3 Things an Employee Information Manager Needs 

Too many systems, too many self-service portals. How many times a month are you or your employees being asked to update information in one of your systems – addresses, phone numbers, personal emails, bank information, emergency contacts – who has time to update all the systems everywhere. 

Just think about it: 

  • Employees Move 
  • Employees Change Phone Numbers 
  • Employee Families Change 
  • Employees Learn New Skills 
  • Employees Get New Experience 
  • Employees Can Be Working from Anywhere 
  • Employees Work Flexible Hours 

So, every time an employee does work for a new customer, or moves, or changes job title, then they would need to update every system that tracks that. Most people don’t even know what systems hold their info, much less have the time to make changes. And with more dynamic information like where they are working for the day or are the currently online, keeping multiple systems up-to-date completely breaks down. 

Why do we have this problem? 

The problem is that there isn’t really a system of record for employee information in most companies. Instead, there are many systems of record. What most companies have today typically looks like the following: 

  • HRIS: maintains employee information for HR, benefits, pay, employee reviews, etc. For good reasons, it is usually a very limited access system. The employee address and/or bank info is always correct in the HRIS because people like to get paid. 
  • Email System: Email is so central to modern work-life, that the email provider tends to be the default system IT uses for employee information. The email is always correct here and that is usually about all. 
  • Employee Directory: Some companies will either license an inexpensive employee directory or have an internal person develop one. The information in them tends to get stale quickly, because it is yet another system to keep updated. 
  • LinkedIn: While not a system that companies need to license, almost every employee has a LinkedIn account. LinkedIn tends to be a reliable place for employee experience and skills and sometimes clubs, hobbies, and other interests. 
  • CRM Systems: Customer Relationship Management (CRM) systems like Salesforce are widely implemented and often used by any employee that touches the customer whether sales, marketing, support, etc. Because of this, the employee information inside the CRM has become a de facto system of record for contacting employees. Emails and phone numbers tend to stay accurate but other important info like job title, location, skills and experiences, tend to get stale fast. 
  • Slack: You may not think of this as an employee information system, but it does have information in it like “I’m logged in” and “I am actively working”. Slack and other services like Teams are also ways to contact an employee that are faster and easier than email. 
  • Other Functional Applications: Just about every department in a company has at least one system of record to assist them with all their work. Any user of these systems must have an account, and usually the developers of those systems have added deeper employee info that is either necessary or helpful for their application. The challenge is that these applications are often not broadly used and the employee information gets outdated and therefore the features in the app that rely on that information become less helpful. 

3 Functions an Employee Information Systems Provides 

What companies really need is a centralized repository of employee information with three primary functions: 

1. Employee Self-Service: Allow employees to update their own information easily and reliably 

2. Secure Employee Directory: A great benefit of having reliable employee information, is that the information can then be shared internally. That said, there is far more information in the HRIS than should be published for all employees. A good employee information manager needs to have privacy settings that allow the proper handling of employee data.  

3. APIs Everywhere: If the Employee Information System is going to stay valuable, it needs to have APIs to as many systems the affect employees as possible. This list can be long but should include the HRIS, Email, Slack/Teams, Phone Systems, Device Managers, Finance, CRM, and Employee Notification Systems. 

It cannot be understated how important having accurate employee information available to all people and systems within a company is – especially as we move into a continually hybrid working work. Great companies will stop treating employee knowledge as tribal information exchanged between employees close to one another and will instead treat employee info the way they treat customer info – as strategic corporate asset to be treated with care and importance it should have. 

Want to learn more about managing your employee information better? Contact us and we can tell you about the software and services Montra provides to get you on your own journey to great Employee Information Management. sales@montra.io 

12 Cyber Readiness Strategies #3 and #4

3. Keep Updates – Up to Date

While software updates often introduce new or enhanced features into your apps, programs, and systems, they also install security and performance fixes known as patches. Undiscovered defects or flaws can leave your systems exposed. Cybercriminals will exploit any vulnerability or security gap they find. Keeping your systems updated is vital for keeping your business cyber-ready. 

Failure to Patch systems results in a breach. Of the companies who reported that their business experienced one or more data breaches in the past year, 57% confirmed that these breaches probably occurred because a patch was available for a known vulnerability but not applied. 

Why are Security Patches Important? Security patches address known vulnerabilities within software systems. Once these flaws or weaknesses become known, cybercriminals begin looking for ways to exploit them. The sooner a security patch is installed, the faster your business can restore protection and security against threats associated with vulnerabilities. Below are the five effective elements for applying security patches: 

1. Automate. With an automated system, analyzing and deploying patches can be as easy and provide significant time savings. 

2. Plan your approach. Group systems by department, location, etc. to better handle your environment and more productively manage patches. 

3. Test patches. Don’t just push out patches before testing them. All patches should be thoroughly lab-tested.

4. Know the configurations. Make sure you synchronize and validate your development, test, and development patch configuration settings. 

5. Maintain patch levels. Be proactive and schedule scans on a daily or weekly basis to analyze the environment and deploy all critical patches.  

Learn more about system updates and patches with our infographic, or contact Montra to see how we can automate and optimize your system patching process. sales@montra.io 

4. Enforce Multi-factor Authentication (MFA)

Threat of cyberattack has never been greater. According to the Verizon Data Breach Investigations Report, nearly 80% percent of all data breaches are due to lost, weak, or stolen passwords. And a recent study by Omdia/Ovum, 76% of employees report experiencing regular password problems. Verifying user identity and managing access to your business data has never been more important. 

One-level security or single-factor authentication is no longer enough. Even the strongest passwords are vulnerable to theft or exposure. Requiring more than one method to authenticate user identity or access permissions can reduce or eliminate the risk of stolen or unauthorized credentials being utilized. 

Using Multi-factor Authentication (MFA) makes gaining access to resources more secure and less vulnerable to credential theft. MFA provides enhanced security to identity management by requiring two or more forms of authentication. Mobile devices which support push notifications or texts, can be used for one-time passcodes, or third-party authenticator applications such as Google Authenticator or Microsoft Authenticator can be used to generate one-time passcodes also. 

MFA must be implemented to meet the security requirements to achieve and prove compliance for most regulatory bodies such as HIPAA, PCI DSS, GDPR, NAIC, NIST CSF, CMMC, ISO 27001, CCPA, NY SHIELD Act, GBLA, SOX and more. 

Get cyber-ready by setting up all your accounts with MFA today. Download our infographic for more information on MFA and password hygiene. If you want to understand how Montra can help you set up all your accounts, contact us at sales@montra.io. 

Hybrid Workforces Need Employee Notifications Now More than Ever

Now more than ever in this hybrid working world, employees value transparency, connectedness, and timely communication. When your organization communicates with employees when an incident occurs, or when an announcement affects their safety, they know that their time and well-being are being respected. 

An employee notification system makes the immediate reception of important information possible anytime and anywhere. The messages can inform or alert to maximize productivity of your employees. 

Texts and messaging apps are already a central part of your employees’ lives. Texts and messaging app messages like Slack are mostly read within the first 3 minutes after being sent, as opposed to only 22% of emails. Using these systems can help you to connect to your employees, increase engagement, and ultimately boost the employee experience. They’re quick, easy to manage and utilize all the devices they are using, from laptops to smartphones. 

When to Use Employee Notifications 

When starting to use an employee notification system, the following use cases have been shown to be the most efficient and value-packed: 

  • Emergency Situations: Use employee notifications to inform your employees about weather emergencies, transportation outages, or office issues. Not only is this information highly relevant, but it can save time, and boost efficiency. 
  • Deadline Reminders: Remind teams of project deadlines or upcoming deals. Company-wide, you can use deadline announcements to inform employees about things like benefits enrollment periods. 
  • Upcoming Events: To add a bit of fun, you can use employee notifications to promote the next office party, sports event, or team getaway. 
  • Major Company News: While not every piece of company news is worth a notification push, major news alerts can increase employee connectedness o the company and excitement about the company victories. 
  • Software Updates: Since call software comes with regular updates, you can inform your employees about new features or improvements that they can use. 

The Rules of Employee Notifications 

Employee notifications work, but sending too many, sending them at the wrong time, not targeting your message, or simply not providing value can quickly lead employees to ignore them. Consider the following rules when you generate your next employee message: 

  • Be relevant: When you send out employee messages, always consider how they will be received during your employees’ daily lives. According to a Push Index data study, highly targeted messages increase response rates by 293%! Target your employee messages based on departments, locations, and teams. 
  • Align with your company culture: Take time to decide on the proper tone to use. Employee messages should reflect the values of your company and your relationship with your employees, so make sure that your tone is consistent. 
  • Be engaging: Provide timely and relevant information so your employees are the first to learn about company news, benefit plans, or severe weather updates, not that John won the karaoke contest. 
  • Measure and improve: Track your employee notifications and their engagement rates. This will help you to determine which messages are more interesting and engaging to your employees and will help you to fine-tune future messages. 

Pay Attention to Timing and Wording 

Timing. Localytics data shows that when using sending an employee message, Thursday is currently the best day to get high click rates. The data further shows that sending messages between 10 a.m. and 1 p.m. results in the highest average click rate: 15%.  

Wording. Keep your messages clear, concise, and compact. The aim is to catch your employees’ attention and quickly communicate your message. Messages should offer clear, concrete value, and communicate the desired action. 

Educate Your Employees on the System 

Once you implement your notification system, announce to your employees that you will be using a new service to notify everyone within the organization of critical events or announcements. It’s key that all employees understand that these notifications are important to stay informed and in the loop. 

Use Multiple Channels and Groups 

Multi-Channel. If you have an important message that needs to get to your people ASAP, make sure you leverage your employee notification system’s multi-channel functionality. Select as many channels as you believe are appropriate for your notification, but if this is indeed an emergency, we recommend contacting your employees over text message, email, Teams or Slack, voice call, and social media. 

Groups. To reach them with the right message at the best time, you’ll want to be sure to create robust grouping hierarchies that reflect your organization’s structure, for example, groups based on department, office location, and role for example. And if your organization has many locations, send notifications from the map using geofencing, so you can capture all employees in an affected region.  

Engaging your employees through thoughtful, relevant messages will enable your organization to interact and communicate with your employees successfully. Correctly using an employee notification system can help you connect with your employees in meaningful ways, create value for them, increase engagement and ultimately boost your employee’s experience. 

Are you interested in leveraging employee notification capabilities of Montra VIA? Do you want to connect with your hybrid workforce faster and more completely? Don’t hesitate to contact us at sales@montra.io! 

7 Hidden Features of Microsoft 365 You Are Lucky to Find

Microsoft 365 is the largest SaaS platform for mid-market and SMB companies. Microsoft 365 now has over 50 million subscribers. Over 1 million companies now use Microsoft 365 to power their core productivity functions. 

Companies usually sign up for Microsoft 365 to get email and desktop applications. And increasingly now with hybrid work, Microsoft Teams is becoming a big feature of M365. There are, however, most users don’t realize that beyond the most popular features of Microsoft 365 lie some not-so-obvious capabilities and tricks that are severely underused. These “hidden” features are designed to make using Microsoft 365 simpler and more effective. 

Whenever there’s a way to use technology to make our work more efficient, we’re all for it! With that in mind, we’ve put together seven hidden features of Microsoft 365 that, when used correctly, can make the way that you spend time on your computer more efficient and streamlined. 

1. Teams Voice 

Another little-known feature in Microsoft Teams is Teams Voice, which allows users to make and receive voice calls via the Teams app. You can take or make calls both from within Teams and externally via Cloud Phone, giving you a single number and a single app for voice and video calls on all your devices – in fact, you’ll never need to give out your mobile number again. 

Choose from an array of full calling solutions with VoIP—including custom on-hold music, advanced call routing and queues, auto attendants, and call parking. 

2. Teams Live Events 

Microsoft is lowering the barrier for companies to host and run webinars and other live events with Teams live events. Companies can use the Teams platform to set up basic events within Teams or more highly produced ones using Microsoft Stream or similar tools. It is a great tool to get most companies started in doing live events. Teams features that help enhance Live events include breakout rooms, word cloud polling, and standout mode in which the presenter appears to stand in front of their presentation to create richer experiences for the audience. Teams also supports real-time captioning and translation services to help you reach a broader audience. 

3. Content Sharing in Teams 

Teams has some great ways to make it easier to share content from whiteboards and notebooks. Within the Teams application (on Mac or Windows), you can use the share content button to specifically focus on a real-world whiteboard or document visible in the camera You can also use the digital whiteboard feature to allow everyone to engage. 

4. Shortcuts in Teams 

Similar to Slack, Teams has slash commands that calls features directly from the Search box. You can change your status, make a call, or send a message with these simple commands. Here are some useful examples: 

/call – Make a call 

/chat – Send a message 

/org – See the org structure of a person 

/files – See your recent files 

/available – Set your status to available 

/busy – Set your status to busy 

/mentions – Set your status to do not disturb 

/activity – See someone’s activity 

5. Task tracking and project management: Microsoft Lists and Microsoft To Do 

Microsoft includes several task management tools within Microsoft 365 including Planner, Lists, and To-Do. 

As the name implies, Microsoft Lists is a way to manage lists. Lists works within the whole Microsoft 365 suite to help people manage and track projects. It can have a bit of a learning curve, so Microsoft has provided pre-built templates to help you get started. A few interesting features include issue tracking for help desks, event itineraries, asset tracking, project planners, and social media calendars. 

Microsoft Planner is a project management tool – think Trello from Microsoft. It uses Kanban boards to track and provide information about each task in the project and integrates with To-Do and Tasks in Teams making it simple to see whole projects briefly, and for users to see their own tasks from the different projects they are a part of. Microsoft Planner provides set fields to create your plans and tasks, making it easy to use and easy to understand. 

Microsoft Planner and Microsoft Lists have a lot of overlap. It is easier to get started with Planner and is a good tool for most users. Lists provides a lot more flexibility and is likely better for full-time project managers or task automators. 

Microsoft To-Do is intended more for personal task tracking. You can still use To-Do to collaborate with colleagues, manage their tasks, and many users love its task scheduler and prioritization tools. Tasks from Planner and Lists that are assigned to you will show up in To Do, so it is another place. 

6. Real-Time Office Apps Collaboration 

With so many people working from working remotely, it is always great to have new ways to collaborate. Microsoft has added a real-time editing feature to PowerPoint, Word, and Excel. 

Like Google Docs, Microsoft 365 gives your team online collaboration to see edits made to documents and files in real-time. You can save your file to a shared drive and have multiple users making changes that update simultaneously, which is gratifyingly convenient for remote workers. 

7. Workflow Automation 

For the power users out there, Microsoft Power Automate enables workflow automation across all Microsoft 365 services. Flow is the tool used to take advantage of Power Automate and connects to IM alerts, email, files, SharePoint, and other triggers. Microsoft maintains a gallery of examples of flows you can automate to help get you started. 

Montra successfully manages thousands of Microsoft 365 users across all our customer instances. If you would like to learn more about how we can help you get the most from 365, please email us at sales@montra.io.

Six Things to Look for in Modern Remote Management and Monitoring Tools

If you are a managed IT services provider or a company that gets services from one, you are likely very familiar with remote management and monitoring software. RMM has been a mainstay application used by managed IT services providers for years. It provides several important functions that enable the cost-effective and secure delivery of the end-device services by IT service providers. 

The past two years have rapidly changed the breadth and frequency of remote work. Whether this is a permanent change in work habits or not, the remote worker needs to be supported as a standard part of IT service delivery, not as an exception – what people call hybrid work now. 

For modern RMM software to keep up with the changing nature of work and the applications and systems being used, the following items need to be addressed: 

1. Remote Updating Needs Rock Solid Reliability 

All RMM clients have supported remote patching and other software updates for years. Not all of them have supported remote updates effectively. The challenge in this new hybrid work model is that a remote user whose device gets bricked by a poorly executed update is especially adversely affected. The RMM client also needs to not only give users the option when to update, but also needs to warn them if they should be doing an update because maybe they are not plugged in, are in a public hotspot, or are on an unreliable internet connection. This approach will help minimize the times a user goes down and IT needs to scramble to get them running (typically at a high cost!) 

2. Top Rate Remote Policy Enforcement 

Policy enforcement needs to be included in any modern RMM. This is needed for a variety of reasons including 1) compliance to frameworks like HIPAA or NIST CSF; 2) security from a user making poor decisions like plugging in an unknown USB drive, and 3) intellectual property loss from users copying files or deleting files. The policy management importantly needs to be integrated with a centralized policy management system, so the policies that are enforced by the RMM are always in lockstep with the latest corporate policies. 

3. Remote Revocation of Rights is Critical 

Since employees can be anywhere when they leave the company, the traditional process of “hand me your computer” doesn’t work. Typically, laptops are mailed back after an empty box is shipped to the employee, or the system is just kept by the exiting employee. In either case, the user’s rights to access data on the device need to be removed remotely and preferably the data wiped. Not all RMM software does this well or in coordination with other HR and IT offboarding processes. 

4. Remote Control Is No Longer Optional 

To solve some issues remotely, it is often easier for the support engineer to take over control of the user’s system. This has been an optional feature in a lot of RMMs, but modern RMMs need to support this feature and support it well. It needs to work through consumer-grade firewalls and in typical co-working spaces, airports, and coffee shops. 

5. Need to support Macs and PCs 

Mac devices have continued to make inroads in the corporate environment. The new M1 processor Macs have provided a new price-performance benefit that is noticeable to every user/ Additionally, with more employees working from home, there are more employees that are doing work on their personal Mac. To properly support these users, RMM software needs to either support Mac and Windows equally well or managed IT service providers need to use two RMMs – one for Mac and one for Windows.  

6. Location Information Needs to Be Accessible 

Location information is available on most modern laptops. It can be GPS-based or WiFi-based, but it should be made available to the RMM. This is a necessary feature in a hybrid working world for many reasons. Employers need to know where employees are in emergencies, info-security needs to know where the device is for login and data usage rights, and it is helpful when a device has been lost or stolen. Modern RMMs need to tap into that information so that managed IT service providers can use it to track assets, data, and people. 

Montra successfully manages thousands of remote devices across all the hybrid workplaces of our customers. If you would like to learn more about how we can keep your workforce productive and secure, please email us at sales@montra.io. 

12 Cyber Readiness Strategies #1 and #2

Is your business ready to handle a targeted cyber-attack? Maybe you have been attacked and don’t even know it. According to the the 2020 Thales Data Threat Report, 49% of US companies have already experienced a data breach. To help you become more proactive and effective at defending against cyber threats, we are discussing 12 Cyber Readiness Strategies over the next few blogs.

1. Have a Cyber Readiness Plan

It may seem obvious, but to properly address all of the cyber-security threats to your organization, you first need to have a plan – specifically a Cyber Readiness Plan. Your ability to quickly and cost-effectively overcome security threats or breaches determines your business’s success and survival. How you handle and protect your data is central to your business’s security and customers, employees, and partners’ privacy expectations. You need a cyber readiness plan that includes prevention, continuity, and recovery strategies. The Federal Communications Commission provides an excellent planning guide that identifies six critical areas of cybersecurity for companies to address:

1. Privacy and Data Security

2. Scams and Fraud

3. Network Security

4. Email

5. Website Security

6. Mobile Devices

Download the associated cheat sheet as an easy outline to understand each of these areas to help you quickly navigate these best practices and assess your readiness.

2. Establish Strict Policies and Procedures

Cybersecurity policies and procedures help guide secure business operations and are essential for defining the standards of business conduct, system controls, employee awareness, and workplace definitions and expectations. While establishing strict, security-focused protocols is crucial, a system of validation and enforcement is equally important. In fact, all major cybersecurity and privacy frameworks, such as NIST CSF, ISO 27001, HIPAA, and PCI DSS, all require periodic auditing or continuous monitoring to make certain that policies are properly put into operation.

To help you start building your cybersecurity policy and procedure library, we have provided a few policy templates to start. Click to download 12 IT policy templates that are critical to any IT operation.