Four Key Components of a Robust Security Plan Every SMB Must Know
Most businesses are now technology dependent. This means security concerns aren’t just worrisome to large corporate enterprises anymore, but also the neighborhood sandwich shop, the main street tax advisor, and the local non-profit. Regardless of size or type, practically any organization has valuable digital assets and data that should not be breached under any circumstances.
This makes it the responsibility of every business, especially those collecting and storing customer/client information, to implement a multipronged approach to safeguard such information.
Yes, we’re looking at you, Mr. Pizza Shop Owner who has our names, addresses, phone numbers, and credit card information stored to make future ordering easier and hassle free.
Today’s SMB Needs a Robust Security Plan Protecting your business and its reputation comes down to developing, implementing, and monitoring a robust security plan that adequately addresses everything from physical access and theft to the threat of compromised technology security. This involves defining and outlining acceptable uses of your network and business resources to deter inappropriate use. Here are four key components to consider.
Network Security Policy: Limitations must be defined when it comes to acceptable use of the network. Passwords should be strong, frequently updated, and never shared. Policies regarding the installation and use of external software must be communicated.
Lastly, if personal devices such as laptops, tablets, or smartphones are accessing the network, they should be configured to do it safely, which can be done easily with a reliable Mobile Device Management (MDM) solution.
Communications Policy: Use of company email and Internet resources must be outlined for legal and security reasons. Restricting data transfers and setting requirements for the sharing or transfer of digital files within and outside of the network is recommended. Specific guidelines regarding personal Internet use, social media, and instant messaging should also be clearly outlined. If the company reserves the right to monitor all communication sent through the network, or any information stored on company-owed systems, it must be stated here
Inappropriate Use: Obviously, any use of the network or company-owned system or device to distribute viruses, hack systems, or engage in criminal activity must be prohibited with the consequences clearly noted. Any website that employees cannot visit should be identified if not altogether blocked and restricted. For instance, downloading an entire season of True Blood from a Bit Torrent site isn’t an acceptable use of company Internet resources.
Every employee must know these policies and understand the business and legal implications behind them. Companies must also make sure these policies are clear and understood by all, and most importantly, strictly enforced.
Think Quicker Recovery Time, Not Quicker Backup - While incremental backups are much faster than executing a full-backup, they also prolong recovery time. In the event of data loss, a full restore will require loading the most recent full backup and then each incremental backup tape. Having too many incremental backup tapes not only adds time to this restoration process, but it also increases the probability of not recovering all of your data. A tape could be lost, unintentionally skipped over, or contain corrupted data. Be sure to focus on optimizing the restore time to ensure faster data recovery. A quicker recovery time should be the main objective, not the need for a quicker backup process.
Maintain Sufficient Backup History - Within the blink of an eye, current data files can become corrupted and inaccessible. This will necessitate the loading of an earlier data backup that is clean of corruption. Many smaller companies make the mistake of failing to keep a sufficient backup history.
Be Sure to Backup Essential Data AND Applications - Some businesses don’t feel the need to backup all data, but be sure essential databases, documents and records are backed up frequently. Don’t overlook applications that are critical to day-to-day business operations either. Many companies fail to backup applications, only to realize when it’s too late that they don’t have access to the original installation disks when they’re trying to recover from data loss or an outage.
Have Off-Site or Online Backup - Some businesses backup data simply by moving essential files to tapes or external hard drives that are then stored somewhere onsite. But if they’re kept onsite, what happens if a fire, flood or other natural disaster takes out not just your server but your backup tapes and drives? Onsite backups can also be susceptible to theft. Having secure off-site, or even online backup, is simply the smart thing to do to ensure quick recovery when trouble comes to town.
Fix Broken Access Controls on Your File Server - Many businesses have folders with confidential data residing on a file server with overly permissive access controls. Why take the risk of having a disgruntled - even former - employee access and misuse this data when access can be limited to only those in the company who need it?
Be Sure to Test Restores - It happens time and time again. Business owners think they have a data backup plan in place. Tapes are changed diligently each day and everything appears to be backed up and good to go. However, it turns out the backups haven’t been working for months, sometimes even years, right at the very moment they’re needed. Either the backups had become corrupt and useless or large segments of data were not being backed up. This happens often. Don’t let it happen to you.
Managed Service Providers - or MSPs - are often recommended as a cost effective IT solution for small businesses. For a minimal monthly fee, MSPs provide a reasonably priced solution to the complex technology pains of small businesses. Here’s a look at the various benefits an MSP can offer your business…
Freed-Up Resources and a Renewed Emphasis on Core Business - Both business owners and internal IT staff would much rather focus on revenue enhancing tasks like product development or the creation of cutting-edge applications/services. This is one reason routine monitoring and maintenance tasks are often neglected by an internal IT person or team, which always proves to be detrimental much later.
Often misportrayed as a “threat” to an internal IT person or staff, MSPs can instead relieve internal staff of mundane network operations maintenance, repetitious monitoring of server and storage infrastructure, and day-to-day operations and help desk duties.
A True Partner Sharing Risks And Responsibilities -The goal of an MSP is to deliver on contracted services, measure, report, analyze and optimize IT service operations, and truly become an irreplaceable catalyst for business growth. Managed Service Providers not only assume leadership roles, they enable risk reduction, enhance efficiency and change the culture by introducing internal IT operations to new technologies and processes.
Access to Expertise, Best Practices and World-Class Tools and Technologies - MSPs have experience with a variety of businesses and organizations. Managed Service Providers can keep your business relevant and on track with continually evolving technology, support, and productivity demands. Let’s face it, no small or medium sized business can afford to fall behind with technology trends in today’s business world.
The Benefit of a Full-Time Fully Staffed IT Department at a Fraction of the Cost - Most small business owners live and die by proactive management. They just haven’t had the budget, resources or access to on-demand expertise to be proactive with information technology management. A Managed Service Provider gives business owners and overwhelmed internal IT staff affordable computer and server support, remote monitoring of critical network components like servers and firewalls, data backup and disaster recovery, network security, custom software solutions, and technology evaluation and planning.
Managed Service Providers can decrease the overall IT support costs by as much as 30% to 50%. Rather than being stressed about technology, business owners can instead get back to focusing on growing their business. All while enjoying the benefits of highly-trained IT experts boosting their network’s reliability and performance.
Small business owners are often worried about data loss. Rightly so, because data loss has the potential to wipe out a business. We have identified the most common forms of data loss so you can see how they fit into your business and assess the risks related to each of these pitfalls.
1. Human Error - Human error - by way of unintentional data deletion, modification, and overwrites - has become much more prevalent in recent years. Much of this is the result of carelessly managed virtualization technology. While virtualization and cloud computing have enabled improved business continuity planning for many businesses and organizations, humans must still instruct this technology how to perform. The complexity of these systems often presents a learning curve that can involve quite a bit of trial and error. For instance, a support engineer may accidentally overwrite the backup when they forget to power off the replication software prior to formatting volumes on the primary site. They will be sure to never do that ever again, but preventing it from happening in the first place would be more ideal.
2. File Corruption - Unintended changes to data can occur during writing, reading, storage, transmission and processing - making the data within the file inaccessible. Software failure is a leading cause of data loss and is typically the result of bugs in the code. Viruses and malware can also lead to individual data files being deleted and hard drive partitions being damaged or erased.
3. Hardware Failure - Storage devices may be at risk due to age, or they may fall victim to irreparable hard-disk failure. Viruses and hackers can also potentially shut down a hard drive by inserting undeletable malicious code and huge files via open, unprotected ports. If these malicious programs cannot be deleted, the entire hard drive may have to be reformatted, wiping out all the data.
4. Catastrophic Events/Theft - The threat of catastrophic events such as fire, flooding, lightning and power failure is always a concern. Such events can wipe out data in a millisecond with no warning. Theft is also a data loss risk that companies must address. While advances in technology like anytime/anywhere connectivity, portability and the communication/information sharing capabilities of social media and crowdsourcing have revolutionized business - the risk for theft is even greater due to this increased accessibility. More people are doing daily business on their laptop, iPad and mobile phones. They are also carrying around portable media like thumb drives, USB sticks and CDs. Physical theft of any of these devices can spell big trouble.
Data loss is as unique as the various sources from which it comes. The key is to identify the areas in which your business is weak and work towards a mitigation plan for each one of them. An MSP can act as a trusted partner in such cases, holding your hand through the process of safeguarding your data.
1. Backup Files Every Day - As catastrophic as data loss is, the number of businesses that still are not backing up their network is unbelievable. According to the Symantec Small to Medium Size Businesses (SMB) data, only 23% of SMBs are backing up their data on a daily basis and fewer than 50% are backing up data weekly. Any number of events can result in data loss, so the importance of frequently backing up your network cannot be overstated.
2. Ensure Backup Procedures Are Checked Regularly - Many times business owners think that they have a backup system in place only to find out after it’s too late that it hasn’t been working properly. It may seem like your files are being backed up daily, however, the backup could have become corrupt or it is not backing up huge chunks of critical data. Check your backup procedures regularly to ensure they are working properly in order to be sure that ALL of your data can be recovered. In the age of BYOD (Bring-Your-Own-Devices) it is also important to frequently backup data on your employee’s personal laptops, iPads or Blackberrys, so make sure you have a procedure in place to check those backups as well.
3. Make Sure Updated Virus Protection and Firewalls Are Always Enabled - Far too many companies either have no virus protection, expired virus software licenses, or disabled virus programs that aren’t running at all. This makes their business technology vulnerable to virus attacks from emails, spam, data downloads, and unreputable websites. Further, because of inadequate firewall protection about 40% of small to medium businesses will have their network accessed by a hacker. Chances are, when these businesses are attacked they will be entirely unaware it is happening. In order to protect your valuable data and assets, ensure your virus protection is adequate, up-to-date and functioning properly and that your firewall is intact. Finally, don’t forget to update security patches and change passwords when an employee leaves in order to deter hacking attempts.
4. Monitor Server Drives - Dangerously full server drives can bring their own set of problems - ranging from program and server crashes to sluggish email delivery. Proactive monitoring and maintenance of your server can spare your business a lot of problems down the road.
5. Regularly Check Critical Built-In Logs - Very few problems with technology emerge suddenly. These problems typically progress over time and evolve into more serious problems. Frequently review your critical built-in log files to help identify the problem before it has gotten out of control and wreaks havoc on your business infrastructure.
You’ve read it time and time again. “Bring Your Own Device” isn’t a trend, it’s the future. Workplaces where companies let workers use their own devices for work purposes are the new normal. BYOD attracts new hires and lifts employee morale and productivity. But this doesn’t mean a small business owner should recklessly jump right into BYOD just because everyone else is doing it. Data and network security concerns have to be thought out, defined, and addressed in a comprehensive BYOD policy. Here are three things to consider.
Cost of Support
Most businesses salivate at the thought of the money saved by having employees participate in a BYOD program. With employees using their own devices for work, there is no need to shell out thousands of dollars for desktop PCs, smartphones, tablets, and laptops. While that’s undoubtedly a huge incentive, extra support costs must also be factored in. Chances are your employees aren’t necessarily tech savvy and will need help deploying applications and performing basic yet very necessary maintenance techniques. Unless you have a dedicated IT support team, which most SMBs do not have, you will need to turn to a Managed Service Provider (MSP) in your region for support. A MSP can provide specialized expertise and leverage Mobile Device Management (MDM) tools to keep your network infrastructure and business applications monitored, secured and fully optimized.
Limited Number of Support Devices
Obviously you can’t accommodate EVERY employee-owned device. Limiting the types of devices accepted in your BYOD program will mitigate any need to pay for software or equipment upgrades for outdated devices and keep your infrastructure safer as a whole. It’s important to not be too exclusive, select a broad range of devices and their more recent releases to accommodate the varied preferences/tastes of your employees.
Adopting BYOD at your workplaces will expose your company to more legal risks. Sensitive business or private client/customer data can potentially be exposed if devices are lost or stolen. The personal online habits of your employees can also increase your network’s vulnerability to viruses, phishing, or hacking schemes designed to steal such data. These increased legal risks are another reason why SMBs must take precautions such as working with a MSP that offers a solid MDM solution to ensure all employee devices are configured, deployed, managed and monitored in a manner that prioritizes data integrity and security.
There has been a lot of hype about cloud computing transforming the way small-to-medium sized businesses do business. Proponents of the cloud say that cloud computing has leveled the playing field, allowing SMBs to finally compete with bigger companies despite their limited financial resources and staffing.
Still, many are apprehensive to make the jump. They’re hesitant to give up control and they fear the cloud will expose them to greater security risks. Moving to the cloud definitely requires a leap of faith, but a recent ComScore study, completed on behalf of Microsoft, suggests that those who are froggy enough to take the leap (sorry) have no regrets once they do.
In fact, more than half of those surveyed wish they had adopted it earlier and feel that the benefits far outweigh their initial worries.
What are those benefits?
Enhanced Privacy and Security
According to the study, 94 percent of companies who’ve adopted cloud services believe they’re now more secure than they were before, thanks to the cloud’s spam management and up-to-date systems and antivirus protection.
Less Downtime and More Confidence
61% of those surveyed reported fewer instances of downtime since their move to the cloud. Even those who still experienced downtime events felt that they were shorter in duration and that full recovery could be achieved much quicker.
93% indicated that they were more confident in their ability to fully recover after an outage. Comparatively, 73% responded that they felt the integrity of their data in the cloud was stronger than previously, which is interesting since data integrity has often been the biggest worry about the cloud.
Any company striving to be more "green" will appreciate the environmental benefits of moving to the cloud. A recent six-month study conducted by the Berkeley Lab found that moving 86 million U.S. office workers to the cloud resulted in the use of 87% less energy, leaving enough leftover electricity annually to power a city the size of Los Angeles for twelve months.
Cost effectiveness and greater ROI (return on investment) are the most important factors in getting CEOs and major decision makers to support shifting to the cloud. A Rackspace commissioned study conducted by Vanson Bourne, found that 62% of respondents felt that adopting cloud computing strategies freed up money that could be reinvested in other operations like marketing, customer service, product development, and expansion into new markets.
While there is a competitive advantage that can be realized by moving to the cloud, those who are still apprehensive should migrate to the cloud at a pace they’re comfortable with. Once they implement cloud monitoring, and understand it a bit more, most SMBs grow more comfortable with the cloud and expand their use of it.
Why SMBs Must Proactively Address the Threat of Mobile Hacks
More cyber criminals are targeting small-to-medium sized businesses. One reason for this is too many workplaces have insufficient bring-your-own-device (BYOD) policies in place. Some have none at all. Although firms are generally more knowledgeable about network security risks than in years past, they still woefully underestimate the security vulnerabilities linked to mobile devices like smartphones and tablets.
This is a real cause for concern since data breaches have the ability to put many already financially challenged SMBs out of business.
If customer/client data has been breached, there could be potential litigation costs, and naturally, lost goodwill and an irreparable hit to brand or company reputation.
Don’t Just Say You’re Worried About the Bad Guys... Deal With Them
SMBs say they view network security as a major priority but their inaction when it comes to mobile devices paints a different picture. A recent study found that only 16% of SMBs have a mobility policy in place.
Despite the fact that stolen devices are a major problem in today’s mobile workforce, only 37% of mobility policies enforced today have a clear protocol outlined for lost devices.
Even more troubling is the fact that those firms who have implemented mobility policies have initiated plans with some very obvious flaws.
Key components of a mobility policy such as personal device use, public Wi-Fi accessibility, and data transmission and storage are often omitted from many policies.
Thankfully, most SMB cybercrimes can be avoided with a comprehensive mobility policy and the help of mobile endpoint mobile device management services.
A Mobility Policy Is All About Acceptable/Unacceptable Behaviors
Your initial mobility policy doesn’t have to be all encompassing. There should be room for modifications, as things will evolve over time. Start small by laying some basic usage ground rules, defining acceptable devices and protocols for setting passwords for devices and downloading third-party apps. Define what data belongs to the company and how it’s to be edited, saved, and shared. Be sure to enforce these policies and detail the repercussions for abuse.
Features of Mobile Device Management Services
MDM services are available at an affordable cost. These services help IT managers identify and monitor the mobile devices accessing their network. This centralized management makes it easier to get each device configured for business access to securely share and update documents and content. MDM services proactively secure mobile devices by:
Specifying password policy and enforcing encryption settings
Detecting and restricting tampered devices
Remotely locating, locking, and wiping out lost or stolen devices
Removing corporate data from any system while leaving personal data intact
Enabling real time diagnosis/resolution of device, user, or app issues
It’s important to realize that no one is immune to cybercrime. The ability to identify and combat imminent threats is critical and SMBs must be proactive in implementing solid practices that accomplish just that.
Cloud Monitoring Can Be the Difference Maker for SMBs
It’s a fast-paced world. Not only do people want things, they want things right now. This sometimes-unnerving need for instant satisfaction has only intensified now that we have Wi-Fi and mobile devices that keep us connected regardless of where we are, what we’re doing, or the time of day. There is no longer any tolerance whatsoever for waiting. A business with a website that fails to load, or loads too slowly, will lose customers and leads to competitors.
So what has your business done to address this need for constant accessibility and optimal uptime? Do you feel you’re doing enough to meet the demands and expectations of your customers, new business prospects and those who have just now found you on Google?
If you’re a small-to-medium sized business owner, do you have confidence in your technology infrastructure? Can you say with certainty that your website, internal server, and mobile applications function smoothly, efficiently, and correctly?
When your IT team leaves work to go live their lives, are you confident that things won’t go bump in the night? That you won’t be ringing their cell phone while they’re out having dinner with their family, or worse yet, sleeping?
If you answer no to these questions, you may be one of the many small business owners who could benefit from cloud monitoring. And you’ll be pleased to learn that cloud monitoring can significantly improve all facets of your business – especially your service, productivity, reputation, and profitability.
What is the Cloud?
According to a study conducted by Wakefield Research, 54% of those questioned responded that they’ve never used cloud technology. However, the truth is that they’re in the cloud everyday when they bank or shop online and send or receive email.
Business owners, specifically non tech savvy small business decision makers, are still apprehensive when it comes to moving their server and web monitoring services to the cloud. But FDR’s famous quote, “The only thing we have to fear is fear itself,” definitely applies here. The cloud is nothing more than moving the storage and access of your data programs from a computer’s physical hard drive to the web. There is nothing to fear.
Benefits of Cloud Monitoring
Obviously, these physical and virtual servers, their shared resources, and the applications they run on, must be monitored. This can be done from multiple remote locations and it’s called cloud monitoring.
Cloud monitoring makes it easier to identify previously unseen patterns and potential problems within your infrastructure--issues that may be too difficult for any in-house support staff to detect. For instance, monitoring ensures that your site is delivering accurate page content and is meeting anticipated download speeds. It can detect unapproved changes, website tampering, and compromised data.
The continuous analyzing and testing of your network, website, and mobile applications can reduce downtime by as much as 80%. The speed and functionality of e-commerce transactions are also optimized. Additionally, cloud monitoring tests your email server at regular intervals, which minimizes failure deliveries and other issues pertaining to sending and receiving emails.
Clearly, all of the above, along with the alerts that help identify and fix issues before they become catastrophes, make cloud monitoring an attractive way to gain insight into how end-users experience your site, while also enhancing their overall experience.
When smaller businesses look to cut costs, they commonly take shortcuts that are risky to their bottom line. They may go out of their way to avoid upgrading dated hardware, buying software licenses, or increasing bandwidth. In some instances, they layoff in-house IT support, or avoid hiring new help, even as the business grows. This often leads to a very cranky and disgruntled "IT guy" with a bad attitude as he or she runs around the office putting out one fire after another – feeling overburdened and underpaid.
Operating even the most basic data center today means recurring operating expenses that aren't affordable for most small-to-midsize businesses.
Unfortunately, SMBs just have to accept that keeping their data center alive and kicking means significant overhead and expenses. That's just the way it is.
Or is it? There are actually several ways to reduce data center infrastructure costs without sacrificing the efficiency of your network, server, and applications, or the sanity of your IT guy.
Rent, Don't Own: A data center needs experienced people and a virtual, always-on, 24/7 staff of administrators, networking experts, database specialists, systems managers, and dedicated IT personnel monitoring the network. From an economic perspective, it's simply more logical to "rent" these workers rather than hire permanent employees.
Keep Things Remote & Energy Efficient: According to a study published by the U.S. Department of Commerce, the fastest-growing sources of U.S. energy consumption are data centers. This is due to the increased power supply required to run and cool a data center. Hardware sprawl is also a problem contributor, as most businesses have space limitations and lack the available room for any additional hardware.
Both of the aforementioned cost control measures can be accomplished by outsourcing data center operating expenses. Outsourcing isn't a dirty word. Managing IT on your own is difficult and far from cost effective. Outsourcing the day-to-day IT management responsibilities through a Managed Services Provider is a strategic way to improve the efficiency of operations and dramatically cut costs.
Is it any surprise that more and more SMBs today are tapping into the full spectrum of outsourced managed services to empower their business processes and reduce overhead? Are you?
The Good, The Bad, and the Ugly of Mobility and BYOD
There are a lot of advantages to mobility in today’s workforce, but the Bring-Your-Own-Device (BYOD) movement has also brought its share of headaches as well.
We live in a society where everyone must have the newest technology. We are inundated with ads reminding us that the smartphone or tablet we just bought a year ago is laughably outdated and inferior to the upgrade that just hit the market.
People who have just bought the latest technology don’t want to have to set it aside to use a separate company-issued device. As a result, businesses are beginning to grant these employee-owned devices access to their file and email servers, databases, and applications.
While this brings certain competitive advantages to employers, it naturally carries many risks, too.
Let’s begin with the pros of BYOD...
The Advantages of BYOD
Greater Flexibility and Productivity - Personal devices allow workers more flexibility, which in turn can increase productivity. Today’s employee isn’t restricted to their office workstation or cubicle. They can carry out job responsibilities from home, a coffee shop, their child’s dance recital, or while traveling.
Reduced Costs – Purchasing even the most basic Blackberry for an employee can cost a company $900+ per worker. Costs like that can be completely eliminated by adopting a BYOD policy where employees are required to use their own device.
Happier Employees/Attractiveness to Job Seekers - Recent studies have found that 44% of job seekers are attracted more to employers who are open to BYOD and occasional remote work. Beyond this hiring advantage over competition, it has been found that employees as a whole are generally happier using the devices they own and prefer for work purposes.
Better Customer Service – This goes hand and hand with more flexibility and productivity. Mobility allows employees to occasionally resolve or escalate urgent client issues outside of normal working hours, and clients remember that kind of response time.
And now the cons of BYOD...
Disadvantages of BYOD
Compromised Data Security – Unfortunately, letting employees use their own smartphones, tablets, and laptops increases the likelihood of sensitive company or customer/client data being compromised. It is important for companies to establish a comprehensive mobile device security policy and never make any exceptions to it whatsoever. Really. No exceptions. Ever.
Employee Privacy – Many employees may oppose using their own devices for work, especially if it’s a company requirement that they aren’t reimbursed for. You have to remember that these are the same devices employees use to log into their Facebook and Twitter accounts or do their online banking. In this age of constant paranoia over big brother watching our every move, employees may be concerned that their employer will spy on them or access their personal passwords and information.
Handling Employee Turnover – Companies must consider how they will address the retrieval of company data and information from an employee’s device if the employee either quits or is fired. Some companies may require that employees only save or edit company files on their servers or use cloud-based sharing software like Dropbox to share and edit docs.
The Importance of a Mobile Device Management Tool
Obviously, businesses must keep track of all of the devices that access their server, applications, and data. Mobile Device Management helps enterprises centralize what is an otherwise chaotic hodgepodge of devices and operating systems. This ensures that all devices are configured, deployed, and properly monitored and managed. This is a smart way for businesses to embrace BYOD while securing data and applications across multiple devices.
Click, Click, BOOM – You're in Business But Is Your Technology Ready?
It's a fast business world. Brilliant business ideas can be conjured up at some hipster-filled vegan coffeehouse, a website is thrown together, and poof... in no time at all there is a living, breathing, small business venture accessible from anywhere in the world.
But as your head hits the pillow at night, with visions of becoming the next Mark Zuckerberg dancing in your head, understand that many obstacles will greet you on your road to entrepreneurial success. A fresh innovative idea is merely a start. For every successful startup like Groupon, there are even more that have faltered. Some great, even revolutionary, business concepts that just faded into obscurity; leaving behind nothing but tales of what could've been and insurmountable debt.
Failed business technology is often a big reason for this. Many startups think big but tend to operate small-minded to keep overhead and costs down. They then find themselves completely unprepared to meet the demands of growth, particularly when it comes to their IT infrastructure. There is no one-size fit all approach to how to manage technology for optimal efficiency, uptime, and profitability. Especially given the challenges of limited budgets and the need to keep overhead down.
So exactly how do SMBs make sound decisions regarding their technology infrastructure? Choices that are cost-effective enough to get their business off the ground and running without screwing them over once it truly takes off?
Combine On-Site and Off-Site Support for the Best of Both Worlds
Over 45% of SMBs have no dedicated in-house IT staff and no contracted IT consultant regularly monitoring and managing their technology. Roughly only 7 percent of SMBs have a full-time onsite IT technician on payroll. The rest rely on third-party on-call IT companies who appear only when technology goes haywire and disrupts business. These on-call companies can sometimes take a day or two to even show up, which means issues aren't resolved in a timely and efficient manner. And did we mention they're expensive?
Most SMBs say they simply can't afford full-time in-house support. Even those who do budget for it face overwhelming challenges. They often experience a revolving door of on-site help who leave for a larger company and better salary once they've beefed up their resume. And those hires that do remain loyal often feel as if they have no reliable help and become overworked and frazzled as the business and their responsibilities grow. Discontent may even set in if wages aren't raised proportionately to the added responsibilities, or if they grow bored of doing the same mundane repetitive work everyday.
But today's SMB has access to technology that won't drain resources. In particular, the evolution of cloud computing and managed services can either automate or re-assign a lot of the day-to-day caretaking of technology to remote employees, leaving onsite support available for more meaningful and potentially profitable projects.
Better yet, it saves money on equipment costs.
Whenever possible, a mix of on-premise and off-premise IT support is the best way to make your technology scalable and prepared for growth.
Everyone in the office loves Eric. Sporting a different ironic t-shirt everyday, Eric is the one we call when technology spits in our face. Whether it's a slow system, a bug that needs to be squashed, a website issue, or a crash that results in unexpected downtime and data loss, Eric is right there. Not only does he get to the bottom of any issue but he also rights the ship like he's some sort of miracle-working captain who just happens to have a pretty wickedly funny Peter Griffinfrom Family Guy impersonation.
But business is growing and Eric is overworked. Eric has certain skills that you'd love to use to develop innovative applications and revenue-generating projects-- but he's too busy running around fixing things that break. Or he's performing the most mundane and routine tasks day-in-and-day-out just to keep things secure and running smoothly.
You get a sense that Eric's overburdened and he's saddled with too many responsibilities. His demeanor has changed from pleasant to moody. He's listening to angrier metal and punk music and you're noticing cracks in his work. You fear Eric is being pulled in too many directions and the reliability of your server, network, and applications, as well as the integrity of your data, are all at risk.
Someone who has watched a bit too much of Donald Trump on The Apprentice might think Eric should be fired. We're not going to fire Eric. But we're also not going to hire a full-time salaried Robin to his Batman or Cheech to his Chong. We're going to help Eric by exploiting IT automation and managed services to handle many of the monotonous tasks making Eric hate his job right now.
Let's help Eric.....
Focus Primarily on Cost-Cutting and Revenue Increasing Projects: First things first, Eric has to realize that he can't do everything himself. Where are his skills best used? Whether it's processes that help drive down costs or ones with the potential to raise revenue, evaluate the projects in the queue and rank them by what impacts the bottom line the most.
Once that's done, look at the day-to-day processes designed to keep things running securely and efficiently. What can be off-loaded from Eric? Determine which of those tasks can be automated either through the cloud or managed services.
Take to the Cloud: Some IT people fear the cloud spells the end to their job security. Meanwhile, the cloud can actually help them take on a more prominent contributing role in the company's success. The cloud should be seen as another tool that further eliminates the mundane yet necessary daily drudgery from their workday. Those who work WITH the cloud will find that they have more available time to take on more meaningful cost cutting or revenue generating projects.
Use a Managed Service Provider: Using outsourced managed services not only alleviates much of Eric's pressure and stress, but also boosts productivity and gives the company a much improved ROI (Return-on-Investment) on their technology investment.
While technology has gotten easier for the end user, it has become more complex on the backend with the advent of virtualization, cloud computing, and advanced infrastructure.
Using an MSP gives Eric access to a trusted advisor, a 24/7 help desk, remote monitoring and management tools, mobile device management tools, and much better disaster recovery and business continuity solutions. All without the overhead that comes with hiring more help for Eric. MSPs offer a consistency to not just your end-user but also your main IT guy who will certainly appreciate the help.
Did you know that 50% of small business owners think their businesses are too small to be targeted by the thieves of the virtual world? Contrary to popular belief, 72% of hacker attacks often happen to smaller firms - firms with less than 100 employees! So how prepared is your SMB? Here’s a checklist to help you find out how vulnerable you are to these attacks.
1. Do you have Antivirus protection? - An antivirus software program can protect you from threats that originate from emails such as phishing and virus attacks. However, the most striking fact is that 61% of small businesses don’t install any antivirus software! If you are one of them, then it’s time to change!
2. How sturdy is your Firewall? - A good firewall system protects your computers from the variety of threats that exist in the virtual world. Examples include harmful cookies, viruses, worms and other such malicious programs used by hackers.
3. Do you use a Spam filter? - Using a simple spam filter for your emails keeps junk out of your inbox. The bonus to having a good spam filter is that your employees save time, as they are not distracted by irrelevant emails, but the major perk here is that the potential virus and phishing threats are lessened as spam emails are unlikely to be opened.
4. Do you do backup your data regularly? - Agreed - backups don’t really protect your data, but they are the only way to recover it if data loss does happen. So, be sure you have a regular and reliable backup plan in place - and it is actually being deployed.
Data loss can prove very costly—especially to SMBs, sometimes even resulting in them having to close down. Prevention is certainly better than a cure in such cases.
Research has revealed that over half of all users end up opening fraudulent emails and often even fall for them. Phishing is done with the aim of gathering personal information about you, generally related to your finances. The most common reason for the large number of people falling for fraudulent emails is that the phishing attempts are often so well-disguised that they escape the eyes of a busy email reader. Here are a few tips that help you identify whether that email really came from your bank or is another attempt at defrauding you…
1. They are asking for personal information - Remember, no bank or financial institution asks you to share your key personal information via email, or even phone. So, if you get an email where they ask for your ATM PIN or your e-banking password, something’s amiss.
2. The links seem to be fake - Phishing emails always contain links that you are asked to click on. You should verify if the links are genuine. Here are a few things to look for when doing that:
Disguised URLs - Sometimes, URLs can be disguised…meaning, while they look genuine, they ultimately redirect you to some fraudulent site. You can recognize the actual URL upon a mouseover, or by right clicking on the URL, and selecting the ‘copy hyperlink’ option and pasting the hyperlink on a notepad file. But, NEVER ever, paste the hyperlink directly into your web browser.
URLs with ‘@’ signs - If you find a URL that has an ‘@’ sign, steer clear of it even if it seems genuine. Browsers ignore URL information that precedes @ sign. That means, the URL firstname.lastname@example.org will take you to mysite.net and not to any Bank of America page.
3. Other tell-tale signs - Apart from identifying fake URLs, there are other tell-tale signs that help you identify fraudulent emails. Some of these include:
Emails where the main message is in the form of an image, which, upon opening, takes you to the malicious URL.
Another sign is an attachment. Never open attachments from unknown sources as they may contain viruses that can harm your computer and network.
The message seems to urge you to do something immediately. Scammers often induce a sense of urgency in their emails and threaten you with consequences if you don’t respond. For example, threat of bank account closure if you don’t verify your ATM PIN or e-banking password.
Finally, get a good anti virus/email protection program installed. It can help you by automatically directing spam and junk mail into spam folders and deactivating malicious attachments.