Category Archives: SMB Technology

Computer repair, network compliance, wifi, small business IT, remote backup, anti-virus, cloud computing tips

Choosing the Best Cloud Service Model for Your Business

No question about it, cloud computing is here to stay. Considering migrating to the cloud is just the beginning, however. Three models to consider–IaaS, PaaS and SaaS–offer varying levels of shared responsibility between provider and customer. Read on to learn more about the three models, and to get an idea which is the best for your business.

Cloud Service Models–Benefits and Responsibilities

Infrastructure as a Service, or IaaS, requires the cloud service provider to establish the network and its connections. With this model, a company can have their provider maintain and operate the infrastructure; the client will still need to keep their operating system current, configure their platform to meet requirements, and control how information is handled and stored. A company using IaaS will have more flexibility, but will need more technical and security expertise and assistance. Moreover, the company needs to take on administrative roles for system level security.

The Platform as a Service (PaaS) model provides hosting and tools on which applications can be developed, and the provider is responsible for furnishing a user interface. The client is responsible for controlling administrative access to certain portions of computing resources, and also oversight of applications built on the platform. Also, the client needs to keep the platform current with operating system patches, and implement a cloud security strategy to protect their applications.

If a company chooses Software as a Service (SaaS), they will have more responsibility for maintaining user security and may take on some administrative roles for the application. While the provider handles the infrastructure, keeps the software applications up to date and provides hardware and software tools over the Internet, many security considerations remain with the customer. Your company will need to train employees in awareness about keeping the network secure, implementing a strong password policy and possibly a zero-trust environment where each log-in to the network is verified.

Whichever model your company chooses will depend on your budget, level of staffing and ability to take on certain responsibilities for maintaining a strong, healthy network. For more guidance in choosing the most appropriate model, contact us today.

Keep Your Network Secure Against Cyber Attack

Late last year, as well as more recently, two major cyber attacks occurred–one at SolarWinds via their software platform in December of 2020, and one at Colonial Pipeline just this month. These attacks are even more serious than one performed by a lone attacker, and signal how vulnerable networks can be. Not only do businesses need to use tools to protect their own computer networks, but to share information with other companies. Read on to learn how your company can protect itself against cyber attacks.

 

Recent Cyber Attacks a Wake-up Call 

 

Last December, IT management company SolarWinds was attacked by hackers who inserted malicious code in what seemed a normal software update. What’s ironic is that the very platform used to monitor threats, was the one targeted. The bad code allowed the perpetrators to hack numerous government agencies and private companies, possibly stealing untold amounts of data. The company’s platform  was used in this sophisticated attack, and the software update was downloaded by some 300,000 users. Through the download, the perpetrator was able to penetrate deep into companies’ and agencies’ networks. More recently, Colonial Pipeline was targeted in a potential attack on electrical supply to the East Coast via the gas pipeline. While investigations are still underway in each incident, foreign state actors are thought to be responsible. Both these attacks show how vulnerable companies can be. Could there have been a way to prevent the attacks, to see them coming? In spite of all the precautions companies take to shield their networks, cyberattacks seem almost inevitable. 

 

Ways to Protect Your Company Against Ransomware

 

Of course, companies should continue doing things like remote network monitoring, maintaining current anti-virus and anti-malware definitions and training their staff to recognize possible attacks. Commonly hackers try to get into a system by phishing–trying to trick the recipient of an email into clicking a link, providing the attacker a way in. Employees need to be trained to recognize a phishing email by telltale signs (spelling errors in the email) and to inform a supervisor about the email. Yet there’s another step to take. This involves people–sharing information with other companies about attacks and threats of attacks. Commonly and unfortunately, there is a stigma to experiencing a cyber attack; a company doesn’t want to be considered weak. But think how much stronger companies could be when they depend on each other to be aware of new threats, and can band together against cyber crime. Along with this practice, a company can continue educating their staff to recognize phishing attacks and to be careful with passwords (making them difficult to guess, and changing them frequently). Every device connected to the network needs to be monitored, and ones suspected of being attacked, quarantined (disconnected) to keep the network secure.

 

Tools and technology like malware protection and network monitoring should always be a part of your cybersecurity plan. People can also play a role, by reporting possible attacks and sharing information. To learn more about refining your strategy for network security, contact us today.

Guarding Against Cyber Threats and Ransomware Attacks

Cyber threats are nothing new. We’ve been hearing of their prevalence and their aggressiveness for a long time. For example, ransomware is an attack designed to block access to your computer unless you pay a sum of money as a ransom. In recent years, ransom payouts have greatly increased. Read on to learn more about current and emerging cyber threats and how to guard your network from them.

 

Cyber Threats to Watch Out For

 

Cybercriminals find various ways to get into company’s computer networks, often by tricking users into giving confidential information. Social engineering schemes, also known as “phishing” attacks, seek to trick users into clicking a link or into believing the email is from their supervisor. Malware and viruses then have a way to enter networks and steal confidential information as well as infect an entire network. Attackers are using some of the very same emerging technologies–artificial intelligence and machine learning, for instance–to find ways into networks and to evade detection when doing so. This can result in costly downtime for the organization, costly ransom requests and more. How, then, can these attacks be prevented?

 

Defending Your Network Against Ransomware Attacks

 

One common attack is ransomware.  Ransomware can get into your system by social engineering (“phishing”), including dangerous attachments. This malware can encrypt or lock your computers, making data and applications inaccessible. To get data and applications back can be costly,  with an average payout of $13,000, according to CompTIA. Having current anti-virus and anti-malware definitions along with operating system patches is just a start. Your company can also do real-time backups to the cloud, so you won’t have to pay the ransom. Finally, you can train your employees to recognize ransomware sources like phishing emails and to report them.  For example, they can be trained to note tip-offs for a phishing attack, like typographical errors. If something happens, they need to know who to inform so that the attack can be mitigated.

 

Cyber threats are always with us. However, there are ways to protect your company from attacks that both steal vital information from, and introduce harmful viruses into, your network. For help in developing a plan, contact us today.

Cloud for Small and Medium Businesses

Benefits of Cloud for Small and Medium Business

Small to medium-sized businesses (SMBs) look to get more from their technology spending. The cloud, or Internet-based computing, is an effective way to allocate your technology spend, with its flexible and cost-effective self-service model. Read on to learn more about the benefits of cloud computing for SMBs.

 

What the Cloud Can do for Your Business

 

In short, cloud computing is an internet-based model for delivering computing resources. According to the National Institute of Standards and Technology (NIST), important aspects of cloud computing include broad network access, resource pooling, and rapid elasticity. Broad network access means that there is connectivity between servers and storage (“backend” infrastructure) and laptops or smartphones (“frontend” clients). The access can extend to a wide range of frontend devices including smart phones, lap-tops, and desktop computers. This enables workers to access applications and other office productivity tools via the internet so they can work wherever they are. 

 

Why the Cloud is Cost Effective

Resource pooling involves a provider serving a number of clients while the service appears infinite and immediately available. Rapid elasticity, perhaps one of the most important traits of cloud computing, allows clients to use more resources (or less) as needed–for busy times of year, or special projects, for instance. This means only pay for what’s used. What’s more, measured service facilitates SMBs tracking usage and not buying more resources than they need. Companies can have the provider maintain and operate infrastructure, transforming capital expense to operating expense.

 

Cloud Service Platforms and Models 

 

As already mentioned, rapid elasticity is a reason many companies decide to adopt the cloud. According to an article by CompTIA, 44% of firms cite rapid elasticity as a key benefit. Cloud can be more cost-effective, since companies are billed for what they actually use. Whatever a company’s reason for adoption, it will need to consider options for platforms and models. Infrastructure as a Service (IaaS) has access as its key feature, rather than ownership. Companies can build their own applications and use cloud resources for compute power and for data storage. Software as a Service can free a company from part or all of the infrastructure responsibility, and focus on getting the most from applications that are paid for on a subscription plan. Businesses have the option of using public cloud with its rapid elasticity, or private cloud if dealing with sensitive data and/or industry regulations. A single application can be configured across a multi cloud environment (a mixture of public and private cloud).

 

Cloud computing affords many benefits as well as posing questions. For guidance in considering cloud’s benefits and how they apply to you, contact us today.

UCaaS

Unified Communications Can Help Remote Workers Collaborate

With working from home more and more common, companies benefit from their workers collaborating and communicating easily with each other. One solution to consider is Unified Communications as a Service (UCaaS)–an integrated, Internet-based platform that helps workers access videoconferencing, chat, file sharing and more. Remote work is potentially easier and more efficient. Read on to learn more about this cloud-based technology.

 

The Benefits of Unified Communications for Remote Work

 

The tools workers need to be efficient and productive are inherently part of this cloud-based solution. With Unified Communications as a Service (UCaaS), all that is needed to access the integrated system is an Internet connection. Workers can then use video conferencing tools like Teams, Webex and Zoom, can share files via email, and can even access customer information almost instantly to quickly serve clients. Voice mails are converted to emails, making it easy to access messages anywhere. The consistent reliability of UCaaS is provided by redundancy, with data in numerous data centers; if one goes offline, others can provide failover to keep communication running smoothly. 

 

Considerations for Unified Communications in Remote Work

 

When looking for a provider for this cloud platform, security protocol is one primary concern. What security features do they have to protect your critical communications and conversations? Is the data encrypted in transit and at rest? How many users can be accommodated? Another thing to ask about is whether the provider offers training in the different tools that UCaaS provides. You might also need to train your workers in collaboration skills like clear verbal and written communication; managing time, projects and deadlines; and the ability to adapt when problems occur (such as outages and login problems). Do your workers’ cyber security awareness skills need refreshing, so they know how to protect themselves and your network? 

 

Unified Communications as a Service can be a great offering for your remote workers, with its integrated platform and capacity for real-time response. For assistance with using this capability, contact us today. 

Cloud Security

Review Your Strategy For Cloud Security

Many businesses have taken advantage of cloud computing for its benefits–its flexibility, ability to help companies scale use according to demand, and a subscription-based pricing model, among others. When migrating to the Cloud it is important that you develop a cloud security strategy. Your company can exert a good deal of control over cloud security concerns with proper policy, training and technology. Read on to learn more about what to include in your cloud security strategy in order to protect technology assets.

 

Assessing Your Strategy for Cloud Security

 

Reacting to problems is vital, of course. But what if you could prevent many problems before they even occur? Powerful technologies like Cloud Computing can also create complexity, so it is important to have a strategy that includes policies for protecting your applications and their data. If you already have a security strategy, it’s not too soon to assess it and to adjust accordingly. 

 

Implementing your Cloud Security Strategy

According to an article on cloud security mitigation by CompTIA, access control is a top cause of problems. Examples include lack of specification of who can have access to your business applications, or holes in security that could leave you vulnerable to a full-blown data breach. It may be time to update your security policies, using the “zero-trust” model to authenticate every single request for access to the network. Setting policy to limit administrative access minimizes risks and avoids unexpected consequences. Other considerations in your cloud security strategy deal with handling a data breach or loss, and the role and how to quickly revoke access as needed (e.g. revoking access of a past employee). 

 

No single tool can prevent all problems. When these tools are part of an overall strategy that supports your company’s goals, many attacks can be prevented. For help with your cloud security strategy, contact us today.

 

IT worker

Consider Managed Services for Help with Your IT Workload

It’s said that few can get along without some help from others. If your business has grown, and your technology needs along with it, managing IT on a daily basis may be more challenging. Now may be the time to consider outside assistance. Read on to learn how supplemental IT support via managed services can help save time and money, not to mention help you reach your business goals. 

 

Benefits of Supplemental IT Support

 

Supplemental support (also called “outsourcing” or “co-managed IT”), is the practice of partnering with a managed service provider (MSP), one that can provide help with one or more of a company’s IT functions. For companies with no IT department, or those with a small department overloaded with daily tasks, managed services offers numerous benefits. First, a Managed Service Provider (MSP) can help a company make the most of their technology investment by taking on responsibility for a company’s IT infrastructure via a flat fee subscription model. 

 

What to expect from IT Managed Services

Indeed, according to a CompTIA buying guide, more than 6% of surveyed of companies using MSPs reduce their internal IT staff. These services–including helpdesk, data protection and network monitoring–can free up internal IT staff to help reach your company’s strategic goals. Network monitoring can be done remotely 24-7, detecting and solving issues before they become major problems. Monitoring also produces data analytics in real time, showing how the company’s network is functioning. With all these benefits, your business also needs to consider its goals, and work with an MSP to develop a service level agreement.

 

Considerations in Using Managed Services

 

Even with the real benefits (and perceived benefits like peace of mind), your company needs to take a close look at a managed service provider to determine if the MSP provides these benefits. How do they protect data and help your company comply with industry compliance regulations? What if a problem crops up — how will the MSP work to solve it? How much flexibility and control might your company need to give up in exchange for peace of mind? These are important questions to consider in formulating the service level agreement with the managed service provider. 

 

If you have reached the point of needing supplemental IT support, and you don’t know where to start, contact us today. 

 

Prepare Your Network for Unified Communications with Software-Defined Wide Area Networking

Over the past several years, both Unified Communications (UC) and Software-Defined Wide Area Networks (SD-WAN) have grown more popular. Even a few years ago, IDC predicted that the SD-WAN market would grow to $8.05 billion by this year. Together, Unified Communications and SD-WAN allow your company to stay connected at all times. Read on to learn more about the connections between these two technologies, and to discover whether your company’s network is up to the task.

 

Software-Defined Wide Area Networks Support Unified Communications Performance

 

Unified Communications is technology that allows workers to work from anywhere, at any time.  Unified Communications, or UC, supports the ability to communicate by voice or email and send information back and forth. This technology brings together various modes of communication–phone, text, web conferencing and email–providing a streamlined way to keep businesses connected, using Voice-Over IP (VoIP) technology. 

Employees can hold video conferences, share data with other workers, and handle customer service tasks–even from remote offices. However, UC depends on a robust and secure network to keep traffic moving. This is where Software-Defined Wide Area Networks come in. 

 

SD-WAN Provides Performance at Competitive Cost

 

Unified Communication can test your network. Software-Defined Wide Area Networks (SD-WAN) can provide a mix-and-match solution, using multiple carriers so that if one carrier goes offline another can keep traffic moving. A company can fall back on this robust network to keep workers communicating with each other and with customers. What’s more, SD-WAN can help a company transition from legacy systems and enjoy more flexibility.  At its best, SD-WAN can provide excellent performance at a competitive price. 

 

Considerations for Your Network

 

All of this sounds wonderful, and it is. However, your network needs to be ready. On the technology side, your network needs to have current anti-virus and anti-malware definitions. While SD-WAN can supply failover and dependable connectivity, it also needs a strong, secure network. What’s more, your workers need to be trained in cybersecurity policies and best practices. This, along with network monitoring, can help your network remain secure.

 

To learn more about the potential of SD-WANs to support Unified Communication, and to assess your network’s readiness, contact us today. 

Role of Your Employees in Cybersecurity

It’s sometimes thought that employees can be a “weak link” in your cybersecurity plan. This need not be so. Rather, your employees–when well-trained in cybersecurity policies and practices–can be your greatest asset. Reason to learn about training your employees in keeping your network safe.

 

Assess Cybersecurity Knowledge

 

Employees can be the most important line of defense against cyber attacks, when aware and well trained. Do your workers know your company’s cybersecurity policies? Do they know and implement best practices with passwords, like having unique credentials that are changed regularly. Also, you can make sure they are up on the most current cyber threats like malware and phishing attempts, and know what to do when faced with a possible attack. For example, do they know what to do when they get an email designed to look like it’s from their supervisor? Training sessions could be done routinely via video-conferencing on an ongoing basis for remote workers.

 

Security Considerations for Remote Work

 

For nearly a year, remote work has become the rule. According to an article from CompTIA, remote workers may not be prepared for increased responsibility for the safety of their devices. Are the devices connected to your company’s network checked and sanitized to ensure malware can’t get in? Do they have the most current antivirus and anti-malware definitions? Another issue to consider is physical security. Do your workers know to do simple things like log off when leaving the computer? Will they have a workspace where phone and video-conferencing communications can’t be overheard? These are just some of the topics to discuss with your staff to keep your network safe. The more devices connected to the network, the more chances there are for cyber attack. Having workers know what to do to prevent or mitigate an attack is essential.

 

Instead of employees being cybersecurity liabilities, they can be your greatest assets. For assistance in training your staff to be your best line of defense against attack, contact us today.

Examine Data Security Policies for Remote Work

Nearly a year after the pandemic closed business offices worldwide, remote work is the norm. Keeping your company’s computer network strong and secure is of great importance. Even now, businesses may want to revisit decisions made so quickly last March. Read on to learn about the most critical questions to ask in order to have a robust security plan for remote work.

 

Network Security Considerations for Remote Work

 

The usual security considerations remain important. First, how secure is your network against common viruses and malware? Ideally, definitions are as current as possible to catch the growing security threats. Is your method for access to the network still secure and efficient? Some companies can maintain a virtual private network requiring passwords; others may want to move some computing resources to the cloud. Still, varying levels of access may need to be determined, to keep data secure and bandwidth available for key business operations. For example, workers using video conferencing services need more bandwidth than employees who mostly handle email only. Another decision involves where workers will access your network; a company-owned PC connected to the company’s network is more secure than a worker’s personal computer or mobile device. 

Train Employees to Keep Your Network Secure

 

As always, employee training needs to be part of a remote work security policy. Clear rules should be set in place regarding which equipment is used for work purposes. Employees need to be reminded to be on the lookout for possible security intrusions like phishing schemes to avoid ransomware. Passwords are another key to keeping the company’s data secure; part of training includes helping employees develop strong and secure passwords and to change them regularly. While employees are often considered a weak link in security, when properly trained they can be the greatest asset. According to Gartner, “Remote workers must ensure the same, if not a greater, level of security for all company networks and data access, documents or otherwise confidential information that might be displayed on a home office computer screen.” 

 

Since remote workers expand the company’s security perimeter, you might want to re-evaluate your policies and practices. For help in refining your company’s security plan, contact us today.