Business IT Guide: Keeping Users Productive & Happy

IT solutions and software are essential for businesses to maximize productivity and streamline operations. However, it is very common that new technologies hinder productivity when not correctly implemented, and lagging, inefficient systems can slow operations.

Here’s how you can keep users happy and productive by providing essential support, tools, and processes.

increasing IT productivity

The Critical Importance of Enabling Workers to Be Productive 

With the business world’s tech solutions constantly expanding, businesses are becoming leaner and more efficient than ever. As a result, IT solutions enable companies to operate at record-breaking speeds while increasing the quality of the output.

However, while IT solutions can be incredibly beneficial for businesses, they can have a steep learning curve, and downtime caused by tech slowdowns can result in major profit losses.

If employees spend countless hours per day trying to understand how to use a new system properly or waiting for lagging systems, this can lead to decreased productivity and employee happiness.

Leading solutions like Microsoft 365 enable teams to remain connected and up to speed. Enabling your team with the right solutions, including software and hardware, is critical to your organization’s success. 

When and Why to Offload User Support to a Third Party

When internal IT departments can’t keep up with support tickets or need to focus attention on other projects, it may be time to offload user support to a third party.

Another common situation is that business managers and other higher-ups get tied up in IT problems when their time could be better spent focusing on other areas of the business.

Outsourcing user support is a cost-effective way to maintain fast, high-quality IT systems and keep productivity up.

A third-party IT provider can not only help you solve problems when they arise, but they can also help you choose the best IT tools for the greatest efficiency in your team, and implement those solutions and provide user training.

Not all employees will be equally tech-savvy. If a business finds that productivity decreases when they’re trying to implement or manage a new IT solution, it may be time to bring in a team of professionals to help manage these new solutions. And if communication, productivity, and employee satisfaction are stagnant or decreasing, getting the input of IT experts with experience in your industry can help turn things around.

The Goal of Lifecycle Management

Lifecycle management is the process of managing the complete lifecycle of a tech system. It not only covers purchasing and installing new hardware, but it also manages decommissioning or upgrading existing systems to meet current needs, implementing solutions that are long-lasting and scalable, and considering long-term equipment needs.

Working with a company that can provide you with 360-degree solutions, from installation all the way through to maintenance and decommissioning, can significantly benefit a business through savings in both costs and time.

With the right lifecycle management for your IT infrastructure, you can reduce costs and avoid disastrous events that leave you with equipment that’s all down at the same time.

User Training and Self-Help

When businesses implement new IT solutions, there must be a level of training for all employees.

This training should inform employees to gain knowledge of the new system and how they can access help themselves through services such as IT support and online chat support.

ISG’s Service Desk allows employees to reach out throughout the day and get help from certified engineers to assist with any tech-related problem they experience.

Top-Rated IT Services Keep Your Business Flowing

For companies to remain competitive, they need business-optimizing IT solutions.

ISG Technology understands that, while it is essential to streamline business with IT solutions, there is a learning curve to overcome before productivity increases. We’re here to make your day-to-day life as easy as possible, from implementation to employee training to support.

Through services such as ISG’s service desk and M365 offerings, companies have IT help desk solutions and IT support to mitigate issues that may occur in downtime and productivity. 

Work with ISG Tech for professional, reliable IT solutions that keep your company moving and your employees happy.

Cybersecurity Lingo Every C-Level Executive Should Know

Businesses face various security threats, including ransomware, phishing attacks, computer viruses, and more. With these security threats increasing, managed security services are no longer a luxury—they’re a necessity.

Before business owners and executives can fully understand the advantages of managed security, they need to understand some basic IT security terms. Here’s our glossary of basic cybersecurity terms executives should know:

glossary of cybersecurity terms

Business Cybersecurity Basics

  • Cybersecurity – the protection of computers, networks, and infrastructures from digital threats and risks.
  • BYOD – “Bring Your Own Device,” a business policy that allows or requires employees to use their own devices instead of company-provided ones, that can impact cybersecurity.
  • Infrastructure – the physical and organizational assets and framework comprising an entity. In IT, infrastructure includes hardware and equipment like monitors and servers; software; and organizational processes.
  • Network – a group of computers that are digitally connected to enable communication, file sharing, and other data transmissions. Types of networks can include Local Area Networks (LAN), Wide Area Networks (WAN), and many others.
  • Managed IT Services – IT services that provide continual support, generally on a monthly payment plan, to proactively manage IT reliability, infrastructure, and security.
  • Managed Service Provider (MSP) – an IT provider that offers managed services.

Risks, Threats, & Vulnerabilities

  • Threat – an individual or event that has the potential to negatively affect your systems.
  • Vulnerability – a weakness in your security that can be exploited or penetrated.
  • Risk – the probability that your IT will be compromised due to threats, vulnerabilities, etc.
  • Cyber Attack – a deliberate attempt by an individual or group to breach an organization’s network or infrastructure to steal or erase data, cause disruptions, or otherwise cause harm.
  • Data Breach – when an unauthorized user gains access to restricted data. Data breaches are often caused by cyber attacks, but they may also be caused by vulnerabilities in systems or software which can then be exploited.

Types of Cyber Attacks

  • Malware – any malicious software that is harmful to a network, system, or user.
  • Ransomware – a type of malware that blocks access to a system or data until a ransom is paid.
  • Phishing – a type of cyber attack, often in the form of an email, that attempts to manipulate a recipient into giving up personal or financial information.
  • Spear Phishing – a targeted phishing attack where the attacker uses specific information about the victim, such as place of work, interests, or organizations they do business with, to manipulate the victim into giving up information.
  • Virus – a malicious computer program that replicates itself to “infect” other programs after it is triggered by a bad actor.
  • Worm – a piece of malware that self-replicates to infect other programs automatically once it gains access to a computer.
  • Botnet – a network of computers that have been infected with malware and is controlled by a bad actor. A botnet can be used to send a large amount of traffic in a DDoS attack.
  • DDoS Attack- a “Distributed Denial of Service” attack uses a botnet to bombard a website with a huge number of requests in order to to slow or crash the website.
  • Trojan Horse – malware that exploits a “back door” to gain remote access to a computer.
  • Spyware – malware that operates in the background to collect information such as keystrokes, login credentials, and other data, undetected by the user.

Security Tools, Services & Defenses

  • VPN – a Virtual Private Network (VPN) creates a private network on a public internet connection by encrypting your data.
  • Firewall – a network security tool that monitors traffic and prevents unauthorized access based on a set of instructions.
  • Multi-Factor Authentication (MFA) – a password protection tool that requires two or more forms of authentication before allowing a user to log in.
  • Cloud Computing – an umbrella term pertaining to services, products, and platforms hosted on a secure remote server.
  • Security Framework – a set of standards that serves as a structure or guide for security, such as NIST.
  • Threat Detection & Response – the process of monitoring systems to detect and respond to threats.
  • Pen Testing – penetration testing evaluates an organization’s vulnerabilities, generally by attempting to “hack” their network to explore what weaknesses cyber criminals might be able to exploit.
  • Endpoint Protection – security designed to protect endpoints in a network—devices such as computers and mobile devices where users can access the network. This becomes especially important in a remote network, where endpoints may be spread out rather than located in the same physical location.
  • DNS Protection – Domain Name System protection can blacklist potentially dangerous websites, advertisements, and malware to prevent you from being exposed to risks.
  • Managed Protection & Response – a managed security service that proactively searches for vulnerabilities, potential breaches, and suspicious activity and works to remediate them.
  • SIEM – Security Information and Event Management combines security information management and security event management by analyzing security threats in real time.

Digitally Protecting Your Business

ISG Technology is proud to help businesses with their IT support needs by providing 24/7 network monitoring, real-time alerts and notifications, infrastructure maintenance, and more. We make security simple through our Managed Security offering, which mitigates business security risks by utilizing the most advanced cybersecurity tools and practices to protect your company.

Contact us today to protect your business from cyber threats and gain complete confidence in your security.

Skyrocketing Productivity and Innovation

In 2020, Deloitte’s CIO Insider uncovered trends that point to a shift in the IT operating model of successful companies. Instead of viewing IT services as a line-item budget expense, they’ve started viewing managed IT services as technology investments. By selecting the right MSP, executives drive ROI, increase productivity and innovation, and reduce overall costs.

IT & Employee Roles 

In specific industries, employees take on a lot of the technology pressures to keep things moving. IT management is a significant part of any company, and with so many options out there, it can be hard to decide how much to outsource and when to do it.

At one time, it made sense for employees to manage IT issues, especially when the only other option was building or adding to an onsite IT team. In today’s hybrid IT environments, companies must quickly create, deploy, and manage dynamic environments. As a result, many of them are overworked, face alert fatigue for those with IT teams, and use staff from other departments to put the company at risk. When the IT staff is without adequate support, they may be unable to keep their tech skills up-to-date and therefore resort to delegating responsibilities that require their expertise and certifications. 

Managed IT services answer those who don’t know where they stand on outsourcing their business’s tech needs. This service allows clients to choose exactly what type of help they need from an MSP — whether that means project management or cybersecurity enhancements — then it lets them tailor the rest according to their own specific needs. They do so without hiring new staff members in-house. As a result, it not only saves time but also boosts productivity and morale.

Organizational Transformation Through Change Management

By focusing on the cost-per-hour of IT services and line-item cost of software or services, and not the larger organization, business leaders miss out on several key benefits directly related to productivity and innovation. 

For example, when downtime is unavoidable, IT professionals should be able to provide programmers with the ability to create these programs elsewhere. By doing so, they can continue working even when something goes wrong during development. If business leaders rely on the old “break then fix IT” model, the business will grind to a halt.

Downtime is costly: It’s estimated that mid-market companies lose $5600 per minute when IT systems fail. Businesses and their teams deserve proactive servicing from an IT services and technology consulting partner who has the capability of anticipating possible disruptions — rather than reactive repair work after something falls apart.

Change Management with Business 365

Since 2017, Office 365 has been helping businesses improve operations with various features: a service health dashboard, Microsoft Teams, Office 365 Groups, enterprise security, and more. 

Office 365 provides web-enabled access to critical business resources in today’s virtual and remote environments, improving response times, productivity rates, and successful change management. 

It also helps businesses leverage critical members of the organization’s IT team to tackle everyday tasks and work through digital transformation issues. By working with your MSP and installing Office 365, businesses can boost productivity and operational efficiency. To learn more about managed IT services and the direct impact on boosting business productivity and innovation, contact ISG Technology today.

Making Data Disasters a Thing of the Past

Be prepared for anything with managed IT services and data recovery.

Many small to medium-sized businesses don’t put a lot of emphasis on preparing for data disasters, figuring it’s too much bother or that it’s unlikely a data disaster will happen to them. 

For the unprepared, a data disaster is a matter of if, not when. Whether it’s from a hardware failure, a targeted security breach, a natural disaster that physically destroys your server, or a simple human error by an employee, your data is vulnerable to loss or theft. 

No matter what size business you have, you need a plan that covers business continuity, disaster recovery, and data backup. Here’s what you need to know to disaster-proof your data and your business. 

Why you need to plan for business continuity now, not later

One incident of unplanned downtime could spell the end for a business that doesn’t have a generous emergency budget to fall back on. Downtime can cost hundreds or even thousands of dollars per minute, and that’s just in terms of lost sales and lost productivity. There’s also the blow it deals to your brand’s image and reputation and the impact that it has on customer retention. 

The best time to figure out what to do in the event of unplanned downtime is before it ever happens. That’s why you need to have your business continuity plan, which outlines what you’ll do to keep the business running in the event of a data disaster, in place now. 

The essential elements of disaster recovery 

A good business continuity plan will include disaster recovery. Two metrics that form the basis of your disaster recovery are your recovery time objective (RTO) and recovery point objective (RPO). 

Your RTO is the maximum length of time your operations can tolerate being down after a failure or disaster. For example, if your RTO is 30 minutes, that means your systems have to come back online after a disaster within 30 minutes for recovery to proceed in a way that is acceptable or “tolerable” in terms of cost. 

Your RPO is the time between when your last good data set was available and when the disaster or failure occurred. Establishing an RPO helps ensure that the data that is recovered after a disaster is as up-to-date as possible. It also defines how often you should back up your data. For example, if your RPO is one hour, then you should back up your data every hour. 

The 3-2-1 backup rule and why you need it

To recap, your business continuity plan sets out what you’ll do in the event of a data disaster, and establishes your parameters for disaster recovery, including your RTO and your RPO. 

That just leaves your data backup. One of the simplest ways to protect your data is by utilizing the 3-2-1 Backup Rule.

What is the 3-2-1 Backup Rule?

The 3-2-1 Backup Rule was established by Peter Krogh, and is centered around the idea of keeping data safe through multiple backups of that data. Essentially, you should always keep three copies of your data, two copies that are local but on different mediums or devices, and one copy that is off-site.

As an example, say you have a list of clients that you keep on your work computer. That’s one copy. Then you have that same list of clients on an external hard drive that you use to backup your computer. That’s the other localized copy of your client list, but on a separate device. On top of your personal hard drive, you have an online backup solution that constantly uploads your data to an off-site data center. This is your third copy, found off-site.

If something were to happen to your external hard drive or the off-site data center, you would still have your client list on your personal computer, and vice versa.

How you can survive a data disaster

Given how essential data backup and data recovery is to disaster-proofing your business, you might leave it to the experts by using managed IT services. 

ISG’s Managed Backup and Data Recovery plans have you covered. We take care of your data backup and your data replication so you can enjoy peace of mind knowing that data disasters are a thing of the past. Get Managed Backup and Data Recovery from ISG for comprehensive protection for your business.

Introducing Webinars in Microsoft Teams: Easy, professional webinars to engage customers

Over the last year, we have found new ways to create engaging virtual experiences at work. We’ve transformed spaces in our homes to offices, developed new skillsets for remote collaboration, and in some cases, adopted new technology to get work done. I often hear from our customers about the burden of using different tools to accomplish similar tasks at work. This is one of the reasons I’m excited to announce new innovations in Microsoft Teams that give you more ways to use the tool you rely on every day for internal collaboration and meetings, now for webinars and external events. 

Beginning this week, Webinarsand PowerPoint Liveare generally available in Microsoft Teams. Additionally, Presenter mode will begin to roll out later in May. With these capabilities, you have new ways to deliver polished, professional presentations in meetings of all sizes, from small internal meetings to large customer-facing webinars and events—all from a single application. 

What’s even better? You don’t need to purchase a new license or product. These new capabilities are included in many of the Office and Microsoft 365 plans your organization uses today1. There are no hidden costs or charges for overage fees with plans that include these capabilities—period. 

Full-featured webinars for rich customer engagements 

Now you can organize and hold interactive webinars for up to 1,000 attendees with Teams. Use end-to-end webinar support that’s as simple as setting up a Teams meeting—including custom registration pages and attendee emails, rich presentation options, host controls, such as the ability to disable attendee chat and video, and post-event reporting to understand participation and to follow up with attendees. 

Attendee registration page inside of Teams

If you need to reach more than 1,000 attendees, Teams meetings can seamlessly scale to accommodate a 10,000-person view-only broadcast experience. During this time of increased remote work, we’ve expanded the attendee limit to 20,000 through the end of this year. 

Everyone can present like a pro 

With PowerPoint Live and Presenter mode in Microsoft Teams, anyone can deliver more impactful and engaging presentations to show up in a more polished and professional way with your audience. 

By bringing together Microsoft’s rich history with presenter experiences in PowerPoint and the collaboration power of Teams, presenters can feel more confident and capable during online presentations. You can view upcoming slides, notes, meeting chat, and the audience in a single view while presenting. 

PowerPoint slide presenter view shown during a Teams meeting

Meanwhile, attendees can personalize their experience by privately navigating the content at their own pace or using high contrast mode and screen readers to make content accessible. Coming soon, slide translation capabilities allow attendees to select their native language and automatically have slides translated for them—without changing the view for other attendees. 

Slide translation capabilities

Presenter mode empowers presenters to customize how their video feed and content appear to the audience. The first of three options, Standout mode, shows the speaker’s video feed as a silhouette in front of the shared content; Reporter mode shows content as a visual aid above the speaker’s shoulder, similar to a news broadcast; and Side-by-side mode shows presenter’s video feed alongside their content as they present. Standout mode will be available later in May, and Reporter and Side-by-side will roll out shortly after. 

Speaker shown in three layouts view with content

Continue to engage with attendees after your webinar 

A webinar is just one touchpoint in your customer engagement efforts. After the event ends, easily access reporting to bring attendee information into your customer relationship management (CRM) applications for lead management and follow-up. 

And, beginning this month, Microsoft Dynamics 365 Marketing customers can export attendee data directly from Teams to automatically create campaigns and customer journeys for ongoing nurture streams. The Microsoft Teams and Microsoft Dynamics 365 Marketing integration gives webinar hosts more ways to drive engagement, increase conversion, and build loyalty with your attendees. 

Export contacts from Teams to Dynamics 365 Marketing

Not sure how to deliver your next webinar or event? We can help 

Customers like Junior Achievement, Coldwell Banker, and the Consumer Technology Association are using Teams for virtual events—from community building townhalls, to state-of-the-market webinars, to the world’s largest tradeshow. 

We know that technology is just one piece of the solution. Microsoft services like the Live Events Assistance Program help customers set up, manage, and deliver events spanning from townhalls to webinars and everything in between. Microsoft Consulting Services for Virtual Events provide strategy and delivery support for organizations that want to move their large conferences and custom events online. And Microsoft trusted partners provide solutions to envision, develop, integrate, and deliver your virtual event at any size. 

Get started with Webinars in Microsoft Teams today 

Since the new webinar capabilities are already included in many of the Office and Microsoft 365 plans your organization uses today1, there’s no reason to not start using them now. 

Learn more about how to use these new capabilities in Microsoft Teams with this Webinars quick start guide and PowerPoint Live overview

1These new capabilities will be available in Microsoft 365 E3/E5, Microsoft 365 A3/A5, and Microsoft 365 Government G3/G5 plans. Microsoft 365 Business Standard and Microsoft 365 Business Premium plans will include all the features above for up to 300 attendees. And for the rest of 2021, we are offering a promotional period where all Teams users can try the features with their existing subscription. 

7 tips for safe online meetings and collaboration with Microsoft Teams

Remote and hybrid work has become the new norm for many employees across the globe as day-to-day collaboration continues to be accomplished virtually. With this shift to online communication, how can you ensure that you’re collaborating safely? 

Queue Microsoft Teams! Whether you’re hosting virtual meetings, carrying out daily group and 1:1 chat, sharing documents, or coauthoring in a document in real-time – Teams enables safe and secure collaboration! 

Tip 1: Control who can join your Microsoft Teams meetings directly and present 

Meeting organizers can change participant settings for a specific meeting through the Meeting options web page. In Teams, go to your Calendar, select a meeting, and then select Meeting options. From here you can determine settings like who needs to be admitted to the meeting and who can bypass the lobby to join it directly. Additionally, you can decide which participants are able to join with the presenter role to present out content and who should join as standard attendees. Another helpful control for large meetings is the ability to prevent attendees from unmuting themselves – this is particularly useful when the meeting will be led by specific participants while the rest of the audience will be listening in. Note that your organization controls the default participant settings. 

https://www.microsoft.com/en-us/videoplayer/embed/RE4MfGE?autoplay=false

Tip 2: Minimize Teams meeting disruptions by muting individual or all meeting attendees 

In order to prevent meeting disruptions, intentional or accidental, as a meeting organizer you have the ability to mute individual attendees or all meeting attendees. If an attendee happens to leave their microphone unmuted while being away, you can easily mute that participant from the participant pane. During large meetings led by designated speakers, such as a town hall or lecture, the ability to mute all attendees ensures your presenters won’t be accidentally interrupted. 

https://www.microsoft.com/en-us/videoplayer/embed/RE4MfGF?autoplay=false

Tip 3: Determine who can present content or share their screen in your Teams meeting 

As the meeting organizer, you can determine who has the ability to present out content or share their screen within the meeting. Prior to the meeting start, we discussed above how this can be accomplished via Meeting options. Once your meeting has begun, you can select a participant via the participant pane to determine whether they have the presenter role or are a standard attendee. This can be especially useful when you have outside participants attending your meeting who may only need the presenter role temporarily. 

https://www.microsoft.com/en-us/videoplayer/embed/RE4MjIm?autoplay=false

Tip 4: End your Teams meeting for everyone in attendance at once 

As the meeting organizer, sometimes the meeting needs to end at your discretion without allowing participants to remain. Ending a meeting for all attendees is often applicable in large-meeting settings such as a town hall, lecture, or webinar class to ensure attendees don’t remain in the meeting. Once a meeting has wrapped up, instead of clicking Leave, select the dropdown located next to it and click End Meeting. You can also access this by going into your meeting controls, click more options (…) , and select End Meeting. This will end and close the meeting for everyone in attendance. 

https://www.microsoft.com/en-us/videoplayer/embed/RE4MfGG?autoplay=false

Tip 5: Create a team with increased security 

If any of the content stored or discussed within the team may be considered business sensitive, such as financial details or classified project information, it’s best practice to apply increased protections to that team to ensure the content security. This can be accomplished by creating a new team and applying an IT-created sensitivity label. When applying a sensitivity label to your team, it automatically applies the configured protections to the team. 

When creating a new team, on the sensitivity and privacy pane select the dropdown under Sensitivity to select an IT-created sensitivity label to apply to the team. As a reminder, it’s always best to check with your organization or IT department on how sensitive business information should be stored. 

https://www.microsoft.com/en-us/videoplayer/embed/RE4MfGQ?autoplay=false

Tip 6: Create a private channel 

Sometimes you need to share sensitive information within a team to specified team members only, such as project details or strategic planning, that doesn’t require holistic team protection. Rather than creating a new team, you can create a private channel within an existing team that is only accessible to designated members. This is a great way to provide a security layer to protect sensitive business information without creating a new team. 

thumbnail image 1 of blog post titled 
 7 tips for safe online meetings and collaboration with Microsoft Teams

To create a private channel, go to the team and choose more options (…) and select Add channel. After providing a name and description, under Privacy select the dropdown arrow to specify the channel is Private – Accessible only to a specific group of people within the team. Once created, you can add additional private channel owners and up to 250 members. As a reminder, it’s always best to check with your organization or IT department on how sensitive business information should be stored. 

Tip 7: Help protect sensitive data in Teams 

Microsoft Teams supports data protection policies to help protect sensitive information from being accidentally or inadvertently shared. When collaborating in a Teams 1:1 or channel chat, you may have a message return as blocked if that message contains information that meets your organization’s sensitive information policy. 

thumbnail image 2 of blog post titled 
 7 tips for safe online meetings and collaboration with Microsoft Teams

If your message is blocked, within that blocked message you may see a clickable link that says What can I do? If you click that link, a helpfully policy tip created by your organization will display educating you on why content within that message is considered business sensitive. Policy tips are designed to help the sender understand why certain content is considered business sensitive or is best practice not to share. 

https://www.microsoft.com/en-us/videoplayer/embed/RE4MfH9?autoplay=false

https://www.microsoft.com/en-us/videoplayer/embed/RE4McRq?autoplay=false

We hope that these safe online collaboration tips will help you remain productive while having the confidence you’re remaining secure. 

7 Key Takeaways From the Kaseya Ransomware Attack

By now you’ve seen the headlines about the Kaseya cyberattack – one of the largest ransomware events in history that unfolded over the 4th of July weekend. This attack, which targeted Kaseya’s remote monitoring and management tool for handling networks and endpoints, immediately caused a ripple effect across the IT supply chain, affecting roughly 50 Managed IT Service Providers and 800 – 1,500 of the small to medium-sized businesses that they serviced.  

Unfortunately, this not only makes Kaseya the latest name to add to a growing list of high profile organizations such as Microsoft, Juniper, Solar Winds, the Colonial Pipeline, and many others to be breached, making makes it one of the largest. The cybercriminals responsible for the attack reportedly demanded upwards of $70 Million to restore the affected systems. 

Rather than re-tell the story of what happened, which you can find from dozens of articles, like this one from ZDNet, we’d like to share a few insights all businesses should take away from the situation. 

1 – It’s not a matter of if, but when 

We sincerely hope the sheer volume of breaches seen in daily news feeds has every business realizing YOU WILL BE HIT AT SOME POINT. All the companies listed above had invested heavily in hardening their security posture before they were breached (and continue to do so), but the bad guys found a way in. Even small businesses that think they’re too small to matter to cybercriminals are targets.  

2 – You need an incident response game plan 

In Kaseya CEO’s response, he pointed out that only one of 27 of their modules was compromised because of the quick and decisive action they took when they realized what had happened. If they hadn’t had a response plan and acted according to it, the damage could have been far worse – for them and their customers. 

3 – Cyber insurance is necessary – But not all policies are created equal 

As stated above, eventually your network will be compromised. And even if you have an incident response plan that you follow by the book, you could experience financial repercussions. Cyber insurance can help you weather that storm. But like all insurance types, not all policies are created equal. Watch out for policies that are more interested in forensic reports to understand how it happened than getting your business back up and running. You can do both.  

4 – Backups are your best friend in a breach 

In every security incident, we’ve remediated, one of our first go-to actions is to evaluate the organization’s backups. If set up properly, following 3-2-1-0 backup best practices, the disaster recovery time is significantly reduced, and paying the ransomware is not even a consideration. However, if you don’t have a well-constructed, business continuity/data protection plan, a ransomware attack can be catastrophic for a business.  

5 – If you don’t have a security roadmap, you need one 

If it were measured as a country, then cybercrime — which is predicted to inflict damages totaling $6 trillion USD globally in 2021 — would be the world’s third-largest economy after the U.S. and China. For this reason alone, you need a well-documented, security roadmap that is discussed monthly (or even better weekly). In every breach remediation, we’ve worked on, the client would have saved thousands in remediation costs if they had some of the fundamental protections in place. Our 5 steps to strengthen security is a good place to start if you need help in doing this.  

6 – Establish a culture of security 

Unless your employees are all cybersecurity experts, they are by far your biggest liability. And even though this particular breach came through a different avenue, it doesn’t change the fact that over 90% of breaches originate with employees clicking on a phishing email. This is why strong passwords, multi-factor authentication, and building a culture of security that includes security awareness training is so crucial. We like to think of our employees as a human firewall.  

7 – The pros of RMM outweigh the cons 

As mentioned above, it’s not a matter of if you’ll experience a breach, it’s a matter of when. And because of this, you need reputable remote monitoring tools to manage your network – whether deployed by an MSP or yourself. The service of keeping endpoints and networks patched and up to date is absolutely critical in today’s world.  

“According to a 2019 Security Boulevard study, 60% of breaches reported were  
linked to patches that were available, but not yet applied.” 

The point is that even though Kaseya and the MSPs affected may have lost the trust of their clients right now because of a vulnerability in their RMM tool, the service they have been providing has prevented criminals from exploiting unpatched networks for years. It took a very sophisticated, coordinated attack by a criminal organization to exploit this vulnerability. If your networks are unpatched, it doesn’t require near that level of effort or sophistication to get in and deliver a payload.  

https://www.zdnet.com/article/the-kaseya-ransomware-attack-everything-we-know-so-far/

Three ways your SMB customers are more secure with Microsoft 365 Business

We all read about the big data breaches – the ones that hit major corporations, with millions of personal records compromised. But today’s cybercriminals aren’t picky. Their nets catch businesses of any size, from the newest garage startup to well-established organizations with several hundred employees. Those are the businesses with perhaps the most to lose from a successful attack, whether from an interruption in business service or outright theft of customer or product information. 

Statistics bear this out: 

  • Surveys show that 58 percent of business-related cyberattacks are directed at small- to medium-sized business.[1] 
  • Average cost of a data breach to these businesses: $120,000.[2] 
  • And yet, 62 percent of SMBs lack effective digital protection.[3] 

But we get it. We know your customers probably feel overwhelmed with just running a business, let alone installing protection against digital thieves. That’s why showing your clients the benefits of the modern security built into Microsoft 365 Business helps you build a thriving practice. At the same time, you’ll give your SMB customers the ability to simplify their security strategy and confidently embrace new technology. 

Here are three reasons why your customers will thank you for helping them adopt the modern productivity cloud solution with leading security: Microsoft 365 Business. 

  1. Defend against cyber-attacks: Your customers will get protection from sophisticated, external cyber threats hidden in email attachments and links, and get cutting-edge defenses against phishing and spoofing attacks, ransomware, and other advanced malware attempts. These attacks are becoming more sophisticated every day, and the SMB space is a frequent target. 
  2. Retain control over their company data and documents– This is something that will give your customers peace of mind. Protection from data leaks will help them protect sensitive information such as Social Security numbers and credit card numbers. They also can control access to important company documents, even after those documents have been shared outside your company. 
  3. Manage apps, data, and documents on any device:Customers have full control over their company data. Regardless of the device type or operating system, iOS, macOS, Android, or Windows, Microsoft 365 Business helps you manage mobile devices. 

Plus, when you sell your customers on the security benefits of Microsoft 365 Business, you have the backing of Microsoft’s industry-leading experience protecting people and data. Microsoft is a serious security vendor, with a ton of experience in this space and the numbers to back it up. For example, each month our Outlook.com and Office 365 emails services analyze some 400 billion emails for security threats. We provide enterprise security for 90 percent of Fortune 500 companies, and operate more than 200 global cloud, consumer, and commercial services – all of which require advanced security. 

Best of all, moving customers to Microsoft 365 Business increases your value to customers. You can support one integrated solution across productivity, security, and device management while simplifying your customer’s technology investment and enabling them to operate more efficiently, cost-effectively, and securely. It also creates room for you to earn with managed services and Modern Workplace incentives. 

Visit the US SMB Modern Workplace landing page for resources related to starting a security practice and GTM assets to win new customers. Be sure to also watch this Advanced Security Opportunity webinar to learn more about the partner opportunity around Microsoft 365 Business that will increase your revenue and provide a stronger connection with your customers. 

[1]Verizon 2018 Data Breach Investigations Report 

[2]Kaspersky Lab study, 2018 

[3]Underserved and Unprepared: The State of SMB Cyber Security in 2019

PrintNightmare – What it is, Why it matters & What you should do about it

UPDATE JULY 6, 2021
From Microsoft: Microsoft has completed the investigation and has released security updates to address this vulnerability. Read More. The ISG Security Team will begin testing the implementation of this patch and report back on our findings via this post.


ORIGINAL POST, JULY 2, 2021

If you’ve found your way to this article, you must know that there is a new Microsoft vulnerability called “PrintNightmare” that could allow bad actors to wreak havoc on your network and your business. This article is to let you know what “PrintNightmare” is and what you should be doing about it to protect your organization.

What is PrintNightmare?

This Forbes article summed it up best by stating,

“PrintNightmare is the name that has been attached to a zero-day vulnerability impacting the Windows print spooler. A vulnerability that can ultimately, it would appear, lead to an attacker taking remote control of an affected system.”

What’s unique about this particular vulnerability is that it was only rated as “important” by Microsoft when the first patch was released on June 8th, but has since been escalated to “critical” on June 21st when it was found to enable remote code execution.

Security researchers working on this vulnerability, had actually found this, published their findings and inadvertently exposed this Windows zero-day. As of July 2nd, there is no patch for this vulnerability.

Why it matters?

Reason #1: The sheer volume of devices affected by the threat – this impacts EVERY supported Windows OS version in the wild, which essentially just made it hunting season for cybercriminals.

Reason #2: Print spooler is an essential function for almost all businesses and devices. Some people are recommending stopping the Print Spooler service across the entire organization, which is impractical in most cases.

Reason #3: The damage that can be done is significant. According to Microsoft’s update yesterday, “An attacker who successfully exploited this vulnerability could run arbitrary code with SYSTEM privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights,” 

What should you do?

Stay Tuned for the Patch
Several days into this, Microsoft has not commented on the problem, and a patch to this vulnerability has not been released. But we’re sure they have all hands on deck (Happy 4th of July weekend Microsoft Team). ISG’s security team is monitoring the top security forums, chats, Microsoft and working with our security partners to identify solutions.

Explore Stop-Gap Solutions
Some security professionals are suggesting stopping the print spooler service across the entire organization. This may or may not be right for your company. For most businesses, this is not a great option. There are a number of workarounds being discussed online. ISG has implemented a stop-gap solution that mitigates risk for ISG and our clients.

Reinforce Employee Security Awareness
Cybercriminals need a way into your network before they can exploit this vulnerability, and 90% of security breaches happen via email. So… you should reinforce to your employees how important their role is in the security of the organization. Here’s what we reminded our employees (and yes, we used big bold, all caps letters):

  • DO NOT OPEN ATTACHMENTS you weren’t expecting
  • DO NOT CLICK ON LINKS you don’t know are safe
  • DO NOT PROVIDE PERSONAL OR CONFIDENTIAL INFORMATION at the request of an email or phone call you receive.

If you need help…

Contact Your Trusted IT Service Provider
If you are unsure of what to do for your organization, reach out to an IT Service provider. ISG would be happy to help you navigate the situation. We have already taken steps to mitigate our risk, are continuing conversations with our strategic security partners about mitigation strategies and are on the lookout for the patch from Microsoft.

Stay tuned for more information or contact ISG today.

ISG Technology Featured on CRN’s 2021 Solution Provider 500 List

Overland Park, KS, Wednesday, June 9, 2021 — ISG Technology, today announced that CRN®, a brand of The Channel Company, has named ISG Technology to its 2021 Solution Provider 500 list. CRN announces its top 500 solution providers list each year, ranking the leading IT channel partner organizations across North America by revenue. This year’s impressive list represents a remarkable combined revenue of over $403 billion, underscoring the immense impact and influence these partners have on the IT industry today.

ISG Technology continues to be a fixture in this group of IT solution providers serving clients in the Midwest and across the nation with its IT Consulting, Professional Services, Managed Services, and its SOC2 audited data centers. The company was also recognized on CRN’s 2021 MSP 500 list earlier this year in the Elite 150 category for their excellence in providing managed services to the mid-market.

“We continue to see increasing demand for our managed services, especially our managed security offering,” stated Chief Operating Officer, Jon Bierman. “Unfortunately, too many companies are experiencing breaches and then getting ahold of us to remediate the situation. It’s keeping our incident response team busy, but we’d prefer to help companies get proactive with their cybersecurity efforts and their overall IT operations.”

John Bierman, COO of ISG Technology

“CRN’s Solution Provider 500 list serves as the industry standard for top-performing technology integrators, strategic service providers, and IT consultants, which makes it a valuable resource for technology vendors looking to partner with today’s best-of-breed IT solution providers,” said Blaine Raddon, CEO of The Channel Company. “On behalf of The Channel Company, I’d like to congratulate these companies for their incredible contributions to the growth and success of the IT channel.”

Blaine Raddon, CEO of The Channel Company

The complete 2021 Solution Provider 500 list is available online at www.CRN.com/SP500 and a sample from the list will be featured in the June issue of CRN Magazine.

About ISG Technology

ISG Technology helps organizations unlock possibilities so they can realize their full business potential. They do it by providing a unique combination of managed IT services, technology consulting, professional services, and cloud/data center solutions.

Part of the Twin Valley Family of Companies and a fourth-generation family business, ISG Technology has grown and evolved into the recognized leader in the Midwest by aligning its success with the long-term success of its clients. They are consistently recognized in CRN’s Top IT Providers in the nation, most recently as part of the Tech Elite 150 for excellence in managed IT services.

ISG is headquartered in Overland Park, KS, with 8 locations across the Midwest including a regional network of SOC II Certified data centers. For more information please contact Scott Strickler, Director of Marketing, ISG Technology, 913-826-6058.

About The Channel Company

The Channel Company enables breakthrough IT channel performance with our dominant media, engaging events, expert consulting and education, and innovative marketing services and platforms. As the channel catalyst, we connect and empower technology suppliers, solution providers, and end users. Backed by more than 30 years of unequalled channel experience, we draw from our deep knowledge to envision innovative new solutions for ever-evolving challenges in the technology marketplace. www.thechannelcompany.com 

Follow The Channel Company: Twitter, LinkedIn, and Facebook.

© 2021 The Channel Company, LLC. CRN is a registered trademark of The Channel Company, LLC. All rights reserved.