Technology in Practice

The unprecedented global pandemic COVID-19 is impacting businesses in ways never before seen. In a recent CNBC survey, more than one-third of senior technology executives said cybersecurity risks have increased as a majority of their employees work from home, and 53% say their firm hasn’t stress-tested their system for an event like this. With 85% of companies also estimating that at least 50% of their employees are now remote, the true level of cyber risk is likely much higher. With this risk comes increases in phishing and other cyber scams. One respondent to the CNBC survey estimates their organization has seen such incidents rise by 40%. Software technology company Check Point claims that over 4,000 Coronavirus-related domains have been registered globally since January. Of these, at least 5% are suspicious. Coronavirus-related domains are also 50% more likely to be malicious than other domains registered in the same period, including seasonal domains for things like Valentine’s Day. U.S. cyber security firm Proofpoint Inc. says 80% of cyber threats since January 29 are using coronavirus as a theme. So what is a growing business to do? First, besides balancing employee productivity needs with aggressive monitoring for potential breaches, IT teams must continue to proactively patch and maintain their network cybersecurity programs. Second, companies must provide guidelines and tools such as VPNs (Virtual Private Networks) to manage more employees suddenly working from home – often on their own device and unsecured WiFi networks. And third, if they haven’t already, businessowners should invest in a robust cyber insurance policy. Keeping in mind that many traditional insurance policies specifically exclude losses resulting from a cyber incident, the right cyber insurance policy is key to helping businessowners mitigate many of the potential losses the coronavirus outbreak has given rise to. Costs and payments to resolve a ransomware attack are typically covered under a policy’s Network Extortion insuring agreement. The resulting incident response costs – forensic investigations (to determine the extent of the attack), legal advice, customer notification requirements, public relations and data restoration – are also usually covered. In the event of a cyberattack or data breach, companies will also likely face significant loss of income until they restore systems – likely even more so than after a property loss, given the lack of geographic limitations in cyberspace. A customers’ inability to access dashboards or complete purchases, accounting’s inability to generate and pay invoices or employees’ inability to access critical systems or equipment can all lead to revenue loss. Companies will also have ongoing expenses such as utility payments and payroll and may incur new or additional costs to mitigate the effects of a breach – such as paying employees overtime, renting or leasing new equipment or hiring third-parties to support business continuity. A properly structured cyber insurance policy covers all of these expenses. In addition to the loss scenarios above, more robust cyber insurance policies can include additional protections that may be particularly important in the current situation. For example, the Cysurance policy expands Business Interruption coverage through several clauses. Reputational Events coverage indemnifies you for a loss of customers due to network downtime, so if a customer switches vendors after you suffer a breach or even temporarily goes to a competitor while your site is down, you can recover from your policy. The Preventative Shutdown coverage allows for reimbursement in the event the insured voluntarily shuts down their network to prevent a virus or other threat from spreading, which can significantly limit losses in the event of a successful phishing attack or breach, and System Failure covers downtime due to cyber incidents resulting from human or programming error or infrastructure outage – a heightened risk with so many employees currently working from home for the first time. In the present environment, the Cysurance policy also provides a competitive advantage through broad policy definitions. Protected Information includes biometrics, internet browsing history and personally identifiable photos and videos, expanding the types of data covered. Extortion Expenses explicitly include Bitcoin and other cryptocurrencies – which more and more ransomware attacks are demanding for ransom payments due to difficulty in tracing the transaction. Additionally, coverage for contractual partners who mandate being named as an additional insured allows policyholders to continue to bid with confidence on new business, despite the heightened sensitivity around cyber risk today. As businesses adapt to new cyber threats brought on by the coronavirus, it is essential to review cybersecurity protocols and employee training. However, it is also important to remember that nothing can guarantee protection from all cyber threats. In the current operating environment, cyber insurance is an especially critical component of holistic cyber risk management. This post was written by Kirsten Bay, CEO at our partner Cysurance, the next generation cyber insurance solution. To learn more about your Cyber Insurance options contact us and we’ll connect you with our solution specialist.

Acumatica has added some amazing features into their 2020 R1 release. This blog post is a great read for those who need to correct any Sales Order Invoices in Acumatica. Previous versions of Acumatica Cloud ERP provided no ability to make changes to Sales Order (SO) invoices that had already been released. SO invoices also could not be cancelled. Acumatica ERP 2020 R1 introduces new actions that provide the ability to cancel and to correct existing SO invoices with the Open or Closed status. Cancellation of Invoices On the Invoices (SO303000) form, the Cancel Invoice action has been added, as shown in the following screenshot: When a user clicks this action, the system creates an SO credit memo on the same form in the full amount of the invoice being canceled. In the created credit memo, the user can change the date, posting period, and description, all of which are copied from the original SO invoice. Contact us if you would like the full list of new features and enhancements in Acumatica, including Matrix Inventory.

Everyone loves a quick way to get things done. Periodically, Sage updates the shortcut combos for Sage X3. You can find these listed in the online help center or you can read below for a handy list of the most useful shortcuts and bookmark this page for later use. Some of these shortcuts remain the same from prior versions, but some have changed so make sure to read through them thoroughly. First up are the Ring panel shortcuts: Next, are the navigation for records. For example, next record or previous record: Right underneath that we have the tabs for the screens. So, each tab will be a number. This also is automatically picked up to increment numbers when you add custom tabs like EDI. If you added EDI tab after Lines (for example) it would be ESC+5. This can go up to zero (0). Zero (0) comes after 9 which makes no sense until you look at your keyboard. Then it makes a lot of sense. Then we have some quick navigation: We also have the online help (no picture) which is just ESC+F1. You get function help when you have no focus (no cursor on a field) and you get field help if you are focused on a field. Here is the complete list of updated shortcuts: Right Panel Shortcut Action Esc N New Esc B Save Esc C Create Esc D Delete Esc E Cancel Esc Alt U Refresh Esc Alt P Print Esc Alt A Attachment Esc Alt C Comment Esc Ctrl (P or L) Export Record Navigation Shortcut Action Esc Shift J First record Esc J Previous record Esc K Next record Esc Shift K Last record Page Navigation Shortcut Action Esc 1 First screen tab Esc 2 Second screen tab Esc 3 Third screen tab Esc 4 Fourth screen tab Esc Up Arrow Moves one section up Esc Down Arrow Moves one section down Page Up Scrolls one frame up Page Down Scrolls one frame down Up Arrow Scrolls one line up Down Arrow Scrolls one line down Primary Shortcuts Action Esc G N Go to homepage Esc G B Opens bookmarks Esc G H Opens navigation menu Help Shortcuts Action Esc F1 Triggers online help: – When focus is on a field will call field help – When there is no focus will call function help Table Shortcuts Action Esc Ins Inserts a new line Esc Del Deletes a line Esc R Expand/Shrink all columns Left List Shortcuts Action Esc F5 Refresh the left listing Esc F11 Toggle left bar Esc H L Does the same thing as Esc F11 Esc Shift Left Arrow Move from the entry screen to the left list Field Shortcuts Action Esc F4 Allows to navigate within fields with lookups Esc F9 Allows to tunnel on fields with the ability to tunnel Esc F12 Allows to navigate fields with dropdown menus Esc L Does the same thing as Esc F12 Esc M Does the same thing as Esc F4 Miscellaneous Shortcuts Action Esc S Opens the search function Esc W Z Reset user preferences Esc T Set date to today’s date Esc F6 Opens the field properties Esc Q Go to the first filter row Esc F7 Does the same thing as Esc S For help with shortcuts in Sage X3, or any other Sage X3 question, please contact us. You can find this same content by visiting the Sage X3 Online Help Center. 

During this time Net at Work wants to continue to help you stay connected to your workforce as much as we can. One tool that many organizations already have but may not have unleashed the power of is: MS Office 365 Teams. If you already have Microsoft Office 365 or if you are interested in learning more, access our free series of web-based trainings. These are the same courses we use to train our own staff. There are six Microsoft Teams sessions in all, hosted as online webinars over a couple of weeks. Featured topics include: Introduction to MS Office 365 Teams Getting started with Microsoft Teams Understanding Communication with Microsoft Teams Meetings with Microsoft Teams Apps, BOTS and 3rd Party Connector Microsoft OneDrive Visit here to access the on-demand Microsoft Teams training sessions and watch now!

Following up my last post Why the Disciplined Use of CRM Matters Now More than Ever, here I will discuss how to start to leveraging CRM in a more direct, prescribed way to drive change and results. Here are six things you can do that have proven successful for other companies we work with: 1. Establish a weekly or regular cadence for Sales Operations reviews. I would suggest no less than once every two weeks. Establish your top key metrics you want to measure and make sure the measurements are producible from CRM – this drives adoption of the sales team and as a result they are ‘led’ into following best practices. Examples of some key metrics: New Leads Identified in the period Number of leads qualified and turned into sales opportunities Pipeline dollars added or identified in the period Pipeline dollar value of opportunities in critical sales stages (such as proposal / quote review, negotiation or other designation that represents and advanced stage). Deals won (signed) – not to be confused with PO’s you received from clients who simply are ordering ‘more’. Measure the wins where your sales team directly drove and led the process to a positive outcome vs. orders where they were simply the beneficiary or recipient or a reoccurring order. New Clients Added (or Orders from 1st year clients). There are many measurable you could focus on, but these give you an example of clear, discreet elements that can be tracked as a team and down to each sales rep. Measure your pipeline with the same level of detail and timeliness as you do your inventory and cash flow. The better grasp you have on your potential business, the more you can influence the results and manage risk. What you don’t see in this sample set of reports are measures of activity such as calls or meetings held. As a general rule, if your sales team is performing properly, you should see the results of activities manifested in the outcome-based metrics listed above. Anyone can log a call to make a report look good. But advancing an opportunity to a critical or advanced sales stage – where it becomes an item of focus & scrutiny – is much more important. If the results in the outcome based metrics aren’t what you want or expect, then drill down into activities, calls, etc. to try and see what is happening and where you can coach or course correct. 2. Ensure each salesperson has identified the ‘Vital Few’, ‘Best Few’ or ‘Focus Opportunities’ for each month or quarter. This is often done jointly by the salesperson and sales manager. These should be identified at the beginning of the month (or quarter) and somehow marked or designated within CRM through a unique field or attribute. Sales reviews should focus heavily on these items and their progress. These are the opportunities your sales team members are identifying as being the most likely to close with an appropriate value. An Opportunity marked as a Best Few deal should stay in this designation unless the sales manager agrees to take it out. Measure success of Vital Few opportunities apart from the rest of the funnel to see if the team is effectively identifying their best few deals and how effective they are at handling them. Ideally, because you spend more time and resources on these deals, you should expect to see a higher win rate in this area. If not, reassess your process, approach and what types of opportunities you should be focusing on in the future. 3. Ensure all Wins and Losses are identified – especially the losses. Opportunities are never to be deleted. They can be marked loss and given a reason, but they never go away. Unless you are in a high-volume call center environment with an expected low buy rate, don’t auto close quotes or opportunities. Ensure that the final disposition of each opportunity is set and managed by the opportunity owner to ensure that they aren’t being overlooked or neglected. Make sure you periodically review your losses – especially on the Vital or Best Few deals you have identified. Look for clusters of loss reasons around certain product types, sales individuals or territories. What a-typical results can you find that might be indicative of a trend you can address? 4. Ensure each opportunity has a way to track the next planned ‘touch or engagement date’ and a way for the salesperson to convey in very short, simple terms their next planned action. Too often opportunities have a close date, a stage, a dollar amount and some notes without any way of organizing or planning upcoming activities or actions. Whether you use specific fields for this, tasks or appointment records, or some other mechanism, have an approach that all sales team members consistently follow to ensure they actually have a sales plan for each opportunity. Applying this one simple change, and then making the ‘next steps’ public for each opportunity yields some surprising and interesting results. Opportunities that stick around ‘forever’ without meaningful next steps thought out are likely dead. Kill them, close them out – or turn them into leads to be re-qualified before being added back to the pipeline. Make sure your sales team is focused on real, tangible sales opportunities and not inflating their pipeline with all the best-case myopic visions they are holding out for. 5. Provide your sales teams and individuals dashboard views that show in real time their progress to key performance goals. Whether its opportunities won (deals closed), leads added, new clients on boarded, there should be some visual summary they can see at any time that reinforces the outcomes you care about. Again, focus on the measurable outcomes, not activities unless there is a performance correction scenario. Make these dashboards public – at both a team and individual level. It will drive changes in behavior. So, if you are like most organizations, and are focused on improving sales and customer engagement, start by applying the same discipline with your CRM platform as you do with your ERP/Accounting solution and other operational systems. If you follow the same level of disciplined focus on key analytics, activities and processes which ultimately make sales teams more focused, targeted, and effective over time – you will see the results.

Our Net at Work Family is just that—a family made up of employees, clients and the businesses we serve. The health, safety and overall wellbeing of our family, and yours, is our top priority. With this in mind, we’ve gathered resources you may find helpful to your business during this challenging time and created a new resource center specifically for Sage X3 users. Here you can find information regarding: The latest news about what we’re doing to support our clients Sage X3 tip & tricks to ensure you work more efficiently New Quick Start packages with rapid deployment of solutions to help manage your business Informational webinars and interactive virtual user groups with Sage X3 experts Special offers to assist with business continuity during COVID-19 Click here to check out the new resource center. As always, if you have any questions for the team, please contact us.

COVID-19 (Coronavirus) has caused all of us to rethink and revise the way we do business and the way we live in general. In the new environment where a majority of the workforce is working remotely, and businesses and consumers are making purchases online versus in a store, the opportunity for cybercriminals looking to phish, attack, scam and steal money or data increases. For some businesses, accepting credit cards as a form of payment from their customers is now a necessity. Whether you are new to accepting credit cards, or it’s always been a natural part of your business, keeping cardholder data secure should be a top of mind priority. This means being PCI Compliant. What is PCI Compliance? The Payment Card Industry Data Security Standards (PCI DSS) is a set of regulations created by the major card brands to make transactions more secure and to protect them against identity theft and fraud. Any merchant that wants to process, store or transmit credit card data is required to be PCI compliant, according to the PCI Compliance Security Standards Council. There are 12 main PCI DSS requirements that all merchants must meet, regardless of their size or the number of transactions they process. GOALS PCI DSS REQUIREMENTS Build and Maintain a Secure Network 1. Install and maintain a firewall configuration to protect cardholder data 2. Do not use vendor-supplied defaults for system passwords and other security parameters Protect Cardholder Data 3. Protect stored cardholder data 4. Encrypt transmission of cardholder data across open, public networks Maintain a Vulnerability Management Program 5. Use and regularly update anti-virus software or programs 6. Develop and maintain secure systems and applications Implement Strong Access Control Measures 7. Restrict access to cardholder data by business need-to-know 8. Assign a unique ID to each person with computer access 9. Restrict physical access to cardholder data Regularly Monitor and Test Networks 10. Track and monitor all access to network resources and cardholder data 11. Regularly test security systems and processes Maintain an Information Security Policy 12. Maintain a policy that addresses information security for employees and contractors Source: https://www.pcisecuritystandards.org Additional regulations may be required depending on the number of transactions that are processed annually, but generally, most small-to-medium sized businesses fall under Level 4 which is less than 20,000 transactions per year, and the largest merchants fall under Level 1, processing more than 6 million transactions per year. Level 4 merchants (processing less than 20,000 transactions annually) must complete a Self-Assessment Questionnaire (SAQ) through a Qualified Security Assessor. Most often, this service is offered through a partnership with your credit card processor at a significantly reduced cost. There are many advantages to going through the processor preferred vendor. What if I’m not PCI Compliant? PCI Compliance is not a law; however, it is a universally required set of regulations that all card brands mandate that you follow in order to avoid financial penalties. Most processors will tack on non-compliance fees to your merchant statement for not becoming compliant. Not being PCI Compliant could potentially open your systems to a data breach. In 2019, the average cost per data breach in the U.S. was just over $8 million*. For most small businesses that means shutting the doors. Yes, that is the extreme, however there are also additional fines from the card brands that can reach $100,000 per incident. The fine amount depends on a company’s transaction volume, the number of PCI DSS requirements violated, and other factors. And you will need to pay it until you address the issue. Being out of compliance can also be damaging to your brand. Data breaches can take years to recover from, if you recover at all. It’s better to comply with PCI standards. *Source: https://www.ibm.com/security/data-breach Staying Out of The Scope of PCI Compliance? PCI Compliance is more than just the system you are using to process credit cards. You will often hear credit card processors or software vendors say their system will keep you out of the scope of PCI Compliance. In my opinion, this is dangerously misleading. Remember, all merchants are required to be PCI Compliance. Yes, their system may be certified, it may keep cardholder data secure when it’s being used, but what’s to stop someone from writing a credit card number down on a sticky note or keeping an unencrypted spreadsheet full of credit card numbers? To stay assured that PCI compliance is handled properly and that both yours and your customers’ data is safeguarded against potential breaches, pick a payment provider that meet all the PCI Level 1 compliance standards — the highest PCI level with the strictest requirements. Conclusion PCI DSS for merchants can be an extremely technical subject, but don’t get frustrated or give up. We are here to help. We have resources to guide you through the PCI certification process and a payment processing partner with PCI Level 1 compliance standards. If you’re concerned or unsure about not being compliant or have questions about how to become compliant, reach out to us to setup a conversation.

Net at Work’s ACH Quick Start enables clients to set up secure electronic payments for Accounts Payable using the Automated Clearing House network (ACH). ACH is an electronic network for financial transactions in the United States that is supported by most banks via a mostly standard file format. While the bank file transmission methods and the exact file requirements do vary by bank, Net at Work’s ACH Quick Start will install and configure ACH and provide the tools and training you need to complete the configuration requirements and test the files with your bank. KEY FEATURES: Consulting on ACH processes for Accounts Payable, bank requirements, and security options Installation and configuration of a standard ACH Accounts Payable file format in one live and one pilot folder Modifications to the ACH file format for any bank-specific requirements A Visual Process Flow in Sage X3 to represent associated processes in Accounts Payable Remote training session for up to 2 users on the configuration requirements and use of the file ACH How To Guide for Sage X3 users Support for testing ACH with the bank OPTIONAL: Confirmation email to the supplier to alert them of pending ACH payment QUICK START PROCESS: Step 1 – Net at Work meets with you to review options available with the bank and specific requirements Step 2 – Net at Work installs the standard ACH file format and Visual Process Flow via patch Step 3 – Net at Work configures the file based on specific bank requirements and configures required payment method and payment term Step 4 – Remote Training session for up to two Accounts Payable Sage X3 users Step 5 – With Net at Work’s support, you complete the configuration requirements in Sage X3 master data and test the ACH payable process with the bank PRICING INFORMATION: $4,995 for the first bank account | +$1,995 for each additional bank account +$1,495 for optional email notification to suppliers (Software and T&E not included) For more information, click here or contact us. Net at Work and COVID-19: Resources for Sage X3 Users

As more organizations have directed employees to work from home, or are being mandated to close their office doors, it’s imperative to review your business continuity plans and prepare for the possibility of a longer-term, fully remote workforce. Watch this recorded panel discussion where our experts for a discussion around IT-related policies and technologies that should be considered during this time. Topics will include: Technology Needs Assessment The User Experience – assuring ease of use and performance when using applications/systems and accessing business critical data Cloud vs. Traditional VPN: benefits analysis Disaster Recovery: evaluating existing systems & determining if anything needs to be changed Security: protecting documents and applications; guarding against COVID-related Phishing attacks and Ransomware Maintaining communications with an increasingly distributed workforce Standardizing collaboration platforms BYOD (bring your own device) policies Telework Best Practices