Category: Uncategorized

Medical appointments and doctors’ visits are not enough. Patients want more contact with their healthcare providers, without necessarily needing to schedule more appointments and spend more time in the waiting room. 74% of patients polled in a recent West survey expressed a desire for more communication beyond the medical office visit.

This hunger for more communication parallels the growing role of digital communication in daily life. These same patients note that they are 21% less likely to call their medical providers than they were merely seven years ago. Rather than pick up the phone, patients want to use digital channels—the same ones that they’re already using for other communication—to maintain communication with their healthcare team.

How communications preferences have recently shifted

A recent study by Duke University addresses digital communication in the clinical setting beyond just personal preferences. Their studies found that over 95% of the American population has a cell phone, making it a tool for healthcare providers to leverage. But the standout piece of data, in a world that wonders about deliverability and whether messaging is actually getting through to intended audiences, is that over 90% of text messages are read—and within three minutes of transmittal. This data carries over across all age groups and socioeconomic demographics.

University of Toronto researchers supported this data with their research on the different impacts that text and email have on conveying a particular message. They found that text messaging conferred a higher level of urgency, and therefore function better around task-oriented reminders. Emails are better received than phone calls—19% of millennials don’t even listen to their voicemails—but are better for lengthier context-setting or other more detailed information transmittals.

What provider communications patients currently want between appointments

Patients want contact that aligns with the digital channels that they are using. Social media engagement can be useful for general knowledge-sharing around trends, treatments, and even regulation, but social media is not where the public is hungry for provider engagement. They want personal contact along the two channels they engage with the most each day: texting and email.

Texting

Minimal-to-no onboarding is needed for patients via texting since they are already using this to communicate with everyone from loved ones through coworkers. Consistently greater than five out of every ten patients polled preferred text communication about all logistical aspects of their medical visits, including setting-up and confirming appointments, post-operative instructions, payment issues, and even the transmission of lab results.

The good news is that from 2017 to 2018, the number of patients texting with their providers increased from 5% to 17%. This indicates increased adoption of digital communication channels on the part of healthcare providers. However, this 17% figure is still low, particularly compared to the 69% of patients who explicitly noted the desire to communicate more with their providers.

While HIPAA compliance has been a big obstacle to personalized text message transmission—which might accidentally bleed PHI if providers are not careful—there are simple ways to structure this message to avoid sending over PHI, while still delivering what patients need.

Email

Email can help resolve some longer-term or more complicated issues faced by patients. For starters, email can help add transparency to billing and insurance coverage. Even in advance of visits—and surely after—estimates of treatment costs can be sent, broken down into highly itemized detail. This allows patients to make informed treatment decisions based on what they can afford, or even contest charges with ther insurance companies. Cost visibility and transparency is another way to build trust and rapport with patients, which will reinforce a positive clinical relationship.

Email correspondence is less urgent than text messaging, but still timely and pressing. Because of this, it can be a powerful tool for reminders as well as education. Some patients have chronic diseases, but ongoing education and community-building can be helpful in managing their conditions; this can be achieved through regular emails. Healthy and ill individuals alike can benefit from education regarding disease prevention and wellness, which is easily transmitted via emails.

There’s an additional layer of education inherent to this information sharing, relevant to expectation management. By owning the sharing of reliable medication, a provider helps guide their patients to quality information and thus reduces the likelihood of misinformation. Pointing patients in the direction of useful resources has further benefits by structuring their vocabulary, and conveying the sorts of topics and conditions around which the provider is an expert to be consulted. Rather than bombarding patients with this information during the time of an office visit, this allows patients to absorb information at their own time and pace; office visits, in turn, become more focused around acute conditions as well as examinations and other activities that require face-to-face interaction.

Surveys

This one might come as a surprise, but 53% of patients are open to completing surveys for their healthcare. Surveys help standardize responses and reliably collect answers. While this can also provide statistics that could be useful for research and professional discussions, this can directly and positively impact patients by ensuring they get the appropriate medical response—and quickly, because specific replies can automatically trigger particular pathways and flag providers to take action.

Some health situations work better than others for survey follow-ups. Chronic conditions, new medication, recent procedures, and hospitalizations are some of the common patient experiences where surveys could help track outcomes and make sure providers intervene when necessary.

How healthcare can use automation on these channels to strengthen connections with patients

Patients don’t need to see the details behind the digital solutions put into place; they need to feel the effects of these solutions through the perception that they can reach their providers when needed. And if providers—with schedules already jampacked—are effectively increasing their availability to patients by opening up new lines of communication, something’s gotta give. This is where automation comes into play.

Implementing digital solutions in the health space comes with some upfront set-up and ongoing maintenance, but it also opens the door for the use of tools to automate parts of patient correspondence. These changes create a more positive patient experience, and drive patients to experience partnership with their providers in ways that could encourage their compliance and hence generate better outcomes.

What does this look like? Automate reminders and follow-up surveys to keep patients on track, and use chatbots strategically to help field the easiest and most common questions that pop up. Automation allows for easier, consistent follow-ups with patients after procedures and hospitalization, allowing for earlier interception of any issues. Treatment adherence can be reinforced with automated reminders, without utilizing support team and administrative time.

Using automation frees up provider time for cases that require one-on-one attention, or even generally allows more time for patient consults. Without compromising bedside manner—if anything, enhancing it—providers can increase the amount of support they give to their patients, while freeing up more time of their own.

The healthcare industry has been slow to adopt these new digital communications channels. As a result, providers are missing out on opportunities to connect with their patients and give them the modernized healthcare experience that they seek. Above, we have broken down the key trends in digital communication. We’ve addressed the key directions in which healthcare providers can move in order to stay up-to-date and well-connected with their patients. Even if a comprehensive overhaul of digital communications is not possible, just implementing one of the strategies listed above could go a long way in reinforcing positivity in the provider-patient relationship. Progress is being made constantly to improve security in ways that help ensure HIPAA compliance, and so there really is no reason to abstain from pursuing these trends and giving patients the digital communications experience they’re seeking.

 

One of the most challenging parts of owning your own business is having to continually prove yourself as an expert in your field to each new client. No matter how many times it happens, having someone look at you skeptically as you introduce your products or services can be a blow — not to mention a time drain that could better be spent digging into the needs of your prospect and how you can help solve them. Fortunately, there’s a quick productivity hack that will not only grow your business, but it will ensure that your clients already view you as an expert in your field . . . before you ever meet.

Personal Marketing is Key to Sales

Regardless of which line of business you’re in, you know that building relationships is the key to getting things done. Whether that means working hard to maintain good relationships with your vendors or finding ways to help clients be more successful, this personal marketing is a required part of any growing business. When you are the business owner, this can mean that you spend a significant portion of your time speaking to people and learning the landscape of their business before you are able to promote your own needs. Anytime you’re able to produce content online that educates others, you are one step closer to building that personal relationship before the first time you speak with your prospects.

Don’t I Know You?

You don’t go into a sales call with a bland, boring persona that lacks personal details, so why should your marketing be blah? You have to find ways to incorporate your unique flashes of brilliance into your online marketing, which will help people feel as though you are old friends before the conversation starts. Don’t be afraid to discuss your business challenges or share personal tidbits that might be of interest as part of videos. While prospects are always doing some form of research online, finding someone who engages their interest and feels personable and relatable means prospects are much more likely to turn into customers in the future.

Creating an ongoing library of searchable content helps to present you as an expert in your particular field, a crucial differentiation when there’s a crowded marketplace full of competitors waiting to steal your thunder. These educational pieces are often the first introduction between yourself and your customer and allow you to start the conversation on a positive note. Your prospects will appreciate that you were generous with your time in creating the content and you’re honing your presentation skills and messaging at each turn: win, win!

Upgrading software can be a real pain — literally. Users are likely to be reluctant to learn something new, causing additional requests to help desk personnel as users get acquainted with a new operating system. The time required to install upgrades and get up to speed with any changes is rarely trivial, and there’s always a risk that legacy software and hardware will balk when new functionality is introduced. With all these negatives, it’s a wonder that we ever upgrade software! Fortunately, the Windows 10 upgrade has many more pros than cons and will help your teams be more productive while providing additional security for your organization’s digital assets.

Recognize Productivity Gains for Business Users

Previous Windows OS upgrades have come with some dramatic changes to the interface, but Windows 10 feels very familiar to users. Sure, there are a few little tweaks such as an expanded Start button functionality, but the platform overall is quite consistent with prior versions. Transitioning from tablet to laptop isn’t jarring, and the interface is pleasant to view and convenient to use. Users are likely to find that their most-used applications are easier to find than ever, and saving a few clicks here and there can add up to significant productivity gains. Plus, Windows 10 offers a reduction in boot time of 75% versus previous Windows platforms, reducing user frustration and allowing them to get moving quickly. Messaging tools such as Skype are included in the platform, making it simple for users to connect at the speed of business.

Your IT Department Will Appreciate Easy Upgrades and Maintenance

From self-service options within the operating system to lighter maintenance requirements than previous versions, Windows 10 has been shown to reduce IT management time by 15%, as measured by Forrester Consulting. Boot times are improved, deployments are more rapid, security and application access control is easier. These gains not only reduce the overall IT cost for the organization but allow businesses to innovate more rapidly because there is less time spent on administration — and more focus on strategy and new technology. You may even be able to reduce your reliance on third-party applications, saving subscription fees and reducing overhead.

Windows 10 Has an Improved Security Posture

Cybersecurity is a hot topic for business leaders, and there are definite advantages to reducing your security concerns. Windows 10 includes the latest functionality to support your robust cybersecurity posture, including Credential Guard and Device Guard, BitLocker and more. Forrester estimates that businesses could save nearly three-quarters of a million dollars simply by activating the security features that are already inherent in Windows 10. The updated operating system separates data at both the file level and the application level, making it more difficult for employees to accidentally or purposefully share information with the wrong people.

Prepping your business for an upgrade has never been easier — and Windows 10 provides a wealth of benefits without the frustrations that you might be dreading. Improved security, reduced boot times, a familiar interface and more, your Windows 10 upgrade will help your team provide exceptional support for users now and in the future.

First, there was the GDPR, with organizations around the world scrambling to create cookie and privacy policies to ensure that their data storage and use would meet the restrictive standards imposed by the EU. For smaller organizations in the U.S., the GDPR didn’t cause quite the fuss as it did for multinational corporations. The California Consumer Privacy Act (CCPA) has the potential to upset marketers and technology experts in businesses of all sizes — especially since it’s expected to unleash the floodgates for other states to declare their data privacy standards. The CCPA goes into effect January 1, 2020, but what exactly does that mean for your business?

The CCPA Provides Ownership, Control and Security Over Personal Information

At the heart of GDPR as well as CCPA are the rights that individuals have over the ownership, control and security of their personal information. When businesses are allowed to share data, precisely which data points can be shared, who they can be shared with and how individuals are able to request complete deletion of their information from an organization’s database. There are some high-level rules that help determine the businesses that must comply with the regulations, including:

• Any business or for-profit entity that does business in California
• Organizations with $25 million or more in gross annual revenue
• Maintaining personal or household data for more than 50,000 organizations
• Whose annual revenue is composed 50% or more of selling the personal information of consumers

Unfortunately, GDPR compliance does not guarantee that your business will be compliant with California’s new regulations around consumer data.

What Are the Challenges with CCPA Compliance?

California’s new consumer data policies mirror the GDPR policies in many important ways, meaning organizations who have already invested in GDPR compliance may be far ahead of their competitors who are just embarking on this journey. Compliance with these prohibitive policies may require consolidation of a massive amount of information from multiple disparate databases, something that cannot be accomplished quickly or without cost. Organizations are expecting to spend upwards of six figures to become compliant, with businesses with reliance on selling consumer data projecting a significant reduction in revenue opportunities. Simply identifying all the personal data that is stored within your various applications can be difficult, but under CCPA you must also be able to identify where and how the data is being used, who owns the data, who creates it and more. Plus, individuals must have an easy way to access their data storage preferences and effectively erase themselves from your corporate databases.

How Can You Get Ready for CCPA Compliance by January 2020?

Data consolidation is one of the key initiatives for businesses, and many organizations will need to retain an attorney to work through the various requirements and ensure that the business is fully compliant. There are also privacy notices that must be posted on digital channels such as websites and mobile apps, letting consumers know how their data is being stored and used by the business. Data breach reporting is another crucial part of CCPA compliance, as you’re required to maintain roles and responsibilities for data sets as well. Although California was the first state out of the gate with a new compliance ordinance, it’s unlikely that they will be the last. This will introduce the additional complexity of determining where your users are located and tracking their behavior over time to ensure that you’re delivering the correct privacy policies based on their geographic location.

Data governance is not a new concept, but the level to which organizations are now being required to track minute shifts in information is often costly and time-consuming. It’s crucial that you work with a technology services partner who truly understands the requirements of CCPA and GDPR, and stays up-to-date with new legislation as it is introduced to ensure that your compliance is in order. With penalties of $7,500 per intentional violation and $2,500 per unintentional violation, businesses are going to be extremely motivated to become compliant.

You don’t have to look long or hard through the news to find the latest cybersecurity incident — or the terrible press and loss of business that the organization suffers due to their inability to quickly respond to the threat. Chief Information Security Officers (CISOs) are actively looking for ways to protect their organization from the devastating effects of ransomware or other malware and trying to find ways to get the business back up and running quickly in the event of an attack. These three incident response tips can help keep your operations from buckling during an extensive incident that involves your data, hardware or software.

Make Sure You Have a Kill Switch

Today’s systems are dynamically interconnected, which can make it exceedingly difficult to segregate out one particular section that has been infected before it can infest the rest of the organization’s digital assets. With forethought and planning, you can create a kill switch that puts a walled garden around IoT devices, different operating systems in your back office, servers and more that will help you protect the remainder of your organization in the event of an incident. Think about what you can break off from your infrastructure that still allows you to marginally function as a business, and create kill switches accordingly. Data loss is one of the most expensive components of a cyber attack, making it crucial to save as much of your data and information structure as possible when a breach occurs.

Segment It to Save It

Segmentation and segregation is a good thing when it comes to networks and applications, but this same concept can also apply to user groups and even vendor management. The concept of “Segment it to save it” is generally constructed around data and networks, but it can easily be expanded to include user access controls and authorizations, vendor management and more. If a particular user group has been compromised, it’s much easier to rebuild a segment than it would be to rebuild your entire organization’s infrastructure. Think beyond the logical and physical implementations of segmentation, and think about everything you could possibly cordon off within your business — including vendors, partners and customer segments.

Invest in Regular Updates to Your Incident Response Playbook

Is your team confident that they know the required steps to protect your organization in the event of a cybersecurity incident? What happens if your cybersecurity expert just happens to be on vacation the week that a massive attack is launched? There are few substitutes for a written incident response playbook that provides you with step-by-step instructions that will help your business regain its footing in the digital world. Simply creating this playbook isn’t enough, you will still need to update it on a regular basis to ensure that you’re taking recent attack types and vectors into consideration as a part of your response and recovery planning. Your incident response playbook should be as dynamic as possible, reflecting today’s realities and offering achievable solutions to salvaging your business operations.

With luck, your business will be in the minority — those organizations that are never hit by a cyber attack. The unfortunate reality is that when a cyber attack hits your organization, it will cost you an average of 50 days to regain full operations of your business. Understanding these various components of incident response and forming your plan before you need it are crucial to ensuring that your organization is protected in the event of an attack.

If your company is still using the Windows 7 operating on your business computers, it’s time to look for a change. That’s because Microsoft is ending support for this popular and reliable operating system that has been popular with companies for years.

On January 14, 2020, Microsoft will stop offering security patches and dates for Windows 7. In the next few months, choosing a new operating system is a time-sensitive issue that should not be left until the last minute.

What Does Microsoft Mean When It Says Windows 7 Is Ending?

That’s not exactly what Microsoft is saying. After January 14, 2020, Windows 7 will continue to operate. However, doing so comes at a considerable risk to your business and employees. The “end of life” description of what’s happening to Windows 7 means that Microsoft will stop all paid and unpaid support.

Microsoft will stop creating and making available important security updates. It will also stop offering new features or design improvements of any type.

More critically is the stoppage of any kind of support for customers having problems with Windows 7. Free support that had been included in licensing agreements has already ended. As of January 2020, any “extended support,” which is Microsoft’s term for paid support and which is currently available, will stop as well.

Why Not Keep Using Windows 7 After the Support and Upgrades End?

Your Windows 7 operating system will continue to operate after support ends. However, your business will be highly susceptible to cyberattacks by those looking to exploit new vulnerabilities using viruses, phishing attempts and other attack vectors. Those vulnerabilities will multiply as your computers will not be protected by the regular patches that Microsoft offers to its customers for operating systems and software.

In addition, you may find that software applications you use on Windows 7 will also not work as well. Many software companies will stop offering upgrades or support for their programs for customers using Windows 7. While some may provide some updates and support after January 2020, those services are unlikely to last very long.

Hardware and peripheral companies are also unlikely to continue to provide updates or compatibility features with an eye on Windows 7. Newer technologies of all types will likely take advantage of newer features and capabilities that were not available in the Windows 7 operating system.

Older versions of operating systems like Windows 7 come with the browser Internet Explorer embedded. Support for these older versions of Internet Explorer will also cease in January 2020. Microsoft urges customers using Internet Explorer to upgrade to IE 11.

Hackers are well aware of the January 14, 2020, deadline and are apt to look to businesses still using Windows 7 as prime targets for their attacks.

What If We Use a Windows Embedded 7 Product?

Support for certain versions of Windows Embedded 7 end in October 2020, April 2021 and October 2021. More information about these cutoffs can be found here.

Can I Activate Windows 7 After the Cutoff Date?

If you still want to activate a purchased version of Windows 7, you may do so up to and after the January 2020 date. Just remember that a newly activated version will still be vulnerable to malware and virus and will not receive Microsoft support or upgrades.

What Are My Options for Replacing Windows 7?

Microsoft is understandably encouraging current Windows 7 customers to upgrade to Windows 10, its flagship operating system product. It is also encouraging customers to buy new computers with Windows 10 installed, as older computers may not have the minimum requirements to support Windows 10 and optimize its performance.

If you purchase Microsoft 365 Business, a cloud-based version of the popular suite of Microsoft Office Apps such as Word, Excel, PowerPoint, Outlook and OneNote. Microsoft 365 Business buyers get a free upgrade if they are currently using a Windows 7, 8 or 8.1 Pro license. Microsoft 365 Business owners can also upgrade all old Windows Pro licensed device at no additional cost.

What If I Need More Time to Upgrade from Windows 7?

If you use Windows 7 Professional or Windows 7 Enterprise, you can buy Extended Security Updates through January 2023. Those upgrades became available for purchase on April 1, 2019. For more information on this option, please contact Microsoft directly as there are specific technical and product guidelines regarding eligibility.

Understanding the options and risks when it comes to Microsoft’s cessation of Windows 7 support and updates helps your company make an informed decision.

Passwords are a problem. In one sense they are exactly the opposite of what they should be. They’re hard for users to remember but easy for intruders to guess or steal. The user frustrations with the current system make it ripe for abuse, and that’s exactly what’s taking place every day.

The best solution for lawyers and law firms alike is to implement a password management utility. We’ll take a look at that solution after exploring the nature of the problem in greater depth.

The Problems with Passwords

Can you even count how many digital sites and services you’re required to log in to with a username and password? Most people have upwards of one hundred. It’s challenging, if not impossible, to keep them all straight without some kind of assistance. People usually resort to one of several very insecure methods to solve this. One of the most common is reusing the same username and password on multiple sites.

Password Reuse Is Easy but Dangerous

Security professionals will tell you that reusing passwords is dangerous. This is because when (not if) your credentials are captured or stolen on one site, you become vulnerable on every other site that uses those same credentials. The problem here is that it’s just so easy to reuse passwords, especially on accounts we don’t consider to be sensitive in nature. Nearly half of security professionals themselves admit to reusing passwords, even though they know firsthand the dangers of doing so.

Strong, Unique Passwords Are Too Hard to Remember

If you’re not supposed to reuse passwords, then what should you do? Ideally, you should create a strong, unique password for every site. Each one should be lengthy (the longer the better) and should contain a mix of lower and uppercase letters, numbers, and symbols. The longer and more complex the password, the harder it is for a computer to crack it. People won’t be able to guess Gbje23+3zp?$T0n very well at all.

The problem with a password like Gbje23+3zp?$T0n, though, is obvious. You’ll have a tough time remembering even one of those, let alone a hundred.

Experts will suggest other tactics, like turning a familiar phrase into a password. “Four score and seven years ago our fathers brought forth a new nation” could become “4s&7yaoFbfaNN”. This method uses the first letters of each word (along with numbers and symbols where appropriate) to create a passcode that’s nearly inscrutable but that’s easier to remember.

This method helps, but it doesn’t scale well. It’s true you’ll have an easier time reproducing that than the previous example, but you’ll still have a tough time replicating that a hundred times over.

The Solution: Password Management

The best solution to the password conundrum is using a password management utility. Setting up a password management utility isn’t difficult, and putting one in place greatly increases your digital security. Once you’ve set up a password manager, you don’t even need to remember all those passwords. You just have to remember one.

How Password Management Tools Work

Password managers are programs or apps that function as a digital safe, or a digitally encrypted locker. All your passwords are stored inside the safe. Password management tools will also help you create long, complex, unique passwords for all your accounts. Some can even do this automatically once you supply your existing credentials.

With a password manager, it’s easy to maintain a different complex password for every account, because you no longer need to remember those passwords yourself. You just need to create and memorize one very strong password for the password manager itself.

Once you’ve set up a password manager, it will autocomplete the login fields on most websites. For the few that don’t auto-populate, you can access a database of your account credentials and copy and paste the proper credentials into the corresponding fields. All the major password managers also offer some degree of integration with both iOS and Android. Your passwords remain accessible, yet secure, on your mobile devices.

The Security of Password Management Tools

Password management tools stake their reputation on their security. They aren’t perfectly secure—nothing is. The Washington Post notes some of their flaws. They are, however, a vast improvement over most people’s current password practices. No one gets access to your vault without your master password, and hackers won’t get that password from the utility makers since they don’t store your master password anywhere. There’s no database to be hacked.

On that note, make sure your master password is itself long and complex. Consider using the “familiar phrase” tactic described earlier.

Conclusion

Lawyers have an obligation to keep their digital accounts secure. Doing so manually is difficult if not impossible. Implementing a strong password management solution is the answer. If you have more questions about implementing a quality password management system for your law firm, we’re here to help. Contact us today to discuss the options available.

Running a business requires a great deal of focused attention. Unfortunately, when your technology team is spending a great deal of time dealing with login problems, software licensing, cybersecurity and more, it doesn’t leave a lot of time for growth activities and strategic thinking. As businesses grow, many organizations find that it makes sense to work with an IT managed services company to maintain a high level of security and staff productivity that would be nearly impossible using only internal assets. These technology partners provide best-in-class tools and support that can scale with your business as you expand. Here’s an overview of the type of services that many of these technology partners provide.

Day-to-Day Operations

Technology teams often refer to “death by a thousand cuts” — which is what happens when you have dozens of people relying on you to provide technical support for your organization. Everything from computers that refuse to reboot to conference rooms where the projection isn’t working all come into your help desk. This can overwhelm the individuals in IT and also cause a productivity loss for the staff members who are waiting on a response or support. IT managed services providers are able to step into this gap and solve a variety of simple challenges, including:

• Retrieving lost files or folders
• Resetting passwords
• Issuing software licenses (based on pre-set business parameters)
• Troubleshooting network connectivity
• Rebooting servers

These are only a few of the “Help me now!” requests that technology professionals receive on a daily basis, and all of these options can be resolved remotely by a friendly technician from your IT managed services provider.

Creating or Refining Cybersecurity

Ensuring that your business information stays safe is a primary directive for today’s organizations. With many companies storing personal financial and health information for clients or staff, cybercriminals are enjoying access to data from organizations of all sizes — especially those businesses without a robust security posture. Staying current with the latest threats takes time and attention, and can be challenging for technology staff members to juggle with other priorities. When you work with a managed services provider, you have easy and immediate access to cybersecurity professionals who are able to review your current processes, make recommendations for improvement and then even help with the implementation of those suggestions.

Long-Term Technology Strategies and Budgeting

Even things that you might think of as integral to your business can be supported through a trusted IT managed services provider. A good technology partner may have access to dozens of business models and be able to make recommendations for your business based on a broader scope of understanding. Your external IT team can help with research on new vendor partners, negotiating better pricing on software due to shared buying power and even help create budgets based on the unique needs of your business.

Advanced Backup and Disaster Recovery

Should the unthinkable happen, it definitely pays to be prepared. There are any number of reasons you might have to restore operations from a backup, but without a proactive backup and disaster recovery process in place this can be a big challenge for businesses. Massive fires, flooding or other natural disasters claim thousands of businesses every year, as those businesses are unable to restart operations after a disaster. Cyberthreats or data loss could also spell doom for your business, especially if the loss leads to an extended period of time without access to your business data. With an IT managed services partner, you’re gaining access to advanced backup and disaster recovery software and protocols that will help protect your business in the event of an emergency — and help you restart operations quickly. More than 96% of businesses with a disaster recovery solution in place continue operations, but the same cannot be said of those without the forethought to create a comprehensive plan.

There are hundreds of scenarios where an IT managed services provider can help support your business. The bottom line is that you are gaining access to a deep bench of qualified professionals who are solely focused on helping make your business successful. Whether you need immediate assistance with help desk support or longer-term strategic advice, IT managed services providers serve a vital role in today’s business world.

You don’t think about a small business in middle America being targeted by hardened Russian cybercriminals, but that’s exactly what happened in the case of Smile Zone. This Missouri dental office caters to children, looking for ways to provide them with a higher comfort level with dental procedures. Smile Zone had not yet invested in any aggressive cybersecurity measures, because they didn’t expect to become the target of malicious attack from overseas. Unfortunately, they were wrong, and their lack of planning for cybersecurity cost them over $200,000 due to a simple phishing scam — money that Smile Zone has never been able to recover.

Determining the Attack Vector

It didn’t take long for investigators to determine the attack vector, as it was a simple phishing email that was launched on the computer that Smile Zone used to conduct their banking business. With the information stored on that computer, the Russian cybercriminal and his associates were able to tap into the bank account of Smile Zone and create a transaction for $205,000 that looked perfectly legitimate to the bank. Unfortunately, that also meant that the bank would not accept liability for the transaction — something that they would have done if the account were a consumer account instead of a business account. What’s worse, the cybercriminals left the back door of the business open so they could help themselves to more funds in the future if the vulnerability was not addressed in time.

Why Russian Hackers Target Small Businesses

It’s hard to imagine, but why would a well-known Russian hacker who was on the FBI’s Most Wanted List waste their time attacking a small business for “only” a few hundred thousand dollars? The answer is simple: small businesses are less likely to have invested in cybersecurity. Not only are the businesses perceived to be less secure, but cybercriminals are looking for an ongoing payday — not a one-time bankroll. Small to mid-size businesses may not even notice relatively small amounts being shifted around until the dollars add up to a significant amount of money. This allows these nation-state actors to slowly siphon away funds that could otherwise be used to fund payroll or grow the business. Even if small businesses do have passive cybersecurity, they may not be actively monitoring their transactions and systems in a way that would allow them to see the fraud happening in near-real time. Symantec defines the time between the injection of malware or a data breach to the discovery time as “dwell times“, and they average 191 days before many businesses discover that their systems have been compromised.

Are There Legal Avenues for Recourse?

The unfortunate reality is that it’s difficult for the government, local police or anyone else to help regain access to your funds once they’ve been exfiltrated to a remote location. Hackers are extremely savvy, in taking just enough money that they can easily move it around without a lot of notice from others. It’s difficult for law enforcement to prove that there has been a crime, much less track down a slippery individual thousands of miles away from the crime. When your business suffers this type of loss, it’s unlikely that the money will ever be recovered — a devastating blow for a small business.

Are There Ways to Protect Your Business?

Fortunately, you don’t have to simply wait for your business to be hacked, and you don’t have to invest in over-the-top security solutions that are meant for enterprises instead of small to mid-size businesses. Your trusted technology services partner can help you understand the various options that are available to help protect your organization. This could include a variety of solutions:

• Endpoint protection and monitoring of WiFi hotspots that are available to customers and employees
• Rigorous password policies
• Ongoing employee and contractor security training and testing
• Active monitoring of your network by knowledgeable security professionals
• Proactive notification systems so your technology partner can immediately begin remediation in the event of a breach
• Email and website security software that helps filter out malware and spam before it reaches your staff
• Robust backup and recovery procedures, to ensure your business can continue functioning even if you’re under attack
• Systematic review of all potential fail points within your infrastructure on a regular basis
• Rigorous management of user accounts and logins, to ensure that accounts are inactivated quickly when they’re no longer needed

Each business is unique, and working with your trusted IT managed services provider will offer more direct and detailed recommendations that will fit the unique needs of your business.

No one is expecting to be the target of a Russian hacker, and small businesses may be even less prepared than larger ones. No business is truly safe from cybercriminals unless your business is fully protected by a suite of cybersecurity measures that include active management of your infrastructure. It pays to invest a small amount upfront to protect your business from what could be a disastrous cyberattack in the future.

Researching IT support companies can lead to confusion — and quite a headache! You may have started down the path of finding a technology partner due to internal frustrations or a lack of time to support basic technology needs, but your search can quickly expand due to the number of potential partners in the marketplace. Trying to determine exactly the level of support that you need and the associated costs may feel like an exercise in futility, but there are some basic tenets that will help you find the best IT support company for your needs. From reviewing the pricing models to service levels, here are the key considerations that will help you determine which partner is right for your business.

1. Does Your IT Support Company Offer Flexible, Scalable Contracts?

Technology solutions are rarely one-size-fits-all, and your IT services partner should recognize this and be able to provide you with customized recommendations that will meet your unique business needs. This could mean shorter contracts so you can evaluate the working relationship to support packages that provide you with scalable options that are designed to grow with your business. Your IT services partner should feel like they are on your side, making recommendations that will save you money while providing you with the support that your business desperately needs to grow.

2. Does Your IT Support Company Focus on Ongoing Education?

Technicians with industry certifications in various platforms should indicate to you as a client that your technology partner is placing an emphasis on ongoing education. The technology landscape changes dramatically in the course of several years. If your IT professionals are not maintaining their certifications or growing their body of knowledge, it can be challenging for them to provide your business with the support that you deserve. Key certifications to look for include Microsoft Silver or Gold Partner Certifications and CompTIA Certifications, to name a few. Your partner should be able to demonstrate that they value ongoing education by setting aside time for team members to attend training or continue their education.

3. Does Your IT Support Company Value Proactive Security and Account Management?

Proactive account management is crucial to your business success, as your IT services partner should be continually looking for ways to save you money and improve the efficiency of your operations. This should include a bi-annual or quarterly review of your business, that truly digs into the details and provides you with actionable recommendations. The right partner will be able to peek into the future and call out items that could become a problem in the future, so you can resolve them before they negatively impact your business operations. Active security measures are another valuable aspect of your partnership, as your IT services technicians are continually reviewing network activity to discover discrepancies so remediation of any problems can begin immediately.

4. What Are the Stated Response Times for Your IT Support Company?

There is no slick or easy answer that you should be looking for in terms of response times, as that can vary based on the needs of your business. Some businesses may find that getting a response within several hours is perfectly acceptable, while others need to get help desk support in a matter of minutes. What you are looking for is the best match for your business: an IT support company that is able to provide you with workable response times at an acceptable cost.

5. Is Your IT Support Company Aggressive About Cybersecurity?

Protecting your business assets is a mission-critical task for your IT support company, and they should treat it as such. You need to know that you will have access to cybersecurity professionals who are actively reviewing your account on a regular basis to ensure that all appropriate precautions are being taken to protect your digital assets. This includes everything from user training to backup and data recovery processes, all of which must be in line with your business needs.

Sometimes, it’s not a matter of finding the best IT support company — it’s a matter of finding the best fit for your business. You’ll want to consider everything from the support you want to receive from your account team to the quality of the training that technicians receive on an ongoing basis to find the best IT support company to meet your unique business needs.