Setup for Success: IT Security for Everyone

Setup for Success: IT Security for Everyone

Written by SOS Tech Group on . Posted in Computer Security

The consequences of malware, phishing attempts and breaches are known to be common amongst household name corporations in our times. Credit bureaus, video streaming and gaming console breaches as just some of the most recent that have made the news. Even though the resulting damages from these attacks totaled in the millions of dollars fiscally, the damage to their brand will take years to measure. Small businesses & start-ups do not have the financial, or social, capital to withstand these types of incidents without putting their very survival at stake.

The following are a few ways to ensure your business is facing modern threats as best it can:

Lock your network doors

In the same way that you wouldn’t dream of leaving your car unlocked, you shouldn’t invite cyber criminals into your business networks, either. Purchase a business grade firewall with comprehensive anti-virus and security threat definitions that are updated constantly. Stay current with your licensing to ensure you can meet the latest threats as they’re exposed. Do not rely solely on equipment provided by your ISP; these devices are intimately known by bad actors and have had their weaknesses make public knowledge.

Also, use SSL VPN connections for remote employees or after-hours access to your networks. Business grade firewalls can easily accomplish this.

Setting company policy

Size is rapidly becoming irrelevant in being an attractive target for cyber criminals. Teach employees and re-teach them about your security requirements and best practices as provided by your IT team.

Policy should include employees using company computers responsibly and not engaging in extra risky activities, how to spot phishing attempts in email, setting requirements for password complexity and expiry, and setting two-factor authentication wherever it can be applied.

Social Media Do’s and Don’ts

Social media is a part of our lives and isn’t going anywhere anytime soon, so reducing risk is paramount. Determine whom can speak for the business publicly and approve all social media content before publishing. When writing employee policy, cover social media sites like Facebook, Twitter, and the like in your non-disclosure agreement, especially their use on company time and premises. Assume the worst to get the best results. Encourage employees to limit the amount of personal information they share online for their safety and the safety of the business.

Protect with passwords

Passwords are the key to front line security, so they are important to protecting access to your networks. The more characters and variation you have, the stronger your password will be. Require strong passwords with a length of at least eight characters with embedded numbers, so you can stop simple attacks that guess passwords. Time out old passwords and require password changes frequently. Educate employees about why writing down passwords, storing passwords on cell phones, or using guessable choices puts company security at risk.

 

Get critical about Internet security

Stop the mad links. Don’t rely on employees to think about security. Restrict where and when they can access the network or Internet within the business. Along with guidelines for acceptable web use, select content filtering solutions that stop unacceptable use. URL filtering can limit access to unproductive sites completely or during business hours.

Bring Your Own Device

The level of adoption for employees bringing their own devices (BYOD) to work in the small and medium business market is soaring – but what about the security risks? Develop a plan. A BYOD plan will provide a safety net against legal repercussions and mobile system costs. Draft a comprehensive & clear BYOD policy that covers data deletion, location tracking, and content monitoring.

Regularly reflect on the benefits and impacts of BYOD programs. Most businesses adopt the BYOD trend because of the increased productivity and cost savings it can provide. However, not all take the time to gauge if the trend is worth the risk it can expose an organization to. Monitor your use of BYOD to help justify its deployment and prevent future device security problems.

Be Current

Be sure your mobile users, PCs and servers are using the best available threat intelligence and definitions. You are only as safe as your last update. Look for solutions that make use of remote servers or data centers to do most of the heavy lifting of security. Don’t rely on old antivirus. New methods of detection perform the equivalent of background checks on email senders, files, and websites to protect better and faster without slowing your PCs. Make it as simple as possible for your PCs to have the latest OS patches as well. Do not use end-of-life operating systems.

Choose a Security Partner

Select a vendor who understands the unique needs of security in a small business environment. Check their record. Vendors with a proven track record of years of defense against multiple threats, with knowledge of both small business and enterprise experience will be your best defense.

 

Securing the Airwaves: How can the Cloud be better?

Written by SOS Tech Group on . Posted in Cloud Hosting

data archiving

When establishing your IT environment, either on premise or cloud hosted, all organizations should always give serious consideration to the security. But how secure is the cloud? There’s numerous pieces of hardware in a datacenter where your information is travelling through or being stored. How can it be more secure?

When considering the cloud, the main fact is that while some of the methods and tools used to secure a network and data in the cloud are different as a physical server, the basic principles are exactly the same. Also, because the cloud runs in data centers staffed by experts from numerous technology specialties, data stored there is secured by the best people available in the industry today.

Security in the cloud is achieved through the implementation of technologies, infrastructure, and policies like any other network. Those used to secure datacenters, however, are suited to agile, large-scale environments and are certified by independent third-party auditors. Compliance with these audits show that datacenters are using the best tools and equipment available at the enterprise level that SMBs can take advantage of at scale.

Datacenters can be certified to show they are compliant with HIPAA regulations for systems that handle sensitive healthcare information – this is absolutely necessary for HIPAA-compliant cloud storage. When companies handle information like birthdays, addresses, and credit card data, they are also audited for PCI compliance too.  Any datacenter which has been audited and certified according to these standards absolutely proves it has the procedures and technical acumen to provide the best security to protect even the most sensitive business information.

Firewalls are the de-facto security for any network, including cloud hosted networks. A firewall is a hardware or software system which applies screening and rules to all the traffic of a network. Data passing in or out of your Cloud environment is inspected and filtered by the firewall based on a set of configurable rules, blocking dangerous traffic, and allowing the correct data in. This is what provides the network barrier between your systems and other systems in the data center. The rules governing a firewall must be managed closely, to meet changing threats and maintain security, a process best handled by managed service experts.

Businesses of all sizes, including Enterprise and SMB level, have been using the Cloud for years, and among users of every size cloud hosting is only increasing in every industry. Private businesses and governments are moving workloads of varying levels to the cloud, even with increasingly stringent security needs. This change is driven largely by lower costs, and the increased performance, and agility advantages delivered by cloud computing. A benefit central to this confidence is the realization that service providers offer experience and expertise which are far beyond most organizations, particularly those not dedicated to IT services, network security or data management. Committed, professional management is a major part of what makes any environment secure and efficient, cloud or on premise.

An expert managed service provider like SOS Technology Group provides the most benefit to any business, allowing anyone to benefit from the scalability and low cost of the cloud while providing the leading edge security needed today for any compliance needs. Contact us for a no cost assessment today.

Total Cloud: A Virtual Dream to A Virtual Reality

Written by SOS Tech Group on . Posted in Cloud Hosting

wi-fi security

Small- to mid-sized business owners enjoying rapid growth face a challenge—how to scale their organizations rapidly without incurring dramatic cost increases to overhead.

One way to meet this challenge is to establish a virtual workforce with a cloud based environment.  With this kind of platform, employees, many of whom might be located across the country, or even around the world, can work from wherever they wish. This eliminates the need for you to lease more office space and constantly move into larger offices as your business grows. A virtual workforce can reduce other costs and could even increase productivity by keeping your overhead expenses low and employees happy.

A sales team and field service team probably already work largely on a remote basis. Hiring other types of employees to extend your virtual team opens up the possibility for hiring more experienced and talented individuals. What’s more, employees are rapidly choosing to work virtually if they can, leading to a direct quality of life increase for employees, and this makes retention of quality people easy.

Some managers think that, in regards to productivity, they can’t measure what they can’t see, but most teams are already collaborating virtually, when using email or instant messaging platforms; they might be in the office next door or in another city. The technology for virtual cooperative work has existed for quite some time. Still, it takes effort to make virtual connections work. It is absolutely critical to promote and foster quality virtual interaction so that no employee is an island. This is a common challenge when organizations move to a virtual workspace, but one that can be addressed with thoughtful engagement during the migration from physical to virtual.

Another key component to a virtual workspace is a consistent environment. An environment that is identical to a physical workstation is preferred, with as little deviation as possible from a traditional PC workstation. A bring-your-own-device policy, with the appropriate cloud infrastructure, is a great way to achieve parity, as each employee is able to customize their work experience to a degree, and maintain a level of comfort and familiarity with their equipment. Windows PCs, MacBooks, tablets or even smartphones – however an employee works best, a virtual workspace can be adjusted to fit their needs.

BYOD, as bring-your-own-device is also known, can reduce overhead, as system requirements are significantly lowered with a virtual desktop and some employees may even agree to purchase their own workstation hardware, if they absolutely need features that are not necessarily provided beyond a baseline minimum requirement.

Cost savings, overhead reductions, consistent uptime and increased employee happiness are just a few of the benefits of going to a virtual workstation environment. Reach out to us today for an assessment of your IT to elevate to the Total Cloud today!

 

The Real Deal on Cybersecurity Failures

Written by SOS Tech Group on . Posted in Computer Security

A 2018 study revealed that small to medium businesses increasingly face the same cybersecurity risks as enterprise and well-known corporations, but only 28 percent of SMBs rate their ability to mitigate threats and attacks as “highly effective.”

The quantity of breaches and attacks, including malware, phishing attempts and ransomware attacks is steadily rising — with 67 percent of SMBs experiencing a cyber-attack, and 58 percent experiencing a data breach in the last year. Despite that, nearly half of respondents (47 percent) say they have no understanding of how to defend their businesses from these attacks.

As this vulnerability increases, the risk of employees, vendors, and outside contractors causing data breaches or being inadvertently complicit in these attacks is simultaneously increasing — 60 percent of study respondents cited a negligent employee or contractor as being the root cause for a breach, compared to 37 percent pointing to an outside source. Still, 32 percent of survey participants stated that they could not determine the root cause of a breach or attack they experienced in the past 12 months.

40 percent of respondents say an attack occurred with the compromise of employees’ passwords in the past year, with the average cost of each being $383,365. Accordingly, 19 percent more IT and security professionals consider password protection and management to be increasingly critical in 2019 as compared to 2018.

Part of creating an environment that is vulnerable to outside attack is a failure to use strong passwords, two-factor authentication and unique passwords for every website, application and system. These steps are often inconvenient, but have stopped attacks from occurring, limited the intrusion that occurs, and even notifying of a breach before it can actually occur. In this vein, respondents indicated their two biggest password-related pain points are having to deal with passwords being stolen or compromised (68 percent) and employees using weak passwords (67 percent). Almost certainly, this is cause and effect at work. Often, human memory and/or insecure spreadsheets are used to store and protect passwords. Only 22 percent of respondents say their companies require employees to use a password manager. Of the 74 percent of respondents who say password managers are not required, more than half say their companies rely upon unreliable methods to protect passwords.

SMBs, by nature, do not necessarily have the funds or the expert staff to have effective security, and as a result 74 percent of respondents note this as a huge obstacle. The remaining 26 percent of respondents who believe they are ‘highly effective’ at mitigating vulnerabilities and attacks state that the reason for this belief is due to a higher investment in both personnel and funding to adequately face these threats. These companies also dedicate a higher percentage of their IT budget to cybersecurity efforts.

As time progresses and technology evolves, cyber criminals are often ahead of the curve, and companies, no matter how big or small, are only as strong as their weakest link and their ability to react to an ever-changing security landscape. Staying ahead of threats in this area pays untold dividends by fostering a healthy respect for security and the responsibility of being good stewards of consumer data.

 

No Hardware – No Problems

Written by SOS Tech Group on . Posted in Cloud Hosting

Beginner’s Guide To Cloud Storage

No hardware, no problems

 

Not too long ago, a virtual desktop environment was too cost prohibitive for many organizations. This offering has grown so quickly and become so cost effective that it is a right size for almost every company doing business today.

An SOS TotalCloud appliance acts like a physical desktop, except that it is centralized in a data center and streams to the appliance. The appliance can be just about any physical device with network access, along with significantly lower hardware requirements than business class PCs, for both maximum uptime and maximum service life.

When virtual desktops were first offered, some companies attempted migration without a clear understanding of the impacts to business requirements and true cost. As a result, many of those early adoptions did not succeed. Now, virtual infrastructure is much more refined, with the primary focus shifting to include not only data and security concerns, but also resource consumption, hardware uptime, and usable hardware life cycles. Speaking to that last point, the hardware on an employee’s desk becomes a non-issue: it is simply an almost disposable device, at a price point that matches, as it is basically just ‘streaming’ an active desktop. It’s not doing any real work, since that is taking place in the cloud. With the correct interface, any device, mobile or tablet becomes a consistent workstation for every user.

Applications are the lifeblood of a great many businesses. Whether it’s industry specific software or MS Office standards, software is how everything is getting done. When looking at a traditional desktop environment, all users must connect into the main network to install or update an application, shifting their schedules around the inevitable downtime that comes with either updating existing hardware, or rolling out new hardware & software for a new addition to the team. On the SOS TotalCloud, these changes are being whitelisted, and automatically installed to all users at once on off hours, with no impact to anyone. This same method is used for upgrades as well, so keeping everyone on current versions is seamless, and no longer dependent on expensive and constantly aging hardware.

Hardware expenses certainly add up over time. It’s reasonable to expect to replace roughly a third of existing systems every calendar year on a 36 month warranty-backed lifecycle. At anywhere from eight hundred to a thousand dollars per system, this cost impacts every company’s bottom line. Also included are servers, with an on average 5 year lifespan. The infrastructure required by today’s economy is very impactful, and rarely predictable.

Looking at SOS TotalCloud, these costs reduce dramatically, practically overnight. Say goodbye to the mystery of unanticipated costs. You’ll know exactly how much it costs to replace a TotalCloud appliance, or to bring on a brand new one, ready to go from Day 1, for the same price every time.

 

Fixed costs, 99.9% uptime, reduced IT expenditures without the mystery. SOS TotalCloud works.

 

Tech Headaches? We can help! Contact us now »