End of Life Countdown for Windows 7, Windows Server 2008 R2

Posted on: May 25th, 2018 by jiml | No Comments

Microsoft will be ending support for Windows 7 and Server 2008 on January 14, 2020. This means no more security patching and no more support from Microsoft. Windows 7 will go the way of Windows XP.

This planned obsolescence of these operating systems can be viewed negatively as Microsoft’s way of forcing us all to Windows 10, or we can look at it positively that Microsoft has given us all ample time to prepare, plan and budget for this eventuality. The transition can be smooth if your business takes the time to plan and prepare. Those that wait until the last minute will be scrambling to upgrade or worse yet, do not complete the upgrades and find themselves the victim of a data security breach because of an unpatched vulnerability on a Windows 7 computer.

The good news is that Microsoft has precedent of patching egregious security flaws on expired operating systems on occasion. That is not something we can count on and we also need to be aware that in past cases the onus is on the user to know about, find and install the proper patches if Microsoft decides to release a patch for an expired operating system. With the state of cyber threats that are present today, this is not a scenario we would recommend for any business.

Can you upgrade to Windows 10 or do I need to buy new computers?

In most cases you can upgrade to Windows 10. Older hardware may not be compatible, so it does make sense to take an inventory of your desktop workstations and decide based on age, hardware and purpose if the computer should be replaced or upgraded.

For my Windows Server 2008 R2 server, can I upgrade, or do I need to buy a new server?

While there is a migration path to Server 2012, Colden Company Inc. recommends replacing server hardware. There are several reasons for this. The first being, if you are running Server 2008 R2, chances are the hardware is reaching end of life from whichever manufacturer it was purchased. Dell, as an example, provided seven years of hardware support for a server. A second reason for replacement is there is a new operating system than 2012 out there, 2016. If you are replacing you might choose the operating system that will give you a longer life cycle.

What else should I be concerned about when upgrading?

In short, applications. It is important to ensure that your important applications can and are supported on these newer operating systems. The good news is that Windows 10 and Server 2016 have been out in production for some time giving application providers plenty of time to adapt. Also give thought to what you want to do with your old computers if replacing them. Do the hard drives contain sensitive data and need to be wiped or destroyed?

In summary, your business should have a documented plan on how you are going to prepare for and budget for this event. I will refer to my often-used Steven Covey’s 7 Habits of Highly Effective People here and remind our readers that effective people spend their time on important and perhaps non-urgent tasks like this. Ineffective people put off these important tasks in favor of more time sensitive yet less important tasks until the important task becomes an emergency. Put another way “Failing to plan is planning to fail”.

Contact us today so let us help your business put together a comprehensive migration plan and protect your business data from the retirement of Windows 7 and Window Server 2008 R2. Call us at 888-600-4560, email us, or visit us on Facebook or Twitter.

Microsoft Office 365

Posted on: April 25th, 2018 by jiml | No Comments

Microsoft Office is called a “productivity suite” for a reason. Some of the programs that comprise the Office Suite have been staples of business for many years, such as Word, Excel and Outlook among others. With today’s Microsoft Office you read about products like Yammer, Skype and Teams. Are these programs that can help your business productivity?

First, let’s be clear that not all of these programs are available with each subscription. Microsoft has been heavily touting it subscription-based versions of Office for some time. Those adverse to a monthly recurring cost won’t like a subscription model, but it does come with some key advantages. We have covered these in the past, so we will be brief here and focus on two key benefits.

1) A Microsoft Office 365 subscription is licensed to a user and allows up to five copies of that license to be used for different types of devices. (five computers, five tablets and five phones). That is a lot of copies of Office at no extra cost.
2) Upgrades and updates are included. When Microsoft releases Office 2019 next year (or likely late in 2018), you will be entitled to it as a subscription user instead of having to buy the licenses.

(Please be aware that Microsoft has advertised that Office 2019 will only be supported on Windows 10.)

The on-premise versions of Office (think traditional Office) will not include tools like Teams and Yammer. (Skype for Business is included). Microsoft is trying to incentivize the use of the Office 365 subscription even further by making the tools only available via the subscription model. Even among the subscription model, Office 365 Business does not contain licenses for these new tools and sticks to the traditional apps. Office 365 Premium contains the new tools at a higher price point. Click here to compare.

So, what is Yammer? Yammer is a social media platform for your business. Employees can post, make announcements and it has a look and feel like other notable social media platforms like Facebook.

How about Teams? Teams is a chat/Instant Messenger/conferencing platform that will likely cause Skype to be phased out by Microsoft. It has similar capabilities of Skype such as video conferencing but more robust and more integration capability.

Think your business can benefit from these tools or perhaps save money by using them? Even if you aren’t needing tools like Yammer and Teams, there are clear benefits to the subscription model of Office. Give us a call today to find out more and let our team of professionals help you decide the best path forward for your business.

Call us at 888-600-4560, email us, or visit us on Facebook or Twitter.

Is Your Web Site Ready for Browser Security Changes?

Posted on: March 23rd, 2018 by jiml | No Comments

Did you know that starting in July 2018 with the release of Google Chrome 68, Google will be marking all web sites that connect via HTTP as insecure ? Google is pushing companies to create secure connections to their web sites by using HTTPS. HTTPS differs from HTTP in that it uses encryption to create a secure connection from the user to the web site rather than a clear text connection that a traditional HTTP connection would create. Many of you are likely familiar with HTTPS from going to banking sites or retail sites that want to protect the communication from the customer to the web site.

Other browsers are also moving in the same direction. Mozilla has committed to doing the same in future releases of Firefox.

Is your company web site ready for this? If not, when potential customers attempt to visit your web site they will be see a message that the site is not secure which can turn away potential business.

What do I need to do?

In order to allow users to connect to your web site using a secure connection (HTTPS), your website will need a security certificate. The proper installation of a security certificate on your web host will ensure a secure connection to your site visitors. Please note that installing a certificate does not secure the web site itself, only the connection. The backend files are not any more protected after a security certificate is installed as before.

Upon completion of the certificate install, there might be some changes needed to your web site code to ensure your pages are using HTTPS by default. Consult your web developer for this.

The good news is that the move to HTTPS has already gained momentum. Over half of the sites on the Internet are already using HTTPS. The end result will be a more secure Internet for all of us.

Need assistance? Call us at 888-600-4560, email us, or visit us on Facebook or Twitter.

New Ransomware Threats and How to Defend Against It

Posted on: February 23rd, 2018 by jiml | No Comments

In what should not be a surprise to anyone reading this, 2017 surveys have shown that ransomware attacks against businesses like yours increased in 2017 over 2016. (4.3 times as many to be exact) The hackers behind these attacks have been so successful in monetizing their attacks that they have tremendous resources at their disposal to hone their craft. The end results are attacks that are more sophisticated and more destructive. If you are unsure what ransomware is, please see our video.

2017 saw attacks like WannaCry that did not use the traditional methods of infecting computers. Email attachments and links are still the most common method of contracting ransomware, but we are seeing different threat vectors targeting businesses. In the case of WannaCry, it attacked vulnerabilities in the Windows operating system. Users did not need to click on a bad attachment or go to a bad web site to be infected. They simply had to be targeted and not have installed the patches that Microsoft provided for the vulnerability.

2018 has seen a rise in ransomcloud viruses which attack cloud services like Microsoft Office 365, a popular email platform. Users would receive an email appearing to be from Microsoft and prompt the user for credentials. Once provided, all of the users’ email would be encrypted and unreadable without the decryption key, which the hackers held for ransom.

We, of course, encourage users to never, never, never (you get the point) pay the ransom. Paying the ransom perpetuates the cycle by giving the bad people more resources to put toward their scams. Once you have contracted a ransomware virus, restoring from backup is the best way to recover your data. Cleaning the infection out of your system should of course be the first step in remediation, followed by restore. For ransomcloud viruses affecting Office 365 it is important to note that businesses have options. There are reliable and cost-effective solutions for providing comprehensive backups to your Office 365 (or Google’s G Suite) data. Having this extra layer of protection can come in handy for other reasons in addition to malware as well. Want to recover an email from two months ago? How are you going to do that? With our solution, a simple phone call or email gets the process started. Too much business is conducted via email in today’s world to leave your email recovery to chance.

To hear more, call us at 888-600-4560, email us, or visit us on Facebook or Twitter.

Putting Meltdown and Spectre in Perspective

Posted on: January 30th, 2018 by billp | No Comments

There’s recently been a lot of media attention around two vulnerabilities in computer chips. The vulnerabilities, given the ominous titles “Meltdown” and “Spectre,” exist in nearly all microprocessors made since 1995 — meaning they are found in nearly every popular business computer, home computer, and other devices such as smartphones and tablets.

One of the biggest challenges with cybersecurity is putting perspective to the severity of issues. Bugs and vulnerabilities that receive logos, names, and headlines usually result in a big – and often out-of-proportion – reaction. There’s no arguing the fact that these vulnerabilities are significant and should not be taken lightly. But, before you start to panic, the situation sounds a lot worse than it is. There is always a balance of “probability and exploitability” that businesses should consider in determining how likely they are to fall victim any cybersecurity vulnerability.

What are Meltdown and Spectre?

Both Meltdown and Spectre are hardware vulnerabilities in computer chips (microprocessors) that allow a non-privileged user to access information on the computer that they shouldn’t be able to access. While programs are typically not permitted to read data from other programs, a malicious program can exploit Meltdown and Spectre to access secrets stored in the memory of other running programs, which might include your passwords stored in a password manager or browser, your personal photos, emails, instant messages, and even business-critical documents. This is a particularly big problem for cloud services like Microsoft Azure and Amazon Web Services, where multiple “tenants” use the same physical hardware.

Meltdown and Spectre require a high degree of sophistication, time, and luck for hackers to be able to exploit. These vulnerabilities have been around for 20 years and are something that both researchers and government agencies have been aware of for at least six months, yet we haven’t heard of any active exploits in the wild.

How Do I Protect Myself?

This is where things get complicated…

All major hardware and software vendors have released patches that address Meltdown and Spectre in the weeks since the disclosure of the vulnerabilities. In the case of Microsoft, its patches for Windows require that your antivirus software to updated to ensure Meltdown/Spectre updates won’t crash your computer (users of Colden Company’s Managed Antivirus are compatible with Microsoft’s updates). Intel released – and then retracted – updates to its microcode (software that runs the processor), and Microsoft then released an emergency update to fix the problems that Intel’s buggy updates caused.

The updates can be more impactful on computers (particularly servers) running older Intel processors and/or certain workloads, where updating to mitigate Meltdown/Spectre has the potential to reduce performance between 5% and 30%. The performance impact is very dependant on what software is running on the computer. Microsoft attempted to add some clarity to the potential performance impacts in a recent blog post.

To get back to the question of how you protect yourself and your business, Colden Company recommends patching – and not panicking – as reliable patches are made available from hardware and software vendors.  Ask yourself how quickly you can reliably apply known-good and tested patches from reliable vendors, especially on critical systems.

Use the following steps to guide you down a good path to mitigating Meltdown and Spectre.

  1. Update antivirus software to ensure Meltdown/Spectre patches from Microsoft aren’t blocked.
  2. Update operating systems with relevant patches.
  3. Update hypervisor hosts, guest OSes, and cloud instances.
  4. Update system BIOS / firmware.
  5. Update web browsers where applicable.
  6. Check for updates to other applications and peripherals.

If even the above steps seem daunting, our best recommendation is to partner with experts at Colden Company to help ensure your business is protected.


The scope of this issue is huge. According to a survey of 500 IT professionals by IT organization Spiceworks, 70% of businesses report they continue patching despite the guidance from Intel to stop. 46% of companies have reported performance degradation, 26% are dealing with system “hangs” and freezes, and 22% are experiencing issues with computers not rebooting properly after the patches are installed. Costs from the mitigation effort also mounting for some companies. 29% of companies with more than 1,000 employees said they expect to spend more than 80 hours addressing the flaws, and 18% said they expected to spend more than $50,000.

While exploiting either Meltdown or Spectre requires a high level of sophistication, it’s still early days, and incidents that take advantage of Meltdown and Spectre will be inevitable. Laptop and desktop workstations are at the greatest risk, so make sure that you’re current with Microsoft patches as they’re released. You should be diligent about patching all systems and mobile devices. Work with your cloud providers and business partners to ensure they have a mitigation plan. Don’t worry, don’t panic, but be diligent and be sure to install patches as soon as they become available for your specific operating systems and devices.

This is a complicated topic and can quickly become overwhelming. Give the experts at Colden Company a call and let us help you protect your business against these and other cybersecurity risks. Call us at 888-600-4560, email us, or visit us on Facebook or Twitter.

Happy New Year!

Posted on: December 29th, 2017 by jiml | No Comments

What will 2018 hold for your business? What challenges are you facing? Most business start off the new year with a sense of renewed optimism and determination and we hope your business is no exception. Now that the holidays have passed, we can tackle some projects we have been meaning to undertake to improve our business. If you even a casual reader of our blog you have heard the phrase “If you are running your business the same way you were three or four years ago, you are not staying the same, you are falling behind”. Statistically speaking business that embrace technology solutions outpace their competitors that do not. Top employees are more likely to remain with businesses that have better technology. The trick, of course, is to implement the right technology, not just add technology for the sake of technology. Technology chosen or implemented poorly can actually add expense, not decrease it.

One area of improvement that is often overlooked is reducing risk. How well protected are your business assets? Is your business keeping up with the increased level of cyber threats that exist? Your company data and assets have value. Any compromise of that data or asset come with an associated cost. If you are concerned about that, this is another area where technology may be of help. The above saying about if you are running your business the same way, is also apt when thinking about cyber security and risk to your business. The threats are not the same as they were three or four years ago, so why are your defenses? Risk management is a business function. IT should not be driving the conversation, business leaders should be. Unfortunately, today, we see too many business leaders that are not taking the risks seriously enough which results in the statistics we see about business failures after a hack, businesses paying ransom to hackers to get their data back and other similar headlines we see in the news.

As a business leader, do you know what the risk level is to your business? If you do, then you are ahead of the curve. If you do not, then you likely do not have the appropriate awareness programs in place or allocated the proper time to this significant issue. Many business leaders underestimate the risks and consequences of a cyber attack to their business and therefore do not take enough precautionary steps to prevent them. That mistake can cost a business leader his job. (See Equifax among others) As Stephen Covey adeptly points out in his 7 Habits of Highly Effective People, we tend to focus on the urgent/non-important issues over important/non-urgent issues. This flaw in human nature causes us to put important events like planning on the back burner to tend to picking out the company Christmas cards because it has a deadline associated with it. Effective people do not do this. Effective business leaders are able to delegate non-important work and spend a majority of their time on important but perhaps not urgent work. (Covey calls that quadrant II in his time management matrix). Certainly, risk management falls into this category. It is important work.

The trouble comes when the cyber breach happens before the planning is done. Now we have a costly emergency, or a quadrant I activity in the Covey time management matrix. At this point the non-urgent planning to manage and mitigate risk is pushed to the forefront as response to an actual threat that requires an urgent response. Effective business leaders do not allow situations to get to that point because they have done the preparation in advance.

Would Stephen Covey say you are an effective business leader? Are you running your business the same way you were three or four years ago? Colden Company is here to help. Give the experts at Colden Company a call and let us help analyze the risk to your business. Call us at (888) 600-4560 or email us, or visit us on Facebook or Twitter.

Holiday Electronics Shopping

Posted on: November 29th, 2017 by jiml | No Comments

The holidays are upon us and one question we often get about electronics is what we recommend in terms of a tablet, laptop or all-in-one (AIO) unit. The answer, of course, is the unhelpful “it depends”. We unfortunately answer a question with a question and ask, “what do you need this unit to do?”. That answer can help lead us in the right direction.

For example, if you need the computer to work seamlessly with your office domain and office programs, we may steer you away from an iPad. In general, they do not integrate as nicely into a corporate network and use network resources. Many out there are rabid Apple fans and want to have their Apple devices so there are ways to make them work in an office environment as long as you are prepared for the expense of making that happen. For web browsing and email, iPads are great.

Microsoft touts their Surface tablet as the tablet that can replace your laptop. As a Surface owner, I can tell you there is a lot to like about Microsoft’s foray into the hardware space. Most Surfaces (think Pro) will run a full version of Windows, meaning you can install all the apps you can load on your laptop on your tablet. If you don’t mind a smaller keyboard, it seems to be a functional unit that can act as a tablet as well as a laptop. One note to be aware of: they break more frequently than you might expect. So much so that Consumer Reports pulled their recommendation of the Surface tablets. They have a high failure rate as I can personally attest to with my personal unit. I love it when it is not doubling as a brick.

For regular laptops we often are asked about the latest Black Friday deals at Best Buy. These may be a great choice for home use. Keep in mind that the box stores are selling you consumer grade electronics with consumer grade operating systems. This matters for a business shopper. Home Edition operating systems will not join a corporate domain which give access to company resources. You will need to Pro or Enterprise versions for that. In addition, the quality of the components in a business grade laptop are considerable better than what you get in a consumer grade laptop. The business grade laptops have been proven to last longer and have fewer problems. We do not recommend consumer grade laptops for business.

Finally, all-in-one (AIO) units have their place in business. These units have the computer and monitor together which is a great space saver for situations where space is a concern. Retail comes to mind. Keep in mind with AIO units will not have the expandability that regular desktops have and often a shorter shelf-life as they are not upgradable. Check here for concerns with AIO units.

Enjoy the holiday season and please feel free to reach out to us with questions. We are here to help. Give the experts at Colden Company a call at (888) 600-4560 or email us, or visit us on Facebook or Twitter.

National Cyber Security Awareness Month

Posted on: October 28th, 2017 by jiml | No Comments

October was National Cyber Security Awareness Month. Here at Colden Company we are trying to do our part to raise awareness through webinars, social media posts, and other communications. We often say here at Colden Company “If you are running your business the same way you were three or four years ago, you are not staying the same, you are falling behind.” This saying was originally intended to apply to technology because technology is continually advancing; if your business is not taking advantage of it, your competition likely is. The saying is also particularly appropriate for data security. The threats facing your business are not staying the same; they have increased in both number and complexity over the years. We do not think anyone reading this would disagree with that point. In conjunction, your defenses should also be improving to combat the increasing threats. If you are using the same defenses you were three or four years ago, you are not staying the same, you are falling behind the data security curve and, most importantly, exposing your business to more risk.

Raising awareness to cyber security concerns is a worthwhile exercise. However, it seems like we are running the risk of desensitizing people to the risk by continual bombardment of this breach and that vulnerability that appear on the nightly news. Not all vulnerabilities are equal in size and scale and some judgment needs to be used to inform the public of the risks. Having said that, the risks are real. Cyber criminals have, unfortunately, been wildly successful with certain hacking campaigns like ransomware, which has lined their pockets with millions of dollars (and in some cases tens of millions) which they are using to perfect their craft. Hacking is a business and it is big business – make no mistake about it.

As a business, you may read about the latest breach and think to yourself “Here we go again. I can’t stop it so why worry about it.” We understand that sentiment. The question we would pose is “If you could stop a data breach at your business, would you?”. It’s true that there are many different threat vectors that hackers can use to attack your business. Why not spend time and effort blocking the most common ones? There are things you can do without breaking the bank to further protect your business. Incremental improvement may just save the day and prevent a breach.

When a hacker probes your business for a vulnerability and your business is protected from it, do you know? In most cases, the answer is no. Hackers use sophisticated programs to probe networks and attack the ones that are vulnerable and leave the ones that are not. This makes proving return on investment (ROI) for security a much more difficult number to show. How do you show ROI on something that did not occur? We can only do so, by citing the costs of breaches that have occurred.

Hacking attempts and breach attempts happen on a much more regular basis than you may believe. It is almost a certainty that your business was targeted at some point in the last year. The frequency with which this type of activity occurs would surprise most. We see more of this because it is our business to protect our customer’s critical data and we have tools in place to monitor and report on certain types of attacks. Unfortunately, the business that have with the best security measures in place are often the ones who had a security breach or had some type of security scare. It is analogous to buying the home security system after the break-in; you don’t want to go through that experience again, so you prepare.

So, in closing, I ask you to do this. Tomorrow morning when you wake up, pretend you just got a phone call from a staff member who told you there has been a data breach at your business and data has been compromised or lost. What would you do? How would you feel? If you would like to avoid that feeling, take the time to improve your data security to keep pace with the increasing threats. After all, if you are staying the same, you are falling behind.

Give our certified security experts at Colden Company a call at (888) 600-4560 or email us, or visit us on Facebook or Twitter.

Top Ten Myths of PCI Compliance

Posted on: September 27th, 2017 by jiml | No Comments

Hackers WANT your credit card data. They WANT your customer’s credit card data. They will try hard to get it. They will NOT stop. These are unfortunate truths.

In 2006, MasterCard, Visa, JCB, American Express, and Discover established the PCI Security Standards Council, a 3rd party entity, to manage the Payment Card Industry security standards and to promote the standard’s implementation by all companies (i.e. merchants) that accept credit/debit cards including all:
Retail merchants: Any business that operates in a storefront location, where the customers’ debit and credit cards are physically swiped through the payment terminal.
Internet merchants: Any business being run online. It allows businesses to collect and process credit and debit card information from their e-commerce website.
MOTO (mail or telephone order) merchants: Any business that operates by taking payments via the telephone and/or direct mail

Even if you process one credit card per year, your business must be PCI compliant. If you process through a third party, that does not absolve your business from PCI compliance. Many businesses do not take this seriously….until a breach occurs. As many of you know already, the credit card companies and banks have made a concerted effort to shift liability for the massive amount of credit card fraud taking place from their business to yours. If your business is not using chip readers, you are at risk. If your business is not PCI compliant, you are at risk.

PCI Compliance is not solved through a single vendor or product. There are many requirements and some of them are business process related and some are technology related. Below is a list of the top ten myths surrounding PCI requirements from the PCI Security Standards Council.

Top Ten Myths of PCI Compliance

1. One product will make us compliant.
2. Outsourcing card processing makes us compliant.
3. PCI DDS compliance is an IT project.
4. PCI DSS will make us secure.
5. PCI DDS is unreasonable, requiring too much effort and expense.
6. PCI DDS require us to hire a Qualified Security Assessor.
7. We don’t take enough credit cards to necessitate compliance.
8. We completed a SAQ so we’re compliant.
9. PCI DDS makes us store card holder data.
10. PCI DDS is too hard.
Source: www.pcisecuritystandards.org

Is your business PCI compliant? Are you aware of the penalties for being out of compliance? Given the current data security climate, have you given this enough attention? If you answered “no” to any of the above questions, give Colden Company a call at (888) 600-4560 or email us, or visit us on Facebook or Twitter.

Why and How to Secure Mobile Devices

Posted on: August 29th, 2017 by jiml | No Comments

As more business processes are either pushed to or accessed on mobile devices (phones, tablets, laptops, etc.), organizations need to be able to secure both the device itself and the data which the device accesses. Colden Company’s Mobile Device Management (MDM) service provides affordable protection for the most common security scenarios.

Physical Security

Since these devices leave the office and may be left intentionally in vehicles, homes and hotel rooms, unintentionally in locations like restaurants or stores, or completely misplaced or stolen, the first concern is to be able to locate the device. With the MDM agent installed on the device, it will periodically check in with its physical location which can be tracked on a map allowing for retrieval.

Protection From Unauthorized Access

The agent can configure the device with a screen lock passcode (and change it) and remotely lock the device. The data on the device can be encrypted and, if there is a concern that the device’s security has been compromised, the entire device can be remotely wiped.

Protection From Malware

While the overall risk of malware is reduced on iOS (Apple) and Android phones and tablets compared to desktop and laptop computers, it is still a very real concern that needs to be addressed. Even though users have permissions to do things like configure the device settings, connect to wireless networks, and add or remove apps, while they are actually using an app on the device, they are not doing so using those permissions. After apps are installed, what they can do is limited to the permissions they were given at installation. For example, it is not possible to run an executable program from a web browser or email app in the same way that a user can on a PC. While running those apps, the user is not acting as an administrator of the device.

So the most critical level of protection against malware is to ensure that the apps are installed from a trusted source that verifies they do not contain malware. For iOS, the Apple App Store screens all apps offered through the store. For Android devices, the Google Play store has less oversight on what apps are offered, but the Play Protect Service on each device does a background check of each installed app to detect harmful apps. This check is especially important since, unlike Apple devices, it is possible to install apps to Android devices from locations other than Google Play. It’s worth noting that all reports of Android malware to date have come from installing compromised or malicious apps from the Google Play store or from a third party source.
MDM addresses this issue through policies that allow only specific apps to be installed, identify specific apps that cannot be installed, require that specific apps be installed and, for Android devices, disable the ability to install apps from any location other than Google Play. Actively managing what apps can and cannot be installed is the most effective protection from malware.

Monitoring Compliance

Mobile users generally have administrative privileges on their devices. In order to ensure protection is active, the MDM agent is enabled with policies and rules that define how the device is to be configured and what actions to take if that configuration is changed (non-compliance). It monitors the device continuously for any configuration changes, compares them to the policies for the device and takes action when the device falls out of compliance. As a minimum, non-compliance will generate an alert and an administrative email which can also be sent to the user. For example, if a lock screen passcode is a required policy item and the user disables the passcode, an alert gets triggered with an associated email message. The administrator then has the option of re-enabling the passcode, changing it or locking the device. For a more security conscious approach, non-compliant devices can be denied access to company resources until the device is back in compliance.

Every survey indicates that employees will continue to use mobile devices more frequently than they do today. The trend is not about to reverse. As a business, you need to be thinking about how you can best manage and secure those devices and the data they access. Give us a call at (888) 600-4560 or email us, or visit us on Facebook or Twitter.