• Layla Eshack


October is Cybersecurity Awareness Month!


We are here to help you stay safe. Here are the top “tricks” you need to be aware of this month:

#1: Phishing


Phishing is the most common type of cyber attack. It occurs when someone sends malicious emails or links while disguising themselves as a trustworthy source. Often times phishing emails can come from what appears to be a legitimate source, such as a bank or government agency. The idea is to get the email recipient to share information or click on a malicious link or attachment.


Phishing is THE most common way that hackers collect private information. Studies show that one in 99 emails is a phishing email.


99% of cyber attacks result from someone clicking a link.


In order to stay safe, DO NOT click on links from unknown senders. You should only click on links or download attachments when they are from someone you know or you were expecting them.


In these pandemic times, hackers are taking advantage of the fear and unemployment rates. A recent trend is for hackers to impersonate the government. Government agencies such as the IRS typically operate through the mail, and you should be suspicious of any calls or emails from someone claiming to be the IRS.

#2: Ransomware


Ransomware is a strategy hackers use to claim your system using malicious software. They block access to the system and data until a ransom of money is paid.


Ransomware attacks can be targeted at individuals or businesses and may demand various amounts of money, often a cryptocurrency such as BitCoin.


For businesses, this can be devastating. Ransomware attacks can close operations and pressure business owners to pay the ransom just to be able to function again, but the ransoms can be so high that the damage is impossible to come back from.


If your system becomes compromised, it can be too late. Preventative measures should be taken, such as strong password security policies and user training regarding safe cybersecurity practices. Talk to your IT professional about how your business is staying safe.

#3: Insider Threats


It can be easy to overlook the vulnerability of your computer system if you only consider external threats. Insider threats are dangers posed by those who have (or had) legitimate access to your system. These can be accidental or intentional.


Examples of insider threats include a careless employee, a sneaky former employee, a compromised 3rd party vendor, or a deceptive spouse.


Organizations sometimes fail to consider the true risks that insiders pose to their cybersecurity. Yet, internal risks are every bit as dangerous and damaging as the external ones, even if there is no malicious intent.


Check out our blog post on the Dangers of Insider Threats:

https://www.criticalitsolutions.com/post/the-dangers-of-insider-threats

#4: Malware


Malware is software designed to damage your computer system. It can be easily downloaded onto a device by clicking on a link or downloading an attachment with malware (such as in a phishing email).


The uses of malware can vary. Sometimes this malicious software can be used to steal valuable information. Sometimes it can be used to lock your system and conduct a ransomware attack. A virus is considered a type of malware, although a virus will replicate itself and spread through multiple programs.


Your computer system should have anti-malware and anti-virus software in place.


Talk to your IT professional about what you are currently doing to stay safe, and how you could reduce risk.

Questions? Call Critical IT Solutions to see if your business qualifies for our free risk assessment. 240-442-2960

  • Layla Eshack


IT service providers deliver the technical expertise small businesses need at a much lower cost than hiring IT staff. They can recommend, install, and manage technology according to business’ objectives and core competencies and ensure that critical data is safe. That’s why nearly 70% of U.S. small to medium sized businesses (SMBs) work with an IT service provider for some or all of their IT needs. There are many considerations for SMBs thinking about moving their IT to another company. Below, we’ve summed up the key factors to help you decide what’s best for your company.


What’s an MSP?


An MSP, or managed service provider, is an IT service professional to which SMBs outsource their IT needs. MSPs are the guardians of IT, delivering ongoing monitoring and management of client applications (email, web site, security, etc.) and IT infrastructure remotely. This is typically accomplished through remote monitoring services, which allows them to keep tabs on the health of their clients’ IT environments, change and update systems, and troubleshoot problems. MSPs closely monitor a wide variety of IT solutions a business has implemented, including web apps, desktop and server management software, backup and disaster recovery, storage management tools and security software. Small businesses outsource IT to ensure all their business systems, operations and networks remain up and running. Managed service providers take a proactive approach to IT. Rather than waiting for something to break or shut down, MSPs ensure a customer’s IT can avoid most tech issues in the first place. This is huge, because IT related downtime can have a devastating impact on revenue and reputation—especially for smaller businesses trying to grow. SMB Managed Service Consumption A survey by B2B research firm Clutch showed that 69% of U.S. SMBs use at least one IT service provider, regardless of company size. 63% of respondents indicated they also have dedicated, in-house IT staff. However, this percentage was much lower among SMBs with 10 or fewer employees—only 31% of that group have in-house IT staff.


MSPs typically deliver services on a subscription basis; companies pay a fixed amount, usually monthly, for a specific set of IT services. Some common examples include, but are not limited to:

  • Application monitoring/management

  • Helpdesk

  • E-mail

  • Security

  • Storage

  • Backup and Disaster Recovery


These services are typically offered either as packaged services, or a la carte, depending on the needs of the SMB. They are also often priced at a fraction of the cost of a full time IT resource. MSPs work with a variety of technology vendors in order to deliver these services. However, it’s not just about the technology. Rather, the expertise of the service provider holds the most value for SMBs.


Why SMB’s Adopt Managed Services


Moving all or some IT tasks to a managed service allows businesses to focus on their core competencies instead of day-to-day IT management. This is especially important for SMBs, since they are frequently stretched thin from a personnel and budget standpoint. Obviously, the specific reasons SMBs adopt managed services depend on the unique needs of the organization. For example, the IT needs of a five person company with no in-house IT will be quite different from those of a 100 person company with a dedicated IT team. However, generally speaking, businesses adopt managed services to improve upon all or some aspect of their IT strategy or infrastructure. How this occurs will largely depend on the in-house IT expertise of a given business.


According to IT industry trade association CompTIA, the top reason SMBs adopt managed services today is to “improve efficiency/reliability of IT operations” (51%). But, context is important. For a very small business, “improve efficiency/ reliability of IT operations” might mean implementing and managing the IT infrastructure. At the other end of the spectrum, it might mean outsourcing some routine tasks so in-house staff can focus on higher-level technical challenges. And, 31% of respondents said that they opted to work with a service provider to “free IT staff to work on strategic projects.” MSPs can provide different levels of support to meet the technology requirements of different businesses. Many businesses choose to work with IT providers because they have expertise in a specific area of IT. For example, 38% of respondents in CompTIA’s survey said that they adopted managed services for “enhanced security/compliance.” This is likely due to the fact that ransomware attacks and security breaches are constantly in the news, but it highlights the fact that MSPs have deep technical knowledge in specific disciplines of IT. Also, the ongoing monitoring and software management MSPs provide is particularly important, because keeping software patched and up to date is essential to protect against security breaches. Also, working with an IT provider allows businesses to offload tasks that are difficult and/or time consuming. That’s one of the reasons that managed data protection services are so popular today. Protecting company data through backup and restore has long been a pain point for companies of all sizes; MSPs can ensure the SMB company data is fully protected from malicious or inadvertent actions, reducing business risk by putting complex tasks in the hands of experts.


MSPs can also initiate new projects and implement new technologies quickly. They have the resources and flexibility to get projects off the ground which might take weeks or months in-house. Implementing new technology with your existing environment can be complicated and time consuming. Because MSPs work with a wide variety of clients with different IT needs, they are uniquely equipped to take on complex IT projects. They also have vast experience troubleshooting the products they use—allowing them to resolve problems quickly. Depending on the company, cost savings may also be a factor—especially among smaller SMBs with straightforward IT needs. Monthly fees for managed services will vary depending on services delivered. But, managed services are generally more cost effective than hiring in-house IT staff for smaller businesses. According to Kaseya’s 2018 MSP Benchmark Survey Results, 24% of respondents pay under $1,000 a month for managed services ($12,000 per year) - a fraction of the yearly salary of an IT professional in the U.S. An additional 28% said they pay between $1,001 and $2,500. Larger companies with internal IT can also recognize cost savings from IT managed services. However, cost saving isn’t the primary driver for managed services adoption among larger companies. According to CompTIA, larger SMBs are more likely to contract with MSPs for strategic reasons.


There are a variety of reasons that SMBs need help from third-party IT firms. IT skill and expense tops the list for smaller businesses. Very small companies stand to reduce IT costs while getting the IT expertise they need by partnering with a service provider. Larger businesses typically work with IT providers to offload a number of difficult or time-consuming tasks, allowing their internal IT staff to focus on mission-critical activities. The ongoing infrastructure monitoring that managed service providers deliver can help SMBs avoid IT issues, data loss and downtime. Small business IT teams face budget and time constraints that make it difficult to deliver the level of monitoring an MSP can. This may be the most important benefit of working with an MSP, because IT downtime can completely derail a small business. If you’ve never considered an IT managed service offering and are trying to manage your own IT, it’s worth being aware of this cost effective way to have your IT burden lifted. If you are working with an IT provider on a project basis, it is worth investigating whether they offer managed services as well. Or, if your current IT team is running ragged, perhaps you can offload some difficult IT tasks. MSPs can help keep you focused, and keep you safe!


  • Layla Eshack


Is Cloud Computing Right For You (or Your Business)?


If you are a small business owner, you might be considering transitioning your computer network and operations to the cloud. The simple fact is, cloud computing is not a good fit for every company. The information on this page will arm you with the critical facts you need to avoid expensive, time-consuming mistakes.


Below, you will find 5 very important facts you need to know about cloud computing for your company. These include:

  1. The pros AND cons you need to consider before moving to the cloud.

  2. Cloud migration tips.

  3. The various types of cloud computing options you have (there are more than just one).

  4. Answers to important, frequently asked questions you need to know the answers to.

  5. What questions you need to ask your IT pro before letting them “sell” you on moving all or part of your network and applications to the cloud.

What is Cloud Computing?


Advancements in technology and Internet connectivity are driving down the costs of computing power. With cloud computing, businesses can pay for computing power like a utility without having the exorbitant costs of installing, hosting and supporting it on premise.


In fact, you are probably already experiencing the benefits of cloud computing in some way but hadn’t realized it. Below are a number of cloud computing applications, also called SaaS or “software as a service,” you might be using:

  • Gmail, Hotmail or other free email accounts

  • Facebook

  • NetSuite, Salesforce

  • SurveyMonkey and other survey tools

  • LinkedIn, Twitter, and other social media

  • Amazon

  • Netflix

  • iTunes, Spotify

  • All things Google (search, docs maps, etc.)

If you think about it, almost every single application you use today can be (or already is) being put “in the cloud” where you can access it and pay for it via your browser for a monthly fee or utility pricing. You don’t purchase and install software but instead access it via an Internet browser.


What About Microsoft 365 And Google Apps?


Microsoft 365 and Google Apps are perfect examples of the cloud computing trend; for an inexpensive monthly fee, you can get full access and use of Office applications that used to cost a few hundred dollars to purchase. And, since these apps are being powered by the cloud provider, you don’t need an expensive desktop with lots of power to use them – just a simple Internet connection will do on a laptop, desktop or tablet.


Pros and Cons of Moving to the Cloud


Keep in mind there is no “perfect” solution. All options have upsides and downsides that need to be evaluated on a case-by-case scenario.


Keep in mind the best option for you may be a hybrid solution where some of your applications and functionality are in the cloud and some are still hosted and maintained from an in-house server. We’ll discuss more of this in a later section; however, here are the general pros and cons of cloud computing:


Pros Of Cloud Computing:

  • Lowered IT costs. This is probably the single most compelling reason why companies choose to move their network (all or in part) to the cloud. Not only do you save money on software licenses, but on hardware (servers and workstations) as well as on IT support and upgrades. So if you hate constantly writing cash-flow-draining checks for IT upgrades, you’ll really want to look into cloud computing.

  • Ability to access your desktop and/or applications from anywhere and any device. If you travel a lot, have remote workers or prefer to use an iPad while traveling and a laptop at your house, cloud computing will give you the ability to work from any of these devices.

  • Disaster recovery and backup are automated. The server in your office is extremely vulnerable to a number of threats, including viruses, human error, hardware failure, software corruption and, of course, physical damage due to a fire, flood or other natural disaster. If your server were in the cloud and your office was reduced to a pile of rubble, you could purchase a new laptop and be back up and running within the same day. This would NOT be the case if you had a traditional network and were using tape drives, CDs, USB drives or other physical storage devices to back up your system. Plus, like a public utility, cloud platforms are far more robust and secure than your average business network because they can utilize economies of scale to invest heavily into security, redundancy and failover systems, making them far less likely to go down.

  • It’s faster, cheaper and easier to set up new employees. If you have a seasonal workforce or a lot of turnover, cloud computing will not only lower your costs of setting up new accounts, but it will make it infinitely faster.

  • You use it without having to “own” it. More specifically, you don’t own the responsibility of having to install, update and maintain the infrastructure. Think of it as similar to living in a condo where someone else takes care of the building maintenance, repairing the roof and mowing the lawn, but you still have the only key to your section of the building and use of all the facilities. This is particularly attractive for companies that are new or expanding, but don’t want the heavy outlay of cash for purchasing and supporting an expensive computer network.

  • It’s a “greener” technology that will save on power and your electric bill. For some smaller companies, the power savings will be too small to measure. However, for larger companies with multiple servers that are cooling a hot server room and keep their servers running 24/7/365, the savings are considerable.

Cons Of Cloud Computing:

  • The internet could go down. While you can mitigate this risk by using a commercial-grade Internet connection and maintaining a second backup connection, there is a chance you’ll lose internet connectivity, making it impossible to work.

  • Data security. Many people don’t feel comfortable having their data in some off-site location. This is a valid concern, and before you choose any cloud provider, you need to find out more information about where they are storing your data, how it’s encrypted, who has access and how you can get it back.

  • Compliance issues. There are a number of laws and regulations that require companies to control and protect their data and certify that they have knowledge and control over who can access the data, who sees it and how and where it is stored. In a public cloud environment, this can be a problem. Many cloud providers won’t tell you specifically where your data is stored. Most cloud providers have SAS 70 certifications, which require them to be able to describe exactly what is happening in their environment, how and where the data comes in, what the provider does with it and what controls are in place over the access to and processing of the data. However, keep in mind that it is still the responsibility of the business owner, so it’s important that you ask for some type of validation that they are meeting the various compliance regulations on an ongoing basis.

Cloud Migration Tips


When done right, a migration to Office 365 or another cloud solution should be like any other migration. There’s planning that needs to be done, prerequisites that have to be determined and the inevitable “quirks” that need to be ironed out once you make the move.


Every company has its own unique environment, so it’s practically impossible to try and plan for every potential pitfall; however, here are some BIG things you want to ask your IT consultant about BEFORE making the leap.


DOWNTIME. Some organizations cannot afford ANY downtime, while others can do without their network for a day or two. Make sure you communicate YOUR specific needs regarding downtime and make sure your IT provider has a solid plan to prevent extended downtime.


SLOW PERFORMANCE. Ask your IT consultant if there’s any way you can run your network in a test environment before making the full migration. Again, every environment is slightly different, so it’s best to test before you transition.


3RD PARTY APPLICATIONS. If your organization has plug-ins to Exchange for faxing, voice mail or integration into another application, make sure you test to see if it will still work in the new environment.


Types of Cloud Solutions


Pure Cloud: This is where all your applications and data are put on the other side of the firewall (in the cloud) and accessed through various devices (laptops, desktops, iPads, phones) via the Internet.


Hybrid Cloud: Although “pure” cloud computing has valid applications, for many it’s downright scary. And in some cases it is NOT the smartest move, due to compliance issues, security restrictions, speed and performance. A hybrid cloud enables you to put certain pieces of existing IT infrastructure (say, storage and email) in the cloud, and the remainder of the IT infrastructure stays on-premises. This gives you the ability to enjoy the cost savings and benefits of cloud computing where it makes the most sense without risking your entire environment.


Single Point Solutions: Another option would be to simply put certain applications, like SharePoint or Microsoft Exchange, in the cloud while keeping everything else on-site. Since e-mail is usually a critical application that everyone needs and wants access to on the road and on various devices (iPad, smartphone, etc.), often this is a great way to get advanced features of Microsoft Exchange without the cost of installing and supporting your own in-house Exchange server.


Public Cloud Vs. Private Cloud: A public cloud is a service that anyone can tap into with a network connection and a credit card. They are shared infrastructures that allow you to pay-as-you-go and are managed through a self-service web portal. Private clouds are essentially self-built infrastructures that mimic public cloud services, but are on-premises. Private clouds are often the choice of companies who want the benefits of cloud computing, but don’t want their data held in a public environment.



Contact Critical IT Solutions if you have questions about cloud computing or data security.

12305 Cypress Spring RD

Clarksburg, MD 20871

Call

T: 240.442.2960
F: 877.344.7601

 

© 2020 by Critical IT Solutions LLC.

  • facebook
  • w-tbird