automate this process and make it easier, you can use providers such as Onehub to protect your data. We give our customers complete peace of mind by using bank-level encryption to protect data in transit and at rest. We store data with multiple redundancies and regularly perform integrity checks to ensure everything is secure. 

Share files securely

Many employees carry over their file-sharing habits from their personal life into the workplace by sharing files by email. Any file shared by email is vulnerable to hackers. There is less risk involved with sharing personal files as they don’t generally contain sensitive information, but that is not the case with business files. Any data being shared by employees should be encrypted and transferred via a secure network connection. 

Onehub takes file-sharing security a step further and offers password protection for shared files as well as expiration date options. You can also give direct file access to non-Onehub users via secure links.

Restrict administrative privileges

Prevent privilege abuse by restricting employee and contractor digital access to necessary areas only. Controlling user privileges means you can restrict access to sensitive information and limit or prohibit certain activities, such as installing software. 

For the most impactful control of admin privileges, look for a file-sharing and cloud storage provider that offers granular control over users’ roles and permissions. Onehub allows you to invite users, grant or revoke access, and modify roles from one location. You can invite users on multiple levels, from Workspace to folder to file, and you can control whether a user is able to print, download, or modify a document. 

Detailed control over access to your company’s data means you don’t have to worry about employees or clients abusing privileges or unintentionally causing a digital security incident. 

Use two-factor authentication 

A username and password combination is by far the most common method of account authentication. Unfortunately, 83% of Americans use weak passwords, so this method can easily be compromised. 

Two-factor authentication is a much more secure method. It requires a password and a secondary piece of information such as a login code sent to a cell phone, a thumbprint, or a security token. This provides a serious upgrade to your digital security because it renders stolen passwords useless. 

On all employee accounts, from email to cloud storage, be sure to enforce two-factor authentication if it’s available. Onehub offers this for our Advanced, Data Room, and Unlimited plans, along with many other powerful security features

Train employees on digital security

Employees can be your main line of defense against digital security threats, or they can be ground zero for a cybersecurity disaster. The only thing separating the two is training. Train your employees to identify digital security risks and follow best practices to protect business data.

They should understand the difference between a secure password and a weak one, be able to spot potentially malicious emails and files, and know which contacts to notify if something goes wrong.

Consult a digital security expert 

The tips above will get you off to a great start on your company’s digital security plan. However, to make sure it’s as comprehensive and effective as possible, consider hiring a digital security consultant. They can discuss the level of security your business needs based on the amount and type of data you have and help you identify the best software and protocols for your company. 

Level up your digital security, cloud storage, and file sharing with Onehub’s free 14-day trial

Protect Your Business Data by Including Cybersecurity in the Onboarding Process

The biggest threat to a company’s data security is its employees. In a 2018 information security report, cybersecurity expert Imran Ahmad explained that “no matter how much an organization spends on technology, the single most important point of vulnerability in an organization remains its employees.” 

Your employees interact with your company’s files, data, and intellectual property on a daily basis. This means they have ample opportunities to wreak havoc on your digital security, either through ignorance or malice. Regardless of intent, an employee-caused data breach can destroy your company’s finances and reputation. 

The best way to protect your business files and other data is to train employees on proper cybersecurity practices from day one. Everyone in your company should know the basics of IT security, from how to safely transfer business files to identifying and reporting digital security threats.

What to include in cybersecurity onboarding

Train employees to identify threats

Everyone has gaps in their knowledge, so don’t assume your new employees know how to spot a cybersecurity threat. Focus on training all new employees to identify and properly handle some of the most common ones. 

Spear phishing emails

Hackers have many tricks up their sleeves, but they have one particular favorite. Spear phishing accounts for 91% of all targeted attacks

Spear phishing is a tactic that involves sending a fraudulent email that appears to be from a trusted source. The email may contain an attachment with malware or a virus, or it may include a request for confidential information. 

If you received an email that appeared to be from your boss saying she needed a confidential file emailed to her right away, would you do it? People tend to obey authority figures, and many employees wouldn’t think twice about following those instructions. 

An employee with proper cybersecurity training would know that emailing files is never a safe practice and would instead share the link from inside a secure file-sharing platform such as Onehub. This way, the shared file would go to the real person and not the spoofed email address. 

Other ways to identify a spear phishing email:

  1. Check the sender’s email address. It’s easy for hackers to spoof the “from” name, but it’s more difficult to spoof the actual email address. Instead, they may create a fake address that resembles the true one but isn’t exact.
  1. If the hacker has spoofed the email address and the sender name, evaluate the syntax of the email. Is this how the sender normally writes? If, for example, your boss always addresses you as “Mark” in emails and this one says “Marcus,” that should set off alarm bells.
  1. Scan attachments for viruses and confirm links are accurate by hovering over them (without clicking!) to see the true URLs.
  1. Make a phone call. If you’re suspicious of the request, but everything appears to be in order, call the person the email is supposed to be from. If that’s not an option, contact your IT department. Never comply with a suspicious email request without confirmation, no matter how dire the person makes the situation sound. (In fact, urgency is another sign that the email may be fraudulent.)

Spear phishing is the most popular type of attack because it’s so effective. Even a trained and diligent employee can fall victim to a spear-phishing scheme. However, it’s much more work to fool an employee that’s well-versed in the basics of data protection. Training employees can dramatically lower your risk of a spear-phishing incident.

Public Wi-Fi

The pandemic has massively shaken up the world of work, and more employees than ever are using public Wi-Fi as they work remotely. Unfortunately, this leaves your company’s data completely vulnerable to attack. 

The most common public Wi-Fi attack is called “man in the middle.” The employee thinks they’re directly connected to the public Wi-Fi, but they’re actually connected to a hacker. The hacker can see confidential information such as passwords and can even inject malicious data to infect the employee’s device. 

If employees must connect to free public Wi-Fi, find a trustworthy virtual private network (VPN) provider for your company. A VPN essentially turns a public network private by establishing a secure and encrypted connection. This means employees can work from wherever they need without worrying about exposing sensitive company information. 

Create a policy for personal devices

With so many people working remotely now, it’s vital to have onboarding guidance for how employees are allowed to use personal devices for work purposes. 

Keep device updated

Emphasize the importance of employees keeping their devices updated. Workers generally know to do this on their work-issued laptops, but they often forget that it’s necessary on their personal devices as well. 

Updates can be time consuming and frustrating, but they’re never issued without good cause. They often contain important patches to address recently discovered security issues. Employees who continually delay updates put their devices and your company’s data at risk. 

Password protect devices and never leave them unattended

It’s difficult to believe, but 52% of people don’t password-protect their cell phones. If employees are using their personal mobile devices for work purposes, they absolutely must lock them with a password. 

It’s also important to remind employees that they should never leave their phones, tablets, or laptops unattended in public places. If they’re working from a coffee shop and need to use the restroom, they need to pack up everything and take it with them. It feels like a huge inconvenience, but it’s much better than having the device stolen or compromised. 

Emphasize the importance of strong passwords

If you think creating strong passwords is common sense these days, allow us to introduce you to some of 2020’s top passwords: 123456, password, and 111111. The time it takes to hack passwords like these is counted in milliseconds

Passwords are one of the most common authentication methods for accounts. We use them so often that they’ve begun to feel like they’re no big deal, but they are crucial for data protection. We have an entire article dedicated to password best practices that you can use to supplement your cybersecurity onboarding. Onehub also allows you to enforce complex passwords for that extra peace of mind.

Use company-provided software 

Many people have a strong affinity for the software they use at home or used in a previous job. While it’s understandable to want to stick to what you know, it’s important that new employees know they can only use company-provided cloud storage platforms, file-sharing apps, and other types of business software. 

Companies vet the security practices of the third-party providers they’ve chosen. For example, Onehub’s cloud storage and file sharing software is protected by bank-level encryption, offers granular roles and permissions to fine-tune data access, enforces strong passwords, and offers two-factor authentication. Employers can’t verify the security protocols of every employee’s preferred software. This creates unnecessary risk to your business files and other data.

In addition to wanting to stick with what they know, employees may find alternate software solutions because the ones your company provides don’t meet all of their needs. You can better understand your staff’s technology needs by asking for their opinions and feedback. 

Your company can choose to find individual providers for each type of service employees want (e.g., collaboration tools, messaging, file sharing), or you can choose a more robust option that offers all of these features within one secure platform. 

Don’t stop at onboarding

Making cybersecurity a focus of your employee onboarding is the best way to ensure all of your employees have the same foundational knowledge about data protection. However, our technological landscape is dynamic. New digital threats are always emerging, as are new cybersecurity practices. To reach total data protection, information security training must become a regular event for all employees. 

Onehub offers a diverse platform that includes cloud storage, secure file sharing, collaboration tools, and messaging — all with bank-level encryption and cybersecurity best practices. Protect your business data today with a free 14-day trial.

Our Streamlined Custom Domain Process Saves You Time & Money

We’re excited to announce that we’ve streamlined our entire custom domain process. The new process significantly reduces the number of steps to set up a new custom domain, eliminates the need for you to purchase an SSL certificate, and automatically renews your SSL certificate for as long as your Onehub account is active.

For existing users, that means you never have to think about replacing your expiring certificates again! And not only that, because we’ve integrated with the non-profit Let’s Encrypt, you no longer have to pay a certificate authority to issue your certificates, saving you precious time and money.

Setting Up Your Custom Domain

For users new to our custom domains, the setup process has been dramatically simplified. First, choose your custom domain. Second, navigate to the “Custom Domain & White Label” section in your Admin tab and enter your new custom domain. Press “Accept Changes & Activate.” Finally, you’ll receive instructions to set up a DNS record. And that’s it! Onehub will do the work to confirm your CNAME is correct, get your SSL certificate, and manage all renewals going forward. Three easy steps for your new custom domain!

Benefits of a Custom Domain

Adding a custom domain to your Onehub account puts your Onehub Workspaces on a domain that you control. Instead of your users visiting to access their files, they navigate to their Workspaces and files through your site.

Having a custom domain may seem like a small change but it can have a significant impact on your business.

  • Consistency. Both your clients and your internal team members will access all of their data through your domain when working on projects. This can reduce confusion and friction in your business efforts.
  • More polished. Running Onehub on your domain gives your collaboration tools a more professional look. Having a custom domain provides clients with a level of familiarity and promotes trust in the professionalism of your company.
  • Control. You decide where and how your data is accessible.

Easy Customization with Onehub

Customizing your Onehub Account helps to provide a consistent and professional experience to your clients and team.  We hope this new feature simplifies the customization process, reduces some logistical overhead, and frees up you and your team to focus on more critical tasks.

As always, if you have any questions or comments, please don’t hesitate to reach out to our wonderful support team by emailing or by calling 1-877-644-7774.