Tag Archives: cybersecurity

Is It Time To Switch Managed Service Providers (MSPs)?

IT services, managed service provider, MSP

Your managed service company and business should be synergized, if it is not, it may be time to starting evaluating a new provider.

Network outages, misplaced files, data hacks, and more can all start out has annoyances, but what will happen once these problems escalate and find their way to every area of your business?

Your company is depending on the IT infrastructure that has been put in place, but what happens when that IT infrastructure is letting you down? If your IT infrastructure can no longer handle all of your daily operations, you will turn to your Managed Service Provider(MSP) for answers. Your Managed Service Provider(MSP) is supposed to prevent all of these problems from happening.

It can be a frustrating and overwhelming process when you begin to think about switching Managed Service Providers, but it may be a process you need to have, especially if you are spending a significant amount of money on technology. Here are some signs that it could be time to switch Managed Service Providers:

Your Network Is Slow

If your network is moving at a snail’s pace, all areas of your business will be impacted. Your business depends on internal communications and external communications. If your network is no longer able to handle the types of communication that are coming in or going out, it is time to find an infrastructure that will be able to handle it.

When you have a slow network, you can lose a significant portion of business data due to the poor network. Every incident that occurs due to your poor network connection can cause at least a full day’s worth of lost work. Network outages will have a negative impact on productivity. If you have experienced losses in production, data losses, network outages, and more, these are all signs of your MSP dropping the ball.

A Data Hack Can Ruin Your Business

Many hackers will target small businesses because they believe the small businesses will not be prepared for what is about to happen. Many small businesses do not have a plan for cybersecurity, and this is one of the reasons why they are targets. It is important to do everything in your power to make it difficult for a hacker to attack your business.

If your Managed Service Provider does not offer any backup and disaster recovery services, secure data storage, or monitoring services, it is time to find an MSP that will provide you with the tools and resources you will need to fully secure your business. The MSP you choose should be made up of a staff that understands what your business needs to remain protected at all times.

Your Business Dreams Are Not Being Fulfilled

If your Managed Service Provider(MSP) is not well-rounded enough to help you fulfill the goals and needs of your business, it is time to choose another Managed Service Provider. Your business deserves to have a Managed Service Provider that understands your business goals and can help you achieve those goals.

If your current MSP only provides support and assistance when it comes to equipment and technology problems, we encourage you to start looking for another provider. Whatever your short-term and long-term goals may be, you need to have a Managed Service Provider that will support the goals you have for your business.

If you have problems with a lack of support, network outages, and security problems, your business will continue to suffer. While it is important to have an MSP that understands how to solve problems and troubleshoot technological issues you also deserve to have an MSP that can help you fulfill your business dreams.

If you think it is time to switch to a better Managed Service Provider(MSP) because you know your business deserves better, please contact us today.

The Coronavirus Impact: Have You Reviewed Your BDR Plan?

security, cybersecurity, crisis, response, bdr plan

Is your business prepared for the cybersecurity consequences of remote work?

As the coronavirus pandemic worsens, the fears of many people across the world are increasing. Unfortunately, hacking and the presence of scams are also increasing. Coronavirus scams continue to appear with increasing frequency. Cybercriminals are not just trying to attack individuals, but they are also targeting businesses in the following industries:  Healthcare, aerospace, hospitality, and Insurance

Hackers want to manipulate the many fears that individuals and business owners have about COVID-19. Everyone is doing their best to not become infected with the deadly virus, but hackers are hoping to infect your personal and business devices with a virus. Many users have already been tricked into revealing some of their most personal information, and it could be through a phishing scam or a recently created domain.

Coronavirus-related scams have unfortunately become a money making enterprise for criminals. People are constantly searching online for more information about the virus, and these are the ones who are the main targets of the scams. It is so important for everyone to be aware of the hacking and scam attacks in order to become a victim.

Why are hackers using COVID-19 to target people?

Unfortunately, hackers thrive on using frightening current events to prey on people with the hope that they will go against their better judgment. Sometimes people’s ability to recognize a threat will dwindle because their fear and confusion will get the best of them. Unfortunately, these types of attempts happen often, especially when there are concerns about the economy or when a natural disaster occurs.

How are businesses impacted?

When you look at everything through a cybercriminal’s eyes, there are hacking and phishing opportunities everywhere. Hackers are always changing their methods and adjusting their criminal activities to take advantage of the fears and concerns of people every time there is an outbreak, disaster, or economic concern.

There are many opportunities surrounding them, and this gives them new ways to manipulate people. Attackers do not care what measures they have to take in order to take advantage of the real concerns that people have. Cybercriminals will do anything for a financial gain, including exploiting the fears that people have about contracting a deadly virus.

Every business and organization is now a target. Businesses that have not taken any security measures to protect their business, employees, customers, etc. can find themselves in a position that it may be hard to get out of.

What does this mean for workplace security?

Unfortunately, many businesses were not prepared to have the majority of their workforce working from a location outside of the workplace. The businesses that were not prepared to transition to a remote workforce have been presented with a variety of challenges. A remote workforce can lead to a variety of security concerns and risks.

As a result, many cybercriminals will look to take advantage of the businesses that are allowing employees to work from home. Unfortunately, those who use wireless networks that are open to others may bring more risks. Public network connections will open the door for the theft of confidential information and several network security issues.

What can your business do to lower its chances of being attacked?

If you currently have a Backup and Disaster Recovery(BDR) plan in place, we encourage you to take some time to review your plan. Do you think your plan is effective and efficient enough to provide protection when you need it? Will you be protected against malware and other threats? It is important that you have an accurate snapshot of the health of your systems and that you review your activity and event logs. If you have a significant number of your workforce working from home, we encourage you to ensure your remote-access technologies are safe and effective.

As the coronavirus continues to spread and impact more people, more people will search the web for more information. Unfortunately, hackers will see this as an opportunity to take advantage of your attempt to protect yourself and your family. For more information on how to protect your personal information, your devices, etc., contact us today.

How Often Should You Take Backups?

Backup files and data on internet with cloud storage technology that sync all online devices and computers with network connection, protection against loss, business person touch screen icon

We all get busy and backups is one of the last things on your mind, however its critical when disaster strikes

Backup recovery is something that every business should invest in. Not just because it’s a smart thing to do on every technical guide, but because disasters happen. Big disasters like floods and fire and ransomware along with little disasters like accidentally deleting a Client’s CRM entry. Even run of the mill software updates can corrupt all the data that your software supports. Backup recovery data makes sure that no matter what happens, you can roll back the clock a day, a week, or a month to the last time your data was complete.

But the functional question isn’t whether you should have backups, you should. The question is how often you should take those backups. What happens if your data is lost, and it’s been over a month of active project work and client data since your last backup? That’s an entire month of detailed work gone. On the other hand, you also don’t want to take backups of static assets so often that you fill your storage with identical archives.

So today, we’ve put together a quick rule-of-thumb guide on how often you should back up each type of your data.

Active Data – Continuous Version Control

The data you update every day should probably be backed up continuously. This is a special kind of backup known as version control, which not only takes ‘saves’ of your work but also tracks exactly when changes were made and who made them. Version control ensures that you can quickly and easily roll back any changes that don’t work, remove only the changes made by a specific person, restore versions that were completed minutes or hours ago if an ongoing project or client file is somehow damaged.

Continuous backups through version control give you the most fine-tuned ability to both edit things based on changes and to restore recent version after changes were made that did not ultimately pan out.

Ongoing Project Data – Twice a Day

Data that is updated as a result of an ongoing project may be more practical to uptdate once or twice a day. A database into which entries are added in chunks, for example, or an archive of paperwork for which only a few pages are added per day might be the type of data that you want backed up constantly, but not necessarily minute by minute.

Backups made once or twice a day ensure that your active files can always be restored to a very recent version, even if they are not the type of file that requires version control levels of detailed editing and constant tiny roll-backs.

Workstations and Hardware – Once a Week

Your workstations and hardware are often the hosts to a great deal of useful data, including the software and configurations that are loaded onto them. When you have a full backup of a device, you can reload it from a factory wipe or clone it onto a whole new device in a much shorter time than it would take to rebuild all the configurations, apps, and stored data files by hand. However, workstations and devices don’t change often or drastically enough to need to be backed up every single day.

Weekly is probably the most practical timeline for backing up devices, particularly if your team tends to store files locally and update their settings to streamline their work. A device backed up weekly can be quickly restored to it’s favored functioning state directly after a malware attack, update crash, or other general malfunctions that might require a restoration process.

Infrastructure and Settings – Once a Month

Finally, there are the big infrastructure backups. Your network and its configurations, for example, were not perfect for your business right out of the box. Your tech infrastructure and static company files were carefully built piece by piece and setting by setting until everything worked exactly the way it needs to for your business. It contains your tech stack, your network configurations, and all your security measures.

Backing your tech infrastructure and settings up monthly can ensure that even if you suffer a system-wide outage, physical disaster, or ransomware attack, you can bring the whole system back online. Even if you need all-new hardware to do it.

For more insights into smart IT management and data security, contact us today!

How to Keep Your VoIP Highly Secure

close up man hand point to press button number on telephone office desk with virtual interface effect of VOIP security concept

Cyber Security doesn’t stop at your data network, does your managed service provider review your VoIP System?

VoIP is the standard for office phone systems today. It offers economy, versatility, and valuable features. It’s the only reasonable choice for a new exchange. When it’s done right, it provides a very secure communication system, much safer than email. Calls within the network, as well as many outside calls, have end-to-end security.

Like any other function on the network, it takes some attention to make sure it really is secure. There are people who try to get into every network, and phone systems are as much of a target as any other point of entry. Nothing can eliminate all risk, but a careful approach to selection, installation, and management keeps it down to a very low level.

Reasons for caring about VoIP security

Any part of a network can be a jumping-off point for attacks on the rest of it. Every device needs to be kept as safe as reasonably possible. VoIP phones, like workstations, smartphones, and servers, need to be part of the network security plan.

If the exchange isn’t well secured, people can get in and use it for free. They increase the costs as well as the load on the network. Unauthorized calls can reduce the quality of service for legitimate ones.

Spies could listen in on calls, gathering business secrets or personal information. Once they’ve collected enough information, they can impersonate key employees and engage in plausible-sounding scams.

A weakly secured system is more vulnerable to a denial-of-service (DoS) attack, making it impossible to place calls. Such an attack, sustained for hours, can seriously disrupt business.

A security plan that takes VoIP into account greatly reduces these risks and ensures reliable phone service. Users can make calls with greater confidence.

Setting up the service

The first steps’ come with the selection and ordering of the service. The hosting provider needs to handle its own security well. If you set up an on-premises PBX, you take on responsibility for it and need to make sure it’s well managed. Most businesses, especially small to medium-sized ones, find that hosting is the sensible choice.

Make sure that the service which you choose offers secure protocols in the service package you select. Secure SIP does for voice connections what HTTPS does for Web access. It uses TLS security to prevent unauthorized access and ensure that the connecting parties are who they claim to be. Secure RTP, or SRTP, encrypts the content of communications, making it nearly impossible to spy on. As a bonus, it makes DoS attacks more difficult.

Setting up the network

Adding VoIP to a network requires some configuration changes. This is the time to minimize the vulnerability of voice connections on the network.

The voice network ought to be segregated from the data network. One approach is to have two separate networks, each with its own router and devices. That can require significant rewiring, though. Having voice and data on separate subnets accomplishes almost the same thing and is easier to set up. Either way, the separation improves quality of service as well as security.

Voice and data devices should have separate IP address ranges, so they don’t get mixed up with each other. If a DHCP server assigns the addresses, voice and data should each have their own DHCP allocations.

Many businesses have multiple locations, and employees would like access to the phone exchange from home or in the field. Setting up a virtual private network (VPN) or wide-area network (WAN) keeps all intra-office calls inside the network. They give an extra layer of safety, encrypting all traffic.

Securing the administrative functions is vital. Keep the number of people who have access small, and use multi-factor authentication. Allowing administrative access only from specified IP addresses further improves safety.

Securing the users

The individual devices and user accounts need ongoing attention. When configuring phones and softphone applications, each one needs to have a strong and distinct SIP password.

People like being able to access the voice network from their personal phones. Setting them up with compatible applications and VPN access makes this possible. However, a well-managed BYOD policy is necessary to keep matters under control. If someone installs a softphone app on an infected phone, that could give spies access to the voice network and more. A good policy for user-owned devices sets standards for acceptable device types, and it lets the administrator cut off any misbehaving devices.

When using their personal phones in the office, people will often prefer to go through Wi-Fi rather than the cell network and VPN. Access is more direct and faster. All Wi-Fi access points in the office should already use WPA2 encryption, and voice access is one more reason to make sure they do.

Ongoing maintenance

Security isn’t something administrators can set up and forget about. It requires regular maintenance. Vulnerabilities will turn up from time to time in both phone firmware and voice applications. Where there are known vulnerabilities, attacks soon follow. Keeping the phones and software patched with the latest security releases will keep anyone from exploiting those weaknesses.

Network monitoring and periodic security scans will alert administrators to any problems. The sooner a problem is caught, the less damage it will do. The system should maintain logs of activity to aid in diagnosing any issues. The logs need to be kept safe, since they could provide attackers with clues about weaknesses in the network.

VoIP needs the same attention to security as any other network function. When everything works right, it’s safer than a PSTN connection, since conversations never travel through analog lines. Intra-office calls are secure from end to end, and conversations with other VoIP systems often have the same level of protection. With a reasonable level of care, employees can discuss confidential matters safely.

SystemsNet hosts, maintains, and upgrades your VoIP for you, so you don’t have to worry about configuration errors or security patches. You can use your PBX in confidence. Contact us to learn how to get started.