Security Checklist for Business

Business Security Consultant

Security Essentials for Business

Cybercrime is on the rise, and businesses must be proactive with their cybersecurity programs. Learn what to look for when choosing an MSP for your organization.  

Business Security Consultant

Cybercrime is on the rise, and businesses must stay on top of their data security. A managed services provider (MSP) can help protect your organization’s data from breaches and cyber attacks. However, not all MSPs offer the services and features businesses need to stay on top of the latest threats. Below is a checklist you can use to decide if an MSP provides the optimum value in the short and long term.

Proactive Protection

Every MSP worth considering will have a proactive process in place to minimize issues and quickly resolve problems as they arise. Common red flags include a break/fix pricing model and overage charges. These usually point to an MSP that operates inefficiently and doesn’t prioritize your time, money, or security.

Below are some green flags that point to proactive MSP:

  • They provide you with up-to-date security software that you can use right from your desktop.
  • They provide round-the-clock administration of your network and servers.
  • Their help desk is easily accessible and includes a comprehensive knowledge base.
  • They communicate and implement an IT strategy that fits how your business operates.

Fast Round-the-Clock Response

Smaller MSPs may not have enough staff to respond to issues in a timely manner, let alone resolve them efficiently. Data travels 24/7, and you need an IT solution that can help you at any hour. Experienced MSPs employ a large team of IT professionals to ensure that all of their customers receive prompt service. They are also more likely to use state-of-the-art tools to detect, prevent, and resolve issues before they threaten your data.

A Team of Experts

Nearly every MSP will claim to be expert IT gurus. But talk is cheap, and failing to delve further into an MSP’s qualifications may cost you. Here are a few indicators that an “expert” MSP lives up to their advertisement:

  • They have a team of experts that specialize in every aspect of cybersecurity including software, hardware, cloud services, and networks.
  • They provide regular training and certification programs to their employees and have low turnover.
  • They document all services and processes provided.

Personalized Security Evaluation

Lesser MSPs will sit back and wait for you to call them about an issue. A reliable MSP will analyze your organization and create a strategic program that addresses its strengths and weaknesses. They will share and review these documents with you to ensure you understand the state of your cybersecurity and goals moving forward.

Scalability

A smaller MSP may provide great value for the time being, but they may fall behind when your business grows. A high-quality MSP understands the needs of small businesses and large enterprises alike. They have the tools and personnel ready to adapt to your evolving needs and goals. They may offer multiple price tiers, but communicate each plan to you clearly before you sign up.

Value

Pricing alone is a poor indicator of the actual value an MSP provides. Some will undercut their competitors while providing far less value, while others may charge a premium for inflated solutions that you don’t need. On the other hand, trustworthy MSPs will offer a fair price and stick to it. Don’t let the numbers fool you. Examine the content behind the price tag and you’re sure to make a smart choice.

Reputation

You wouldn’t hire someone without checking their references, and you shouldn’t choose an MSP without reading reviews. Many MSPs will post customer testimonials on their website, but there’s no real way to verify their legitimacy. Criminals may even pose as MSPs to get their hands on your valuable data. Search for the MSP’s name on unbiased review sites and read comments on their social media pages. A strong candidate will have a high percentage of positive reviews and be active on social media to answer questions and provide assistance.

Hopefully, this guide has helped you make the best choice regarding your MSP. Don’t be afraid to refer to this list when interviewing MSP candidates. You’ll get a much clearer picture of their offerings and be better equipped to choose who to trust with your sensitive data.

Are you ready for the New IOS? Here’s How to find out.

IOS 13

Are you excited about all the new iOS 13 features like Swipe to Type and Improved Dark Mode? Before you install, make sure your device is ready for iOS 13.  

So maybe you’re not ready to pounce on a $1,099 iPhone Pro Max. But you do want the new iOS 13 features. It’s time for a major iOS update. But before you hit “update now”, make sure you’re ready for iOS 13 to ensure a smooth update process. Preparing for iOS 13 isn’t complicated. Just follow these simple steps. But first, what’s new in iOS 13?

What’s New in iOS 13?

Haven’t updated to iOS 13 yet? You have some great new iOS 13 features to look forward to like:

  • Dark Mode – With all the discussion about blue light and the sleep-cycle-impact of viewing a device too close to bedtime, Apple recently released dark mode that eliminates the harsh white light on your screen, replacing it with a dark backlight. In addition, many will find reading on a dark background easier and you’ll experience less eye strain in general.
  • Swipe to Type – Apple is finally catching up on this one. This has been a feature on Android for 10 years. But we all know Apple is never one to follow. This feature may take some time to learn but can save time. It allows you to swipe rather than “press” letters to type. But don’t worry, you’ll have options until you’re ready to relearn typing.
  • Updated Apps – You’ll also see some great smaller updates to apps like Reminders, Maps, Photos and more
  • New Voice for Siri – Apple chose Siri’s original voice after extensive testing. People found in calming and reassuring. But it’s time for a change. Now, instead of a computer-generated voice, “Siri” will respond with actual audio from voice actors. Because the voice is now “Human”, you’re less likely to encounter those funny pronunciations that become tell-tale signs that we’re not hearing a human talking. As AI technology advances, we can certainly expect computer-generated voices to get the nuances of human language right. But for now, it seems, human is the way to go.
  • Privacy and Security – Privacy and security continue to be a top concern for Apple. So you’ll see several behind-the-scenes and in the foreground features that make you safer.
  • iPad iOS – For the first time, Apple’s also releasing an iOS specifically for iPad to enhance use. One of the long-awaited features is “slide and split” that will improve your ability to view and work in two web pages or apps with both viewable on the screen at once. Most of us in business who use iPads know how important this feature is and how frustrating and productivity-killing it can be with split screen is either unavailable or doesn’t work well on a device. So this is great news. In addition, they’re adding a full page markup for iPad and more.

Now, on to preparing for iOS 13.

1. Ask: Is My Device Eligible for the iOS 13

The first step to getting ready for iOS 13 is to check to see if your apple device is compatible. And if it isn’t, these new iOS 13 features, in addition to many of the newer capabilities on iPhone X series or the newly released iPhone 11, may finally convince you that it’s time to upgrade to a new model.

In order to enjoy these new updates you’ll need:

  • iPhone 6S, 6S Plus, or later
  • iPad Air 2 and iPad Mini, or later

These came out around 2015. If you have a 6S, etc, this gives us a good idea about which devices will be compatible with future major updates and you may want to consider upgrading in the next year so that you’re ready for the next iOS. Technology changes fast and often you don’t know what you’re missing out on.

2. Delete Apps You Don’t Use

Updating your iOS is a great time to cut the fat. So delete apps you rarely use.

Remember, they’re still yours. And you can download them for free again if you need them later.

Feeling overwhelmed by the amount of junk on your device? Follow the steps to find out what you’re not using.

  1. Go to Settings.
  2. Click iPhone storage.
  3. See when you used each application last.
  4. Click on the oldest ones and delete.

3. Make Sure iCloud Backup Is On

Finally, don’t make the mistake of not backing up your phone before an update. You could lose everything, including spreadsheets, files, photos and more.

  1. Go to Settings.
  2. Click your name at the top.
  3. Visit iCloud.
  4. Scroll down and make sure it’s “on”.

If it was off, wait several hours to install the update. Ideally, wait 24 hours to be sure. This gives the Cloud an opportunity to backup your device so that when you upgrade everything is there.

IOS 13

Managed Services SLAs: What Should You Expect to See?

Managed Services SLA

Key Things to Look for in Your Managed Services SLA

When you hire an MSP, you must sign a service level agreement. Here’s how to evaluate your SLA and ensure you’re getting what you expect from this relationship.  

Managed Services SLA

As if choosing the right managed service provider wasn’t enough, it’s also crucial to make sure that the SLA (service level agreement) you develop between your company and your managed service provider is sound and satisfactory.

Below, we’ll go over what you should expect to see within your managed services contract (SLA). We’ll also discuss how you should review this document with your lawyer to ensure you’re getting the proper value out of this relationship and doing what’s best for your business.

What does an SLA set out to do?

The core goal of a service level agreement between a company and the managed service provider they are hiring is this:

To outline the payment structure and service responsibilities of both parties and to specifically define and document exactly what services the MSP will offer, including what hardware and software is covered, daily monitoring services, troubleshooting services in emergency situations, response times, and more.

Of course, all service level agreements will be slightly different. Some will offer more or less information. Certain SLAs will include information about items such as liability protection for the managed services company. Still others will go into detail about expected performance standards.

What should you look for in your managed services SLA?

Your managed service provider will draw up the service level agreement. Ostensibly, this is a service level agreement they use and have used with all of their clients. It will, of course, be modified to fit the parameters and needs of your business and the unique relationship the MSP has with your business.

However, it should follow a general format. When your MSP shows you the service level agreement they have drawn up, you should expect to see the following:

Services Provided by the MSP

This section will outline exactly what services the MSP will be providing to you on a regular basis. This will often be based on the specific level of service that you have agreed to pay for.

For example, if you own a medium-sized business and the MSP you are working with has three levels of service, you may choose the mid-level of service as you don’t need the extent of services offered to larger businesses.

How Problems Are Managed

The overall services your MSP will provide will be based on daily, monthly, quarterly, etc. services. These are systematic tasks that will be undertaken regularly (such as monitoring security or providing software updates).

On the other hand, your SLA also needs to outline how troubleshooting and problems will be handled by your managed service provider. If you have an issue, for example, you’ll need a protocol for managing:

  • Responsibility: What areas of your company’s IT are they (your MSP) managing and monitoring?
  • Emergencies: What constitutes an emergency?
  • Response Time: If and when you report an emergency, what is the minimum timeframe that your managed service provider will respond within?
  • Reporting Method: How do you report an emergency? Will this vary based on the time of day or week? What information do you need to provide?

When Your MSP Is Available

Lastly, your SLA should outline when your MSP will be available on a daily, weekly, and yearly basis. What if you have problems in the evening after business hours? On the weekend? On a holiday? All availability times and any applicable extra charges should be documented.

Going over your SLA with your lawyer

Once you are satisfied with the service level agreement you have been provided with by your MSP, make sure to go over it with your lawyer. They’re on your side and will, therefore, be able to determine if any aspect of the SLA is unfair to you legally or could present potential problems.

Taking your time when reviewing your service level agreement will put your mind at ease and increase the likelihood that you and your managed service provider will enjoy a strong working relationship.

Do You Know What to Do Now That Support for Windows 7 Is Ending?

Windows 7 End of Support

What to Do Now That Support for Windows 7 Is Ending

In just a few short months, support for Windows 7 will come to an end. Is your business ready?

If your business is currently operating Windows 7, it’s time to switch to Windows 10. Microsoft will be ending technical support for Windows 7 in January 2020.

 

An enormous number of businesses throughout the United States use Windows operating systems to run their companies. In fact, Windows famously runs the majority of the world’s entire population of computers — including those used in business and personal computers (PCs).

Each of these Windows computers has its own version of Windows’ operating system (OS). Right now, the most popular operating systems are Windows 7 and Windows 10. Windows 7 was originally released ten years ago in 2009, and Windows 10 was released in 2015.

Now, Microsoft is phasing out its support for Windows 7. According to the company, this was always the plan:

“Microsoft made a commitment to provide 10 years of product support for Windows 7 when it was released on October 22, 2009. When this 10-year period ends, Microsoft will discontinue Windows 7 support so that we can focus our investment on supporting newer technologies and great new experiences.”

So, when will this change take place?

According to the company, “The specific end of support day for Windows 7 will be January 14, 2020.”

They go on to say: “Microsoft strongly recommends that you move to Windows 10 sometime before January 2020 to avoid a situation where you need service or support that is no longer available.”

What Does the End of Windows 7 Support Mean for Your Business?

First off, it’s important to note that this change is definitely a big deal.

While the initial reaction of some companies and individuals may be that “end of support” doesn’t really matter, this assumption would be rather reckless. If you fail to update to Windows 10, Microsoft’s imminent cessation of support for Windows 7 has the possibility of causing your business huge problems. Specifically, the end of Windows 7 support means that Microsoft will no longer be providing any type of technical support and absolutely no software or security updates or fixes to this operating system.

As a result, if you run into a major technical problem with a computer running Windows 7 after the end-of-service date (January 14, 2020) or if your security is breached, you’ll get no assistance from Microsoft.

While this realization is shocking (and possibly rather annoying) for many, Microsoft has been warning users about the impending change for a long time. If you have Windows 7, you should have been receiving consistent advisories to this effect. Additionally, if you work with an IT service provider, they have likely been alerting you of the future change as well.

Security Issues With Microsoft 7 Moving Forward

One of the biggest reasons to update to Windows 10 is to ensure your company’s security in the face of possible cyberattacks.

When Microsoft says they’ll no longer be providing Windows 7 support, one of the things they’ll no longer be doing is providing security updates. Normally, Microsoft tracks security issues closely. When a specific cyberattack trend or weakness in their system becomes obvious, they release an update to fix the problem or better fend off would-be attackers.

On January 14, 2020, this will stop.

Unfortunately, cyber criminals are gleefully anticipating this date. They will take full advantage of the security gaps left in Windows 7 operating systems if they can. Those who fail to leave Windows 7 and move to Windows 10 will, of course, be the targets.

Have Questions About the Switch to Windows 10?

To be sure, Windows 10 promises to provide many useful updates and upgrades for Microsoft users. At the same time, the transition from Windows 7 to Windows 10 will certainly bring inevitable challenges. You and your employees will be forced to change some of your habits, and certain features you’re used to may become obsolete or have new properties.

If you haven’t already, now is the time to update your business’s software to Windows 10. Doing so sooner rather than later will allow for the fewest number of complications.

If you have questions or concerns about making a smoother transition from Windows 7 to Windows 10, speak to your IT service provider as soon as possible. There are steps you can take to make this transition less of a trial for yourself and your employees.

4 Ways IT Outsourcing Helps Your Business

IT Consultants

Do You Know the 4 Ways IT Outsourcing Improves Business Success?

Many small and mid-sized companies underestimate the drawbacks of not having top-tier IT professionals in place. These 4 benefits highlight the need for change.  

IT Consultants

Are a business decision-maker wondering about when the best time to outsource your IT needs? It was yesterday, and you are already late to enjoy the benefits of working with a third-party tech outfit that specializes in IT managed services.

It’s not uncommon for small and mid-sized companies to operate under the assumption that modest IT needs do not warrant creating a budget line-item on their behalf. Some designate an in-house person with seemingly good computer skills to run virus scans and update applications. Other outfits hire a single technology person to handle the responsibility of overseeing their entire network. Both of these policies are inherently flawed for a variety of reasons. After reviewing the following 4 ways IT outsourcing helps your business, you may gain clarity as to why working with a third-party expert is in your best interest.

1: Removes Peripheral Distractions from Profitable Goal Achievement

As upstart organizations begin to grow into mid-level outfits, the visionaries that propelled their success forward are increasingly beset by issues that detract from primary goals. Budget management, contract negotiations, and supply chains are top-tier items that further a company’s profit-enhancing goals. Tackling these items tends to be a good use of time and energy. If industry leaders are also tasked with maintaining and repairing the tools of the trade, essential issues cannot enjoy the laser focus they deserve.

When an organization shuffles computer and network duties to an employee or even a designated in-house tech person, network problems become part of routine oversight. An experienced third-party managed services provider takes proactive measures to maintain and repair your devices and network without you lifting a finger. Your vision drives the organization. That’s why it’s crucial to all of the key stakeholders involved that IT distractions are a non-factor.

2: Improves Network Efficiency and Productivity

Imagine traveling the road of handing off-network duties to an untrained employee or a designated tech person. Now imagine they call in sick during a critical business productivity cycle. Imagine further, they take a two-week vacation. What happens when your network starts to suffer glitches or goes dark altogether? The answer is simple: You lose revenue.

The reality of owning or operating a business in the technology age is that networks never sleep, they don’t call in sick, and they don’t go on vacation. Maximum productivity and efficiency require organizations to have 24-7 managed IT services in place. When you negotiate an ongoing services agreement with an experienced IT contractor, they can conduct remote updates, scans, and effect problem solving anytime your network runs amok. But that will happen a lot less frequently because high-level maintenance is usually part of the outsourcing package. Experienced IT experts deliver the laser focus to systems that help make your organization successful.

3: Reduces Risk of Cyber Threats and Financial Losses

According to reports, more than 317 million pieces of malware were created in 2018 alone. To put that staggering number into perspective, nearly 100 infectious threats were developed daily. Now add that business risk to the fact that companies suffered financial losses above $600 billion in 2018 and that figure upticked by $100 billion from 2014.

Compounding the genuine risk of doing business with technology is that too many small and mid-sized organizations incorrectly assume that cybersecurity breaches are almost exclusively targeted at large corporations with vast assets. The common misconception may be attributed to heavy media coverage of the massive violations suffered by household-name corporations.

While billion-dollar cybertheft makes splashy headlines, the overwhelming majority of cybersecurity thieves targets small and mid-sized outfits. Hackers, who may be sitting in an internet café halfway around the world, search for subpar network defenses and attack. In plain terms, you are the low-hanging fruit ripe for the plucking.

Outsourcing IT security to a third-party provider improves your cyber defenses from among the weakest links to the strong. Having the latest anti-virus, anti-malware, and next-generation cybersecurity protections in place quietly takes you off hacker hit lists. If these nefarious computer thieves are anything, it’s lazy. They’ll move on from your network and attack someone less secure.

4: Keeps Technology on Cutting Edge

An effective business network enhances employee engagement and productivity. If that sounds like a pie-in-the-sky idea about working on computers, consider the alternative.

When emails are slow to download, or that tedious “buffering” icon spins around, employees tend to disengage from work-related tasks. One moment they are plugging along on your company desktop, the next they are checking text messages, and social media posts on their phone. When that happens, employee engagement and productivity is not diminished — it’s non-existent. It may be even more unsettling to know that experts say that it can take more than 20 minutes to get back on track after task disruption. Sadly, that unnecessary loss of productivity could have been avoided by outsourcing your IT needs to a professional.

Can Outsourced Managed IT Services Improve Profitability?

Managed IT Services

Outsourcing Managed IT Services Improves Business Goal Achievement

Industry leaders require a laser-focus on profit-driving initiatives. Outsourcing an organization’s IT oversight saves time, money, and keeps everyone on task.  

Managed IT Services

Whether you are a decision-maker for an upstart, mid-sized, or large corporation, outsourcing IT support, maintenance, and cybersecurity oversight can improve your operation. Managed services conducted by a third-party outfit with experience and expertise, brings high-level knowledge to the table that most business team members lack.

That’s generally because industry leaders staff their organizations with people who deliver profit-driving benefits. Managing an in-house IT team tends to distract from the goal-achievement tasks that keep an operation competitive and successful. Owners, CEOs, and other captains of industry with heightened IT needs would be wise to consider these five benefits of outsourcing.

1: Risk Reduction

Every business operates with a certain degree of risk. Those risks include fines for not meeting changing government regulations or falling behind competitors in cost-effective technology applications, among others. But perhaps the greatest threat that businesses of all sizes and every sector face are data theft and hacks. Without a doubt, less-than-adequate cybersecurity applications, protocols, and employee preventative training present the greatest threat to your organization.

2: Cost Consistent Budgeting

Entrepreneurs working hard to grow fledgling operations often have thin budgets. Every dollar counts and financial constraints generally do not allow for overspending. People in the private sector are fully aware they cannot manage a thriving enterprise using the faulty methods of the federal government. Either you have the revenue, or you don’t.

Managed IT service contracts allow decision-makers to allot a specific sum toward computer network oversight. There are no excessive payroll taxes, or unexpected overtime hours to strain the company’s resources. You write one monthly check and renegotiate when your managed services agreement expires.

3: Heightened Expertise

Perhaps the greatest difference between hiring an in-house IT team and outsourcing is the improved access to specialized knowledge. Some small and mid-sized operations think it’s savvy to hire a recent technical school graduate who has been immersed in the latest trends and technologies. That thinking seems reasonable on its face.

But the inherent flaw is that your outfit often requires that person, or team, to focus exclusively on your system and operations. What you lose over time is their immersion in trends, new applications, heightened cybersecurity threats, and other pertinent issues. A third-party managed service provider invests its time, resources, and people into cutting-edge training. When a managed services expert reviews your system, they bring the latest knowledge to every task. It’s simply not cost-effective to pay an IT team and then have them attend far-away seminars for weeks at a time.

4: Avoid Potential Downtime

After cyber-theft and hacks, downtime ranks among the most costly setback a company can experience. Imagine for a moment, you are looking out over your offices and employees are unable to work because the system is down. Now imagine you are paying them to not perform the necessary tasks to meet the business’ financial necessities.

When you outsource your IT needs to a third-party provider, it’s not uncommon for them to conduct due diligence, and preventive maintenance while your profit-driving staff is not on the clock. Smooth functioning networks are a type of hidden benefit that companies gain by having 24-7 IT services.

5: Improved Business Focus

Goal-oriented thought leaders enjoy improved success when they are able to focus on the things that make a company successful. Unless you are running a managed services outfit, computer issues, cybersecurity, and managing an IT team is not the best use of your time and brainpower.

Business visionaries achieve goals and enjoy the fruits of their innovation and labor by maintaining a laser-focus on industry trends, cost reduction, improved production, services, and staying ahead of their sector’s learning curve. It’s essential not to get bogged down in seemingly peripheral issues such as IT. Maximizing your skillset and outsourcing IT maintenance and oversight to a professional is the smart play.

Maximizing budgetary resources in a way that delivers the cutting-edge IT needs of today’s business community may be best left to professionals. When industry leaders take the time to do the math on best practices and profitable outcomes, third-party managed IT services remain a tried-and-true practice.

Ask Smart Questions about Solutions and Technology Expertise to Find a Superior IT Service Provider

IT Budget

Here Are Top Questions to Ask Potential IT Service Providers

Discover the most important questions to ask about products, quality, expertise, competency, security and breadth when selecting an IT service provider.

IT Budget

Business leaders who want to cut operating expenses, improve efficiency and leverage the newest technologies turn to IT service providers. With the right technology partner, a business can see considerable gains in productivity, communication and data security.

Choosing the right IT service provider is an important decision. Here are a few of the questions to ask to help you make the right choice.

How Do We Know If an IT service provider is a Quality Business?

Determining if a business is run well and according to best practices is often a difficult assessment. Here are some things to look for:

  • Staff Size. If you have extensive needs, a large staff with specialized areas is usually better equipped to handle complex clients. However, a smaller company may get lost in the shuffle of a large organization only focused on the largest clients.
  • Technology Partners. IT service providers cannot do everything by themselves. That’s why the best rely on partnership agreements with high-quality tech companies to deliver specialized products and services. Ask for a list of their partners; strong connections to top companies is a good sign.
  • References. If you encounter an IT service provider that refuses to provide references, walk away. Ask for references from clients that are the same size, in the same industry or facing similar challenges as yours.

What Do We Ask to Determine if an IT service provider is Technically Competent?

You rely on your IT service provider to have the technical expertise to address your needs. How can you assess their technical abilities? Ask about the following:

  • Competencies. Certifications and preferred partner status are good indicators of technical quality and where the IT service provider’s strengths are. Especially in small shops, an emphasis and expertise in Linux may mean they’re not as strong at Windows. Use this space to ask about professional development for their staff and their training commitment.
  • Out of Scope. If you are paying a flat rate for managed services, you need to know what’s included and what isn’t. There are plenty of services that could be included in a package, including network security monitoring, ISP troubleshooting, software and firmware upgrades and patching, hardware installation and server upgrades. Be sure to shop around and know what’s covered by your plan and what is either an extra charge or not available.
  • Disaster Recovery. If a natural disaster or hacker attack hits your company, you need a business continuity and disaster recovery plan in place to reduce the damage and impact. It’s a common service for an IT service provider to offer. But you need to know what your IT service provider’s own disaster recovery plan is. If your IT service provider can’t be up and running quickly after a disaster, they are unlikely to be able to help you.
  • Compliance Coverage. More and more businesses face compliance challenges at the federal, state local and industrial level. Foreign entities are also demanding compliance with mandates, often concerning securing and using personal data. Ask your IT service provider about their experience with the compliance requirements, such as HIPAA, GDPR, PCI or FSMA, that your company has. Inquire about a service level agreement (SLA) that guarantees compliance with the mandates you are required to fulfill.
  • Automation. Advances in automation have taken the place of lots of manual tasks. Your IT service provider should be committed to using automation and AI solutions wherever possible, freeing their staff to work on higher-level projects. If they are not using the most cutting-edge technology, how will they advise you on how to leverage new solutions?

Can We Measure the Service Quality of an IT service provider?

Service is critical when choosing an IT service provider. You want a partner that’s attentive, responsive and effective when you have a critical need. Ask the following:

  • Internal vs. Outsourced. Your IT service provider will promise to deliver an extraordinary range of products and solutions. However, it’s important to know who will be doing the work on your account. Ask your potential IT service provider what work is done internally by their employees and what is outsourced (and why).
  • Strategy and Advising. Some IT service providers focus exclusively on selling you technology solutions. Others take a comprehensive approach. You want an IT service provider that can act as a virtual chief information officer, providing help with technology strategy, budgeting and growth that aligns with your present and future business priorities.
  • Scalability. As your company grows, you need solutions that can scale rapidly as new customers, data and technologies emerge. Be sure to ask how scalable an IT service provider’s solutions are, how they will help improve efficiency, how they will reduce costs and how they will reduce workload.

Thoughtful questions asked consistently of each potential IT service provider puts your business in the best position to select the right technology partner.

Why is Effective Business Continuity Management Important?

Business Continuity Management

Why is Effective Business Continuity Management Important?

Business continuity management (BCM) denotes how organizations plan for and respond to risks. Mission-critical functions must continue to run after disruptions such as bad weather or hackers.

Business Continuity Management

A business continuity plan documents how your organization will continue to operate after a natural or man-made disaster, severe market conditions or sudden changes in leadership. This could be anything from a stock market crash to a hurricane to the death or dire illness of a key leader. BCPs are hot topics thanks to growing legislation and increased risks related to data security and other events. Every organization would benefit from adopting some kind of BCP framework, however modest.

What is Business Continuity Management?

Business continuity management (BCM) denotes how organizations plan for and respond to risks. Mission-critical functions must continue to run after disruptions such as bad weather or hackers. Smart planning also makes it possible for employees to return to business as usual quickly.

How Does Business Continuity Work?

The most effective way to achieve transparent, seamless risk management and disaster recovery is via a business continuity management system. This may require some outside assistance since any BCMS adopted should follow international standard ISO 22301 requirements. All businesses can begin the first phase themselves, however, by building a continuity plan that identifies and minimizes risks.

What’s the Big Deal With ISO 22301?

ISO 22301 lays out a road map for an effective BCMS and is the most credible resource for successful business continuity management. Becoming ISO 22301-certified signals to clients that your company has a game plan in case disaster strikes — certification helps clients decide that your firm is a solid investment for their business.

This certification proves to prospective clients that your organization will continue to provide the products or services they need, even if an emergency arises. It also gives you an:

  • Independent evaluation of your business continuity management, providing assurance or offering areas for improvement
  • Accredited certification with regular audits to ensure continual improvement
  • Oversight of regulatory requirements to ensure legal compliance. This could include the EU General Data Protection Regulation (GDPR) or new state and federal privacy regulations impacting customer data collection and storage.

What’s is Disaster Recovery vs. BCM?

People are often confused by the difference between these two terms. They aren’t synonyms. Business continuity deals with relocation and business functions while disaster recovery, which is a subset of business continuity, deals with the technical recovery of systems and resources.

Disaster recovery outlines how to recover technical functions, sites, operations and applications. A business continuity plan may contain many disaster recovery plans.

What Are the Key Components of a BCP?

A successful business continuity plan includes the following:

  • Succession plans for key employees
  • Identification of critical functions with priority identified
  • All employees’ contact information and role in the plan
  • Tested backup strategies

Newly Discovered Security Flaws Put Windows Users at Serious Risk

Is Windows Secure

Microsoft Vulnerability Affects Most Recent Operating Systems

Learn about two recently discovered vulnerabilities that could put your company’s computers and operations at risk and what Microsoft is doing to fix the issue.

Is Windows Secure

Two newly discovered security vulnerabilities could put Windows users at risk of attack if they do not download and install security patches Microsoft recently issued.

What Are the New Microsoft Security Flaws?

Nicknamed DejaBlue, the two security flaws are designated CVE-2019-1181 and CVE-2019-1182. They are similar to the BlueKeep vulnerabilities Microsoft issued patches for in May 2019. The newest flaws, like Bluekeep, could allow hackers to create so-called “wormable” attacks that easily can be spread from one computer to another without any interaction from a user.

The main difference is that the newer security vulnerabilities are potential threats to newer versions of Windows products.

What Systems Does DejaBlue Affect?

There are potentially hundreds of thousands of computers that could be affected by the Windows worm. They sit within the Windows Remote Desktop Services (RDS) package. According to Microsoft, the vulnerabilities could affect the following systems:

  • Windows 7 SP1
  • Windows Server 2008 R2 SP1
  • Windows Server 2012
  • Windows 8.1
  • Windows Server 2012 R2
  • Windows 10 (all supported versions, including server versions)

That’s a massive number of potential targets that could be infected if the patches are not deployed and active monitoring tools are not in place.

Windows XP, Windows Server 2008 and Windows Server 2003 are not affected.

How Does DejaBlue Work?

Like with BlueKeep, the vulnerabilities can be used to exploit RDP, a tool that administrators use to connect to other computers on a network. Hackers could then use that exploit to code and load a worm that is automated. It would “jump” from one computer to another, potentially affecting millions of computers quickly.

What makes the DejaBlue and Bluekeep vulnerabilities so dangerous is that they can propagate without any user interaction.

What’s more dangerous is that the new vulnerabilities differ from BlueKeep, which targeted Windows 7 operating systems. The new exposures could affect Windows 7 and all recent versions of Microsoft’s operating systems. That amplifies both the risk and the potential impact.

“At this point, nearly every contemporary Windows computer needs to patch, before hackers can reverse engineer those fixes for clues that might help create exploits,” notes Wired magazine.

While a British intelligence agency, GCHQ, is credited with identifying BlueKeep, Microsoft notes that it identified the new threats itself. To date, no evidence that exists that indicates the vulnerabilities were known to third parties, the company said.

“These vulnerabilities were discovered by Microsoft during hardening of Remote Desktop Services as part of our continual focus on strengthening the security of our products,” Microsoft said in a release.

The scale of the potential damage is extraordinary. As of July 2019, there were as many as 800,000 computers worldwide that were still vulnerable to BlueKeep, with a much larger potential threat from DejaBlue.

What Can We Do to Protect Against Cybersecurity Threats?

The key to maintaining a secure network is developing a comprehensive, multilayered security strategy. A managed services provider can partner with you to develop a cybersecurity plan that includes:

  • Comprehensive network perimeter monitoring using next-generation firewalls to detect, contain, disable and destroy threats
  • Continuous monitoring of systems, endpoints and users
  • Automated downloading and installation of software and firmware updates, upgrades and patches that respond to emerging threats
  • Anti-malware, anti-spam and anti-virus software installed on each user’s machine or device, updated automatically, and analyzed to determine potential threats
  • Email and data encryption
  • Password security, including multifactor authorization
  • Mobile device management, including remote location finding, disabling and wiping functions
  • Cloud solutions for secure hosting of data, apps and operating systems
  • Business continuity and disaster recovery planning
  • Employee training

Having the right security in place greatly reduces your risk of being affected by a cyberattack that can debilitate your business, ruin its reputation and cost thousands to repair.

Six Advantages to Hiring a Local IT Company

Local IT Services Company

Local IT Services Company

Why You Should Choose a Local IT Services Company

Learn about 6 advantages to hiring a local IT services company to support your technology needs, including knowledge of the local economy and proximity when you need support. 

Having a technology partner that understands your business, its needs and its priorities is vital. Technological advantages can differentiate your company from the competition, improve efficiency and improve the bottom line.

One oft-overlooked criterion when choosing a technology company is its location. You want a technology partner that is close to your business and can be available when you need support, guidance or advice.

Here are 6 reasons why choosing a local IT company is the right decision.

1. Faster Response Times

When there’s an emergency, you need to make sure your company’s networks, devices, software, data and connections are available, working and uncompromised. While technology allows many IT issues to be handled remotely, in an emergency, you may want or need in-person expertise to address the issues.

Geographical proximity is also an advantage if you’d prefer someone come on-site to provide an expert assessment.

2. Local Personnel on Your Account

Having a local account manager overseeing your account is a tremendous asset. Having an account manager and other lead staff members locally allows for more physical interactions that allow for better working relationships, strategy development and a stronger long-term relationship.

3. Knowledge of Local Business Market and Climate

By choosing a local organization to support your IT, you’re partnering with a fellow member of your local business community. A local IT services provider knows the makeup of businesses in your area, the strengths and challenges of working in your community and the opportunities available due to location. If your business is in an industry that has many companies working in the same geographical area, your local IT support partner will know about the industry standards and expectations. The local IT company also will be aware of the technology infrastructure available, such as access to the Internet and Internet speed. Armed with that knowledge of the local business scene, your MSP can recommend customized solutions that fully leverage the local characteristics in which you do business.

4. Budget Advantages

Having a local It services provider can save you money. For one, you will not incur large travel costs; usually, the clock starts on onsite service time charges as soon as a tech steps out of the building. Having a long-distance MSP means more downtime for your business while waiting for a technician or consultant to arrive.

5. Same Time Zone

Having a local IT company in the same time zone as your company has an advantage. While ideally, you will partner with an MSP that provides 24-hour support, it’s more convenient to have a partner that has more staff working and available during the same work hours your business is operating. That can make a big difference in terms of responsiveness and resolution time.

6. Peace of Mind

A local IT services company makes life easier on so many levels. With a business partner you can contact easily, can respond to your needs faster, understands your local economy and technical infrastructure and is a member of the same community, you will have more peace of mind. A local MSP provides more reliability and availability when you need it most.

Having a local IT services company as your strategic technology partner is a smart choice.