July News:

On The Calendar July Events Tuesday, July 25th at Globe Life Park in Arlington, The Fulcrum Group will be joining DFW B2BCFO partners for "Grow Successfully," an educational event for business owners sharing tips on sales and business strategy, opportunities for networking and wrapping up with some awesome Texas Rangers baseball entertainment!  Check our Events page out for more details on this event and reach out to your Fulcrum Group Account Manager if you're interested in attending. The Fulcrum Group July Webinar - How To Create Effective IT Policies - will be Thursday, July 27th from 10:00 - 10:30 a.m.  RSVP today!  After you signup, you can expect to receive an Outlook calendar appointment from us, with all relevant details inside. Quick links to our social media pages are accessible right from our website and in every monthly newsletter email you receive from us. If you're new to our newsletter and you'd like to subscribe, let us know.
Effective IT PoliciesHow To Create Effective IT Policies IT policies must be clear and understood by all affected parties to be effective.  Using specific yet simple terminology that can be easily understood by everyone is critical.  Our July webinar will help you address the steps needed to create effective and easily-understood policies. Step 1 – Remember the essence of a good policy. Keep it short and relevant, being mindful of any regulatory frameworks in which you operate and making sure the policy adds value to the business or organization. Step 2 – Identify what IT policies are needed. Thoroughly explore why the policies are needed and the purposes behind them. Consider the business objectives of your organization, and how the IT policies can help support and accomplish these objectives. Step 3 – Identify who will be responsible, overall, for the IT policies.  This person will establish the format of the policies.  Individual IT policies may be handled by specific staff. Step 4 – Develop your IT Policies. Make sure to use clear and concise language that can be understood by everyone.  You'll want to consider exceptions, ways to allow for flexibility for decision-makers, and also, who else needs opportunities for input. Step 5 – Preview IT Policies with Stakeholders and Executives.  For IT Policies to be effective, they need to have top down approval and backing, and stakeholders need to know that their concerns have been heard. Step 6 – Implement IT Policies. Start with communication, then provide training for staff and managers. Step 7 – Monitor, Review, Revise. The old adage, “If you can’t measure it, you can’t manage it” applies to IT Policies as well.  Having a regular review of IT policies, at least annually, with a standardized review process, will help you revise IT policies as your situation changes or new threats/technologies emerge. We will be expanding on these steps in our upcoming Fulcrum Group July Webinar, "How To Create Effective IT Policies" on July 27th at 10 a.m.  RSVP here!
Your Surprising First Line of Cyber Security Defense Cyber Security Defense Small businesses might feel like it is easier to fly under the radar when it comes to their cyber security and vulnerability to being compromised, but recent trends prove that untrue.  Small businesses are actually quite a big target for malicious activity due largely in part to lack of employee awareness, as well as internal security vulnerabilities.  Staying mindful that your own employees might unintentionally be the biggest threat to your organization’s security, here are some ways to help tighten up your organization’s first line of defense, its people. On whom should I focus most? Every employee - from the company President, to all levels of management, cashiers, administrators, even custodians – should receive adequate cyber security training and be held accountable for following all security policies. Also important to note is a significant amount of cyber crime has been attributed to insider fraud and carelessness.  Personal device use among employees, on and off company premises, are a BYOD (“Bring Your Own Device”) concern.  Even with BYOD security policies in place, mixing work with personal devices is an area deserving consistent attention.  Any device that connects, even sporadically, to company systems and accesses business data can be targeted by cyber criminals and should be subject to specific security requirements. Why involve my whole team? Your people need to understand not only what the risks are, but why ongoing training is so critical. Most millennials and post-millennials are well-versed in the use of technology, but even the savviest tech user can be easily tricked by ransomware.  And, simply being immersed in the day-to-day grind, each of us has a tendency to “forget the rules” sometimes. Because we can’t avoid or assist with what we don’t understand or remember to recognize, it is important to rally the team regularly, and bring your employees back - often - to your “defensive line.”  With potential risks including phishing emails, malware, ransomware, out-of-date software, or the use of unapproved applications, employees must be taught to recognize and report suspicious activity, to avoid clicking on links and opening attachments, to think before clicking. Threats are far more likely to be handled properly and avoided altogether when employees are routinely trained. So, not only is it critical to make cybersecurity training an integral part of the onboarding process, but as an ongoing practice throughout their employment. This training should include the basics of current threats and information regarding emerging threats.  An interesting study of WHO in a company was unintentionally inviting in potential cyber mischief was recently featured on The Today Show and sure drives this point home! What kind of training do we need to consider? The following elements should be a part of both initial and ongoing cyber security training:
  • Common Threats- Employees must understand and be able to recognize typical signs of common threats. At the very least, these warnings should be written down and displayed in visible locations in every department. Ask your Fulcrum Group Account Manager for free end user security awareness posters that you can post in visible locations throughout your office.
  • Communication- Employees need to feel encouraged to speak up and speak out if they suspect an issue. They need to feel empowered to take time away from normal business long enough to address concerns with a supervisor, manager, or managed services partner.
  • Prevention Rules- Employees need clear guidelines regarding the sites from which they can or cannot access information, as well as guidelines detailing what may or may not be installed on their company computers and devices. They need simple instructions about what attachments should not be opened and which links should not be clicked. They should be required to report any solicitations or non-work-related messages from unrecognized sources. Finally, companies should use high spam-recognition standards to minimize threats that otherwise would require skilled employee intervention.
  • Password Standards- One of the most frustrating aspects of our modern technological world is the need for multiple passwords on multiple devices and accounts, especially the frequent changing of passwords for the same accounts. While biometric capability may soon relieve some of this frustration, insisting on strong passwords, multi-factor authentication, and password security is currently recommended as essential.
These are a few simple considerations that are not particularly burdensome, but WILL help in protecting your organization.  With the increase in cyber-attacks over the last decade, not providing cyber security training to employees is not an option for any company that wants to grow. Our website geared especially to business owners and IT managers has some additional resources to browse regarding the security of your small business. While statistics prove employees will always be helpful as a first line of defense against ransomware attacks, the most comprehensive solution is for leaders of all organizations and businesses of all sizes to invest in stronger IT security solutions and implement policies that include a comprehensive, automated backup and disaster recovery solution such as SPOT Protect. These protections, combined with ongoing staff training, strict security policies, and constant vigilance, are an absolute necessity in today’s cyber-environment. Contact your Fulcrum Group Account Manager today to ensure your company’s defensive line is ready to play.
SPOTlight On: How To Keep Kids Safe Online This Summer Cyber Safety Tips From The Fulcrum Group On our blog, we've shared 5 good tips from the US Department of Homeland Security on keeping the kiddos that are important to you safe summer surfers!  Go here and make sure your kids are using good cyber security sense. As always, if you have a question or topic you'd like us to "SPOTlight" in an upcoming newsletter, let us know on our Facebook page!  
  More Than Tech Tips: What We're Reading Now Business Tips From The Fulcrum Group

Contributed by all the avid readers at The Fulcrum Group

Everybody loves a good beach read!  Here's some of our best recommendations, and also Inc's Best Selling Business Books Right Now.

Steve Meek just finished the following (and is about to start Lencioni’s The Ideal Team Player, about cultivating 3 essentials virtues):

  • Thou Shalt Prosper: Ten Commandments For Making Money - From a Rabbi that not only shares business tips and ideas but also offers some understanding of the Jewish faith and differences. An enjoyable read that also shares some insight for business-people and entrepreneurs pursuing retirement.
  • Three Signs of a Miserable Job - Parable book from Patrick Lencioni that is great for managers striving for employee engagement. Tells the story and helps us understand how management can miss the target on what team members want and need to flourish at the office.
  • The Art of Deception - Controlling the Human Element of Deception. Fantastic book on social engineering stories from the world’s most famous hacker, Kevin Mitnick (although some might say Matthew Broderick is better known, with War Games and Ferris Bueller under his belt). Helps business owners understand how security is much more than technology and understanding risk areas to improve internal training and policy.
Jason Kramer is interested in: Bobby Barham recommends:
  • The NEW One Minute Manager by Ken Blanchard – This is a book covering the three One Minute Secrets to a more productive organization.
  • Millennials in the Workplace by Neil Howe – Covering the generation of young people born since 1982 who are now entering the workforce. How the new generation can be a asset and what Millennials are looking for in their lives and careers.
  • The South Beach Diet by Arthur Agatston – Written by a cardiologist who found that his patients had a difficult time following complicated, restrictive diets. He discovered a diet that is neither complicated nor restrictive. Focusing on the glycemic index, he shows foods and recipes that you can have as much as you want and be healthy.
Robert Curtis just finished The Innovators by Walter Isaacson – It is a story about how the internet came to be. It came on the heels of the book release on Steve Jobs. Also, Robert shares that he is about to start Who Owns the Future? By Jaron Lanier. This book shows how personal data should be protected and is being exploited using Siren Servers. Perhaps we'll be treated to a personal review soon!  
  Did You Know...Creating Your Business IT PoliciesThe Fulcrum Group Dallas Fort Worth IT Outsourcing Managed Services Did you know The Fulcrum Group can help you develop your IT policies.  If you’re a SPOT Managed IT Services client, this is included in your agreement at no extra charge!  If you’re not a SPOT Managed IT Client, contact your Account Manager to learn how to become one. Contact your Fulcrum Group Account Manager via email or at 817-337-0300 to find out more.