BYOD=Bring your own disaster?

BYOD=Bring your own disaster?

Workplaces today have changed. They extend beyond the working hours, beyond the cubicles. Whether you are commuting to work or even vacationing, chances are you or your employees take a break from the break to reply to those important emails that require ‘immediate action’. Plus, there may even be employees who are not even on the same continent as you. What does all this mean for your business in terms of IT security? Does BYOD translate to bring your own disaster to work? This blog explores the risks of BYOD culture and offers tips on how you can avoid them.

When you adopt a BYOD culture at your business, you are opening the virtual floodgates to all kind of malwares and phishing attacks. Your employee may be storing work-related data on their personal devices and then clicking a malicious link they received on their personal email or (even whatsapp in case of tablets or smartphones) and put your entire network at risk. Secondly, you cannot control how your employees use their personal devices. They may connect to unauthorized networks, download unauthorized software programs, use outdated antivirus programs etc,. Even something as simple and harmless as the free wifi at the mall can spell danger for your data.

What you can do?

First of all, if you have decided to adopt the BYOD culture in your organization, ensure you have a strong BYOD policy in place. It should cover the dos and don’ts and define boundaries and responsibilities related to the BYOD environment.

It also makes sense for you to invest in strong antivirus software and mandate those employees following the BYOD model to install it. You can also conduct device audits to ensure your employee’s personal devices are up-to-date in terms of software, security and firewall requirements to the extent that they are safe to be used for work purpose.

And one of the most important aspects--train your employees on the best practices related to basic data security, access and BYOD environments. This will ensure that they don’t make mistakes that prove costly to you. You can conduct mock drills, tests and certifications and provide the BYOD privilege to only those who clear your tests. You could also use positive and negative reinforcements to ensure everyone takes it seriously.

BYOD is great in terms of the flexibility it lends to both--the employer and the employee, and the trend is here to stay. It is up to businesses to ensure it helps more than it can hurt.

Get smart about smartphones

Get smart about smartphones

With flexible working schedules, remote teams and Bring Your Own Device (BYOD) policies in force, it is has become commonplace for employees and business owners alike to use smartphones for work purposes. A quick reply to an email, sharing that sales presentation, glancing over that vendor proposal–all on a smartphone–is something we all do on a daily basis. But with this convenience comes great security risks.

This blog discusses what they are and how you can avoid them.

Mobile devices are lost/stolen more easily

Unlike desktop computers, your smartphones and tablets are easier to steal. O, you may even forget yours at the restroom in the mall or in the subway, and along with it, goes all confidential data.

Phishing: Avoid biting the bait

A smartphone user is more likely to fall for a phishing scam on two accounts--one, with messaging apps like whatsapp, facebook messenger, etc., chances of getting phishing links are higher. The smaller screen size can make it difficult to clearly verify the authenticity of the site being visited.

Free Wi-Fi = free malware

Free wifi makes everyone happy. The smartphone user, the shopkeepers and also malware distributors! Your smartphone literally travels everywhere with you. The mall, the coffee shop, the movies and then to work as well. Just like how humans can catch the flu and make everyone at work sick, your mobile device can get infected with a malware and spread it across your network in the office.

What you can do?

You have antivirus for your computers, why not for your smartphones and tablets? We all know how disastrous a malware attack can be to your data, devices and your brand, in general. Consider installing antivirus software in your mobile devices to safeguard them from such attacks.

How do you prevent misuse of your debit card? With a PIN number, right? You can do the same to your phone by protecting it with a passcode so the miscreant will not be able to use it to access your data. Also, there are apps that let you wipe out all the data from your smartphone remotely in case you lose your device.

Be careful when downloading data and even 3rd party apps on your phone. Double check URLs when browsing online using your phone and don’t click on messages with links that seems malicious. In such cases, remember, if something seems too good to be true, it almost always is. Chances are, you may have not won that million dollar lottery or that all-expenses-paid trip to Europe.

And, spread the word amongst your employees. Their phone has the power to damage your brand! Take care.

Why you need the cloud?

Why you need the cloud?

When talking to our clients, we have noticed that SMBs often think the cloud is something for their bigger counterparts to explore. We hear objections like, “But, it’s too complicated.”, “The cloud sounds expensive.”, “We are a small business, we don’t think we need the cloud.”, Hold on!

In reality, it is the SMBs that benefit the most from the cloud. Here’s how...

The cloud grows with you

Yes, you may be a SMB today and perhaps a few desktops and in-house hard-disks are sufficient as of now. However, as you grow, your data storage needs will increase and you will need much more than a few external hard-disks. Servers become expensive and wholly owning one is not very cost-effective.Change the dynamic:he cloud grows with you--you can scale up or down on cloud usage easily and save on costs. Plus, when using cloud storage, you are sharing your server space with others, so you essentially pay for only what you use.

Security is not your concern

When you store your data in-house, the headache of security, backups and updates falls on you. However, with the cloud, all of that becomes your cloud service provider’s responsibility. You focus on running your business and your cloud service provider will take care of your data’s security and accessibility. .

Accessibility

When you store your data on the cloud, it is accessible from anywhere using the internet. That lends a lot of flexibility to you. You or your employees don’t have to be in the in the office or have immediate access to their computers to be able to work. A quick order can be processed or an invoice can be raised even using an iPad or a smartphone!

So, don’t you think it may be beneficial to get a little ‘cloudy’? For more, download our whitepaper- Demystifying the cloud in layman’s terms

Don’t sign up with that MSP just yet!

Don’t sign up with that MSP just yet!

The decision to sign up with a MSP is a big one--you are essentially trusting someone with the backbone of your business–your technology infrastructure, so you need to make sure you pick someone with whom you can have a mutually beneficial, long-term relationship. This blog discusses what you need to know before you sign up with a MSP.

Values: Your MSP is your technology partner and for your partnership to be smooth, make sure you pick a MSP whose core value system matches yours as a business.

Knowledge, skill set and experience: Does your MSP have the skillset and the resources to cover all your IT needs? Are they experienced in working with SMBs? How long have they been in the business? Make sure you have satisfactory answers to these questions before you bring your MSP on board.

Flexibility: Does your MSP let you pick and choose whatever services you want, or do they sell it as a fixed package? Having the option to choose what you want lets you invest your money where you really need to.

Service and support: You are opting for a MSP so you can get solid IT support--the kind you can’t get with an in-house IT team owing to resource constraints. So, make sure your MSP will actually provide you that. Talking to their existing clients can help you figure out how good they are in terms of service and support.

To have a MSP manage your IT needs successfully, you need to create a strong partnership with them, where they help you grow and are agile enough to scale up or down to suit your business demands. There are plenty of MSPs in the market, but not everyone will fit well with your needs.

Our recent whitepaper explores this in detail as it discusses the 8 things you need to know before you partner with a MSP for your IT services. Please click here to download the whitepaper.

The biggest threat to your IT infrastructure: Your own employees

The biggest threat to your I.T infrastructure: Your own employees

Did you know that your employees often unwittingly ‘help’ cybercriminals gain access to your system? Often, employees play a part in compromising the security of your IT infrastructure, even without them realizing it. For example-

When your employees use their own devices for work purposes such as to access emails, to connect to work servers or to work on office files. In the event their device gets infected by a malware or hacked, the virus or the hacker gets access to your data as well. Your employees may put your network at risk by connecting to unauthorized networks, downloading unauthorized software, using outdated antivirus programs etc, on their personal devices and then using it to access work files.Then, there’s the chance of them losing their devices such as smartphones, laptops or tablets putting your data at risk.

Your employees may also fall victim to phishing messages and scams and expose your network to the biggest risks out there, unintentionally. Plus, there’s always a slim chance that a disgruntled employee looking to make a few quick bucks may actually compromise on confidential business data intentionally.

So, what can you do to keep your IT safe?

• Train your employees through drills, workshops and classroom training sessions that help them identify possible IT security threats
• Establish clear IT usage policies related to password management, use of personal devices, data sharing and internet access
• Conduct timely audits and have positive and negative reinforcements in place to ensure policy adherence
• Install physical and virtual security mechanisms like CCTVs, biometric access, software programs to track employee activities when they are accessing your network and data, etc.,

IT is the lifeblood of your business and when you let your employees access your IT network, you are, in a way, trusting them with your business. Make sure they are trained and trustworthy enough.

3 things your Managed Services Provider (MSP) wants you know

3 things your Managed Services Provider (MSP) wants you know

Are you considering bringing a MSP on board? Or perhaps you already have one. Either way, for you to truly benefit from your relationship with a MSP, you need to build a solid bond with them. As a MSP who has been in this business for long, I can tell you the 3 important steps that will help you get there.

Share, share, share

Your MSP is your IT doctor. Just as you would share everything about your health with your doctor, you need to share everything related to your business that impacts your IT, with your MSP. Give us an overview of your business and answer questions such as

• What you do exactly as a business
• Who are your key clients
• Which industry verticals do you serve
• What are your peak and lull seasons, if you have them
• What are the core regulatory codes that apply to you based on the industries you work for
• What are your business expansion plans for the near future and in the long run

Sometimes clients shy away from discussing all these things because they don’t trust the MSP enough. There is a fear of the MSP sharing business plans and other confidential information with their competitors. As a MSP, I can tell you that we work best with clients who trust us. When you are trusting us with the lifeblood of your business--your IT infrastructure, you should be able to trust us with your plans for your business.

Let’s talk often

While it’s great that you outsource your IT completely to us, it is still important that we meet and talk. Your business needs may change over time and we don’t want to be caught off-guard. We know you are busy, but set some time aside every month or even every quarter to catch up with us and discuss your IT challenges and needs.

Take us seriously

Your IT is our business, and we take our business very seriously. So, when we tell you something, such as--to implement strong password policies, limit data access, upgrade antivirus, etc., please take notice!

Teamwork forms the core of any successful relationship. Same holds true for your relationship with your MSP. Trust us, pay attention to us and hear us out. We’d love that...and we’d love to work with you!

Don’t make these IT mistakes as you grow!

Don’t make these IT mistakes as you grow!

During the course of IT consultancy, we come across a lot of clients who are not happy with the way their IT shaped up over the years. They feel their IT investments never really yielded the kind of returns they expected and come to us looking to change the trend. When analyzing the reasons for the failure of their IT investment, here’s what we come across most often.

Not prioritizing IT

This is the #1 mistake SMBs make. When focusing on growing their business, most SMBs think marketing, sales and inventory, but very few consider allocating resources--monetary or otherwise towards IT. IT is seen as a cost-center, rarely prioritized and any investment in IT is made begrudgingly.

Going for the fastest, latest or even the ‘best’ technology--which may not be the best for you

This is in contrast to the issue discussed above. Many SMBs realize the key role that IT plays in their business success. But they tend to get carried away and invest in the latest IT trends without considering whether it fits their business needs well, or if they really need it. Sometimes it is just a case of keeping up with the Joneses. But, why spend on the fastest computers or largest hard drives when you get only incremental productivity benefits?

Your team is not with you

When you bring in new technology or even new IT policies, it is your team that needs to work on it on a daily basis. If your staff is not on the same page with you, your IT investment is unlikely to succeed. So, before you make that transition from local desktops to the cloud, or from Windows to iOs or roll out that new BYOD policy, make sure you have your staff on your side.

You are not sure how to put it to good use

The lure of new technology is like a shiny, new toy. Investing in something popular and then not using it to its maximum is commonplace. Make sure you make the most of your investment in IT by providing your staff with adequate training on how to use it.

IT can seem challenging to navigate when you have to do it all by yourself. It entails steep costs when taken care of in-house. Add to that the complex task of deciding what IT investment you will benefit the most from and then training your team to use it...all of this is pretty daunting when you have to do it all by yourself. A MSP has the experience and expertise needed to be your trusted partner and guide in these challenges, helping you make the most of your IT investment.

IT Red Flags to Watch Out For

IT Red Flags to Watch Out For

As someone running a SMB, you probably have a lot on your plate. You are the core decision maker, responsible for growing your business, keeping your clients happy and getting all the working done. Often, when you have so much going on, one area that gets overlooked is IT. When you are so busy looking into other things, the start of IT issues may slip your watchful eyes. In this blog, we discuss the IT red flags that you need to watch out for.

Adware ambush

This happens generally when your internet browser has been hijacked and an adware has been sneaked into your system. When you try to surf the net using a hijacked browser, you will find online ads popping up everywhere. And by that we don’t mean the few sponsored search results or a couple of ads that show up when you browse a site. We are talking about ads showing up just about everywhere on your browser. Even a simple link click will take you to an unintended page. It is so evident, you just cannot miss identifying an adware ambush!

Strange pop-ups

Much like the Adware ambush, strange pop-ups show up when you least expect them. For example, you may be trying to open a presentation or a document and a series of pop-up windows will appear before you are allowed access to the file. Watch out for these, as they indicate the presence of a malware in your system.

Spam/Fake emails

If, all of a sudden, you see a lot of spam emails being sent from your/your staff’s official email IDs, there may be a worm at work. Often email worms enter the IT system through the download of one infected file and then replicate themselves across the network via email. Worms do this by penetrating the victim’s email security and spread itself across all of the victim’s email contact list through automated emails that look as if they were actually sent by the victim. So, is Sam from Accounting sending you a lot of junk emails? Probably time to get his PC checked.

A lot of what used to work before is now broken

We all have minor software and hardware issues here and there. But, if all of a sudden, a lot of stuff that used to be up and running seems to be broken, it screams “Red alert”! It could mean that the malware is slowly taking over your IT system, one program at a time.

Bottomline--Surprises are good, but not so much in IT. If you find anything amiss, anything different, like a machine that suddenly slowed down, or a program that just doesn’t work anymore or a new plug-in added to your browser or a new homepage, it’s better to take a deeper look and arrest the problem before it spreads elsewhere wreaking havoc through your IT network.

Assessing your MSP in the first appointment

Assessing your MSP in the first appointment

Handing over your IT to a MSP is a major decision. Who do you choose and more importantly, how? While there’s no rulebook that will tell you exactly how to proceed, here are a few hints that can help you decide how invested your prospective MSP is into you.

How well do they know your industry vertical

It is important that your MSP truly understands the industry-specific IT challenges you face so they can help you overcome those challenges effectively. For example, do you have a commonly used software program or any governmental or regulatory mandates that you must be adhering to. Is your MSP knowledgeable on that front?

How well do they know you and your values

How well does this MSP know your business in particular. Have they invested time in learning a bit about you from sources other than you--like your website, press releases, etc.? Do they understand your mission, vision and values and are they on the same page as you on those? This is important because you and your MSP have to work as a team and when start to see things from your point of view, it is going to be easier for you to build a mutually trusting, lasting relationship with them.

References and testimonials

References are a great tool to assess your prospective MSPs. Ask them to provide you with as many references and testimonials as they can. It would be even better if their references and testimonials are from clients who happen to know you personally, or are in the same industry vertical as you or are well-known brands that need no introduction.

Are they talking in jargons or talking so you understand

Your MSP is an IT whiz, but most likely you are not. So, instead of throwing IT terminology (jargons) on you, they should be speaking in simple layman terms so you understand and are comfortable having a conversation with them. If that doesn’t happen, then probably they are not the right fit for you.

Were they on time

Did your MSP show up when they said they would? Punctuality goes a long way in business relationships and more so in this case as you want your IT person to ‘be there’ when an emergency strikes.

While there are many factors that go into making the MSP-client relationship a success, the ones discussed above can be assessed during your very first meeting. They are kind of like very basic prerequisites. Make sure these basic conditions are fulfilled before you decide on a second meeting.

Hiring seasonal staff? Here are a few things to consider from the IT

Hiring seasonal staff? Here are a few things to consider from the IT perspective

In many industries, there are seasonal spikes in business around specific times. For example, CPAs/Accounting firms, though busy all year, generally see a spike in business around the time of tax planning, IRS return filing, etc., the retail industry sees a boom around the Holiday Season, and so on. During such peak times, it is common practice in the industry to employ part-time staff to meet the immediate resource needs. While this works well in terms of costs and for handling additional work/client inflow, this poses a few challenges from the IT perspective. In this blog, we explore those challenges so you know what to watch out for before bringing part-time staff on board.

Security

When you are hiring someone part-time, security could be a concern. You or your HR person may have done a background check, but their risk score nevertheless remains much higher than permanent employees who are on your payroll. Trusting a temp worker with customer and business data is a risky choice.

Infrastructure

Having seasonal employees is a good solution to temporary spike in workload. But, there is still a need to provide your temps with the resources they need to perform their tasks efficiently. Computers, server space, internet and phone connectivity, all need to be made available to your temp workforce as well.

Lack of training

Your permanent employees will most likely have been trained in IT Security best practices, but what about your temps? When hiring short-term staff, SMBs and even bigger organizations rarely invest any time or resources in general training and induction. Usually brought in during the peak seasons, temps are expected to get going at the earliest. Often IT drills and security trainings have no place in such hurried schedules.

Collaboration needs

Often businesses hire seasonal staff from across the country or even the globe because it may offer cost savings. In such cases when the seasonal staff is working remotely, there is a need to ensure the work environment is seamless. High quality collaboration tools for file sharing and access and communication needs to be in place.
Having part-time or seasonal staff is an excellent solution to time-specific resource needs. However, for it to work as intended--smoothly and in-tandem with the work happening at your office, and without any untoward happenings--such as a security breach, businesses need to consider the aspects discussed above. A MSP will be able to help by managing them for you, in which case hiring temps will be all you need to think of.

3 Things to consider before you sign-up with a cloud services provider

3 Things to consider before you sign-up with a cloud services provider

More and more SMBs are migrating to the cloud and that is not a surprise considering the numerous benefits the cloud can offer them. For a SMB, the cloud is a cost efficient and secure answer to their growing data needs and IT security requirements. The cloud grows with them and lets them scale their business without worrying about a corresponding rise in IT costs. Plus, with the cloud, the important aspects of security and backups are mostly taken care of by the cloud service provider. And then, there’s the convenience of any-time-anywhere data access. With all these benefits that the cloud brings, what’s there to think about before signing up with a cloud service provider? While are a lot of benefits of storing your data on the cloud, but your data is still yours, so there are a few things you need to know and be comfortable with before you jump onto the cloud.

Data storage location

Ask your cloud services provider where, (as in the location of the data center) your data will be stored. Ask them if they have multiple data centers and if yes, then, will they be backing up your data and storing them at different places. It is great if your cloud services provider does that, since that ensures higher safety of your data.

How secure will your data be?

Yes. When you hire a cloud services provider, a major chunk of your data’s security responsibility is passed onto them. You don’t have to really worry about your data security, but, you still need to know how they plan to keep your data safe. Ask your cloud services provider for details regarding their data security procedure. Have them share all policies, SOPs and data security frameworks that they claim to have in place.

Past performance/data loss history

Everyone talks about their best projects in a sales meeting. What you really need to know are the worst ones. Ask your cloud services provider to share with you their data loss/downtime trends for the past one year. Observe the trend. How often does their system give way and how long does it last? This is important for you to understand, because this metric translates into loss of business for you.

And finally, don’t forget to ask for a client list. Like we said before, everyone highlights the good things about themselves in a sales meeting. If you really want to know how good your cloud service provider is, ask them for a client list--both current and past. Check how many of them are from your industry vertical. Try reaching out to those who are willing to talk. Find out what they like the most about your cloud service provider and what aspects they find negative. Find out why their former customers left them. Usually customers are pretty good indicators of the quality of service a business provides. Hope these tips help you finding a cloud service provider who fits in well with your needs.

Migrating to Windows 10: Should you let go of your hardware

While you can purchase and install Windows 10 in your existing PCs–the ones currently on Windows 7 OS–it is not recommended. According to Microsoft, Windows 10 has the following minimum requirements

• Processor: 1 gigahertz (GHz) or faster processor or SoC.
• RAM: 1 gigabyte (GB) for 32-bit or 2 GB for 64-bit.
• Hard disk space: 16 GB for 32-bit OS 20 GB for 64-bit OS.
• Graphics card: DirectX 9 or later with WDDM 1.0 driver.
• Display: 800x600

If your existing PCs don’t meet the above requirements, it’s time to move on. The above list are minimums. The market today has PCs with better specs that will help you get the most out of Windows 10 and make the switch to the new OS more productive and efficient.

Windows 7 was one of the most loved, user-friendly and efficient versions of Windows. This switch sure won’t be easy. It also entails quite a bit of investment in terms of money, downtime and training. Reaching out to a Microsoft-licensed managed services provider (MSP) can help make this transition faster, more efficient and certainly, smoother.

Windows 7 End of Life: What options do you have

As Microsoft stops supporting Windows 7 from January 2020, what choices do you have as a Windows 7 user? While Windows 7 will work after January 2020– it won’t just “shut down”–as a business, you cannot afford to use the older version because it makes you vulnerable to security threats. That leaves you with only 2 options.

Option 1: Purchase extended support

Microsoft is offering the option to purchase extended support for Windows 7 until 2023. Though the exact price of the extended support option is not known, it is estimated to be around $350 per device for 3 years.

But, one thing for you to think about before investing in extended support for your existing Windows 7 devices is that after 3 years you will have to migrate to a newer OS no matter what. In the meantime, your newer software programs or apps may not be compatible with Windows 7.

Option 2: Ring out the old and bring in the new--UPGRADE!

If you choose not to opt for Windows 7 extended support, you can upgrade to Windows 8.1 or 10. But, 8.1 was probably the worst-received Windows OS–barring Vista, of course–so tech experts suggest opting for Windows 10 instead. But, you need to be prepared for a few things if opting for the newer Windows version.

For one, Windows 10 has a very different look and feel compared to 7. It will take some time to get used to this newer version of Windows. Plus, it may not be compatible with all the software programs that you currently run on, using Windows 7. Though most of the applications, personal PC settings and data from Window 7 OS is expected to be supported by Windows 10, there is a chance that some of these may not work as well. Experts estimate antivirus software is most likely one among them.

The migration from Windows 7 to 10 is not really rocket science, but for a business, it can be a headache and a major transition. Consider bringing a Microsoft licensed MSP onboard to help you make this switch.

Windows 7 End of Life: How does it impact you

Microsoft has officially announced the “End of Life” date for Windows 7. It will come January 14, 2020. Windows 7 was introduced in 2009 and is one of the most popular versions of Windows. It is estimated that around 40% of Windows OS is 7. So, if you are one of the Windows 7 users, read this blog to understand how this end of life announcement impacts you and what you should be doing.

End of life means, beyond January 2020, users of Windows 7 will not get any updates, security patches, or any kind of support from Microsoft. Does this mean you need to scrap all your devices that run on the Windows 7 OS? Technically, the answer is no.You can still continue to use your existing computer with Windows 7 OS, but it won’t get the free security patches and updates. This makes your computer and possibly your whole IT network vulnerable to malware and other IT security threats. Plus, as a business, running Windows 7 OS without the security patches and updates is not really an option as it creates liabilities in the event of data theft. Also, you may be inadvertently violating regulations by using an OS that’s officially declared vulnerable to security threats. In short, running Windows 7 without the support is not really an option for businesses.

So, what should you be doing? First off, make sure you download Microsoft’s most recent Windows 7 update, because if you don’t run the most recent update, you will lose Microsoft support 6 months earlier--in July 2019. You can download the update here.

Apart from this, you can buy extended support for Windows 7 from Microsoft. The extended support will be available until 2023. An MSP who is an authorized Microsoft reseller or partner will be able to tell you more about this option and the pricing, in particular.

In the long run, however, you will have to migrate to a newer, supported version of Windows. Learn more about your options in the face of end of life of Windows 7, in our next blog post.

Benefits of Using VoIP Technology

Benefits of Using VoIP Technology

More and more businesses are implementing Voice over Internet Protocol or VoIP technology because of its versatility, flexibility and cost-effectiveness. With new developments in this technology, the scope of its applications is widening. It is becoming more than just voice communications technology. That is why businesses of all sizes are migrating at an increasing rate. Here is a short list of some of the benefits.

Versatility/Flexibility: There are many VoIP service companies that have been working feverishly to enhance the use of this technology. They are bundling up other communication applications into a single unified communication platform to increase the efficiency for businesses. This means all modes of communication such as voice, fax, video, web conferencing and emails can be utilized, using a single software application. The ability of this application to convert voice into an email or fax into an email can bring a tremendous amount of efficiency to business operations. You don't need to sign up for a separate service for a telephone or video conference. An incoming phone call can be received on a mobile phone and regular phone simultaneously. That means there are fewer missed important phone calls, and less wasted time on 'phone-tag.' An employee can receive an important fax on a laptop while sitting in an Internet café or within range of a Wi-Fi hot spot, and can redirect it to an associate within minutes with a few keystrokes. The list of benefits goes on.

Reduced cost: There are many ways VoIP can lower communications cost thus significantly enhancing the revenue. Here are some of the financial benefits of implementing VoIP.

1. Cost per phone call: Making long distance or international phone calls using landlines or mobile phones can be very expensive. Charges incurred at per-minute rate can add up quickly. When you conduct business from multiple locations VoIP applications allow you to make calls from PC to PC that are free if they are within the same network. That could be significant to eliminate long distance charges if two locations are hundreds of miles apart. You can also pay a low monthly flat fee and make an unlimited number of calls, including international calls. This means much less usage of your mobile phone-minutes.
2. Operational costs: You don't need separate networks for data and voice communications. Everything can be done using the data network. Specially designed phones with VoIP technology can be managed right from your desktops. There are a few things at work here. First of all, you have the potential to be eliminating traditional "phone" lines, usually a significant monthly fixed cost, in addition to the per minute usage costs. Paying per minute remains a major issue if you do any international calling, or have offices located in other countries, where per minute rates may not have dropped like those in the US. Another operational cost that goes away are the labor costs involved in moving employees from office to office. Reconfiguring numbers and phones can still require physical changes. Even if they are only software changes, there is a cost to pay the technician who handles these reconfigurations.
3. Infrastructure cost: With this technology your infrastructure cost is greatly reduced. For example, you have to pay more for the telephone extensions using traditional PBX and key systems. Using VoIP allows you to run those extensions right from your computers. Dual-mode phones can be used with this technology after making minor configuration changes. That allows the user to switch the use of a dual phone from cellular to a local Wi-Fi environment, reducing the need to carry a regular phone and a cell phone. That means fewer devices to manage.

Summary: After our discussion, the significance of implementation of VoIP can't be overstated. Every business strives for better revenue. This new technology offers many ways to cut costs and bring efficiency by unifying all modes of communication onto a single platform. Efficiency and lower costs are always synonymous with greater revenue. Get in touch with a Managed Service Provider and ask them how they can bring you on board with this great technology called VoIP.

BYOD: Why is This Concept So Attractive to Employees?

BYOD: Why is This Concept So Attractive to Employees?

Bring Your Own Device, or BYOD, to work was an idea a few years ago that is becoming a reality very fast. To use your personal smartphone, tablet or laptop for work seems increasingly natural. Employees are embracing this concept without any serious reservations. As more and more business activity becomes technology driven, to have electronic gadgets right by your side all the time make sense. According to a survey conducted by Logicalis about 75% of employees in high growth markets such as Brazil and Russia and 44% in developed markets bring their own devices to work.

Let's examine all the factors causing people to want to use their own devices at work.

• Familiarity: This may be the most relevant reason for someone to bring their own tablet or laptop to work. It may be the operating system, web browser, or other apps on their devices that they know so well and feel comfortable using.
• Convenience: Companies have been providing their employees mobile phones for business use for a few decades. Now those employees have to carry two phones, since everyone also has a personal phone. This duality is a nuisance. It is hard enough to care for one mobile phone and now they have to worry about two of them. The reality is that companies expect employees to be in contact 24/7, so company devices can't just be used at work. They have to be carried home, out to the store, etc. If the employees have a choice they would much rather carry just one phone, their own, enabling them to be reachable by family and friends anytime. Also, it could be cheaper if their company offers to share the cost of using their device for business.
• Productivity: Convenience can also result in better productivity. Having fewer devices means fewer distractions. Fewer distractions equals less wasted time. Saving time is always good for productivity.
• Personal contentment: It makes employees feel good to be able to use their own devices at work. Higher employee morale is very important for any organization. Happier employees are more likely to work hard. A positive environment is also a factor in lower turnover. So, if an employer gives its employees the liberty to bring their own devices to work it may have more satisfied workers.
• Conclusion: People in the workplace are using their own devices so they can accomplish more in less time. It makes them happy to have their personal devices at work, and it makes them feel good about their job if they are allowed to use the devices that they are familiar with.

VoIP: A New Dimension in Communication for SMBs

VoIP: A New Dimension in Communication for SMBs

Voice over Internet Protocol or VoIP is about a decade old technology that is gaining popularity among individual subscribers and businesses. In conventional systems, phone calls are made using telephones or handsets that are connected by phone cables. These calls are routed using the Public Switched Telephone Network (PSTN) carrying a signal from one telephone to the other. But instead of connecting telephones to the phone cables through phone jacks in the walls, VoIP uses the internet where phones can be connected to broadband devices, adapters or PCs using broadband. With this system, voice is converted into a digital signal and carried over the Internet. Let's take a look at all the options that are available to make calls using VoIP.

Make Calls from a PC: Using this platform a call can be placed from your PC. Your computer is connected to the Internet via broadband. A specially designed software app allows you to place and receive phone calls right from your PC. When deployed, this software displays a dial pad. You can dial a number using a mouse or keyboard. You will need a headphone or speaker to hear and a microphone to speak. When your PC is connected to a phone or another PC on the other end, you can talk like you would on a regular phone. The software with video capabilities will let you see each other (you and the recipient of your call) if it is a PC to PC call and both computers are equipped with cameras. In this case you don't even need a telephone handset.

Make Calls using a regular phone: You can make phone calls with a regular phone using VoIP technology, but for this you will have to have a service, such as Vonage, that provides VoIP access. You can subscribe to their service for a monthly flat fee or a per-minute rate. Your regular phone can be plugged into an adapter which is then connected to a broadband device. Some services will allow you to make calls within their service network only. But there are other services that will let you make calls anywhere. That means you can call local, long distance, international and through mobile devices.

VoIP telephones: There are VoIP service providers that provide special phones. To use these phones you don't need an adapter. Their telephones are designed to work with your broadband device. You can connect this phone directly into your broadband modem using an Ethernet cable and use the phone like any regular phone.

Companies providing VoIP services are focusing on providing unified communication platforms that will include phone, emails, faxes, videos and voice mail capabilities. Their goal is to deliver these capabilities that can be used by all means of communication including handheld devices.

The Role of MSPs: Managed Service Providers or MSPs can help businesses with the installation of hardware and software, enabling VoIP technology. This will also organize their communication networks by integrating those networks into their IT infrastructure. Now SMBs can eliminate another worry (management of their communication systems) by outsourcing their IT services.

SMBs: It is Hackers v. You - Don't Let Them Score

SMBs: It is Hackers v. You - Don't Let Them Score

Selling stolen IDs and other personal data is a lucrative trade for hackers. They are always looking for sources where vital information is stored. As a small to midsize business you store your client's personal information, collected from different sources, on your computers and servers. Your Point-of-sale (PoS) terminal and some website transactions can be completed by use of electronic banking, credit cards or debit cards only. Your customers have to key-in their pins or passwords to make payments. That information has to be saved. Also, depending on the kind of services or products you provide, you may be collecting Social Security numbers, addresses, driver's license numbers and DOBs of your clients. Information that personal is as important as it can get. Any source of that information is like a gold mine for a hacker. All this means only one thing for you: A data security nightmare.

Here are the channels hackers can use to break into your IT infrastructure

• Your website: Hackers have become very sophisticated in cyberattacks on websites. They can access specific information by targeting websites that have the information they are looking for. For example, if they want only financial information about their victims, they can use tools that will fish for the websites that carry that kind of information. Implementation of web-based applications has made it easier for cybercriminals to connect to your website database. They are able to find the loopholes and hack into systems. They can then access your customer's personal information, allowing them to steal from your clients by committing credit card and bank fraud. Or they can just sell your client's info on the Internet.
• Your computers and servers: Your computers and servers are treasure-troves of information. By sending malware into your systems they can steal your admin passwords, and then login to your servers and other network devices. These hardware devices are the ultimate prize for cyber thieves because these devices not only hold important information about your clients, they also have all the information about your business and possibly about your vendors and associates. There is nothing about your business that these hackers don't know. Imagine how devastating this attack can be.
• Mobile devices used by your employees: If you are one of those entities that allow their employees to use their mobile devices to conduct business, you have another security dimension to worry about. You don't know how secure their mobile phones, iPads, laptops or tablets are. You don't know how hard or easy their passwords are to crack. Breach of security into those devices will lead hackers right into your networks where they can steal data at will.
• Unsecure Wi-Fi network: Most businesses keep their Wi-Fi networks well protected, but unsecured Wi-Fi is an open invitation to cyber criminals. If your Wi-Fi network is not secure, hackers are one step closer to breaking into your systems without even trying.
• Your PoS systems: PoS systems are the prime targets for hackers who want to commit financial fraud. Cyber thieves know that PoS systems that come with preloaded software can be hacked using an unsecured Wi-Fi network. This fraud has a direct impact on an individual's finances because a hacker can make unauthorized credit card charges quickly and move on before anyone realizes what happened. Ruined credit can take years to mend.
• Your emails: Email is another venue that hackers use to infect computers with malicious software. They send viruses that replicate themselves in the host computers, performing various tasks such as denial of service to the users of your systems, spamming your contacts and accessing data without authorization.

Summary: After reading this article you probably feel like you are in cyber warfare with hackers and your IT infrastructure is the battlefield. You are absolutely right. Hackers are relentless and they are devising new methods all the time to steal from businesses. But this is one fight you can't let them win. Protecting client data is not just a moral obligation. You are legally bound by the privacy laws to protect this information by all means. Breach in data security can ruin your reputation, and the financial liability to meet legal obligations may become too much to sustain.

So how do you fight this war in which you have to make certain that there is only one winner? Outsource your IT managed services to professionals who will monitor your networks 24/7 from a remote location. Your in-house IT management team may be able to fix problems, but it is important that proactive solutions are in place in case there is data loss as a result of a breach. Managed services can create solid data backup & recovery plans that will have your systems up and running quickly, so you can reduce downtime and protect your revenue.

Business Disaster: What Threatens Small Businesses the Most?

Business Disaster: What Threatens Small Businesses the Most?

There are many threats to the integrity of a small business, and not all of them are as dramatic as a cyberattack or a hurricane. Every small business needs to do a risk assessment to determine all the threats that exist that could bring harm. External threats are the ones that get the the most attention. These can be big snowstorms or hurricanes that bring down power lines and network connections. They can also be man-made. A power outage due to a grid failure, or an act of terror. Also in this category are phishing scams, cyber attacks and data theft from external sources.

All of these are the ones that make the evening network news, and every business needs to plan how to handle them. However, there are some internal threats that can be just as serious, but are far less attention getting.

For example, human error. Stolen data can occur because someone forgot about changing their passcode, or they left a smartphone containing critical data on the bus. These aren't nefarious acts, but they can still have serious consequences. Have you looked at how you might wipe clean a lost phone? What about the person who forgot to do a backup the day before a server failed?

Another area where human error can occur is a technical oversight. Perhaps an overworked tech who did not recognize the existence of a single point of failure in your IT infrastructure. To learn how outsourcing some tasks such as proactive management and security audits can solve these problems, see "Outsourcing Isn't a Dirty Word: Meet Managed Services, Your IT Team's New Best Friend - Managed Services"

Data Protection and Bring Your Own Device to Work

Data Protection and Bring Your Own Device to Work

BYOD refers to a firm's policy of allowing employees to use their own personal phones, tablets and laptops for all their work applications.This is a pretty common policy, and it has many benefits, but it brings along risks. How are you addressing these risks?

Here are some of the issues raised by BYOD

1. A lost device - If you issue company phones, you have the ability to remotely wipe the unit clean if it is lost or stolen. With employee's personal devices, do you still have that ability. If not, your data is at risk.
2. Software updates - Is the employee responsible for updating all the software and virus protection programs on their own devices? If that responsibility transfers to them, you are at the mercy of their willingness to keep track of such tedious tasks. If you accept responsibility for it, do you have the in-house staff to handle all the extra work?
3. Back ups - with data being entered on many different devices, something must be done to ensure back up procedures are routinely followed.

In short, BYOD is probably an unavoidable approach to device management. It is unrealistic to expect people to carry around 2 different phones or tablets 24/7. But BYOD means extra work for the in-house staff of a small business. To learn more about these risks and a more affordable, comprehensive approach to BYOD Management, see our e-guide "Now you see it, There IT...Stays".

Everyday Human Error Can Affect Data Protection

Everyday Human Error Can Affect Data Protection

Are you under the impression that data loss is all about putting up firewalls to protect against evil cyberattacks? Some of the biggest sources of data loss include sloppiness, human error, and just plain forgetfulness.

What are some of the unglamorous things that we do everyday that leave us vulnerable?

Passwords
Old or easy passwords are a good first example. Employees set up simple passwords that are easy to crack. More importantly, employees may share passwords, and many often fail to create new ones on a frequent basis. Both of these represent critical breakdowns of good data protection practices.

Emails
Another significant problem caused by bad judgment is the tendency of people to open phishing scams. Almost everyone now knows about the Nigerian who wants to send money to your bank account, but many new scams come along every day and people fall for them. This is such a serious source of virus infection that some companies now deliberately send out their own phishing email to teach workers not to open anything from an unknown source. (The employee who opens one of these gets a pop up screen that tells them they've been tricked and then offers guidelines for identifying bad emails.)

Browsing the Web
Bad websites. Yes, everyone has policies about internet use at work, but that doesn't mean people pay attention and don't visit places they shouldn't. Most significantly, a lot of those "sites they shouldn't visit" are far more likely to be infected than CNN, Ebay or Amazon!

Losing Your Belongings
And finally there is just old-fashioned forgetfulness. Phones left on a bar stool.Or the bus. Sigh. There isn't much more to be said about this one.

To learn more about the risks that your employees pose to your business's data integrity, see our e-guide "Now you see it, There IT...Stays".

Disaster Recovery Plans: Do You Have One?

Disaster Recovery Plans: Do You Have One?

Disaster recovery and business continuity plans are issues that almost all small businesses fail to think about. More frequently, they decide they haven't the resources to address such "unthinkables."

If your business was down for 1-2 days or more, what costs would you incur?

1. Lost revenues and lost productivity. These are obvious. You won't make the money that you would have if you remained open. This is especially true if you provide a service. Services are inherently tied to time, and time cannot be re-created. Sure, you can work extra hours next week, but it won't be a service provided at the time it was expected. However, even if you provide a product that can be purchased next week instead of today, a customer didn't get it when they most wanted or needed it.
   
   There are other far more serious consequences of business downtime than just unsold goods and services. There are the intangibles that can't be so easily measured but have long-term consequences.
2. Helping the competition – You give your competition a real edge. Present clients and potential ones may go to a competitor while you are down. Not all will return. Your competitors now have ammunition against you to use in sales pitches.
3. Employee frustration – Employees will carry the burden of the extra hours and stress of helping get things back together. That can lead to a lot of frustration, which, if things don't get back to normal quickly, can damage long-term productivity. Most importantly, it can damage the respect they have for management (that means you). In general, they will recognize that you didn't have the foresight and wisdom to anticipate the need to create disaster recovery and continuity plans. How can that not damage their trust and support for the company and you?
4. Negative brand reputation –Your customers will also wonder how you couldn't have cared enough to make plans to handle trouble. Think of the negative way a customer sees it. The event suggests a company that doesn't think ahead. A client is not "off base" to feel angry that you didn't care enough to make plans to support him if a disaster hit. Also, if you can't handle disasters well, what else aren't you handling properly?

These are just a few of the reasons everyone needs to consider disaster recovery. To learn more, see our e-guide "Staying Alive: The Definitive Guide to Business Continuity and Disaster Recovery for Small Businesses".

Why Small Businesses Shouldn't Avoid Making Disaster Recovery Plans.

 

 

Why Small Businesses Shouldn't Avoid Making Disaster Recovery Plans.

 

Entrepreneurs and small businesses, especially ones that are fairly new, often don't think about making plans to recover in case of a disaster. However, it is the smallest business that most likely has the fewest resources to fall back on in case of disaster.

 

Why does this happen?

1. It isn't on an entrepreneur's radar - The challenge and hurdles of starting out are what drive small business owners. The excitement that comes with getting a new client or releasing a new product are what motivates them. To be honest, things like disaster recovery plans are a little dull and aren't part of the exciting day-to-day hustle of running a company. As a result, these issues get put on the back burner.
2. Planning tools can seem too complex - Ideas like "risk assessment" and "business impact analysis" can be intimidating. Many SMBs may just feel the whole area is overwhelming and leave it to another day.
3. It is perceived to be unaffordable - Many owners may believe that putting disaster recovery plans into place involves a lot of additional spending on consultants, backup hardware and more software. That isn't true. With cloud technology and the use of a managed service provider, disaster recovery doesn't need to be an intimidating or expensive proposition.

To learn more, see our e-guide "Staying Alive: The Definitive Guide to Business Continuity and Disaster Recovery for Small Businesses".

Outsourcing? Really. Its OK: How it can save time and money

Outsourcing? Really. It's OK: How it can save time and money

Almost by definition, small business owners and entrepreneurs cringe at the concept of outsourcing. Those who start their own companies like the control and autonomy it provides them. Unfortunately, that preference for control and autonomy may have some bad side effects when it comes to IT.

Small business don't have the resources to fully support all of their IT infrastructure needs. The present in-house staff is most likely very busy putting out day-to-day fires. One statistic suggests 65% of IT budgets go to nothing more than keeping the lights on. In short, staff is busy making sure the printer works or reloading a PC infected by a virus after an employee fell for a phishing email. This means that small firm's expenditures on IT are not improving operational, efficiency, or enhancing productivity or competitiveness.

There is an alternative. Managed Service Providers are outside consultants you can bring in to handle the day-to-day tasks, so your own IT resources can be used more productively.

How might an MSP supplement your IT efforts?

• 24/7 operations center - Small businesses can benefit from, but simply cannot afford 24/7 internal monitoring of their IT infrastructure. Many of the issues that become costly business disruptions, such as hardware, software, and applications failures are completely preventable if they're detected and addressed early enough. It is a reality that your systems run 24/7, but you can't support a 24/7 IT staff. A MSP, however, can use economies of scale to provide around the clock monitoring of your IT operations.
• Disaster recovery and business continuity plans - Small businesses have limited resources, so if there were to be a serious business interruption or data loss, they could be completely out of luck. However, risk assessments and continuity plans are likely outside of a small business owners field of expertise. A MSP can be brought in to design a complete solution.

These are just 2 ways that a small business owner can benefit from passing along IT support to an outside source. In both cases, small business owners don't lose any control of the key parts of the business operation. Instead, the distractions of IT support are moved along to an expert, while the entrepreneur focuses on what she does best: running her business. We'll talk in another blog about other benefits of outsourcing IT, but in the meantime, see our e-guide "Outsourcing Isn't a Dirty Word: Meet Managed Services, Your IT Team's New Best Friend - Managed Services".

Run your Business, not an IT Company

Run your Business, not an IT Company

You went into business because you have an interest and expertise in some particular product or service. You began the firm to offer that product or service, but a dirty little problem came along with that new company. IT requirements. You need equipment, and you need networks, and printers, and data storage to keep the company up and running. As a consequence, you've become responsible for managing something you probably don't care very much about or even understand especially well.

Managed Service Providers can be a solution. A small business can off load a variety of IT tasks that are becoming a distraction to everyday business operations and strategy.Here are just two examples.

Software updates and security audits: Your present in-house staff may be spending most of its time fixing everyday problems. As a result, they may have to delay vital security measures, such as applying tested security patches or updating virus software programs. Working with a MSP will eliminate much of the work overload that leads to system or security vulnerabilities.

An end user help desk: If you have any in-house staff, they are probably well-trained and very qualified. Are their skills being wasted on all the little daily issues of cranky printers and broken keyboards? MSPs can offer an end user help desk that can handle all those calls that pull your own staff away from larger efforts that can enhance productivity and move the business forward.

What is the Cloud: A Simple Analogy

What is the Cloud: A Simple Analogy

You use the cloud and don't even know it. Do you go to Amazon and create a wishlist? Do you have an email account on Yahoo? That is cloud computing. All your emails are stored on Yahoo servers somewhere. They are on physical servers, of course, but they aren't on your laptop. The advantage is that when you spill your coffee onto the laptop keyboard, you haven't lost all your emails even if you never backed up your hard drive. (If you haven't, shame on you, by the way.)

Here is a simple analogy to explain how the cloud works and why it might be a very useful part of your business model. Picture the small, very cramped office space of a little start-up. You and a few coworkers sit in tight quarters with messy desktops buried in mounds of papers, files, and pizza boxes. There is absolutely no room for storage. (Throw the boxes out yourself. There are limits even to cloud technology) It will be a long time until you can afford a larger office space. Your building manager offers to rent you an empty file cabinet in the basement. Although the basement space is shared with other tenants, only you and your team have keys to this locked cabinet where you will store all those piles of paper. Your rent is relatively cheap compared to other tenants, since you're only paying for the cabinet, and not the larger lockers they have leased.

Suddenly, those once covered desktops are clean, leaving space to work. More importantly, the papers are all nearby, each of you has a key, but they are safe from everyone else in the building or outside. They are also safe from spilled coffee and pizza crumbs. You've avoided the dramatic jump in fixed costs required to find bigger office space, when all you needed were several feet of filing cabinets. Even better, the money saved is put back into the core goal of providing a product or service to a customer.

The cloud does the same thing. You rent only the space you need, it is safer from hackers than your on-site server will ever be, secure from thieves, and protected from accident-prone employees. Unlike the rest of us, cloud service providers don't have coffee cups near their keyboards or forget to do monthly backups. In short, the cloud provides scalable storage without large incremental leaps in fixed costs you really can't afford.

Loss of Data: Causes and Prevention

Loss of Data: Causes and Prevention

The adoption of technology from the simplest of matters to the most complex problems has rendered us heavily dependent on it. We love paying our bills minutes before they are due. We enjoy seeing loved ones face-to-face on our computer screens. We can access and print our extremely sensitive records from government and financial websites in a matter of minutes instead of waiting for the mail for days. The time and resources that technology saves are invaluable, but this convenience has a very ugly side. This convenience brings costs, which could include irreparable financial, professional, and social damage. The technology that is designed to make life easier can also wreak havoc when criminals use it to breach secured, personal information. So how do we tame this beast called 'breach of data security'?

Background: The gravity of the problem: To look for a solution, we first need to understand how serious this problem is. Breaches in data security and loss of data could spell imminent demise for many small companies. According to the National Archives & Records Administration in Washington, 93% of companies that have experienced data loss resulting in ten or more days of downtime have filed for bankruptcy within a year. 50% wasted no time and filed for bankruptcy immediately and 43% that have no data recovery and business continuity plan go out of business following a major data loss. In the past, small- to medium-businesses (SMBs) thought that data security problems were reserved for large corporations, but cybercriminals are finding out that SMBs are more complacent in securing their data thus making themselves easier targets. More importantly, the lightly guarded SMBs can provide backdoor access to the large entities hackers really want to hit. Fewer than half of the SMBs surveyed said they back up their data every week. Only 23% have a plan for data backup and business continuity. That is why the number of cyberattacks on SMBs has doubled in the recent past.

Causes of lost data: Loss of data can be attributed to two factors.

• Breach of data security: As we discussed above, theft is the main reason for loss of data. Hackers can get into networks by installing their own software hidden inside emails and other Web content. They take over PCs and networks and then access files containing personal information. They can then use that information to empty people's bank accounts and exploit data for other purposes.
• Human error and employee negligence: Humans still have to instruct technology to perform as desired. Examples of negligence include unattended computer systems, weak passwords, opening email attachments or clicking the hyperlinks in spam and visiting restricted websites. Fortunately, this type of loss of data is easily preventable, but it is just as detrimental and can bring your business to a halt. Downtimes can be very harmful to your business continuity and revenue.

Five ways to minimize data loss

1. Enforce data security: More than technology, this is the management of human behavior. SMB management must communicate data protection policy to the entire staff and see to it that the policy is adhered to. Rules and policy must be enforced very strictly regarding the use of personal devices. Tell employees to create passwords that are hard to crack and change them frequently.
2. Stress the consequences: Rules are only good if there are consequences for not following them. Define what those consequences mean for the both the individual and the organization.
3. Mobile device management: Mobile devices may be the weakest link in data security. "Mobile device management" refers to processes that are designed for the control of mobile devices used within the company. Devices tapping into company systems are identified and monitored 24/7. They are proactively secured via specified password policies, encryption settings, etc. Lost or stolen devices can be located and either locked or stripped of all data.
4. Snapshots: Fully backing up large amounts of data can be a lengthy process. The data being backed up is also vulnerable to file corruption from read errors. This means sizable chunks of data may not be stored in the backup and be unavailable in the event of a full restoration. This can be avoided by backing up critical data as snapshots.
5. Cloud replication and disaster recovery services: For SMBs who consider data backup to be too costly, time-consuming and complex there is an answer. The Cloud provides a cost-effective, automated off-site data replication process that provides continuous availability to business-critical data and applications. Cloud replication can often get systems back online in under an hour following a data loss.

To conclude our conversation, it is very important to understand the causes and consequences of data loss. Be proactive and minimize the likelihood of a data breach and data loss, so you can stay in business without interruption. Make sure you have a solid data recovery and business continuity plan so you don't become another statistic about small firms who didn't make it.

Be Proactive: How to Avoid Potential Network Failures

Be Proactive: How to Avoid Potential Network Failures

For small- to medium-sized businesses (SMBs), an IT network failure can be devastating because they don't have the resources of large corporations to bounce back from such disasters. Preparation against such devastation may be the only course for them to avoid failure and survive with the least damage if failure occurs. SMBs must be proactive in recognizing the eventuality of a cyberattack or human error that can cause data loss and disrupt business continuity. This is what needs to be done to help prevent a potential failure.

Be prepared: Being proactive is an essential step for preparation against a disaster. There are two ways to determine how to best prepare to prevent potential failure of your infrastructure. First, you need to identify the weaknesses throughout your systems, and second, determine how you are going to eliminate those weaknesses and protect your network.

Identify the weaknesses: Determine how and why your system could fail. Examine all aspects of your hardware and software. Assess all the internal and external factors that could contribute to failure of your networks. Here are some questions you need to know the answers to.

• Does customer access and/or employee productivity often stall because of downed systems? In these situations, how quickly is your IT support able to minimize the damage?
• Can you say with certainty that your business will be back online and be able to access lost data with minimal disruption in case of failure?
• Your critical data should be backed up frequently. The data on personal laptops, iPads and other mobile devices should also be backed up. Are all these steps being taken, and how often?
• Are all backups stored in a location off-site and are they quickly accessible in the event of corruption, fire or flood?
• Are you using any custom-made software? Can it be reinstalled and updated when needed?
• Are your systems truly protected from hackers and viruses? Do you change passwords when employees leave the company?
• How often do you test your backup processes?

The answers to all these questions should give you a clear picture of your network's ability to survive in case of a catastrophe.

Here are five steps that you can take to protect your networks

1. Backup files every day: There are a large number of businesses that never backup data. Only 23% of SMBs are backing up their data daily, and only 50% are doing it weekly. A number of issues can result in loss of data. You should backup data every day.
2. Check backup procedures regularly: Don't find out accidentally that your backup system is not working properly. By then it could be too late. It may seem like your data is being backed up normally, but check frequently if it is backing up the way it should be. In this age of BYOD make sure all employees are also following procedures to backup data on their laptops, iPads, etc.
3. Make sure virus protection and firewalls are always enabled: Many companies either don't have virus protection installed or it is disabled. That renders their networks vulnerable to virus attacks from emails, spam and data downloads. Corrupted files will not only bring your systems down, but they can spread to your customers and email contacts. That will spell disaster for your reputation. Hackers are always looking for unprotected and open ports online that they can attack with malicious code or files. That can cause permanent data loss.
4. Monitor server drives: Dangerously full server drives can cause many problems, ranging from program crashes to sluggish email delivery. Servers should be monitored and maintained regularly to avoid these problems.
5. Check built-in logs: Frequent reviews of built-in logs can reveal small issues. You will have a chance to prevent them from becoming bigger, harder-to- manage problems that can bring your systems down.

Summary: We now know IT system failures have very serious consequences for SMBs. We also know that they can avoid such failures by being proactive. Many SMBs are now turning to cloud-based services and virtualized backup solutions to mitigate downtimes and network failures. Virtualization and cloud computing have enabled cost-efficient business continuity by allowing entire servers to be grouped into one software bundle or virtual server - this includes all data, operating systems, applications, and patches. This simplifies the backup process and allows for quick data restoration when needed.

It is Heaven! Using the Cloud to Challenge Big Business

It is Heaven! Using the Cloud to Challenge Big Business

Has anyone suggested you begin moving your business to the cloud? Cloud data storage or cloud computing? What is this, anyway? And isn't it something for huge companies?

In the last post we explained what cloud computing is. Simply put, it is the offsite storage of your data, and perhaps even the software packages you use. The primary benefit is pretty straightforward. Somebody else pays for all the hardware and support costs needed to store your data. You pack up all your own servers, wiring, etc. and take them to the recycling center, and save money. But is that all it is? There is a much stronger case for a small business to incorporate the cloud in their business model. The cloud allows you to become competitive with the big players in your industry.

The traditional issue holding back small business: they do not have the capital to create the infrastructure to compete with large firms. They are too small to enjoy economies of scale. One obvious area is software and hardware. Historically, the technology used by big business has been out of reach of the little guys. Most SMBs have neither the hardware budget nor internal resources to own a network infrastructure. A small business does not have capital to buy the equipment. Take a simple example: You run a storefront, but think you might be able to sell a bit more if you went online, but you don't know how much more. You can't justify the capital to buy the hardware, software, and the labor to design, build, and support it all. The cost of entry to the online world is just too much.

The cloud ends all of that. In simple terms, the cloud lets you rent just as little infrastructure as you need, and then lets you grow as incrementally as you like, paying only for what you use. Essentially, the cloud has become the great equalizer. The high cost of entry created by IT can be eliminated by the cloud.

5 Ways SMBs Can Save Money on Security

5 Ways SMBs Can Save Money on Security

Small-to-medium sized businesses and large enterprises may seem worlds apart, but they face many of the same cyber-security threats. In fact, in recent years, cyber-criminals have increasingly targeted SMBs. This is because it’s widely known that SMBs have a smaller budget, and less in-house expertise, to devote to protection. Thankfully, there are several things SMBs can do today to get more from even the most limited security budget. And, no, we aren’t talking about cutting corners. Far too often, SMBs cut the wrong corners and it ends up costing them more money in the long run. It’s a matter of taking a smarter approach to security. Here are five smart approaches to take

• Prioritize - Every business has specific areas or assets critical to its core operations. Seek the input of valued staff and team members to determine what these are. Is there certain data that would be catastrophic if it was lost or stolen? If hackers compromise a network, or prevent access to certain applications, how disruptive would it be to daily business operations? What kind of potential threats or vulnerabilities pose the greatest risk to the company or your customers/clients? Focus on the most likely risks, not theoretical risks that "could happen." Asking such questions gives you a clearer and more complete perspective as to where to focus available security resources.
• Develop and Enforce Policies - Every SMB needs to implement a security policy to direct employees on appropriate and inappropriate workplace behaviors relative to network, systems, and data security. Merely drafting this document isn't enough. Employees must be held accountable if they fail to adhere to policy. Such policies should be updated regularly to reflect new technology and cultural shifts. For example, a document written before social media took off, or before the BYOD (Bring-Your-Own-Device) movement, doesn't necessarily apply today.
• Education - Ongoing end user training must be provided. Many security breaches happen because employees fail to recognize phishing schemes, open emails from unknown sources, create poor passwords that are seldom changed, and don't take proper precautions when using public Wi-Fi connections on personal mobile devices also used for work.
• Take to the Cloud - Running applications and servers in-house is a costly endeavor. Leveraging the cloud today allows SMBs to cut costs while also strengthening their security. Cloud operators typically have built-in security features, alleviating SMBs of the burden of maintaining security themselves. Today, not only can SMBs shift much of the burden of IT to the cloud, but they can also outsource much of their security by taking advantage of the remote monitoring, maintenance, and security tools provided by Managed Service Providers (MSPs).
• Don’t Aim for Perfection – There is no such thing as perfect security. Striving for perfection is expensive and can prove to be more costly in the end. Improving protection and response would be a more ideal allocation of funds. It can take a hacker several months to figure out your systems and do real damage. Having the ability to quickly detect their presence, and mitigate any potential damage they may cause, is a more realistic and less expensive approach than thinking you can completely remove any probability whatsoever of a hacker breaching your system.

Four Key Components of a Robust Security Plan Every SMB Must Know

Four Key Components of a Robust Security Plan Every SMB Must Know

Most businesses are now technology dependent. This means security concerns aren’t just worrisome to large corporate enterprises anymore, but also the neighborhood sandwich shop, the main street tax advisor, and the local non-profit. Regardless of size or type, practically any organization has valuable digital assets and data that should not be breached under any circumstances.

This makes it the responsibility of every business, especially those collecting and storing customer/client information, to implement a multipronged approach to safeguard such information.

Yes, we’re looking at you, Mr. Pizza Shop Owner who has our names, addresses, phone numbers, and credit card information stored to make future ordering easier and hassle free.

Today’s SMB Needs a Robust Security Plan
Protecting your business and its reputation comes down to developing, implementing, and monitoring a robust security plan that adequately addresses everything from physical access and theft to the threat of compromised technology security. This involves defining and outlining acceptable uses of your network and business resources to deter inappropriate use. Here are four key components to consider.

Network Security Policy: Limitations must be defined when it comes to acceptable use of the network. Passwords should be strong, frequently updated, and never shared. Policies regarding the installation and use of external software must be communicated.

 

Lastly, if personal devices such as laptops, tablets, or smartphones are accessing the network, they should be configured to do it safely, which can be done easily with a reliable Mobile Device Management (MDM) solution.

 

Communications Policy: Use of company email and Internet resources must be outlined for legal and security reasons. Restricting data transfers and setting requirements for the sharing or transfer of digital files within and outside of the network is recommended. Specific guidelines regarding personal Internet use, social media, and instant messaging should also be clearly outlined. If the company reserves the right to monitor all communication sent through the network, or any information stored on company-owed systems, it must be stated here

Privacy Policy: Restrictions should be set on the distribution of proprietary company information or the copying of data.

Inappropriate Use: Obviously, any use of the network or company-owned system or device to distribute viruses, hack systems, or engage in criminal activity must be prohibited with the consequences clearly noted. Any website that employees cannot visit should be identified if not altogether blocked and restricted. For instance, downloading an entire season of True Blood from a Bit Torrent site isn’t an acceptable use of company Internet resources.

Every employee must know these policies and understand the business and legal implications behind them. Companies must also make sure these policies are clear and understood by all, and most importantly, strictly enforced.

Contact us at Direct Business Technologies, LLC

Just Because You’re Not a Big Target, Doesn’t Mean You’re Safe

Just Because You're Not a Big Target, Doesn't Mean You're Safe

Not too long ago, the New York Times' website experienced a well-publicized attack, which raises the question – how can this happen to such a world-renowned corporation? If this can happen to the New York Times, what does this bode for the security of a small company's website? What's to stop someone from sending visitors of your site to an adult site or something equally offensive?

The short answer to that question is nothing. In the New York Times’ attack, the attackers changed the newspaper's Domain Name System (DNS) records to send visitors to a Syrian website. The same type of thing can very well happen to your business website. For a clearer perspective, let's get into the specifics of the attack and explain what DNS is.

The perpetrators of the New York Times’ attack targeted the site's Internet DNS records. To better understand this, know that computers communicate in numbers, whereas we speak in letters. In order for us to have an easy-to-remember destination like nytimes.com, the IP address must be converted to that particular URL through DNS.

Therefore, no matter how big or small a company’s online presence is, every website is vulnerable to the same DNS hacking as the New York Times’ site. The good news is the websites of smaller companies or organizations fly under the radar and rarely targeted. Larger targets like the New York Times, or LinkedIn, which was recently redirected to a domain sales page, are more likely targets.

For now...

There is no reason to panic and prioritize securing DNS over other things right now. But there is a belief that DNS vulnerability will be something cybercriminals pick on more often down the road.

Here are a few ways to stay safe

Select a Registrar with a Solid Reputation for Security

Chances are, you purchased your domain name through a reputable registrar like GoDaddy, Bluehost, 1&1, or Dreamhost. Obviously, you need to create a strong password for when you log into the registrar to manage your site's files. Nonetheless, recent DNS attacks are concerning because they're far more than the average password hack.

It was actually the security of the registrars themselves that was compromised in recent attacks. The attackers were basically able to change any DNS record in that registrar's directory. What's particularly frightening is the registrars attacked had solid reputations. The New York Times, along with sites like Twitter and the Huffington Post, is registered with Melbourne IT. LinkedIn, Craigslist and US Airways are registered with Network Solutions. Both had been believed to be secure.

So what else can be done?

Set Up a Registry Lock & Inquire About Other Optional Security
A registry lock makes it difficult for anyone to make even the most mundane changes to your registrar account without manual intervention by a staff registrar. This likely comes at an additional cost and not every domain registrar has it available.

Ask your registrar about registry locking and other additional security measures like two factor authentication, which requires another verifying factor in addition to your login and password, or IP address dependent logins, which limits access to your account from anywhere outside of one particular IP address.

While adding any of these extra safeguards will limit your ability to make easy account change or access your files from remote locations, it may be a worthwhile price to pay.

Contact us at Direct Business Technologies, LLC