Client Spotlight: RSVP Communications, Inc.

At Beacon, our success hinges on how well we know our clients. That’s what empowers us to anticipate their needs and deliver the right solution to the right problem at the right time.

That doesn’t just happen by accident. It happens with a purposeful effort to get to know and understand our clients, their business needs and future goals. And, as with any successful relationship, it all starts with asking questions.

Every once in a while, we wrangle one of our clients for an honest conversation about what we’re doing well and how we can improve. After all, you’ll never know if you don’t ask.

This month, we had the privilege of chatting up Ken Dobbins, Vice President and General Manager of RSVP Communications, Inc.

Conversation with Ken

Beacon: How does BITS help you be successful? 

Ken Dobbins: You play a huge role for us. When we joined up with Beacon we ended up getting a lot of brains and a lot of different perspectives on how things can be done. You get all these smart people in a room that come up with great solutions. We’ve had great success with you guys.

B: What separates BITS from other IT services/providers? 

KD: Your performance is really a cut above. If there’s an issue, you can get somebody over here pretty quick. Your monitoring capabilities are outstanding. And, you guys are reading, developing and understanding what the market is doing every day. That’s your job.

B: What’s the best part of working with BITS?

KD: Your understanding of the industry. The flexibility that you have. And, your customer service – Beacon has got a great team, top to bottom.

Contact Center Upgrade

On top of the core IT services Beacon provides to RSVP, we’ve also had the chance to help out with a couple of special projects. One such opportunity was the expansion of the RSVP contact center.

KD: Here’s what’s amazing. With the help of you guys and three other companies, we were able to rip out the entire Contact Center – all the work stations, all the carpet, all the wiring, all the electrical – and come in and run new electric with drop downs from the ceiling, instead of in the floor. We were able to – in a three-day period – come in, rip it all out, put it all back in, and on Monday morning, the agents were able to come in and go right to their work stations and go to work.

Warehouse Expansion

In addition to upgrading the Contact Center, Ken also oversaw the expansion of the RSVP Communications warehouse from 79,000 sq. ft to 109,000 sq ft.:

KD: You guys were instrumental in coming in and making very good recommendations on what equipment we should have, what equipment we shouldn’t have, and monitoring the guys who were doing the actual install – pulling the wire, putting the equipment in – monitoring all that to make sure that they’re putting in the right stuff.

At the end of the day, there were some issues that you identified that we were able to get fixed along the way.

It’s not that anyone was doing a bad job. It’s just that you guys were just doing a great job to ensure that it was being done right. That was extremely successful, and the new facility is up and running flawlessly pretty much.

About RSVP Communications

The company delivers a number of services, helping clients market, sell and deliver their products to their customers. These services require a broad set of competencies – from web developers creating custom CRM applications and friendly customer service representatives managing customer questions and orders, to a robust warehouse operation ensuring that the right products are shipped on time and where they need to go.

That’s quite a complicated operation. But all the complexity is skillfully managed with strong infrastructure, experienced people, proven systems and reliable technology.

Client Profile

Name: RSVP Communications, Inc.

Size: 80+

Industry: Product Fulfillment, Call Center Services, Marketing

Location: Greensboro, NC

BITS Services: end-user support (managed IT), server support, IT consultative services, expansion support

By | 2019-09-26T05:40:26+00:00 September 25th, 2019|System Administration, BITS News, IT Services|

Small Medical Offices: How to Stay on the Right Side of Data Security

In the last decade, the healthcare industry has undergone a dramatic evolution in the way that medical records are managed. If you work in the medical field, whether as a doctor, nurse, technician or administrator, you could not escape the implication of the “big switch” to EMR (electronic medical records).

The change from paper to electronic record-keeping was a needed step forward. EMR saves time, money and all those trees, in addition to improving actual patient care. But, while considerable efforts were expended to convince everyone – from the largest healthcare systems to individual medical practices – to adopt this more tech-forward approach, not as much attention was paid to the vulnerabilities of a healthcare system so reliant on tech.

Let’s be clear, EMRs did not cause the astronomic spike in cybercrimes of recent years. But, in the rush to adopt a better system, it’s possible that not enough was done to protect that system from people who’d want to exploit it.

As a result, it’s not uncommon to find headlines like these:

The Verge’s Nicole Wetsman provides a succinct summation:

“Despite the rising threat, the vast majority of hospitals and physicians are unprepared to handle cybersecurity threats, even though they pose a major public health problem.”

But, Is Cybersecurity a Problem for the Little Guys?

The short answer… yes. One of the biggest hurdles to creating a safe and secure IT network for your small medical or dental practice is thinking that you’re too small a fish for anyone to bother with.

“Most small businesses, including medical practices, think they’re too small to be a target to hackers. Unfortunately, medical data is a prize most hackers want to get their hands on and they will specifically target small medical practices expecting to find little to no cybersecurity in place.” – myitsupport.com, 4/13/2017

Don’t let the size of your business fool you into thinking that you’re immune to being targeted by cyber criminals. The cybercrime epidemic is not slowing down. But, if you’re one of those small medical practices, there is good news: it just might be easier to protect a small office from hacking than a complex, sprawling healthcare system.

Cybersecurity & HIPAA Compliance

While it isn’t a silver bullet, the U.S. government does provide guidelines and standards for setting up secure networks to store and maintain private health data. These instructions are included with a host of other requirements  governing the management of personal medical information. However, they are not easy to parse, especially for medical practices lacking experienced IT staff.

That said, the requirements for small medical practices with just one or two locations are considerably less than for large healthcare systems with numerous locations and thousands of patients. Even so, compliance is not always a snap, and the penalties for coming up short can be severe (up to $50,000 per HIPAA violation).

How to Protect Your Medical Practice From Cybercriminals & Stay HIPAA Compliant

So, what do you need most to keep your electronic records and IT network secure? It helps to have a trusted partner who can combine expert knowledge in IT and data security with specialized knowledge of HIPAA.

Step 1: The Audit

Before you can fix a vulnerability, you have to be aware that a vulnerability exists in the first place. To that end, it helps to conduct a thorough audit of your existing network setup and see what’s what. The results should then be compared to the requirements spelled out by HIPAA.

While the audit could be conducted by your internal IT staff (if you have it), it’s best to let an outside consultant perform the assessment. That approach typically leads to better, more accurate results.

The audit results should then by reviewed for compliance with HIPAA regulations. At BITS, we rely on our partner, Total Medical Compliance (TMC), for this type of analysis.

Step 2: Results & Recommendations

After your HIPAA experts complete the analysis and present the results, your IT vendor should outline a list of issues that need to be addressed and deliver a set of solutions for your consideration.

Some of these may require an investment into newer or better equipment, including servers or security devices. More often, recommendations will call for updating to more stringent internal user policies, including unique logins for all employees and stronger password protection protocols.

Step 3: Implement the Recommended Solutions 

If you’ve decided that it’s important enough to know about your digital vulnerabilities, you’ll want to finish the job and address found concerns. You just don’t want to be oversold on something you don’t need.

Be sure to ask for explicit explanations of every recommendation presented to you. At BITS, we discuss and review every suggested solution with our clients, so there is no question why we make the recommendations that we do.

Beacon Knows Medical Data Security

Does your medical office need to reassess data security and HIPAA compliance? BITS can help. Reach out to our team today.

By | 2019-08-28T10:28:26+00:00 August 28th, 2019|System Administration, IT Services|

Employee Monitoring: Balancing Security & Productivity

Is your small business optimized for digital security and productivity?

Pretty much every business takes measures to protect its network and IT infrastructure. With the extraordinary proliferation of malware and ransomware attacks in recent years, it’s just prudent planning to set up strong defenses against potential intruders.

Managed IT services, which focus on more mundane tasks like updating and patching business applications, typically don’t receive the same level of scrutiny. But, they also play a key role in protecting your company’s key digital assets.

Why Monitor Employee Computer Habits?

<a href="http://www.freepik.com">Designed by vectorpouch / Freepik</a>The focus with managed IT services shifts from outside threats to internal ones. With firewalls and security protocols in place to counteract bad actors, in-house monitoring efforts ensure that internal digital vulnerabilities are identified and neutralized.

In addition, monitoring of your employees’ computers offers managers and business owners something else – the ability to track productivity. This can come in the form of tracking the websites employees visit, time spent in business application, idle time and a host of other activities.

Considering American cultural ideals of privacy and trust, however, this type of monitoring can rub some employees the wrong way. So, how do you navigate the competing priorities of security and privacy as a business and keep your employees happy at the same time?

Two Approaches to Employee Monitoring

There are two schools of thought pertaining to monitoring employee computers – and they are on the opposite ends of the spectrum. We’ve dubbed these as the “Don’t Do Stupid” and the Centralized Control options.

The “Don’t Do Stupid” Model

<a href="http://www.freepik.com">Designed by pikisuperstar / Freepik</a>

This is the less hands-on approach to employee monitoring. It works well in office cultures with a high degree of trust and business environments where a potential breach of trust would not result in a catastrophic failure. This is the more permissive set up, and probably the one most preferred by employees, managers and IT professionals alike.

With this approach, productivity is encouraged by a simple “black list” of websites that employees cannot access. Black listing is guided more by legal requirements, industry norms or security considerations, rather than the drive to limit employee browsing options.

Security is upheld with a minimum number of rules and tracked employee activities with potential for exposure to cyber threats or other digital vulnerabilities.

The Centralized Control Model

<a href="http://www.freepik.com">Designed by iconicbestiary / Freepik</a>

This model has much in common with the much more controlled way that internet activity is regulated by non-democratic governments, like China. The approach replaces the “black list” with a “white list” – rather than listing the destinations employees can’t access, the organization creates a limited list of approved websites.

Activity tracking is also much more robust, aiming to collect as much data on individual employee usage patterns as possible in order to promote a culture of efficiency.

This type of employee monitoring set-ups are more commonly deployed by larger organizations, like health systems, banks and multi-national corporations.

Your Model

Which model works best for your business? As with most things, your business needs will dictate the appropriate approach to employee computer monitoring. And, odds are, it’s going to fall somewhere in between the two extremes described above.

Once you settle on the level of monitoring that works for your business goals and office culture, it helps to have a knowledgeable IT team implement the monitoring set up.

Beacon Knows Managed IT Services

Looking for an experienced IT team that can help you manage your business network? Look no further, BITS is here to help. Give our team a call today to discuss your IT management needs.

By | 2019-07-25T12:09:12+00:00 July 25th, 2019|System Administration, IT Services|

Client Spotlight: Graham Personnel Services

How do BITS customers really feel about the job we do for them? We’re sure that almost every business asks itself a variation of the same question. After all, being successful is all about maintaining relationships.

Here, at BITS, we really wanted to know the answer. So, we decided to take the radical step of, you know, actually talking to our clients about how our services impact them.

Inaugural Client Spotlight

This month, we had the pleasure of speaking with Dace Hennessee, General Manager of Graham Personnel Services. Dace was extremely welcoming and forthcoming about his company’s reliance on the IT expertise provided by BITS.

So, what stands out about BITS services to Dace?

“Beacon is a local company. Graham Personnel is a local company. I think that’s a good match. We like to support locally owned Triad companies.”

That answer is more than just a preference for doing business with a neighbor, however. It’s about quality and reliability. And, knowing that if the owner’s computer is experiencing an issue, it will be fixed as fast as humanly possible. (In this case, we did our thing and it was back to normal within the hour.)

In managed IT services, the speed with which a glitch is resolved can mean a difference of thousands of dollars. After all, if his computers are down, Dace isn’t placing too many people on work assignments.

And that can be a major concern if, let’s say, you’re moving your entire operation to a new location.

“The Move” 

One of the biggest projects BITS managed for Graham Personnel Services was transitioning the company’s IT infrastructure to new offices on Gallimore Diary Road. In addition to it’s 30+ employees, GPS also houses multiple classrooms with dozens of computer stations where applicants are screened for various skills.

“Two years ago, we switched everything from one location to another location. I think we were down for 30 minutes,” says Dace. “We were up and functional by 8:30 [a.m.]”

The BITS team handled all the planning, logistics and execution for the job, seamlessly transitioning employee work stations, classroom computers, company servers and presentation equipment to their new homes.

“A lot of that was planning. It was getting involved early,” observes Kevin Lackey, BITS Account Executive who was involved in the project. “Having that vision on the front side, knowing what the expectation was, and being involved so early really helped us. Because we knew: this is what he’s asking.”

What Else Does BITS do for GPS?

In addition to helping with the occasional monumental move, BITS provides all end-user support for GPS’ employee work stations. In plain language, we are Graham Personnel’s external IT team. Everything from managing software updates to helping recover lost passwords is managed by the BITS help desk.

We also help Dace keep an eye on equipment performance, recommending updates when necessary and managing the procurement process.

Last, but definitely not least, BITS also manages firewall and backup functions for the GPS website, keeping digital assets secure and functioning at 100%.

About Graham Personnel Services

Graham Personnel Services has a 50-year history of successfully placing job seekers in the Triad area with businesses, large or small, in the distribution, manufacturing, professional and healthcare sectors. Over the years, the company has developed expertise and earned recognition in helping Fortune 500 companies and small businesses in Greensboro and the surrounding communities fulfill their staffing needs.

During any given week, there are anywhere between 700 and 1,200 associates placed on assignments with Graham Personnel clients. The firm takes pride in its commitment to customer satisfaction and strives to be the local leader in recruiting.

Client Profile

Name: Graham Personnel Services

Size: 30+ employees

Industry: Staffing

Location: Greensboro, NC

BITS Services: end-user support (managed IT), firewall, backup

By | 2019-06-26T07:46:42+00:00 June 25th, 2019|System Administration, Computer Related, IT Services|

5 Assumptions of a Great Email Backup Solution

Two email icons floating against clouds over an open handYour company’s email accounts represent some of the most vital assets of your business. They contain important client correspondence, extensive team processes and projects, working copies of various reports and deliverables, and a host of additional valuable bits of information.

A loss of a record, or the inability to find or retrieve archived information, can cause tremendous harm to a business relationship with a client, vendor, regulator or even your own employees. That’s why responsible business administrators take steps to protect their business email accounts through comprehensive email backup solutions.

Finding the Right Email Backup Solution

Let’s be honest, as a business owner, you’re more at home selling a client on the value of your services, finding that next great team leader or setting the long-term direction for your growing business units. Understanding the nitty-gritty of email setup does not, and should not, rank high on your priority list.

That said, protecting your business emails is a real need – all the more pressing if your company is growing. So, how do you know what to look for in an email backup service?

To help business owners navigate the search for the right email backup solution, we’ve put together the below list of requirements.

Email Backup Solution Assumptions

Cloud symbol with a white down arrow1) On-demand email retrieval

Mistakes happen. Important emails containing sensitive or proprietary information get lost or erroneously deleted all the time. It’s been happening since the beginning of time… or, you know, the business computing era, at least.

No matter how well-intentioned your employees are, and no matter how many stringent protocols you put in place, it’s going to happen. Sure, prevention efforts are important. But, for when the worst does happen, a robust email backup solution makes sure it’s reversible.

2) Protect data in email accounts of former employees

What happens to the email accounts of your employees who leave? You’d be surprised how many small businesses don’t have a plan for retiring the email accounts of former team members.

Yes, in majority of cases, your former employees are trustworthy individuals who would never dream of taking advantage of continued access to their old work account. But, it’s better to be safe than sorry.

A good email backup service will feature a plan to save and convert employee email accounts into archives, preventing any unauthorized access after employee separation.

3) Compliance with industry data storage requirements

Your industry, or the industries in which your clients operate, may have requirements governing various aspects of data storage. Some businesses in the health care space, for example, are required to keep backup data physically on-premises.

The right email backup service will help you both, understand the data security requirements applicable to your business, and structure your email solution to be in full compliance.

Female hands on the keyboard of a laptop, and a list of files on the screen4) Easy search of archived and backed-up files

Have you ever had a client ask historical data from a project completed years ago? Or, maybe tried to recall that perfect response to a complicated technical question? The team members involved in those initiatives may be long gone. But, with the email backup solution in place, you still have access to their correspondence and files.

A search of your business email archive can bring back the needed historical information quickly and efficiently. Having an easy-to-navigate archive of your old business information is a valuable resource.

5) Portability

As small businesses grow, many of their operations mature to become more detailed and complex. This can even impact the email provider you choose to contract with.

If you think you may upgrade or change your email service provider in the future, you’ll want to make sure that the email backup solution you select is compatible with a number of leading email providers.

Beacon Knows Email Backup

Considering an investment in a robust email backup solution? Beacon can help. As a Datto partner, we install and maintain some of the most trusted, industry-leading IT solutions around, including Backupify for email. Get in touch with our team today to learn more.

By | 2019-05-23T09:53:08+00:00 May 22nd, 2019|System Administration, IT Services|

Is Your Business Ready for Hurricane Season?

Don’t look now, but hurricane season is once again bearing down upon us. Last year was predicted to be a below-average season. Instead, the Atlantic Ocean spit out 15 named storms, including eight hurricanes.

The damage sustained from 2018 tropical storms – which included, not one, but two major hurricanes (Florence and Michael) – reached nearly $50 billion. Power outages, dangerous winds, heavy rains, flooding and other hazards wreaked havoc on homes and businesses in many parts of the US.

There’s no telling what this season will bring. But, while you can’t predict when, or if, a major storm will strike, smart businesses plan for these types of disasters to ensure that they can survive and bounce back as quickly as possible.

One of the key requirements of a good business continuity plan is protecting your business data and network. To give your business the best chance of surviving a natural disaster, you need to consider your data backup, data recovery and infrastructure access needs.

Let’s talk about all three in a bit more detail.

Data Backup and Storage

Redundancy is a major theme in data protection. Putting in place a system that routinely saves your enterprise-wide data protects your business in case an unexpected event destroys your existing, on-site IT infrastructure. It also makes retrieving mistakenly-deleted files very easy.

In choosing a data backup solution, you’ll need to think about the following:

Data protection goals

How often does your data need to be backed up, and to what degree? There are several types of backup setups, including full backup, incremental backup and differential backup, and each has benefits and drawbacks.

Scalability

Optimally, you’ll need a data backup solution that can grow with your business.

Storage

Cloud storage solutions allow your data to stay protected in case something happens to your physical IT infrastructure – a key benefit if your businesses is flooded by a hurricane storm surge. Of course, legal or other constraints require other businesses to have their data backups on site. Many businesses rely on a hybrid on-site/cloud storage solution, giving them the best of both worlds.

Disaster Recovery

A good disaster recovery plan and solutions will help your business minimize or prevent downtime in case the worst does happen. A key step in setting up your backup recovery system is determining the appropriate recovery time objective (RTO) and recovery point objective (RPO).

Simply put, RTO defines how quickly your business network and applications need to be back online after a sudden disruption. Some types of businesses – hospitals, for example – have an RTO of 0. They cannot afford to be down for even one second. Most other types of business have less stringent RTO constraints.

RPO is the threshold for how old your recovered data can be. How great is the disruption to your business if you lose the last hour of your operational data? Two hours? A day?

Effectively, RPO defines how often your data should be backed up, and sets the data loss tolerance.

IT Infrastructure Access 

If your business does succumb to a natural disaster, like a hurricane, a good business continuity plan will allow you to get your network back up before you even rummage through the rubble.

How easily can your team access the needed backup data? Does it need to do so remotely, from any device? These are key considerations in choosing the right solution for your business.

A well-designed disaster recovery solution will have your servers virtualized in the cloud and ready for you and your team to resume operations in no time.

Beacon Knows Affordable Small Business Solutions

It doesn’t have to cost an arm and a leg to make sure that your business network is protected in case a natural disaster strikes. At Beacon, we partner with Datto, a leading provider of IT services, to implement robust and affordable disaster recovery solutions on behalf of our customers.

Get in touch with our team to learn more about ALTO, Datto’s platform designed to provide total data protection and enterprise-level functionality specifically to small businesses.

By | 2019-04-30T05:45:37+00:00 April 24th, 2019|IT Services|

Running Your Business on the Cloud? SD-WAN May Help

“Necessity is the mother of invention” – English proverb

Ever notice how one small change can cause a cascading series of bigger changes? It’s the classic butterfly effect in a nutshell – a butterfly flaps its wings in China, and 12 hours later a tornado hits, let’s say, Kansas. One small thing leads to a seemingly unrelated, bigger thing.

The relatively recent rise of the cloud and Software-as-a-Service (SaaS) provides an excellent example of the theory in work. Of course, these trends are more significant than a single flap of butterfly wings. And the aftermath is surely less destructive. Nonetheless, the changes that adoption of the cloud has ushered in have been immense, and not always predictable.

One of the biggest and more obvious tech-related changes is the growing demand for digital bandwidth. After all, it makes sense that you’d need more of it to routinely access applications online, rather than from a copy saved on your desktop.

That extra bandwidth has a cost. Moreover, if you’re now relying on the cloud to run your critical business operations, maintaining access to the cloud is suddenly much more of an imperative.

The more unpredictable response to cloud adoption is how organizations have adjusted to account for these new challenges. Today, going offline – for any reason – is no longer a palatable option for many business. So, smart operations have found a way to control their access to the Internet more intelligently, strategically, securely and with more granularity.

Necessity, meet SD-WAN.

What Is SD-WAN?

SD-WAN stands for software-defined wide area network. That’s a lot of words and not necessarily revealing concepts.

Simply put, SD-WAN is a service that lets you parcel out your digital connection bandwidth to each specific resource, based on strategic rules you control.

What Does SD-WAN Do?

One of the key benefits of SD-WAN is that it allows you to package your expensive, dedicated MPLS network with cheaper, public internet services.

Some business applications require the added security of traditional, dedicated WAN connections. But, not all. Also, many cloud-based applications are protected by their own, robust security or encryption measures, requiring less intense security investment from users.

This means that your business traffic can be segmented into separate streams of varying technical requirements – some routed via a MPLS network, and some through a public internet service provider (ISP) of your choice. And that’s exactly what SD-WAN does, optimizing your costs in the process.

You could possibly even ditch your expensive, enterprise-level connection and go with two different, lower-cost ISPs.

Why Get SD-WAN

Redundancy – SD-WAN allows for the use of a second Internet provider service, ensuring that your business network stays online in case one service is interrupted.

Cost-efficiency – Mixing your enterprise-level connection with broadband or other cheaper internet delivery options through SD-WAN allows you to optimize your costs.

Maximum performance – With SD-WAN, your multiple connections can all be used at the same time, maximizing the available bandwidth. In effect, your multiple connections add up to a bigger pipe for your traffic to flow through.

Security – SD-WAN ensures that specific, customizable security protocols are followed for every cloud-based application, always.

How Does SD-WAN Work?

SD-WAN devices and software monitor all available traffic paths, keeping track of latency, one-way packet loss and available bandwidth for each. Traffic is routed through the best possible path, taking into account security requirements of each individual data request. The software reacts to changes in performance, adjusting connections as necessary at sub-second time intervals.

Beacon Knows SD-WAN

If you’d like to learn more about how SD-WAN can help your business, give BITS a call. Our experts are here to help you understand your options. Request a free network audit today.

By | 2019-03-19T11:55:02+00:00 March 19th, 2019|IT Services|

Top Security Breaches of 2018

Some of the biggest companies in the world were hit by some of the biggest cyber security breaches in 2018. Of the 24 largest breaches of all time on the USA Today list, three of the top 10 occurred last year – Marriott, Under Armour and Quora.

But it’s not just the digital novices who are vulnerable. Cyber breaches were also a problem for tech-giants, like Google, Facebook and Twitter last year. If Google isn’t safe, what chance do small and medium-size business have of keeping their digital infrastructure secure?

A snapshot of the digital security landscape, afforded by a peek at some of the biggest breaches of last year, can at least give us an idea of what private business owners could be up against. That broad look should also provide the ammunition to assess what solutions need to be applied.

The Breaches

  1. Marriott: 500 million customers
    • What was stolen: names, addresses, email addresses, phone numbers, dates of birth, passport numbers, credit card and additional personal information
    • What happened: Reports of the breach alleged the company was hacked by foreign intelligence operatives. The vulnerability came via Marriott’s Starwood booking system, which the company purchased in 2016. Investigation revealed that the Starwood system was compromised since 2014.
  2. Under Armour (MyFitnessPal): 150 million customers
    • What was stolen: names, email addresses, encrypted passwords
    • What happened: The company discovered unauthorized third-party access to some of its customer data, but reported that its security measures kept the intruders from more sensitive information, such as GPS location, eating habits, credit card and Social Security numbers.                                                                     
  3. Google Plus: 52.5 million customers
    • What was stolen: names, email addresses, dates of birth, personal Google + session information
    • What happened: A security audit discovered that outside app developers could have had access to personal information of Google Plus users b/w 2015 and 2018. The company announced a breach affecting 500 thousand users in October (the breach occurred several months earlier). In December, Google revealed a second, bigger breach of 52.5 million users. Google is ending the Google Plus platform, and the breaches have helped to expedite its demise.
  4. Panera Bread: 37 million customers
    • What was stolen: names, addresses, email addresses, dates of birth and last four digits of customer credit cards
    • What happened: Panera was tipped to a database leak in August of 2017, but ignored warnings of security experts. The company failed to take action for eight months.

What Does This Tell Us?

It’s not every day that you’ll find yourself the target of government-sponsored hackers. Or is it? Reports have circulated for years about foreign hacking of corporate, government and infrastructure targets in the US.

Putting aside the fact that Marriott was potentially the target of international espionage, the company acknowledged a sub-optimal investment in cyber security. While internal security protocols did signal an unauthorized access to the system, they were not sufficient enough to detect the vulnerability during the acquisition of the system two years earlier. Marriott has since hired a new chief information security officer and began reporting on cyber risks to the company board.

Marriott, like Under Armour, was at least partially positioned to withstand cyber attacks. Both companies responded by studying their vulnerabilities and applying fixes in short order. Notably, they went to outside experts who could provide an honest, objective assessment of threats and recommend the right fix.

Google decided to keep the initial breach in-house – because they’re Google – and was burned by another, much bigger breach less than 10 months later.

Panera, on the other hand, mishandled everything – from the initial vulnerability, to the flagging of the issue by an outside security researcher. Eight months passed between when Panera was notified to when a fix was applied. And in the process, the company ignored a credible tip and efforts of an informed individual trying to help.

Hubris and presumptive arrogance on one end… insufficient deployment of security resources on the other. Despite the size of these companies, when it comes to cyber security, the execs of international corporations face the same type of problems and decision-making concerns as small business owners.

So, What Can Business Owners Do?

Well, the first thing to do is to acknowledge that cyber security is not your area of expertise. Guard against that hubris and arrogance by staying humble in your attempts to address this need. It’s ok to acknowledge that you’ll need the help of a trusted cyber security expert.

That said, the scale of the threats you’ll face is probably different than that of Marriott and Google. It’s unlikely you’ll face government-sponsored espionage. Small and medium-sized business are more likely to fall victim to ransomware attacks. As such, you’ll need backup and firewall services tailored to exploits favored by ransomware attackers.

At Beacon, we lean on the SonicWall Capture Advanced Threat Protection service to keep our clients free from ransonware and subsequent critical failures. The SonicWall platform is designed to discover and defeat zero-day (brand new) threats, and is set up to provide automated remediation – meaning you don’t have to lift a finger.

Beacon Knows IT Security

If you’re ready to take your IT security to the level it needs to be, give BITS a call. We’ll be happy to talk through the needs of your business.

By | 2019-03-19T11:57:50+00:00 February 26th, 2019|IT Services|

Employee Security Training: Your IT New Year Resolution

Happy New Year! What are you looking to do better in 2019?

The turn of the calendar tends to bring with it thoughts of personal growth and improvement.  But, for many business owners – their identity being tied directly to their enterprises – New Year’s resolutions often translate to things they can do better for their companies.

So, let’s restate the above question: What are you looking to do better for your business in 2019?

If you’re open to it, allow us to offer a suggestion: if you haven’t made cyber security a part of your company culture, make cyber security training for your employees a priority this year. Why? Because you’ll be shoring up the weakest part of your network defenses.

The Case for Initiating Security Training for Your Employees

It’s not a secret that employees are the weakest link in any organization’s security efforts. That doesn’t mean that your staff is going out of their way to jeopardize your network. They’re just either unaware of which actions leave the company vulnerable, unsure of what to do if they do encounter a potentially threatening situation, or simply don’t assign a great deal of importance to security concerns (this is sometimes called the “it’s the IT guy’s problem” syndrome).

In most cases, though, you really can’t blame the rank-and-file. Think about this:

  • 65% of companies have over 500 employees who are never prompted to change their passwords
  • 52% of business leaders don’t know what to do if cyber security is breached
  • 45% of employees don’t receive cyber security training at all
  • Microsoft Office applications (Word, Excel, etc) account for 38% of malicious file extensions
  • 91% of cyber attacks begin with a phishing email

What are these statistics telling us? First, that workers are routinely targeted – and via the communication methods (email) and business applications they rely on the most (Microsoft Office). Secondly, if/when things go wrong, management typically doesn’t empower employees to help in warding off the threats, and often has no plan of action.

Let’s take a look at a few more statistics:

  • cyber crime is expected to cause $6 trillion in damages by 2021
  • 61% of breach victims in 2017 were companies with less than 1,000 employees
  • average cost of malware attack is $2.4 million

If you’re a small business, a multi-million dollar mistake is hard to recover from. Encouraging your team to become more discerning digital users and an active part of your data security efforts is, simply put, the smart move. The best way to do that is with an active cyber security training program.

What Does Security Training Entail?

Education can cure a lot of ills. This is absolutely the case with cyber security concerns. But before you can teach, you much know where your subjects stand.

As such, the first part of training focuses on identifying what your trainees know and don’t know. At Beacon, we initiate our cyber security training program with real-world examples of cyber exploits. This is accomplished with a computerized test, where employees are asked to complete a few simple tasks, such as opening an email with an attachment.

The test serves two purposes. First, it exposes people to real life attack methods that they are likely to encounter. Secondly, it identifies the types of exploits to which your team is most vulnerable.

Once you know which types of tricks are most likely to work on your team members, you can arm them with the skills to shore up their vulnerabilities. That’s the second part of the training – teaching how to recognize when something is amiss and how to counter a suspected attack.

The training portion should be tailored to each employee, based on the results of their assessments. Focus on what they don’t know. You don’t want to waste anybody’s time going over concepts they already know well. Your team is more likely to retain information they find valuable and/or interesting – so, teaching them stuff they know is counterproductive. Each employee’s training should cover the exploits they did not handle well during the assessment.

At the end of training, be sure to remind your team of how valuable their contributions to network security are.

Beacon Knows Security Training

Want some professional help with your employee security training? BITS is here to help. We’re more than happy to get your team up to speed on the latest cyber threats.

By | 2019-03-19T11:58:00+00:00 January 28th, 2019|Computer Related, BITS News, IT Services|

Managed IT Services: The Gift That Keeps On Giving

This time of year many of us are on the hunt for presents. Toys and games for kids, sparkly jewelry for the ladies in our lives, gadgets and sports gear for the guys, pictures of the grand-kids for the grandparents… a little something for everyone. It feels good to bring joy to your loved ones.

While your small business isn’t a person, it can certainly feel like an animated presence in your life. After all, you worry about its growths and ability to sustain itself, just like you do with your kids. So, maybe this year your business deserves a present, too.

One of the most caring and forward-looking things you can do to help your business is to retain an expert team of IT professionals to secure your network, your servers and the work stations your employees use. Considering the sheer volume of known cyber threats out there, no enterprise can afford to short shrift its network security. And while an in-house IT person is certainly capable of managing some of your IT needs, the truth is, it takes a full team to provide the kind of protection a successful business requires.

Benefits of IT Support Services

Time is an important and valuable resource. For small businesses with tight margins, it is imperative that employees allocate their time to required tasks efficiently. A wasted couple of hours here and there could have a dramatic effect on the bottom line.

Smart business owners build contingency plans into their project timelines to minimize disruption. However, even contingency plans can’t account for a cascade of network or computer-related issues.

Most of us know from experience that figuring out network problems or dealing with software updates gone wrong can suck up tons of time. Even if your IT staff is there to help, their attention is taken away from other scheduled IT projects.

Having a team of professionals at the ready to solve whatever problems come up takes the burden off the shoulders of your employees and the in-house IT staff. It should also give you peace of mind to know that your issue is being taken care of by a capable and dedicated group of people, trained specifically to resolve the problem you are experiencing.

It pays to contract an IT services company that is in relatively close proximity to your business. The best managed IT service providers have the capability to respond quickly to emergencies, providing in-person, on-site assistance when needed.

Prevention = Cost Savings

“An ounce of prevention is worth a pound of cure” – Benjamin Franklin

While the original quote by Benjamin Franklin was about fire safety, the axiom applies equally well to network security. Managed IT services can help your business avoid a number of problems that could lead to downtime and loss of revenue without tying up your in-house resources.

More than a few businesses succumb to ransomware attacks or other nefarious intrusions to their network every year. You can’t predict when such attacks may happen, and there’s nothing you can do to avoid being targeted. What you can do is be as prepared as possible.

The best way to do that is to have an experienced and reliable team set up your defenses. A robust firewall and data backup solutions protect your business network from cyber criminals. But, if the absolute worst happens and your defenses are compromised, a good managed IT service provider will help you activate your emergency response plan, isolate the threat, transfer your data to a secure server or cloud, and keep your downtime to a minimum.

Preventative maintenance of your company computers, including software patches to guard against the latest security exploits, also contributes greatly to business continuity. So, it makes sense to place this responsibility in the hands of trained professionals, too. After all, you hired your employees to be experts in their subject matter. The less time your team spends on routine maintenance concerns, the more time they can devote to doing the job they were hired for.

Beacon Knows IT

So, while we’re still in the midst of shopping season, don’t forget to get your business something nice. Give BITS a call. We’ll be happy to put together a custom solution for your business and make 2019 your best year yet!

By | 2018-12-20T06:35:29+00:00 December 20th, 2018|IT Services|
Load More Posts