You’re Never Too Small to Outsource

You’re Never Too Small to Outsource

​Small business owners are proud of getting everything done with few people. Every team member wears many hats. They are part of a family, devoted to the firm’s success. But that doesn’t make them qualified to handle IT. Really, you’re never too small to outsource your technology needs.

A small business may only have a few computers for its handful of employees. Having an in-house person dedicated to IT support would be overkill. But just because the technology is working fine today doesn’t mean your IT is performing at its best. That’s why it can be beneficial to outsource IT.

Having someone who knows technology working for your team can pay huge dividends. Your outsourcing partner will add value by:

  • helping you avoid bad tech purchases or buying software you don’t need;
  • identifying where you can be more efficient with tools you already have, which can save money;
  • providing knowledgeable support and IT help;
  • learning business needs and making recommendations about the best IT for your goals;
  • protecting your business technology and ensuring computers are up to date with security patches.

Small Business Breaches

Cybercriminals don’t care about business size. In fact, according to Accenture, 43% of cyberattacks were aimed at small businesses, and only 14% of the SMBs were prepared for defending their networks and sensitive data.

In fact, a small business can be a particularly appealing target. Hackers will exploit a small business as part of a campaign to attack a larger business. They know the SMB is less likely to have the same level of security as the bigger target in their sights.

Accenture’s 2019 study found that more than half of all small businesses had suffered a breach in the last year. These attacks can be crippling for SMBs. According to insurance carrier Hiscox, the average cyberattack costs a business $200,000. That figure can be a killer blow for a small business. Some 60% of SMBs hacked go out of business within six months of the attack. Even if they can survive the financial hit, damage to brand reputation and customer goodwill is devastating.

Advantages of Outsourcing

You may not have a clear picture of your cybersecurity status right now, but by working with a managed services provider (MSP) you’ll get one. Your partner will conduct an informal audit of your current technology and learn your short- and long-term goals.

Your small business, for instance, may not have a data protection procedure. You might be thinking you don’t have a lot to backup and store. But the quantity may not be the primary concern. Can you recover if your business loses an email chain it was keeping for legal or compliance reasons? What would happen if the computer holding your accounting database died? An MSP can identify where tech changes can better ensure business continuity.

When you outsource, your partner will also inventory all your tech assets. They’ll need to know everything about your infrastructure and your business’s technology capabilities. Your current team may recognize the importance of securing the business’s intellectual property, but are they also protecting customer data and employee records? Your business needs to be intentional about confidentiality, availability, and safety. An MSP can help.

The cost of outsourcing is often a stumbling block for the budget-conscious SMB. Managed IT services can often lower costs for clients by streamlining processes, managing vendor relationships, and ensuring that the business technology is best suited to current needs. And you’ll pay a fixed regular fee for a technology team member who will help you avoid big, costly tech surprises.

No business is too small to outsource IT. Having access to a full-time IT professional via a managed service provider can improve your operations, enhance productivity, and lower cybersecurity risk.

Find out more about what we can do for you! Call us at 323-7111

Want to know more?

Get in Touch with us

7 Things You Need to Know About Ransomware

7 Things You Need to Know About Ransomware

​Ransomware is a well-named type of cyberattack. Cybercriminals taking this approach kidnap your data. After accessing your network, they encrypt files and demand payment for the passcode. Here are the top seven things you need to know about this business threat.

#1 It Can Happen to You

Cybercriminals rely on your false confidence. Don’t think “it won’t happen to me.” Attacks on government, education, healthcare, or financial institutions get publicity. Yet organizations of all types and sizes are targeted.

#2 Ransomware Spreads Fast

Ransomware is malware, malicious software that can reach throughout a network. So, if Jane from accounting opens a ransomware file, every single computer on your business network could be infected. The virus can spread between businesses, too. Consider the debilitating WannaCry ransomware attack of 2017. Within four days of its first detection in Europe, the strain had spread to 116 countries.

#3 Ransomware Targets People

A common method to send out phishing emails in the hope of having people enter their access credentials. Targeted business communication emails work, too. The attacker gets to know your business first. Then they send an email impersonating a colleague, supplier, or customer asking you to take action or update contact details by clicking on the link or downloading a file.

#4 Ransomware is Costly

Once the ransomware is installed on your system, it locks down your files. To regain access to the files, you need the password or decryption key the attacker supplies when you pay up; that’s if they keep their end of the bargain once you pay the ransom. These are crooks you’re dealing with after all!

In Coveware’s analysis of Q3 2019, the average ransom payment increased by 13% to $41,198 as compared to $36,295 in Q2 of 2019. And that’s just the cost of the ransom. Indirect costs include the cost of downtime, lost revenue, and long-term brand damage. There’s also the expense of removing the ransomware, forensic analysis, and rebuilding systems.

The average ransomware attack in Q3 2019 resulted in 12.1 days of downtime. — Coveware

#5 Ransom Requires Cryptocurrency

Ransom payment is usually made by bitcoin or another cryptocurrency. Your business needs to buy cryptocurrency with actual cash, then transmit the ransom. They choose cryptocurrency because it’s very difficult to trace. It doesn’t help you that bitcoin is not something you can charge back like a credit card.

#6 A Recovery Plan Helps

Planning in advance can help you respond more reasonably. Document plans to disconnect infected computers from the network as soon as possible. Also, power down any machines that could be vulnerable to avoid spreading contagion.

You should also discuss in advance whether or not your business will pay a ransom. Weighing the costs and benefits without a deadline on the decision can help you react more strategically.

#7 You Can Take Action

You don’t have to sit around worrying and waiting for a ransomware attack. There are many things you can do to help prevent this type of attack:

  • Filter traffic, preventing it from coming into your network in the first place.
  • Scan inbound emails for known threats, and block certain attachment types.
  • Use antivirus and anti-spam solutions and regularly upgrade and patch vulnerable software.
  • Educate all users about social engineering.
  • Allow remote access to your network only from secure virtual private networks.
  • Back up your data to more than one location so that you can restore any impacted files from a known source.

Ransomware is a lucrative, relatively easy mode of attack for cybercriminals. They could target your business. Contact us today for help implementing the best protection practices to keep your data safe. Call us at 323-7111.

Want to know more?

Get in Touch with us

Do You Copy? What Can Go Wrong with BCC

Do You Copy? What Can Go Wrong with BCC

​Try to find someone who has not “replied all” when meaning to send to only one individual. It’s embarrassing and can aggravate those people with more emails flooding their box. Another common email gaffe is misusing the CC and BCC fields in outgoing messages. This mistake can prove costly for business.

You’ll have noticed those extra fields below the “To” field in your email client. CC stands for carbon copy, and BCC for blind carbon copy.

When you use CC, it’s like you’ve imprinted your message on an old blue sheet of carbon paper. The email copy sends to your To recipients as well as anyone you have CC’d. All recipients can see who else you sent your message to. This is a great way to encourage collaboration and accountability.

When you use BCC, your To recipient and anyone else you BCC’d gets the email, but you’re not showing where you sent the message. This is for when you’re addressing a large group of contacts that may not know each other, or when you are sending a group message but you want to respect the privacy of all your recipients.

The Blind Carbon Copy Nightmare

A big problem is using To or CC when meaning to use BCC. You inadvertently expose all your contacts’ email addresses. Personal contact information needs protection, and people’s privacy demands respect. You don’t want to make this mistake with a single or a few emails, or worse still hundreds or thousands of emails.

There are many examples of BCC blunders. West Ham United Football Club faces the UK’s Information Commissioner’s Office fines for confirming all season ticket holders with email addresses in the CC field. In another example, the Independent Inquiry into Child Sexual Abuse was fined US$260,000 for exposing possible victims of child abuse in the same way.

Scotland’s National Health Service messaged transgender patients with their addresses in the To field. Instead of using BCC, the sender used an open distribution list. This shared 86 Glasgow patient email addresses and, perhaps, patient names and dates of birth when the addresses incorporated those details. You can bet there were some heated replies to that message, although the reports didn’t share whether they were “reply all” or not.

Also, the Sydney Morning Herald reported on a real estate company employee mistakenly CC’ing 300 customer emails. A customer complained. The error resulted in a six-figure aftermath. Lawyers, a consulting firm, and eight full-time employees worked on a data breach response plan for weeks.

What’s Better Than BCC

Any CC or BCC blunder could be a data breach. Take care. Don’t risk the loss of customer trust and possible compliance issues.

When you need to send out an email to a large group of people when you’re not necessarily expecting a response, use mailing software such as Mailchimp. Email marketing platforms send an individual copy of your message to every person on your mailing list, so there’s no risk of your contact list being exposed.

Need help setting up your email client or getting up to speed on an email marketing platform? We can help. Contact us today at 323-7111!

Want to know more?

Get in Touch with us

Why Your Business Needs Managed Services Security

Why Your Business Needs Managed Services Security

Locking your front door after a burglar has already ransacked your house doesn’t do much, and the same is true of cybersecurity. With the help of a managed service provider, you can stay ahead of security threats with well-tested, leading-edge technologies.

Ransomware, Trojans, crypto mining, and more make the news regularly these days. Businesses and consumers are both aware of the threats. Yet there is no single vaccine that can keep you safe. The volume of threats is growing. Cybercriminals are mixing up their tactics to outwit their targets, and the result is increasingly sophisticated cyberattacks.

Password theft and password-based breaches remain a daily occurrence in 2019. But that’s only one area of concern. Cybersecurity experts warn that, “the worst is yet to come.”

Managed services help you to stay on top of evolving threats. For a small, fixed monthly cost, you add a team of experts to your arsenal. Instead of reacting after the fact, they work to identify any vulnerabilities. Instead of reacting, they work to identify vulnerabilities and prevent attacks.

When security is internal, a single person or small, overworked team tries to stay current. Working with a managed service provider (MSP), in-house IT teams focus instead on business tasks. They can trust the MSP to know the latest, greatest technologies. The MSP’s experts do the necessary training and attend the security conferences, and your business benefits without having to spend finite resources.

Managed Services Make a Security Difference

An early order of business for your MSP is learning your system, network, and applications. These IT experts get to know your business and its workflow needs. Then, they recommend the best tools for you to use. They make suggestions that prioritize productivity, ease of use, cost, and security. You don’t have to deal directly with a vendor salesperson. You gain an objective perspective on what technology truly suits your needs.

Regrettably, your technology users remain a weak link, but you can boost your employee cyber education and awareness (and you should). A managed services provider partner adds levels of precaution. They will test and track staff cyber behavior on-site and off-premises.

An MSP partner understands your entire technology ecosystem. They determine how your business solutions operate together to keep your business protected.

The MSP’s proactive approach can save you data breach devastation. Financial damages can be large. In a 2018 Cisco study, 54% of all cyberattacks resulted in damages of more than $500,000 USD.

Those costs aren’t the only risk of a data breach, though. Your business also risks:

  • theft of international property;
  • loss of competitive advantage;
  • damage to brand reputation;
  • customer churn;
  • regulatory fines.

No matter your business size or industry, you are at risk. It’s that simple. Cisco found 40% of companies with 250-499 employees had experienced a severe security breach in 2018. Larger organizations were similarly impacted but tended to be more resilient. Meanwhile, when a small business is breached the damage is usually even greater. Their core systems are likely interconnected, which sees the attack spread easily.

Key Takeaway

The threat landscape is always shifting. You might be at risk from targeted attacks against your employees (e.g. faked business email communications), ransomware (holding your data hostage), or other advanced threats.

Managed services ensure you have the people, processes, and technology to prevent attack. Plus, if the worst happens, they have the skills to mitigate the damage and get you back up and running quickly.

Managed services provide the best security, proactively, and on an ongoing basis. Want to learn more? Give us a call today at 504-323-7111!

Want to know more?

Get in Touch with us

Security Patches — The Better Way to Update

Security Patches — The Better Way to Update

Security Patches — The Better Way to Update

Updates often come at the worst moment. You go to shut down your laptop to rush to a meeting, and you get a “Windows is updating. Do not power off” message. Argh!

Or you leave your desktop to go to a meeting and come back to find your computer has restarted in your absence. Those unexpected bug fixes and performance improvements lost you all your unsaved work.

You know updates are important. They help patch security flaws. These are the vulnerabilities that hackers love to exploit. Updating helps you keep business documents and data safe. Software updates can also add new, useful features and remove outdated ones. Plus, keeping software and systems up to date is good cyber citizenship. Security patches protect from attacks that could also impact employees, customers, and partners.

Updating is a pain but oh so important

The WannaCry ransomware attacked hundreds of thousands of computers in more than 150 countries. Among those infected were the UK National Health Service, FedEx, Telefonica, the Russian Interior Ministry, and more, all because people (and companies) weren’t keeping their computers updated. The later Petya ransomware preyed on the same vulnerabilities, despite the publicity around WannaCry and Microsoft having already released a patch.

Still, people don’t bother updating. According to a Skype survey, 40% of respondents didn’t update their machines when prompted, almost 25% required a second prompt. Nearly 45% worried that installing the update would weaken their computer’s security.

And keeping Windows up to date isn’t enough. Cybercriminals aren’t stopping there, so you can’t either. You also need to be patching third-party applications such as Java or your Adobe suite. More employees are also bringing their own devices to the workplace. Overlooking security updates for these entry points is like leaving a window wide open and expecting criminals to walk by.

Equifax’s failure to update a Java virtual machine proved costly. Hackers accessed over 145 million credit reports in 2017. The company lost more than $5 billion in market cap, and the CEO lost his job.

Businesses need a better way to keep your software security patches current. Here’s help.

Keeping security patches current, conveniently

Avoid the inconvenience of the “Update Now” interruption by setting up automated patching. Patching all your computers or different device types can be time consuming.

Determine when downtime won’t be as disruptive, and schedule patches for that timeframe. This lets you update an entire department when they aren’t there, or patch individual computers around the employee’s schedule. For instance, if your accountant comes in only on Tuesdays, you wouldn’t patch that computer that day.

This approach also creates a consistency your employees can plan around, which allows them to manage all security updates without you having to lift a finger.

To do this, you can outsource the patching to a managed service provider (MSP). The MSP installs remote monitoring and management (RMM) software to manage all security updates without you having to lift a finger.

The RMM software gives your IT partner visibility into your business technology. They’ll track your hardware, software, and network environments to keep ahead of issues. This sets your business up to respond faster to any events.

Using the RMM, the MSP can automate software patching and OS updates to reduce the hassle. The RMM can be cloud-based or on-premises (requires onsite hardware investment).

Conclusion

Automating or outsourcing software updates can improve your security and compliance. Your employees enjoy new features, extended support, and access to the latest technology. A reliable, secure system can improve stability, speed processes, and drive increased productivity.

Get expert help determining patching priorities, or partner with an MSP to install RMM and monitor and resolve issues remotely. Give us a call at 323-7111!

Want to know more?

Get in Touch with us

To Backup or To Archive? ’Tis The Question

To Backup or To Archive? ’Tis The Question

Hamlet worried about whether to be or not. You may be more preoccupied with whether backup or archiving is better for your business. You know you need to secure your data, but how? This article examines the different benefits of both options.

Back in the day, businesses kept important information on paper. They stored important records and notes in nearby filing cabinets for easy access.

When there were too many files to close the cabinet drawers any longer, someone would do a big clean out. Older, important documents would get boxed for the basement or other storage area. They might still be needed for tax, or compliance, or other reasons. But you didn’t need those files readily accessible any longer.

A similar scenario is true of digital business data. You can back it up to recover from hardware failure, cyberattack, or disaster event. Or you might archive the data for space management and long-term retrieval.

Deciding Between Backup and Archive

When it comes to the right form of data storage you’ll need to weigh:

  • the period of time you need to keep the data;
  • what protections from loss or illicit access your method offers;
  • whether the data can be easily restored or retrieved;
  • how accessible, searchable, and quickly available the data will be;
  • any industry or compliance standards that need to be met.

The backup is a copy of your data. On a regular basis you’ll make a copy of the business data to provide you with a starting point in the event of a disaster. You’ll decide how often to backup based on how often the data changes and the importance of data currency.

Backing up data, an operating system, or application files, doesn’t delete the originals. However, your older backup may be deleted when you make the new copy. If not, the backup can have another use. It can allow users to go back and review or recover earlier versions.

It’s not a bad idea to have several backups. We recommend the “3-2-1” backup strategy. You’ll have three copies of your business data. One would be on the cloud, the other two on different devices (e.g. on your local computer and on a backup drive).

Archiving puts a copy of business data into long-term storage. This is the data equivalent of moving that box of files to the basement. Typically, the archived version becomes the only available copy of that data.

The archives’ permanent record of data may prove useful in future legal disputes. Archived data is often tagged to enable streamlined search down the road. Moving information to archive can also improve processing speed and storage capacity.

While a backup may be overwritten, archived data is generally not altered or deleted. In fact, it’s often physically disconnected from the computer or network. So, you’ll turn to a backup to restore your data if necessary, and to archives to retrieve information data.

Key Takeaway

Both backup and archive can prove useful. It’s not going to happen every day, but entire digital archives can be lost if a server is drowned by a flash flood. All the paper backups can be burnt to cinders in an electrical fire. That external hard drive could be stolen or crushed by falling debris in a hurricane.

It’s best to avoid having a single point of failure. Both backing up and archiving business data is a smart precaution. Ensure business continuity by preparing for the worst. Our computer experts can help you backup, archive, or both. Start securing your business data with our support today! Call us at 504-323-7111.

Want to know more?

Get in Touch with us