How Investing in Internal Documentation Saves Your Company Money

When budgets get tight, cutting unnecessary costs is a standard strategy to maintain a successful business. While the big expenses tend to get the most attention — finding cost-effective employee benefits, buying supplies in bulk, cutting out catering for staff meetings — sometimes it’s the smaller details that can have the most impact. 

Internal documentation is one of those minor details that are rarely at the top of anyone’s money-saving list, but it definitely deserves a spot. Internal documentation refers to any detailed information about your company’s processes and procedures that’s kept up to date and is available for employees to reference as needed. 

It’s a simple concept that’s easy to implement, yet many companies don’t make it a priority. Good internal documentation has the potential to save businesses tens of thousands of dollars each year, and it can directly increase profits by reducing turnover rates and improving every aspect of your business, from onboarding to customer service.

Investing in internal documentation increases company efficiency

Workers can easily spend up to 30% of the workday scouring company databases for basic information they need to do their jobs. If your company has 50 employees and they’re paid the U.S. average of $25.68 per hour, you’re losing $3,210 per day in employee effectiveness. 

If you’re wondering what this expensive time-wasting looks like in action, picture your top-performing employee — the one everyone goes to for help because they have accumulated years of company knowledge. Now imagine that person leaves your company. Without proper internal documentation, they’re walking away with priceless information that your other workers need. When your team is left without their go-to resource, they have to waste an enormous amount of time piecing together information to recreate that former employee’s knowledge base.

If your company’s documentation is nonexistent or lacking, it’s quite likely that a scene like this has played out within at least one of your departments. Imagine how much more your organization could achieve if those hours were put toward customer service, improving products, or training employees on new skills to stay competitive? Productivity and effectiveness would explode, and the results would speak for themselves in your company’s bottom line. 

Great internal documentation makes onboarding easier

Not only is searching for information costly in terms of time wasted, it can also cost you top talent. Work tends to be stressful in general, and insufficient internal documentation is an unnecessary obstacle that adds to that stress. If this issue isn’t addressed, you may find some of your best employees packing their bags to head to more organized pastures. 

If your organization’s lack of proper documentation is causing employee burnout and high turnover, your onboarding process is likely also suffering. New workers are bombarded with more details during onboarding than they can possibly digest in their first few days. It’s important to streamline this process to ensure your new talent feels supported and confident in their position.

Hiring and training new workers is a huge expense. You save your company big bucks by making the process faster and more effective with quality documentation. Set new employees up for success and reduce turnover by clearly documenting your company’s policies, processes, and job-specific information and storing it somewhere that’s easily accessible. 

Internal documentation supports collaborative work

Workplace collaboration is vital to a company’s success, especially in today’s market. The best ideas are rarely the sole effort of a single person. Combining the perspectives, skills, and experiences of a diverse group is the most effective way to develop a robust product or service that will delight your customers. 

Every step of that process, from ideation to implementation, requires employees to share information. When you have solid internal documentation in place, as well as a secure method to store and share it, this process is seamless. This speeds up the collaborative process, meaning your team always hits their deadlines with quality work in hand. 

This also makes your company look competent and professional from a client’s perspective. When your team completes projects in an organized and timely manner, clients will be impressed and feel confident choosing your company again and again for their needs. Alternatively, team collaboration that’s clumsy and behind schedule will send customers straight to one of your competitors, and you can bet they’ll readily share their bad experiences with others. 

The more information about your company, clients, products, and services you document, the more ammunition your employees will have to draw from when it’s time to collaborate on new projects. All employees will have the base knowledge they need to do their parts, whether that’s details on how to use certain software or information about the success or failure of past ideas. This facilitates better, more profitable products and projects that will increase your company’s profits. 

Accessible internal documentation improves work-from-home effectiveness

Working from home became a necessity in 2020. It opened the eyes of many executives to all the benefits that remote work can bring, from downsizing office space to having a wider pool of qualified job candidates. Employees also took a strong liking to the flexibility that remote work provides, so it looks like this trend is here to stay.

As with any major change in business models, remote work poses a few challenges. In-office employees struggle with finding the information they need, and this issue is amplified even more when workers are remote. At the start of the pandemic, the Harvard Business Review reported that work-from-home employees were surprised by how much more difficult it was to find the information they needed to do their work. 

This doesn’t have to be the case, though. Work-from-home effectiveness can be equal to that of on-site employees if internal documentation is a company priority. Business efficiency increases even more when you store that documentation in the cloud where all employees can easily access it and share files as needed internally or externally. 

Ready to whip your company’s documentation into shape? Onehub can keep it secure, organized, and easily accessible to employees. See for yourself with our free 14-day trial (no credit card required!). 

How to Choose a Dependable Cloud Storage Solution for Your Business

What is cloud storage?

The term “cloud storage” may sound abstract and ephemeral, but it’s actually a secure method of storing your business files online. It eliminates the cost, security issues, and maintenance hassles that come with traditional on-site servers. 

It’s no surprise that business owners are moving to the cloud in droves. With the cloud, you don’t have to maintain or replace expensive hardware, it’s simple to scale your storage up or down to suit your needs, and your data is protected with high-level security protocols that outperform those of physical servers. 

There are many online file storage providers, and they all offer something a little different. It can be overwhelming to try to narrow down the best options for your company. We’ve highlighted several important cloud storage features to look for as you start your search.

What to look for in online file storage

Security and dependability

Secure and dependable cloud storage is a necessity. If a provider can’t immediately give you a breakdown of their security protocols and uptime, go ahead and scratch them off your list. Without these two basics, no other impressive tools or features will matter.

256-bit encryption

Encryption is the process of turning data from plaintext (readable) to ciphertext (unreadable until decrypted with a key). With 256-bit encryption — the same type that banks and the CIA use — it would take a hacker billions of years to crack the data with a brute force attack. No one’s got that kind of time, so even if a hacker gets their hands on your business files, the data will be useless to them.

That’s the level of security you want for your online file storage. Hackers are targeting businesses at an incredible rate, and they can do extensive damage to your company, your employees, and your customers if they get the data they’re after. Keep your business secure by selecting a cloud storage provider that offers 256-bit encryption.

Roles and permissions

Roles and permissions are important security features for your online file storage. These allow you to customize access for each user and even specific files or folders. Look for providers with multiple options for roles and permissions to give you the flexibility you need for the wide variety of information companies store. If there are only two or three roles available, it may not provide the level of nuance that your company needs.

With permissions, you can customize access even further. For example, you may decide to share a file with someone but don’t want them to download it or share it with anyone else. With a provider like Onehub, granular permission levels can be added or revoked with a single click. 

Two-factor authentication

Employees are the most valuable resource your business has, but they’re also your biggest security risk. Despite knowing the importance of using strong, unique passwords, 83% of Americans use weak passwords that can be cracked within seconds. 

Usernames and passwords generally don’t keep hackers out for long. The solution to this problem is two-factor authentication. This type of login requires a user to enter their username and password, followed by a second type of authentication. This can be a security token, a code sent to a mobile device, a thumbprint, or numerous other methods. 

The second type of authentication ensures that hackers can’t access your system with just a username and password. Unless they’ve also stolen the security token, mobile device, or thumb of the person whose account they’re hacking, their attempts are futile, and your data is safe.

Redundant backups

Businesses today simply can’t function without on-demand access to their files, and good online storage providers understand this. That’s why they back up your company files across multiple devices in multiple facilities. If an earthquake destroys a server, your company won’t even notice because there’s a secure backup of your data at another location. 

File sharing options

The best online file storage will offer several secure methods of sharing files. Inviting users to access a file or folder is standard practice, but it’s also important to have an option for sharing files with people external to your organization. This allows people who are not users on your cloud storage platform to access the file without setting up an account. 

Onehub took this feature a step further. We allow users to send secure direct links that can be password protected and assigned an expiration date. Cloud storage providers that offer these additional features ensure you have the ultimate flexibility and security for your online file storage.

Collaboration and communication tools

Few successful companies are a one-person show. It takes collaboration and communication between colleagues for a business to consistently produce a quality product or service. Many cloud storage providers such as Onehub offer features that go beyond basic online file storage.  

A great cloud service can provide you with tools to make your team more effective. When evaluating your cloud options, check to see if the provider offers some of the popular features listed below. 

Tasks

Keep track of a project’s progress by assigning tasks. Onehub allows users to assign tasks to others or themselves. Whether you use this tool as a personal to-do list or to monitor who is doing what and when, tasks will help keep important jobs from falling through the cracks. Having this easy-to-use task list means you don’t have to expend any mental energy keeping up with the thousands of little details that bring a project together.

File syncing

File syncing is a must in today’s busy world. It lets employees work on a file simultaneously, from anywhere on any device, and know that everyone is looking at the same information. If a team is stuck working in files that don’t automatically sync, they’re literally not on the same page. It’s a recipe for confusion and misunderstandings. You can sidestep all that hassle by choosing a cloud service that has automatic file syncing.

File versioning

Like file syncing, file versioning is key to preventing projects from derailing and costing precious time and money. Automatic file versioning means your team never has to spend hours skimming through a file’s contents trying to figure out if “important-project-FINAL2” or “important-project-FINAL-FINAL” is the real final version. 

File versioning keeps a history of changes made to the document, and they can be restored easily if needed. It’s a fantastic feature for any business that relies on employee collaboration to get things done.

Comments and messaging

All work requires communication, so it’s essential that you provide employees with a quick and easy way to get in touch with each other. This is especially true if your team sometimes works remotely. The Harvard Business Review noted that remote workers were often surprised by how difficult it was to get simple information from colleagues. 

You can facilitate easy communication between coworkers by selecting an online storage provider that has integrated communication channels. This lets workers get their questions answered without even leaving their digital workspace. It’s a simple tool that saves employees a ton of time and frustration. 

Intuitive interface

Extensive research about what makes a great user experience is readily available online, so there’s simply no excuse for a bad user interface in 2021. If a cloud storage provider has a clunky, confusing interface that requires in-depth training for employees to understand, you may want to keep looking. 

The right online file storage for your business will have a clean design that’s not overwhelming to look at, and you’ll intuitively know how to do all the basics such as uploading a file, creating a new folder, or inviting new users.

Good cloud storage design is a sign that a company cares about its customers and is competent in its field. 

Find a dependable cloud storage solution for your business

The tips we’ve covered here will help you evaluate different online storage solutions so you can choose one that’s right for your business. You’ll know when you’ve found the perfect fit because you and your employees will become more organized, communicate and collaborate better, and feel less overwhelmed with daily tasks. 

To really get a feel for how a cloud storage provider will benefit your organization, ask for a free test drive. Onehub offers a free 14-day trial so you have plenty of time to explore our features and make an informed decision for your business. Sign up today!

Regular Software Updates Keep Your Business Secure and Productive

Installing updates is one of the simplest ways to protect your company’s files and keep your business running smoothly. Devices and software that are up to date provide data protection, improved functionality, and helpful integrations. 

Why do companies issue software updates?

To improve security

A known vulnerability is a glitch or weakness in software or operating systems that hackers can exploit. When a software company identifies a vulnerability and finds a solution, they release a security patch to fix it. This patch comes in the form of a software update. 

There are many reasons it’s essential to stay on top of updates, but digital security is one of the most important. Cybercrimes are steadily increasing, and businesses are a favorite target for hackers. Companies store sensitive data ranging from customers’ credit card numbers to intellectual property, and this data is incredibly valuable. Hackers can encrypt this data and demand a ransom for the decryption key, use a known vulnerability to take your business offline, or conduct any number of other malicious schemes. 

To add or remove features

Software updates are also issued to add new features, remove outdated features, and improve functionality. These updates can enhance the user experience and offer your company better tools for productivity and efficiency.

To offer new integrations

Updates can also be issued to make the software more compatible with popular programs. For example, Onehub recently updated its file-sharing and cloud storage platform to integrate DocuSign. This allows Onehub users to get electronic signatures from clients quickly and easily. 

What are the risks of not installing updates promptly?

It’s important to install software updates as soon as possible. We’re all guilty of hitting the “install update later” button when we’re in the middle of something, but consistently putting off updates can have significant consequences.

Data breaches

The biggest risk of not staying on top of software updates is a cybersecurity attack. Updates act as a data safeguard, ensuring a malicious individual can’t easily steal sensitive business information or hold your data for ransom. 

Once software has a known vulnerability, it becomes a favorite target for hackers because they already know exactly how to exploit it. There’s no time-consuming guesswork involved. Even after a software company releases a security patch, hackers will still target these programs. They know that many people, especially employees, don’t bother to update their computers or software. 

A good digital security plan can help employees understand the importance of data safeguards such as regular software updates.

Lower productivity

Not installing software updates also means your company is missing out on great new features that could dramatically improve collaboration, productivity, or efficiency. This risk is often overlooked since you’re unlikely to know what you’re missing out on. But competition among businesses is tight, and if your competitors are benefitting from faster, better tools, your business could fall behind. 

Unusable software

Installing updates ensures that your software stays compatible with your operating system and the other programs it interacts with. If you’re behind on updates, you may find that some or all of the features of your software stop functioning. 

Lost time

The longer you put off computer updates, the more updates you’ll need to install. If you stay on top of updates, you most likely won’t have to wait very long for a single one to install. But if they’ve been piling up for months, it may take ages to complete all the updates. During that time, you’re essentially out of commission work-wise. 

This is especially frustrating if your software has stopped working and you need it updated ASAP so you can meet an important deadline. You resign yourself to restarting your computer, anticipating a brief, single update, and instead, you have three months’ work of updates being installed in succession. It’s an easy situation to avoid; simply make software updates a regular part of your work routine.

Ensuring your business software stays updated company-wide

Choose cloud-based software

Cloud-based software such as Onehub doesn’t require users to install updates. Every time you log in, you’re accessing the most up-to-date version of your cloud software. This makes it extremely efficient and more secure since there’s never any delay in installing vital security patches. 

Allow automatic updates

Many devices and software have an option to install updates automatically. Allowing automatic updates means you don’t have to worry about remembering to check for or install updates. If you choose to do manual updates, it’s helpful to pencil them into your work schedule so you don’t forget.

Create a digital security plan

The best way to ensure software and devices are being regularly updated company-wide is to create a digital security plan. The plan should cover common cybersecurity threats and effective data safeguards such as regular updates, strong passwords, and two-factor authentication. Make sure employees know they are responsible for keeping their work devices updated, as well as any personal devices that they use for work.

Onehub can keep your company’s data secure while providing first-class business tools for collaboration and productivity. Try Onehub for free for 14 days!

Improve Business File Organization and Collaboration With Document Control

What is document control?

Document control is a standardized system of file management within a business. Document control sets protocols for the lifecycle and use of documents, from creation to deletion and everything in between. With proper management, employees will always have access to accurate and up-to-date information at any point in a document’s lifecycle. 

Document management is important for most companies, especially for highly regulated industries such as healthcare or industries such as engineering or architecture where precision is of the utmost importance. Document control helps businesses stay compliant with legal requirements and reduces errors.

Even companies that aren’t operating in heavily regulated or precise industries can reap the benefits of document management such as quick file searches, up-to-date information, and improved collaboration. While standards for document control apply to both physical and digital files, we’ll focus on digital files in this article since this is the predominant method of corporate document storage today. 

The risks of poor document management

Employees waste time searching for files

The larger a company is, the more complex the task of document control becomes. An enterprise-level organization can generate thousands of new files each day, which quickly turns to chaos without organizational parameters. 

On average, employees spend nearly two hours each day searching for files due to ineffective file management. When employees finally give up searching for the document they need, they often resort to recreating the file from scratch. The time employees spend searching for documents or duplicating work is a huge waste of company resources. 

Higher chance of errors

Working from an outdated iteration of a file is easy to do when there’s no standard for version control. Without proper document control, your company risks making costly mistakes. For instance, if an architect developed blueprints based on an older version of a file with inaccurate measurements, it could cost the company millions and even endanger lives. When accuracy is essential, you don’t want to leave anything to chance. Employees should be able to immediately identify the most up-to-date version of a file so they can complete their work with total confidence. 

Ineffective workflows and collaboration

In addition to wasting employee time, poor document control also inhibits collaboration. Without consistent rules governing approvals and revisions, document collaboration can get messy. Document control ensures that when a file is approved, everyone working on it knows. When revisions are made, efficient document control makes it easy to identify versions and what changes have been made. 

How Onehub supports document control

Implementing document control protocols can streamline your file management and make your business more efficient and profitable. Onehub’s robust business software can help you create an effective system to govern your business files and document worfklow.

Document creation

Document control standards for new files may govern things like where certain types of documents are stored, file naming conventions, document formatting, and access levels. 

Onehub facilitates fast and easy document creation with its Microsoft Office Online and Google Drive integrations. Users can create new documents directly in the Onehub platform, so they don’t have to switch between multiple applications to get the job done. 

Document approval

Document control improves workflows by standardizing the approval process. Each type of document should have a designated person in charge of approvals, and it should be clear to all involved parties when a file has been approved. Onehub makes this simple with one-click approvals and automatic notifications. 

Document revision

Documents can spend a lot of time in the revision process, so it’s important to have a set of standards to control this phase. The biggest hurdles in the revision stage are identifying the most current version of a document, ensuring that updates are synced, and viewing what changes have been made. 

With Onehub’s automatic file versioning, it’s always clear whether you’re looking at the first iteration of a document or the third. Our automated file syncing means that changes are synced across devices in real-time so employees are on the same page no matter where they access the file from. Users can view or restore all changes within a file, and it’s easy to identify who made those changes. These features make document control simple and team collaboration seamless. 

Document access

Companies often handle sensitive information about employees, customers, or finances that could cause a lot of trouble in the wrong hands. For your company’s digital security, assign every file an appropriate level of access. 

As a general rule, provide employees with the lowest level of access possible. You don’t want to inhibit their productivity with parameters that are too restrictive, but you need to ensure that confidential business information is protected. 

Onehub provides administrators with granular control over roles and permissions to make it quick and easy to customize individual access at the file or folder level. You can grant, modify, or revoke an employee or client’s access to a document with one click. You can also use the “preview as” feature to ensure you’ve set the correct permission level for a file. 

To see all the ways Onehub can support your company’s document control procedures, sign up today for our free 14-day trial

How to Create an Effective Digital Security Plan for Your Business

Both large and small businesses should be concerned about digital security. Hackers look to large companies for expensive ransomware attacks and focus on small businesses for identity theft. No matter the method or reason behind the attack, your business’s fate will likely include financial losses, a damaged reputation, and business disruption. 

A digital security plan is your company’s best defense against cybercrime. Implementing cybersecurity best practices makes your business a less appealing target to hackers. There will always be businesses that have yet to overhaul their digital security measures, making them much more tempting targets.

We’ve put together tips to help you create an effective digital security strategy that will protect your employees, customers, and assets. 

Understand common digital security risks  

Privilege abuse 

It’s important to have a plan for privileged access management (PAM) to control access to sensitive company data and limit the risk of security breaches. Privileged accounts are an appealing target for hackers because gaining entry at the highest level of access gives them the biggest advantages. 

As part of your digital security plan, define protocols for PAM. For example, many companies require privileged accounts to be secured with two-factor authentication, or that all work-issued devices be granted the least amount of access possible. 

Abuse of privileged accounts is one of the leading causes of corporate data breaches, so it’s important to implement a system that ensures only leadership and departments such as IT have high-level access to company data.

Weak passwords

Many people get frustrated typing in long, complicated passwords or simply can’t remember them, so they default to weak passwords. Weak passwords like the ever-popular “123456” can be cracked within milliseconds. It takes zero effort, so hackers are always looking for these weak spots to quickly gain access to confidential information. Enforce strong passwords on all employee accounts.  

Phishing attacks  

Phishing attacks have been around for a long time, and they’re still as effective as ever. Over 90% of targeted attacks use spear phishing, a type of phishing email where the hacker spoofs a known individual’s email address. 

Employees should be trained to identify phishing emails and understand the risks involved with clicking a malicious link or opening a compromised attachment. Some more sophisticated phishing emails don’t include attachments or dangerous links. Instead, they focus on winning over the recipient’s trust by posing as a colleague or authority figure within the organization. These are particularly insidious cybersecurity threats because they can be hard to spot. 

Public Wi-Fi 

Workers are using public Wi-Fi more than ever now that remote and hybrid work is becoming the norm. This poses a significant risk to your company’s digital security because these connections are not secure. Hackers commonly use the “man in the middle” attack to steal data from people using unprotected public Wi-Fi.

Secure your network

Install a network firewall

A firewall is a must for corporate networks. It monitors incoming and outgoing traffic and uses a defined set of security protocols to identify suspicious activity (e.g., malware or ransomware) and block it from accessing the network. It also protects ports that hackers commonly use to access your network and steal data. 

Use a VPN

A VPN, or virtual private network, creates an encrypted internet connection that protects your online activities from prying eyes. It’s especially useful for workers who use public Wi-Fi when traveling or working remotely. A VPN can protect against “the man in the middle” attack, one of the most common attacks used against vulnerable public networks.

Update router firmware

All of your company’s sensitive information passes through your router, and outdated router firmware makes your network a tasty target for hackers. Always stay on top of firmware updates to fix bugs and patch known security issues. 

Backup your data

Modern companies run on digital data, and losing this information can bring your business to a screeching halt or even shut it down permanently. 

Your backups should be encrypted and stored across multiple devices and facilities. This means that if one server fails or is destroyed in a natural disaster, your data is still safe and easily recoverable. 

To automate this process and make it easier, you can use providers such as Onehub to protect your data. We give our customers complete peace of mind by using bank-level encryption to protect data in transit and at rest. We store data with multiple redundancies and regularly perform integrity checks to ensure everything is secure. 

Share files securely

Many employees carry over their file-sharing habits from their personal life into the workplace by sharing files by email. Any file shared by email is vulnerable to hackers. There is less risk involved with sharing personal files as they don’t generally contain sensitive information, but that is not the case with business files. Any data being shared by employees should be encrypted and transferred via a secure network connection. 

Onehub takes file-sharing security a step further and offers password protection for shared files as well as expiration date options. You can also give direct file access to non-Onehub users via secure links.

Restrict administrative privileges

Prevent privilege abuse by restricting employee and contractor digital access to necessary areas only. Controlling user privileges means you can restrict access to sensitive information and limit or prohibit certain activities, such as installing software. 

For the most impactful control of admin privileges, look for a file-sharing and cloud storage provider that offers granular control over users’ roles and permissions. Onehub allows you to invite users, grant or revoke access, and modify roles from one location. You can invite users on multiple levels, from Workspace to folder to file, and you can control whether a user is able to print, download, or modify a document. 

Detailed control over access to your company’s data means you don’t have to worry about employees or clients abusing privileges or unintentionally causing a digital security incident. 

Use two-factor authentication 

A username and password combination is by far the most common method of account authentication. Unfortunately, 83% of Americans use weak passwords, so this method can easily be compromised. 

Two-factor authentication is a much more secure method. It requires a password and a secondary piece of information such as a login code sent to a cell phone, a thumbprint, or a security token. This provides a serious upgrade to your digital security because it renders stolen passwords useless. 

On all employee accounts, from email to cloud storage, be sure to enforce two-factor authentication if it’s available. Onehub offers this for our Advanced, Data Room, and Unlimited plans, along with many other powerful security features

Train employees on digital security

Employees can be your main line of defense against digital security threats, or they can be ground zero for a cybersecurity disaster. The only thing separating the two is training. Train your employees to identify digital security risks and follow best practices to protect business data.

They should understand the difference between a secure password and a weak one, be able to spot potentially malicious emails and files, and know which contacts to notify if something goes wrong.

Consult a digital security expert 

The tips above will get you off to a great start on your company’s digital security plan. However, to make sure it’s as comprehensive and effective as possible, consider hiring a digital security consultant. They can discuss the level of security your business needs based on the amount and type of data you have and help you identify the best software and protocols for your company. 

Level up your digital security, cloud storage, and file sharing with Onehub’s free 14-day trial

Protect Your Business Data by Including Cybersecurity in the Onboarding Process

The biggest threat to a company’s data security is its employees. In a 2018 information security report, cybersecurity expert Imran Ahmad explained that “no matter how much an organization spends on technology, the single most important point of vulnerability in an organization remains its employees.” 

Your employees interact with your company’s files, data, and intellectual property on a daily basis. This means they have ample opportunities to wreak havoc on your digital security, either through ignorance or malice. Regardless of intent, an employee-caused data breach can destroy your company’s finances and reputation. 

The best way to protect your business files and other data is to train employees on proper cybersecurity practices from day one. Everyone in your company should know the basics of IT security, from how to safely transfer business files to identifying and reporting digital security threats.

What to include in cybersecurity onboarding

Train employees to identify threats

Everyone has gaps in their knowledge, so don’t assume your new employees know how to spot a cybersecurity threat. Focus on training all new employees to identify and properly handle some of the most common ones. 

Spear phishing emails

Hackers have many tricks up their sleeves, but they have one particular favorite. Spear phishing accounts for 91% of all targeted attacks

Spear phishing is a tactic that involves sending a fraudulent email that appears to be from a trusted source. The email may contain an attachment with malware or a virus, or it may include a request for confidential information. 

If you received an email that appeared to be from your boss saying she needed a confidential file emailed to her right away, would you do it? People tend to obey authority figures, and many employees wouldn’t think twice about following those instructions. 

An employee with proper cybersecurity training would know that emailing files is never a safe practice and would instead share the link from inside a secure file-sharing platform such as Onehub. This way, the shared file would go to the real person and not the spoofed email address. 

Other ways to identify a spear phishing email:

  1. Check the sender’s email address. It’s easy for hackers to spoof the “from” name, but it’s more difficult to spoof the actual email address. Instead, they may create a fake address that resembles the true one but isn’t exact.
  1. If the hacker has spoofed the email address and the sender name, evaluate the syntax of the email. Is this how the sender normally writes? If, for example, your boss always addresses you as “Mark” in emails and this one says “Marcus,” that should set off alarm bells.
  1. Scan attachments for viruses and confirm links are accurate by hovering over them (without clicking!) to see the true URLs.
  1. Make a phone call. If you’re suspicious of the request, but everything appears to be in order, call the person the email is supposed to be from. If that’s not an option, contact your IT department. Never comply with a suspicious email request without confirmation, no matter how dire the person makes the situation sound. (In fact, urgency is another sign that the email may be fraudulent.)

Spear phishing is the most popular type of attack because it’s so effective. Even a trained and diligent employee can fall victim to a spear-phishing scheme. However, it’s much more work to fool an employee that’s well-versed in the basics of data protection. Training employees can dramatically lower your risk of a spear-phishing incident.

Public Wi-Fi

The pandemic has massively shaken up the world of work, and more employees than ever are using public Wi-Fi as they work remotely. Unfortunately, this leaves your company’s data completely vulnerable to attack. 

The most common public Wi-Fi attack is called “man in the middle.” The employee thinks they’re directly connected to the public Wi-Fi, but they’re actually connected to a hacker. The hacker can see confidential information such as passwords and can even inject malicious data to infect the employee’s device. 

If employees must connect to free public Wi-Fi, find a trustworthy virtual private network (VPN) provider for your company. A VPN essentially turns a public network private by establishing a secure and encrypted connection. This means employees can work from wherever they need without worrying about exposing sensitive company information. 

Create a policy for personal devices

With so many people working remotely now, it’s vital to have onboarding guidance for how employees are allowed to use personal devices for work purposes. 

Keep device updated

Emphasize the importance of employees keeping their devices updated. Workers generally know to do this on their work-issued laptops, but they often forget that it’s necessary on their personal devices as well. 

Updates can be time consuming and frustrating, but they’re never issued without good cause. They often contain important patches to address recently discovered security issues. Employees who continually delay updates put their devices and your company’s data at risk. 

Password protect devices and never leave them unattended

It’s difficult to believe, but 52% of people don’t password-protect their cell phones. If employees are using their personal mobile devices for work purposes, they absolutely must lock them with a password. 

It’s also important to remind employees that they should never leave their phones, tablets, or laptops unattended in public places. If they’re working from a coffee shop and need to use the restroom, they need to pack up everything and take it with them. It feels like a huge inconvenience, but it’s much better than having the device stolen or compromised. 

Emphasize the importance of strong passwords

If you think creating strong passwords is common sense these days, allow us to introduce you to some of 2020’s top passwords: 123456, password, and 111111. The time it takes to hack passwords like these is counted in milliseconds

Passwords are one of the most common authentication methods for accounts. We use them so often that they’ve begun to feel like they’re no big deal, but they are crucial for data protection. We have an entire article dedicated to password best practices that you can use to supplement your cybersecurity onboarding. Onehub also allows you to enforce complex passwords for that extra peace of mind.

Use company-provided software 

Many people have a strong affinity for the software they use at home or used in a previous job. While it’s understandable to want to stick to what you know, it’s important that new employees know they can only use company-provided cloud storage platforms, file-sharing apps, and other types of business software. 

Companies vet the security practices of the third-party providers they’ve chosen. For example, Onehub’s cloud storage and file sharing software is protected by bank-level encryption, offers granular roles and permissions to fine-tune data access, enforces strong passwords, and offers two-factor authentication. Employers can’t verify the security protocols of every employee’s preferred software. This creates unnecessary risk to your business files and other data.

In addition to wanting to stick with what they know, employees may find alternate software solutions because the ones your company provides don’t meet all of their needs. You can better understand your staff’s technology needs by asking for their opinions and feedback. 

Your company can choose to find individual providers for each type of service employees want (e.g., collaboration tools, messaging, file sharing), or you can choose a more robust option that offers all of these features within one secure platform. 

Don’t stop at onboarding

Making cybersecurity a focus of your employee onboarding is the best way to ensure all of your employees have the same foundational knowledge about data protection. However, our technological landscape is dynamic. New digital threats are always emerging, as are new cybersecurity practices. To reach total data protection, information security training must become a regular event for all employees. 

Onehub offers a diverse platform that includes cloud storage, secure file sharing, collaboration tools, and messaging — all with bank-level encryption and cybersecurity best practices. Protect your business data today with a free 14-day trial.

You’ve Secured Your Computer, but What About Your Business Printer?

You know all about the cybersecurity threats associated with your computer and know the importance of secure cloud storage for your business, but did you know your company printers are equally vulnerable? Business printers are an often overlooked security risk that can cause major business disruptions, financial losses, and data breaches. 

In 2020, cybersecurity experts from CyberNews hacked 28,000 business printers. Fortunately for those companies, it wasn’t a malicious attack. These ethical hackers were trying to raise awareness about printer security issues, and they only used their access to print a helpful guide called “How to Secure Your Printer.” 

Printers are a tempting target for hackers because they’re connected to the internet, store important information, and are rarely thought of as a security risk. Even a company that’s diligent about protecting work computers from viruses and hackers probably hasn’t given much consideration to securing the printers. (After all, it’s just a printer, right?) With no defense in sight, it’s an easy point of entry. Hackers can quickly gain control of your printer and then infiltrate your corporate network.  

How can a printer be hacked? 

The CyberNews team used specialized search engines to locate IP addresses with open ports. A port is essentially a communication channel that a computer or program uses to connect and transfer information. An open port is one that’s “listening” for connections and, if unsecured, can be used by hackers to gain access to the printer or computer.  

After searching for these open ports and confirming they were actual printers, CyberNews had a list of nearly 1 million vulnerable business printers. To keep the companies’ data private, they created a custom script that would only target the printer’s printing capabilities. An unscrupulous hacker could create a script that’s designed to do much worse.

In 2018, a hacker called TheHackerGiraffe also used an open port to hijack thousands of printers. TheHackerGiraffe forced them to print documents, though their chosen message was about subscribing to a YouTube channel called PewDiePie rather than a guide to securing printers. 

Despite these two “white hat” hackers revealing the extent to which business printers are vulnerable, not much has been done about it. In August 2020, TheHackerGiraffe tweeted, “About 2 years after the printer hacks, still not much has changed. The only way this will change is that if someone starts spam printing large amounts of unwanted ads or harmful content.”

What type of damage can be done with a hacked printer?

In an interview with The Verge confirming he or she was behind the PewDiePie printer hack, TheHackerGiraffe said, “People underestimate how easy a malicious hacker could have used a vulnerability like this to cause major havoc. Hackers could have stolen files, installed malware, caused physical damage to the printers and even used the printer as a foothold into the inner network.”

Let’s break down what each of those possibilities looks like.

Stealing files

Most modern business printers store copies of recently scanned or printed documents. Printing and scanning important documents are part of daily life in an office, so there’s likely to be a lot of sensitive data stored on your printer. These types of business files contain valuable information about your business and your employees. A hacker could easily exploit this data after gaining access to your printer.

Installing malware

Printers are rarely protected by antivirus or anti-malware programs. Hackers can install malware on them by pushing through an update that contains a virus or sending employees malicious (but legitimate looking) attachments from the printer. 

The goal here isn’t usually to simply infect the printer. The real targets are the devices connected to your printer and your corporate network. Once the hacker controls these, they have all the data they need to steal employee identities or intellectual property, launch ransomware attacks, and any number of other exploits.

Causing physical damage

Business printers are an expensive investment and are an integral part of a functioning office. If a hacker infiltrates your printer (or, even worse, a fleet of printers), they can “brick” it, rendering it useless. It’s a costly problem to fix and can wreak major havoc to your business operations. 

Accessing the inner network

A hijacked printer can serve as a path to connected devices and your computer network. This gives the hacker unrestricted access to your company’s confidential information (think: customer lists, credit card numbers, login credentials, employee social security numbers). They can also use this position to launch any number of attacks, from holding your business data ransom to taking down an entire network through a distributed denial of service (DDoS). 

How to protect your business printers

CyberNews created a detailed guide explaining how to protect your printer from hackers. We’ve broken down the main points below, and you can access the step-by-step guide here.

  1. Disable network printing.
  2. Secure printing ports 515, 721-731, and 9100. 
  3. Use a firewall to restrict access to network traffic.
  4. Update your printer firmware to the latest version. Firmware updates are often issued to patch security weaknesses, so it’s important to stay on top of them.
  5. Update your login credentials. Create a unique and complex password that’s at least 16 characters long.

Keep your business data secure

Technology is steadily becoming more complex and hackers more sophisticated. Protecting your business files and other data is an ongoing challenge, but it’s vital to your company’s success. After taking steps to secure your printers, be sure to evaluate the safety of your file storage and file-sharing methods. If they’re not up to snuff, we can help. Try Onehub’s secure cloud storage and file sharing free for 14 days

How to Get Your Work Email Under Control

Why is work email so stressful? Most emails can be read and responded to in under a minute, so the amount of anxiety we feel when checking our inboxes seems disproportionate to the amount of effort the task takes. 

In an interview with Business Insider, psychologist Ron Friedman explains why work email takes such a toll on employees. He says, “The reason it can feel overwhelming to find lots of emails in your work inbox is that each message represents another demand on your time and another decision you have to make. Even deciphering a generic announcement about the office coffee maker requires effort, which leaves less energy for work that matters.”

Work email also has a sneaky way of monopolizing your time. All those “quick” emails add up to an alarming number of hours each day. Adobe did an email usage study in 2016 that found employees spend over four hours every weekday on work emails. 

While you can’t simply stop checking your inbox, there are many ways to optimize it so it’s less stressful.

Secure your inbox

Cybersecurity is so important in today’s workplace, but very few companies make it a priority to train employees on common security threats. If you think an endless sea of unread emails is stressful, just wait until the sensitive business file you emailed gets hacked. 

The first step in your email management plan should be to protect your business data from outside threats so you never have to worry about causing a serious security breach. 

Follow these three tips to make your email more secure:

  1. Never send files via email

Intercepting an emailed file is child’s play for a hacker. Email providers simply aren’t set up to keep attachments safe. Instead, use a file sharing service such as Onehub that offers bank-level encryption and secure network connections to protect your messages and files. 

An added benefit of using a file-sharing service is never having to dig through huge email threads looking for files. Onehub keeps files organized and has a powerful search tool to ensure you can always find what you’re looking for.

  1. Don’t open links or attachments from unfamiliar email addresses.

Clicking a link or opening an attachment in a spam email is the most common way computers get infected with malware. If you accidentally open a spam email, you’re ok as long as you don’t click anything. Delete it or report it as spam to get it out of your inbox. 

  1. Keep your computer, phone, antivirus software, and internet browser updated.

Updates can be annoying because they sometimes take a while and can interrupt your work; however, it’s essential to stay on top of them. Updates are often issued after a security vulnerability has been discovered. If you postpone updates, your devices and software could be vulnerable to cyber attacks.

Organize your emails

Ever wonder how those “inbox zero” people do it? We did, too, so we looked into it. It turns out the answer is simple: They have a system. They’ve utilized every trick they know to customize their inboxes to a system that works best for them, and they maintain it. There isn’t a one-size-fits-all solution for inbox organization, but we’ve collected the best tips for you to test out on your journey to inbox perfection. 

Create folders, but keep them simple

It’s much easier to keep your emails organized if you sort them into different folders; however, you don’t want to go overboard with it. Having too many will make it harder to keep track of things and organizing emails into their respective folders will become too time consuming. 

The goal with folders is to essentially turn your primary inbox into a holding zone where you quickly review new emails and either respond immediately or send them to the appropriate folder to be dealt with later. 

Try to create a system with no more than five custom folders. The types of folders you make will depend on your personal preferences. For example, you could create a folder for emails that need to be handled before the end of the day and another folder for emails that require a response but aren’t time sensitive. 

Another helpful option to consider is an “FYI” folder. This folder is for emails that don’t require a response and contain important information you’ll likely need to reference in the future. 

Play around with different folder combinations until you find the right system for you.

Here’s how to create folders in Outlook and Gmail

Archive

You never know when you might need an email, so hitting “delete” can feel too permanent. You can still clean up your inbox by archiving old emails. Archiving emails transfers them out of your inbox and into an archive folder where they can be retrieved later if needed. 

Here’s how to archive emails in Outlook and Gmail.

Unsubscribe 

If you’ve acquired email subscriptions that aren’t useful to you anymore, unsubscribe from them. Even if you know you don’t have to read or respond to them, seeing unread emails in your inbox is visually distracting and creates unnecessary clutter.

Save time and stress

Create canned messages

Templated messages can save you an enormous amount of time, but they do come with one caveat. Always make sure you’ve customized any placeholder text in your message before you hit send. 

No one wants to feel like they weren’t worth an original response, so receiving an obviously templated message can sting a bit. This is especially important if you’re sending a canned message to a customer or client. 

A good failsafe is to cut the recipient’s email from the address field, select the canned response, customize the message, and then paste their email back in. If you get ahead of yourself and press the send button before you’ve updated the placeholders, you’ll receive an error message. This is your sign to review the text and make the necessary changes before pasting in the email address and hitting send again.

Here are three situations that are perfect candidates for a canned response:

  1. Declining an offer or request

A canned response is perfect if you regularly receive offers or requests from vendors, nonprofits, or other external sources. Keep it short and to the point to discourage follow-up emails.

“Thank you for reaching out, but I’m not interested. 

Best, 

[Name]”

  1. Scheduling a meeting

Avoid all the back-and-forth that comes with trying to schedule a meeting with someone. Instead, send a templated response with a link to your calendar.

“Hi [Name],

I’m looking forward to meeting with you about [XYZ]. Here is a link to my calendar. [Link] Please choose a time that works best for you.

Kind regards, 

[Name]”

  1. Avoiding a meeting

Meetings are time and energy intensive. If you’re too busy for a meeting or you’re not convinced yet that the topic is worthy of a meeting, send a canned response that will keep the discussion on email. 

“Hi [Name],

I’m interested in learning more about [XYZ], but my schedule is full at the moment. Let’s continue the discussion via email for now. 

Thank you!

[Name]”

Here’s how to create email templates in Outlook and Gmail.

Turn off desktop notifications for new emails

New email notifications can quickly derail your productivity. If you’re working on something, you don’t need to be interrupted every time a message lands in your inbox. Most employees obsessively check their work email, so even if you receive an important message, it won’t sit in your inbox unseen for too long. 

Here’s how to turn off desktop notifications for Outlook and Gmail.

When all else fails, abandon ship

If your inbox is so out of hand that you don’t feel you can salvage it with the tips above, it’s time for extreme measures. 

Create a folder called “Old Email” or something similar, and move all of your emails into that folder. If any current messages still need your attention, you can handpick them out of the “Old Email” folder and move them back to the main one. 

After this, your primary folder will be a clean slate. You can use the tips we’ve covered to create a new system to prevent another inbox implosion. 

Here’s how to move emails in bulk for Outlook and Gmail.

Email is always going to be part of your work day, so it’s worth investing some time to keep things organized. An organized and secure inbox will pay long-term dividends. It gives you peace of mind and allows you to use your energy for work that actually matters. 

If you’re starting your journey to inbox zero, Onehub can give you a much safer alternative to emailing files. Sign up today for a free 14-day trial!