Business.com

Business.com

Windows 10 Professional vs. Enterprise: What's Best for Business?

Posted: 23 May 2019 10:30 AM PDT

Trying to figure out which version of Windows your small business should use? You're not alone. For most entrepreneurs, it comes down to Windows 10 Professional or Windows 10 Enterprise. Both are widely available on affordable devices, and they offer nearly identical experiences for the end user. Word, Excel, PowerPoint and all the other Windows standbys, as well as access to the Windows store, is the same in each version.

The features included in the Windows 10 Pro and Windows 10 Enterprise service packages are different, though, and so are the prices.

Features  Windows 10 Professional  Windows 10 Enterprise
Security Windows Information Protection, BitLocker, BitLocker to Go, Windows Defender Antivirus and automatic updates Windows Information Protection, BitLocker, BitLocker to Go, Windows Defender Antivirus, Windows Defender Credential Guard, Windows Defender Application Control, Windows Defender Advanced Threat Protection and automatic updates
Price $199.99 per license Varies based on the size of the business and the features you want
Feature Windows Autopilot eases device deployment Microsoft Application Virtualization (App-V) and Microsoft User Environment Virtualization centralizes apps

Windows 10 Pro

Windows 10 Pro was built for professionals with limited or no tech support who still want access to business-grade features like mobile device management, remote desktop access, shared devices with multiple logins, and Microsoft Intune.

Security

The default security settings in Windows 10 Pro are suitable for most small businesses, and updates are relatively automated. In other words, if you don't want to mess around with security settings, you don't have to. All you need to do is run updates when prompted, and you should be good to go. It also comes with BitLocker and BitLocker to Go, as well as Windows Defender Antivirus.

Price

The listed price for a one-off subscription is $199.99 per license, but for businesses, there are often bundled deals offered in exchange for quantity purchases.

Outstanding Feature: User-Friendly Device Management

Windows Autopilot, a built-in feature of Windows 10 Pro, makes it easier for small businesses to deploy new devices to employees. Microsoft, or the hardware vendor you choose to work with, will register new devices for your organization. As the business owner, you can choose to customize the default setup by creating a profile that includes things like specific settings or apps.

If you select the self-deploying mode, this only has to be completed one time. After that, every additional Autopilot-enabled device you purchase for your business will automatically be configured to your specifications, so there's no need for manual onboarding. New users can simply unpack their laptops or desktops and start working. Additionally, you can create different profiles for the same devices, which is ideal if multiple workers use the same computer, and users can also access their desktops remotely from offsite or non-work machines.

Windows 10 Enterprise

While businesses of any size can use Windows 10 Enterprise, it is built primarily for large and midsize companies. Exceptions may include small businesses with intensive security needs and skilled in-house tech pros.

Security

Windows 10 Enterprise gives IT departments more freedom to manage security on their own terms. With these Enterprise features, your IT department can do things like remotely manage devices, deliver virtual desktops using Azure, control OS updates, manage apps, access security analytics through the Microsoft Intelligent Security Graph, identify and manage data breaches, create custom detection alerts, and pull reports.

Price

You'll have to submit a request for a price from Microsoft, which is common at the Enterprise SaaS level. Before you call, make sure you know the number of licenses you'll need; otherwise, the price quote may be inaccurate.

Outstanding Features: Big Business Tools

Upgrading to Windows Enterprise gives users access to everything included in lower-tier versions of Windows, as well as a bevy of other solutions tailored to larger businesses.

Windows Defender: The Professional version of Windows includes Windows Defender Antivirus, but all Enterprise subscriptions include four additional subproducts: credential guard, application guard, application control and advanced threat protection (ATP).  These software tools make up the advanced security available at the Windows 10 Enterprise level.

Virtualization: Microsoft Application Virtualization (App-V) and Microsoft User Environment Virtualization (UE-V) are both standard with Enterprise subscriptions and allow businesses to centralize Win23 apps on a server and manage all the settings and accounts in one place. This allows your IT department a higher level of oversight and increases app security, though it has little impact on the end user.

TL;DR: Just tell me what to buy

If you are a small business owner or solo contractor with general security needs and little interest in hands-on security management, opt for Windows 10 Pro. In addition to Microsoft, well-known brands like Dell, HP, Lenovo, Panasonic, Toshiba and LG sell laptops that can be configured with Windows 10 Pro

If you own a midsize or large business with in-house tech support, defer to your IT team. If they tell you to opt for Windows 10 Enterprise, you should request a price quote from Microsoft. If you do not have any IT support to advise you, it is highly unlikely that you require Enterprise-level security.

5 Ways to Take the Pain out of Your Bookkeeping

Posted: 23 May 2019 09:00 AM PDT

A few years back, SCORE conducted a poll asking entrepreneurs what was the worst part of owning a small business. A whopping 40% answered bookkeeping and taxes.

That survey wasn't an anomaly. In that same year, TD Bank asked over 500 business owners that same question, with 46% listing bookkeeping as their least favorite task. A 2012 survey by Mavenlink had 41% of respondents giving that same answer.

So, it's no wonder that so many small businesses put it off for as long as possible. If a person despises doing something, it's not exactly going to jump to the top of their to-do list. Unfortunately, this can have a severely negative effect on a business's performance.

So, what can be done to fix it? Short of miraculously developing a passion for accounting, what are some simple tricks to reduce the pain around bookkeeping?

1. Understand the purpose.

One thing that has helped a lot of our clients is understanding why they're doing their books in the first place. To be able to file their taxes? To provide records to a bank for a loan? To give something to their annoying CPA to get them off their backs?

Sure, all of those things are real reasons. But they are far from the primary purpose that bookkeeping serves.

Accounting is called "the language of business." A business's books are the truest reflection of its operations. They show the successes, the failures and the opportunities. They provide data on cash flow, receivables turnover, seasonality, and the profitability of different products and services. They give a snapshot of the business's performance – all backed up by cold hard data. As a friend of mine bluntly put it, "If you don't know your books, you don't know your business." They can and should be the cornerstone for almost any major business decision.

 

Editor's note: Looking for accounting software for your business? Fill out the below questionnaire to have our vendor partners contact you with free information.

 

 

If we view our books as the invaluable tool they are, then the process of creating them will become a bit less painful. And if we accomplish that, then we'll be much more likely to keep up with them.

2. Review the reports.

This dovetails with the previous point, but at our firm, we are often amazed at how often a client tells us their books are completed, only for it to be clear they have not once looked at the reports. And we're not talking about minor errors, but rather major items, such as "uncategorized expenses" of $200,000 on the profit and loss or a bank account that is supposedly $50,000 in the negative on the balance sheet. The client hates bookkeeping, so they did all of the data entry (as they felt required to do) but then were done with it.

But they are really short-changing themselves by doing that. They're doing all of the hard work and receiving none of the reward. Having the reports to review and analyze is what's interesting (relatively speaking) about the entire process. These reports give us the ability to better manage our businesses. We need to take advantage of that.

3. Take small bites.

Admittedly, even with all of my encouragement, people are only going to "enjoy" their bookkeeping just so much. The tendency will still be to put it off for as long as possible. But beyond losing the valuable information from their reports during that period, that sort of procrastination will also drastically decrease the likelihood of the task ever getting done at all.

That's the biggest trap we see people fall into. They keep delaying doing their books, and the amount of work snowballs. Spending 20-30 minutes doing something you dislike is bad enough. Spending an entire day or more catching up seems unbearable.

So, do it in small bites. Input your transactions monthly or, ideally, weekly. It takes very little time, you're actively managing and tracking your finances, and it prevents the work from building up on you.

4. Utilize software.

Accounting software has come a long way in the past decade. Many services tie directly into bank and credit card accounts – downloading all of the transactions into the accounting program. Not only that, but they learn over time to which expense category each vendor is tied, which further automates the majority of the process. [Not sure which accounting software is right for you? Check out our reviews and best picks.]

We don't have to sit down with a pencil, paper and abacus. We should utilize all of the tools available to us to streamline the process.

5. Hire someone else.

If nothing else works, just hire someone to do it. We often tell our clients, "We don't care who does it. You can do it, we can do it for you, or you can hire someone else to handle it. If doing it ourselves is simply not working, we may need to delegate the work to someone else. What matters is that it gets done."

The information generated by your company's books is too valuable to delay or ignore. The health of your business is ultimately at stake, and sticking your head in the sand or habitually procrastinating can be a fatal business mistake.

Ask These 4 Questions Before Hopping on the Blockchain Bandwagon

Posted: 23 May 2019 07:00 AM PDT

Now, we live in a time when there is an app for any productivity issue. We can choose from thousands of solutions, each boasting impressive features that help people accomplish more in less time. One such solution that's making waves is blockchain.

Aided by the meteoric rise of bitcoin, blockchain has technological applications that make it a viable resource for any number of industries in which transparency matters. As the food services and healthcare fields show, though, blockchain and technology in general is not a silver bullet. While it has potential to effect change, blockchain can't be the cure-all you might expect if you don't apply the necessary context.

Seeing through the supply chain

Supply chain transparency is a must, especially as it relates to food and health. Take, for example, E. coli. A 2015 outbreak of the bacteria contaminated Chipotle restaurants across 11 states, and E. coli concerns led to three recalls of romaine lettuce in 2018 alone. Recalls, besides being a major health concern, pose the single biggest threat to food vendor profitability, according to Food Safety Magazine.

In healthcare, opaque supply chains lead to other issues. Stolen prescription drugs are contributing to a well-documented opioid crisis in the U.S. In addition, fraudulent billing costs around $455 billion worldwide.

While blockchain can help each industry prosper, there are still questions that both healthcare and the food industry must address as to how blockchain aligns with their goals. For leaders in other industries considering blockchain adoption, ask yourself these four questions to determine if it'll yield the results you envision.

1. How important are product quality audits?

Blockchain has the potential to serve as a global supply chain operating system. If your business sells high-quality goods and it's vital to know where they are every step of the way, blockchain could prove beneficial.

Blockchain promises to document the journey of a product from its raw materials to the finished item sitting on a retailer's shelf. Each time the product goes from one supplier to the next, the transfer is documented in the ledger. According to some experts, benefits could include a reduction in the number and duration of delays, the elimination of human error, and cost savings due to increased supply chain efficiency.

Take a look at where your company stands in quality assurance throughout the supply chain. Analyze the numbers in terms of delays and errors, determine what blockchain can do to solve each, and then decide whether your savings justifies your investment. [Related: 4 Steps to Take Before Integrating Blockchain]

2. Do multiple vendors in your industry supply the same product?

Say Home Depot has three suppliers of the same faucet. When customers run into issues, how does Home Depot find out where the faulty products originated? In fact, the home improvement retailer is currently developing a blockchain initiative to solve such issues, and the benefits don't stop there. According to CFO Carol Tomé, there's occasionally a disparity between what suppliers say they provide and what the company receives.

Do a spot check to see which vendors provide what products and figure out whether any redundancies exist. If enough instances occur, analyze how they affect your bottom line and how blockchain might improve or worsen the situation.

3. Is it important to know where your products originate?

For food vendors, blockchain brings traceability to formerly opaque supply chains. When unsafe products are spotted, they can be quickly linked to a source, producing numerous benefits. In addition to halting the spread of contaminated food and possibly saving lives, blockchain can help companies reduce pricey product recalls and preserve their public image.

If your products are consumed or could impact the user's safety, a traceable supply chain could be a major advantage. Blockchain can be a valuable resource for companies that pride themselves on using sustainably grown or acquired products. If yours does the same, consider making the investment.

4. Is your industry burdened by customer data?

The advent of Europe's General Data Protection Regulation – and similar legislation pending in the U.S. – means that companies must keep firm control of consumers' personal data. A failure to do so can lead to crippling penalties and loss of public trust. Blockchain allows companies to verify customer information without ever exposing it to theft or loss.

Without the burden of compliance and data protection, overhead costs for small businesses can be significantly reduced. If your business currently stores customer information and is struggling to adequately protect it, blockchain could revolutionize the way you conduct transactions.

Ultimately, blockchain is about trust. When customers have faith in you and you trust your suppliers, everybody wins. The current blockchain momentum is undoubtedly driven by hype, but that doesn't mean the tech can't make its mark in a big way. Just figure out if it will make a mark with you.

Okta Apps for Good: How to Embrace Social Responsibility

Posted: 23 May 2019 06:00 AM PDT

More and more corporations are prioritizing social issues as part of their mission. Corporate social responsibility (CSR) is a growing trend where businesses engage with their communities, provide volunteer and donation opportunities to employees and stand behind important social causes. Okta, the popular single-sign-on (SSO) solution, is one of many companies that's not only embracing CSR but is providing a platform for other businesses to get involved as well.

"At Okta, we've always been committed to giving back to the communities in which we live and work, and we consider it our role to enable the millions of people who use our products to do the same," said Frederic Kerrest, chief operating officer and co-founder of Okta, in a press release. [Want to know more about corporate social responsibility? Check out our explainer.]

If you use Okta, it's worth looking into Okta Apps for Good. These applications can be "seamlessly" integrated into your current dashboard so your employees and business can engage in important social advocacy and help. The benefit of CSR can go beyond just helping people in need. A study from YourCause and Blackbaud found that companies engaged in CSR programs saw a 50% reduction in employee turnover. CSR programs can have a 13% increase on productivity, and 75% of millennials said they would take a pay cut to work for a socially conscious company. If you're interested in standing behind a good cause and bettering your business, Okta Apps for Good can be a good way to get started.

How Okta Apps for Good is pushing CSR forward

Okta is already the technology epicenter for many businesses: payroll providers, email clients, content suites and learning platforms are all routed through this SSO provider. By embracing CSR and providing more solutions for small businesses, Okta is taking necessary steps toward being a leader in the space.

It includes several CSR solutions, including Benevity, Bright Funds, CareerVillage.org, Kiva, VolunteerMatch and YourCause. If companies want to add their services to the Okta platform, Okta for Good has a integration accelerator program where those services can be added. There are several benefits to partnering with Okta, according to the company, like the ability to highlight your new integration in various places through the Okta network.

For a more hands-on look at Okta for Good, here are three integrations that could have a direct impact CSR for your small business.

Examples of Okta for Good apps

1. Volunteer Match

Volunteer Match is a service that can match your employees with volunteer opportunities. It works with more than 100,000 nonprofits and offers customized homepage designs, easy-to-use reporting and top-notch client support. There are also several helpful case studies on its website, so you can get an idea of how this service can help your business.

2. Benevity

Benevity is a CSR service that helps companies get started in finding and executing a corporate mission. It can help build giving programs, volunteering campaigns and integrated grants solutions. These grants solutions can help business connect directly with their communities. To learn more about how Benevity can help your business, you can visit its website.

3. Kiva

Kiva is a crowdfunding platform where aspiring entrepreneurs can connect with organizations and businesses to fund their ventures. Kiva isn't a standard online lender, however. It connects socially minded entrepreneurs from 81 countries to capital from a variety of different organizations. Kiva is a good way to invest in a business that can address a cause or social issue. For more information, visit the company's website.

What Is Formjacking and Is Your E-Commerce Site at Risk?

Posted: 23 May 2019 06:00 AM PDT

It happened to British Airways in 2018, when data from 380,000 customers was hijacked for resale online, and it happens to smaller businesses, too. Here's what you need to know about this threat and how to protect your e-commerce website.

What exactly is formjacking?

Formjacking is a trending type of data breach that showed up on data security investigators' radar in 2018. One security firm alone blocked 3.7 million formjacking attacks against its clients last year, and an estimated 4,800 online stores get formjacked each month. That's because formjacking is easy to do, hard to spot and makes money for thieves.

All it takes to hijack an e-commerce checkout form is inserting malicious JavaScript code. That code captures any payment data that customers type into those fields and sends it to the attackers running the scam – all without disrupting the website's order process. 

The data that's skimmed gets sold on the dark web. The data formjacked from the British Airways site sold for as much as $50 per record – it included CVVs, expiration dates and customers' personal data. That information makes it easier for CNP fraudsters to buy things online, because stolen card numbers usually have to be tested to match them with security codes and expiration dates.

What type of websites do formjackers target?

Major e-commerce sites like BA and Ticketmaster have been formjacked. But formjackers seem to prefer small and medium-sized online businesses, because they often have weaker cybersecurity programs than large e-commerce sites. 

In particular, formjackers look for sites with lots of customer traffic, to steal as much data as possible in the shortest amount of time. That means peak shopping seasons can become peak formjacking seasons. And these criminals look for sites that use third-party apps and plugins, like customer service chatbots and satisfaction surveys. The extra code on the site makes it easier to camouflage their embedded malicious snippets, or to corrupt the third-party code.

Formjacking creates data breach nightmares

Formjacking attacks erode customer trust, drive shoppers away and damage brands. One negative shopping experience can prompt 63% of consumers to shop somewhere else, and having their card data quietly stolen is definitely a bad experience. And the more formjacking attacks there are, the less confidence shoppers will have in the safety of buying online, which is why everyone in the e-commerce ecosystem needs to be concerned about this trend.

In BA's case, the formjacking breach generated ill will among customers. It also generated a lot of negative publicity, as headlines updating the number of affected passengers came out over a span of weeks. The cost to the airline isn't clear yet, but it will be steep. In addition to reimbursing customers for losses directly related to the formjacking, BA faces a potential GDPR fine of up to $646 million

How can you protect your website from formjacking?

Security experts say formjacking is very hard to spot. The corrupted forms still work as they should – customers place their orders and those orders go through, so it appears on the surface that nothing is wrong. In theory, it's possible to right click on a web form in a browser and look at the code, but it's often hard to pick out the malicious snippet from legitimate code, especially if there are lots of add-ons on the site.

One way to spot a possible formjacking in progress is to look for data unexpectedly leaving your site. PC Magazine recommends checking your site's firewall dashboard for new or otherwise suspicious-looking outbound traffic going to a location you can't identify. If you see something like this, it's time to immediately scan your site for malicious code.  

Regular or continuous scans for malicious activity are important, even if you're not always watching your outbound traffic. A comprehensive security program is a must for e-commerce sites. So is a practice of quickly patching and updating software when vulnerabilities are announced. However, many businesses leave critical security vulnerabilities unpatched for three months or more. That puts them at risk for formjacking and other types of data breaches as well. 

Finally, trust but verify. Make it a practice to scan all app and plugin updates from your third-party services to ensure they're not corrupted by formjacking code. As criminals get more sophisticated and creative in their methods, online store owners need to stay vigilant and recommit to following best practices for data security and fraud prevention. Traffic monitoring, proactive site scans, and rapid patching can protect your store's revenue, reputation, and customers.

How to Improve Your Small Business's Cybersecurity in an Hour

Posted: 23 May 2019 05:00 AM PDT

Statistics show that cybersecurity is a legitimate threat to small businesses, but small businesses don't always act on that knowledge. According to the 2018 Hiscox Small Business Cybersecurity Report, 47% of small businesses experienced an attack in the past 12 months. Cybersecurity is a serious concern, yet the report shows only 52% of businesses have a cybersecurity strategy.

Why don't small businesses care about cybersecurity? It's not fair to assume that small businesses truly don't care about it, but they do often ignore cybersecurity concerns. Even with alarming statistics and articles on cybersecurity tips for businesses available, smaller firms seem to consistently overlook the risk of cyberattacks.

Logically, this makes sense. While cybersecurity threats can be as bad as physical security threats, the threats aren't always obvious. While bad password protection and poor site maintenance may leave your business vulnerable to attack, there isn't the same clear threat as there is when you leave your store unlocked or someone is suspiciously walking around your business.

Unfortunately for small businesses, this "out of sight, out of mind" mentality can have horrible consequences. If you fail to protect your business from cybersecurity threats, you may lose critical company information while also damaging your brand and losing money. Cyberattacks can occasionally be so bad that you ultimately go out of business.

"Small business owners cannot think their business is too small to be hacked," said Monique Becenti, product and channel specialist at SiteLock. "While the breaches that make headlines tend to be associated with large enterprises, no business is immune to cyberthreats."

One of the big reasons small businesses avoid putting resources toward cybersecurity is a lack of understanding and concern. Just the term "cybersecurity" sounds complicated. Luckily, there are experts out there who know how to tackle the topic. Business News Daily reached out to cybersecurity experts for ways small businesses can improve their cybersecurity in just an hour or less. Protecting your business doesn't have to be a daunting task. [Interested in internet security? Check out our best picks for software and reviews.]

1. Perform a cybersecurity audit.

Start by figuring out where your business stands. Are you well protected against cyberthreats? Are you secure in some areas but lacking in others? It's best to start by understanding where you can improve.

"While most measures that a small business can take require more than an hour to implement, it may be worth spending an hour doing a quick audit of what cybersecurity measures you already have in place," said Heather Paunet, vice president of product management at Untangle, which provides network security to small businesses. "Cybersecurity includes policies alongside systems. Formulating an acceptable use policy for devices, data and the network can be an important first step if you don't already have one in place. If even this is too daunting, spend the hour locating an IT professional in your area who can help you out. Many MSPs now offer cybersecurity alongside other IT services."

Paunet's suggestion is one small businesses should follow. If the reason your business avoids taking cybersecurity measures is a lack of knowledge, there are plenty of knowledgeable people out there willing to visit your business, either for a training or to share options for cybersecurity plans. Ignoring cybersecurity because your team lacks technical knowledge isn't a legitimate excuse.

If you're strapped for time or have a remote team, you can take online cybersecurity classes to better train your team and also to understand in what areas your business lacks online protection. These are a few of the top free online cybersecurity classes:

  • SANS Cyber Aces Online – This is one of the top options for beginners, as much of this content is as basic as it gets. If your team is lost when it comes to cybersecurity, consider taking advantage of this free course.
  • Cybrary – The free access to Cybrary includes about 500 courses related to cybersecurity and IT. The courses are sorted by difficulty, which makes it easy to know which courses are best suited to you.
  • Springboard's Foundations of Cybersecurity – This free course includes a whopping 38 hours' worth of materials. You don't need to watch all of it to gain a better understanding of cybersecurity best practices. If you go through an hour a week, you'll gain tremendous insights, and it will only take about nine months.

2. Train your employees to recognize common cybersecurity threats.

The quickest way to protect your business from cyberattacks is to properly train your employees. Some businesses might picture an overseas hacker taking extraordinary measures to break into a small business's network, but that's not usually the case. In many scenarios, a basic phishing email can compromise your small business. Basic safety measures often prevent attacks from being successful.

"If SMBs spent one hour training staff on basic internet hygiene – spotting phishing emails, good browsing practices, not downloading suspicious files or clicking links – cybersecurity would be greatly improved," said Sean Allen, digital marketing manager at Aware. "Employees and emails are still the No. 1 causes of breaches for SMBs – no need to worry about master hackers."

For small businesses wondering what the different types of cyberattacks are, we've outlined them in our small business guide to cybersecurity. Among the most common types of cyberattacks against small businesses are phishing attacks.  

Phishing is a lot like it sounds. When people catch fish, they use bait to lure them close. When the fish gets close, it bites the hook with the bait on it, which then causes a pull on the fishing line, and the fisherman knows to reel the fish back to the boat. Phishing emails work similarly in the sense that the cybercriminals try to trick users by using bait, often in the form of an email.

For example, a cybercriminal might create a fake email address that closely resembles that of your CEO. (We've seen this a few times at our company.) The email may say something like, "Hi, message me immediately with your cell phone number. I need your help on a project and want to give you a call." The goal of this email is to get you to think you're emailing back and forth with your CEO. This gets you to send personal information to the hacker without even realizing it's a threat.

Other phishing attacks ask for more personal information, like your credit card number. It's a good rule of thumb to avoid sending personal financial information over email. In most instances, you can share personal information with companies or people over the phone or in person. Phishing is one area where training your employees can prevent crippling cyberattacks.

Businesses should also be prepared to prevent ransomware attacks, which occur when malware infects your computer and locks it down until a ransom is paid. Using anti-malware software is a quick way to prevent these attacks. It's a good idea to back up all files. It's also important to never pay the ransom should your business be attacked.  

3. Improve your password strength to avoid brute-force attacks.

If you're looking for one place to start improving your cybersecurity measures, make it passwords. Way too many employees and executives use passwords that are easy to hack. To make matters worse, they often use these passwords across several platforms and websites. If that one password is compromised, the potential harm increases exponentially. It's best practice to have different passwords for different sites.

"I would recommend changing your password to a complex password (yes, take time to include letters, numbers and symbols in your password!)," said Taylor Toce, CEO and founder of Velo IT Group. "The simple act of changing your password will lock out anyone who might have it. For example, if your password was compromised as part of a security breach, or if you simply shared it with one too many co-workers, you can tighten the security on those accounts by just using a new password. Further, a complex password is your best defense against the very common dictionary or brute-force attack methodology, which is widely exploited today."

Brute-force attacks are when hackers run automated programs that plug in a variety of potential password combinations. A dictionary attack is a form of brute-force attack that tries every word in the dictionary as a potential password. Brute-force attacks are particularly effective against companies with obvious username information and simplistic passwords.

Strengthening your organization's passwords immediately reduces the risk of a successful cyberattack against your business, and it doesn't take long. It can take just a few minutes to change a weak password to a secure one.

"All passwords should have at least 10 characters or more, including at least one uppercase, one lowercase, one number and one special character," said Myles Keough, CEO of Spade Technology.

Long passwords with different symbols and capitalization of letters tend to combat brute-force attacks. A fix as simple as changing your password can prevent a cyberattack. Using strong passwords is a critical step in the early process of improving cybersecurity.

4. Implement multifactor authentication on business accounts.

"One 'quick win' for small business owners is setting up multifactor authentication on their accounts, especially those related to financial transactions," said Stacy Clements, founder of Milepost 42. "Multifactor authentication provides an extra layer of security beyond a username and password to protect your accounts, usually by requiring you to enter a code sent to your mobile device or provided by a separate hardware security key. Most banks and credit card online services offer this capability, as do most email and social media services. Enabling this extra security protection takes only a few minutes and protects your important accounts by helping to ensure that it's really you accessing the account, not a cybercriminal who stole your password." 

Multifactor authentication is a great way to add a layer of protection when logging in to certain programs. As Clements mentioned, this practice is commonplace in today's digital world. Two-factor authentication isn't hard to implement or look for in tech products, and using it can help prevent cybersecurity attacks.

Improve your cybersecurity measures in an hour.

Introducing and implementing a complete cybersecurity program takes more than an hour. You won't be completely safe from attacks by making a few quick changes, but you can take drastic strides forward in 60 minutes or less.

There's no excuse for small businesses to completely ignore cybersecurity in 2019. According to SiteLock's annual security report, the average website is attacked 62 times a day. While that applies to larger enterprises as well, small businesses are subject to attack. Your business can and should protect sensitive data by making a handful of quick changes.

Sustainability Is Changing How We Do Business ... For the Better

Posted: 23 May 2019 05:00 AM PDT

The idea of going green to succeed in business is a relatively new one. In previous generations, it was enough to simply sell a quality product or service. Customers didn't ask about supply chains, livable wages or carbon footprints. Whether a company was run ethically was entirely up to its board of directors.

This all changed once millennials began to flex their buying power. And, yes, millennials actually do have buying power – they may often be labeled as perpetually broke, but millennials make up one-quarter of our population and are expected to spend $1.4 trillion in 2020.

While our nation's avocado-loving youth has been accused of killing everything from cereal to homeownership, millennials have undoubtedly brought sustainable business practices into the spotlight. Their penchant for living green and buying local, compounded with growing concerns about climate change and social equality, has prompted a growing number of businesses to find more ethical, sustainable ways to be successful.

Here's how sustainability is transforming business all the way from the consumer to the investor.

Consumers are supporting their values with their credit cards.

From the great straw ban of 2018 to the backlash against Nike's Kaepernick campaign, consumer spending is increasingly tied to personal beliefs about everything from environmentalism to fair trade to political loyalties. An Edelman study spanning eight countries found that 64% of consumers are belief-driven buyers, meaning "they choose, switch, avoid, or boycott a brand based on its stand on societal issues."

While it might feel polarizing to find your business on the downside of a controversial issue, it could be a boon for your business and your cause if your stance resonates with your customer base. In fact, 89% of consumers are likely to switch brands to one that is associated with a good cause, and 66% are even willing to pay a premium for more sustainable goods.

Insincerity will get you nowhere, though. It's crucial to choose a mission or cause that you feel passionate about and can support through your business. If you choose well, your impact will feel like a natural extension of your business. Take Patagonia, for example. The company specializes in quality apparel and packs for outdoor sports and is one of the biggest proponents of environmental programs. Since 1985, Patagonia has given over $100 million to grantees supporting the preservation and restoration of natural environments. Supporting causes that tie in directly with its products enables Patagonia to raise awareness and share its good work without sounding inauthentic.

Sustainability is changing how we do business.

Ever heard of a B Corp? More than 2,500 companies in 64 countries are now certified B Corporations, meaning they meet standards of verified social and environmental performance, public transparency and legal accountability.

The B Corp framework is often known as the triple bottom line (TBL or 3BL), a model that balances an organization's financial performance with its commitment to meeting social and environmental goals. This three-pillar approach – profit, people, planet – redefines how success is measured.  Meeting fiscal objectives isn't enough – a company must also make a positive impact on its staff, community, industry or even ecosystem.

B Corps aren't just the hippies next door either. Ben and Jerry's, Kickstarter, Hootsuite, and Tom's of Maine are all B Corps. 

But do B Corps perform as well as their less sustainable counterparts? You bet they do. An in-depth Nielsen study found that sales of consumer goods from brands with a commitment to sustainability grew more than 4% globally over the previous year, while brands without sustainable claims grew less than 1%. Sustainable companies also tend to perform better in a bear market: Although the S&P 500 lost 4.2% during 2018's volatile market, Barron's 100 Most Sustainable Companies lost just 3.2%.

Investors are jumping on the bandwagon with ESG investing, a strategy centered on buying stock in environmentally and socially responsible companies. In early 2018, $11.6 trillion of all professionally managed assets were under ESG investment strategies. ESG investing continues to grow. An October 2018 Deutsche Bank study noted that managed ESG-focused assets are expanding at 20% each year, and BlackRock has predicted they will swell to $400 billion in the next 10 years.  

Sustainability isn't just a corporate initiative. 

It's time to go sustainable. And whether your business is big or small, there's no shortage of environmental causes, community organizations, and charitable opportunities to support. It's easier than ever to make a positive impact.

The buy-one, give-one model popularized by companies like TOMS and Warby Parker has become a mainstay in sustainable organizations. Every time Handsocks sells a pair of mittens, the Virginia small business donates to Orphan's Promise. And Washington, DC-based Soapbox gives a bar of soap to a person in need for every bar purchased.

If a one-to-one model isn't manageable at this stage of your business, start small and simply do what you can. There are countless ways to help your community or protect the environment: Sponsor a local sports team, donate items to a nonprofit, offer discounts for senior citizens, fund the new playground at your local park, switch out Styrofoam containers for paper-based products, organize a beach cleanup event, streamline your distribution processes to be more eco-friendly.

The future looks green.

There will always be differing opinions about how to start and grow a business, but one thing is certain: Implementing sustainable practices will never be wrong. Leaving a legacy of equality, environmentalism, and purpose for the next generation of business owners is a far better achievement than just hitting a lucrative bottom line.
Posted by: at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)