Investing in managed IT to secure your data does not have to be complex, especially if you partner with a managed service provider (MSP).
Read More
SMBs are big targets for cybercriminals. It’s essential to implement security before a breach occurs to minimize risk.
Just as everyone was getting ready to celebrate Independence Day, a major cyberattack occurred. What made this ransomware attack different from others was that the cybercriminals went after MSPs, via Kaseya VSA – Kaseya’s RMM (remote monitoring and management) tool. By doing so, the perpetrators gained access to many of Kaseya’s MSP clients as well. More than 17 countries have now been impacted.
thinkCSC does not use Kaseya VSA. However, this should serve as yet another wake-up call to every business of every size that the risk is real: No one is immune to cybercrime. Another business is compromised every 11 minutes. And most of the time, the attacks are preventable. So instead of panicking, it’s time to take action.
Risk Assessment
If you don’t know where you’re vulnerable, you need to assess your risk. Our team can evaluate your existing security protocols and make suggestions for what needs to change to keep you safe. This is the place to begin, even if you already have an MSP partner, to make sure your data and your customers are protected.
Comprehensive Security
Experts have been predicting for years that cyber warfare is going to be the next global pandemic. We’re already seeing signs of large-scale threats disrupting everything from energy and food to medical care. There is no time to waste, no excuses not to act. If you don’t have comprehensive security in place, you are at risk.
What if…?
Consider what would happen if a data breach occurred at a local bank, an online shopping site, or a social media company. What if the cybercriminals were able to access thousands of usernames and passwords? What if one of these compromised passwords belonged to an employee in your organization? How would that impact your company?
You’re Only as Safe as Your Employees
Can you be sure that an employee has not reused a compromised password somewhere within your network? Do you have a password manager and multi-factor authentication in place? Do your employees know the risks and how to minimize them? If a threat becomes evident, do they act swiftly to minimize that threat by changing passwords and enabling 2FA on all of their accounts?
Employee Awareness Training Turns Your Team into a Strong Layer of Security
How capable are your employees of recognizing phishing emails? Do they know the steps to take if their data has been involved in a breach? Are they reusing the same passwords from their personal accounts on your business network?
In almost all of the major ransomware attacks that occur, there is a missing security element: a piece of software has gone unpatched; a former employee’s access to the network has not been rescinded; an employee is tricked into wiring money to a hacker because of a convincing email. Employee awareness training can help eliminate that risk.
In the time it took you to read this article, another business will experience a ransomware attack. Will yours be next?
We all have an opportunity to use these latest threats as a reminder to shore up our security, both personally and within our organizations. There is no more time to lose. The next ransomware attack is already underway. If you’re not sure where to begin, get in touch with our team to talk about risk assessments, employee awareness training, and comprehensive cybersecurity solutions.
Security, scalability, and accessibility are three primary benefits of offsite replication through thinkCSC’s public cloud backups.
As business and events are disruoted by COVID-19, thinkCSC has solutions to help you maintain business continuity during this challenge.
IT security spending is on the rise. For many years, organizations have argued that security budgets are already stretched to the max and that there is no more room for increased security. With costly security breaches impacting governments, social media platforms, the IRS, and more small and mid-size businesses than we can count, the investment in security suddenly seems like the least expensive option.
IT Security vs. Security Breach
Whether you increase your spending on IT security or simply find a better way to spend your budget, one thing is certain: what you spend on IT security is a predictable, planned cost that doesn’t send your shareholders into a panic, doesn’t make your customers question their loyalty, and doesn’t put you out of business. A security breach, on the other hand, can result in fines, lawsuits, costly recovery, and a loss of customers.
If your organization has decided to increase IT security, how do you make sure you’re getting the most out of your investment? We recommend focusing on these areas:
Email Security
Email is still one of the most popular ways for hackers to penetrate your security, because all it takes is one email on one employee’s system compelling them to open an attachment or click on a link to create a breach that will affect your entire IT infrastructure. People will always be the weakest link in security. Sender policy framework protocols, hosted email exchange services, and ongoing employee training are all essential. Download our email security guide to help your employees think before they click.
Endpoint Security
Every device that touches your network needs to be secure, whether it’s an employee-owned cell phone, vendor equipment, or a field tech’s laptop. It is crucial to identify every remote device that might potentially connect to your network; have a way to both detect that connection, protect that connection, and eliminate the connection if needed. Endpoint security is the solution.
Threat Detection
Enterprise threat detection uses predictive analytics on a powerful and global scale to recognize and block threats before they happen. Rather than relying on end users to determine the safety of a file or a site, it uses intelligence to stop threats by preventing malware-infected devices from connecting and by blocking phishing sites.
Backup and Data Recovery
Unless you want to be permanently locked out of your data or forced to pay a ransom to restore access, having an offsite backup and recovery service is essential. The email security, endpoint security, and threat detection efforts you implement will prevent many of the ransomware attempts from getting through, but all it takes is one employee clicking on one link in one email that sneaks through to create havoc.
IT Security Investing Keeps Your Organization Safe
Effective network security that keeps your IT environment efficient and stable is about applying layers. The initial layer is a solid backup and recovery solution, protected by an antivirus solution, and then guarded by a firewall. Enterprise threat detection, email security, and endpoint security are the shields that head off attacks on your business before they happen. It’s more than peace of mind: It’s good business sense.
At thinkCSC, we believe that in order to achieve maximum success, regardless of the size or type of organization, you must make IT an integral part of your overall business strategy and partner with IT professionals who not only understand how to leverage technology to your advantage but who are also committed to understanding your business goals and aligning your IT strategy to them. We pride ourselves on having the best business-savvy technical experts in the industry. If you would like to learn how to create an IT security strategy aligned with your organizational goals, contact thinkCSC for more information.
There are many disasters that can cause power outages, from traffic accidents that disrupt local power, to major storms that wipe out power in whole regions. Regardless of the cause of a power outage, the downtime alone can be very costly to your business. And if you aren’t prepared for power outages, the loss of data can be as equally debilitating.
Nationwide, power outages have been occurring at accelerated rates over the last 15 years. In part due to aging infrastructure, and in part because of increased demands on power grids, the number of power outages is six times higher today than it was 15 years ago.
Power Outage Map, 2000-2015
Power outages happen suddenly and without notice. To protect your business from the costs and disruptions associated with a power outage, you should have on-site power backup solutions. At the physical location of your organization, you may want to have generators or other backup power supplies to which you can immediately switch if the power goes out. This will ensure that you can continue operating and delivering services to your customers; however, the long-term cost of supplying your own power can be very high.
Your organization should also have off-site backup and data recovery solutions in place, to protect data. This will ensure that even if the power is out for an extended period of time, or you are forced to move to a different location, you will still have access to the essential business data you need to continue operating.
Preparing for Power Outages
- Identify critical utilities, including electric, gas, water, and internal sewer systems that might be impacted
- Identify systems impacted by power outages, including security, alarms, elevators, heating, and ventilation systems
- Identify operational equipment that may be impacted, including voice and data communication systems, servers and their cooling systems, and computer networks
Safety must be the primary concern in any emergency. Once you’ve ensured the safety of all personnel, consider the power outage impact to the following areas:
Communication: Alternate communication channels should be available to ensure your ability to reach key personnel in case of emergency.
Supply Chain: Arrange for alternative vendors who can meet supply needs when primary suppliers cannot.
Personnel: Determine those personnel who are essential to the operation during times of extreme emergency and who will be active during your recovery operation.
Data and servers: In addition to having on-site power backup solutions, every organization should move mission-critical IT infrastructure into the cloud to ensure accessibility and to aid in recovery.
Power outages can have an enormous impact on your organization’s ability to remain functional. Internal and external backup solutions are critical to business continuity. thinkCSC provides customized power solutions, reliable off-site backup, and even fully hosted solutions to meet every organization’s needs. Contact us today for more information.
There are a lot of factors that go into making a successful business, but the number-one factor is having the ability to remain open and operational despite any disruptions. Keeping your business operational so that you can serve your customers – providing that business continuity – would be simple if not for the what-ifs. And it’s because of the what-ifs that the Boy Scout’s motto, Be Prepared, will serve you well.
- What if there is an earthquake, tornado, hurricane, or other natural disaster that either destroys your building or makes it impossible for you to work from that location?
- What if a fire consumes your building, or a flood or water leak makes it unusable for a time?
- What if a vandal breaks into your building and destroys your equipment?
- What if, despite your best efforts to prevent such a scenario, an employee opens an unknown email attachment and delivers a virus to your entire network?
Can You Navigate Potential Disruptions?
Your customers can’t afford to care about those catastrophes that may affect your business; if they can’t still be served, they are likely to find somewhere else to go. And being prepared doesn’t just mean readying your business for the big disasters; you may experience the minor inconvenience of a single-day power outage that occurs when a road worker accidentally cuts through a buried utility line. For your organization to succeed despite the “what-ifs,” you need to have a business continuity plan.
- If your building is destroyed or inaccessible, do you have a location from which you can work and handle customer needs?
- If your equipment is damaged or infected with a virus, do you have your information backed up offsite that you can access from anywhere?
- If your network goes down, can your employees continue working by accessing your offsite backup?
- If the phone lines go down, do you have a plan in place to still receive calls from customers?
Disaster Recovery: Rebuilding After a Crisis
Your business continuity plan is designed to keep you operational in the moments during and after an unplanned disruption has occurred. It may include protocols, such as everyone works from home, or key personnel meet at an alternate worksite to keep the business operational during a disruption. But that can only work if a part of your business continuity plan includes disaster recovery.
Disaster recovery is the rebuilding of your network, system, data, and infrastructure after the disruption is over – and it ensures that you have the data you need to remain operational in the short term. Disaster recovery planning should include:
- Automated backups of critical files to an offsite location
- Access to offsite information from any location
- The ability to work from virtual machines on an alternate server
- File- and image-based backups
- System monitoring
- A team of expert engineers at your disposal to help you recover when the worst happens
Be Prepared
Don’t wait for a catastrophic event to remind you of the importance of being able to continue serving your customers. Having a plan for remaining operational, that includes backing up your data and protecting your files, is critical to plan for before disruptions occur. By the time disaster strikes, it will be too late. Ask thinkCSC to help you develop a disaster recovery plan that keeps your business running in the most difficult situations. Contact us to learn how.
It’s inevitable that more and more operations are shifting to the cloud for data storage and network security. It’s efficient, cost-effective, and makes it much easier to employ a mobile workforce. But if you don’t know where your data is being stored or who owns it, your shift to the cloud can be fraught with risks.
Ensuring Cloud Security
The best way to ensure cloud security is to know where your data is and who has access to it. And in choosing a cloud service provider, the following factors should be considered:
- Access to your data. Your cloud service provider should have adequate network availability to ensure you have access to your data in the cloud regardless of when or how often you need it. While not truly a security issue, if you can’t access your data, it’s no different than a denial of service, a cyber-attack, or a data breach.
- Backup and Disaster Recovery (BDR): Your cloud service provider should make backup and disaster recovery processes their highest priority. As a business leader, you need to have confidence in knowing that your business operations will continue even if there is a disaster – either at your location or at the location of your cloud services provider. Protecting your data is a full-time job.
- Complete transparency. The cloud services provider with whom you choose to work should become a partner in your business continuity, working diligently with you to ensure your IT goals are met and taking the time to understand your specific needs, security requirements, and constraints.
- Proactive security. Your cloud service provider should offer aggressive, proactive security by providing enterprise threat detection, which screens potential threats before they become a risk to your business by blocking malicious connections, blocking threats by malicious domains, and detecting and blocking threats from any compromised device.
thinkCSC has not only invested in owning its own cloud but has developed partnerships to enhance security and services that ensure our clients:
- Avoid revenue losses from downtime
- Enjoy the ability to predictably plan business development with an OPEX approach to IT
- Enjoy the peace of mind that comes with knowing their proprietary information remains private, secure, and in the U.S.
- Are compliant with regulatory, industry, and corporate requirements
Every business has data in the cloud. To ensure your cloud security, contact us today.
Most businesses are still in the process of evaluating how IT will fit into their strategic plan this year. As we work with clients to develop strategies that provide cost-effective, efficient solutions, we have recognized a number of tech trends that will impact most commercial, government and educational institutions.
Today’s tech trends are often tomorrow’s best practices, so knowing how to embrace these trends and take advantage of the leverage they provide is essential to the continued success of your business. Investing in these technologies can often free your organization from monotonous obligations, allowing you to focus on growth, knowing that security and productivity are under control.
Here are five tech trends every organization should be implementing:
Voice Communications: VoIP vs. Hosted PBX
There are fundamental differences between VoIP and Hosted PBX phone solutions. Yes, both VoIP and Hosted PBX offer mass customization, cost savings, global distribution, centralized messaging, customized caller-ID and the ability to connect virtual offices – unlike conventional phone systems. However, some phone providers market VoIP as a SIP trunk to a client’s existing digital phone system. This is NOT a VOIP phone system. Although the client is leveraging the internet for voice communications, they are still dependent on the limitations of their digital phone system. Furthermore, an “on-premise” VOIP phone system, that uses traditional phone lines or even SIP, is not a Hosted PBX. A Hosted PBX solution has no need for an “on-premise” VoIP phone system. With a hosted PBX solution, your phone system is 100% in the cloud, which allows for greater flexibility and customization versus an “on-premise” VoIP solution.
Secure and FAST Data Storage
Storage is a critical component of your IT infrastructure, and the newest storage technologies offer benefits that every organization can leverage from: power, density and incredible speed. thinkCSC offers Nimble Storage solutions that not only offer a more cost-effective way to achieve these benefits but also provide an unparalleled level of security, as well as rapid backup and recovery for your data.
BYOD
Bring Your Own Device (BYOD) is a trend no business can ignore, and those who do often run the risk of data and security breaches. BYOD already exists in one form or another for most businesses, so developing protocols to ensure safety, confidentiality and best practices is paramount.
Cloud Computing
Cloud adoption has moved beyond that of a mere trend and into common practice, but a planned approach to cloud computing is necessary. A one-size-fits-all approach doesn’t work, but the benefits of cloud computing can improve security, productivity and efficiency.
Enterprise File Synchronization and Sharing (EFSS)
EFSS is a powerful way to foster collaboration and improve efficiency, but it presents a number of challenges to businesses. While it’s tempting to use content solutions like DropBox for file sharing, the risk to your business in doing so is often too high, since you have no control over changes to the documents and no ability to recover lost documents.
SyncedTool not only makes it possible to collaborate efficiently, with multiple users being able to access the same document at the same time, but also offers comprehensive security solutions, including:
- The ability to remotely wipe an employee’s device if needed, to protect your data
- The ability to control who has access to which documents as well as the ability to restrict levels of access
- The ability to rapidly remove access to files once an employee leaves the company
- Secure, local hosting of your documents and files, making backup and recovery a non-issue
SyncedTool is a more robust system that gives you the power of efficient, cost-effective collaboration without the security and productivity risk of consumer-based document sharing tools like DropBox.
These tech trends are powerful tools worth considering for your organization. If you’re interested in learning more, contact us.
Recent Comments