Tech Tips

Useful tips for growing businesses

4 IT Security Technologies Every Small Business Should Have In Place

Regardless of their size, many small businesses still need to meet strict compliance regulations, such as PCI and HIPAA. In addition to any special requirements, there are a few security technologies every small business should have in place. Here are our four security must-haves.

Firewall – It sounds passé, but firewalls are still the de facto solution for minimum security. Small businesses are no exception. We frequently see vendors attempting to coax small business owners into boxes bigger than they need, with full redundancy and licensing. As expected, most small business owners will balk at the $20K-plus price tags that hang off these shiny new boxes. The truth is, for bandwidths typical in smaller organizations (let’s say T1s up to 10Mbps), a small ASIC-based firewall even with gateway services (such as gateway anti-virus, anti-spyware, IDS or IPS) can be found for just a few thousand dollars. Even if it’s not tweaked to perfection, some firewall is better than none. And no organization should rely on their Internet provider for this security.
Endpoint security – Whether your small office is three people or a hundred, Endpoint security is a must-have. Depending on the number of users, an organization may opt for boxed consumer licenses and manual management, or a centrally-managed Endpoint Security solution. All mainstream Endpoint Security vendors will have both options available, but the licenses may not be upgradeable or transferable. Meaning, if you buy Endpoint Security in boxes at Walmart or Best Buy, you probably can’t turn those into centrally managed client licenses if your needs grow or change. Take the time to do a little research and you’ll be pleasantly surprised at the affordable licensing structure of centrally managed Endpoint Security. The right Security-as-a-Service solution can perform reliably and effectively and deliver the flexibility and control associated with on-premise solutions — at a significantly lower cost — without compromising privacy and security. Whether as the sole deployment platform or part of a hybrid on-premise/ SaaS solution, SaaS helps provide a greater return on an organization’s security investment through coverage that scales to meet an organization’s needs and by reducing costs associated with maintaining on-premise solutions.
Password management tool – These are great little tools and I’ve found they’re an easy and inexpensive solution for small offices that aren’t using single sign-on or authenticating to a directory (such as Active Directory) for management. These tools allow a team or entire company to post, update, and share key passwords used in the organization. They can contain login info for bank accounts, the server admin account, email management or CLI logon for switches. They reduce the use of default passwords and re-use of shared passwords while making it easier to incorporate complexity into all credentials.
Backups – We can’t overemphasize the importance of a good backup and disaster recovery plan. You don’t have to have a fully-executed DR methodology, but if your small business currently has no backups, start here as your next step in securing your business. You never know when there will be a fire, a flood, or a disgruntled employee who decides to wreak havoc before leaving. Even if you’re not taking backups of all the computers, identify your key data – such as accounting records, customer data, and anything critical to operating your business such as emails, website content, intellectual property and marketing materials or graphics – and back it up. Look for software-based backups that can take regular snapshots of servers or storage, or consider a hosted online backup solution.

The first step is to keep backups locally. The next progression is to also find a remote site or hosted solution in case your location experiences a disaster or even theft.

10 tips for outsourced IT Services

When the economy turns down, corporate IT budgets are usually one of the first casualties. It's not uncommon to see IT budgets allocating only 15% discretionary spend, with the remaining 85% spent on maintenance and 'keeping the lights on'. However, despite the economic realities, the need for reliable IT remains the same - especially when it comes to critical business applications such as Email, Collaboration or Customer Relationship Management. As organizations across all industries face tough decisions about where to allocate their limited resources, more IT chiefs are turning to their Managed IT Services Partner (MSP) for guidance with IT solutions.

Achieve more with less (lower IT budget) – While the performance of computers per unit cost doubles every 24 months, the total cost of operating those computers has only recently realized similar cost efficiencies, as seen in the pay-as-you-go “Hosted” and “Cloud” offerings. In the past, companies could rely on some form of financing for technology purchases (hardware or software), either through a vendor-sponsored payment plan, a specialty leasing agent or a straight bank loan. Today’s credit markets challenge many organizations, particularly the smaller ones, to secure technology financing.

“With BizCare, you now have direct access to unlimited Hosted IT Infrastructures, Platforms and Applications, formerly enjoyed by Fortune 500 organizations running a dedicated IT staff.”
Embrace new technologies that fit the business, not the other way around – Your MSP adds value with the latest technologies specifically tailored to your individual business requirements. As your requirements evolve, your MSP will suggest the best solution for your particular situation. While layoffs may be inevitable in a down economy, your customers expect the same level of attention, service and quality they have always received. Successful organizations recognize this and go above and beyond to preserve customer loyalty by showing them that it’s business as usual, even when it’s not.

“You now have access to the world’s leading commercial and open source developers to ensure your organization is on the cutting edge of emerging technology. Our technology Ecosystem is world class, as seen here...
Manage IT continuity – Your MSP is committed to maximizing reliable IT uptime. MSPs know that if the IT infrastructure goes down, your productivity is down, potentially threatening revenue. They are driven to keep you satisfied, or risk losing your business.

“We guarantee five nines (99.999%) uptime with your email. If you’re not satisfied, we’re not satisfied. We don’t force multi-year contracts. If we let you down, you can cancel your contract and take your business elsewhere.”
Manage change quickly – Organizations that depend on IT know that uncertain times demand flexible IT infrastructures. That means accommodating reductions as well as growth. While on-premise solutions can scale up as your company grows, it doesn’t work the other way around. Your MSP will orchestrate fully equipped, top-of-the-line systems that are continually sized, updated and maintained – saving your organization thousands of dollars in server hardware, software, upgrades, and the expertise to run it all.

“Remove “IT deployment” and “IT maintenance” from your budget. Instead, notice the latest in hardware and software technology, managed by experienced engineers, at no additional variable cost and no unexpected fees.”
Scale seamlessly – When your organization grows, your infrastructure must also grow even faster. Your MSP enables access to extensive hardware and software resources required to scale smoothly and easily. Cloud hosting, in particular, is especially designed for scalability—since you use only the infrastructure resources you need.

“We’re always ready for your growth. Thanks to the elastic nature of cloud computing, you can automatically adjust your resources so that you don’t skip a beat – you only pay for what you need, and nothing you don’t.”
Protect your critical business data – Your MSP knows that you have entrusted them with your invaluable data—so they design their systems to protect that data. They have the resources to implement exhaustive backup and data recovery systems. Look for Data Protection Guarantees – ensuring, at minimum, that your email is completely protected and available in the event of a simple hardware failure or even a catastrophic data center outage. The damage to your business if multiple years-worth of critical business data is lost cannot be calculated.

“BizCare offers a 100 percent data protection guarantee because your data is replicated multiple times across our East and West coast data centers. This protects your data in the event of hardware failure, database corruption or even a catastrophic data center loss. If a you accidentally delete an email or email folder, you can restore it easily through our control panel at no cost – even up to 14 days after the data was deleted.”
Manage data security – An organization can spend thousands of dollars to protect their data—or they can save thousands by turning to an MSP who will continuously align the best security solution with your evolving requirements, protecting your data from physical threats—such as theft, overheating, power outages, and fire—as well as technical threats from hackers or prying eyes.

“Our data centers are designed to protect your data from all physical and technical threats. And to secure your data during its journey through cyberspace, our system uses DoD standards-based protocols, as well as extended SSL encryption, and we meet all PCI DSS data security requirements for information security.”
Manage technology upgrades – Your MSP continuously eliminates the worry about downloading and installing software upgrades or security patches. Your system will always be up-to-date.

“We stay on top of upgrades and security patches around the clock, so you’ll always be using the latest versions of all system software. And we partner with leaders in the security industry, to give you the strongest level of protection available.”
Access the same data from everywhere – Your MSP will offer a wide range of data access options. This flexibility enables your organization to be more productive, compared to those who are bound to designated computers or software.

“Location is no longer an issue. You can access and manage data from any Internet-connected computer or mobile device. And your data transmissions are secured, to avoid any possibility of data leakage.”
Comply with Federal Regulations – Your MSP will stay on top of the regulations so you don’t have to. MSPs will implement the proper storage, compliance, and retrieval features required for audits, legal requests, and other federal and state requirements.

“Our optional archiving service is designed to meet e-discovery, regulatory, and industry guidelines for data retention, and is ideal even for companies that need to adhere to the highest levels of compliance.”

Top Six Ways to Guard Your Business Data

In the age of pervasive information technologies small and medium businesses (SMBs) increasingly fall prey to malicious attacks. Employees regularly chat over instant messengers with their prospects and customers. Email and web-applications offer nefarious ways to trigger wide-spread malware events within minutes of the first exposure. Attackers frequently bait content with links leading to scammer interactions, ultimately exposing to the wild sensitive proprietary company data.

Every one of your employees – not just the “IT guy” – needs to be familiar with at least the basics of IT Security. And, if you don’t have a Security Policy, consider the top six ways to guard your IT Infrastructure from the most common security threats:

Avoid Lost Laptops, Exposed Data – The mobility of employees is constantly increasing in the modern world, and the rapid growth of the supply of mobile gadgets is rooted in the huge demand for such devices not only for personal use, but for working purposes. However, if your laptop or smart-phone falls into the wrong hands, your unauthorized sensitive work e-mail inbox and proprietary data is at risk of exposure.
Encrypting your data is one way to mitigate that risk. You can use an encryption program, such as TrueCrypt (available for free under open-source licensing), to protect your data from unauthorized access.

Another way is to use a recovery service. If your equipment gets lost or stolen, and you can’t get it back, you’ll at least want to erase its data. Some IT Managed Services, as well as laptop manufacturers, offer data recovery services for selected laptop computers.

Use Strong Passwords – Use stronger passwords: Longer passwords are better; more characters take longer to crack. Keep in mind that the character diversity makes your password significantly harder to guess or crack. The situation will be definitely improved just if one sticks to a simple and widely accepted rule that a password must consist of uppercase and lowercase letters, numbers, preferably, special characters and be at least 9 characters long.
Beware of Rogue Wi-Fi Hotspots – Free Wi-Fi networks are available almost everywhere your employees go. Attackers, however, sometimes set up a malicious open Wi-Fi network to lure unsuspecting users into connecting. Once you have connected to a rogue wireless network, the attacker can capture your PC’s traffic and gather any sensitive information you send. Verifying the network’s name may help in this case.
Use Strong Wi-Fi Security – If you’re cautious, you’ve already secured your wireless network with a password to keep outsiders from accessing it or using your Internet connection. But password protection alone may not be sufficient.
It’s highly advisable, as well, to use stronger encryption. Several types of Wi-Fi network encryption are available. WEP (Wired Equivalent Privacy) encryption is the most common variety employed on wireless networks, but it can be easily cracked. The newer encryption types such as WPA (Wi-Fi Protected Access) or its successor, WPA2 resolve the weaknesses of WEP and provide much stronger protection.
Use Private Browsing to avoid Web Snooping – Now that so much entertainment, shopping, and socializing have shifted online, every Internet user leaves a rich digital trail of preferences. The best way out in this case is to use private browsing, which ensures that the site history, form data, searches, passwords, and other details of the current Internet session don’t remain in your browser’s cache or password manager once you shut the browser down.
Patch Your Software – Microsoft’s products have long been favorite targets for malware, but the company has stepped up its game, forcing attackers to seek other weak links in the security chain. One of the most trivial preventive measures in this case is to have all security updates installed, thus keeping your operating system and applications up-to-date.

It only takes one unprotected machine to infect or disable any small and medium business network. That means one un-patched workstation can create costly repercussions including:

  • Downtime and loss of productivity due to re-installation
  • Questionable data integrity due to a successful exploit
  • Negative public relations due to systems unavailable for your customers
  • Legal problems if your patch management process has to go under a judicial microscope

While patch management is common at larger enterprises, smaller and medium businesses are exposed. In other words, some IT assets continue un-patched. Further, no single tool solves this problem. Patching is an IT management service – not a tool. Smaller organizations delegate patch deployment as a task. It’s not a task; it’s a full-time job, spanning five common steps – resulting in a secure and safe Small and Medium Business IT infrastructure:

  • Inventory – Start by taking an inventory of your network and the software deployed on it. Without this, you won’t know which patches to deploy. In addition, prioritize machines by creating a risk profile based on their necessity to the organization.
  • Monitor – Once you have an inventory and prioritization of your assets, you’re ready to start monitoring for patches. This is usually as simple as signing up for e-mail notification on the product vendor’s Web site. But don’t rely on your vendor to always give you timely notification of problems. It may not notify you until it’s developed a solution, and that could be too late. That’s why you need to also monitor security web sites for news of zero-day exploits and emerging problems.
  • Deploy – After you’ve set up a monitoring process, it’s time to start deploying patches. There are many patch deployment solutions available, so pick one that fits your needs and budget. All solutions deliver patches. However, what you need most from your patch management system is a report on what the solution patched and which machines it did not patch.
  • Remediate – Now it’s time to remediate. Using the report of which machines failed, track them down, and start monitoring them for activity. Some users habitually turn off workstations at the end of the day regardless of how many e-mail notices they receive to leave them on. Monitor your network for activity from those machines. In addition, you can use Wake-On-LAN (WOL) or Wake On Wireless LAN (WoWLAN). If you can’t seem to catch the machine on or wake it up, take action.
  • Respond – Sometimes drastic action is necessary to protect your organization’s network. You can always disable the machine’s account and send a note to the help desk to route the trouble ticket through the patch management section.

If this doesn’t work, then disable the switch port that the workstation connects to. Either solution will produce a response from the user and allow you to solve the short-term problem of deploying the patches. Then you can start working on the long-term problem of why this workstation is failing to receive patches.