Well, folks, we’re seeing another uptick in phishing attacks.  One of our clients just got this message sent to them today.

Looks pretty real right?   The person who forwarded it to us has years of experience in IT and even he wasn’t sure on this one!     We’ve highlighted above the big giveaway.  It’s that @office.emailsupport.com   If Microsoft ever needs to contact you, it will come from an actual @microsoft.com email address.    If you ever receive emails like this and you’re not sure, please contact us.   If you’re worried there’s been a data breach or you’re not sure what to do, we’re here to help you!

GDPR Compliance

Well, May 25th has come and gone and it’s been a week.   On day #1 lawsuits were filled again several companies suing for billions of dollars in fines.    Many small and medium sized US companies are simply hoping and praying that the law doesn’t come to roost here in the US but can you really take that risk?  If your business has a data breach with any EU Personally identifiable information (sometimes referred to as EU PII) then you are out of compliance and subject to the $12M fine or 2% of the annual worldwide turnover of the preceding financial year, whichever is greater.   Can your business handle facing a $12M fine??

If you’re wondering how to become GDPR compliant there are really three core pieces.   Yes, technology can help.  Solutions like Microsoft 365 for security and device management and Dynamics 365 for customer data management are the backbone and a good starting point but you’ll also need education for your team and equally importantly, process documentation that outlines how to respond in the case of a suspected data breach.   The GDPR law only allows you 72 hours from the time of the breach to notify a supervisory authority.   The clock is not on your side!