Five facts I’d bet $1,000 on

Immediately stop what you’re doing and start panicking!!! Statements such as these seem to be pervasive in the marketing of IT security products. And for good reason, nothing sells quite like fear. However, instilling hysteria has its drawbacks as eventually people stop listening when the doomsday scenarios outlined fail to manifest.

So what would happen if we took a practical and realistic view of cyber-security threats to online banking? Quite frankly, the available data shows us that online banking fraud is on the rise, particularly for commercial customers. The main concern for small and medium sized businesses is Corporate Account Takeover: a type of business identity theft where sophisticated malware is utilized to infect the account holder’s computer and steal log-in credentials, hijack web sessions and perpetrate electronic wire fraud.

A key factor to understand is that hackers are not targeting the banks themselves, but committing fraud by infecting the bank’s customers. In order to deter fraud, online banking users themselves need to increase security controls related to online banking. Why should they do this? Because the following five facts tell us so. They are absolutely 100% true, researched, verified and I would bet $1,000 on their legitimacy*. (*not really, because it’s illegal.)

1. The effectiveness of antivirus is decreasing

Antivirus has been the leading malware defense for decades, however, most of today’s solutions are simply unable to deal with the sheer amount of malware being created and the levels of sophistication employed.  Studies conducted by Palo Alto Networks and Cyveilance both showed that antivirus solutions are able to identify approximately 60% of malware, on average. Even Symantec, one of the pioneers of antivirus has admitted that the future of cyber security will not include antivirus in its current form.

Even more alarming, is that financial malware is more difficult to detect.  MRG Effitas studied the identification rates for a leading strain of financial malware, ZueS, and found that over the course of the 60-day study, the average detection rate was 40% at best, and then declined.  This means that account holders will not be able to detect that they are infected 6 out of 10 times.  The $121,000 Alta East lost is a prescient warning of the consequences of malware going undetected.  In this instance, Alta East’s IT staff scanned the allegedly infected computers with 6 different antivirus tools, none of which were able to find the virus.  It wasn’t until the hard drive was inspected in an isolated environment by a forensic researcher that ZueS was detected based on the behaviors exhibited.

2. There needs to be more than a firewall between adversary and asset

Ted Williams made the hall of fame with a lifetime batting average of .344, but unfortunately for your firewall there isn’t the same margin for error.  Your firewall can block 99.99% of malicious traffic and still cost your company $100,000+.  It only takes one failure for a catastrophic Corporate Account Takeover attack and even the best configured firewall on the planet has at least one vulnerability at some point in time.

The authors of modern malware understand how firewalls inspect traffic and thus program their malware to send data in a manner which will be allowed to pass through. One of the more common ways is to disguise malicious commands as common web traffic.  For instance, by having the malware communicate with a blog on Yahoo, to a firewall it looks as though a user is browsing a trusted website and not malware.

3. Human error will lead to network infections

In the cast majority of fraud cases, a general employee made a critical mistake which allowed hackers access to critical computers and data.  The techniques used by hackers have been perfected overtime and can fool even the technology savvy.

Despite educational efforts, phishing remains an alarmingly effective tactic.  According to a report by Verizon it only takes a campaign of 3 emails to give hackers a 50% chance of getting someone to click the link or open the attachment.  Sending out 10 emails increases the odds to over 90%.  A 20 email campaign gives near certainty of attaining at least one victim.  Making matters worse for IT staff, half of those will occur in the first 12 hours.

Hackers are also creating attacks which present fake pop-ups during online banking sessions asking the user to re-authenticate.  These attacks are extremely successful, because users assume once they are inside an online banking portal, the request is legitimate and will re-enter all information including one-time token-generated passwords.  Cybercriminals are constantly monitoring these feeds and will log-in in seconds after the user complies and types in their info.

While this may sound like true blasphemy, we need to recognize that IT staff will also most likely make errors which can lead to security breaches and CATO attacks.  Consider the Target breach where a highly funded, extremely sophisticated staff made several critical errors which opened network vulnerabilities to attackers.  In this case, credentials granted to a vendor were utilized to access different network areas which means that IT staff failed to isolate sensitive assets.  There is also evidence that IT staff failed to respond to multiple warnings from the intrusion detection system.  It is imperative that IT remember that they too are human and can make mistakes.

The most devastating mistake which can be made is the belief that a business is secure and that traditional defenses will provide requisite protections.  The National Cyber Security Alliance released a survey where 66% of the respondents stated that they believe they are safe from cyber-attacks.  77% responded that they’ve never been hacked.  In nearly every case, those assumptions simply don’t hold up to validation.  Mark Eich of Clifton Larson Allen agrees, “we see people who think they are secure and we can go through their protections like a knife through butter”.  It’s not uncommon for security audit firms , such as Clifton Larson Allen, to conduct penetration tests where they attain complete domain control in 20 minutes or less.

4. Cyber-fraud is going to get worse

Ask any industry expert and they will tell you cyber-fraud is only going to get worse.  Aite Group predicts that CATO losses will grow from over $400mm in annual losses in 2012 to over $800mm by 2016.  Research indicates that fraud losses exceeded $523mm in 2013, which means that actual fraud outpaced projections by 46%. The growth in fraud is fueled by more and more cyber-attacks.  Symantec reported that attacks against small to medium sized businesses doubled in the first half of 2013.  Supporting that study, The White House Cyber-Security Coordinator stated that 85% of cyber-attacks are targeting small businesses.  These attacks are frequently targeting financial data and the FDIC lists Financial Malware as the #1 fraud threat.

In Corporate Account Takeover, cybercriminals have found a way to make quick cash from their exploits.  Because this type of fraud is so successful and lucrative, there will be more attacks.  Not only will current cybercriminals escalate their attacks, but new fraudsters will join in after seeing the large paydays being attained by their peers.

Another large factor contributing to the rise in online banking fraud is the advances by hackers in infecting large amounts of computers effectively and easily.  Yahoo recently reported that their European homepage had been compromised and those that had viewed their site could be potentially infected with ZueS.  At the time of the attack, Yahoo was experiencing over 300,000 visitors per hour and low-end estimates are that over 29,000 computers were infected.  This is a tactic which is gaining popularity among hackers and will continue to occur.  Several other large websites have experienced similar compromises including: LATimes.com, MSNBC.com and even the Star Tribune.

Some will breathe easier as banks roll out advanced authentication methods to deter attacks.  However, many of these solutions are already legacy technologies which can be easily bypassed by sophisticated criminals.  Tokens are a very popular security measure being implemented by U.S. financial institutions, yet have several high-profile cases where they failed, including: Experi-Metal ($560,00), Lifestyle Forms & Displays Inc. ($1,200,000) and Efficient Services Escrow ($1,500,000).  Security tokens, when used effectively, will drastically mitigate the chances of fraud.  However, they will not eradicate the risk completely.

5.  Your company is likely to fall victim unless there is a specific security plan for online banking

There is one commonality in every Corporate Account Takeover attack: either the victim believed themselves to be secure, or simply didn’t care.  A critical fact every organization must realize is that standard IT protections are simply not enough to deter Corporate Account Takeover attacks and there must be a specialized security plan in place specifically for online banking.

The other common denominator in every CATO attack – infected computers.  Because of the amount of money at stake, it is imperative that organizations properly secure the computers used to access online banking.  One of the commonly shared best practices is to dedicate a single computer to access online banking which is segregated from the rest of the network.  This computer’s sole purpose is to conduct online banking sessions and is not used to access email, surf the web, etc.

In lieu of a dedicated device, online banking users can utilize specialized software, such as Wontok SafeCentral, which provides the same benefits at a fraction of the cost and none of the inconvenience.  Through patented technologies, SafeCentral will render any malware on the machine inoperable during an online banking session and thus providing a clean environment for every transaction.

In addition to technological controls, online banking is a specialized function and requires administrative controls as well.  Best practices include:

–          Balancing and reconciling account balances on a daily basis

–          Utilizing administrative controls: such as debit blocks/filters, ACH positive pay

–          Utilizing dual control where one user initiates a transaction and another verifies

–          Performing self-assessments of security controls and reviewing them with your bank

Searching for the Silver Lining in the Target Data Breach

If every cloud has a silver lining, what good could possibly come from breaches at major retailers which exposed millions of Americans to potential card fraud? The positive implications for US financial institutions is that the breaches at Target, Neiman Marcus and Michael’s have woken up their customer base to cybersecurity threats. This awareness fosters the FFIEC-mandated educational programs by providing account holders who are now sure to be active listeners to the dangers of Corporate Account Takeover; a type of business identity theft where the computers used to access online banking are infected with highly sophisticated malware to perpetrate electronic wire fraud. With nearly every media outlet reporting the grisly details, there has never been a better time to educate commercial account holders about the risks associated with online banking, particularly phishing attacks.

The Target breach began when a vendor fell victim to a phishing attack and entered their network credentials into a malicious website controlled by hackers. This gave hackers authorized access to spread their malware onto the servers and systems which controlled the point of sale systems. This tactic is analogous to Corporate Account Takeover (CATO) attacks because online banking credentials are essentially authorized access into a bank’s network. A long-held belief in IT security that the easiest and least detectable way to gain unauthorized access into a system is to leverage someone else’s authorized access. The consequence for online banking is that account holders have that authorized access and thus are, and will continue to be, the most attractive target for cybercriminals. For why would hackers bother learning how to pick a commercial-grade safe when users can be tricked into simply opening the door for them?

Unfortunately for banks, and their customers, the phishing attacks which started the Target breach are alarmingly successful. Verizon’s Data Breach Report showed that if attackers send out just 10 phishing emails, they have a near 100% chance of at least one victim clicking the embedded link or opening the attachment. Making matters worse, half of those clicks will occur within the first 12 hours. There are several reasons phishing attacks still work. First, embedded links in phishing emails inherently want to be clicked. After all, humans are curious by nature and that is exactly what links were designed to do. It takes training to resist the habit of following a link or opening an attachment. Secondly, hackers are refining their techniques and phishing attacks are looking more and more legitimate. Lastly, while banks have invested a lot of resources into educating their commercial account users on phishing emails, the remainder of their co-workers at those accounts have not received the same training. The Target breach demonstrates that for fraud to occur, it only takes one user being tricked into giving away credentials to open the door to the entire network.

The amount of news stories focused on cyber-breaches demonstrates that not only is mainstream media becoming more comfortable delving into technical topics, but also that there is an eager audience awaiting that information. Major retailers across the country have paid the tuition, in full, for the education of each and every online banking user. There has never been a better time to educate online banking users on the threats which exist, the counter-measures available to them, and how critical they are in the fight to deter fraud.

7 Things to Watch for in Windows 7

If you follow computer operating system news, you might have noticed the conversations in some technical circles about Microsoft’s next operating system called Windows 7. This new Windows version is due out in the fourth quarter of 2009 and it includes some interesting and useful features.

It appears that Windows 7 is going to be a good one. At least that is the early consensus from those in the hallowed halls of IT. Windows 7 RC1 (Release Candidate 1) is being put to the test and here are seven (imagine that) things that are liked about this new operating system:

1) Windows 7 Action Center

No, this is not a news desk on your local TV station. This is a centralized location from which management of user security, troubleshooting, and recovery issues can be performed. All of these features were included in prior versions of Microsoft Windows, but you had to go to separate places to get to them. Now, this application brings them all together under one roof. Brought over and expanded from Windows Vista, this is one improvement that is sure to please.

2) Windows 7 Problem Step Recorder

Have you ever had a problem with your computer that keeps on happening again and again? If you cannot connect remotely to a help desk or other source of support, you cannot accurately describe what is happening. Now, you can use the Problem Step Recorder (PSR) and record all of the screen pictures, keystrokes and mouse clicks and save them into an MHTML (web) document that allows you to send it as a zipped (compressed) file to those who can help you.

3) Windows 7 ISO burner

The term ISO is a name for an image (software capture) that is created for the purpose of distributing software to computers. Mainly used to create CD’s, the ISO standard has been around for a while. But in the past, Windows versions did not have a utility that allowed you to burn this directly to a CD or DVD. Now you will find this useful applet included in the operating system right where it needed to be all along.

4) Windows 7 Credential Manager

Ever get tired of managing multiple user names and passwords? The new Credential Manager is better than Windows Vista’s User Accounts applet. It allows for secure storage of passwords and credentials in the Windows Vault that gives you access to other computers, websites, email accounts, etc.

5) Windows 7 Text Tuning and Color Calibration

In your use of Windows, getting things to look right on your monitors can sometimes be a chore. What resolution do you use? What if you want to use a resolution that does not look right on the screen? Now you can adjust that with this Control Panel application. This is particularly helpful if you have more than one monitor, because you can adjust each separately. It actually lets you compare text and colors on your monitor and pick what looks best to you.

6) Windows 7 System Repair Disk

Different Windows versions have included some repair features in the past, but nothing like this. This feature provides a very user-friendly graphical interface that allows you to create a CD or DVD that is bootable and contains files that can help you fix problems with your Windows Installation. You can access system recovery options even if you don’t have or can’t find your original Windows installation disc.

7) Windows 7 Backup and Restore

In Windows XP System Restore was perfected. But backup remained limited in its features. In Windows 7, backup features have been greatly improved and combined with restore functions to allow for a better overall experience in these critical areas.

Windows 7 includes many other new and improved features over prior versions of this operating system, but these are 7 of the most commented-on by early adopters.

Free Windows Operating System Support Tools

Whether you are an automotive mechanic or a top IT professional, you need to have the right tools for the job. Unlike an automotive mechanic however, you don’t have to spend tens of thousands of your hard earned dollars on the tools you need. The basic tools you need for IT and PC support duties on the Windows operating system, are free to download from CNET.com. Below are but a few examples:

HwiNFO32

One of the first things you need to determine in any type of support operation is what the machine you will be working on is made of. HwiNFO32 is a hardware recognition utility that will provide you with all the specs and information you need, and then some; from what type of CPU it has to hardware performance parameters.

Ccleaner

A very common support tasks is cleaning the system of unused files and invalid registry entries, providing for more available disk space and faster overall performance. Cclneaner will do an excellent job at that as well as totally cleaning out the browser history and even uninstalling applications.

Recuva

Often times you will be in a situation where you need to recover lost or deleted files. Recuva was developed for just that purpose. It has a simple to use wizard type interface and can restore all types of files from simple text documents to videos, and everything else in between. You can restore files from removable disks and thumb drives as well as restore files that were deleted by viruses and crashes.

Defraggler

When a computer system is running slow a disk defragmentation tool should help speed things up quite a bit. When a computer file is created it is broken up into pieces and spread out throughout the systems hard drive. When the file needs to be retrieved it needs to be pieced back together. Defraggler will basically line up all the pieces together making the system perform better. It has an easy to use interface that allows you to pick and chose either various files and folders to defragment or the entire drive. You are also allowed to determine where on the drive you would like to store particular files, as well as scheduling the procedures to take place in the background as it can take quite some time to perform.

7-Zip

Many support tasks will require the use of compressed or “zip” files. Compressing the files allows them to be transferred more rapidly and take up less space. 7-Zip will provide no nonsense no frills compression and decompression capability that should suit the needs of almost everyone.

FileZilla

The necessity to transfer files to or from an FTP site or server will undoubtedly arise at some point. File transfer protocol has become the staple method of delivering patches, drivers and hot fixes. Filezilla enables you to perform these tasks with ease.

Almost everyone will find themselves tasked with some sort of computer problem. For the IT support professionals or just the average do it yourselfers there are some tools you just can’t do without, and some cases they just happen to be free.

How to Save on IT Costs During a Recession

Individuals become more frugal as the economy dips into a recessionary period. Businesses who learn how to reduce their operating expenses are far more likely to survive a recession than those who continue to operate “business as usual”. For many business owners, information technology costs are expensive; here are some tips for saving on IT costs during a recession:

Switch to VOIP Phone Lines: Are you still paying high phone bills to make sales calls, handle customer service, or hold teleconferences? This is an expense that almost all businesses can save simply by switching to VOIP lines instead of your landline or cellphone service. From Vonage to Packet8 to Skype, there are numerous options that help you eliminate expensive long distance charges. Most businesses report a savings of around 60% when switching to telephone lines that operate through their internet connection.

Consider Switching to a Less Expensive ISP: Depending on your business needs, you may not require all of the features your current Internet Service Provider is offering. Why pay for something you don’t need? Check other ISP’s to see if you could be saving money.

Consider Dropping Your Merchant Account: Most businesses require a merchant account in order to accept credit cards as payments from their customers. With the increasing merchant account expenses, though, this is often a costly expense. You could still accept credit cards if you switch to an online payment processor, like Paypal, and avoid paying statement fees and monthly fees that are typical of regular merchant accounts. Online payment processors charge a higher fee per transaction than a standard merchant account, but depending on the volume of credit card transactions you may pay less overall than you do with your current merchant account. Run some numbers to see if the savings are significant enough to warrant a switch.

Use a Laptop: If reasonable, use a laptop instead of a full PC. A laptop consumes 90% less energy than the desktop version, and for many businesses, a laptop can do the job as well as a desktop.

Share Stuff: Do you have a computer and printer at every workstation in your office? Sell the individual printers and get a single printer that operates on the network. All computers in the office can print from the same printer and eliminate maintenance requirements on each individual printer, as well as reduce the energy required to power the printers. Think of other computer components that could be networked instead of used individually to further cut costs and set up a more efficient office.

Use Freelancers: When you discover you have a need for someone to complete a project that falls outside the scope of your current employees – instead of hiring another full time or part time employee, consider using a freelancer. Freelancers don’t require office space, do not receive the employee benefits you provide to your current staff, and can be hired on a per-project basis instead of placed on salary.

Downsize Your IT Department or Re-evaluate Your Current Outsourced IT Service: Consider using a flat rate IT support service rather than maintaining a full IT department on payroll, or maintaining a reactive outsourced IT service whose monthly costs are unpredictable. Flat rate IT service providers allow you to budget for and reduce your monthly and overall costs, increase your profits and act as your virtual IT department so you can focus on running your business and not the technology that supports it.

Proactive IT Services Save Small and Medium Businesses Thousands of Dollars Yearly

Every dollar a small business spends needs to have an immediate and quantifiable return. This is especially true for critical services such as I.T. support. If you are one of the millions of small businesses that depend upon your technology to keep your business running, proactive Managed Services will save you money, improve your efficiencies and reduce your downtime.

The Solution

With the advent of new monitoring tools and the ability to remotely deliver help desk services to small businesses all over the world, Managed I.T. Service Providers have developed proactive maintenance plans for their clients that maximize their uptime and reduce I.T. costs over time. By implementing newly available automated processes, systems can be patched and updated overnight without the need for onsite visits, or disrupting an organization’s work day.

In addition, remote help desk tools and technology allow Managed I.T. Service Providers the ability to react immediately and assist users when they experience day-to-day problems, without forcing them to wait for an on-site service call.

Forward-thinking Managed I.T. Service Providers are also implementing proactive remote Network Monitoring tools and services, which evaluate the performance of systems 24 hours a day, 7 days a week, and alert these Service Providers of potential issues before they become work-stopping problems for their clients.

The Details

Implementing and receiving the benefit of these solutions is painless for the Small Business Owner, as Managed I.T. Service Providers can begin delivering these cost-saving and efficiency-improving services soon after deploying specialized software agents on all managed equipment. These agents report device health, service pack and operating system, anti-virus and anti-spyware update information back to the Managed I.T. Service Provider’s monitoring systems, allowing real-time analysis and proactive management to occur.

Specialized software applications installed at the Managed I.T. Service Provider’s location also track all problems reported by their monitoring systems and end-users, and are used to document all steps initiated for resolution. These applications provide a ready knowledge-base of information which grows over time, allowing swift resolution for issues that have been previously documented.

The Benefits

Benefits from Managed I.T. Services enjoyed by Small Business Owners are many, and include increased operational efficiency, the ability to reduce and control their operating costs and gain access to Enterprise-level support. In addition, these Small Business Owners are now able to focus on running their businesses, and not their networks, and receive the peace of mind that comes with the knowledge their networks are being monitored 24 hours a day, 7 days a week.

Why Your Company Needs an Email Policy

Email is an important and necessary part of your business. It provides an economical and instant means of communicating with staff, customers, and vendors – that’s both simple to use and enables increased efficiency. An email policy is required to protect this necessary business tool.

An email policy is a legal document that details your organization’s definition of acceptable use for the company email system. It should indicate who emails can be received from or sent to, as well as outline what constitutes appropriate content for work emails.

In additional, having a company email policy will:

Protect the Organization from Liabilities: When all employees read and sign an email policy, it proves they are aware and agree to the information contained in that policy. Should an email be sent that is not considered appropriate content according to the email policy, the employee, not the business, would bear the brunt of liability for any damages or suits brought as a result of their sending an inappropriate email.

Promote a Professional Environment: If email is used only in a professional manner in the workplace, you can be sure that embarrassing mistakes will not occur. For example, if staff are using work email to communicate with friends, the content in those emails are likely to be sloppy, unprofessional, and informal. If those emails accidentally get sent to clients or other professionals – the company image may become damaged. If an email policy does not allow for personal use of the work email system, your staff will remain in a professional mindset and eliminate the potential of personal emails going out to customers.

Increase Productivity: Email tends to be a distraction for employees who are using it for non-professional reasons. If an email policy prohibits the use of work email for personal use, your employees will stay on task more and avoid the distractions that come from sending and receiving personal emails during work hours.

Establish Systems for Email: If the email policy outlines appropriate content for an email sent during work hours over the company email system, it can also help establish systems to ensure all staff members are contributing to the brand or image of the company. Have each staff member use a template for email responses and set up signature lines that appear in all outgoing emails to further establish the company’s professionalism and image in the eyes of individuals who may receive email from your staff. Setting guidelines for content and use of email creates a single, comprehensive image of the company that helps keep the organization aligned with its mission.

An email policy is a document that provides your business with certain legal protections involving misuse of the email system by employees. Because it is a legal document, many businesses elect to have a lawyer draw up the email policy, or at the very least, review the policy before it is implemented within the organization. Having a lawyer review or prepare an email policy may seem like an unnecessary upfront cost, but has the potential to save you in legal fees in the future.

Tips for Motivating and Retaining Your Good Employees

In today’s tough economic environment, with job cuts and pay decreases, it can be a challenge to keep your employees focused on their job and motivated. While many employers are struggling and can’t offer pay raises, bonuses and other cash benefits to their employees, there are a variety of other creative ways to keep them happy and on the job. In fact, statistics show that people do not necessarily need praise in the form of money to stay motivated. Most actually prefer some other form of recognition. Here are some tips that can help boost the morale and productivity of your employees.

First, always address your staff by their name. It is a natural instinct for people to want to feel valued. They want to be recognized. Make it a priority to learn your employee’s names and always address them by name. It can be demoralizing to know that your boss does not care enough to know who you are.

Give praise. People want to be recognized for their efforts. Giving on the spot recognition, praise at employee meetings or recognition in the employee newsletter for those groups and individuals that go the extra mile is a great way to boost morale. While it is great to point out team efforts, people tend to crave individual recognition as well.

Offer opportunities. These can really be quite simple. Help your employees focus on their career path by offering them one on one training or advice. Reward your hard working employees with special job titles. Job titles are very important to workers. A fancy title makes them feel good about themselves and offers respect and praise from friends, family and other co-workers.

Provide leadership opportunities. Recognize your hard working employees by letting them take on a leadership role. Have them present at a company meeting, take on additional responsibilities or let them lead up a company project.

Foster Team Spirit. Make the time to gather employees together and drum up some fun competitions will very often foster increased work production. A great simple reward for the competition is extra time off. Now that does not mean extra vacation days, but simply letting employees come to work a little late one day, take an extended lunch hour or leave early. Taking an employee picture, framing it and hanging it can also foster a sense of belonging.

Provide a Good Working Environment. Making sure the work space is clean, cosmetically appealing and comfortable actually can make a difference. Employees are more motivated to come to work each day if they have an inviting environment to report to.

Have Casual Dress Days. Employees love to dress down and offering them an opportunity to do so can brighten their spirits and keep them happy. Many places of business will do dress down Fridays. Another fun idea is to have dress down theme days. For example the week of the Super bowl you could wear your favorite team jersey, on St. Patrick’s Day everyone could wear green and on Halloween people could come in a costume.

Provide opportunities for social gatherings. A final great way to keep company morale high is to offer employees time away from the office to socialize. Having a summer company picnic, a holiday party, gathering for a softball game or a trip to the golf course are all fun ideas.

The Importance of Communication In The Workplace

With so much communication technology at our fingertips, it is difficult to believe that there are any communication problems in any business today. In the course of a busy workday, the importance of good communication can be something that can be easily forgotten. If you are noticing that it is difficult to get your employees to work together cohesively, that morale iw very low, or worse, that your business is losing money, you might need to take a second look at your company’s communication.

Use the Telephone

While phoning someone is still a good practice, it isn’t always the best mode of communication for every situation. Using the telephone is good for setting up meetings or discussing items for which there is a quick resolution. It is generally not a good venue to tell an employee that they made a mistake on their last assignment. Save that discussion for a one-on-one meeting.

Write an Email

Email is a fast and convenient way of communicating with colleagues and employees provided you follow a few guidelines. Use email for only disseminating factual information. If you are writing anything that could be misinterpreted, it is best to address that face-to-face. For example, if you are trying to remind an employee that something that they are doing is inappropriate in the workplace, an email might come across like an impersonal and angry lecture. This could end up causing a backlash from the employee rather than alleviating the situation.

Have a Meeting

Meetings can help bring employees and colleagues together and make them feel part of the company. It also helps to keep everyone apprised of what is happening in the company. It is probably the best way to communicate all important company business and ensure that everyone hears it. It is important to encourage open communication in the meetings, so that employees feel that they are heard and that what they say matters.

Try One-on-One Communication

With so many different modes of communication today, one-on-one communication often gets forgotten. It is so much easier to shoot someone an email or leave them a voicemail, but there are times when good old-fashioned face-to-face communication is still the best way to speak with a colleague or an employee. Many people do not feel comfortable bringing up their concerns or problems at a meeting. Things written on an Email and said on the telephone can often be misinterpreted when you are not able to see the person and read their body language. This is why a face-to-face meeting can be a much better option in this situation.

Listen

Listening is probably the most glossed over, yet most important piece of the of communication puzzle. Without the listening portion, any other piece cannot fully succeed. Employees and colleagues need to know that their input is being heard. Feeling unheard can often be the cause of low morale and high employee turnover. While listening does not necessarily mean incorporating each suggestion into your company or changing every policy based on what one employee says, it does mean giving the ideas full consideration.

In today’s highly technological society where everyone can do and access everything from their computer or cellphone, the importance of good communication cannot be stressed strongly enough. Using the appropriate mode of communication for different situations will make everything flow easier, and help make your employees feel that they are important and valued member of your company.

4 Tips for Getting the Most Out of Your Technology Investment

How many times have you purchased new software or hardware, and avoided the help menu or user manual? Experts reason that about 90 percent of all features included with software go unused! Much of this comes down to lack of training for individuals using the technology – they use what they know and need most, and avoid anything that would require study or practice to implement. It’s human nature to take the path of least resistance, but with a little motivation you could better benefit from the money spent on technology for your business.

Instead of letting your technology investments continue on underutilized, here are 4 tips for getting the most out of your technology dollars:

1. Put the client in the driver’s seat of communication.

You can improve the quality of customer service offered by your company through the use of simple technology. The more connected you are to your clients, the happier they are with your work. Use technology to give your clients a way to initiate discussion with you, either through blog interaction or a discussion forum. Set up instant messaging so clients can contact appropriate staff members as necessary. It’s simple technology, but will result in improved client retention, repeat customers and better communication.

2. Create a business culture of continuous improvement.

One of the most amazing aspects of technology is how quickly it is updated and improved. Just when you think you have the best of the best, new technologies and processes are created to improve productivity. Even in the sometimes mundane office environments, new ideas will enhance efficiency and productivity. Encourage staff and consultants to let the new ideas flow – continuous improvement is the key for making the most out of your technology.

3. Take advantage of training opportunities.

If the cost of sending staff to training courses is a bit much, and you’re unable to conduct monthly training seminars on your own – consider bringing in vendors and experts whenever a new version of software is released. You can also have managed service providers deliver training virtually as needed, in order to keep your staff up to date with the programs and tools used in the office.

4. Internal email newsletters with tips.

Most businesses recognize the value of sending newsletters to their clients to keep in touch and establish relationships, but what about internal newsletters among staff members? Send a weekly email to your staff with a single technology tip that explains how to do something that will improve their productivity or make their lives a little easier. Keep it fun and add a cartoon or a quick quiz to keep the staff looking forward to their weekly newsletter. Your ideas for topics can come from training and seminars you attend, or from questions staff ask the IT department. If one person doesn’t understand something, there are probably a few others who also don’t understand – but aren’t speaking up about it.