You Can’t Afford to Ignore Security Breaches – Here’s Why

cybersecurity

It’s National Cybersecurity Awareness Month, and what better time to educate yourself about data breaches? There were 1,244 breaches reported in 2018 alone, and small and mid-size businesses are just as much at risk as big-name companies. Unfortunately, plenty of businesses are content to ignore security breaches – but you really can’t afford to.

Here’s what you need to know about data breaches, and how to protect yourself:

The Numbers on Data Breaches

Are data breaches really that big of a threat? The numbers speak for themselves. The average data breach costs US companies $7.91 million. Part of the reason for the huge cost is that data breaches can be difficult to detect if you’re not looking for them; in fact, companies take an average of 190 days or more to identify a data breach. Think about the amount of damage hackers can inflict on your business in that time. 

Think this is just a mega-corporation issue? Small and mid-size companies aren’t immune. Small businesses account for 58 percent of data breach victims, and they often lack the resources of an enterprise company to combat an attack. Every company, no matter how big or small, needs to take the danger of data breaches seriously.  

Why Are You a Target?

You may think you have nothing of value, but think about the data you store every day:

  • Employees’ birthdates, Social Security numbers and other personal information
  • Client names, email addresses and phone numbers
  • Banking information, including account and routing numbers
  • Credit card numbers

All of this data is valuable to cybercriminals, and you need to store it to conduct your business. But with that data comes the responsibility to protect it properly. 

Why Businesses Ignore Breaches

If breaches are so common and have such significant consequences, why do so many businesses completely ignore them? There are a couple of reasons for this. 

One is the lack of an immediate financial impact. Even when a business owner realizes that data is missing, money hasn’t always been directly stolen from the company. Businesses without a defined response strategy may not think they have the time or resources to react, so the problem falls below other priorities and is ultimately overlooked. Some companies may even ignore a data breach due to fear of backlash or confusion about their responsibility to notify customers.

The Danger of Ignoring Breaches

Of course, ignoring issues doesn’t make them go away. In fact, the dangers of ignoring a data breach are immense. Some of the consequences of a breach are:

Lost business. By giving you their personal information, consumers are implicitly expressing trust in your business. If you betray that trust by failing to take every precaution, it can be extremely hard to win back.

Stolen or lost records. A data breach can result in lost or stolen data, or your employees could be completely blocked from accessing data, as in the case of a ransomware attack. Any of these outcomes means major costs, both in downtime and recovering or replacing any lost data.

Noncompliance and legal action. Failing to meet the data privacy standards in your industry can result in steep noncompliance fines. Customers whose data was exposed in a breach may also pursue legal action against your company, especially if you failed to notify them in a timely manner.

How We Can Help

Data breaches can be scary, but they don’t have to be inevitable. We protect your business with a comprehensive suite of security solutions to block or contain even sophisticated cyberattacks. Plus, we educate you and your employees on ways to minimize the chances of a breach. Contact us today to start defending your data.

Are You Ready for Microsoft’s 2020 End of Support?

microsoft ending support

Microsoft® support might not be something you think about every day. The list of Microsoft products you rely on is likely longer than you realize, but they’re just a part of your work and not something you – hopefully – spend much time worrying about.

In fact, it has probably been a while since you purchased those Office and Windows solutions, and you might not have realized that the established support lifecycle for Microsoft software has been steadily making the switch to an as-a-service model.

And now you’re hearing that 2020 is bringing with it an End of Support for a long list of Microsoft products and solutions. Maybe you’ve even been ignoring some consistent nagging from Microsoft about it. As much as you might like to, these changes aren’t something you – or your business – can afford to ignore. Let’s take a look at what 2020’s End of Support will mean for anyone in your company who is using a Microsoft solution on the list.

  • No More Support: You’ve probably gathered this from “End of Support,” but what this means for you is that calling the Microsoft help desk after the 2020 cutoff date won’t yield the results you might hope. You’ll be told these solutions are no longer supported and sent on your way.
  • Security Risks: Considering just keeping those outdated solutions running? Be aware that it’s more than just the help desk you’ll be losing out on. As Microsoft support ends, so will the regular patching, upgrades and compliance assistance you get when Microsoft rolls out fixes.
  • Buggy User Experiences: Offices that continue running these outdated solutions can expect to see ongoing issues with the user experience as patches and updates are no longer applied, which will lead to a seriously frustrating workday for your team.

What do you need to do to avoid the headaches? To state a complex problem simply, make sure your office is ready to update to newer versions of these Microsoft solutions prior to their End-of-Support date, and have a dedicated resource who can track current and future lifecycle dates to make sure you aren’t caught off-guard.

Running a business means you’re conservative about upgrades, and the old model of extended lifecycles has let you maintain that conservative approach. But change is coming, and your business shouldn’t have to suffer for it.

How We Can Help

Sound daunting? It can be, but the Microsoft 2020 End of Support doesn’t have to mean a crisis for your business. Whether you need to update your software, keep your operating systems on schedule or make sure your patching and security are proactively handled, we can help. Contact us today to talk through what we can do to support your business.

 

 

Does Your Company Have a Business Continuity Plan?

business continuity

No business owner expects their company to face a major crisis. They’re optimistic that their company can overcome any problem. But when disaster strikes, your company needs more than just optimism. You need to be ready with a business continuity plan. 

If you don’t already have a plan in place, here’s why you need one and what it should include.

What is Business Continuity Planning?

A business continuity plan is an outline detailing the procedures and instructions a company needs to follow to get up and running after a disaster. These disasters may come in many forms, such as your office building catching fire, a natural disaster (flooding, hurricane or tornado) or a cybersecurity attack. 

Business continuity plans are different from disaster recovery plans, which tend to focus solely on recovering the company’s IT system following a crisis. Business continuity plans contain outlines and contingencies for all aspects of your business, such as business processes, assets, human resources, etc.

Why Do You Need a Business Continuity Plan?

It doesn’t matter if you’re a mom-and-pop business or a large corporation, you have no time for downtime. Not having a plan can be financially devastating. For example, IT downtime costs a company an average of $5,600 per minute, according to GartnerWhen you have a business continuity plan in place, the key stakeholders know what they need to do to get your company running with minimal downtime. 

What’s in a Business Continuity Plan

Now that you understand why business continuity planning is vital, where do you begin? According to Ready, developing a business continuity plan includes four steps: the business impact analysis, recovery, plan development and testing. Here’s what you need to know for each step: 

  • Business Impact Analysis — The first step is identifying the effects of a disruption of business. This is also the time to determine which business functions take priority and the resources needed to get the company running again.  FEMA provides a Business Impact Analysis Worksheet for free.
  • Recovery — After completing the business impact analysis, and addressing any potential plan gaps, it’s time to develop recovery strategies. Recovery strategies are alternate means to return business operations to minimum levels. For example, this may mean developing a plan to operate out of a secondary facility, having the staff work remotely or using third-party contractors to keep production moving. 
  • Plan Development — The next step is to assemble a continuity team. This team will create the framework of the continuity plan and implement it during the crisis. 
  • Training — Once the plan is in place, the continuity team needs to test it. This means training the staff, so they know their roles during the crisis. During testing, you’ll be able to uncover any gaps and update the plan accordingly. 

How We Can Help

Now that you understand what you need in a business continuity plan, are you able to create one? If you have no idea where to begin, let us help. We understand that small to medium-sized businesses don’t have the time, manpower or experience developing plans. That’s why we work with you and your staff to make this process painless and help your team understand their roles in the event of a disaster. 

Contact us today to get started. 

4 Reasons Your Business Needs an IT Disaster Recovery Plan

Let’s face it; accidents happen. If it can go wrong, it might. That is why every business, from the mom-and-pop shop around the corner to the Fortune 500 company in the downtown high-rise, needs a backup and disaster recovery plan.

According to Forbes, one in three businesses is unprepared for a disaster because their plan is outdated, or they don’t have one in place. Of those that don’t have a proper plan, 90 percent of businesses fail following a disaster, reports FEMA. With that in mind, here are four disasters that can derail your business, and how you can prevent that from happening:

Natural Disasters

Over the last year, we’ve seen companies across the U.S. receive the brunt of nasty natural disasters. Some notable natural disasters included wildfires in California, hurricanes along the Atlantic coast and flooding in the Carolinas. Businesses in those areas were devastated, with buildings and equipment damaged or destroyed.

Building & Hardware Failures

As the temperature outside rises, so do the number of building fires. Summertime is a peak time for commercial structure fires as the summer heat, overworked air conditioning units and lightning strikes increase the risk of fires.

In addition to the risk of your building going up in smoke, there is also the chance that your hardware may fail. Hardware failure is the #1 cause of data loss, contributing to 45 percent of all unplanned downtime, according to Dynamic Technologies.

Cyber Attacks & Data Breaches

Hackers and cybercriminals are starting to view small and medium-sized businesses (SMBs) as prime targets as many continue going digital. According to Verizon’s “2019 Data Breach Investigations Report,” 43 percent of breaches involved small businesses. Here are some of the ways cybercriminals attack:

Malware — malicious software such as spyware, viruses and ransomware. Once in your computer, the malware can block access to your computer, covertly transmit data or destroy the system from the inside.

Phishing — the act of sending fraudulent communications such as emails or attachments which grant hacker the ability to access your sensitive data.

Exploiting Outdated Software — Hackers taking advantage of weaknesses in older versions of computer programs. There was a patch available for Windows computers months before the 2017 WannaCry ransomware attack, but the people affected put off downloading the update, according to CSO.

Human Error

Unfortunately, if there is going to be a data disaster, we — the user — will most likely be the cause. Roughly 90 percent of cybersecurity issues are the result of human behavior, according to Chief Executive. These behaviors can include clicking on suspicious links, not downloading software patches and updates, accidentally deleting important files, or a disgruntled employee abusing privileges.

How We Can Help

For SMBs, it’s not a matter of “if” you’ll be affected by hardware failure, a data breach or some natural disaster — it’s a matter of “when.” With on-site and off-site servers, automated cloud backups and enhanced security features, your business won’t miss a beat when the worst happens.

Let us help by designing a backup and disaster recovery plan customized for your business. Contact us to get started.

IT Compliance: The Game

IT security compliance GDPR HIPAA

A great business leader knows they have to play by the rules before they can change the game. This is why being well-versed in compliance is so imperative. Compliance has become the new house rules for how businesses conduct themselves on the board. To ensure all of your pieces stay in play, here are the compliance regulations you should know.

GDPR: Playing by the EU’s House Rules

The European Union rolled doubles on protecting the information of its citizens with General Data Protection Regulation (GDPR). While you and your business may reside stateside, any entity that processes and stores the personal data of EU citizens must follow this compliance.

These guidelines must be followed unless otherwise consented by individual citizens. Visitors retain the right to withdraw their information at any time and companies must respect the individual’s right to be forgotten. Essentially, an EU citizen will allow some of your house rules until they want to change up the game, then you must respect their decision – no rage-flipping the board.

You can successfully conduct business in European markets with a qualified technology partner as your chance card to help you understand the transition to GDPR compliance. They ensure that you are properly meeting regulatory compliance and help you avoid fines of four percent of your global annual turnover or up to $22.4m (whichever is larger).

PCI DSS: A Safe Strategy

Payment Card Industry Data Security Standard (PCI DSS) compliance creates an additional level of protection for credit, debit and cash card transactions. It guarantees that your customers’ card information is kept safe when it’s stored, processed and transmitted.

A great technology partner can make all the difference in your regulatory status by building a secure network and maintaining crucial systems throughout the year. You’ll be able to avoid risky noncompliance fines and ensure you stay in the game.

Got any, SOX?

In the legendary and hallowed battle of wits known as Go Fish, strict penalties fall upon the deceitful when they are caught lying about not having a certain card. This is similar to the Sarbanes-Oxley Act (SOX).

SOX maintains a level of transparency among entities that publicly trade within the US. It holds company officers responsible for accurate reporting and requires a number of auditing measures to show how much capital a company has, as well as where it is being spent.

With intuitive IT services, you will keep the faith of investors, remain transparent and discover the streamlining benefits that SOX can provide. Not to mention, you’ll avoid hefty fines and jailtime so you can pass go and collect your profit.

HIPAA-ration

The Health Insurance Portability and Accountability Act protects the storage of an individual’s medical records. Like the Operation board holding various ailments, companies known as Business Associates (BA) hold the medical, insurance, and payment records of individuals. Your company is considered a BA if it creates, receives, maintains or transmits protected health information and compliance pertains not only to the primary data handlers, but also their subcontractors.

To safeguard this information from top to bottom, a technology partner becomes the red light and buzzer on the patient’s nose, a safeguard against anyone trying to remove the “water on the knee” of information from your client’s records. Working with tech services provide the necessary solutions so you and your partners transmit data securely.

Consider Us Your Game’s Master

Partnering with a managed services provider is the easiest way to ensure you’re meeting and exceeding compliance standards. Contact us today to be your guide in the IT business game, and we’ll help you become a seasoned player.

The Pros & Cons of Leading Cloud-Based Collaboration Tools

Improving the way your team works together is one of the easiest ways to increase ROI and improve output. The McKinsey Institute found that teams improved productivity up to 25 percent through increased collaboration. That’s why the cloud provides hundreds of tools and applications designed to enhance communications and connections.

Cloud-based collaboration tools are ideal for teams that work on the go or remotely, allowing users to work on the same documents in almost real-time and stay connected through video and other chat forms. Whether you’re looking to improve the way your team communicates or need to eliminate wait times between versions of a project, there is a cloud-based solution that can help.

Not sure where to start? Here are three to consider, based on widespread adoption by businesses like yours.

Microsoft Office 365

Pros: Office 365 gives your team full access to Microsoft’s most powerful collaboration tools from any desktop, laptop, tablet or mobile device – making remote teams as productive and connected as their on-premises counterparts. Error-proofing tools even allow you to revert documents to previous versions.

Cons: Because Office 365 can be accessed from any endpoint, your risk of breaches increases. Most team members use personal devices outside of work to access confidential files, and these devices aren’t always protected by the same security as your company-issued laptops or desktops. With a multi-layered solution from a reliable partner, you can ensure your endpoints are protected and eliminate any risk of breaches.

 

Slack

Pros: Slack provides an enriched environment for real-time communications. Set up channels based on teams, departments or projects. Using different Slack channels, you can discuss open tasks, create strategies, get feedback from clients and deliberate more quickly than an email conversation.

Cons: Slack is a great tool when used appropriately, but the platform becomes a security risk when abused. Anyone with admin access can create new channels and take away access from other admins. Usually, this poses no threat, but when a disgruntled employee feels provoked, they could remove admin privileges and start a channel consisting of all your clients. By keeping admin access restricted and putting in fail-safes you can keep your risks at an all-time low.

 

Cisco Webex

Pros: Cisco provides crystal-clear quality and uninterrupted streaming with their Webex video chatting service. Converse with teammates and clients around the world and leverage presentation features to keep the entire audience engaged and informed. Eliminate the majority of communication barriers with video feeds that show reactions and nonverbal cues.

Cons: While Webex has a variety of powerful features, those aspects come with a higher price than some competitors. To leverage unlimited cloud recording storage and other benefits, you’ll have to pay more than what comes out-of-the-box. If you’re on a strict budget, you’ll need to pay attention to what features you will and won’t use.

Cloud-based collaboration tools help improve productivity and increase ROI, but you have to find which solution works best for your business. Whether the right solutions for you include Office 365, Webex or something else, we keep your business safe with multi-layered security solutions and proactive support.

 

For more information on cloud-based collaboration tools and how we can help you improve your productivity and ROI, contact us today.

Hot Holiday Tech Gifts You Can Afford

When shopping for holiday gifts on behalf of your business, keep in mind that tech gifts are always appreciated. Finding tech gifts that recipients will appreciate that are also in your price range can be a challenge, so we’ve put together a menu of hot tech gifts for 2018 in a variety of price ranges for you.

Less than $10

NUBWO Portable Bluetooth Speakers with HD Audio and Enhanced Bass

This handy speaker is not only small (3.8×3.8×3 inches) and light (8 ounces), it also connects with most Bluetooth audio devices in three seconds and provides room-filling sound. It can be used to make hands-free calls from smartphones, tablets and more.

Less than $50

Blue Microphones

Blue is the hottest name in microphones today. Whether used for recording, streaming, Skype, Twitch, conference calls or any other way a computer microphone can be used, whoever you give a Blue microphone to will be heard loud and clear.

Less than $100

Ring WiFi Smart Video Doorbell

The Ring video doorbell is a tech gift that lets the home resident get up-close-and-personal with whoever rings their doorbell – even if they are on the other side of the country. The doorbell is connected via WiFi, which enables use of the Ring app on iOS and Android.

Less than $150

Beats by Dre Solo2 Luxe Edition Wireless Headphones

Solo2 headphones look like a sports car, feel like they were made for whoever is wearing them and sound totally awesome. Includes HD audio and enhanced bass. Plus, depending on the device you use, the RemoteTalk cable lets the user change songs, adjust volume and make calls without getting up.

Less than $300

4K UHD TV

You can spend $3,000 or more for a Smart 4K Ultra High Definition (UHD) TV with High Dynamic Range (HDR), but you can also find a selection for less than $300. 4K UHD TV with HDR is the new standard for Smart TV because the picture has double the pixels in each direction and looks incredible.

Less than $400

Apple Watch Series 4

Perfect for the Apple enthusiast, the Apple Watch Series 4 is bigger, better and more affordable than its predecessor, and one of the hottest gifts available. Displays are 30 percent larger. Sound is 50 percent louder. There’s a built-in GPS as well as potentially life-saving electrical and optical heart sensors. It’s also a true marker of success.

 Less than $1,000

HP Spectre X360 Laptop

For the PC user who admires everything about a MacBook Pro (except that it’s a Mac), the HP Spectre X360 is the perfect gift. At 2.78 lb. with a full HD screen (or higher resolution), the Spectre X360 runs Windows 10 and is a business computing powerhouse.

Every item on this list is a business-appropriate gift the recipient will use and enjoy. Holiday gifts let people know they are appreciated and help solidify business relationships. Of course, you’ll want to remember the people who do the work in your organization.

And what about the organization itself? An IT infrastructure that works the way it’s supposed to and drives growth by maximizing productivity is about the best gift you can give your organization. Contact us today to discuss how much more your technology could be doing for your organization.

Everything You Were Afraid to Ask About Section 179

Taxes can overwhelm the best of us – but if you’re the owner of a small or medium-sized business, Section 179 is well worth the extra effort this tax season. If you’ve put off looking into this bottom-line-boosting provision, let us break it down:

What is the Section 179 tax deduction?

Instead of gradually depreciating technology over several years, Section 179 allows you to deduct the full price of any qualifying equipment or software purchased or leased during the year. It’s meant to encourage businesses to stay competitive by purchasing the equipment they need while benefiting their bottom line. Depreciating assets in the first year also helps reduce overall profit, which is the figure that ultimately determines your tax payment.

Will it benefit me?

No matter your industry or the size of your business, you rely heavily on technology to service your customers, make your job easier and capture your share of the market. Section 179 allows you to upgrade to the newest technologies without the blow of a huge upfront cost. Even businesses with a net loss are qualified to deduct some of the cost of new equipment and carry forward the loss.

What qualifies?

  • Purchased, financed or leased business equipment
  • Computers and “off-the-shelf” software (productive, anti-virus, administrative, etc.)
  • Office equipment and machinery (e.g. servers and printers, routers, network switches, network security appliances)
  • Commercial use vehicles
  • Improvements to nonresidential property

What do I need to do?

  • Purchase, finance or lease equipment and put it into use by midnight on Dec. 31, 2018
  • Use it for business purposes more than 50% of the time
  • Consult with your accountant to determine your eligibility

What are my limits?

  • $1M – Maximum total amount you can write off in 2018
  • $2.5M – Maximum total amount of equipment purchased in 2018 eligible for full deduction

How can I take advantage of the Section 179 deduction?

  • Simply make the purchase and use Form 4562 to claim your deduction
  • The full deduction can be claimed until you’ve reached $2.5M in equipment or software purchases
  • Past the $2.5M point, the deduction decreases on a dollar for dollar basis and disappears once $3.5M worth of equipment is purchased

 Stop making excuses not to invest in yourself and get a powerful edge over your competition by taking advantage of Section 179. Not sure where to start? Contact us today to talk about upgrading your technology infrastructure.

Why Your Business Needs a vCIO to Succeed

virtual CIO services blog

If you have plans to expand your business, your technology needs to scale with you and support your growth. But, your IT team is too busy with day-to-day tasks to perform comprehensive assessments, research the newest tech innovations and create a strategic roadmap for the future. Hiring a costly executive to oversee your IT might be out of the question, but you’re not out of options. Enter a virtual CIO, or vCIO – an expert or team of experts focused on managing your high-level IT needs, for a fraction of the cost of an in-house CIO.

Here are four reasons your business needs a vCIO to succeed:

 

Creating a Plan for the Future

Your IT might be keeping pace with your needs today – but, without a strategic plan for growth, the technology underpinning your business gives you headaches or fails altogether. A vCIO assesses your current technology infrastructure and consults with you about your business goals to develop a detailed roadmap for the future. This ensures that your hardware, software, applications and other technology solutions align with your needs, and that you’re not wasting time and money on technology that won’t bring you closer to your goals.

 

Ensuring Business Continuity

Do you have a backup and disaster recovery plan in place? Do you know where your data is stored and how to access it if your primary systems fail due to a natural disaster, cyber attack or employee error? A vCIO designs a disaster recovery strategy tailored to your business, so you’re protected from every angle. They monitor your network 24/7 for potential disruptions and resolve them before they impact your business. Additionally, a vCIO mitigates the risk of downtime and data loss while updating or migrating systems.

 

Making Smart Investments

New products and services always sound good – but, how do you know if they’ll actually provide a strong return on investment? Virtual CIOs stay up-to-date on tech innovations and understand which ones will support your business now and into the future. Your vCIO can also help you prepare for aspects of the transition that would otherwise cause unexpected hiccups. Make decisions with confidence, knowing that you’re choosing the best investments for your business.

 

Meeting Industry Requirements

Whether you’re in healthcare, retail, financial services or another industry, you face a long list of regulations – and failing to comply results in crippling fines. Virtual CIOs develop industry-specific experience, so they can help you meet regulations such as HIPAA and PCI, stay current with standards and protect your customers’ data – and your reputation. They can also make recommendations on the best software programs and applications for your specialized business needs.

Virtual CIOs help you achieve success by adding value to your operations – without the full-time salary, benefits and office space of an in-house CIO. Interested in learning how a vCIO can impact your business? Contact us today to find out.

Why Should You Consider IoT? The Good, the Bad and the Integration

consider IoT for business

As technology progresses, we’re finding new ways to keep all of our devices connected for a seamless user experience. This idea is called the Internet of Things (IoT), and it works for more than just computing devices – it also includes mechanical and digital objects.

From microwaves, washing machines and lamps to televisions, projectors and security systems, connecting your technologies is a powerful concept. Gartner predicts that IoT will be a $1.9 trillion industry by 2020. So, what do you need to know to take advantage of this trend to grow your business?

The Good

The IoT helps you track behavior in real-time and enhances situational awareness, but what does that actually mean for you? Imagine it’s 6 pm, and you’re cooking dinner while listening to music. You connect your mobile device to your surround-sound television. Your technology keeps track of your activity, and IoT uses that information to analyze what you’re doing, viewing or listening to in real-time. Using that data, you’ll gain a customized experience. You skip a slower song, and your devices react by adjusting algorithms to produce fewer slow-tempo songs. Now, imagine how you can use IoT to enhance your customer’s experience. You can use the data you collected to figure out when their technology needs updated or to identify breaches based on location and trends.

The Bad

It’s important to note that the more devices connected to the Internet, the more vulnerable your information is to unauthorized users. By connecting your mobile device to your home security system, your business’s Wi-Fi, your email and more, you open up a variety of entry points for hackers and other cyber criminals to access and manipulate your systems. But, even the bad isn’t all bad – a reliable IT partner can keep your endpoints protected by multiple layers of security.

The Integration

When considering an IoT approach, you need to ask yourself a few questions:

  • What are the goals of my business?
  • What is my realistic budget?
  • Which solutions make the most sense for my business?
  • Should I integrate technology all at once or in stages?

A managed service provider can help you answer these questions while ensuring IoT devices are properly integrated and secured. Integration begins with identifying your needs, determining which solutions work best for your business needs, then deploying those solutions, testing services post-deployment and protecting your endpoints.

Adopting the IoT approach impacts your business significantly. The vast amount of data and services available can shape your daily workflow. For more information on how IoT can affect your business, or to start implementing IoT, contact us today. We’ll help you work through the good, the bad and the integration.