About Mark Bochkis

This author has not yet filled in any details.
So far Mark Bochkis has created 5 blog entries.

5 Assumptions of a Great Email Backup Solution

Two email icons floating against clouds over an open handYour company’s email accounts represent some of the most vital assets of your business. They contain important client correspondence, extensive team processes and projects, working copies of various reports and deliverables, and a host of additional valuable bits of information.

A loss of a record, or the inability to find or retrieve archived information, can cause tremendous harm to a business relationship with a client, vendor, regulator or even your own employees. That’s why responsible business administrators take steps to protect their business email accounts through comprehensive email backup solutions.

Finding the Right Email Backup Solution

Let’s be honest, as a business owner, you’re more at home selling a client on the value of your services, finding that next great team leader or setting the long-term direction for your growing business units. Understanding the nitty-gritty of email setup does not, and should not, rank high on your priority list.

That said, protecting your business emails is a real need – all the more pressing if your company is growing. So, how do you know what to look for in an email backup service?

To help business owners navigate the search for the right email backup solution, we’ve put together the below list of requirements.

Email Backup Solution Assumptions

Cloud symbol with a white down arrow1) On-demand email retrieval

Mistakes happen. Important emails containing sensitive or proprietary information get lost or erroneously deleted all the time. It’s been happening since the beginning of time… or, you know, the business computing era, at least.

No matter how well-intentioned your employees are, and no matter how many stringent protocols you put in place, it’s going to happen. Sure, prevention efforts are important. But, for when the worst does happen, a robust email backup solution makes sure it’s reversible.

2) Protect data in email accounts of former employees

What happens to the email accounts of your employees who leave? You’d be surprised how many small businesses don’t have a plan for retiring the email accounts of former team members.

Yes, in majority of cases, your former employees are trustworthy individuals who would never dream of taking advantage of continued access to their old work account. But, it’s better to be safe than sorry.

A good email backup service will feature a plan to save and convert employee email accounts into archives, preventing any unauthorized access after employee separation.

3) Compliance with industry data storage requirements

Your industry, or the industries in which your clients operate, may have requirements governing various aspects of data storage. Some businesses in the health care space, for example, are required to keep backup data physically on-premises.

The right email backup service will help you both, understand the data security requirements applicable to your business, and structure your email solution to be in full compliance.

Female hands on the keyboard of a laptop, and a list of files on the screen4) Easy search of archived and backed-up files

Have you ever had a client ask historical data from a project completed years ago? Or, maybe tried to recall that perfect response to a complicated technical question? The team members involved in those initiatives may be long gone. But, with the email backup solution in place, you still have access to their correspondence and files.

A search of your business email archive can bring back the needed historical information quickly and efficiently. Having an easy-to-navigate archive of your old business information is a valuable resource.

5) Portability

As small businesses grow, many of their operations mature to become more detailed and complex. This can even impact the email provider you choose to contract with.

If you think you may upgrade or change your email service provider in the future, you’ll want to make sure that the email backup solution you select is compatible with a number of leading email providers.

Beacon Knows Email Backup

Considering an investment in a robust email backup solution? Beacon can help. As a Datto partner, we install and maintain some of the most trusted, industry-leading IT solutions around, including Backupify for email. Get in touch with our team today to learn more.

By | 2019-05-23T09:53:08+00:00 May 22nd, 2019|System Administration, IT Services|

Is Your Business Ready for Hurricane Season?

Don’t look now, but hurricane season is once again bearing down upon us. Last year was predicted to be a below-average season. Instead, the Atlantic Ocean spit out 15 named storms, including eight hurricanes.

The damage sustained from 2018 tropical storms – which included, not one, but two major hurricanes (Florence and Michael) – reached nearly $50 billion. Power outages, dangerous winds, heavy rains, flooding and other hazards wreaked havoc on homes and businesses in many parts of the US.

There’s no telling what this season will bring. But, while you can’t predict when, or if, a major storm will strike, smart businesses plan for these types of disasters to ensure that they can survive and bounce back as quickly as possible.

One of the key requirements of a good business continuity plan is protecting your business data and network. To give your business the best chance of surviving a natural disaster, you need to consider your data backup, data recovery and infrastructure access needs.

Let’s talk about all three in a bit more detail.

Data Backup and Storage

Redundancy is a major theme in data protection. Putting in place a system that routinely saves your enterprise-wide data protects your business in case an unexpected event destroys your existing, on-site IT infrastructure. It also makes retrieving mistakenly-deleted files very easy.

In choosing a data backup solution, you’ll need to think about the following:

Data protection goals

How often does your data need to be backed up, and to what degree? There are several types of backup setups, including full backup, incremental backup and differential backup, and each has benefits and drawbacks.

Scalability

Optimally, you’ll need a data backup solution that can grow with your business.

Storage

Cloud storage solutions allow your data to stay protected in case something happens to your physical IT infrastructure – a key benefit if your businesses is flooded by a hurricane storm surge. Of course, legal or other constraints require other businesses to have their data backups on site. Many businesses rely on a hybrid on-site/cloud storage solution, giving them the best of both worlds.

Disaster Recovery

A good disaster recovery plan and solutions will help your business minimize or prevent downtime in case the worst does happen. A key step in setting up your backup recovery system is determining the appropriate recovery time objective (RTO) and recovery point objective (RPO).

Simply put, RTO defines how quickly your business network and applications need to be back online after a sudden disruption. Some types of businesses – hospitals, for example – have an RTO of 0. They cannot afford to be down for even one second. Most other types of business have less stringent RTO constraints.

RPO is the threshold for how old your recovered data can be. How great is the disruption to your business if you lose the last hour of your operational data? Two hours? A day?

Effectively, RPO defines how often your data should be backed up, and sets the data loss tolerance.

IT Infrastructure Access 

If your business does succumb to a natural disaster, like a hurricane, a good business continuity plan will allow you to get your network back up before you even rummage through the rubble.

How easily can your team access the needed backup data? Does it need to do so remotely, from any device? These are key considerations in choosing the right solution for your business.

A well-designed disaster recovery solution will have your servers virtualized in the cloud and ready for you and your team to resume operations in no time.

Beacon Knows Affordable Small Business Solutions

It doesn’t have to cost an arm and a leg to make sure that your business network is protected in case a natural disaster strikes. At Beacon, we partner with Datto, a leading provider of IT services, to implement robust and affordable disaster recovery solutions on behalf of our customers.

Get in touch with our team to learn more about ALTO, Datto’s platform designed to provide total data protection and enterprise-level functionality specifically to small businesses.

By | 2019-04-30T05:45:37+00:00 April 24th, 2019|IT Services|

Running Your Business on the Cloud? SD-WAN May Help

“Necessity is the mother of invention” – English proverb

Ever notice how one small change can cause a cascading series of bigger changes? It’s the classic butterfly effect in a nutshell – a butterfly flaps its wings in China, and 12 hours later a tornado hits, let’s say, Kansas. One small thing leads to a seemingly unrelated, bigger thing.

The relatively recent rise of the cloud and Software-as-a-Service (SaaS) provides an excellent example of the theory in work. Of course, these trends are more significant than a single flap of butterfly wings. And the aftermath is surely less destructive. Nonetheless, the changes that adoption of the cloud has ushered in have been immense, and not always predictable.

One of the biggest and more obvious tech-related changes is the growing demand for digital bandwidth. After all, it makes sense that you’d need more of it to routinely access applications online, rather than from a copy saved on your desktop.

That extra bandwidth has a cost. Moreover, if you’re now relying on the cloud to run your critical business operations, maintaining access to the cloud is suddenly much more of an imperative.

The more unpredictable response to cloud adoption is how organizations have adjusted to account for these new challenges. Today, going offline – for any reason – is no longer a palatable option for many business. So, smart operations have found a way to control their access to the Internet more intelligently, strategically, securely and with more granularity.

Necessity, meet SD-WAN.

What Is SD-WAN?

SD-WAN stands for software-defined wide area network. That’s a lot of words and not necessarily revealing concepts.

Simply put, SD-WAN is a service that lets you parcel out your digital connection bandwidth to each specific resource, based on strategic rules you control.

What Does SD-WAN Do?

One of the key benefits of SD-WAN is that it allows you to package your expensive, dedicated MPLS network with cheaper, public internet services.

Some business applications require the added security of traditional, dedicated WAN connections. But, not all. Also, many cloud-based applications are protected by their own, robust security or encryption measures, requiring less intense security investment from users.

This means that your business traffic can be segmented into separate streams of varying technical requirements – some routed via a MPLS network, and some through a public internet service provider (ISP) of your choice. And that’s exactly what SD-WAN does, optimizing your costs in the process.

You could possibly even ditch your expensive, enterprise-level connection and go with two different, lower-cost ISPs.

Why Get SD-WAN

Redundancy – SD-WAN allows for the use of a second Internet provider service, ensuring that your business network stays online in case one service is interrupted.

Cost-efficiency – Mixing your enterprise-level connection with broadband or other cheaper internet delivery options through SD-WAN allows you to optimize your costs.

Maximum performance – With SD-WAN, your multiple connections can all be used at the same time, maximizing the available bandwidth. In effect, your multiple connections add up to a bigger pipe for your traffic to flow through.

Security – SD-WAN ensures that specific, customizable security protocols are followed for every cloud-based application, always.

How Does SD-WAN Work?

SD-WAN devices and software monitor all available traffic paths, keeping track of latency, one-way packet loss and available bandwidth for each. Traffic is routed through the best possible path, taking into account security requirements of each individual data request. The software reacts to changes in performance, adjusting connections as necessary at sub-second time intervals.

Beacon Knows SD-WAN

If you’d like to learn more about how SD-WAN can help your business, give BITS a call. Our experts are here to help you understand your options. Request a free network audit today.

By | 2019-03-19T11:55:02+00:00 March 19th, 2019|IT Services|

Top Security Breaches of 2018

Some of the biggest companies in the world were hit by some of the biggest cyber security breaches in 2018. Of the 24 largest breaches of all time on the USA Today list, three of the top 10 occurred last year – Marriott, Under Armour and Quora.

But it’s not just the digital novices who are vulnerable. Cyber breaches were also a problem for tech-giants, like Google, Facebook and Twitter last year. If Google isn’t safe, what chance do small and medium-size business have of keeping their digital infrastructure secure?

A snapshot of the digital security landscape, afforded by a peek at some of the biggest breaches of last year, can at least give us an idea of what private business owners could be up against. That broad look should also provide the ammunition to assess what solutions need to be applied.

The Breaches

  1. Marriott: 500 million customers
    • What was stolen: names, addresses, email addresses, phone numbers, dates of birth, passport numbers, credit card and additional personal information
    • What happened: Reports of the breach alleged the company was hacked by foreign intelligence operatives. The vulnerability came via Marriott’s Starwood booking system, which the company purchased in 2016. Investigation revealed that the Starwood system was compromised since 2014.
  2. Under Armour (MyFitnessPal): 150 million customers
    • What was stolen: names, email addresses, encrypted passwords
    • What happened: The company discovered unauthorized third-party access to some of its customer data, but reported that its security measures kept the intruders from more sensitive information, such as GPS location, eating habits, credit card and Social Security numbers.                                                                     
  3. Google Plus: 52.5 million customers
    • What was stolen: names, email addresses, dates of birth, personal Google + session information
    • What happened: A security audit discovered that outside app developers could have had access to personal information of Google Plus users b/w 2015 and 2018. The company announced a breach affecting 500 thousand users in October (the breach occurred several months earlier). In December, Google revealed a second, bigger breach of 52.5 million users. Google is ending the Google Plus platform, and the breaches have helped to expedite its demise.
  4. Panera Bread: 37 million customers
    • What was stolen: names, addresses, email addresses, dates of birth and last four digits of customer credit cards
    • What happened: Panera was tipped to a database leak in August of 2017, but ignored warnings of security experts. The company failed to take action for eight months.

What Does This Tell Us?

It’s not every day that you’ll find yourself the target of government-sponsored hackers. Or is it? Reports have circulated for years about foreign hacking of corporate, government and infrastructure targets in the US.

Putting aside the fact that Marriott was potentially the target of international espionage, the company acknowledged a sub-optimal investment in cyber security. While internal security protocols did signal an unauthorized access to the system, they were not sufficient enough to detect the vulnerability during the acquisition of the system two years earlier. Marriott has since hired a new chief information security officer and began reporting on cyber risks to the company board.

Marriott, like Under Armour, was at least partially positioned to withstand cyber attacks. Both companies responded by studying their vulnerabilities and applying fixes in short order. Notably, they went to outside experts who could provide an honest, objective assessment of threats and recommend the right fix.

Google decided to keep the initial breach in-house – because they’re Google – and was burned by another, much bigger breach less than 10 months later.

Panera, on the other hand, mishandled everything – from the initial vulnerability, to the flagging of the issue by an outside security researcher. Eight months passed between when Panera was notified to when a fix was applied. And in the process, the company ignored a credible tip and efforts of an informed individual trying to help.

Hubris and presumptive arrogance on one end… insufficient deployment of security resources on the other. Despite the size of these companies, when it comes to cyber security, the execs of international corporations face the same type of problems and decision-making concerns as small business owners.

So, What Can Business Owners Do?

Well, the first thing to do is to acknowledge that cyber security is not your area of expertise. Guard against that hubris and arrogance by staying humble in your attempts to address this need. It’s ok to acknowledge that you’ll need the help of a trusted cyber security expert.

That said, the scale of the threats you’ll face is probably different than that of Marriott and Google. It’s unlikely you’ll face government-sponsored espionage. Small and medium-sized business are more likely to fall victim to ransomware attacks. As such, you’ll need backup and firewall services tailored to exploits favored by ransomware attackers.

At Beacon, we lean on the SonicWall Capture Advanced Threat Protection service to keep our clients free from ransonware and subsequent critical failures. The SonicWall platform is designed to discover and defeat zero-day (brand new) threats, and is set up to provide automated remediation – meaning you don’t have to lift a finger.

Beacon Knows IT Security

If you’re ready to take your IT security to the level it needs to be, give BITS a call. We’ll be happy to talk through the needs of your business.

By | 2019-03-19T11:57:50+00:00 February 26th, 2019|IT Services|

Employee Security Training: Your IT New Year Resolution

Happy New Year! What are you looking to do better in 2019?

The turn of the calendar tends to bring with it thoughts of personal growth and improvement.  But, for many business owners – their identity being tied directly to their enterprises – New Year’s resolutions often translate to things they can do better for their companies.

So, let’s restate the above question: What are you looking to do better for your business in 2019?

If you’re open to it, allow us to offer a suggestion: if you haven’t made cyber security a part of your company culture, make cyber security training for your employees a priority this year. Why? Because you’ll be shoring up the weakest part of your network defenses.

The Case for Initiating Security Training for Your Employees

It’s not a secret that employees are the weakest link in any organization’s security efforts. That doesn’t mean that your staff is going out of their way to jeopardize your network. They’re just either unaware of which actions leave the company vulnerable, unsure of what to do if they do encounter a potentially threatening situation, or simply don’t assign a great deal of importance to security concerns (this is sometimes called the “it’s the IT guy’s problem” syndrome).

In most cases, though, you really can’t blame the rank-and-file. Think about this:

  • 65% of companies have over 500 employees who are never prompted to change their passwords
  • 52% of business leaders don’t know what to do if cyber security is breached
  • 45% of employees don’t receive cyber security training at all
  • Microsoft Office applications (Word, Excel, etc) account for 38% of malicious file extensions
  • 91% of cyber attacks begin with a phishing email

What are these statistics telling us? First, that workers are routinely targeted – and via the communication methods (email) and business applications they rely on the most (Microsoft Office). Secondly, if/when things go wrong, management typically doesn’t empower employees to help in warding off the threats, and often has no plan of action.

Let’s take a look at a few more statistics:

  • cyber crime is expected to cause $6 trillion in damages by 2021
  • 61% of breach victims in 2017 were companies with less than 1,000 employees
  • average cost of malware attack is $2.4 million

If you’re a small business, a multi-million dollar mistake is hard to recover from. Encouraging your team to become more discerning digital users and an active part of your data security efforts is, simply put, the smart move. The best way to do that is with an active cyber security training program.

What Does Security Training Entail?

Education can cure a lot of ills. This is absolutely the case with cyber security concerns. But before you can teach, you much know where your subjects stand.

As such, the first part of training focuses on identifying what your trainees know and don’t know. At Beacon, we initiate our cyber security training program with real-world examples of cyber exploits. This is accomplished with a computerized test, where employees are asked to complete a few simple tasks, such as opening an email with an attachment.

The test serves two purposes. First, it exposes people to real life attack methods that they are likely to encounter. Secondly, it identifies the types of exploits to which your team is most vulnerable.

Once you know which types of tricks are most likely to work on your team members, you can arm them with the skills to shore up their vulnerabilities. That’s the second part of the training – teaching how to recognize when something is amiss and how to counter a suspected attack.

The training portion should be tailored to each employee, based on the results of their assessments. Focus on what they don’t know. You don’t want to waste anybody’s time going over concepts they already know well. Your team is more likely to retain information they find valuable and/or interesting – so, teaching them stuff they know is counterproductive. Each employee’s training should cover the exploits they did not handle well during the assessment.

At the end of training, be sure to remind your team of how valuable their contributions to network security are.

Beacon Knows Security Training

Want some professional help with your employee security training? BITS is here to help. We’re more than happy to get your team up to speed on the latest cyber threats.

By | 2019-03-19T11:58:00+00:00 January 28th, 2019|Computer Related, BITS News, IT Services|