Michael Johnson

Is Your Charitable Organization at Risk?

If tomorrow’s headlines read your non-profit organization’s data and donor info was breached, what would be the ramifications?  Are you taking enough appropriate steps to stop cybersecurity threats?

Is Your Charitable Organization at Risk?  Cybersecurity Tips for Non-Profits

Almost weekly, we hear about an internet or computer security breach at a large retailer, bank, or recently, a major credit reporting service.  These breaches create problems for not only the companies involved but for their customers.  Personal information is often exposed, and the carefully crafted reputation a company may have built for years or decades can be destroyed.

As of yet, we haven’t heard of any major breaches at a non-profit organization.  The key words are “as of yet.”  Non-profits often store a significant amount of data about their board members, employees, volunteers, donors, corporate supporters, and more.  A security breach for a non-profit will not only be embarrassing but it could have significant adverse effects on future funding. These are some of the reasons non-profits should be proactive in taking steps to button up computers and online security.  Here are nine cybersecurity tips of which non-profits should take note.

1. Increase the difficulty of your passwords and change them at least quarterly. If your organization is using simple passwords because it is “easier”, you should keep in mind it also makes it easier for others to gain access.  Many experts agree that the most secure passwords should be a random series of eight letters and numbers with at least two capital letters included in the sequence.  With the frequent turnover in staff members and volunteers, passwords should be changed at least every three months.  Don’t allow staff to write their passwords on Post-It notes attached to their computers.    It happens.
2. Set security protocols for staff and volunteers in writing.  Don’t assume those around you know about phishing and spear phishing and the dangers lurking behind pop-up ads and downloads. Many non-profit organizations have older volunteers who may not be aware of the latest dangers and tactics being used to gain access to data.  Having staff and volunteers sign off on a one-sheeter acknowledging they understand basic security guidelines can demonstrate they are aware of the potential problems.
3. Upgrade security software. Of course, non-profit budgets are tight but they will get much tighter if there is a breach in your data and donors feel their information is not secure.  Make it a point to get security software from a major supplier that you can feel comfortable with and keep it updated.  Providing a secure firewall or malware protection after experiencing a cybersecurity attack will do little to build confidence in your organization.
4. Upgrade computers and hardware.  The older your equipment is, the more likely it is susceptible to a cybersecurity threat. Board of directors may not be willing to invest in new computer systems just because of the bells and whistles they include.  If the security of their sponsor and donor data is at risk, however, it may get their attention and provide support for new equipment.  If your non-profit has not looked into TechSoup for deep discounts on software and hardware, it should.  The application process can be a bit tedious but the savings are significant.
5. Make sure your online donation processing is impregnable.  It is critical your donors have absolute confidence when making online donations. While services like PayPal are simple and relatively easy to set up, they may not instill the confidence of a more robust payment system.  Giving donors payment options can also help facilitate more and more frequent donations.
6. Limit access to important files and data. One of the benefits of working for a non-profit is that there is often a team atmosphere, with staff and volunteers working toward a common goal.  Unfortunately, this can lead to sloppy security and over-sharing of files and data.  Computers may be left unlocked when not in use and unnecessary personnel may have access to sensitive files.  Limiting access will not only protect your information in-house but will help in limiting external access.
7. Back up data on an external drive.  How quickly can your organization restore current data and software if you had a significant hard drive crash? Computers are generally more stable than ever, but this can lead to a false sense of security and even complacency about backing up data.  Make sure data is backed up regularly and frequently and the back up is kept off-site.  This can be done in the cloud, on a CD or on an external hard drive.  If the hard drive on your computer or server were to irretrievably crash today, what would the ramifications be?  If you don’t know or if the word “disaster” comes to mind, create an off-site backup and restoration plan.
8. Get professional assistance.  If you are not confident in the steps you are taking in keeping your organization’s data secure from threats, get the advice of someone experienced in the field. Discuss cybersecurity with other profit and non-profit organizations you may come in contact with and ask for recommendations.  Cybersecurity doesn’t have to be that complicated when it is made a priority but if you are not comfortable taking it on, get the help of an expert.
9. Document the steps your organization takes to protect the security of its data. In the event of a cybersecurity attack, it won’t take long for fingers to be pointed and blame to be placed.  This is why it is important to have a security plan in place and document what is being done.  This can demonstrate, even after the fact, that your organization was aware of the possibility and was taking proactive steps to keep its computers and data safe.  This should include how your social media is handled and who is responsible for it.

Make cybersecurity a priority, get everyone involved, and document your plan and processes. Greater awareness can go a long way in protecting the data of your non-profit organization.

Microsoft Word is an incredibly powerful tool for office productivity, but you’re probably not using all of these fabulous time-saving features.  Get the scoop!  

There are few software packages that are as pervasive in a variety of different industries as the Microsoft Office productivity suite that includes Word, Excel, PowerPoint, and Access.  The ability to quickly and easily edit, share and distribute documents is a massive draw for organizations, schools, and students, but few people fully master these powerful programs. Most people use only a small percentage of the tools that are available, which is unfortunate. There are significant productivity gains available to anyone who takes the time to dig deep and master the capabilities of these full-featured programs.  Ready to shave some time off your document editing or processing tasks?

Keyboard Shortcuts

The design of the ribbon across the top with commands also makes it straightforward to find the information that you want, with commands that are used regularly garnering spots in plain sight. Even with the ribbon available, there are repetitive tasks that could be simplified by using a keyboard shortcut.  There are plenty of options that will help you navigate through the system and make your work more efficient, here’s just a few that you may find yourself using on a daily basis:

• Ctrl+A – A great way to select all the text on the page
• Ctrl+Y – Redo or Repeat your last action, to quickly apply formatting as you work through a document
• Ctrl+K – Insert a link to the document at the point of your cursor
• Ctrl + DEL – Delete word to the right of the cursor
• Ctrl + Backspace – Delete word to the left of the cursor
• Ctrl + Home – Move cursor to the beginning of the document
• Ctrl + End – Move cursor to the end of the document
• Ctrl + 1 – Single-Space Lines
• Ctrl + 2 – Double-Space Lines
• Ctrl + 5 – 1.5-Space Lines
• F7 – Run spell check on any selected text or the entire document
• Shift + T – Insert the current time
• Shift + D – Insert the current date

If you’re spending a big part of your day editing within Word, these keyboard shortcuts alone could save you time, effort and frustration!

Section Breaks

Part of the beauty of Word is the ability to create well-structured documents that make it easy for users to find what they need quickly and easily.  All it takes is a little planning and foresight — and a solid understanding of sections and styling — to output Word documents that your users will be pleased to use and that are ready for publishing in print or online.  Sections in Word allow you to differentiate between areas of the document, such as the title page, table of contents, main document and any appendices.  Create a section break in Word by accessing the Page Layout menu, and look under ‘Breaks’.  A section break allows you to change formatting, almost like having a mini-document inside your main document.  If you’ve ever struggled with setting different page number styles on your Title page than on interior pages, this tip alone will be a lifesaver.

Working with Large Documents

When you’re editing a book, school paper or other large documents, it’s important that you apply the correct styling to ensure consistency of design and structure.  If you need specific fonts, font sizes, paragraph styles or another formatting, it makes sense to take the time to edit your styles before you even start typing.  You can begin defining your styles for the entire document by editing the presets under Heading 1, Heading 2, Heading 3 and Normal text — all of which can be found in the Style menu in the ribbon.  Select the style you’d like to edit, and making the change is as simple as making changes in the pop-up window and saving your adjustments. When you wish to apply that particular style to a block of text, select the text and then choose the level of style you would like to apply.

Using styles allows you to make universal changes to your documents.  For example, your boss wanted you to use Comic Sans font for all headers, but then when they realized how difficult that font was to read wanted it all changed back to Arial.  If you’ve properly applied and used your styles, this is the matter of a few clicks to update the entire document.  Styles are also very helpful when you’re creating a Table of Contents, which you can do by clicking on the References tab and then clicking Table of Contents to insert your selection.  Header levels are translated immediately into levels in the Table of Contents, saving you valuable time and clicks.

Track and Compare Changes

It’s not unusual to need to review someone else’s Word document, whether you’re in a contract review or simply editing out some sections of a marketing document.  The handy ‘Tracked Changes’ feature in Word provides you with a way of seeing exactly the changes someone else made in your document and allows you to accept or reject each change — and even add comments.  Access this feature by going to the ‘Review’ tab and clicking ‘Track Changes’. Changes are highly visible and tagged to the user who made the adjustment.  What happens if you forgot to turn on tracked changes before you sent a document?  Don’t despair, the ‘Compare Changes’ feature allows you to compare two documents with ease.  Click ‘Tools’, ‘Track Changes’, ‘Compare Documents’, and the modifications will be listed for your easy review.

Need to upgrade your Microsoft Office installations or considering moving to Office 365 in the cloud?

Explore 7 Ways That macOS High Sierra Helps You Protect Your Privacy and Security  

If you’re an Apple user, you have a lot of things to look forward to in the 13th release of the macOS operating system.  Some highlights include new features, improvements to existing features, and a few updates that will pave the way for future releases.  At the same time, device and internet security have become a growing concern with all internet and device users.  It’s a good idea to learn more about High Sierra security and privacy features, so you know what to expect and what to be careful of.

What Privacy and Security Features Does High Sierra Include?

The October 5 Password Patch

It’s worth mentioning that two security vulnerabilities with High Sierra made the news by the first day of its release on September 25.  These had to do with password hints and actual passwords stored in the keychain.  You can now upload a patch to fix these issues from Apple.  Apple released the patch on October 5.

Security analysts who had a chance to test the new operating system before it was released said they had notified the company about issues before release, so it is somewhat surprising that the company took several days to release this patch.  Prior to that, the company said that users who only downloaded apps from the Apple Store could protect themselves from these issues, but some security analysts weren’t so sure.  In any case, if you have already updated, you should certainly consider installing the patch.

High Sierra’s Built-In Privacy and Security

Besides the patches for these zero-day vulnerabilities, High Sierra also came bundled with plenty of new and updated privacy and security features on its own.

File System

Apple’s update to their new file system deserves the first mention.  Called APFS, or the Apple File System, it now relies on flash technology.  You should enjoy both better performance and improved security.

Improved security and protection features include:

• Improved encryption capabilities
• Crash protection
• Easier backups

Since the upgrade may totally change the way that your device stores all of its data, it’s a good idea to ensure that you have backed up your system before you start installing High Sierra.

Browser Tracking Protection

You probably already know that advertisers try to track your actions as you use your internet browser.  They usually don’t have malicious intentions.  They simply want to gather data that helps them target advertising better.  At the same time, lots of Apple users would prefer to protect their privacy from this type of tracking software.  The Safari web browser now includes intelligent anti-tracking features that are supposed to be as smart as the advertiser’s trackers.

Advanced Secure Internet Connections

When you visited secure sites, like your bank, you probably noticed that you had an https:// connection and not a http:// connection.  Besides financial institutions, you might have also noticed this on many emails, downloads, or membership sites.  This is an example of improved security through a TLS connection.  This is important, but this kind of security relied upon SHA-1 certificates in the past.  These old-style certificates are no longer secure enough to perform as intended.

Currently, Apple wants all developers to move to SHA-256. certification, which uses much more advanced encryption to protect privacy and security.  This latest update actually applies quite a bit of pressure to get developers to change.  Before High Sierra, your Apple device would offer you a warning that the connection wasn’t truly private and secure.  Now, High Sierra will simply block your connection.  Before you upgrade, you may want to check any secure connections that you rely upon to make sure they will still work.

Weekly Firmware Validation

Once a week, High Sierra will automatically run a firmware check to validate your hardware against any installed firmware on your device.  According to Intego, most users should never see a warning from this check.  A warning could mean that your device has been maliciously tampered with, but it might just mean that you purposefully installed a hack to allow you to run this new operating system upon an unsupported computer.  If the weekly firmware validation does trip a warning, you will have the option to ignore it or to send a report to Apple for further investigation.

Kernel Extension Approvals

Some software will add kernel extensions that add certain functions to the operating system.  For instance, antivirus programs may do this legitimately in order to work.  Still, developers of malicious software may also add kernel extensions in order to cause mischief, so you should always know when it happens.

In any case, High Sierra will offer you a warning the very first time that any software tries to install a kernel extension.  If the extension was already loaded before you installed High Sierra or you have previously approved the extension with High Sierra, you won’t get a warning.  Some hackers have become clever at masking their work to look like legitimate software, so this system isn’t foolproof.

Mostly, High Sierra Offers Better Security and Privacy

This overview of new privacy and security features nitpicked a bit.  It’s important to understand how your device protects you and how that protection may be limited.  Mostly, you should enjoy better security and privacy with High Sierra than you have with your past macOS operating system versions.

Negative SEO is real, and it can have a serious impact on the overall search ranking of your business.  Learn what this means and how you can prevent damaging attacks.

Search Engine Optimization (SEO) is still the stuff of legend for many business leaders and marketers.  Even though the term is familiar and you know that it has to do with your ranking on search engines, exactly how it happens and the various factors that impact your ranking may feel as though they’re a bit cloudy.  Unfortunately, not only do you have to be concerned with SEO rankings, but there are ways that your competitors could unleash a devastating negative SEO attack that has the potential to cause long-term damage to your search unless you catch the problem quickly and take steps to reduce the impact.  Protect your business and make your competitors play fair when you steer clear of these negative SEO practices.

Importance of SEO

One of the most important things to know about SEO is that it’s a great leveler:  a small business who has a laser focus on SEO could easily rank above a much larger competitor in search results. The higher you are in search results, the more likely it is that you’ll get that customer, deal or offer.  Plus, a higher rank in major search engines often equates to credibility in the eyes of consumers.  Good SEO starts with a solid plan for keywords that are important to your customers, which can easily be discovered through a little work, brainstorming ideas and using tools such as the Google AdWords Keyword Planner to see the types of terms customers use naturally when searching for your business.  When you incorporate these keywords into the content produced either via a blog or on social media and your website, you’ll see your organic traffic begin to grow.

What is Negative SEO?

Negative SEO is often considered an attack by an unfriendly competitor or other organization and can be used to describe a variety of different tactics.  These include spammy links and forceful crawling, both of which can cause long-term damage to your site’s traffic and overall search results ranking.  Plagiarism is another potential cause of negative SEO.  If a site happens to grab your content, publish it, and have it indexed by Google before your site is crawled, there’s a possibility that you can be penalized for duplicate content.  While this doesn’t happen as often as some other causes of negative SEO, it does happen.  Forceful crawling is when a cybercriminal causes a heavy server load on your website, which can lead to slow loading times and reduce your SEO ranking and user experience overall.  Spam farms are the most likely cause of negative SEO and are also the easiest for outsiders to perpetrate against your website.

Shutting Down Spam Farms

Poor quality backlinks are the bane of Google, and it penalizes sites swiftly and harshly for this practice.  Unfortunately, that makes this an excellent tool for negative SEO practitioners who are looking for ways to reduce the ability to discover your website.  This manipulation of search engine rankings has led to an excellent tool that can be utilized to help shut down spam farms, the Google and Bing Disavow Links tool.  At it’s simplest, anyone can go to a bulk link-building service and generate tens of thousands of spammy links in a very short period of time.  While previously this practice was difficult to protect against, the Disavow Links tool from the two major search engines allows webmasters to take back some power by submitting links that appear to be spam back to Google and Bing.  By reporting these links, you can reduce or eliminate the impact of any negative SEO practices that include spam links.

Fighting the Fire

Perhaps one of the best ways to guard against any type of cyber attack is to ensure that your security procedures are in full effect.  This includes applying patches in a timely manner and only utilizing CMS (Content Management System) software that has top-notch encryption capabilities. Security protocols are especially important as they can protect against potential hacks to your website that could tamper with your robots.txt file — which could lead to a massive drop in rankings should your entire site be de-indexed.  Staying vigilant involves keeping track of your site’s overall search ranking and taking immediate action to remediate should your ranking fall dramatically.

Negative Reviews

Finally, negative Google reviews for your business can be nearly invisible unless you’re looking for them — yet they are a strong indicator of whether or not your site will show up well in search rankings.  If your competitors suddenly submit a large number of negative reviews against your brand, you may find that your search ranking is falling fast, and for no reason that you can quickly identify.  This is why it’s important to Google your business often and ensure that you stay on top of any reviews that are suspicious.

The ways that negative SEO can be leveraged against your business can be subtle, but the impact to your business can be significant over time in terms of lost traffic to your website and even lost business.  Protect your organization by ensuring you have the latest security patches in place, checking your ranking often and staying aware of incoming links on your sites.  Want to learn more about best-practices for security on the internet?  Contact our Omaha professionals by contacting InfiNet Solutions at (402) 895--5777 or via email to [email protected].