Security Patches — The Better Way to Update

Security Patches — The Better Way to Update

Security Patches — The Better Way to Update

Updates often come at the worst moment. You go to shut down your laptop to rush to a meeting, and you get a “Windows is updating. Do not power off” message. Argh!

Or you leave your desktop to go to a meeting and come back to find your computer has restarted in your absence. Those unexpected bug fixes and performance improvements lost you all your unsaved work.

You know updates are important. They help patch security flaws. These are the vulnerabilities that hackers love to exploit. Updating helps you keep business documents and data safe. Software updates can also add new, useful features and remove outdated ones. Plus, keeping software and systems up to date is good cyber citizenship. Security patches protect from attacks that could also impact employees, customers, and partners.

Updating is a pain but oh so important

The WannaCry ransomware attacked hundreds of thousands of computers in more than 150 countries. Among those infected were the UK National Health Service, FedEx, Telefonica, the Russian Interior Ministry, and more, all because people (and companies) weren’t keeping their computers updated. The later Petya ransomware preyed on the same vulnerabilities, despite the publicity around WannaCry and Microsoft having already released a patch.

Still, people don’t bother updating. According to a Skype survey, 40% of respondents didn’t update their machines when prompted, almost 25% required a second prompt. Nearly 45% worried that installing the update would weaken their computer’s security.

And keeping Windows up to date isn’t enough. Cybercriminals aren’t stopping there, so you can’t either. You also need to be patching third-party applications such as Java or your Adobe suite. More employees are also bringing their own devices to the workplace. Overlooking security updates for these entry points is like leaving a window wide open and expecting criminals to walk by.

Equifax’s failure to update a Java virtual machine proved costly. Hackers accessed over 145 million credit reports in 2017. The company lost more than $5 billion in market cap, and the CEO lost his job.

Businesses need a better way to keep your software security patches current. Here’s help.

Keeping security patches current, conveniently

Avoid the inconvenience of the “Update Now” interruption by setting up automated patching. Patching all your computers or different device types can be time consuming.

Determine when downtime won’t be as disruptive, and schedule patches for that timeframe. This lets you update an entire department when they aren’t there, or patch individual computers around the employee’s schedule. For instance, if your accountant comes in only on Tuesdays, you wouldn’t patch that computer that day.

This approach also creates a consistency your employees can plan around, which allows them to manage all security updates without you having to lift a finger.

To do this, you can outsource the patching to a managed service provider (MSP). The MSP installs remote monitoring and management (RMM) software to manage all security updates without you having to lift a finger.

The RMM software gives your IT partner visibility into your business technology. They’ll track your hardware, software, and network environments to keep ahead of issues. This sets your business up to respond faster to any events.

Using the RMM, the MSP can automate software patching and OS updates to reduce the hassle. The RMM can be cloud-based or on-premises (requires onsite hardware investment).

Conclusion

Automating or outsourcing software updates can improve your security and compliance. Your employees enjoy new features, extended support, and access to the latest technology. A reliable, secure system can improve stability, speed processes, and drive increased productivity.

Get expert help determining patching priorities, or partner with an MSP to install RMM and monitor and resolve issues remotely. Give us a call at 323-7111!

Want to know more?

Get in Touch with us

The Dark Web and Its Impact on Your Business

The Dark Web and Its Impact on Your Business

Business owners today know the internet is not only a force for good. Some people exploit the Web for ill intent. They congregate on the Dark Web, and small businesses need to understand the risks.

What is the Dark Web?

You and your employees spend time daily on the Web. They’re researching clients, checking out competitors, and searching for information. They are not accessing the Dark Web. The Dark Web houses dangerous, often illegal activity. This includes black-market drug sales, illegal firearm sales, and illicit pornography.

The Dark Web’s collection of websites is inaccessible using standard search engines or browsers. Users employ a Tor or I2P encryption tool to hide their identity and activity, and they spoof IP addresses.

To go into the Dark Web, you also need to be using the Tor or I2P service. Plus, you’d need to know where to find the site you are looking for. There are Dark Web directories, but they are unreliable. The people on the Dark Web don’t want their victims to find them. Ultimately, it’s not somewhere you or your employees need to be.

So, why do you need to know about it? Because Dark Web users can buy:

  • usernames and passwords
  • counterfeit money
  • stolen credit card numbers or subscription credentials
  • software to break into people’s computers
  • operational, financial, or customer data
  • intellectual property or trade secrets

The Dark Web is also where someone can hire a hacker to attack your computers.

The Dark Web business risk

The Dark Web itself isn’t illegal, and not all its traffic is criminal. It is also visited by journalists and law enforcement agencies, and it’s used in countries prohibiting open communication.

Yet the number of Dark Web listings that could harm your business is growing. A 2019 research study found that 60% of all listings could harm enterprises, and the number of those Dark Web listings has risen by 20% since 2016.

Business risks from these Dark Web listings include:

  • undermining brand reputation
  • loss of competitive advantage
  • denial-of-service attack or malware disruption
  • IP theft
  • fraudulent activity

With media attention on data breaches impacting millions, it’s easy to think a small business is not at risk. However, bad actors don’t target a business for its size – they look for ease of access.

Dark Web information is up to twenty times more likely to come from an unreported breach. Privacy specialists told a Federal Trade Commission Conference victims included medical practices, retailers, school districts, restaurant chains, and other small businesses.

Reduce your risk

If your information ends up on the Dark Web, there’s little you can do about it. The bright side, at least, is that you would know that your business security has been compromised. Be proactive instead. Keep your security protections current, and install security patches regularly.

Consider a unified threat management (UTM) device, or UTM appliance. The UTM plugs into your network to serve as a gateway and protect your business from malware, illicit access, and other security risks.

Your UTM security appliance can provide:

  • application control
  • anti-malware scanning
  • URL and content filtering
  • data loss prevention
  • email security
  • wireless and remote access management

Or let a managed services provider (MSP) take care of all aspects of protecting your business. Pay a consistent monthly fee for an MSP to handle all your technology, patching, monitoring, and assessment needs.

Stay on top of the latest cybersecurity threats with an MSP, or learn more about installing a UTM. We can help protect you from the dangers of the Dark Web. Call us today at 504-323-7111!

Want to know more?

Get in Touch with us

Making Technology Another Target for Continuous Improvement

Making Technology Another Target for Continuous Improvement

Your business likely talks a lot about continuous improvement. It’s everyone’s goal, right? Yet “set it and forget it” is a common approach to handling business technology. Here’s why IT needs your ongoing attention too.

Your competition is increasing, and it can feel as if it is doing so exponentially. Why? There are lower barriers to entry in many businesses. The marketplace has gone global. Transaction costs are declining. Technological advances, automation, and AI are making processes more efficient and increasing productivity.

Your business can’t stand still. Don’t leave your IT sitting unattended either. Sure, the very term “continuous improvement” may have you twitching with discomfort. Not that buzzword again! Yet taking an “if it ain’t broke don’t fix it” approach to IT could be hurting your business. Settling for “alright” or relying on “the way we’ve always done it” could leave you lagging behind competitors.

Your business may not have a CIO lobbying for the latest tech, but every business can benefit from asking itself: “can we be doing this better?”. Of course, you don’t know what you don’t know. You are focusing on your industry, not all the new technology, automation, artificial intelligence, or machine learning to:

  • Innovate process
  • Automate routine, repetitive tasks
  • Increase productivity
  • Enable global collaboration
  • Streamline workflow
  • Integrate existing applications
  • Support informed decisions
  • Optimize information access
  • Enhance document, data exchange
  • Advance analysis-based action

The Value of a Strategic MSP Partnership

A managed services provider (MSP) can answer the technology questions you don’t even know to ask. Don’t rely on the old way of doing things. You don’t need to suffer through long, drawn-out processes and the inefficiency of manual work. Your business can partner with an MSP to embrace the power of digital transformation.

Protecting your business from cyber bad guys isn’t the only thing an MSP can do. An MSP can help you improve processes, exceed customer expectations, and reduce costs, all while minimizing your risk.

The MSP will get to know the ways in which you do business and your vision for the future. The MSP can help your business work smarter and reach its goals faster. Understanding available improvements, the MSP can make recommendations to fit your budget and help you become better, faster, and more agile.

Of course, incorporating continuous improvement in your technology can mean making changes to the way you work. Your employees may shudder. That’s why it’s important to work with a partner that can help you clearly articulate the value of digital transformation.

Your people will want to know “what’s in it for me,” and the MSP can help you provide the answer. Explaining how innovation will help employees do their job better or drive business outcomes is key. Working with an MSP means intentional strategy drives your technology improvements. That’s the foundation for successful implementation and adoption.

Don’t settle for a one-size-fits-all, set-and-sit approach to information technology. Your competition will be happy if you do. Instead, work with an MSP that doesn’t just keep your technology running and your systems secure. Join forces with a service provider who is your strategic partner – they’ll ensure your technology is continuously improving.

You’re not alone. Adapt with us.

Technology’s rapid pace of change was a top threat for business leaders, according to a 2017 survey of business school grads. Digital advances surpassed economic, political, and environmental changes. But you’re not alone in your struggle to continuously improve.

Turn to the experts who can answer your questions and plan strategic improvement. No matter what your industry or business size, you can enjoy our technology expertise. Talk to us about a technology assessment. Our experts will suggest options that suit your needs and help you beat the competition. Reach to us at 504-323-7111.

Want to know more?

Get in Touch with us

To Backup or To Archive? ’Tis The Question

To Backup or To Archive? ’Tis The Question

Hamlet worried about whether to be or not. You may be more preoccupied with whether backup or archiving is better for your business. You know you need to secure your data, but how? This article examines the different benefits of both options.

Back in the day, businesses kept important information on paper. They stored important records and notes in nearby filing cabinets for easy access.

When there were too many files to close the cabinet drawers any longer, someone would do a big clean out. Older, important documents would get boxed for the basement or other storage area. They might still be needed for tax, or compliance, or other reasons. But you didn’t need those files readily accessible any longer.

A similar scenario is true of digital business data. You can back it up to recover from hardware failure, cyberattack, or disaster event. Or you might archive the data for space management and long-term retrieval.

Deciding Between Backup and Archive

When it comes to the right form of data storage you’ll need to weigh:

  • the period of time you need to keep the data;
  • what protections from loss or illicit access your method offers;
  • whether the data can be easily restored or retrieved;
  • how accessible, searchable, and quickly available the data will be;
  • any industry or compliance standards that need to be met.

The backup is a copy of your data. On a regular basis you’ll make a copy of the business data to provide you with a starting point in the event of a disaster. You’ll decide how often to backup based on how often the data changes and the importance of data currency.

Backing up data, an operating system, or application files, doesn’t delete the originals. However, your older backup may be deleted when you make the new copy. If not, the backup can have another use. It can allow users to go back and review or recover earlier versions.

It’s not a bad idea to have several backups. We recommend the “3-2-1” backup strategy. You’ll have three copies of your business data. One would be on the cloud, the other two on different devices (e.g. on your local computer and on a backup drive).

Archiving puts a copy of business data into long-term storage. This is the data equivalent of moving that box of files to the basement. Typically, the archived version becomes the only available copy of that data.

The archives’ permanent record of data may prove useful in future legal disputes. Archived data is often tagged to enable streamlined search down the road. Moving information to archive can also improve processing speed and storage capacity.

While a backup may be overwritten, archived data is generally not altered or deleted. In fact, it’s often physically disconnected from the computer or network. So, you’ll turn to a backup to restore your data if necessary, and to archives to retrieve information data.

Key Takeaway

Both backup and archive can prove useful. It’s not going to happen every day, but entire digital archives can be lost if a server is drowned by a flash flood. All the paper backups can be burnt to cinders in an electrical fire. That external hard drive could be stolen or crushed by falling debris in a hurricane.

It’s best to avoid having a single point of failure. Both backing up and archiving business data is a smart precaution. Ensure business continuity by preparing for the worst. Our computer experts can help you backup, archive, or both. Start securing your business data with our support today! Call us at 504-323-7111.

Want to know more?

Get in Touch with us

How to Destroy Data Properly

How to Destroy Data Properly

When we accidentally delete something, it feels like the end of the world. If a client file or new presentation is deleted, you may have to start again. Oh no! Yet deleting files is not as permanent as you may think. When it comes to destroying data properly, you’ll want to take a more thorough approach.

Deleting items, or “trashing” them, doesn’t permanently remove them from computer memory. While the data is still stored on your device’s hard disk, it’s possible someone could restore that deleted data.

Data does reach a point at which it’s no longer useful, and you are no longer required to maintain it. Nevertheless, it may still be valuable to cybercriminals. Bad actors can use names, addresses, credit card numbers, banking accounts, or health data. You need a policy to destroy paper records, magnetic media, hard drives, and any storage media.

Your obligation to protect customer and staff information extends to properly destroying all identifying data. Installing a new operating system isn’t going to do it. Encryption doesn’t do the job if the cybercriminal can figure out the password.

Some industries require you to prove you have correctly destroyed all data. Even if you have no compliance standards to meet, carefully dispose of any computer-related device. Whenever you are recycling, discarding, or donating an old computer, disk drive, USB stick, or mobile device, make sure the data is already properly deleted or destroyed. Otherwise, criminals could get their hands on confidential business information.

Fully, Safely Destroying Your Data

So, what do we mean by “properly” destroyed? You know about shredding paper documents. You can actually do the same with some devices. You might send the computer or device to a company with a mega-shredder. When compliance matters, keep a record of the chain of custody of the data throughout the process.

Overwriting the data, often called zeroing, is another solution. No data is properly deleted until it’s written over – that’s where the information is hidden under layers of nonsensical data and cannot be retrieved through disk or file recovery utilities. Think of this as writing three new books over the top of the pages of an erased book rather than just ripping the pages out.

With magnetic devices, you can neutralize the magnetism (degaussing) to break down the data. This scrambles up the data beyond recovery. A strong degausser will turn the device into a shiny metallic paper weight. An ultraviolet erase could be necessary for some erasable programmable memory. You might also need to perform a full chip erase.

If you’re really committed to destroying data, physically destroy the device. There’s the shredding solution, or you might actually pay to have the device smelted or pulverized.

Other Components to Destroy with Data

Don’t forget proper disposal of printers, too. Run several pages of unimportant information (maybe a font test) before destroying a laser p6rinter. With an impact printer (if you still have one!), you’d want to destroy all ribbons, too.

One last element you might think about? Business monitors. You’ve probably seen a computer screen with information burned onto it. Before donating or recycling a monitor, inspect the screen surface and destroy the cathode ray tube.

Now, that’s what we call being thorough about properly destroying data. Need help with proper disposal of computer data or equipment?

We can help. Contact our experts today at 504-323-7111

Want to know more?

Get in Touch with us

Locking Up Cybersecurity with a Managed Services Provider

Locking Up Cybersecurity with a Managed Services Provider

Cybercrime is not the most costly of illegal activities. That dubious distinction goes to government corruption, followed by drug trafficking. Cybercrime comes in third. Yet cybercrime does take the top spot when it comes to numbers of victims. A managed services provider can help.

Cybercrime has hundreds of millions of victims. Two-thirds of people online have experienced personal information theft or compromise. A 2018 McAfee Security study suggested that represents more than 2 billion individuals!

If any of those people works at your business, it could mean trouble for your security, too. Why? People tend to think they have too many passwords to remember. So, they use the same login information again and again. That means a criminal could leverage employee data to access business systems, too.

Cybercrime is a global problem for both individuals and businesses. The bad actors, after all, can make big bucks from their crime with low risk of discovery. The global cost of cybercrime is an estimated $600 billion a year. And no one and no business is immune.

More people are going online. Businesses are becoming more reliant on digital transactions. Cybercriminals are quickly adapting. They’re motivated, but are you?

Securing Your Business with an MSP

It’s safe to say your Information Technology team has a lot to do. Everyone at your office is working hard, but is cybersecurity getting the attention it deserves? Ultimately, there is no better way to keep your systems secure than with managed services.

A managed services provider (MSP) helps your business stay ahead of security threats. Finding out about risks or vulnerabilities after the fact is no good. That’s like closing the barn door after the prize stallion has already bolted.

An in-house cybersecurity team providing 24/7 protection isn’t workable for most businesses. It’s cost prohibitive for most small and mid-sized businesses.

Working with an MSP is a more affordable alternative. You avoid investing in the latest technology and building up an on-premises infrastructure. Instead, you pay a consistent fee for the MSP to handle technology patching, monitoring, and assessments.

The MSP uses well-tested, leading-edge tech to stay on top of cybersecurity threats. This strategic partner can:

  • set up security on your infrastructure;
  • oversee your company’s security systems;
  • ensure regulatory compliance;
  • track threats 24/7;
  • maintain strong data protection.

An internal IT team oversees many areas, but the MSP focuses on continuous monitoring. It keeps up to date on the global threat landscape and any industry vulnerabilities.

Still not convinced that paying an MSP is worth it? The average cost of a lost or stolen record was $148 per record in 2018. You might view working with an MSP as paying for insurance. With ongoing monitoring an MSP helps your business avoid security breaches. And their devastating costs (including to productivity, compliance, revenues, and brand reputation).

This extension of your security staff helps maximize resource efficiency. And their day-to-day focus is on reducing risk and minimizing damage from cyberthreats. With an MSP you add dedicated security experts to your team. Secure your technology while gaining advanced threat intelligence and customized security strategies.

A managed services provider identifies vulnerabilities and secures your business environment. Stay ahead of cybersecurity threats with an MSP. Find out more today!

Call us at 504-323-7111

Want to know more?

Get in Touch with us