By the DynaSis Team

Every day, small and midsized business (SMB) owners are bombarded with seemingly conflicting messages regarding how IT solutions can help them best run their businesses. With so many options to consider regarding corporate security, productivity and cost efficiency, it is not surprising that some of them stick their heads in the sand and do nothing.

Unfortunately, with SMBs becoming favorite targets for cyber attackers, and with corporate competition increasingly fierce, that is the worst possible way to operate. Here’s one example:

A business owner has been operating with a “break-fix” mentality, which means he or she only makes technology purchases when something breaks. This is a reactive operating strategy, but many business owners take this path because they believe they cannot find the time or budget to manage their technology proactively.

This approach has always been financially inefficient and detrimental to productivity, and DynaSis has long recommended that business leaders team with a knowledgeable, trustworthy IT consulting partner, such as a managed services provider or an IT services firm, to help them create and implement a technology roadmap that includes staged upgrades and improvements.

Today, however, the break-fix approach has become more than inefficient. Outdated, network-connected equipment, such as networked printers, likely has no built-in security protections. Such machines are more likely to be operating with open Internet connections, and hackers know that. Furthermore, competitiveness in today’s market relies on providing workers with modern technology. Organizations that persist with the break-fix model invariably fall behind.

In other words, making smart, planned technology improvements helps organizations foster productivity, security, cost efficiency and competitiveness—not to mention employee satisfaction. The question then becomes: how does the business owner know which improvements are smart?

To help our readers, we have prepared a chart of technology Do’s and Don’ts, in terms of best practices. The list only scratches the surface, but it’s a good place to start.

These are just a few of many examples where smart technology choices are beneficial to your company, its personnel and its bottom line. If your technology environment is inadequate or outdated, your employees cannot achieve their missions, and customers may perceive your physical space—and your firm—as dated. Similarly, if your approach is too lenient, you could be throwing away money, productivity and security. A knowledgeable, expert IT support company can help you evaluate your options, minimize your risk and keep your equipment operating in peak condition.

Selection of an IT outsourcing company is a very important business decision. For almost a quarter century, Atlanta’s small to mid-sized businesses have relied on DynaSis’ for managed IT services, internet security, and 24 x 7 x 365 helpdesk support. Today, with cybercrime becoming an ever-increasing threat, DynaSis has become an industry leader in network protection and ransomware prevention. Please take a tour through our website at www.DynaSis.com or speak with a technical expert at 678.218.1769.

[featured_image]

By the DynaSis Team

Despite mobility being one of the technology cornerstones for small and midsized businesses (SMBs), many organizations still are not making effective, long-term decisions for their firms. In May, we talked about the ongoing challenges of Bring Your Own Device (BYOD) to the workplace and the importance of having qualified IT support teams or managed IT services providers administer and manage this solution. However, numerous studies indicate that BYOD is not the only component of mobility where SMB owners and decision makers are having a hard time achieving optimal benefit.

Per data from research firm SMB Group, between 55 and 65 percent of SMB owners (depending on organizational size) agree or strongly agree that mobile solutions and services are “critical” to the business. Yet, the researchers also found that many SMB owners do not have a strategic perspective regarding mobile technologies. Following are a few examples:

• According to a Techaisle 2015 SMB Mobility Adoption and Trends survey: More than 80 percent of SMB employees require mobile access to company data, yet many owners remain overwhelmed by issues such as total cost of ownership (46 percent), compliance (44 percent) and integration with desktop, IT and communications infrastructure (37 percent).
• In an SMB Group survey of mobile application selection: For firms with 1 to 100 employees, “ease of use” and “low cost” are the top two criteria for adopting or allowing a mobile app in the workplace. Companies of 100 to 1000 selected ease of use and “integrates well with other applications” as the two top criteria. Neither selected such strategic drivers as “increases productivity and collaboration,” “ease of access and management” or “application security” as top application criteria.
• Per a study by RBC Capital Markets about mobile websites: 67 percent of SMBs do not have a mobile-optimized website, and similar studies show that even fewer use SMS or text messages to reach their partners or customers. The study noted that such low adoption rates could be hurting SMB sales—and even corporate reputation—given the uptake of mobile devices.

From these examples (and others), it’s apparent that SMBs lag behind larger competitors in the mobile arena. The development of the “mobile workplace” was supposed to help level the playing field for smaller companies. Yet, for organizational leaders who don’t have the time, expertise or sense of direction to take advantage of mobile opportunities, the reverse could be true.

What many SMBs need most is a cohesive mobile technology strategy, which is a key, not only to effective mobile adoption but also to mobile risk management. As with so many areas of the business, company leaders are often too wrapped up with daily operational issues to make time for strategic planning.

Having the assistance of an outside resource, such as a managed services provider or IT consulting firm, is often the best way to obtain both resource and expertise for objective planning and decision making. With a strategic plan in place, business leaders can make informed, long-term decisions that support both the organization and its personnel.

DynaSis has been providing managed IT support services to Metro Atlanta’s small to midsized businesses since 1992. We provide Availability – making sure your network is up and running; Mobility – allowing your employees world-wide access to your network; and Security – as an Internet security company, we resolve “issues” before they grow into problems. If you want to learn more, please visit www.DynaSis.com, or call us at 678.218.1769.

[featured_image]

By the DynaSis Team

For many small and midsized business owners, cybersecurity is a maze with no apparent exit. Bad news arrives daily, and “recommended” or “best practices” solutions can differ from one IT solutions provider to the next. As a managed IT services firm that helps companies navigate this maze on a daily basis, we understand how confusing cybersecurity can be. Even so, that doesn’t mean business owners can afford to ignore the threat landscape and hope it will go away. It won’t.

Last week, we read the annual Data Breach Digest from Verizon, an incident report that identifies cyberattack trends. To pinpoint the trend lines, a team of investigators explored more than 500 cybersecurity incidents from 2015 and then analyzed them with data from the two previous years.

Some of the results were unsettling, to say the least.

• Human error is still responsible for a large percentage of data breaches (30% over the past three years). Among breaches caused by human error, phishing (spoofed emails or websites that look real, to which users respond and become infected) accounted for 72% of those breaches.
• Initial compromise is happening the same ways it has for a decade, including email, social media, and infected thumb (USB) drives.
• Perhaps most disturbing, the report found that 80% of all data breaches--even those not officially assigned to human error--involve exploitation of stolen, weak, default or easily guessable passwords.

Since the dawn of corporate computing, experts have been urging companies to require secure passwords—and to teach employees how to keep them safe. The fact that 80% of breaches involve compromised passwords surprised even us.

Human gullibility will never be eliminated, which is why cybercriminals rely upon it. However, organizations can teach employees how to recognize danger—and avoid giving into their gullible natures.

In addition, requiring strong passwords throughout the organization is one of the single easiest steps a business owner can take to secure his firm and its assets. Even if you don’t think you can afford an advanced threat detection and mitigation solution or don’t have the time to conduct a “safe IT practices” training session for personnel, it is business suicide not to enact and enforce a password policy.

If you do not have a password policy, we urge you to create one, now. Issue a memo about passwords with a deadline, and identify a trusted management or IT staffer to follow up and ensure compliance. To get workers excited, sponsor a contest, and offer a gift certificate or other perk to the person with the best password and the one that reaches compliance first.

To help you get started, here are a few pointers:

• Passwords must contain at least eight characters; 14 is even better.
• Passwords must not contain the user name or parts of the user’s full name, such as a first name.
• Passwords must use at least three of the four available character types: lowercase letters, uppercase letters, numbers and symbols.
• Passwords must be changed at least every 90 days, and personnel should receive a task reminder via email, calendar, etc. that won’t go away until they confirm completion.
• Passwords for company resources must not be shared with anyone—even other employees—not should they be transmitted to other devices via email or other method “for safekeeping” or any other reason.
• The firm should have a written, enforced policy that states failure to adhere to password guidelines may result in termination.

Many data storage solutions incorporate strict password policies, and a number of affordable security solutions police them. After you get everyone on board with password management, consider working with an IT consulting or IT support firm to adopt a technology-based enforcement mechanism. It will pay for itself, quickly.

DynaSis has been Atlanta’s premier IT support services provider for more than 23 years. As an IT company working with small to midsized businesses (10 to 150+ users), DynaSis has developed a unique 12-layer approach to network threat protection, ransomware prevention and crypto virus threat elimination. The DynaSis Business Cloud functions through a highly secure environment with full real-time data backup. Please contact us at 678.218.1769 or visit our website at www.DynaSis.com.

By the DynaSis Team

[featured_image]

With bad news about cybersecurity hitting the media nearly daily (including recent attacks on healthcare organizations), it’s hard for a business owner to know what to do. It’s also easy to think, “Let’s focus on securing what we have and not add anything else to the mix.” Certainly, securing corporate assets (along with training the employees not to expose them) is a sound idea. However, refusing to explore new ideas and technologies out of concern for security isn’t the safest strategy.

One approach that has proven security value is virtualization. With virtualization, a company’s files and other digital assets are distributed by designated criteria and stored, not all together on one physical or cloud server, but rather on multiple “virtual” servers. These are discrete partitions, each of which can have its own level of security, access control and other protections, yet all can reside on a single on-premise or cloud resource. Assets can be separated by user, with each department or employee having its own virtual resource; by security need, with public, private and sensitive/proprietary files each on different virtual servers; or by any other criteria.

It may be a bit confusing to imagine how a group of files on a single server can be separated so completely, so here’s an analogy. Consider an overcoat with one or more hidden pockets. The wearer can put his wallet and all other valuables into one hidden pocket, but if a thief finds the pocket, everything will be gone. He or she could also divide those valuables among several hidden pockets, reducing the chances of the thief finding all of them—and increasing the time it takes. One or more pocket could be secured with multiple defenses, making those valuables the safest, of all.

Expanding this example, imagine now that owner is carrying candy for his or her small children and a present for the spouse. He or she puts the candy in a hidden pocket at the waist, but puts the presents in a zippered breast pocket. Upon arriving home, the children can find the candy quickly, because they can reach—and know how to open—the right pockets. However, they won’t be able to reach or see the hidden present intended for someone else.

That’s exactly how virtualization works. It isolates data in the manner that the corporate decision maker desires, making it more difficult not only for outsiders to find it, but also for the firm’s own “children”—employees—to discover files they are not supposed to see or access. Virtualization also makes is easier and less expensive to secure mission critical resources, since the most aggressive security efforts can focus on a single “pocket” rather than the entire coat.

Virtualization used to be considered one of the more advanced IT solutions, but that is no longer the case. Managed services firms routinely orchestrate virtualization for their customers. However, the best, most experienced managed IT services companies proactively work with organizations to ensure virtualization solutions optimize security and productivity while minimizing cost and complexity.

Selection of an IT outsourcing company is a very important business decision. For almost a quarter century, Atlanta’s small to mid-sized businesses have relied on DynaSis’ for managed IT services, internet security, and 24 x 7 x 365 helpdesk support. Today, with cybercrime becoming an ever-increasing threat, DynaSis has become an industry leader in network protection and ransomware prevention. Please take a tour through our website at www.DynaSis.com or speak with a technical expert at 678.218.1769.

[featured_image]

By the DynaSis Team

Of the many sources of organizational risk that business leaders envision, printers likely aren’t one of them. Admittedly, one could run out of paper or toner/ink right before printing a major presentation for a customer. But other than that, how much risk can a printer pose? In today’s connected environment, the answer is “a lot.”

If your printers are networked, which means employees can send jobs to them from their desks or devices, then your printer is tied in with your network, and anyone who can access your printer can access your network. If you are thinking, “but my printer isn’t connected to the Internet, so how could someone gain access?” think again.

If your personnel connect to the Internet, and they connect to your printers, then the two are tied together. Furthermore, some printers automatically send and receive information, such as driver updates, across the Internet without anyone’s knowledge. That creates an additional layer of vulnerability.

Another way your printer can expose you to risk is through storage. Do your printers have the ability to store jobs for later printing? If so, they can (and likely do) retain information after the fact. Most printers have a “cache” for storing information, if not a designated hard drive, and unless someone clears it, the information is there for the taking.

Even assuming no one steals data from the printer while it is at your office, what happens when you sell or trade the printer? Even if the drives and caches are wiped, in some cases it is possible to lift data images off drums and other printer components.

Protecting your printing transmissions and data is beyond the scope of this article, but we can refer you to a few good tips. Rather, our objective here is bigger. Your office printer is a concern, but it is just one example of how “risks” are all around business owners today, often in the most unexpected places. Savvy cybercriminals know this, and they are learning how to penetrate companies in odd ways, such as through a printer-driver update link that may not be detected by the “average” firewall.

We are not suggesting that business owners be cognizant of all these risks, themselves. We’re not even suggesting that they should take action to avoid all of them. Rather, business owners must be keenly aware that business risks can be anywhere and everywhere, and they must take prudent, considered action as risk relates to technology. That means:

• Hire qualified professionals (either in-house or as part of a managed IT services agreement) to perform extensive, meaningful technology assessments.
• Work with competent IT support partners who can help identify and prioritize the risks revealed by those technology assessments.
• Spend the time, money and effort to remediate or defend against the risks the business owner determines are unacceptable.
• Finally, develop a plan for addressing the damage from risks the business owner decides to tolerate, because at some point, that damage will occur.

To do anything less is to admit defeat. In that case, we recommend the business owner start planning an exit strategy, because that’s what he or she will need, next.

DynaSis has been Atlanta’s premier IT support services provider for more than 23 years. As an IT company working with small to midsized businesses (10 to 150+ users), DynaSis has developed a unique 12-layer approach to network threat protection, ransomware prevention and crypto virus threat elimination. The DynaSis Business Cloud functions through a highly secure environment with full real-time data backup. Please contact us at 678.218.1769 or visit our website at www.DynaSis.com.