11 Cybersecurity Tips For Nonprofits

11 Cybersecurity Tips For Nonprofits

Access to your nonprofit organization’s data is one of the best tools you can provide your employees with to further your mission, provided that you’re not giving away your valuable data to unauthorized users. To further this effort, an IT environment that’s monitored and managed by IT professionals promotes the security you need. A knowledgeable IT provider will prevent cybersecurity vulnerabilities and keep your technology up and running. They will ensure that your members’ and donors’ confidential information remains private.

But there are also things that you can do to help. We’ve provided eleven tips for you to follow that will promote cybersecurity for your nonprofit organization.

  1. Appoint A Cybersecurity Chief. Tap a trusted member of your staff to liaison with your IT service company to ensure that your employees and volunteers strictly adhere to your cybersecurity plan. Along with your IT professionals, this person will be your point-of-contact to ensure your nonprofit adheres to IT security compliance regulations and standards so you can stay in good standing with governments and donors.
  1. Develop An IT Security Plan & Policy. Consult with your IT provider and put a plan in place to ensure that your data is protected both in storage and in transit. Hackers are looking to capitalize on your members’ confidential data, and you can’t afford a data breach. If this information is exposed, you may end up in expensive litigation, not to mention a reputation that’s ruined — If this happens, no one will want to fund your projects.

There are a range of flexible and affordable options for this that your IT professionals can implement for you. You needn’t be worried as long as they implement enterprise-based cybersecurity solutions and a layered defense that can automatically block and eliminate the latest threats. The idea of layering security is simple: You shouldn’t rely on one security mechanism such as an antivirus to protect your confidential information. If that security mechanism fails, you have nothing left to protect you.

You should also develop a Security Policy. This Policy should begin with a simple statement describing the information you collect about your members and donors and what you do with it. It should identify and address the use of any Personally Identifiable Information (PII) and how to keep it private.

  1. Plan For Data Loss Or Theft. It’s essential that you determine exactly what data or security breach regulations affect your nonprofit. You need to know how to respond to data loss. All employees and contractors should be educated on how to report any loss or theft of data, and who to report to. Data loss can expose you to costly state and federal regulations and litigation. You must be able to launch a rapid and coordinated response to a data breach to protect the reputation of your nonprofit organization.

Your plan should include input from all departments that could be affected by a cybersecurity incident. This is a critical component of emergency preparedness and resilience. It should also include instructions for reacting to destructive malware. Additionally, departments should be prepared to isolate their networks to protect them if necessary.

  1. Implement A Disaster Recovery & Business Continuity Plan. You must have a backup copy of your data if it’s stolen or accidentally deleted. Develop a policy that specifies what data is backed up, how often it’s backed up, where it’s stored, and who has access to the backups. Backup to both an external drive in your office and a remote, secure, online data center. Set backups to occur automatically, and make sure your backup systems are encrypted.

Knowing that you can restore your saved data from a recent point in time and access it from a remote source if you must leave your work premises is crucial in the event of any incident that threatens your physical office location. The key is to backup frequently and ensure redundancy. More than one backup in different locations is required, and you won’t only need this if a storm were to hit. Because ransomware can lock up or crash your IT system, you’ll need a restorable backup to keep working if this occurs.

  1. Arrange For Security Awareness Training. Your staff can have a significant effect on your cybersecurity – either they know enough to keep your assets secure, or they don’t, and thus present a serious threat to your security. So, which is it? Do your employees and volunteers have the knowledge they need to spot cybercrime scams, avoid common pitfalls, and keep your nonprofit’s data secure?

Security awareness training helps your employees and volunteers know how to recognize and avoid being victimized by phishing emails and scam websites. They learn how to handle security incidents when they occur. If your employees and volunteers are informed about what to watch for, how to block attempts and where they can turn for help, this alone is worth the investment.

The human factor is still the biggest risk factor in most equations. Your staff can be your greatest asset or your weakest link. It depends on whether you take data security seriously enough to make sure that they are trained several times a year. People need to be reminded often about cyber threats. Plus, there are always new threats coming along, so it’s essential to stay up to date. Ongoing training and testing reduce the instance of human error that increases cybersecurity risks.

  1. Make Password Privacy A Priority. Passwords remain a go-to tool for protecting your nonprofit’s data, applications, and workstations. They also remain a common cybersecurity weakness because of the careless way employees go about trying to remember their login information. Weak passwords are easy to compromise, and if that’s all that stands between your data in the Cloud and in applications, your nonprofit organization could be at serious risk for a catastrophic breach.

There’s a better way than scribbling passwords on sticky notes. But what is that better way exactly? You must protect your data with hard-to-guess passwords and encryption that scrambles data unless the user has access to a decryption key. Encryption is an effective way to protect your data and emails from intruders. It uses an algorithm to encode information. Cloud storage encryption ensures that documents are safely stored so that only authorized users can decrypt files. Even if your data is intercepted by cyber thieves, they won’t be able to read it. By practicing secure encryption key management, your IT service company can ensure that only authorized users will have access to your sensitive data.

Another good choice is a password management solution designed to help you step up your security without making things harder for your employees and volunteers. A password manager generates, keeps track of, and retrieves complex and long passwords for you to protect your vital online information. It also remembers your PINS, credit card numbers, and three-digit CVV codes if you choose this option. Plus, it provides answers to security questions for you. All of this is done with strong encryption that makes it difficult for hackers to decipher.

Your team should also be using Multi-Factor Authentication (MFA). It protects against phishing, social engineering, and password brute-force attacks. It secures your logins from attackers who work to exploit your weak credentials. And, you must be able to generate the MFA for your employees and volunteers wherever they are. These tools can also generate time-based, one-time passcodes (TOTP). Your users simply key in the login prompt they receive to complete their multi-factor authentication.

  1. Keep Software & Operating Systems Up To Date. Software developers are diligent about releasing patches for new security threats. Make sure you install them as soon as they’re released. If you don’t, your IT system will be vulnerable to cyber attacks. If possible, set your systems to update automatically. Auto-updates will prevent you from missing critical updates. This is one of the most effective things you can do. It prevents security gaps and will limit system vulnerabilities that hackers find and exploit. Outdated software and operating systems that don’t receive security patches or support leave you exposed.

Replace all outdated software before the developers end support. For example, Microsoft announced they are stopping mainstream support for Windows 7. This is a popular operating system, so this creates concern for many. All support for Windows 7 will end on January 14, 2020.

This means that you won’t get bug fixes or security updates from Microsoft. Over time, the declining security and reliability of Windows 7 will make your computers vulnerable:

  • Your computers could be infected by malware;
  • Your antivirus won’t be updated;
  • Your online banking transaction protection may expire; and
  • Your financial data could be exposed to theft.


  1. Conduct Regular IT Inventory Assessments. Determine how your data is handled and protected. Also, define who has access to your data and under what circumstances. Create a list of the employees, volunteers, donors, or contractors who have access to specific data, under what circumstances, and how those access privileges will be managed and tracked. You must know precisely what data you have, where it’s kept, and who has rights to access it.
  2. Protect Data Collected On The Internet. If you collect information on your website, this must be protected. If a third party collects this data for you, they should fully protect it for you. You must ensure that any data you collect is secure.
  3. Enforce Access Policies on Mobile Devices. With BYOD (Bring Your Own Device) use, mobile devices like smartphones, tablets, and laptops present significant security challenges. They can be exposed to external threats, infections, and hackers; and when they’re connected to your network, can compromise your IT security. Establish security policies for the use of mobile devices on your network. They should be password-protected so only authorized users can use them. Instruct your employees to only use devices that belong to them and have been protected by your security policies. Ask your IT provider about Mobile Device Management that will wipe data from a device if it’s lost or stolen.
  4. Ask Your IT Service Provider To Do The Following:

Implement Layers of Security: You shouldn’t rely on just one security mechanism to protect sensitive data. If it fails, you have nothing left to protect you.

Segment Your Networks With Firewalls: Network segmentation categorizes IT assets and dataand restricts access to them. Reduce the number of pathways into and within your networks and implement security protocols on these pathways. Do this to keep hackers from gaining access to all areas of your network.

Use Measures To Detect Compromises: Use measures like Intrusion Detection Systems (IDSs), Intrusion Prevention Systems (IPSs), and anti-virus software to help you detect IT security events in their early stages. This provides 24/7 detection and response to security threats.

Secure Remote Access With A VPN: A Virtual Private Network (VPN) encrypts data channels so your users can securely access your IT infrastructure via the Internet. It provides secure remote access for things like files, databases, printers, and IT assets that are connected to your network.

Employ Role-Based Access Controls With Secure Logins: Limiting your employees’ authorization with role-based access controls prevents network intrusions and suspicious activities. Define user permissions based on the access needed for their particular job. For example, your receptionist might not need access to your financial data.

Install All Of Your Security Patches and Updates: Software developers are diligent about releasing patches for new security threats. Ask your IT provider to install them as soon as they’re released. If you don’t, your IT system will be vulnerable to cyber attacks. They can set your systems to update automatically. Auto-updates will prevent you from missing critical updates.

Secure and Encrypt Your Wireless Connections: Be sure your company Wi-Fi is separate from guest Wi-Fi or public networks. Your internal wireless network should be restricted to specific users who are provided with unique credentials for access. These credentials should be preset with expiration dates, with new ones provided periodically. Your company’s internal wireless should also be protected with WPA2 encryption.

Back Up Your Data For You: As we mentioned, you must have a backup copy of your data if it’s stolen or accidentally deleted. Develop a policy that specifies what data is backed up, how often it’s backed up, where it’s stored, and who has access to the backups. Backup to both an external drive in your office and a remote, secure, online data center. Set backups to occur automatically. And make sure your backup systems are encrypted.

You help others, so let us help you by protecting your nonprofit from IT security threats and instances. For more information, contact the Cybersecurity Experts at mProactive. We specialize in serving nonprofits. 

Did you find this article helpful? Check out the others on our Blog.  

Create your own fonts in Windows 10

Create your own fonts in Windows 10

You may have been using Windows 10 for some time now, but it’s likely that you haven’t mastered all of its features just yet.

Did you know that you can create your own fonts?

In the Windows store, you can get the “Make Your Own Font” app, a great way to add a personal touch to anything you may need to write. For example, you could even send an email in your own handwriting!

All you need to do is fill out the alphabet letter by letter (lower and upper case) as well as numbers and symbols. Then you name it, save it, and upload it via Control Panel > Fonts.

The next time you’re drafting something and find that Times New Roman is too formal, you’ll be able to switch to your personalized font instead.

Auto-Lock Your Computer In Windows 10

You may have been using Windows 10 for some time now, but it’s likely that you haven’t mastered all of its features just yet.

Do you know how to get your computer to automatically lock while you’re away from it?

It’s a feature included with Windows Hello. While you may already be using Windows Hello to unlock your computer with face recognition, you may not know about Dynamic Lock.

Here’s how it works – you configure Dynamic Lock to recognize a Bluetooth enabled device you keep on your person, such as your phone. After starting up, if that device goes out of range for longer than 30 seconds, your computer will automatically lock itself.

This feature allows you to get up and leave your computer unattended for short periods without having to worry about someone else snooping around your data.

Get More Out Of The Clipboard In Windows 10

You may have been using Windows 10 for some time now, but it’s likely that you haven’t mastered all of its features just yet.

Copy/Paste was a revolutionary feature when it came out years ago. However, operating systems have been slow to adopt the next logical step in its evolution – the clipboard.

Did you know that you can save 10 or more items to your clipboard on a long-term basis?

It’s simple – hit the Windows key + V to bring up your clipboard history. It’ll show you the many things you’ve Copy/Pasted, any of which you can choose to delete (for security purposes, if it were, say, a password) or pin for later use.

That way, you don’t have to always go back and Copy/Paste that same info from the same note or .doc file – you can have it ready for use on your clipboard for as long as you need it.

Protect Yourself From Ransomware In Windows 10

You may have been using Windows 10 for some time now, but it’s likely that you haven’t mastered all of its features just yet.

You’ve heard about ransomware, right?

It’s a type of malware that encrypts your data so you can’t access it and holds it for ransom. Usually, this malware makes its way into your systems by posing as a file or program you think you want. Even if you don’t end up having to pay the ransom, it’s a lot of trouble that you should try to avoid.

Did you know that you can enable Controlled Folder Access in Windows 10 to protect against ransomware?

Enabling Controlled Folder Access protects the default Windows data storage locations in your profile from access by unknown applications. When compared to identified and allowed programs, if the malware is determined to be unsafe, you’ll get a pop-up letting you know it was denied access to your storage.

Get Your Beauty Sleep With Nightlight In Windows 10

You may have been using Windows 10 for some time now, but it’s likely that you haven’t mastered all of its features just yet.

If you, like so many others, use your computer late at night, before (or even in) bed, then you may have found that it throws off your sleep cycle. Despite being tired when you got into bed, after staring at the backlit screen for a few hours, you’re not as tired anymore.

This has to do with melatonin – a chemical produced by your body when your eyes see that it’s dark and determine its time for sleep. Looking at a bright screen throws off this natural process, and the lack of melatonin makes it harder to get to sleep.

Did you know you can reduce this effect with Nightlight?

Nightlight is a feature that lowers the brightness of the screen and changes the colour spectrum in order to limit the interruption to melatonin production. To turn it on, find it under Settings, and set a schedule for it to follow based on your preferences for late night computing.

How do I protect myself from Ransomware?

Preventing Ransomware


There’s a real possibility that your computer can get infected with ransomware. Ransomware is the most frequently used form of malware today. You’ve probably heard about it in the news. But, do you know how to protect yourself from ransomware? We’ll tell you here. 

How Do I Protect Myself From Ransomware? 

You must take ransomware seriously, and educate yourself about all the ways your computers could get infected, and the steps you should take to prevent it from landing on your computers in the first place.  You can do this with security tools provided by your IT company and by practicing safe internet browsing and email use.

What Happens If I Get Ransomware?

Ransomware denies you access to your computer system or data until you pay a ransom. You can get ransomware from phishing emails or by going to an infected website. When you get ransomware, malicious software will lock down your computer’s files unless you agree to pay around $300 in bitcoin.

If your network and computers get infected with ransomware, recovery can be difficult. It typically requires the services of a data recovery specialist to remove the ransomware virus. Ransomware attacks can be devastating to both individuals and companies. 

How Can Ransomware Get Into My Computer?

If you visit an infected website, you could unknowingly download a ransomware virus to your computer.  Or a phishing email might trick you into clicking on a malicious link or attachment that downloads a ransomware virus into your computer.

Phishing emails are designed to appear as though they’ve been sent from a person you know. They will try to entice you into clicking on a link or opening an attachment containing malicious code. After the code is run, your computer is infected with malware.

Are There Different Kinds Of Ransomware? 

There’s more than one kind of ransomware. Viruses like CryptoLocker, CryptoWall, Locky, WannaCry, Petya, NotPetya, Crypto, Bad Rabbit, Eternal Blue, and more are designed to deny access to your data or network until you pay a ransom.

The WannaCry and Petya ransomware viruses spread via a vulnerability in Microsoft’s Server Message Block (SMB) network file-sharing protocol that’s widely used. It helps your computers connect to other computers and devices like printers.

Ransomware falls into three categories: Encrypting Ransomware, Scareware, and Screen Lockers.

  1. Encrypting Ransomware

This is a virus that locks down your files by encrypting them. There’s no software available that can unlock your files when this happens. The criminals who send the encrypting ransomware will demand a ransom to decrypt your files. Even if you pay the ransom, you still might not get your files back.

  1. Scareware

Scareware uses rogue security software and tech support scams to entice you. When this happens, you’ll get a pop-up message on your computer claiming that it’s infected with malware. But you should ignore this because your files are just fine. However, if you do ignore it, you’ll continue to get this pop-up message.

  1. Screen Lockers

If you get this type of ransomware, you’ll be locked out of your computer. You’ll see a message posing as the FBI or Department of Justice saying that you must pay a fine because illegal activity was detected on your computer. Don’t pay this “fine.” The FBI or DOJ would never freeze your computer or demand payment. So, don’t take the bait.

Can Ransomware Infect My Mobile Devices? 

It wasn’t until 2014 and the height of the infamous CryptoLocker that ransomware started showing up on mobile devices. Mobile ransomware typically displays a message saying your device has been locked because of illegal activity, and you must pay a fee to unlock your device.

You can get mobile ransomware when you download malicious applications. To remove it you should start your mobile device in safe mode. Then you must find the malicious app and delete it.

How Can I Protect Myself From Ransomware?   

The best way to protect your computers from ransomware is to prevent it from landing on them in the first place. Here are some ways that you can protect yourself from getting ransomware:

  • Update your software and operating systems with the latest patches. Outdated applications and systems are the targets of most attacks.
  • Install and maintain anti-virus software, firewalls, and email filters to reduce some of this traffic. Configure your firewall to block access to known malicious IP addresses.
  • Be suspicious of unsolicited email messages from individuals asking about employees or other internal information. If an unknown individual claims to be from a legitimate organization, try to verify his or her identity directly with the company.
  • Don’t provide personal information or information about your organization unless you are confident of a person’s authority to have the information.
  • Never click on links or open attachments in unsolicited emails. Exercise caution when opening email attachments. Be particularly wary of compressed or ZIP file attachments.
  • Follow safe practices when browsing the Internet. Be careful when clicking directly on links in emails, even if the sender appears to be known; attempt to verify web addresses independently (e.g., contact your organization’s helpdesk or search the Internet for the main website of the organization or topic mentioned in the email).
  • Pay attention to the URL of a website. Malicious websites may look identical to a legitimate site, but the URL may use a variation in spelling or a different domain (e.g., .com vs. .net). Look for https in the URL which indicates the site is secure.
  • Perform frequent backups of system and important files and verify those backups regularly. If ransomware affects your computer, you can restore your system to its previous state with any files unaffected by ransomware. And store backups on a separate device that can’t be accessed from a network or offline in a secure cloud solution.
  • If you are unsure whether an email request is legitimate, try to verify it by contacting the company directly. Don’t use the contact information provided on a website or email connected to the request; instead, check previous statements for contact information. Information about known phishing attacks is also available online from anti-phishing groups.
  • If other people or employees use your network, restrict their permissions to install and run software applications. Apply the principle of “least privilege” to all systems and services. Restricting these privileges may prevent malware from running or limit its capability to spread through a network.
  • Use application whitelisting to allow only approved programs to run on your network.
  • Enable strong spam filters to prevent phishing emails from reaching you and authenticate inbound emails to prevent email spoofing.
  • Scan all incoming and outgoing emails to detect threats and filter executable files from reaching your computer.

How Can A Firewall Block Ransomware? 

Today’s modern firewalls are built to defend against ransomware. The right firewall and Intrusion Prevention System (IPS) helps to prevent viruses from getting into your computers.

Your IT company should implement a next-generation firewall with an Intrusion Prevention Systems (IPS). These can keep ransomware threats from getting into your network, and stop them from self-propagating and infecting other computers and systems.

An IPS collects the malicious traffic coming into your network and only lets the clean traffic through. It also performs what’s called deep packet inspection of your network traffic to detect exploits and stop them before they reach any of your computers. The IPS monitors for and identifies suspicious activity, logs the data, attempts to block it, and reports it to your IT services company.

This right IPS uses a tactic called sandboxing. It puts malicious programs in a separate place, so they can’t spread throughout your network. Ransomware like WannaCry and Petya spread like worms; they can lurk in files like Microsoft Office documents, a pdf, or updates for applications. Hackers can make these files appear valid and hide the malware. This is why sandboxing is essential for any IPS.

Ask your IT Services Company to:

  • Use a modern, high-performing next-generation firewall, IPS, and sandboxing solutions.
  • Perform network assessments to detect all security gaps in your network.
  • Set up a Virtual Private Network (VPN) to detect any IT assets that are vulnerable.
  • Establish IPS policies to prevent malware from spreading to other LANs.
  • Ensure that any infected network is automatically isolated until they can eradicate the infection.
  • Segment LANs, using VLANs (Virtual Local Area Networks) and connect them all to your next-generation firewall.

Using VLANs allows your computer to communicate through a virtual environment to protect them from any ransomware or other viruses that may be circulating in your network. Extending VLANs or zones into your firewall takes security to the next level.

Why Do We Need A Business Continuity Solution? 

Why Do We Need A Business Continuity Solution? 

With A Backup & Disaster Recovery Plan, Your Business Will Have The Business Continuity You Need 

The Top 10 Benefits

Depending on the location of your business, your operations may be vulnerable to storms that down trees and power lines. And, no matter where you are, a simple accidental deletion of data by one of your employees can put your business services on hold. Plus, don’t forget about the continually increasing cyber attacks that hold business data for a ransom. For all these reasons and more, you need a Business Continuity Solution.

What Is A Business Continuity Solution?

Some IT support companies call this a Business Continuity Plan, and some call it a Backup & Disaster Recovery Plan. But no matter what you call it, it will keep your data safe and accessible if you experience a man-made or natural disaster.

It provides you with a robust set of tools to give your business the best chance to stay open and recover quickly, and with as little damage as possible to your operations and reputation.

Your IT services company will map out a plan and devise strategies to ensure your business continuity. Your Plan will:

  • Protect your IT System from significant disruptions.
  • Get your business back up and running in the event of a disaster.
  • Test your backups and recovery regularly as part of routine site maintenance.
  • Perform backups hourly to a secure remote data center without human intervention–with logging and alerting that notifies about not just failures but on the absence of success–a fundamental distinction.
  • Recover files and complete systems for time periods going back days, weeks and months.
  • Take backup one step further; your IT service company will show you how to leverage the full power of the Cloud so your staff can continue working from anywhere they can access the Internet.

Other options to consider in your Business Continuity Solution include:

  • A Voice Over Internet Protocol (VOIP) telephone system to communicate when phone lines are down.
  • An Electronic Data Interchange (EDI) to transmit data including orders and payments from one company to another.
  • Approved laptops and wireless devices to create, process, manage and communicate information electronically.

What Are The Benefits Of Having A Business Continuity Solution? 

These are the Top 10 benefits:

  1. Your information technology will be protected, and your staff will be prepared and productive in the event of a disaster. Employees will be informed and rehearsed, and they’ll know what actions to take. This could save your business a lot of downtime and money.
  1. It will protect the image, brand, and reputation of your business. If you’re able to continue functioning despite a disaster, your patrons will see you as dependable, and your reputation will be enhanced as a result.
  1. Your customers will feel confident doing business with you; you’ll be able to keep your commitments and ensure the continuing quality of the hospitality services you deliver.
  1. It shows your investors that you take your business seriously; that you’re prepared and ready to maintain productivity.
  1. Your insurance company could view your business more favorably knowing that you’ve done everything you can do to protect it from a disaster.
  1. Your staff will gain an awareness of business operations that they didn’t have before. Business Continuity Planning can often provide your personnel with useful insights into improving the way they handle tasks, even in areas that hadn’t been previously considered.
  1. If a disaster does occur, the cost of disruptions will be significantly reduced with a Business Continuity solution in place.
  1. They’re won’t be disruptions to services. Your competitive position will be maintained or even improved because you’ll be able to meet your guests’ requirements, where other business that aren’t protected won’t.
  1. Business operations will be enhanced when you identify areas of inefficiency or risk during the analysis part of your business continuity planning.
  1. The best benefit of a Backup & Disaster Recovery/Business Continuity Plan is your ability to deliver services and/or products regardless of business disruptions.

What Should You Do Now? 

Contact your IT support company in {city}.  Ask them to:

  • Identify Your Potential Risks.You likely already know when your riskiest time of year is for a weather-related disaster. And, of course, man-made disasters are always a risk. Mistakes by employees, vandalism, and data theft are threats to consider as well.
  • Assess Your Operations and Level of Preparedness.Look for flaws in your operations. Do you have a work-at-home plan for employees if they can’t get into your business? How will you communicate and collaborate with them? This is when a VoIP phone system and cloud computing can really help. Ask your IT support company about these and other technology solutions that will keep you working and connected.

Don’t Go IT Alone. You need an expert who’s trained in Business Continuity preparation and execution. This will give you peace of mind knowing that no matter the disaster, they will be there for you.

Give mProactive a call today to see how we can help you! Call now! (724) 261-3034

Should We Be Using Office 2019?

Should We Be Using Office 2019?

What Are The Advantages of Microsoft Office 2019?

As an IT Services Company, we get asked these questions almost every day.  Now that it’s available, everyone wants to know what Office 2019 is all about. Office 2019 provides a subset of features that Microsoft has been adding to Office 365 over the past three years.

Office 2019 is a local version of Office software, rather than cloud-based. It’s a perpetual release, meaning that you purchase the product once and own it forever instead of paying for a subscription or subscriptions to use it.

Who Will Benefit From Using Office 2019? 

Although anyone can purchase Office 2019, this version has been designed for business users. It comes with volume licensing and is best for companies that don’t want to use the cloud-based version of Office. You can also install the Office 2019 app on all your mobile devices, where you’ll have access to its basic features.

Are The Any Specific Requirements for Using Office 2019?  

It’s supported on all devices that run Windows 10 or the three most recent versions of macOS. If you are still using Windows 8.1 or Windows 7 (hopefully you aren’t) you’ll have to purchase a subscription for Office 365 to use Office 2019. It supports macOS, macOS Sierra (10.12), Mojave (10.14), and High Sierra (10.13).

What Are The Advantages Of Using Office 2019?

With Office 2019 you can use Microsoft’s latest versions of:

Word – Word has a new look and is black themed. However, it has all the features that you’re used to. Plus, Word in Office 2019 has incorporated learning tools, a new text-to-speech feature, and sounds that you can personalize.

Outlook – You’ll like Outlook’s improved user details, its support, and the look of the inbox. Some new features include:

  • Updated contact cards
  • Office 365 Groups
  • @mentions
  • Focused inbox
  • Travel package cards

Excel – The 2019 version of Excel brings in some great new functions like Power Pivot, 2D maps, and Power Query enhancements. You’ll have access to new formulas, new charts (like funnel charts and 2D maps), and you can publish your work from Excel to Power BI.

PowerPoint – The new version improves the way you can manage images. You can even turn them into 3D views. And PowerPoint now comes with enhancements like Zoom and Morph for a more sophisticated and dynamic presentation.

OneNote – This is an entirely new release in Office 2019. It can replace OneNote 2016 (but the 2016 version is still available and supported until 2025). OneNote now has ink-to-text support. This means that you can convert your handwritten words into a typed text.

You’ll like these new features: 

Inking – You’ll enjoy the new inking capabilities across all of Office 2019’s apps, such as pressure sensitivity, and the tilt effect that adjusts the ink’s thickness depending on the angle of the pen. It even has a roaming pencil case to store and organize your favorite pens, pencils, and highlighters to roam with across your different devices.

Easy Sharing – The new version of Office makes sharing easier. Office 2019 comes with a share button located on each application in the upper right corner of your screen. A document can be shared with just one click. This lets you share documents in different departments and throughout your organization.

Smarter Attachments – In the earlier versions of Office, you had to attach a document to an email to send it to others, and you had to go searching for the file you needed. Now, if the document that you want to share was recently worked on, it will be displayed when you click on the share button in Outlook along with other recently worked on docs.

Improved Version History – Now, Office 2019 comes with a History Section on the File Menu to make sure files are easily accessible.

Delve – This is a new tool that was integrated into Office 2016. It ensures that you have access to every aspect of your stored data. It includes documents shared or created in Office. This makes retrieving documents much easier.

As mentioned, Office 2019 is a standalone program for business users who either don’t want to use the Cloud or cannot access it. Because of this, most of the features included in Office 365 aren’t in Office 2019 such as the collaborative real-time editing features.

Microsoft advises that whether you move to Office 2019 or decide to go with Office 365, you shouldn’t delay.  This is because Office 2016 cloud support will be dropped in 2020. And Office 2016 installs will barred from connecting to Microsoft’s cloud-based services, including hosted email (Exchange) and online storage (OneDrive for Business), after Oct. 13, 2020.

Are You Still Using Windows Server 2008?

Are You Still Using Windows Server 2008?

Notice For Businesses: Support Is Ending For Windows Server 2008 

Microsoft will be stopping mainstream support for Server 2008 on January 14, 2020. This is a popular technology solution, so the end of support creates concern for many. Read on, and we’ll explain what this means and what you should do. 

What Does Windows 2008 Server End of Life Mean for Your Business? 

Windows Server 2008 end of life means that Microsoft will no longer update this product unless a warranty compels them to do so. January 14, 2020 marks the End of Support for Servers 2008 and 2008R2.

Unfortunately, many businesses in the US are still not ready. The reasons vary, but many company owners stay busy running their day-to-day operations. They just don’t have time for issues like this. And yet, this is a crucial server EOL that could cause many disruptions to your business if not dealt with promptly. 

How Soon Should You Get A New Server?

You need to change over from the Windows 2008 Server and Windows 2008R2 to a supported server by January 14, 2020. That’s the very last moment you’ll have before support is no longer available.

However, most IT support companies believe that companies should already be working on this. Migrating all of your data, applications, and other IT solutions to new servers is a time-consuming and complicated process. What if there are issues?

By waiting, you place your technology assets in danger, and you could pay more for last-minute service. Think of this as an auto repair problem. The sooner you get it fixed, the less it will typically cost. Avoid extra costs and issues by upgrading your servers now.  

What Other Problems Can Happen?

An end to bug fixes and those all-important security updates may be the ultimate deal breaker for you. Data managers will tell you that not having these fixes makes your data vulnerable to access by unauthorized parties.

Cybercriminals are on the look-out for ways to infiltrate your systems and steal sensitive data, and they know about the EOL for Windows Server 2008. Since Microsoft will no longer offer security updates and bug fixes for this server, this creates numerous loopholes in data security that could be exploited.

These security breaches can be avoided by installing a newer generation server with supported security updates.

What Should You Do Before Windows Server 2008 End of Life? 

There are many reliable servers available on the market today. This new generation of servers offers better efficiency, virtualization, faster speeds, and many other good attributes. Do some research to ensure that you get a proper replacement that will address all the functions that your organization requires.

How Do You Get Ready for The Upgrade? 

Installing new servers can be challenging. You have to plan out the process so that everything is done correctly and during off hours, so it doesn’t disrupt your daily operations. The sooner you start, the better.

To plan for an infrastructure upgrade, rewrite and migrate all applications based on Server 2008 to a safe storage place. The new server may require some troubleshooting. Databases can be hosted on the Windows Server 2008 hardware as you install the new system.

During the transition, put a data protection infrastructure in place that will eliminate risks during the server upgrade. This will protect your data from problems with the old server and risks associated with the new system. While this will cost extra, the fines associated with a data breach are often far more expensive.

What Should You Do? Work with Your IT Professionals 

If your business is running Windows Server 2008, you can look at these three solutions based on your business needs when its time to upgrade:

  1. Migrate to the Cloud with a product like Azure server from Microsoft.
  2. Upgrade your on-premise server to a Window 2016 Server.
  3. Choose a Hybrid solution that uses what’s best from both solutions. 

In most cases, it can be highly beneficial to give the entire project over to your IT services company.

Do You Have More Questions About Upgrading? 

Every Windows operating system has a life-cycle. Stay informed about essential End of Life dates. Join mProactive to always stay up-to-date and see what mProactive may be able to do for your business. Call Today! (724) 261-3034


Do We Need To Budget For IT?

Do We Need To Budget For IT?

No matter what type of business you run, the answer to this question is “Yes.” And now we’ll ask… What is your budget for information technology? Is it well thought out and fiscally responsible?

If you have a CFO, he or she is likely doing this for you. But many small and mid-sized businesses are on their own when it comes to devising an IT budget. In this case, your Technology Service Provider is your best reference, because they know about your business, the latest trends and security needs in technology, and IT solutions coming down the road.

Why Do We Need A Budget For Information Technology?  

Budgeting is obviously essential as it provides what you need to run your company. Without the proper appropriations, you could end up short on what you need to meet your customers’ demands and your business goals. You budget for other expenses like office rent, utilities, and supplies, right? Beyond this, you need to identify how you’ll need Information Technology to operate your business and execute your initiatives.

Just like you should have an IT roadmap that aligns with your business plan – one that takes you from where you are to where you want to be – your IT budget provides direction and details for your funding requirements to ensure that you have the technology to meet your business goals.

Consider your budget as a validation and support tool for your overall IT strategy. It will be the benchmark and cornerstone for your overall strategic IT management. A good IT budget will give you the ability to manage technology costs for both the short and long term. It will also give you the agility you need to adjust IT expenditures when changes come about.

Is IT Budgeting Difficult To Do?

Companies of all types and sizes struggle with IT budgeting. This is because the financial side of the business doesn’t always understand the technology that employees need to do their jobs efficiently, securely, and productively, and the IT team and employees don’t always understand the process of budgeting. The common ground, however, is when both parties look at the IT budgeting process as an investment in your organization’s future.

What’s Involved In IT Budgeting?  

It’s the process of allocating money to various IT services and solutions. These could be recurring expenses like Managed IT Services, where you pay a monthly fixed fee for an all-inclusive service plan. It should also include the hardware and software you’ll need to either purchase or lease on a monthly, per-user basis.

For most companies, IT budgeting is an annual process.

However, if unexpected IT projects come up, you may need to revisit your budget. Some view IT budgeting as a wish list of funding for every possible scenario. They see it as one big pool of money. When in fact, an IT budget comprises many components including capital, operating and project categories, and other types of expenditures such as hardware, software, subscriptions, and services.

A good IT budgeting process is similar to personal financial planning. Both processes establish short and long-term goals. It considers account spending and other constraints. It examines the “human” impact and analyzes strategies to determine the approach that aligns best with business goals while minimizing risks.

How Do We Get Started? 

Start by establishing various categories depending on the complexity of your operations and the extent of your requirements. Here’s a very basic example of some of the categories you should consider:

  • IT Service & Support (in-house and/or outsourced) Be sure to include recruiting and salary/benefit costs if you employ IT staff
  • Hardware: computers, servers, laptops, tablets, smartphones, network infrastructure, cabling, IP phones, video surveillance cameras, maintenance contracts, etc.
  • Software: licenses, subscriptions, support, maintenance contracts
  • Projects: IT consulting expenses, hardware, software, dedicated staff, cybersecurity training

If you run a mid-sized business and you have various departments, you may want to allocate various elements of your IT budget to these departments. In this case, you’ll have charge-back costs for each department. This is a bit more complex so your accountant should be consulted.

What Would Happen If We Didn’t Have An IT Budget? 

Without a budget, how will you justify your IT expenditures? These costs would go into your overhead, and you wouldn’t have a proper accounting of what you’ll need both short and long-term. Smaller businesses should also have an IT budget. Simple expenditures can expand into significant IT spending that you can’t account for.

Plus, your IT budget keeps your spending in check. It lets you know whether you’ve over-committed in one area and need more in another. It also allows you to compare what you’re spending in one department versus another.

Your IT budget lets you quickly identify areas where you may be overspending. For example, you might be wasting money on outdated or unused equipment or software licenses. Without an IT budget, you can get caught short and not have the resources you need to meet customers’ demands or comply with deadlines.

What Are IT Budgeting Best Practices? 

Align your IT budget with your organization’s strategy. If you don’t have an IT strategy, you should ask your technology service provider to help you design one. At the very least, develop a basic strategy that you can use as the basis for your IT budget. 

Consider all levels of your organization. Set aside the time and effort it takes to create a holistic and comprehensive budget. It will be the financial manifestation of your overall IT strategy and direction over the coming year. Use it to compare budgets year after year. Once IT initiatives have been determined and incorporated into your budget, take a step back from the details and look at the big picture.

Consider the human element. This is often overlooked when developing technology budgets. Look at how any changes you make will affect your employees’ ability to do their jobs efficiently and productively. Will they be able to work remotely with mobile solutions and cloud computing? Make sure that you account for any training they will need, including training to use new software or hardware solutions, as well as Security Awareness Training to prevent being victimized by phishing and ransomware.

Take measurements to ensure it makes financial sense. Assess your IT budget’s impact on three areas: financial key performance indicators (KPIs), financial statements and cash flow. Your accountant can help you with this. Account for your spending against the previous year’s budget so you can account for any deficiencies and variances that you’ll need for the future. 

Assess the impacts of your IT budgeting for the long term. Several months before your budget is due to be approved, review last year’s budget and this year’s expenses. This will help you detect areas where you need to reduce costs or reallocate them. You can cut the “fat” from your budget in one area (like hardware purchases or software licenses) that you can apply to a more cost-effective resource (like Hardware-as-a-Service or Software-as-a-Service).

A long-term outlook is best in any case. Assess your IT budget’s financial impact not only for the current or upcoming year but also for future years where IT initiatives might be affected. You don’t want to “balance the budget” for this fiscal year, only to run into unintended consequences in years to come. A good IT budget balances both short-term and long-term requirements.

In Conclusion

When you employ a strategic approach to IT budgeting, you’ll have a planning and decision-making tool that will ensure you maximize the benefits of your technology investments.

What is your budget for IT? In the final analysis, a good budget for information technology will give you a competitive advantage because, along with your IT roadmap, it will provide you with a strategy to achieve your goals. Your technology solutions provider can play a supportive role in helping develop an IT budget that meets your needs today and tomorrow.

What are the newest phishing attacks?

What Are The Newest Phishing Attacks?

Phishing is a term adapted from the word “fishing.” When we go fishing, we put a line in the water with bait on it, and we sit back and wait for the fish to come along and take the bait. Maybe the fish was hungry. Perhaps it just wasn’t paying attention. At any rate, eventually a fish will bite, and you’ll have something delicious for dinner.

How Does Phishing Work?

This is essentially how cyber phishing works: Cybercriminals create an interesting email, maybe saying that you’ve won a $100 gift certificate from Amazon. Sound too good to be true? Find out! All you have to do is click the link and take a short survey. Easy enough, right?

Once you click the link, guess what happens? A virus is downloaded onto your system. Sometimes it’s malware, and sometimes it’s ransomware. Malware includes Trojans, worms, spyware, adware, and rootkits. These malicious programs each have different goals, but all are destructive and aimed at harming your computers.

Ransomware encrypts all your files until you pay a ransom, but even then, there’s no guarantee you’ll get your database restored. Malware is all about stealing credentials, passwords, and other valuable information from your company. Sometimes it’s just about destroying your data.

As cyber thieves continue to steal from people all over the world, they create new ways to do this. After all, many people have become familiar with some phishing scams so they may not work as well. The solution is to come up with new scams that are enticing—things that users may not have heard about before. The more convincing hackers can make their scams, the more successful they will be.

How Has Phishing Changed?

The entire landscape of cybercrime is changing. It used to be mostly young guys sitting in their parent’s basement, trying to find clever ways to pass the time. Unfortunately, this crime has become so successful that the governments of countries are now involved. A vast majority of ransomware schemes originate in Russia. The government employs hundreds of hackers, and have teams of IT experts who work around the clock to create new and more effective hacking scams.

When hackers are backed by a government like China, they have practically unlimited resources. This makes them even harder to stop. If they were merely individuals committing crimes for personal gain, the authorities could track them down and put them in jail. But today’s cybercriminals are well-organized agencies that are part of a large foreign government, so stopping them is almost impossible.

What Are Some Of The New Types Of Phishing Scams?

Below, we discuss some of the most notorious cybercrimes and some new ones that are making the rounds:

Sextortion: Have you ever sent nude photos to someone? Are there any lewd or compromising photos of you floating around? Sextortion is all about locating embarrassing photos of you. If you own a business, then this can be a crime that pays well for thieves. They send the business owner a little sample of the erotic photos, then demand money or else they’ll publish them on the Internet. The problem with this crime is that there’s no guarantee you’ll get all copies of the photos back. You may pay the criminals and still not be sure.

Gift Cards: This scam is highly successful because typically the thieves don’t ask for very much money. Many victims will go ahead and pay even if they suspect that it’s a trick, just because there are only a few hundred dollars at stake. You may get a phone call from someone saying they’re from a creditor or the IRS. They will speak in hostile threatening tones. They’ll claim that if you don’t pay up immediately, terrible things will happen—maybe your car will be repossessed. Next, they instruct you to go to a local store like Walmart and buy gift cards in the amount you owe. Once you buy them, you call the thief back and give them the numbers found on the back of the cards. Once they have these, they can use them online to make purchases.

Phishing/Ransomware: Phishing crimes have become so successful that now there are variants like spear-phishing, vishing, and smishing. These are all forms of the same ruse. A hacker will send you a very convincing email. It may say something like, “Congratulations! You’ve just won $100 from Amazon. Click on the link below to claim your prize.”

You click on the link and guess what? A malware or ransomware virus is downloaded onto your computer. If you’re a business owner, this virus can spread quickly to other computers on your network. In many cases, all your computers are locked, and you’ll get an ugly message saying that if you want your files restored, you must pay a ransom. Sometimes business owners follow the instructions on the screen, and they get their files back… but, sometimes not. There’s no guarantee. Ransoms are always demanded using cryptocurrency because this form of payment is untraceable.

Wire Fraud Scam: Hackers are targeting the human resource functions of businesses of all types with phishing. They’re convincing employees to swap out direct deposit banking information to offshore accounts. A nonprofit in Kansas City (KVC Health Systems)said that there were numerous attempts each month involving scammers who were trying to convince their payroll personnel to change information about where to send employee pay. The IRS recently released a warning about an uptick in a wide range of fraud attempts involving payroll information. 

What Can We Do To Stop Phishing?

You may have spent years trying to build up your company. You have a huge amount of time and money invested, and yet one cyber attack could bring your company to its knees.

The first thing you need is knowledge. Knowledge is still power in our world. You need to know how cyber attacks occur. What are the latest phishing scams? How does ransomware work?

You also need to train your employees so they’ll know as well. Just one careless employee can open the door to thieves and cost you thousands of dollars. It’s much cheaper invest in training your employees. Make sure your employees get regular training to remind them how to recognize a phishing email or malicious website.

Unfortunately, cybercrimes won’t stop anytime soon. They’ve been too successful, and there’s almost no chance of getting caught. What you have to do is protect yourself and your data with the best security software. If you’re not sure whether your cybersecurity program is strong enough, hire a managed IT provider. They can perform penetration testing to assess your level of security.

A great managed IT service provider will do a full assessment of all your security protocols and let you know whether you need to add layers of protection. When you have the best cybersecurity platform in place, you can sleep better at night.

5 Steps for Implementing a Successful HIPAA Compliance Plan

5 Steps For Implementing A Successful HIPAA Compliance Plan

We’ve all heard about HIPAA compliance and what we need to do to ensure our use of technology meets up-to-date regulations. But with the healthcare industry continually evolving, this means that rules and regulations are as well.

With these constant changes, every healthcare-related organization must have a game plan in place to remain compliant. Here are five ways to create, adjust, and implement a HIPAA Compliance Plan. 

  1. Designate a Privacy and Security Officer – This can be your IT Managed Services Provider (MSP) or an employee who ensures your company remains compliant. This is a foundational building block for your compliance success. Hiring an individual or Managed IT Provider who has a track record of success is critical for HIPAA compliance.
  1. Perform a Risk Assessment – This is an overall review of both macro and micro levels to ensure your electronic protected health information (ePHI) is secure. This is a mandatory aspect of any healthcare organization’s compliance endeavors. Not only is it mandatory, but it’s the foundation for implementing safeguards to better protect your organization.
  1. Implement Policies and Procedures – You must provide your employees, and anyone who handles your sensitive information, a blueprint explaining the do’s and don’ts when it comes to HIPAA compliance. Your blueprint must continuously be updated and adjusted as you implement your compliance planning. For example, encryption is necessary to protect electronic protected health information (ePHI). This is an extra layer of security, comparable to an unbreakable password. Other standard procedures like locking a laptop when it’s not in use should be included in your policies and procedures. There are other examples where policies and procedures will help ensure HIPAA compliance.
  1. Train Your Employees – Security Awareness Training for your employees should be implemented to ensure everyone in the organization understands your policies and procedures. The best plan in the world can be ruined by an employee who doesn’t understand what they can or cannot, should or should not do.  Take the time to train them on best practices for handling sensitive information and what constitutes a HIPAA violation. This is also a mandatory aspect of HIPAA compliance.
  1. Develop and Implement an Incident Response Plan – What if you’ve done everything that you should? Everything is in place – you’ve “checked all the boxes” but you still experience a breach? Report it! — Have a plan in place to identify and respond to a threat. Once the source is identified, stopped, and documented, it must be reported. From this point on, you should have a prevention plan in place to ensure a breach doesn’t occur again.

What Can You Take From This?

Healthcare organizations are exposed to daily dangers and threats to their HIPAA compliance status. With the right plan in place, you have a chance to protect your practice or business from security threats and violations.

Create a HIPAA Compliance Plan, and most importantly, train your employees about IT security best practices. Remember to always report incidents and regularly evaluate your organization’s HIPAA compliance regulations and practices to consistently improve your IT security posture.





How Do You Decide Which Software Management Program Is Right for Your Dental Practice? 

How Do You Decide Which Software Management Program Is Right for Your Dental Practice? 

Here Are 3 You Should Consider 


With so many dental practice management programs on the market, how can you decide which one is right for you? As an IT Service Provider that works with dentists in Southern Utah, Idaho, and across the Western United States, we believe there are only three dental practice management solutions to consider: Dentrix, Open Dental, and EagleSoft. We compare their features below.


Dentrix: Dentrix was developed by Henry Schein Inc., a worldwide distributor of healthcare products and services. Dentrix leads the market because it can help you manage both the clinical and business side of your practice.

With Dentrix, your office staff can schedule tasks to run automatically on daily, weekly, monthly, or yearly intervals. This saves them time and frustration and keeps your accounts up to date. You can use Dentrix Pay to expedite the check-out process – it’s integrated into the main platform to save your staff and patients time and effort.

Dentrix also helps you gain insights into the financial performance of your dental practice and measures the performance of your teams. You can also manage your practice from any location using your mobile phone or tablet. Users find that it’s straightforward to use, that charting for treatment planning is efficient, and scheduling is clear and customizable.

Open Dental: Open Dental was designed by a dentist with the goal of keeping administrative costs low and data easy to control. It’s a complete practice management solution that includes on-premise electronic charting, billing, practice management, and imaging applications. It also includes web-based features that enhance access for providers and patients and improve the patient experience.

Open Dental is very customizable. You can send, add, and modify preauthorization treatment forms and modify fees for individual procedures. You can also color code appointments to distinguish between different dental providers.

Open Dental is suitable for both small and large dental practices. It allows for third-party plug-ins so you can integrate it with other systems. It even works with older equipment.

EagleSoft: Eaglesoft is a powerful practice management system designed for dental practices of all sizes. It’s an on-premise dental office practice management system. It provides specialized time-savings tools to assist dental practitioners with every patient visit.

EagleSoft is ONC-ATCB and Meaningful Use-Certified, and can easily be customized for the way your practice operates. It seamlessly integrates both practice management and clinical functionality. And its intuitive interface helps your staff manage your dental practice easily and efficiently.

EagleSoft is suited to practices of all sizes and comes with a clinical chart, patient scheduling, and billing/accounting applications. It also includes periodontal templates. The treatment planning module lets you present your treatment plans to patients and collect consent forms with a paperless digital signature feature. It also provides financial information so your patients can make informed decisions about their treatments based on insurance coverage estimates.

The patient record module centralizes and shares data across the platform. You can see a patient’s history from any location that’s connected to the system. It also allows you to e-prescribe via the system, eliminating the need for paper prescriptions.


All three of these practice management programs have features that are widely used in dental offices around the country. Here’s a list of each for comparison purposes.


  • Mobile Practice Management
  • Appointment Management
  • Appointment Reminders
  • Claims Management & Validation
  • Clinical Charting (3D)
  • Patient Account Management
  • Patient Billing
  • Patient Records Management
  • Claim Validation
  • Insurance Eligibility
  • Mobile Practice Management
  • Clinical Tools
  • Submit and Monitor Lab Cases
  • Sync Digital Images With Patient Records
  • Prescription Information
  • Medical Alerts
  • Treatment Planning
  • Daily Huddle Reports
  • Measure Financial Progress
  • Profitability Coaching
  • Available in English
  • Available in Windows, Linux, Android, iPhone/iPad, Mac, Web-Based
  • Integrates with 3Shape, JakariCare, 3M, Imagn, EasyRiter, Practice Safeguard, AutoCollect, Personable, RecordLinc, Reputation.com, Podium, Demandforce, DPP
  • Support via email, phone, live support, and tickets

Open Dental

  • Mobile Web Application
  • Appointment Management with ASAP Scheduling
  • Appointment Reminders
  • New Patient Appointment Scheduling
  • Electronic Appointment Confirmation
  • Reminder Rules
  • Email & Integrated Texting
  • Claims Management
  • Clinical Charting with Graphical Tooth Chart
  • Imaging
  • Patient Account Management
  • Patient Billing
  • Online Patient Portal
  • Patient Records Management
  • Treatment Planning
  • Built-In Graphic & Custom Reports
  • Electronic Prescriptions
  • Available in English, Turkish, Dutch, Polish & Swedish
  • Available in Windows, Linux, Mac, Web-Based
  • Integrates with business intelligence, cloud hosting marketing, imaging, credit-card processing, website building, dental systems, and other 3rd-party software and services
  • Support via email, phone, live support, training, tickets


  • Clinical Charting
  • Patient Records Management
  • Treatment Planning
  • Scheduling
  • Practice growth
  • Patient communication
  • Accounting
  • Digital imaging
  • Available in English
  • Available in Windows and Mac
  • Support via email, phone, live support, and tickets
  • There is no information about integrations