How to include your MSP in your backup and disaster recovery plan

An incomplete or poorly prepared backup and disaster recovery (BDR) plan can result in unacceptably long outages and lost revenue for your company.

Unfortunately, busy IT employees don’t always have the time to update BDR plans or test them thoroughly. Partnering with your managed IT services provider (MSP) to improve, refine and test your plan offers a simple way to ensure the effectiveness of this valuable resource.

Here are some of the ways your MSP can help you make sure your backup and disaster recovery plan is everything it should be.

Identifying stakeholders

The infrastructure staff and senior managers aren’t the only stakeholders crucial to the success of your BDR plan.

Your MSP can help you identify others in the company who should be involved, such as database managers and application testers. These employees can offer valuable insights and help you identify resources you’ll need to restore your systems.

Setting milestones

It’s not unusual to overlook a crucial milestone or two when developing your BDR plan timeline. Like most IT projects, BDR plans involve multiple stakeholders each tasked with carrying out a small piece of the plan.

MSP staff will help you evaluate the entire plan to ensure that important milestones are noted, including those related to network connectivity, resources, infrastructure, storage, proof of concept, storage replication, recovery point objectives, testing and backup data.

Anticipating disaster scenarios and determining responsibilities

Fires, floods and cyber threats may be the first things that come to mind when you think about disasters, but as British Airways found out in May 2017, even seemingly small problems can lead to major issues. A power surge and outage led to the cancellation of 75,000 flights and forced the airline to pay $68 million in passenger compensation.

Although a power outage should have been a minor blip, the surge also destroyed the airline’s backup system, complicating restoration. The story illustrates the importance of developing a secondary backup plan in your BDR plan.

In addition to assisting you in creating a backup plan, your managed IT services provider will also help you ensure that your employees understand their roles should a disaster occur.

The MSP team can assist you in breaking down specific tasks in the BDR plan, determining which staff members will be responsible for each detail, and creating a communication plan in the event that your team can’t communicate through its usual channels.

Providing documentation

Lack of documentation can doom your BDR plan, yet it’s a common factor in incomplete plans. When Disaster Recovery Journal surveyed 1,000 firms, the publication discovered that 31.5 percent had incomplete BDR plans.

If your key stakeholders haven’t had the time to document crucial processes and instructions, that knowledge will be lost if they ever leave the company. MSP staff will work with your internal staff to develop the documentation needed to fully restore your systems after a disaster or outage.

Additional IT support

In the process of creating a backup and disaster recovery plan, it sometimes happens that you’ll discover other areas where your IT support may be lacking. If you wish, your MSP can jump in and provide either one-time consultation or ongoing IT support to ensure you’re completely taken care of.

Your backup and disaster recovery

Sooner or later, every company experiences some sort of disaster.

Whether a cyberterrorist hacks your website, an employee makes a big mistake, or a hurricane destroys your data center, a comprehensive backup and disaster recovery plan is the key to resolving disruptions quickly.

Partnering with your MSP will help you ensure that your plan will actually work when it’s needed.

Why patching should always be a priority for IT network health

Having a sound IT infrastructure is crucial for every organization.

From network security to hardware and software implementation, your IT plan should always reflect company objectives and directives. But you also need a safe and secure operating platform.

That’s why patches should never be overlooked when it comes to network health and digital environment stability.

“Software updates are important because they often include critical patches to security holes.” – McAfee

What can patching do for my IT services?

Patches are software updates for your OS and other executable programs. Patches offer temporary fixes between full releases of software packages. Similarly, they can help maintain your IT network stability via.

Here’s some of what patching typically addresses:

  • Software bugs fixes
  • New or updated drivers
  • Fixes for new and existing security vulnerabilities
  • Fixes for software stability issues
  • Automatic upgrades for software and apps

Related: The CIO’s guide to lowering IT costs and boosting performance

Will patching tackle the latest viruses and malware?

While antivirus applications are part of any IT security package, patching is designed to integrate with existing systems and improve usability across the board.

At its core, software patching is essentially a convenient way to update applications and supporting data. This, in turn, updates, fixes and improves overall performance. These updates fix bugs within your software and IT infrastructure, resulting in safer and more efficient digital workspaces.

That said, patching does play a key role in vulnerability management.

With digital intrusion and network hacking at an all-time high, you need a timely, effective solution for implementing corrective measures. Sadly, most clients tend to overlook the importance of patching for mitigating risk.

Patches benefit your IT network in the following ways:

  • Identify and mitigate network security vulnerabilities.
  • Facilitate the seamless integration of operating systems and software apps
  • Ensure critical business processes and protocols run smoothly
  • Provide another critical layer of cybersecurity protection
  • Stop malware, viruses, adware and even ransomware from quietly running in your background systems

Looking for a complete cybersecurity plan? Check out The 2018 cybersecurity handbook.

How are patches delivered to my IT network?

Security and network patches are automatically inserted into codes of your existing software and apps.

This is done with little-to-no interruption of your daily business tasks, though there are times when patching requires user permission. In many organizations, patches are handled by the in-house IT teams or by the organization’s managed IT services provider.

Patching is essential for system success

The important thing is that you don’t ignore patching. Because patches rarely feel critical in the moment, it’s surprisingly easy (both for IT departments and individual users) to simply put off the patching process. That has the potential to leave you open to all kinds of nasty vulnerabilities.

Patching your programs may not seem all that important, but it really is vital to your overall network health.

“The takeaway for CIOs: Keep your work computers updated with patches on a regular basis and apply emergency patches as needed.” – CIO

The enterprise-level Wi-Fi security primer

Using Wi-Fi has become almost as natural as breathing.

From a business standpoint, some might say it’s critical. We’re online all of the time, every day and everywhere. We rarely consider how we are connected. All that matters is that we have a way to log in.

Wi-Fi has had a profound impact on organizations and employees. It enables users to communicate and collaborate which in turn enhances productivity, agility and ultimately, profitability. It creates opportunity, increases morale and reduces costs.

But despite being so convenient and flexible, best practices for enterprise Wi-Fi security aren’t always followed.

One of the biggest exploits to affect Wi-Fi security was widely publicized last year. Dubbed with the name KRACK, this vulnerability allowed attackers to bypass Wi-Fi security and steal sensitive data, including credit card details, passwords, emails, photos, chat messages, and the list goes on.

The vulnerabilities are real and robust Wi-Fi security is a necessity.

In a world where new cyberthreats and security exploits are unleashed on a daily basis, it’s more important than ever to stay on top of enterprise Wi-Fi security. In doing so, you can ensure your infrastructure and data is protected without compromising seamless access or enhanced productivity.

Identifying the vulnerabilities

The threats awaiting an unprotected WLAN are many.

Passive eavesdroppers can gather sensitive data, intruders can steal bandwidth and wireless traffic can be recorded easily. Even low-level attackers can launch a packet flood that disrupts your network.

If you don’t know what you are securing your Wi-Fi network against, you might as well be taking shots in the dark.

Before a WLAN can be sufficiently planned, deployed and secured, it is essential that all business assets are identified in order to protect them from the impact of theft, damage or loss. At the same time, you should determine who needs access to what and when so that you can define access policies.

WPA2-Enterprise: the recommended industry standard

When it comes to encryption and authentication, you have an increasing number of options available. The method you choose will largely depend on the level of risk that deploying a WLAN opens up and the size of your enterprise. However, the preferred and recommended standard for most organizations is Wi-Fi Protected Access 2 Enterprise (WPA2-Enterprise).

WPA2-Enterprise was first introduced in 2004 and delivers robust security and over-the-air encryption. Authentication is handled by a RADIUS server which authenticates each device before it connects. Once authenticated and connected, a personal tunnel is created between the network and the device, creating a secure connection over which all data is encrypted.

Another point to note is that WPA3 has recently been launched by the Wi-Fi Alliance. While it won’t hit the mainstream immediately, this new standard will provide strengthened user security through individualized data encryption and is certainly one to watch for the future.

Provide a better user experience for everybody

Wi-Fi is designed to allow users to connect and roam, but not at the expense of your network security.

In a business environment that is no longer restricted to trusted corporate users, you also need to secure your network for the BYOD and IoT era. Any device that can connect to your WLAN is a potential threat, whether it’s a client you have known for years or an IoT sensor streaming data in real-time.

In order to provide a positive and secure Wi-Fi experience for everybody, you must define context-based access policies that limit access by user or device. Even better, implement a guest Wi-Fi network that’s separate from your main WLAN and which will segment all guest traffic and isolate it away from your enterprise data.

Good housekeeping and points to note

Network administrators and IT security professionals should also consider these additional housekeeping tips to further secure and manage their enterprise Wi-Fi networks.

  • Deploy a wireless intrusion prevention system (WIPS) and wireless intrusion detection system (WIDS) on every wireless network.
  • Many best practice guides will tell you to change the SSID for your wireless network. It’s important to remember that the SSID is a network name and not a password. There are no security benefits of changing it, but if you need to distinguish your network name from others in the vicinity, changing it can make it more easily identifiable.
  • Ensure all equipment meets Federal Information Processing Standards (FIPS) 140-2 compliance for encryption.
  • Consider centralized WLAN management in the cloud that allows you to configure all access points, manage access policies and analyze network traffic.

Final thoughts on Wi-Fi security

Just like any segment of your network, wireless networks require robust security in order to protect data and systems, while still offering unfettered access to authorized users.

By identifying your vulnerabilities, using recommended encryption and authentication technologies and controlling access to your WLAN, you can ensure that you reap all the business value that Wi-Fi has to offer.

4 cybersecurity facts your company's leadership team should know

As the owner or manager of a company, you entrust your team leaders to handle a number of important responsibilities to ensure smooth daily operations. One of those responsibilities should be cybersecurity.
It’s essential to keep sensitive company data safe from hackers. Not only that, but viruses and malware still pose a very real threat. And today’s privacy laws and regulations demand that you be protective of customer data, as well.
If your team leaders are already aware of the threat cyber criminals pose, kudos to them. But are they as informed as they should be? And what’s more, how do you know the protection they have put in place is sufficient?
Are your leaders fully aware of all the important cybersecurity facts they need to know to protect the business?
While technology has certainly facilitated the way we do business, it has also paved the way for hackers and digital thieves individuals to take advantage of the vulnerabilities in your network. All that company data—data you rely on day in, day out to do business—is at risk. In fact, according to Infosecurity Magazine, “almost 1.4 billion records were exposed in 686 breaches reported between Jan. 1 and March 31 this year.”
And according to the Verizon 2018 Data Breach Investigations Report, there were over 2,000 confirmed data breaches and over 53,000 recorded incidents of cyber attack.
That’s why it’s important that company leaders stay well informed on a number of important cybersecurity facts. Equipped with this important knowledge, they can better combat and protect your data from the growing environment of cyberthreats.

Cybersecurity fact #1: Cybersecurity measures often fail due to human error

This is one of the most important cybersecurity facts.
Cybercriminals are pretty savvy individuals. They rely on the negligence and lack of knowledge of employees in a business to enable them to gain entry into the network or infect a computer.
Consider the damage a single employee can do. Is everyone in your office safe when browsing the internet and downloading files? Do your team leaders know how to avoid falling for spear phishing scams? Does everyone use secure passwords?
A basic education in keeping the company safe is critical, and that starts with your leadership team. Make sure they know these cybersecurity facts.

Cybersecurity fact #2: Cybercriminals are always seeking to exploit loopholes in virus protection application

The latest version of that virus protection software you’ve installed might not stop a virus or malware developed the very next day. That’s because hackers can quickly find ways to breach virus protection software.
To combat this, software companies quickly and consistently release updates to combat new threats. But you often have to install these updates manually. In the interim, malware, spyware, or a virus could slip through.
Your IT department may take care of all relevant updates. But if policy requires the end-user to update their own machine, make sure your leaders under stand the importance of these updates.

Cybersecurity fact #3: Offsite backups through the cloud can help protect your data

If you’ve become infected with malware, or worse yet, ransomware, then your data may become corrupted or even lost. Unless, of course, you have a backup.
But it’s possible that local backups are compromised, too. That’s why many companies utilize cloud computing and cloud-based data backup services, where data is backed up to a secure, off-site location.
While it may not change anything about how your team leaders do their day-to-day jobs, make sure they understand the importance of backups. A better understanding of the value of the data they work with will inevitably result in greater care to protect that data.

Cybersecurity fact #4: The most common method that cyber criminals use is email

As mentioned above, employees can unknowingly click on a link in an email or download an attached file without realizing that they have just allowed malware or spyware to be installed on their system.
Team leaders must teach employees to be ever vigilant when visiting websites and downloading files, and especially when clicking on links in email. They must be taught to recognize the signs of a possible scam or fake website. No one should every download any files they aren’t 100% sure about.

Cybersecurity facts matter

Everyone in the organization needs to take cybersecurity very seriously, not just team leaders. But for many companies, a well-educated staff starts with fully-informed team leaders.
After all, it only takes one wrong click to invite a cybercriminal into your system.
 

5 things your infrastructure monitoring and alerting should include

Today’s businesses have numerous options when choosing network monitoring systems. Some decide to rely on cloud-based or on-premises tools. Regardless of the option that your company selects, you need to make sure your infrastructure monitoring and alerting tools have the right tools.

Include the following five features in your monitoring and alerting tools to protect your network and avoid data loss.

Data visualization

The ability to capture data from customers and devices gives companies more opportunities to provide efficient services that anticipate needs. Unfortunately, few humans can work with vast amounts of data. The numbers bleed together and become incoherent.

Even the results of data-mining algorithms can perplex business leaders. Data visualization, however, organizes information in ways that the human brain can comprehend quickly. The charts display obvious trends and deviations that are nearly impossible to detect when reviewing raw data.

Data visualization also makes it easier for business leaders to understand the results of infrastructure monitoring and alerting. Instead of receiving a report with data showing unwanted, inconspicuous use, you can get reports that arrange data into graphs and charts. That way, you can optimize your IT infrastructure to improve client services, boost productivity, and avoid security threats.

Metrics tracking

Depending on how you use your IT infrastructure, you may not notice declines in speed and predictability. At the same time, your staff members may wonder why it suddenly takes so much longer to process information.

Metrics tracking helps ensure that your network does its job well. By tracking the right metrics, your IT team could even predict downtime. Instead of becoming a victim of downtime, you can prepare a solution that limits disruptions.

Customer tracking

Your business’s success depends on strong customer services. Without happy customers, your business won’t last long.

Customer relationship management (CRM) tools capable of sending alerts will help you and your sales team keep people happy with your services. For instance, you may receive an alert when the CRM notices that your client has ordered products recently. It can also boost sales by sending notifications that encourage clients to buy additional items or take advantage of upcoming sales.

Customer tracking tools that send alerts to customers and employees may boost your company’s success without forcing you to hire more people or devote more time to communications.

Proactive security monitoring

Malware continues to plague SMBs. As malware becomes more sophisticated, it’s possible that unknown threats could hide on your network for weeks or months before someone discovers it.

Proactive security monitoring eliminates that possibility by constantly checking your network for files and applications that don’t belong. Just because your network was pristine an hour ago doesn’t mean that an employee hasn’t fallen victim to a phishing ploy.

Not every business decides that proactive security monitoring is necessary. Those that do, however, get to take a proactive stance that improves their security.

Agility

The fact of the matter is that you don’t know what monitoring and alerting tools you will need in the near future. Technology evolves quickly, so it’s nearly impossible to predict which trends will arise within just a year.

An agile infrastructure can incorporate the latest tools to keep up with new technology and help you stay competitive.

The need for agility helps explain why so many CIOs choose Infrastructure-as-a-Service (IaaS). IaaS doesn’t commit you to specific tools. Instead, you can rely on your service provider to update your infrastructure with the latest technologies.

Monitoring and alerting that meets your needs

After a thorough review of your current infrastructure, you should consider which of the above tools could help your business improve its security, productivity and success.

Why your business should consider using multi-factor authentication

Written in partnership with Aruba Networks, a Hewlett Packard Enterprise company

Multi-factor authentication (MFA) can play a crucial role in your cybersecurity overall strategy. Providing a more complex security method for login, MFA requires additional verification before users have access to protected data.

Any time you’re dealing with sensitive business data, you need to take care to elevate security measures. But cybersecurity trends are always changing. You can’t (and shouldn’t) jump on every bandwagon that comes along. This article will give you the scoop on MFA so you know what it actually does to provide additional network security.

Multi-Factor authentication is all about making it more difficult for hackers to access your company’s sensitive data, email addresses, files, company credit card numbers, sign-in information and even personal information.

What is multi-factor authentication?

Forbes breaks down the essence of MFA this way:

“Multi-factor authentication is more complex, yet potentially more secure than two-factor, usually requiring additional verification such as biometrics to include voice, retina or fingerprint recognition, etc., which is harder for an attacker to bypass. Depending on the nature of the organization (i.e. maintains critical infrastructure), the risk could outweigh the cost and multi-factor authentication may be preferred.”

An example may help.

If you use an iPhone, there’s a good chance you’re already using MFA. When you use your fingerprint to access your phone, that’s an element of multi-factor authentication in action.

Of course, that’s multi-factor authentication on a consumer level. In business, there are all kinds of applications for advanced cybersecurity, including things like fingerprint readers.

The end result is simple—it’s significantly harder for a hacker to breach your data because the requirements for access are far more difficult to bypass.

How does multi-factor authentication boost network security?

There are multiple ways a cybercriminal can get to your company’s data. That’s why firewall protection, antivirus programs and other standard network security measures are so important.

Unfortunately, that kind of protection will only take you so far. That’s because the overwhelming the overwhelming majority of cybersecurity breaches happen, not because of a technical breakdown, but because of something a human being did or failed to do. If you don’t secure data at the human level, a breach is simply more likely.

Not only that, but password theft is alarmingly common and constantly evolving. Phishing scams, keylogging and pharming don’t take advantage of human error, per se. But the result is the same. Data is compromised because user passwords are compromised.

A multi-factor authentication method forces anyone accessing data to use more than a password alone. Even if users’ passwords are compromised, MFA means data is still safe.

Two-factor authentication vs multi-factor authentication

Blog post written in partnership with Aruba Networks, a Hewlett Packard Enterprise company

Two-factor authentication is more or less what it sounds like—two pieces of information are needed for access.

For instance, at an ATM you need two pieces of information to access your account—your ATM card and your PIN. But multi-factor authentication ups the ante. You’re required to provide multiple (as in, more than two) pieces of information for access, and one of those pieces of data is typically something completely unique to you. (Think retinal or fingerprint scan.)

Multi-factor authentication and your business

Multi-factor authentication helps with security, productivity, flexibility, and compliance. It gives business leaders an effective way to protect their organization’s infrastructure and adds multiple additional layers of cybersecurity. While it’s never possible to stop all data breaches, it’s well worth your time to do what you can to minimize the possibility that your data will be compromised.

If you’re interested in using MFA in your office, we recommend reaching out to your managed IT services provider. They’re already familiar with your technology and your network. They’ll be in a position to help determine exactly what kind of multi-factor authentication will work best for you and your staff.  At ISG Technology, we have partnered with the very best in the industry, Aruba, to provide you with the tools to create the best mobile workplace and prevent a cyberattack.

Lessons Learned at Backup School 2018


Our second annual Backup School webinar series is officially in the books.

Session one, Going Beyond Backup to Ensure Zero Downtime, focused on business continuity. We helped distinguish between backup, disaster recovery and business continuity, and then provided a four step methodology for getting your business continuity plan up and running.

Session two, Everything You Need to Know About Backup for Office 365, illuminated six critical reasons why you need to backup your Microsoft Office 365 data.

Couldn’t make it? Took a snooze during class? Or maybe your system crashed right before you were going to attend? No worries. Below you’ll find four lessons learned at backup school this year.

LESSON 1:
Backup and disaster recovery are data-centric whereas business continuity is business-centric

We introduced the Zero Downtime Maturity Scale, which provides a hierarchy for getting started with business continuity. Atthe bottom of the pyramid is making sure your data is backed up with 3-2-1 backup best practices.

Moving up the scale, the focus turns to disaster recovery, which focuses on knowing how much data you can afford to lose (RPO) and how much time you can afford to be down (RTO). Both of these first two levels are data-centric.

When your data protection strategy is in place, it’s time to turn your attention to your business continuity plan – ensuring that your organization understands it’s biggest risks, and what to do in certain situations.

LESSON 2:
Over half of survey respondents were “middle of the road” on the Zero Downtime Maturity Scale

66% of our attendees said that their backups were in good shape, and they are focused on disaster recovery strategy (middle of the road). Almost a quarter of the respondents (24%) said they were in the early stages, focused on getting their backups figured out. And the remaining 10% have data-centric business continuity taken care of and are focused on the business-centric planning aspects of BC.

LESSON 3:
There is a big misperception that Office 365 backs up your data

The misunderstanding falls between Microsoft’s perceived responsibility and the user’s actual responsibility of protection and long-term retention of their Office 365 data. The backup and recoverability that Microsoft provides and what users assume they are getting are often different. Meaning, aside from the standard precautions Office 365 has in place, you may need to re-assess the level of control you have of your data and how much access you truly have to it.

LESSON 4:
There are six Office 365 vulnerabilities in data protection you should be aware of

After speaking with hundreds of IT Professionals that have migrated to Office 365, six vulnerabilities in data protection rise to the top:

  1. Accidental deletion
  2. Retention policy gaps and confusion
  3. Internal security threats
  4. External security threats
  5. Legal and compliance requirements
  6. Managing hybrid email deployments and migrations to Office 365

Want to learn more about these six areas of concern? Download our Ebook:

>> 6 Critical Reasons for Office 365 Backup

 

Which is more secure: Onsite or offsite servers?

As your company grows, you will eventually reach a point when you must decide whether you want to use onsite or offsite servers. From a cybersecurity perspective, both options have their advantages and disadvantages.

Before you make your decision, get more informed about the pros and cons of onsite servers and offsite servers.

The security benefits of onsite servers

Some companies prefer onsite servers because they want full control of their data. They may worry that storing information on offsite servers gives criminals easier access to sensitive data.

As long as you’re willing to spend money on the right equipment and personnel, your business could benefit from onsite servers capable of giving your employees access to cloud solutions.

Security problems with onsite servers

There are a few security issues to consider before you choose onsite servers. Few SMBs can afford to hire IT professionals who focus on server security. Without the right personnel monitoring your system, the network could get infected by malware.

Choosing a reliable network monitoring tool lowers the threat of infection. Monitoring your network, however, isn’t the same thing as adding security that prevents hackers from attacking you. What will you do if you discover a new piece of malware on your network?

There aren’t many IT professionals working for SMBs that can eradicate every trace of malware, especially when the malware has been released recently and an antidote isn’t obvious.

Security benefits of choosing offsite servers

Over the last few years, more companies have started using hosted virtual servers. According to one study, 67 percent of organizations in 2014 relied, at least partially, on hosted systems.

There are several security reasons for companies to choose offsite servers. By choosing an offsite server, you get monitoring and protection from trained professionals. Placing your data in an offsite server also helps protect your business from disasters. If your office suffered a fire, flood, or other disaster, you could lose all of the information on your server. With offsite servers, though, you get added protection for disaster recovery and business continuity.

Keeping data on an offsite server only protects your business when you choose a reliable partner. Make sure you choose a company that takes security and uptime seriously. Otherwise, you won’t get the benefits that you expect.offsite servers

Problems with using offsite servers

While there are numerous benefits to choosing offsite servers, there are also some disadvantages.

Depending on how your partner structures its servers, your network could get infected by malware because of another company that uses the same servers. Without strict walls between accounts, another business’s poor security could hurt you.

You can improve the chance of choosing a reliable partner by asking companies about their rack space, cabinet space, and cage space. You should also ask about the company’s uptime, service level agreement, and data backup redundancy.

A hybrid approach to server security

Since there are pros and cons to both options, it makes sense to consider using a hybrid solution that combines the best qualities of onsite servers with the security advantages of offsite servers.

A hybrid cloud solution can give your business stronger security, automatic data backup, uncompromising performance, and the ability to scale quickly as your organization evolves.

You don’t have to choose between onsite and offsite servers. A hybrid approach might match your company’s needs better than those options.

5 ways employee education can make IT support infinitely easier

IT support is an important part of any company’s technology plan, but there is another important component that should go hand in hand. Employee training is the perfect complement to strong IT support for many reasons. In fact, according to a workplace study, over 65% of employees prefer to learn at work, and more than 55% prefer to learn at their own pace.

There are options for employee training including online courses, face-to-face classes, training offered by your IT providers, and even technology classes at local community colleges or technological organizations. And for basic training, you likely have someone on staff who can lead the charge.

All of these are great ways to give your employees some additional training, which in turn makes your IT support more effective. Plus, employee education has added benefits like reducing turnover and helping employees feel valued.

Here are 5 ways employee training helps.

1. Better communication with IT professionals

Whether your IT support is provided by an off-site managed IT services partner or in-house staff who work in your office right along with other employees, employee training can help communication between teams.

Employees should have some guidelines for communicating tech problems with IT support. The better your staff is at accurately summarizing support issues, the more effectively they can explain those issues to the support team. And when IT support starts with a well-documented ticket, they can often resolve the issue much more quickly.

Less research and legwork means better network performance and faster recovery when things don’t go as expected.

2. Avoid simple issues

There’s a joke in the IT world about the most common troubleshooting suggestion: “Have you tried turning it off and back on again?” But here’s the irony. A surprising number of IT issues really can be solved by power-cycling a device.

Of course, IT professionals are more than happy to help if the problem is more complex. But there are several simple tips and tricks that any employee should know to try before contacting IT support. Power-cycling is one of them.

Training employees to check for basic issues before reaching out to IT could save resources and time on both ends.

3. Better security

Your IT team can do everything possible to secure your servers and important data, but if your employees don’t know about the latest phishing schemes, ransomware, and trends in strong passwords it can all go to waste.

Employee education is essential for securing company data, especially with the increasing prevalence of sophisticated modern targeted phishing attacks called spear phishing, voicemail phishing (vishing) and SMS/text message phishing.

4. Get into the cloud

As many businesses transition to the cloud, some employees may get left behind. Help them catch up with some education not only about your specific cloud technology but what the cloud is and how it impacts their work.

Any transitional to a new tech solution can be stressful. But proper training will set your employee’s minds at ease and help to avoid hassles. Any time your company adopts a new technology, it’s important to offer training to employees to smooth over the transition.

5. Stay calm in a crisis

With extra technological knowledge, your employees will feel more confident when things shift into crisis mode—whether it’s a natural disaster, a cybersecurity attack, employee error or a hardware failure. Employee education can lead to less downtime after a disaster, faster identification of a problem by IT professionals, and faster access to data backups to get essential information and keep things running.

Are you ready to take your IT support and employee education to the next level? Contact your managed IT services provider (MSP) for specific tips on things your employees should know about. Your MSP may even offer direct employee training assistance.

6 things your managed IT services provider should be doing to protect you

 

Hiring a managed IT services provider is both a challenge and a necessity.

Today’s digital markets are experiencing escalating levels of cyber crimes so having an IT security expert is a requirement. However, the variety of services available and the extent to which those services are offered make it difficult to know which provider is right for your enterprise.

If you’re searching for a managed IT service to help with your organization’s security needs, consider how these options match up with your security concerns.

Protecting internal assets

Ensuring a tight digital perimeter is the first step to securing a company. Your managed IT services provider should ensure that your internal processes are safe.

1) Access to data

Most companies use authentication procedures to ensure only those authorized to access corporate data can access that information. These days, multi-level authentications are common and require every worker to pass through at least two portals to enter into company information vaults. You can also use the access process to limit who gets into which database, which is another security option.

2) Email safety

One of today’s biggest security threats is the phishing email. Your provider should have a robust spam and phishing filter to reduce or eliminate these threats.

3) Higher, stronger firewalls

One of the earliest forms of cyber protection remains one of its most valued services. Firewalls are hard- or software barriers that impede access by anyone without authority. Today’s firewalls deter known threats and can be reconfigured when new ones are discovered.

Protecting against external threats

Even with excellent internal protections, cybercriminals are still devising new threats to defeat them.

4) DDoS (Distributed Denial of Services)

These attacks are more frequent these days. They use multiple computers to attack a target server or network, then prevent users from accessing that server or network.

The nefarious brains behind the attack can be anyone from a single hacker to an organized crime ring(yes, those exist in cyberspace now). These attacks usually begin with the exploitation of a vulnerability within a server or network, which gives the attacker both an entry point and a home base. From here, the criminal can access multiple other computers, servers, and networks, infect them with malware, and cause the crash of the entire enterprise.

It’s worth it to pay more for heightened DDoS protections.

5) Mobile device vulnerabilities

Today’s “BYOD” (bring your own device) culture often permits workers to use their personal mobile devices for work purposes. By doing so, however, they open up innumerable vulnerabilities that most corporate security systems aren’t designed to handle.

Some companies curtail the threat with robust BYOD policies while others prohibit the practice entirely. Your managed IT services provider can identify for you how best to handle this situation within your organization.

6) IoT considerations

Think of the Internet of Things (IoT) explosion as an extension of the BYOD concern, only as a much, much bigger threat. There are hundreds of IoT devices available, some of which may already be installed in your facilities. Most of these digital items have little or no internal security features, so they can operate as an open portal within your enterprise.

Look for a comprehensive cybersecurity package that includes your IoT assets.

On a final note, remember that top-notch security doesn’t equate to complete compliance. If your company has compliance obligations, be certain that your new provider structures your services to meet those, too.