Category: software

Posted on

Cybersecurity and Small Business

Small businesses face many challenges as they grow and expand, and chief among them is the growing threat of cyber-attack. As the company grows, its value to cybercriminals grows, too. Implementing comprehensive cybersecurity measures is essential to maintaining customer trust and safeguarding important business data against these threats.

There is a belief among small business owners that their operations are too small or insignificant to be attractive targets for cybercriminals. Cybercriminals, on the other hand, more often view small businesses as easy targets. Why is this? Largely because the bad guys know that the smaller companies aren’t spending on cybersecurity services and tools and aren’t always keeping their workers informed about ways they can participate in keeping things safe.

To help protect the business from cybersecurity threats, it is crucial to invest in some key security measures. Longer and more complex passwords, regular software patching and updating, and periodic training for employees on how to identify phishing attempts and what to do with suspicious emails is a good start. Cybersecurity efforts should scale with the business, and this requires strategic planning that is aligned with the goals and objectives of the business.

The best cybersecurity approaches are built on a secure foundation, and this is what helps to support business growth and expansion. For every business, there are four cornerstones of a solid cybersecurity foundation.

  • Identifying potential cyber threats and understanding the business risk they represent.
  • Enforcing strong password protection and role-based access controls.
  • Following best practices in cybersecurity.
  • Managing documentation and vital business information securely.

Cybercriminals know that smaller businesses generally have limited cybersecurity resources, making small businesses prime targets for phishing and malware. What is the potential impact of falling for a phishing email, or what happens if there is a ransomware attack? Each type of threat carries different levels of risk, and growing businesses should be aware of the potential financial, legal and reputational impacts when evaluating their approach.

Businesses can help their users become part of the cybersecurity plan by regularly training them on phishing methods and ways to avoid ransomware or malware. When users know more about emerging threats and how to recognize and report suspicious things, they become valuable assets in the improvement of cybersecurity of the business.

The first line of defense in cybersecurity is the username/password challenge. Many systems today use an email address as the username or user ID, which means it really isn’t much of a challenge to guess. This leaves it to the password to keep the account secure, so a strong and unique password is necessary.

Making another challenge to the authentication adds another layer of protection to the account. Referred to as 2FA or MFA (two-factor authentication or multi-factor authentication), users may be required to respond to an in-app message, provide a code received via SMS or other, or provide a code from an authenticating application to satisfy the login requirements. This additional challenge to the user identity makes it harder for cybercriminals to gain unauthorized access.

Ensuring the protection of sensitive business information requires controlling what users have access to once they are in the system. If someone were to gain unauthorized access, having appropriate role-based access controls in place would limit their ability to get sensitive data. This is often another area of vulnerability for smaller businesses that don’t implement strict document controls or structures, opting instead for an open self-service model that leaves data available to whomever can get logged in.

With businesses changing frequently, it is important to not just create a framework to limit user access, but to keep user and role-based access reviewed and updated regularly. Software and systems also need to be updated regularly. Known software vulnerabilities should be patched and security updates installed on devices, and policies enforcing updates and antivirus/malware detection should be implemented.

We understand that businesses must enhance their cybersecurity strategies to combat the growing number and type of cyber threats, and it can be challenging just figuring out what to do first. Working with a variety of technologies and specialists, we can help secure your digital environment and keep you better-protected from the bad guys.

jm bunny feetMake Sense?

J

Posted on

Deadline Approaching for QuickBooks Desktop Users

All QuickBooks Desktop Users Are Required to Upgrade to a Current Subscription Model by Sep 30. Yes, the time has come to buy in to the software subscription model or lose access to your books. But at least you get to keep using QuickBooks desktop software, which is worth a lot of you’re already invested in QuickBooks.

Effective Sep 30, 2024, all existing users of QuickBooks Desktop Pro, Premier, Mac, and Enterprise Solutions v21 (and earlier) must transition to the annual subscription model. For Pro and Premier users, this is a short reprieve. Previously Intuit had announced a July deadline for renewing Pro/Premier licenses. After the now-September deadline, there won’t be any new sales of Pro or Premier licenses. With some of the recent price increases it almost becomes a moot point, as QB Enterprise is now priced similarly (less?) than Premier.

Something notable in all of this is that versions sold under non-subscription one-time licenses will be discontinued entirely. That is just fine for many users, however, as the much older versions don’t “phone home” to authorize the license, so they can keep working. The downside to that is vulnerability. Outdated and unpatched software is more vulnerable to risk than software that is actively updated to protect against various exploits. Best practices demand keeping software updated and patched. Being out of support with your business financial and accounting software is not a position you want to find yourself in.

Starting Oct 1, 2024, QuickBooks Enterprise will be the only QuickBooks Desktop version available for new purchases. For very small businesses, this is going to be a challenge as QB Enterprise is not as affordable as Pro was. These businesses may find that QuickBooks Online works for them, but they will not only miss out on a great deal of QB Desktop functionality that is not present in Online, but they will also be locked into the QuickBooks Online service model of receiving product updates without announcement, not having a backup of your company data, getting bombarded with a revolving door of add-on apps, and having literally no control whatsoever of where your data lives and how Intuit and its companies are accessing it.

If you are using an older version of QuickBooks Desktop, upgrading to the subscription model before the deadline is crucial to avoid any interruption of services.

What does this mean?

  1. Service Discontinuation:
    Failure to upgrade will result in the discontinuation of services such as QuickBooks Desktop Payroll, Payments, Online Backup, online banking, system updates, security patches, and live support. This could potentially disrupt your business operations.
  2. Immediate Action Needed:
    To ensure uninterrupted business operations, we strongly recommend planning your upgrade without delay.
  3. Advantages of Upgrading:
    Intuit encourages existing Desktop subscribers to upgrade to the current version (Desktop 2024) to benefit from the latest features, improvements, security updates, and bug fixes. Updated software also improves compatibility with current versions of Windows, Microsoft Office applications, Gmail services and other solutions that use modern methods of account protection and authentication.

At that time, you may also want to consider your alternatives to how and where you run your QuickBooks Desktop software.

Intuit offers “cloud access” with their QuickBooks Enterprise licensing, but this option is not your only or best option for running your QuickBooks Desktop/Enterprise software in the cloud.

With the bad guys (hackers) and malware being as prevalent as they are, businesses must be vigilant in securing their business and financial information. Shared hosting platforms where service providers allow many users from many businesses to operate on the same servers simply cannot provide the level of security or protection most businesses need.

Noobeh QBonAzure offers some limited shared hosting, but only for customers that have limited requirements and only for a few users. When a company needs more than just “vanilla” hosting for their valuable financial data, we strongly recommend going the private route and having your own cloud server.

Not just a “dedicated” server in a service provider’s network, Noobeh works only in the private Microsoft account of each customer, ensuring that there is absolutely no sharing of any resources with other customers. This allows us to build a system that works specifically for your business, with all the applications and services needed to support all aspects of operation. There aren’t different levels of service or service packages; each system is built and sized for the customer’s unique requirements, and we don’t charge per-application or silly things like that. You need what you need to run your business, and we host that.

Connect with us if you have any questions or need assistance during this transition. We will help you navigate the changes and understand how best to proceed for your business and circumstances, engaging with the right products and services to ensure continuity and set you up for greater future success.

jm bunny feetMake Sense?

J

Posted on

Taking a Hybrid Technology Approach is Most Advantageous for Many Small Businesses

When discussing technology and cloud, most IT resellers and MSPs serving small businesses equate “cloud” with web-based applications (SAAS) and web-based file sharing and assume that any talk of cloud desktops means desktop-as-a-service (DAAS). Unfortunately, web applications and file sharing services, and especially DAAS, are often NOT the best or most advantageous solutions available to the SMB/SME organization.

Rather than taking an “all or nothing” approach to cloud, small businesses benefit more from a strategic combination of cloud servers and desktop software, a hybrid model where the business gains the best of both worlds.

It is sometimes frustrating that small business IT personnel are the drivers behind migrating businesses from desktop applications to their web-based counterparts.

Most SMB software purchases are solely handled by IT, disregarding other important stakeholders.

Capterra’s 2023 SMB Software Buying Trends Survey

These non-business users pave the way for moving the business to cloud-based applications rather than modernizing the platform for existing applications to enable improved processes and workflows. This is especially challenging for accounting and finance operations where the businesses are being encouraged to migrate without first considering the underlying business processes or the accessibility of the impacted and associated data.

Businesses have developed an appreciation for the stability and predictability of desktop applications, along with the recognition of the challenges of transitioning from a system that is deeply integrated into existing workflows. Training users and adapting the work while migrating to cloud applications can be complex and costly without delivering significantly new or increased business benefits.

Data control and security are also large considerations. Most desktop applications allow businesses to retain direct access to and control over their data. Sensitive information remains within their reach rather than under the direct control of a 3rd party SAAS provider from whom they must gain permission and access to retrieve their data.

Rather than pushing the business towards web-based application services, a hybrid approach that modernizes the server and network platform as well as the user working environment may make more sense and provide the organization with greater advantage. This allows businesses to leverage their investments in desktop software, processes, training, and data and still make significant operational improvements and transformations.

Even more, some businesses rely on specialized software that isn’t easily replicated in a web-based environment. Existing desktop applications, especially industry-specific or custom-built tools, may not have cloud equivalents. Migrating these to the cloud server platform allows for uninterrupted productivity even as the business transitions from local to cloud-based platform and operations. Employees comfortable with existing software can maintain productivity without significant adjustments.

Using a cloud server to replace on-premises servers and user desktops, and keeping desktop and network applications working more securely, with improved access and management is the hybrid approach most advantageous for small and medium size businesses.

Noobeh works with Microsoft Azure, providing cloud servers that are scalable so small businesses can adjust their computing resources based on demand. Whether it’s expanding during peak seasons or downsizing during quieter periods, cloud servers offer flexibility that on-premises machines can’t.

Businesses can continue to use the critical desktop application tools they rely on and retain direct control over their data at the same time. Sensitive information remains within their cloud network, but users can access it from anywhere.

This hybrid model combines the benefits of cloud servers, including scalability, cost-effectiveness, agility, and security, with the benefits of keeping existing desktop software, including functionality, stability, data investment and control.

A hybrid approach to modernization allows small businesses to leverage the advantages of both cloud servers and desktop software, tailoring their technology stack to the unique needs of their businesses and in a way that is most advantageous to the business.

jm bunny feetMake Sense?

J

Posted on

Cybersecurity and Retail Should Always Go Together

Retail cybersecurity is a critical concern for every business in the retail industry, which is why cybersecurity and retail should always go together. Retailers are prime targets for cyberattacks due to the valuable customer data they collect, which usually includes personally identifiable information (PII) and credit card numbers. Retailers can handle large volumes of customer data, which becomes an attractive target for cybercriminals seeking to profit from selling it on the dark web.

Recent statistics from various sources suggest that more than 24% of cyberattacks specifically target retailers, making it one of the most heavily targeted industries. Roughly one third of retailers cite cybersecurity concerns as their primary obstacle in transitioning to e-commerce, with cost and technology barriers coming close behind.

For the bad guys, however, it is all about the money. Almost all retail cyberattacks are driven by financial motives. When consumer data is compromised, most of the information exposed consists of payment information and personally identifiable data which can fetch a good price on the dark web.

Retail cybersecurity threats occur because the environment tends to have a lot of elements. The hybrid nature of many retail businesses introduces additional risk, where brick-and-mortar stores are combined with e-commerce platforms and services.

NFC (Near Field Communications) vulnerabilities exist in some payment systems, and many Point of Sale (POS) systems still do not use point-to-point encryption for their communications. Even if communication streams are encrypted, it makes little difference if the software has known vulnerabilities or if insecure plugins or add-ons are being used.

Cloud-based storage and mobile apps increase the presence of stored data online, which increasingly leads to new threat vectors like cloud-based botnets and more.

The key is for businesses to prioritize security and invest in platforms and solutions that will help protect customer and business data. Critical in this effort is the implementation of IT best practices in regularly updating operating system and application software, limiting the access users have for installing or modifying software on their devices, and always monitoring the systems for vulnerabilities.

Like cybersecurity and retailers, Noobeh and secure IT go together. We help retail and other businesses proactively address cybersecurity challenges so they can protect both their business and their customers. Noobeh cloud services helps retailers secure their business servers and systems, delivering scalable, high availability and highly agile solutions that keep business and finance operations running.

Noobeh provides services for Microsoft 365 and Microsoft Azure platform and deploys solutions for manufacturing, inventory management, multi-channel commerce, EDI, financial and more. Get together with Noobeh and find out how we can help your business operate more securely and with better, more agile and resilient IT.

jm bunny feetMake Sense?

J

Posted on

Intuit Makes Moves to Push Low-End QuickBooks Users to Online Edition

QuickBooks Pro and Premier Subscriptions No Longer Available After July, and It’s Bye Bye for QuickBooks for Mac

 

Final sale date for QuickBooks Pro and Premier

On November 30 of this year, Intuit notified its partners and customers that the final date for new sales of QuickBooks Desktop Pro, Desktop Premier, Mac, and Desktop Enhanced Payroll is July 31, 2024. Starting in August, QuickBooks Pro and Premier subscriptions, along with Mac versions and desktop payroll services, will no longer be available for purchase. QuickBooks Enterprise, which is a desktop edition, is the only QuickBooks version that will remain available for new subscriptions. 

For several years, Intuit has been improving their online version of the product while migrating as many customers as possible to that platform. Now, businesses that have invested years of user training and business process development are forced to decide if the online version of QuickBooks will meet the needs that the desktop editions have for years, and they must look at the realities of potentially re-training users and re-developing workflows and processes. 

QuickBooks Enterprise is a viable alternative 

The alternative is that businesses adopt QuickBooks Enterprise edition and retain the value of user knowledge and process support by remaining in desktop QuickBooks. For businesses that manage multiple company files, QuickBooks Enterprise provides the same multi-company capabilities that Pro and Premier do, something the online edition does not currently support. 

There is no change to QuickBooks Desktop Enterprise subscriptions. All QuickBooks Desktop Enterprise subscriptions (Silver, Gold, Platinum, and Diamond) will continue to be available for purchase for new customers. QuickBooks Enterprise Gold, Platinum, and Diamond subscriptions include integrated payroll. 

Flexibility of Desktop Applications on the Cloud 

With the announcement, many accounting professionals and their clients are not sure what the best path forward is. While there is momentum behind the online application, there are options for staying with QuickBooks Desktop and still take advantage of the cloud. 

For businesses that want the flexibility of using the cloud but that need the features and functionality of desktop QuickBooks, Noobeh cloud offers QuickBooks on Azure services. This empowers businesses to use their QuickBooks Desktop software – Pro, Premier, or Enterprise – along with all their add-ons and integrations, and to run it all securely on the Microsoft cloud. Note that Noobeh’s hosting service also works with Mac devices, so even Mac and iOS users can work in hosted Windows versions of QuickBooks. 

QuickBooks Desktop is Not Dead 

The retirement of QuickBooks Desktop Pro, Premier, Mac and Payroll products currently impacts only new customers looking for those solutions, or existing customers that do not have current subscription licenses. If a business has an existing QuickBooks Desktop Pro Plus, Premier Plus, Mac Plus, or Enhanced Payroll subscription, they can continue to renew their subscription after July 31, 2024. Intuit will continue to provide security updates, product updates, and support for existing subscribers. 

Intuit will also allow accountants to continue purchasing QuickBooks Accountant Desktop Solutions, including ProAdvisor bundles, directly through the QuickBooks Accountant Sales team. 

What to Do 

To avoid losing access to QuickBooks desktop, businesses should purchase a QuickBooks Desktop Pro Plus, Premier Plus, or Mac Plus subscription through the QuickBooks Accountant Sales team before July 31, 2024. Businesses that need a desktop payroll solution should consider purchasing a QuickBooks Enhanced Payroll subscription before July 31, 2024, or upgrade to QuickBooks Enterprise Gold, Platinum, or Diamond, all of which include integrated payroll and can still be purchased after July 31, 2024.  

Mendelson Consulting, Intuit’s first solution provider and the go-to experts on QuickBooks Desktop and QuickBooks Online, are perfectly positioned to provide businesses with the help they need to decide which path to take with their QuickBooks software. Recognized as specialists in working with larger businesses using QuickBooks Enterprise and as top performer with QuickBooks Online, Mendelson Consulting’s team has the depth and breadth of knowledge and expertise to make sure your business makes the best possible choice for its financial systems. 

jm bunny feetMake Sense?

J

Posted on

Controlling SaaS Inflation

The cost of everything is going up, and that is as true for businesses as it is anywhere else. From office space and salaries to vendors and suppliers, everything is hitting the bottom line harder than before. For businesses invested in online application services and Software-as-a-Service solutions, the rising cost of usage is outpacing other expense categories at a fairly high rate.

Consider that many small businesses start with whatever is cheapest and easiest to use, which usually means a web-based solution. From there, the business cobbles together it’s IT by using a variety of applications and services and eventually ends up with a tangled web that can be difficult to straighten out.

Even larger enterprises find that shadow IT implementations and web-based application services make their way into the mix, costing companies greatly through unmanaged subscriptions, lack of vendor management, and missed opportunities for consolidation of resources.

Covid and remote work requirements fueled a lot of the growth in SaaS adoption as businesses implemented solutions and services to support a distributed workforce. Leaving millions of square feet of office space unused while at the same time investing in remote and mobile work, businesses have had a hard time of it.

According to an article on CFODive, “Software inflation has remained “stubbornly high” this year at a rate of 8.7% — more than double the inflation rate as measured by the consumer price index in the U.S., according to research conducted by London-based Vertice, a software-as-a-service and cloud spending management company.”

In 2023, SaaS inflation increased by 8.7%, meaning the same unchanged set of SaaS products will cost businesses significantly more than it did a year ago.

Vertice.one SaaS Inflation Index report


The Vertice report indicates that sales software, finance software and productivity tools represent categories of software that saw inflation rates of over 10% as compared with 2022. Another uncomfortable reveal from the report is that most software companies simply hiked their prices, and in some cases, they hiked them up a lot (23% increases, for example). The rising cost of Software-as-a-Service, referred to as SaaS Inflation, is a lot higher than with other products.

Part of the problem may be the global nature of online application services and SaaS companies. Costs of operations and the pricing of the product may be consistent across geographies, yet different regions will experience inflation in costs of other goods and services based more on regional factors. The result is a SaaS inflation rate higher than the consumer inflation rate. Yet even in areas where the SaaS inflation rate seems to be more in line with consumer inflation, it’s still a lot higher than many other categories of products and services. Only food and beverages compete at similar levels of price inflation.

Another part of the equation is the value for the dollar. Everyone knows that a dollar today buys less than it did last year. At the grocery store, this shrinkflation is obvious when an item is now more expensive, and you get less for the same price. With SaaS, the shrinkflation may not be quite as obvious. License packages change, features are introduced (or removed), and the value to the customer can change dramatically over time while the rates simply increase.

There are some important steps a business can take to minimize the impact of SaaS inflation, and it all starts with knowing what you have and how you use it. Reducing or eliminating shadow IT and implementations outside of general governance, consolidating vendors and licensing, and reducing redundancy in functionality and process support are key areas to focus on to control the spend.

Mendelson Consulting has experienced consultants that can work with your business to understand your needs and evaluate your options, helping to find the right solution for the problem while minimizing sprawl and spending.

Whether you rely on Software as a Service, Infrastructure as a Service, or any other -as a service solution, the Mendelson Consulting and Noobeh cloud services teams can help you do more with your investment.

jm bunny feetMake Sense?

J