Category Archives: SMB Technology

Computer repair, network compliance, wifi, small business IT, remote backup, anti-virus, cloud computing tips

Secure Access Service Edge (SASE) for Hybrid Work Environments

In 2020, the way people worked changed, likely for good. Instead of being in the office most of the time, employees worked at home. Although some workers have come back to the office, hybrid work is here to stay. Secure Access Service Edge (SASE), pronounced “sassy”) is ideal for hybrid work, with its cloud-native architecture, centralized access policies and support of access based on device identity. Read on to learn more about this architecture and what it can bring to hybrid offices.


Benefits of SASE for Hybrid Work


The cloud-native architecture of Secure Address Service Edge can combine the flexibility and scalability of cloud with the connectivity of Software-Defined Wide Area Networks (SD-WAN). Add to this centralized access policies based on user device identity. Data does not need to travel from one source to the data center, and back again–lessening the chances of it being lost or intercepted in transit. Access is verified at specific endpoints when a user logs in, and data can travel along SD-WAN pathways to these endpoints, once verification occurs. SASE can address the needs of hybrid offices for security and connectivity. 


Key components of SASE include:


  • Secure Web Gateway: a cloud-based proxy that enforces standards for communication applications like Microsoft Teams, which are frequently used by hybrid offices. 


  • Firewall as a Service (FWaaS): Cloud-based firewall that provides a standard security experience and eliminates the need for an on-premises firewall.


  • Cloud-Access Security Broker: Extends rules and policies to software and infrastructure not owned by your company.


  • Zero-Trust Network Access (ZTNA): Anytime a user or device (such as a remote worker’s laptop) requests access to the network, it is evaluated to ensure that it has a right to access the network, and access is granted–or denied, if suspicious. 


Considerations for Adopting Secure Access Service Edge


While SASE is an effective architecture combining SD-WAN’s connectivity with various security controls, it is not a substitute for cybersecurity policies. Hybrid offices, with some endpoints beyond the office’s perimeter, are still subject to social engineering attacks like phishing. Employees still need to know how to spot and report a phishing email and prevent malware from entering the network. Companies still need to assess the offerings of SASE and how it aligns with business goals (including hybrid work). Other technologies, like endpoint detection and response (EDR) and/or Managed Detection and Response (MDR) may need to be deployed alongside SASE. 


Secure Access Service Edge (SASE) can help give your hybrid work environment the connectivity it needs, as well as support security policies. For more information on using the SASE architecture in your company, contact your trusted technology advisor today. 

Put Artificial Intelligence to Work for Your Business

What will your company do with artificial intelligence, now that it’s a key technological trend? Artificial intelligence (AI, for short) holds the potential to revolutionize how your business meets its goals. Fueled by the natural language model of generative AI, automation of processes, data analysis, and streamlining tasks have all helped businesses work more efficiently. Read on to learn more about specific use cases for different aspects of your business.


Multiple Use Cases for Artificial Intelligence


With AI working behind the scenes to automate tasks, and the release of ChatGPT in the fall of 2022, new capabilities and use cases have opened up–content generation, development of artwork, and other creative applications are available. Microsoft also entered the picture by integrating Co Pilot with their popular office productivity suite in early 2023. Use cases are plentiful for C-level staff, operations, sales and marketing, human resources and more.


C-Level Executives: More business data is generated daily, and harnessing it can be overwhelming. Artificial intelligence can analyze data and distill insights from it in a way that mere human effort cannot match. Market trends, customer behavior, and financial metrics can all be derived from the vast amounts of data a business generates, as well as internet content. Moreover, they might get ideas for ways other departments can use AI.


Financial: Finance Departments can use AI for document search and synthesis, enabling them to understand contract information and regulatory filings. Artificial intelligence can also analyze and synthesize transactional data, identifying anomalies that might indicate possible fraud. Automated bots can perform mundane data entry and reconciliation tasks. Financial analysts realize productivity gains by using AI to set up complex spreadsheets for financial analysis.


Human Resources: AI can help streamline recruiting to help your company search out the ideal candidate, simplify documentation for on-boarding, and gather employee feedback to improve their experience. Big data from large language models (LLMs) can help your human resources department make informed decisions and also streamline benefits and compensation. AI is also ideal for creating job descriptions.


Operations: Drawing up meeting agendas and synthesizing insights from meeting notes; automatically inviting attendees, summing up information for attendees arriving later; preparing timelines for rollouts of new products.


Sales/Marketing: AI can be used to prepare for an upcoming meeting by summarizing emails and researching customer information from internal systems.  AI can also help with generating proposals, creating powerpoints and more.


Customer Service: AI can help customer service representatives quickly pull up customer data; summarize interactions, prompt for next best answers and empower live chat to enhance customer experience.


With all of these benefits, be sure to use AI responsibly and securely in your organization.  Ensure you have an acceptable use policy and train your employees properly. In addition, identify and tag sensitive information to avoid unnecessary data leaks.


For all departments, tools like CoPilot can help generate and augment content, allow the writer to try different styles and ask questions for more information. Artificial intelligence can be a game changer for your business; to learn more, contact your trusted technology advisor today. 

Consider Managed Detection and Response to Keep Your Business Secure

With malware attacks escalating in number and severity, what can small and medium-sized businesses do to protect their networks without breaking the bank? Read on to learn more about using managed detection and response (MDR) to help detect and mitigate threats to your cybersecurity.


The Need for Managed Detection and Response


Leading global technology market analysts, Canalys, shared in a LinkedIn post, ransomware attacks are increasing each year. Between the first four months in 2023, and the same period in 2024, publicly disclosed attacks increased by 96%. Between 2022 and 2023, the attacks increased by 68%. These attacks are just the ones that are publicly disclosed ones. What about attacks on small to medium-sized businesses and not been reported? And what can smaller businesses do if they don’t have the time and resources to constantly be monitoring their networks? 


What is MDR and How Does it Work?


Enter Managed Detection and Response, or MDR. This option “relies on an external third-party to monitor a company’s IT systems and respond to threats in real time.” Unlike traditional cybersecurity deployments, it is fully managed and delivered by an external provider. MDR is also sometimes called “cybersecurity as a service.” Cybersecurity can be challenging for SMBs especially, as it can require time and effort on the part of the company and even then not all threats can be dealt with. But with the 24/7 monitoring provided by MDR, companies can focus on meeting business goals. 


Managed Detection and Response combines cybersecurity software, threat intelligence and human (or machine learning powered) intelligence to detect threats to the network, including unpatched software and operating systems, weak passwords, and susceptibility to social engineering (“phishing”) attacks, among others. Not only does MDR quickly analyze suspicious activity, assessing its severity and potential impact, but isolates and neutralizes any threat. Any intelligence gathered about threats will be accessible to machine learning to improve future detection.


Further Benefits of Managed Detection and Response


Beyond the detection and response capabilities, MDR can help in other ways. By using an external third party, you don’t need to have specialized staff on site. Therefore, you can focus on activities that bring revenue and advance business goals. What’s more, MDR services can work with your existing security solutions, enhancing their reach and effectiveness. For instance, you can combine MDR with an endpoint security solution like Secure Access Service Edge (SASE) for even stronger detection and response.


The cloud-based managed detection and response is a way to monitor your network and mitigate threats, preventing costly cyberattacks. For further assistance, contact your trusted technology advisor today. 

Disaster Preparedness for Business Recovery

We are entering the seasons of storms (including hurricanes and tornadoes), wildfires and other possible disasters. Even a power outage of short duration can affect your business. What if you ship orders because of an interruption in your order processing service, for example? Or what about a bigger disaster, that takes your business out of operation for days or weeks? Read on to learn more about the importance of disaster preparedness for keeping your business running.


What a Disaster Recovery Plan is and Why You Need One 


Having a plan does seem obvious, doesn’t it? Yet many companies may not have one in place. A definition of a DRP is a structured document describing how your company can resolve data loss and get back to functionality during and after a disaster. Even a brief power outage that may seem like just an inconvenience can strongly impact your business. Downtime can be costly to your bottom line and to your reputation. 


Advantages of Having a Plan


A key benefit is knowing what to do when a disaster happens, and swinging into action immediately. What’s more, a plan will give you confidence, and give others like workers and customers confidence in you. Customers will know that you’re keeping their data safe from loss or compromise, because you’ve backed up that data. You’ll know how much to budget for recovery from disaster, and which systems need to be back up and running. 


Getting Started: Planning and Documentation

A conversation gets the ball rolling. Discussing what might happen in the event of a disaster, and what mission-critical systems need to resume first. What will happen first, and who will be responsible for making that happen? Who are your stakeholders, and what do they need from you? What data most needs to be protected, and how will it be safeguarded? What information will you provide, and what will be the messaging? The answers to these and other questions will give you the structure for your planning and documentation. 


Besides answering the above questions, your documented plan should include both recovery time objective (RTO) and recovery point objective (RPO) – two key metrics for preparedness. Recovery Time Objective refers to how much time can pass to get your systems back up and running, whereas the recovery point objective refers to the age of files to retrieve from backup storage. 

Working the Plan: Testing and Refining


Testing, done frequently and with practical exercises, will show how well your plan works, and also show “what you don’t know that you don’t know.” Going through scenarios and table-top exercises will point up unknown vulnerabilities, show what needs updating, and show whether key players know what to do. Information technology workers in particular will know about data protection strategy, and are vital to your efforts. Having tested your plan, you will know what changes are needed. Once the changes are made, testing can resume. 


Disaster recovery planning may seem overwhelming. Taken step by step, though, it is possible and your business can be on a sure footing. For more assistance, contact your trusted technology advisor today.

Password Best Practices Keep Your Business Secure

According to an article in the HIPAA Journal, May 2nd was “National Password Day.” You didn’t know there was such a day? National Password Day was declared in 2013 to bring awareness of both the importance of passwords in keeping personal and company data safe, but also about  password risks and best practices to mitigate those risks. Read on to learn about the state of thinking about passwords, and how to better manage login credentials.


A Brief History of Passwords


Even with biometric methods of identification, and single sign-on technology, passwords are still relevant as the most common way to secure personal and business accounts. Passwords were first developed in the 1960s at the Massachusetts Institute of Technology (MIT) to guard accounts against unauthorized access. Incidentally, the first password breach occurred there, too.  More recently, a survey of 2400 respondents in the U.S. and other countries revealed some sobering statistics about password practices.


Common Password Practices


Using the same password for multiple accounts was a common practice, with 84% of respondents admitting to using the same password for multiple accounts. If a hacker can steal the password to just one account, they can easily gain access to others.


54% of respondents relied on memory for passwords, and because of this the passwords can be too short and weak.


36% incorporated personal information (family names or birthdays, for example) in passwords to make remembering easier. 


33% used only a password, rather than two- or multi-factor authentication, to access their accounts. 


Moreover, even when changing passwords, users didn’t change them sufficiently. Instead, they only changed a few characters, with the idea of keeping them easy to remember.  All of these practices can facilitate the theft of passwords by social engineering (email “phishing” or text-message “SMiShing”) attacks, or even brute force attacks. How can thinking on passwords be changed?


Best Practices for Password Management


First, the article suggests thinking not in terms of passwords but passphrases, multi-character combinations of upper- and lower-case letters, numbers and symbols, that are more difficult to guess. Also, the article suggests using password management systems where the list of passphrases is itself protected by a passphrase of at least fourteen characters. Companies can develop clear, enforceable policies for password management, which might then influence how workers handle passwords outside of work, too. 


Passwords are still necessary to secure business and personal accounts, and thus need to be unique and strong. For help developing your company’s password policy, contact your trusted technology advisor today.

Cybersecurity Challenges for Small to Medium-Sized Businesses

Cybersecurity, ever a topic for businesses of all sizes, poses special challenges for small to medium-size businesses. Not only can they be special targets for bad actors, but they also deal with tight budgets and at times a lack of understanding of what cybersecurity means. Read on to learn how a small business can meet cybersecurity challenges and build strong defenses.


A number of cybersecurity issues are challenging for smaller businesses, according to a CompTIA article. First, just getting started with a cybersecurity plan can seem like a huge task. And what does cybersecurity mean for your business? What mission-critical data and applications need protection? Once your company has decided on your goals, how will you reach them? 


Another issue is spending. Often, a small organization’s cybersecurity budget is tight, and the business cannot spend very much on an IT team, or the training to upskill current workers. How much will a third-party solution cost? These and other costs can seem daunting. 


Knowledge and understanding of the threat landscape is another challenge. Small or medium-size businesses might think that, being small, they are “under the radar” of cybercriminals. However, they are likely to be the victims of a cyberattack. According to the FBI, small businesses comprised the majority of victims in 2021. Even if the bad actors don’t specifically target a small company, they may use the small company to target larger businesses. Often, the criminals are looking to steal data – credit card and bank account information, customer data, even proprietary business information–from anyone they can. 


One of the challenges is complacency; small companies may think they don’t need to learn new skills. On the contrary, they need to adapt to an ever-changing threat landscape. Cyber attacks are becoming more frequent and more sophisticated, with  attackers banding together. Previously, hackers may have worked on their own, trying to execute brute force attacks or use bots to take down a website with a distributed denial of service (DDoS) attack.   


Cybersecurity Help for Small Businesses


So, what’s the solution? The good news is, though cybercriminals are banding together, small to medium-sized companies can do the same. Technology service providers  can help small businesses access threat intelligence and learn from organizations that have been attacked and have recovered. And with help from the Cybersecurity Infrastructure Security Agency (CISA) and its various resources, businesses can get information and start acting on that information to develop their cybersecurity plan. What’s more, a company might seek out third-party partners that can help supply the IT talent to improve their cybersecurity posture.


Cybersecurity, especially for smaller businesses, can seem like a huge challenge. However, help is out there. To learn more about developing a security plan, contact your trusted technology advisor today. 

Implementing Your Artificial Intelligence Strategy

The explosion in popularity of artificial intelligence (AI) is hard to ignore, as one of the biggest – if not the biggest–technology trends in 2024 and beyond. How will your business use this technology? Read on to learn about developing a strategy to harness AI’s power.


Growth in Popularity of AI 


The popularity in and market for artificial intelligence only continues to grow. According to a CompTIA article on AI statistics, the global market is expected to grow to $407 billion by 2027, with a compound annual growth rate of 36.2%. The U.S. market is expected to surpass that, increasing to $594 billion by 2032, growing 19% year over year from 2023 on. 


Businesses are at varying states of the adoption/implementation journey. According to the CompTIA report, 22% of firms are “aggressively” implementing artificial intelligence. Another third of firms are implementing AI in a more limited way, and the majority of firms (45%) are still exploring implementation. Even with its popularity, some hesitation exists because of challenges—including the cost of upgrading applications, building out infrastructure, along with the need to fully understand the data that goes into properly training artificial intelligence. 


Formulate a Strategy for AI Implementation


As with other popular technology, your business needs to consider its goals and how artificial intelligence can help you reach them. Examples of such goals include automation and refinement of routine tasks; enhancement of the customer experience via personalization; analysis of data; and content creation.


You’ll also need to consider how to mitigate risks associated with artificial intelligence. Start with security to ensure your staff is trained to follow policy and your proprietary and sensitive data is protected. How will your company deal with hesitation on the part of workers to embrace AI, because of fear of it automating their jobs? What about the quality of data used to train AI’s large language models, data which may include bias? Also to consider is protecting privacy and complying with regulations. The financial cost can include updating applications and building needed infrastructure. These are just a few questions to consider when developing your strategy.


Artificial intelligence has shown itself to bring potential benefits to businesses across many industries. For help in developing or refining your strategy, contact your trusted technology advisor today.

Using SD-WAN to Enhance Hybrid Work

n the last several years, remote and hybrid work environments have become common. Many offices have at least a partially remote workforce, and this calls for communications applications that are always on and helping workers to collaborate effectively. To learn about leveraging software-defined wide area networks for seamless communication, read on.


What SD-WAN and Why it Matters


With remote and hybrid work more common, and teams using popular platforms, seamless Internet connectivity, stability and reliability are essential. Software-defined wide area networking, or SD-WAN, is a cloud-based approach to WAN management that brings together multiple providers to offer the connectivity needed. The infrastructure is in the cloud, eliminating the need for customers to manage and maintain their own. All they need is an internet connection and an appliance at each connection point (remote office). Additional appliances can be added as needed.  SD-WAN uses multiple transports including business-class broadband and networking as well as MPLS already used in WANs, to route traffic effectively for a hybrid workforce. 


Software-Defined Wide Area Network offers numerous benefits. First, it reduces capital expense by eliminating the need for companies to maintain on-premise infrastructure. Operational expense is decreased by reducing the need for IT professionals to make trips out to fix problems. Instead, monitoring and troubleshooting is centralized. Like the cloud in general. SD-WAN is scalable, with devices easily added to the network. And by using multiple providers, data is moved reliably to where it’s needed as a result of increased bandwidth.


Security Considerations in SD-WAN


Readers might be wondering about security.  How can so much data in transit be protected? At first thought, security might be a problem with data being routed to multiple locations. Only by ensuring that the security is fully integrated and traffic is transparent can SD-WAN enhance security, instead of being yet another attack vector.


Software-defined wide area networks use the cloud to enhance the communication and collaboration the hybrid office environment requires. For guidance in your company’s SD-WAN decisions, contact your trusted technology advisor today. 

Trends in Cloud Computing

Cloud Computing is a commonly-used term, but the concept has been in the works for decades. In recent decades, cloud has come into its own as a powerful mode of computing used for businesses large, medium and small. Read on to learn about current and future trends in cloud computing.


A Brief History of the Cloud


CompTIA gives a brief history of the development of the cloud in an article about cloud trends. The first vision of the cloud, in the 1960s, was put forth by MIT Professor John McCarthy. Cloud computing would offer computing as a public utility, each subscriber paying only for what they use. In the next ten years, machines were linked to a host machine. Internet protocol had proved itself late in the 1970s, and by the 1980s, many more computers were connected to the Internet. By the 1990s, mobile devices became part of the landscape, and were able to access the Internet remotely. The code that helped Amazon to provide its online marketplace led to developing the model cloud. Cloud continued progressing to the point of “powering business operations in some form for nearly every organization.” 


The Present State of Cloud Computing


Cloud computing is currently experiencing widespread demand, and focusing on efficiency. Edge computing, which may have a major role in the future, is currently decreasing latency (the time it takes for data to travel from its point of energy to its destination, and back again). Organizations can expand their capabilities and retain functionality across locations; this could be vital for Unified Communications. The “anything as a service” (XaaS) model provides multiple services that businesses need to make processes efficient. Desktop as a Service is part of this, providing a virtual desktop that users can access via the Internet. The back-end infrastructure and software are handled by the cloud provider. With remote work still popular, DaaS is still in demand. Artificial intelligence is still part of the picture, automating processes and increasing personalization. Deploying multiple cloud environments, either through multi-cloud or hybrid-cloud can help keep systems running when user demand is high; a backup cloud can take on workloads from other clouds that become overwhelmed. 


Future Trends in Cloud Computing


Efficiency will continue to be a desired goal in the future. Cloud automation’s role is to eliminate the need for humans to complete rote tasks, allowing systems to run more efficiently. Automation will also help businesses tie together cloud technologies to enhance efficiency. Edge computing will cut down on the use of data centers; instead, data will be handled on peripheral devices. Cloud computing, with its vast data stores, will give quantum computing the power it needs to operate. The cloud will also support artificial intelligence (AI) giving it the vast stores of data it needs for its models. In turn, AI will help with automation of cloud services. 


Exciting developments are in the future, though they can be overwhelming. To learn how to capitalize on upcoming trends, contact your trusted technology advisor today. 

Unified Communications for Business Success

Remote work has existed for decades, but got a big push just a few years ago, with so many away from the office. And some workers are staying remote, part of companies facilitating hybrid work environments. Business telecommunications needs to be up to the task, equipping workers to collaborate and communicate to get things done. Read on to learn more about the benefits of telecommunications technology for a connected workforce.


The Growth of Business Communications


Remote work has happened for years (the term “telecommuting” was coined more than 50 years ago), and tools for connection and collaboration have grown in sophistication. In the past, telephones have operated independently of the Internet, and other tools like email and conferencing have been separate. The market for Unified Communications has grown in the last few years, and is expected to grow to about $50 billion globally by 2025. Little wonder, considering the business benefits it brings.


Benefits of Integrated Telecommunications


Integration of modes of telecommunication like Voice Over IP (VoIP) telephony, customer relations management software, and web conferencing can improve communication and collaboration while saving your company money. With Unified Communications, a package of communication tools in the cloud is available with an internet connection. The cloud service provider handles the infrastructure, freeing businesses from the capital expense of purchase and maintenance of hardware. With more workers having the capacity to work remotely, businesses can cut spending on office space (though depending on its needs, a company may choose a hybrid workplace). Ability to connect with new clients virtually can even help you break into new markets near and far. 


Enhancement of Customer Experience


WIth integration of multiple modes of communication, in-office and remote workers can easily interact with each other, to facilitate a hybrid workforce. Customer relations management software brings up customer information quickly to allow the rep to quickly and accurately handle the call, building customer loyalty. Routing voice mail messages to email means no calls are missed. Videoconferencing can help workers collaborate on projects and share files to complete important work quickly.


Considerations for Unified Communications


If your company is still in the process of adopting UC, a network audit to find bottlenecks or weak spots is helpful in determining your network’s readiness. With vast amounts of data transmitted, your network needs to have enough bandwidth to handle the traffic. On top of that, data needs to remain safe from loss or compromise. 


Unified Communications is a powerful tool for companies with remote workers or a hybrid work environment. For assistance with your telecommunications strategy, contact your trusted technology advisor today.