Employee Security Training: Your IT New Year Resolution

Happy New Year! What are you looking to do better in 2019?

The turn of the calendar tends to bring with it thoughts of personal growth and improvement.  But, for many business owners – their identity being tied directly to their enterprises – New Year’s resolutions often translate to things they can do better for their companies.

So, let’s restate the above question: What are you looking to do better for your business in 2019?

If you’re open to it, allow us to offer a suggestion: if you haven’t made cyber security a part of your company culture, make cyber security training for your employees a priority this year. Why? Because you’ll be shoring up the weakest part of your network defenses.

The Case for Initiating Security Training for Your Employees

It’s not a secret that employees are the weakest link in any organization’s security efforts. That doesn’t mean that your staff is going out of their way to jeopardize your network. They’re just either unaware of which actions leave the company vulnerable, unsure of what to do if they do encounter a potentially threatening situation, or simply don’t assign a great deal of importance to security concerns (this is sometimes called the “it’s the IT guy’s problem” syndrome).

In most cases, though, you really can’t blame the rank-and-file. Think about this:

  • 65% of companies have over 500 employees who are never prompted to change their passwords
  • 52% of business leaders don’t know what to do if cyber security is breached
  • 45% of employees don’t receive cyber security training at all
  • Microsoft Office applications (Word, Excel, etc) account for 38% of malicious file extensions
  • 91% of cyber attacks begin with a phishing email

What are these statistics telling us? First, that workers are routinely targeted – and via the communication methods (email) and business applications they rely on the most (Microsoft Office). Secondly, if/when things go wrong, management typically doesn’t empower employees to help in warding off the threats, and often has no plan of action.

Let’s take a look at a few more statistics:

  • cyber crime is expected to cause $6 trillion in damages by 2021
  • 61% of breach victims in 2017 were companies with less than 1,000 employees
  • average cost of malware attack is $2.4 million

If you’re a small business, a multi-million dollar mistake is hard to recover from. Encouraging your team to become more discerning digital users and an active part of your data security efforts is, simply put, the smart move. The best way to do that is with an active cyber security training program.

What Does Security Training Entail?

Education can cure a lot of ills. This is absolutely the case with cyber security concerns. But before you can teach, you much know where your subjects stand.

As such, the first part of training focuses on identifying what your trainees know and don’t know. At Beacon, we initiate our cyber security training program with real-world examples of cyber exploits. This is accomplished with a computerized test, where employees are asked to complete a few simple tasks, such as opening an email with an attachment.

The test serves two purposes. First, it exposes people to real life attack methods that they are likely to encounter. Secondly, it identifies the types of exploits to which your team is most vulnerable.

Once you know which types of tricks are most likely to work on your team members, you can arm them with the skills to shore up their vulnerabilities. That’s the second part of the training – teaching how to recognize when something is amiss and how to counter a suspected attack.

The training portion should be tailored to each employee, based on the results of their assessments. Focus on what they don’t know. You don’t want to waste anybody’s time going over concepts they already know well. Your team is more likely to retain information they find valuable and/or interesting – so, teaching them stuff they know is counterproductive. Each employee’s training should cover the exploits they did not handle well during the assessment.

At the end of training, be sure to remind your team of how valuable their contributions to network security are.

Beacon Knows Security Training

Want some professional help with your employee security training? BITS is here to help. We’re more than happy to get your team up to speed on the latest cyber threats.

By | 2019-01-28T07:57:23+00:00 January 28th, 2019|Computer Related, BITS News, IT Services|

Managed IT Services: The Gift That Keeps On Giving

This time of year many of us are on the hunt for presents. Toys and games for kids, sparkly jewelry for the ladies in our lives, gadgets and sports gear for the guys, pictures of the grand-kids for the grandparents… a little something for everyone. It feels good to bring joy to your loved ones.

While your small business isn’t a person, it can certainly feel like an animated presence in your life. After all, you worry about its growths and ability to sustain itself, just like you do with your kids. So, maybe this year your business deserves a present, too.

One of the most caring and forward-looking things you can do to help your business is to retain an expert team of IT professionals to secure your network, your servers and the work stations your employees use. Considering the sheer volume of known cyber threats out there, no enterprise can afford to short shrift its network security. And while an in-house IT person is certainly capable of managing some of your IT needs, the truth is, it takes a full team to provide the kind of protection a successful business requires.

Benefits of IT Support Services

Time is an important and valuable resource. For small businesses with tight margins, it is imperative that employees allocate their time to required tasks efficiently. A wasted couple of hours here and there could have a dramatic effect on the bottom line.

Smart business owners build contingency plans into their project timelines to minimize disruption. However, even contingency plans can’t account for a cascade of network or computer-related issues.

Most of us know from experience that figuring out network problems or dealing with software updates gone wrong can suck up tons of time. Even if your IT staff is there to help, their attention is taken away from other scheduled IT projects.

Having a team of professionals at the ready to solve whatever problems come up takes the burden off the shoulders of your employees and the in-house IT staff. It should also give you peace of mind to know that your issue is being taken care of by a capable and dedicated group of people, trained specifically to resolve the problem you are experiencing.

It pays to contract an IT services company that is in relatively close proximity to your business. The best managed IT service providers have the capability to respond quickly to emergencies, providing in-person, on-site assistance when needed.

Prevention = Cost Savings

“An ounce of prevention is worth a pound of cure” – Benjamin Franklin

While the original quote by Benjamin Franklin was about fire safety, the axiom applies equally well to network security. Managed IT services can help your business avoid a number of problems that could lead to downtime and loss of revenue without tying up your in-house resources.

More than a few businesses succumb to ransomware attacks or other nefarious intrusions to their network every year. You can’t predict when such attacks may happen, and there’s nothing you can do to avoid being targeted. What you can do is be as prepared as possible.

The best way to do that is to have an experienced and reliable team set up your defenses. A robust firewall and data backup solutions protect your business network from cyber criminals. But, if the absolute worst happens and your defenses are compromised, a good managed IT service provider will help you activate your emergency response plan, isolate the threat, transfer your data to a secure server or cloud, and keep your downtime to a minimum.

Preventative maintenance of your company computers, including software patches to guard against the latest security exploits, also contributes greatly to business continuity. So, it makes sense to place this responsibility in the hands of trained professionals, too. After all, you hired your employees to be experts in their subject matter. The less time your team spends on routine maintenance concerns, the more time they can devote to doing the job they were hired for.

Beacon Knows IT

So, while we’re still in the midst of shopping season, don’t forget to get your business something nice. Give BITS a call. We’ll be happy to put together a custom solution for your business and make 2019 your best year yet!

By | 2018-12-20T06:35:29+00:00 December 20th, 2018|IT Services|

What is Blockchain… And So What?

Let’s be honest… blockchain is a confusing concept. Even for people who understand exactly how blockchain technology works, providing an easy to understand explanation is challenging.

There are a couple of reasons for this. First, blockchain is relatively new tech, and new tech always takes a little while to sink into the public consciousness. We didn’t really know what the internet was for, or how transformative of a force it could be, back in the 90s. Mostly, because we didn’t understand how it could be applied.

Secondly, the technology itself – blockchain – is closely associated with its application – a cryptocurrency called Bitcoin. But they are not the same thing. The sometimes-negative association with Bitcoin specifically, or cryptocurrencies generally, tends to muddy the waters for many.

Before we confuse you further and tell you more about what blockchain isn’t, let’s outline what it actually is. There are three important elements of blockchain technology:

  1. large, peer-to-peer network of computers dedicated to processing and recording digital activity
  2. decentralized database of all recorded activity called a Distributed Ledger (there are several key aspects to this, including “decentralized” and “all recorded activity”)
  3. encryption

It’s definitely more complicated than that. There’s a lot that’s packed into the application of these three concepts. But, boiled down, blockchain combines these elements to provide a secure platform that allows any two parties to engage on the web without the need for a third-party authenticator. Blockchain cuts out the need for a middleman in any digital interaction (including financial transactions) by providing a peer-to-peer network that’s safe, trusted and transparent.

The first intended application of blockchain technology – Bitcoin – was financial in nature. The creator/creators set out to develop an entirely new currency – one that is not reliant on or backed by any government. But, it’s the system that was developed to enable a digitally-based currency that may be end up being much more transformative.

“The blockchain is an incorruptible digital ledger of economic transactions that can be programmed to record not just financial transactions but virtually everything of value,” say Don and Alex Tapscott, authors of the 2016 book Blockchain Revolution.

If it sounds like there could be thousands of applications for blockchain technology, you (and a few dozen million people) are probably on to something.

Blockchain Application in IT & Data Security

So, can blockchain disrupt the IT and data security industries? It sure seems to have the potential to do so. In fact, it may already be doing so.

The following attributes and capabilities make the blockchain particularly appealing to data security professionals:

  • Decentralized and unhackable
  • Encryption and validation
  • Public or private

The data that’s stored on a blockchain doesn’t reside on any one computer (or, node) – it is distributed across all the nodes on a blockchain network. Once a record is added to a blockchain database, it is encrypted and cannot be accessed or altered unless the user provides the correct access key. This makes a blockchain pretty much impervious to hacking.

Because there’s no centralized location for the data, hackers would need to gain access to more than 50% of the network nodes in order to access or overwrite a saved record. Depending on the size of the network, that proposition falls somewhere between extremely unlikely to darn-near impossible.

Further, while blockchain was initially created to enable anonymity in a very public setting, a private blockchain network that restricts access to just a few users can easily be created.

All of this means that blockchain technology is highly amenable to the data security needs of businesses, large and small.

Beacon Knows Data Security

Not sure if you’re doing enough to protect your sensitive business data? BITS can help. A free audit of your network by our security experts can help put your mind at ease. Request one today.

For a deeper understanding of blockchain technology, check out additional information here, here and here.

By | 2018-11-29T09:21:50+00:00 November 27th, 2018|Computer Related, IT Services|

Is Cloud Hosting Still the Best Option for Your Business?

The cloud is a powerful method of computing. When the term first entered into wide usage, it was ambiguous. No one really knew what it meant. Or, if they understood the concept, most people had no idea how it worked.

Today, we’re past the stage of being mystified by the cloud. Most people get the concept of a decentralized computer network that harnesses the power of many individual machines to provide computing services.

But understanding the cloud and trusting the cloud are two entirely different propositions. Despite the proven benefits, many business owners or administrators still have a tough time relinquishing control over their data to a third party. They just don’t like the idea of sending proprietary information out into the ether.

Are they right to be concerned? Are there better methods of storing data?

To be sure, cloud computing isn’t the only option available. Many businesses choose to host their websites or manage their business infrastructure on their own, in-house servers. Some may split some data storage tasks between in-house servers and the cloud. On the other hand, many businesses fully embrace the power of the cloud.

What’s right for someone else may not be right for you. And vice versa.

So, how can do you know if cloud hosting is right for your business? Let’s take a look at a few attribute of the cloud to help you make an informed decision.

Ease & Access

One of the best things about cloud hosting is the ability to easily access your data anytime and from almost anywhere. This makes running your business on the go very easy. And, it can also foster greater collaboration among your employees – especially if they’re working remotely or in different locales.

Another benefit is foregoing big expenditures on expensive hardware. In-house servers cost a lot of money. If you’re a small business, investing in costly infrastructure may not be the right move. Cloud hosting allows you to keep your costs down as your organization grows.

This highlights another cloud advantage – scalability. If your company grows quickly, or your website traffic takes off unexpectedly, all you have to do is inform your provider that you need to step up your plan to meet your data needs. That’s it.

Another upside of cloud hosting is the ability to get back up and running quickly after a disaster or emergency situation. Decentralizing your data allows you the flexibility to access important information whenever you need it, from whatever device you have available.

Security

Many cloud detractors cite security is a reason why they won’t engage with the service. This group prioritizes maintaining complete control of company data from start to end. They would rather entrust their IT security to an in-house team of experts.

However, cloud providers are actually better positioned to provide data security than any individual business. Cloud providers have dedicated teams that are specifically tasked with keeping the entire cloud network safe. Most organizations, especially small businesses, don’t have the resources to stay on the cutting edge of network security. Even a robust internal IT team would have trouble matching the security capabilities of a cloud host, as security is just one aspect of an in-house IT team’s responsibility.

Also, it’s important to remember that your internal security protocols are only as strong as your weakest user. System users (people) are the greatest weakness to a secured system. Keeping sensitive information off your local servers can actually protect your business from an accidental breach, employee theft or corporate espionage.

The Final Case

Is cloud hosting right for absolutely everyone? Probably not. However, the scalability, flexibility and security of the cloud makes it an attractive and affordable choice for small and medium-sized businesses.

If you’d like to know more about how cloud hosting can help your business, give BITS a call. Our IT security experts can provide a professional analysis of your vulnerabilities and network needs.

By | 2018-11-27T08:59:04+00:00 October 30th, 2018|Hosting Services, IT Services|

Why Cheap Threat Protection Isn’t Saving You Money

Today’s digital landscape is fraught with security pitfalls. In the pioneer days of the internet, hackers mostly went after digital conquests to gain notoriety or for the thrill of getting past the most advanced security setups of that early digital period. In 2018, however, that hacker mentality has long been replaced by a different ethos.

Cyber criminals now are less likely to take pleasure in simply penetrating your digital security perimeter and taking a look around. If your organization suffers a breach, the consequences are much more dire.

Whether you work for a large, multinational corporation, or run a small business, once a security vulnerability is exploited on your network, all of your data, operations and business processes are at risk for exploitation — be it out-right theft, blackmail, sabotage, etc.

There are some stark numbers out there when it comes to cyber security:

  • 61% of organizations worldwide have been impacted by ransomware
  • 1 in 6 businesses lose more than 25 man hours following a security breach
  • 6 out of 10 small businesses that suffer a cyber attack close their doors within 6 months

Here are a couple more startling statistics: 65% of consumers lose trust in an organization following a security breach, and 31% cut off their relationship with the brand entirely.

Despite the growth in the sophistication and complexity of cyber exploits, and the threat to consumers, many organizations still operate under a “if it ain’t broke…” mentality. If they haven’t been hit with an attack recently, many are happy to roll with the same cyber security protocols they’ve been using for years.

Some may rely on security features embedded in their preferred browsers — Windows Defender, for example — or place their trust in the security features of trusted applications, like WordPress.

To be sure, the less-is-more approach does not work for cyber security. In fact, it’s a good way to lose your customers.

Windows Defender

Microsoft, like a number of other providers, offers a complimentary anti-virus, security software. The free Windows Defender is billed as “comprehensive, built-in and ongoing security protection.” However, Microsoft supplements the free version with the more robust Windows Defender Advanced Threat Protection (ATP) that consumers have to pay for.

On its own, Windows Defender can stop most viruses and digital threats (it does have to be updated fairly regularly). However, ATP offers “a unified platform for preventative protection, post-breach detection, automated investigation, and response.”

The advanced version of the software speaks to a more sophisticated threat landscape and the need for strategic planning and professional protection.

WordPress Vulnerabilities

Many businesses turn to the WordPress platform to build and host their websites — one of the draws being affordability. Of course, the site provides security for their customers, including encryption, firewalls, security monitoring and data backup and recovery. WP also has a team of cyber security professionals on staff “to address potential security risks.”

Nonetheless, the site acknowledges that no means of data exchange is perfectly safe, and that it “can’t guarantee absolute security of your site.”

Indeed, security of WordPress sites is a muchdiscussed topic — both because nearly 25% of websites run on the open-source platform and due to the prevalence of attacks. In fact, some of the vulnerability of WP is due to its popularity. While the WP security team does all it can to protect users, users themselves (especially those not well-versed in cyber security protocols) are security vulnerabilities as they can (sometimes easily) be targeted for exploitation. A good chunk of WP vulnerabilities are exploited through third-party plug-ins and themes that customers download themselves, a consequence of open-source coding.

For this reason, Beacon offers SITEXPRESS, our own, closed-source website platform.

BITS: Professional Approach to Data Security

It is certainly possible to create and execute an in-house digital threat prevention program on your own. However, if you are short on time, staff, or the required level of expertise, it’s best to trust your data security to a dedicated and professional team. For guidance on your threat prevention efforts, give the experts at BITS a call at 336.365.7703.

 

By | 2018-09-25T04:57:59+00:00 September 24th, 2018|IT Services|

Why Locality Matters for Managed IT Services

Many companies rely on managed IT services to help them keep their computers secure and in peak performing conditions. It isn’t too difficult to find a provider that can keep your software up to date, make sure the latest security patches are implemented, or execute regular data backups.

The decision to “farm out” the upkeep of a company’s digital infrastructure is a smart one for many businesses. After all,

if technical/computer know-how has nothing to do with your industry, it doesn’t always make sense to devote an entire department to a skill set you know little about operationally.

That said, your organizational digital infrastructure is an important part of running your business. You want to make sure that the vendor you choose to hire has both, sound technical capabilities and trustworthiness.  Undoubtedly, these are very important decision points.

However, one thing that some decision-makers may overlook is the location of your IT support providers. In fact, in today’s ultra-connected and shrinking world, it may seem old-fashioned, maybe even uncool, to base a  vendor selection criteria around the concept of locality.

With the ever-expanding cloud economy, you may assume that IT is the last industry where physical location matters. After all, a tech can fix a problem on your work computer in seconds via remote access from anywhere in the world.

This is, of course, true. So, why does locality matter?

Face-to-Face Interactions Are Still Important

Knowing your clients is another old-fashioned business value.

Most businesses that rely on vendors for IT security and support believe that the less they hear from the vendor the better. No news is good news. Much like your favorite football team’s offensive line, if you’re talking about it, it’s probably because there’s a problem.

At BITS, we take a different view. Our aim is to develop and maintain close working relationships with all of our clients through regular conversations. We know that an offensive line can only protect your quarterback if it knows the game plan. Moreover, if the defense calls a blitz and you need to change the play at the line of scrimmage, the new play will only work if your linemen know the audible calls.

Football analogies aside, communication is still an important aspect of managing your vendors. And, as old-fashioned as face-to-face meetings and onsite visits may seem, they still offer the best methods of ensuring that the team you hire to protect you has the necessary information and understanding to do the job properly.

We believe you should treat your IT vendor as a full member of your team, and include them in pertinent business discussions. We want to be in the huddle with you.

Project Planning

Close integration with your IT vendor fosters operational familiarity and increases efficiency. But, it can also help your provider anticipate your needs and help you with project planning.

If you’re expanding or moving offices, for example, it makes sense to involve your IT services team in the planning stages. Such a project is a logistical monster. Your vendor can provide valuable advice by recommending the best types of equipment, an efficient computer network setup, and a new emergency response plan.

No matter what kind of project you’re undertaking, the more your managed IT services vendor knows about your operational cycles, technology use patterns and future goals, the more they can do to move your projects forward quickly and efficiently.

Beacon Knows IT

If you want a closer, more responsive relationship with the team responsible for your IT operations and security, give us a call at 336.546.6660. See what you’ve been missing.

By | 2018-11-27T08:59:13+00:00 August 16th, 2018|BITS Team, IT Services|

Data Breaches: Has the Industry Adjusted?

For cyber-security professionals, 2017 may have been “The Year of the Data Breach.” It’s not that data breaches just started happening last year — cyber-criminals have been at it for quite some time. But the number of high-profile breaches, as well as the sheer number of consumers being affected, seem to have hit an all-time high.

According to the non-profit Identify Theft Resource Center (ITRC), last year saw 1,253 reported data breaches. That’s a nearly 15% increase in the record-setting number of breaches that occurred just the year before, in 2016.

Not too long ago, consumers didn’t pay that much attention to data breaches. Most didn’t think or realize that their personal information was at risk. Last year, that laissez-faire attitude came crashing down as consumers were rocked month after month with news of huge breaches at very visible public companies.

Equifax, Uber, Facebook, Yahoo and eBay are some of the companies that found themselves in the spotlight for all the wrong reasons. The attacks didn’t just target internet companies, however. Cybercriminals didn’t discriminate — they went after state and local governments (WannaCry in Atlanta, SamSam took down Colorado DOT), health care organizations (Anthem/Blue Cross Blue Shield and UNC Health Care), universities (Oklahoma, Washington State), hotels (IHG, Hyatt), retailers (Forever 21, Kmart, Saks Fifth Avenue) and even the US government (FAFSA, SEC).

Lessons Learned

So, what have consumers and IT security professionals learned from all this?

One positive thing that high-profile data breaches did accomplish is they brought cyber security concerns out into the general public discourse. Consumers are a lot less likely to skip over a news story about a data breach today. Many now pay much closer attention to protecting their own personal information, and are more vigilant about checking up on breaches that have the potential to impact them — like with Equifax.

The IT security industry has responded as well. For one, demand for cyber security specialists has skyrocketed. Firms are having trouble filling positions, with an estimated two million shortfall of qualified IT professionals projected for 2019.

But, have businesses and top decision-makers learned anything?

The leaders of Equifax, Uber and Facebook are certainly facing a considerable backlash for the failure to protect their platforms. They’re also being criticized for not being forthcoming or responsive enough to the concerns and needs of their consumers. All three companies are working through lawsuits brought forward by their consumers. The lawsuits are still working their way through the legal system, so, it’s not yet apparent what lessons these companies have learned.

But, it’s safe to say that the rest of the business community is on alert. Consumer data protection is a must — not a “nice to have.”

Is IT Security Better Today?

The positive takeaway from the Year of the Data Breach, is that data security is no longer the forgotten cousin to IT infrastructure concerns. Data protection is top of mind for both consumers and the organizations that collect and store consumer data.

With the highly anticipated GDPR (General Data Protection Regulation) going into enforcement earlier this year, the emphasis on data security is no longer optional. Now, businesses have an obligation to think about and protect the data that their consumers allow them to collect. And consumers, themselves, are empowered to exercise greater control over what data they share and how their data is stored.

So, while 2017 was a bad year for data breaches, 2018 may prove to be a turning point for consumer data protection.

Beacon Knows IT Security

If you haven’t reviewed your organization’s IT security needs in a while, or are unsure of what security protocols are in place, Beacon’s highly capable and responsive team of IT professionals can help. Give us a call at 336.265.2700.

By | 2018-07-30T11:20:43+00:00 July 30th, 2018|IT Services|

Cloud IT Services and Security

Is Cloud-based Computing as Secure as Server Hosting?

Security questions have hounded cloud services since their inception. But, is the cloud an inherently less secure method of computing than in-house servers? The answer differs depending on who you ask.

A 2014 study by the information security-focused Ponemon Institute found that about half (51%) of IT security practitioners had concerns about their organizations’ ability to secure data and applications hosted in the cloud. Understandably, these concerns provide enough justification for some organizations to avoid using the cloud.

However, other IT experts contend that the cloud’s out-sized security vulnerability is a myth. In fact, they argue that security of cloud-based services is often better because of industry standards governing data centers. In majority of cases, they say, what threatens the security of the cloud is the same thing that threatens in-house IT infrastructure — the users.

So, perhaps, the debate should be reframed. Maybe the question isn’t “How secure is the cloud?”. Maybe what you should be asking is “How good are my data security protocols?” and “How well does my team understand them?”.

These are much bigger questions. But, ones that are likely to result in a better approach to data security and risk management. Putting cloud-specific security concerns aside and thinking about your data network holistically allows you to zero in on your organization’s unique IT management needs.

The Public Cloud

Over 70% of the world’s businesses rely at least in part on services based in the cloud. These services offer some serious advantages for data storage and website hosting, not the least of which is cost effectiveness.

Cloud services are easy to access, customizable to your organization’s structure and adaptable to changing needs. When you host your website on the cloud, there’s no need to buy and configure expensive servers. There’s no need to hire a large IT staff for the purpose of server maintenance. And, you can also scale up quickly, in case your website traffic spikes unexpectedly (yay!).

Services delivered via the cloud tend to have extensive security measures, including change management — the ability to track system and data changes within a computer network. You can also restrict access to sensitive data streams to designated personnel.

That adds up to a fairly convincing business case. So, why do some organizations insist on building out their own extensive IT infrastructure?

The Case for In-house Servers

The bottom line is, you lose a measure of control the second your data leaves your network. Even if that data is stored on a very secure server in a tightly controlled data center, there’s a possibility that you could lose access unexpectedly.

Additionally, some industries carry stringent requirements for data management that can impact IT infrastructure decisions. If you work with the military or the intelligence community, for example, you may be restricted from relying on servers based in other countries. If you’re a hospital or a doctor’s office, there are legal obligations that come with storing patient records electronically. In both cases, the choice to use secure, in-house servers may be perceived as more prudent.

Lots of things happen that we cannot control. When and if they do, proximity to the physical location of your data can be an advantage. For this reason, organizations large and small, sometimes choose to keep their data network in-house.

Beacon is Here to Help

Whether you’re looking to streamline your IT infrastructure, or need expert assistance supporting your in-house data processing and storage, Beacon IT Services (BITS) has the technical know-how you need. Have questions or concerns? Give our experienced team a call at 336.265.2700.

By | 2018-06-19T10:50:11+00:00 June 19th, 2018|Hosting Services, IT Services|

Managed IT Services

Disaster Response Time

If you’ve ever been in the unfavorable position of seeing your business IT infrastructure compromised, you understand the necessity of an expedient response from your IT vendor. If you haven’t, thank goodness. Unfortunately, the rise in the number of successful web-based attacks increases the odds of you facing this situation sometime in the future.

Successful businesses protect themselves against known risks. So, how do you best prepare for the eventuality of your company network being attacked? Another way to ask this questions is: What are the elements of a good disaster preparedness plan that ensure the fastest response time?

At Beacon, we hang our hat on two essential elements when working with clients to secure their IT infrastructure: experienced live technicians, and a properly-configured remote tool kit.

Live Technicians Make All the Difference

It’s natural and easy to become reliant on technology. Humans have done this at every stage of our evolution. An appropriate present day example is the societal discussion taking place around automation. It’s true – robots and artificial intelligence may very well be the components that someday revolutionize the workplace.

But, even the smartest tech leaders of the most forward-looking companies are re-learning the value of human capital. As Elon Musk, the CEO of the upstart carmaker Tesla, recently acknowledged, there is such a thing as over-automation. It turns out that the key to ramping up the production of Tesla’s highly-anticipated Model 3 is not more robots, but more people.

We’ve always placed a high value on highly personal customer service. In fact, the calling card of Beacon’s IT services is the ability of clients to receive live assistance immediately.

If you’re faced with a cyber attack that took down your network, you don’t want to be reduced to leaving voice mails to your IT vendor. Or worse, relying on a corrupted or compromised network to figure out what’s what. You want to be speaking with a real expert right away, not three hours from now. It is this step that’s going to be the difference between restoring your network in minutes, rather than days.

Remote Tools Help Your Network Recover Quickly

Hopefully, your firewall solution is good enough to keep out any unsavory characters. But, if we’ve learned anything about IT security in the last few years, it’s that breaches can – and do – happen despite the most robust security setups.

If your defenses have been penetrated, what helps you get your systems back online the fastest is a responsive data backup system (that you had the foresight to install prior to the attack). There are two setups that yield the best results: local virtualization and cloud backup. Both can get you back online within hours, if not minutes.

Local virtualization relies upon an on-site device that’s connected to your network. In case of a breach, the device is automatically quarantined. It is then used to restore access to your data by transferring the data to a “clean” server, or by acting as a server itself.

The second method is similar to the first. The difference is in the way the backed up data is stored and accessed. In local virtualization, the backup data can be accessed locally, on the backup device.

With the cloud backup, your data is sent to the cloud at selected time intervals – could be as often as once an hour. The task can be scheduled for non-business hours or overnight, so it does not interrupt normal business operations. If the need arises, you can access the saved data from a cloud portal – a secure, dedicated web page. In this manner, you’re able to restore individual files; or, in a disaster recovery scenario, activate servers in the cloud to replicate the compromised servers on site. In some scenarios, cloud servers can even be set up to mimic the function of your on-site servers, allowing authorized users to access the data the way they normally would.

Is Your Network Protected From Today Exploits? 

If you’re not sure, give BITS a call at 336.546.6660. We’ll be happy to talk to you about your IT security concerns. Our team is experienced in crafting customized solutions for the most stringent requirements.

By | 2018-05-15T11:49:08+00:00 May 15th, 2018|BITS Team, IT Services|

Lessons in Cyber Security & Threat Prevention

Atlanta Ransomware Attack

The ransomware attack that took hostage a number of vital computer systems in Atlanta last month wreaked havoc on residents and sent the city’s administration scrambling. What can we learn from the situation?

Considering that city officials were aware as early as last summer that “severe and critical vulnerabilities” existed within the municipality’s computer network, the biggest takeaway is: DON’T WAIT to shore up your cyber security.

We’re not in the business of beating dead horses. And, surely, Atlanta officials have their hands full orchestrating the recovery from the attack and trying to return vital operations back to normal. Nonetheless, the fact that a 2017 internal city audit revealed an utter lack of preparedness to manage any sort of cyber threat should not go unmentioned.

What that means is the March 22 attack wasn’t a technology problem. As with most hacking efforts, it’s not the code that sinks you – it’s the human element that’s exploited for criminal gain. In this case, the human element was the inability of city administrators to respond to known threats. Not only was the city not equipped to handle an attack on its networks, it also didn’t have a proper response plan ready.

The number of ransomware attacks spiked sharply in the last year. So, if you don’t have an updated plan for your organization’s network security, you may very well be the next target of SamSam – the group responsible for the Atlanta situation – or another criminal outfit.

The good news is that there’s an army of cyber security professionals who are very skilled at crafting customized solutions. We, at Beacon, have been good at it for quite a while.

Protection Through Prevention

The best way to avoid a ransomware attack is to make sure that your network has a sufficiently strong firewall in place. A firewall identifies incoming web traffic and filters any suspicious or unapproved activity. The effectiveness of any firewall depends on how well it is configured. Typically, large networks require complex firewall configurations and a team of IT specialists for maintenance and monitoring.

Firewalls are great at protecting against known threats. However, new hacking techniques are developed every day. To defend against these zero-day exploits and other sophisticated attacks, IT pros deploy advanced automated audits that boot the threat off the targeted network. About 80% of current Beacon clients rely on this type of advanced protection. And, ideally, that number would be 100%.

Of course, even the most well-designed security setups can be breached. Criminal hackers know that people are the weakest link in network security and design attacks to take advantage of unwitting networks users. (There’s that human element again.) However, the odds of such attacks succeeding are low if your organization takes security awareness training seriously. Security seminars should be made available to every person on staff, and be repeated at least once every three years.

Recovery: It’s Good to Have a Back-Up Plan

Let’s be honest – sometimes hackers succeed even when you’ve done everything right. If that happens, you don’t want to find yourself in the same position as the folks in Atlanta. Backing up your network will protect you in case of a catastrophe.

While the concept is simple, data backup is actually a fairly complex process that takes considerable forethought. You’ll need to decide how often your network needs to be backed up (hourly, daily, weekly, etc). You’ll also have to examine how long your organization can go without access to your data.

A busy medical center, for example, would need to have its data backed up hourly to capture changing patient statuses, doctor’s orders, prescriptions, etc. With lives at stake, it would also be imperative to restore access to that data as quickly as possible.

Organizations that don’t deal with life and death issues would probably have less stringent requirements for their data protection plan.

We’re Here to Help

Have questions about your company’s cyber security? Give BITS a call at 336.546.6660, and we’ll be happy to talk to you about your concerns and data protection needs.

By | 2018-04-12T11:22:11+00:00 April 12th, 2018|IT Services|
Load More Posts