Wrackspurt Industries is instituting a new software for their employees to use to replace some existing systems. The leadership team at Wrackspurt is excited, since the new software promises to increase productivity and reduce friction between departments.

They’ve heard good things from other companies who use the software and the employees involved in the decision-making process said it would work well. Ernie, who championed the software, has done a trial and thought it has the potential to save the company a lot of money.

Fast forward some. The new software is in place—but not much has changed. Some people use the software a lot. Some people don’t use it at all. Some employees complain that the new software doesn’t do what they need it to do. There were some issues during rollout that meant some data was lost, and some people are still dealing with that. Ernie’s reputation has taken a hit for championing something isn’t going well—even though it’s worked great for other companies.

So, what happened? And how do you prevent it from happening in your business when you make a software or technology change?

Don’t want to watch a video? Here’s a summary. Please note, this is not an exact transcript.

We’re talking about a multi-step attack targeting businesses in every industry. This attack can cost you thousands of dollars (we've seen companies lose $100,000+!). We’re a Microsoft partner and have specifically seen this with Office 365 users, but it’s happening with users for all kinds of Cloud accounts, including Office 365, Google for Work, DropBox, etc.

 You’ve probably heard the benefits of moving your business to the Cloud by now: promises of improved productivity and the ability to work anywhere, without sacrificing your security. And these benefits are real for most companies!

But the Cloud isn’t the perfect fit for every company. If you fit any of these scenarios, moving everything to the Cloud isn’t going to provide these benefits—in fact, it could hurt you.

If you are already using Office 365, moving to Microsoft 365 is typically a logical jump as your company matures. Microsoft 365 includes parts or all of Office 365, Enterprise Mobility + Security, and Windows 10 (exactly what you get varies by plan), managed in one portal.

The tricky part is knowing when to make the jump, especially if you want to move everyone in your company at once. There are a few times when it makes sense to move:

Microsoft has cybersecurity products for every area of your network from on-premise servers to desktops to cloud email and storage. However, when you read through a list of names for some of the available security solutions from Microsoft, there might be confusion as to the intended use for each—mostly because the names are all so similar.

Case in point: The Microsoft “Advanced Threat…” line of products: Microsoft Advanced Threat Analytics, Azure Advanced Threat Protection, Windows Defender Advanced Threat Protection, Office 365 Advanced Threat Protection. Within this list, there are technologies intended for either enterprise, small business or both and for on-premise, cloud or hybrid deployment.

Most importantly, they all serve different purposes and protect different areas of an organization’s infrastructure:

Having a compromised account is bad news. At best, it means some headaches. More likely, it’s going to cost you money and resources, not to mention lost customer trust (and some headaches).

Often, the only thing standing between you and a compromised account is your password. And most people are pretty terrible at making up passwords. Most of fall into the same habits when creating passwords, making them really easy to guess.

Not much will ruin a vacation faster than getting a call from your office that someone fell for a wire fraud phishing 

But a little bit of planning before you leave the office can greatly reduce the chances of your team falling victim to an attack. Here’s what to do:attack, and your company has lost $100,000. Executive team vacations are a popular time for cybercriminals to strike, especially with CEO impersonation attacks.

Most businesses who switch to Office 365 don’t use all of the tools available to them in their licenses. Sometimes, it’s because they genuinely don’t have a use for them—but more often, it’s because they just aren’t familiar with everything they have access to.

But there are some hidden gems in that “Explore all your apps” link in your Office 365 portal. We’re covering nine of these lesser known apps that come with most Office 365 business and enterprise plans.

What you probably don’t remember is the name of the company that was actually hacked—it was an HVAC company who sometimes did work for Target stores. The air conditioning company was hacked, and the cybercriminals used their access to Target’s system to cause massive amounts of damage.

When implementing a cybersecurity plan, most business owners only consider their own company. But you also need to consider the cybersecurity policy of your vendors—especially if they have access to your network or your sensitive data.

Here is how I have used Microsoft To-Do to keep track of my tasks and make it easier to figure out what to do next.