HIPAA Part 2: Diving Deep into the Security Rule

In our first HIPAA article, we offered a little history on the Health Insurance Portability and Accountability Act and a general overview of how the Privacy and Security Rules evolved from it. In this post, we’re going deep into the murky depths of the Security Rule from a business standpoint.

HIPAA’s Security Rule may seem daunting at first, especially if you’re not an IT expert, but you don’t need a degree in computer science to understand the standards it establishes. At its core, the HIPAA Security Rule is about knowing what data you have, assessing the people and technology handling it, and finding where problems could arise. Survey, assess, plan, implement, and—most importantly—repeat. This is an easy way to think about and manage the requirements laid out in the Security Rule.

What Is the Security Rule?

The Security Rule sets the standards that entities creating, using, or transmitting electronic protected health information (ePHI) must implement in order to “ensure the confidentiality, integrity, and availability of ePHI . . . protect against any reasonably anticipated threats and hazards . . . [and] protect against reasonably anticipated uses or disclosures of such information not permitted by the Privacy Rule” (NIST). If you can imagine it happening to you, then you have to protect against it.

Confidentiality, Integrity, and Availability

The Security Rule uses this phrase throughout. It’s a key tenet of its purpose, but what exactly does it mean to ePHI?

  • Confidentiality: Don’t allow anyone without proper permission to access ePHI, as described in the Privacy Rule, to see it.
  • Integrity: Ensure that the ePHI created, maintained, or transmitted isn’t altered in any way.
  • Availability: Ensure those with permission are able to access ePHI when they need it.

A quick way to think of these are “Don’t Show. Don’t Change. Can Use.” Keep these goals in mind when implementing the standards set forth in the Security Rule.

Understanding the Security Standards

The Security Rule consists of 18 security standards divided into three sections: Administrative Safeguards, Physical Safeguards, and Technical Safeguards. Some of those security standards contain implementation specifications (36 in total), which provide more detailed instructions on what needs to happen to fulfill the security standard. The Security Rule designates these implementation specifications as either required or addressable.

Important! Do not confuse addressable with optional. All implementation specifications must be handled, but those marked as addressable may not be suitable for all businesses managing ePHI. Each business must assess its own situation to determine whether an addressable implementation specification is reasonable and appropriate. Once assessed, the business has to ask themselves:

  • Is the specification reasonable and appropriate? Implement.
  • Is the specification not reasonable or appropriate? Implement an alternate solution that would be.
  • Are there no reasonable and appropriate ways to implement the specification? Do not implement.

All assessments and justifications for not implementing a specification as stated in the security standard must be fully documented.

Reasonable and Appropriate

This is another phrase that appears throughout the Security Rule. Since the Security Rule affects a wide variety of businesses, it was designed with flexibility of approach in mind. Many of its standards and implementation specifications explain what needs to be done but not how to do it. How is left up to the individual business to determine based on its use of ePHI and its environment.

The security standards general rule §164.306(b)(2) explains that when “deciding which security measures to use, a covered entity must take into account the following factors:

  1. The size, complexity, and capabilities of the covered entity.
  2. The covered entity’s technical infrastructure, hardware, and software security capabilities.
  3. The costs of security measures.
  4. The probability and criticality of potential risks to electronic protected health information.”

Flexibility, scalability, and technology neutrality are key features of the Security Rule that allow businesses of any size or function to use the same standards and adjust accordingly to the evolution of technology. It’s important to note that cost alone is not enough of a justification to not implement a security standard. All factors need to be considered together when dealing with addressable specifications.

Security Standards

Before diving into the nitty-gritty of each security standard and the implementation specifications, evaluate what your business already has in place. Some of the requirements may be satisfied by the current security infrastructure. Read all the security standards once to get a feel for what you need to be assessing, then take the time to determine what measures, policies, and hardware already protect your ePHI. Knowing where you stand can save you time and stress while working toward HIPAA compliance.

Below we’ll address each section in a high-level overview and mention some of the important standards you should be aware of. This won’t be a step-by-step breakdown of all the standards and implementation specifications. For that, the Department of Health and Human Services (HHS) produced the HIPAA Security Series papers, which are extremely helpful, as is National Institute of Standards and Technology’s (NIST) An Introductory Resource Guide for Implementing the HIPAA Security Rule.

Administrative Safeguards

Administrative Safeguards make up more than half of all the standards in the Security Rule; however, this is also where many of your current systems might already be established to satisfy the requirements with little to no alterations.

The standards and implementations categorized under Administrative Safeguards involve the process of planning, selecting, and managing a business’s protection of ePHI. This includes, but is not limited to, emergency preparedness plans, policies and procedures, contracts, and employee management and training.

This category is all about knowing what you have, planning for the future, and making sure everyone in the company knows how to enforce the confidentiality, integrity, and availability of ePHI. It’s not enough to simply implement these systems, though. Everything must be documented, accessible to all who need it, tested and reviewed periodically.

Important Standards to Note

Security Management Process §164.308(a)(1): This is the very first standard, and for good reason. Its implementation specifications require a risk analysis and continuous risk management. The information gathered in these steps will help with many of the other standards. The risk analysis can highlight areas of deficiency in your security that might otherwise appear only when a malicious actor finds and exploits it.

There is no single correct way to perform a risk analysis because all businesses have differing needs. If you are looking for where to start, there are many useful guides outlining the risk assessment process. The HHS’s HIPAA Series includes Basics of Risk Analysis and Risk Management, and Appendix E in NIST’s Introduction provides risk assessment guidelines. For a more comprehensive look at risk assessments, NIST also produced a Guide for Conducting Risk Assessments.

hippa risk analysis

Workforce Security §164.308(a)(3) & Security Awareness and Training §164.308(a)(5): These two standards have seven addressable implementation specifications between them. These deal with verifying that employees have the correct access to ePHI according to the duties they perform, and that they are informed on how to protect themselves and ePHI from cybersecurity threats. It also deals with how management handles adding new employees and removing employee access as job duties change or if the employee leaves the company. Both management and employees are responsible in protecting ePHI, but they must be given the knowledge, tools, and policies to do so.

Contingency Plan §164.308(a)(7): This standard includes the creation or revision of several different emergency preparedness plans, including a Data Backup Plan, Disaster Recovery Plan, and Emergency Mode Operation Plan. Besides preparing both management and employees in what to do, who needs to do it, and where resources are in the event of an emergency, this standard also helps assess what hardware or software is critical to the confidentiality, integrity, and availability of ePHI. This allows better prioritization and distribution of limited resources. Such precise knowledge is especially important in facilities that provide direct patient care.

Physical Safeguards

Physical Safeguards deal with the facility, hardware, and other physical mechanisms necessary to protect ePHI, as well as the policies and procedures that regulate them. These can range from locks on doors or security guards in times of disaster to employees logging off before leaving a workstation. If a person could walk into your office and access ePHI, the Physical Safeguards handle how to appropriately plan your security measures according to your needs.

Important Standards to Note

Device and Media Controls §164.310(d)(1): Given the portability of data in the daily functions of modern business, it’s vital that any movable media containing ePHI be strictly logged, tracked, and disposed of when no longer needed. Even one lost USB drive containing ePHI is a breach of the Security Rule. This standard relates to all types of removable media, including laptops, flash drives, CD/DVDs, hard drives, and portable backups. It also deals with the re-use of these materials within the office, which first requires the proper removal and destruction of all ePHI.

Technical Safeguards

Technical Safeguards deal with the technology used to create, access, transmit, and protect ePHI, as well as the policies and procedures that govern it. The Security Rule remains intentionally vague on the specific technology used to fulfill these standards to allow for advances in technology and the changes in security needs against new cyber security threats. This flexibility is also what allows a variety of businesses to handle ePHI and still comply with HIPAA’s Security Rule.

Technical Safeguards address aspects such as user access, hardware and software use, transmitting ePHI digitally, and encryption for various purposes. The Risk Analysis and Risk Management specifications from Administration Safeguards are especially useful in determining the technological needs and policies to enforce.

Important Standards to Note

Integrity §164.312(c)(1): This standard refers directly back to the key phrase confidentiality, integrity, and availability discussed earlier. It’s not enough to protect ePHI from being accessed or transmitted improperly; ePHI must also be protected from improper tampering or destruction of data. Wrong or incomplete information can have drastic effects on patient lives and care, so the ability to authenticate the validity of ePHI is a vital part of its security.

Monitor and Update

A vital part of the Security Rule is not only assessments and creating policies but implementing them so all employees are aware of and following the rules. Systems should be in place to verify that employees receive the necessary training in ePHI security procedures and understand the consequences of not following the policy. Reassessment of policies and re-training of employees should occur periodically so outdated procedures can be re-written for the current threat environment. Cyber threats are ever evolving, so too should ePHI cyber protections.

While the Security Rule may feel a bit daunting, many of its requirements are best practices for any business. Knowing exactly what data you handle, how it’s processed, and who needs access to it provides you with an informed view of your business’s operations. Having a written and tested Disaster Recovery Policy, Contingency Policy, and Continuity of Operations Plan will save you time, money, and stress should an emergency occur.

If you have any HIPAA related questions or need help implementing the Security Rule’s technical standards, contact Anderson Technologies at 314.394.3001 or info@andersontech.com.

Pink phishing lure

Are You Ready to Go Phishing?

Phishing and spear-phishing emails are an ever-present problem to businesses, and the criminals are only getting better at fooling people. Understanding and being able to spot phishing and spear-phishing emails is a vital part of employee training at Anderson Technologies. But reading about how to spot them and actually spotting emails are different things.

Worse yet, the phishing websites those email links go to often appear legitimate, right down to having the secure lock icon in the browser. In their 2018 1st Quarter Report, the Anti-Phishing Working Group notes that “more than a third of phishing attacks [reported to them] were hosted on web sites that had HTTPS and SSL certificates.” They attribute this in part to the fact that consumers believe they can trust all HTTPS sites, or they at least recognize a site without encryption asking for personal or financial information is not secure.

It’s vital to know whether your email is a legitimate business interest or a scam hoping to trap you, but how confident are you to do so? Take our quiz to see if you can tell the difference between a legitimate email and a fake one.

Are you an expert phisherman or just the phish taking the bait?

1.
2.
3.
4.
5.
6.

Hopefully you were an expert phisherman, but if not, it’s not too late to brush up on some basics.

  • Know what you’ve ordered and who your vendors are. If you didn’t order anything from the person, don’t trust their emails.
  • Always check the sender’s address before clicking on links or attachments, even if it looks like a company you trust.
  • Read the email completely before clicking links. Poor grammar or obvious spelling/branding mistakes are key signs of phishing emails.
  • If you’re unsure if an email is really from a company you trust, go to their website manually, not through a link provided in the email. If it’s real, you can look up the information through your account, and if not, you’ve just protected yourself.
  • Don’t panic! Urgent calls for action to avoid loss of service or legal action are meant to upset you. Don’t let them. Read everything carefully and verify there’s a problem by using the service mentioned or calling the company using the number on their website, not in the email.
  • If all else fails, Google it. These emails are widespread and a quick Google search will most likely bring up a hundred different people receiving the same fraudulent email.

If you’d like a refresher course on e-mail safety, contact Anderson Technologies to schedule an employee cyber security training seminar. Reach us by email at info@andersontech.com or by phone at 314.394.3001.

Seven Core Values: The Building Blocks of Anderson Technologies

We strive to be the best in every area of our niche, and that includes our company’s values. Just as your company’s values are important to us, we know that ours are important to you.

Foundationally, these seven core values express the heart of our company, and they guide our team members both in the office and out working with our clients.

Integrity 

Be truthful and demonstrate strong moral principles. Act honestly, lawfully, and honorably. Hold yourself to the highest ethical standards. Accept responsibility for your decisions and actions.

Respect

Exhibit compassion for others by recognizing each person’s views and values in all communication. Be mindful of your interactions and treat everyone as you wish to be treated. Endeavor to provide honest feedback; share opportunities for improvement and give praise when deserved.

Dedication

Show commitment to your work and persistence to see all tasks to the highest standard of completion. Strive for excellence. Apply due diligence and resolve to deliver results that clients appreciate and value. Move quickly past failures and learn from mistakes. Take pride in and ownership for all you create.

Team-Oriented

Work together with colleagues to produce unsurpassed results. Assist in helping everyone engage to the best of their ability. Communicate openly and seek to contribute your value in a way that benefits the entire solution. Foster a collaborative environment with a shared sense of purpose.

Dependable

Strive to be trustworthy and reliable. Demonstrate you can be counted on when needed – whether internally or externally – to assist in achieving goals and delivering solutions.

Initiative

Assess and initiate tasks when opportunities arise. Adapt to spontaneous situations with an eagerness to rise to the occasion and master new challenges. Look for ways to improve processes and develop skills.

Client Focus

Identify each client’s needs, principles, and insights – not just for the work at hand but also for the ways these elements help achieve overall business goals. Appreciate each client’s nuances and apply your knowledge to enable a rewarding partnership. Strive to meet clients’ needs with service and solutions that exceed their expectations.

 

Core values are the building blocks of Anderson Technologies, and they help us provide you with unparalleled service. For more information about how our core values can make a positive impact on your small business, call 314.394.3001 or email us info@andersontech.com.

Cyber Symphony: The St. Louis Children’s Choirs Sings IT Praises

Everyday reliability keeps your business running smoothly. But sometimes situations arise that require an extra layer of dependability. When an important client is visiting or you’re preparing for a major event, the last thing you want to see is the “No Internet Connection” notification at the bottom of your computer. A downed server, network, or website can bring your entire operation to a standstill.

Such was the case with The St. Louis Children’s Choirs (SLCC), a non-profit organization serving around 500 students in the metropolitan area. “We have six different ensembles for students grades one through twelve,” explains Choir Director Dan Mayo. “Based on a combination of age and where a student might be in terms of their musical development, we’ll place them in the best fit ensemble.” SLCC presents four major concerts each year, giving aspiring choral students the opportunity to sing for their communities in settings both small and large, including Powell Hall, the home of the St. Louis Symphony Orchestra.

2018 is an important anniversary year for the organization, so extra fundraising pushes, coordination with alumni, additional concerts, and the milestone 40th-anniversary gala meant more promotion and web traffic than ever. “It’s been a crazy year,” Mayo says. But juggling all the duties associated with a significant anniversary becomes much more difficult if your tools keep breaking.

“We were having issues with server and internet downtime, a lot of phone downtime as well,” Mayo explains. Acting Chief Operating Officer Pam Jones knew Mark and Amy Anderson through a relative and was subscribed to the IT TechWatch newsletter. When SLCC decided to upgrade their IT vendor, Anderson Technologies was a clear contender.

“I was grateful that Mark didn’t come in and just try to sell us on the hype,” Mayo says. “Mark was just an honest guy who came in and told us what he thought we needed to address, and we just got a great vibe from him.” The team’s knowledge and reliability spoke for itself as well. Our managed services experts have tackled all of SLCC’s problem areas with other clients, leaving a track record of success and innovation.

“We felt really confident in the level of work that [Anderson Technologies does],” Mayo recalls. “We just had a feeling that we were going to be in very good hands.” SLCC officially signed on for managed IT services in February 2018.

Learning to Site Read

The most important project Anderson Technologies completed with SLCC was a situation no one expected. When SLCC’s website was hacked in early 2018, Anderson stepped in to mitigate the damage.

Mayo describes the situation as an emergency. “I think somebody got into the back end of the site. So we were like, ‘Once we get our board approval and everything we’re going to go with [Anderson Technologies], but in the interim can you please fix this?’”

SLCC’s previous IT vendor was unable to recover the site from a malware attack, leaving our team to migrate the site to our own hosting servers and restore a backup copy. Anderson Technologies Director, Farica Chang, who has years of experience implementing website security and mitigating malware problems, addressed the attack immediately. Several plugins, pages, and custom icons had been deleted, requiring a piecemeal approach to return the site to its original state.

“[Anderson Technologies] was super responsive,” Mayo says, “really quick on it … turned over every rock, crossed every t, dotted every i to make sure we could get back up to functionality as quickly as possible. That was yet another reason why we were confident to present our board with the information and say, ‘This is going to be a really great pairing.’”

Harmonizing Hardware

What kind of music do you expect to make when your instruments are out of sync and out of tune? SLCC knew it was time for hardware upgrades, but they weren’t sure where to start.

“We needed some new equipment, and we needed some people to think outside of the box a little bit,” Mayo says. “It just didn’t seem to be a priority for the group we worked with previously.” When seeking a new managed services provider, SLCC made hardware innovation a priority.

One aspect in particular SLCC needed updated was their storage methods. “At the time we were keeping large physical hard drives here on site and not really backing them up,” Mayo says. SLCC required a way to store massive media server files and student information in a failsafe, secure way.

Anderson Technologies outfitted the organization with a new backup methodology involving both local and cloud based storage. Two storage methods ensure files are safe in the event of a disaster. “In case we have things like a fire that melts the whole place down, we can actually recover from that type of situation,” Mayo says. “It’s a much better solution.”

Wi-Fi Signal from Flat to Fortissimo

Network reliability is another area of improvement SLCC wanted to focus on. Mayo in particular struggled with the wireless connection in the rehearsal room, an area that also houses his daily office. Spotty internet service and wireless coverage led to big problems like losing valuable work time or dropping calls over their VoIP phone system.

Anderson Technologies installed a Meraki firewall and new wireless access points to extend the range and security of SLCC’s wireless internet. “That’s worked like a dream,” Mayo says. “It’s been great to have [internet and phones] working reliably every day so that we don’t get any situations where we have to shut down the whole office for the whole day.”

Keeping Tempo for 40 More Years

There is nothing more important to SLCC than reliability during their important anniversary year, and Anderson Technologies firmly guaranteed that their system would ease those worries. “You know, ‘The phones are all down, the internet’s down, why are we even here?’ It would all happen at once,” Mayo says. “Part of it is just we were cobbling together some older and/or cheaper pieces of technology to make it work, but we had some weak links in the chain.”

A concise assessment of SLCC’s IT needs combined with a clear timeline of solutions allowed the organization a smooth delivery of their anniversary events without any major hang-ups. Anderson Technologies’ continued partnership with SLCC provides them with the freedom and peace of mind to continue serving St. Louis’s young choral aficionados for another 40 years. “We’ve had the much more stable setup that [Anderson Technologies] promised us,” Mayo states. “It’s definitely worked as advertised.”

For more information about how Anderson Technologies can tune your IT to make sure every note is perfect, contact us here or call 314.394.3001.

3 Key Ingredients of Our Managed Services “Secret Sauce”

Over the past 20-plus years, Anderson Technologies has seen what works really well in the IT industry and what should be avoided. Simply completing a project is the bare minimum needed from your IT partner and shouldn’t be where managed services ends. Along with technical knowledge and skill, three key traits improve the relationship between client and IT team more than any other – excellent communication, logical systemization, and earned trust.

Technical Knowledge and Skill

One of the primary reasons you hire a managed services team is for their technical expertise and they should be capable of handling most any technical challenge you face. This really isn’t a secret! Additionally, dedication to maintaining a high level of technological skill should be key for any IT firm.

It can be difficult to determine if a managed services provider prioritizes technical skills, especially for a small business owner who isn’t familiar with the technology industry, but there are a few clues for the layperson. In addition to checking their history and references, information like certifications, education, and satisfied customers can reveal much about a managed services provider, even before they’re hired.

Fixing what’s broken is the fundamental requirement for any managed services team but when building the Anderson Technologies team, technical knowledge and skill is only the first ingredient we look for, and just the beginning of the “secret sauce” of IT services.

  1. Communication

A huge part of managed services is acting as an interpreter.

Every industry has its own language, whether it’s attorneys, dentists, non-profits, finance, manufacturing, engineering, etc. It’s probably easy to remember an incident when communication was a barrier rather than a bridge. The best managed services providers can explain a problem and its solution in laymen’s terms as well as industry-specific vernacular, and easily translate between the two for clients. Poor communication between system administrator and client makes gathering accurate information and completing a project successfully unnecessarily difficult.

Clear communication is vital to not only providing clients the best service but helping them understand what needs to be done and why it is important.

Hand-in-hand with excellent communication are the systems and processes a managed services provider follows to deliver truly excellent service.

  1. Logical Systemization

A huge part of systemization is establishing ideal methodologies and creating processes and specialized documentation designed to produce consistent, repeatable results. Taking the time to develop these best practices and build a structure around them can be easily overlooked by busy entrepreneurs. Members of an effective managed services team should be enthusiastic about combining technical and communication skills into this vital process documentation. Keeping accurate and detailed records not only helps you, the client, but maintains a consistent level of service throughout the team and ensures requests are resolved quickly and correctly.

Systemization and record keeping aren’t incidental to the best managed IT services teams – it should be built into their approach from the beginning. Included in Anderson Technologies’ managed services plans are an extensive client onboarding process, regularly scheduled proactive maintenance designed to prevent breakdown, periodic audits of client infrastructure, systems for tracking project progress and responding to user support calls.

Process documentation and customized methodologies enhance the performance of managed services providers, and, even more important, the performance of the client.

  1. Earned Trust

For some IT firms, an individual’s technical ability trumps everything else. But the system and network administrators hired to interact with your most confidential data and technological vulnerabilities should be a team you can implicitly trust.

When building our managed services team, Anderson Technologies seeks those who align with our core values: Integrity, Respect, Dedication, Team-Oriented, Dependability, Initiative, and Client Focused.

These qualities are the most important ingredients in our “secret sauce.”  They define our organization’s character, which has been developing over two decades.  It is who we are as a team and what we represent and strive for every day as a company.

The best managed services firm goes beyond that skill to provide service on another level. Excellent communication, logical systemization, and earned trust combine to make the secret sauce that comprises an IT managed service that truly shines.

Anderson Technologies looks forward to sharing our “secret sauce” of managed IT services with you. If you need assistance, call 314.394.3001 or email info@andersontech.com.

IT Glue: Holding the Keys of Your IT Kingdom Together

At Anderson Technologies, your business’s IT security is our highest concern.

To that end, last year we implemented a documentation platform called IT Glue after recognizing the benefits of storing critical information in a single, organized repository. Our team consolidates knowledge, building a shared, encrypted library that helps address your needs better than ever before and ensuring your network isn’t reliant on how well one person can remember details.

What Is IT Glue?

IT Glue is an efficient documentation repository that keeps your relevant IT information readily at hand in a customizable environment. Documentation platforms help managed service providers maintain their internal processes and client credentials.

The website securely stores configurations, domain expirations, contacts, locations, passwords, security specifics, wireless data, backup schedules, and documents in its easy-to-access dashboard. Information is updated as needed by various team members, but controlled access allows the data to be viewed by the client via separate accounts as well.

Another helpful feature of IT Glue is that it easily integrates with other tools IT consultants use—like their PSA (Professional Services Automation) application—with two-way retrieval of data. This ensures information entered in one is automatically synchronized to the other. Too often, clients that Anderson Technologies inherits from other managed service companies arrive with minimal or outdated records. Documentation platforms make record keeping easier and more integrated while strong security implementation keeps the data safe.

Keeping Your Sensitive Information Locked Down

Multifactor Authentication

To login to the secure documentation platform, users must activate multifactor authentication (MFA). After entering a username and password, MFA requires the use of a third-party app configured on a mobile device to generate a single-use, six-digit code that expires after 30 seconds. Once the code is entered, the user is granted access.

Multifactor authentication provides an important added layer of protection to keeps accounts secure by preventing unauthorized logins. If someone has the password but not the MFA device, any login attempt will be unsuccessful. The concept is similar to showing your ID when using a credit card in a store. Secondary verification mitigates the chances of a thief taking your stolen credit card on a mall shopping spree.

Passwords

IT Glue organizes passwords so users can easily access the multiple accounts for websites, email addresses, computer logins, and applications clients use every day. Credentials are organized in a user-friendly way, and URLs can be launched with the passwords populated. This saves valuable time, whether you’re monitoring servers and firewalls or updating a web page. IT Glue allows for granular permission levels as well as user-based permissions and group permissions, allowing contributors to specify who should be able to access each addition to the system.

Legal Compliance

SOC 2 compliance means that IT Glue is audited by a third party and its security and best practices are verified. Among other things, this helps companies comply with HIPAA—an essential for those providing IT consulting services to health organizations.

IT Glue’s website says, “To pass the audit for SOC 2 compliance, IT Glue had to demonstrate best security practices in terms of its physical infrastructure, the software that it uses, the personnel involved in governance, both automated and manual processes used, and data. The audit can only be passed when each of these areas of IT Glue’s system are compliant with SOC 2 standards.”

Organization Equals Efficiency

Efficiency for our IT team means your IT service is more capable with these shared resources – providing resolutions faster and reducing your frustration and down time.

IT Glue’s dashboard allows for speedy access by keeping track of recently accessed data. It also offers two types of searches—organizational and global—which helps our IT professionals quickly find information with just a couple keystrokes. Instant indexing of all uploaded data helps expedite the process for troubleshooting and problem solving.

Anderson Technologies tracks client domains within the system to keep DNS records readily at hand and has configured the platform to send an email alert if a domain is expiring. Our team documents license keys for apps and programs, allowing us to quickly install programs on new computers. IT Glue logs all user access as well as deletions and revision history within the app, providing a full access log for each team member.  By combining this data with a robust feature set, the platform gives us the ability to thoroughly document client information for more efficient service.

The key to achieving the full potential of a process documentation platform is to realize it only manages as much information as you provide it. This means it works best if clients help keep it updated with any changes, such as passwords and other credentials that may be needed in the future.

Elena Estrada, Anderson Technologies’ IT Support Coordinator says, “Whenever we’re notified of a change in the client’s environment, we add that information into IT Glue. Keeping us up to date is essential. When clients fail to share updates with us, it can get confusing. The information stored in IT Glue is only helpful when it’s accurate and current.” An important feature for documentation repositories is input of information by users.

Anderson Technologies is committed to efficient, accurate, and professional service. Using IT Glue as a documentation repository is one of the ways to serve you better. If you would like more information on IT consulting services, call 314.394.3001 or email us info@andersontech.com.

A Dynamic Network for a Dynamic Place: IT Support for a St. Louis Nonprofit

Every system your business uses needs tweaking over time. Employees come and go, technology advances, and you may find yourself facing unexpected issues as you balance your business’s vision with the changing technological tides.

Such was the case for Crown Center for Senior Living, a residential retirement community in St. Louis and one of our managed services clients since January 2018. From its founding over 50 years ago, Crown Center has grown tremendously from its start as a nonprofit affordable housing community for Jewish residents of University City.

“Our main mission is independent living for seniors,” says Theresa Dattilo, Office Manager at Crown Center. “Over the last couple of years, it’s really evolved to be a community center.” The community is an activity hub for more than just its residents. “People in the community can come here and take an exercise class, eat in the café, or take an art class. There’s always people going on trips, people doing gardening,” she explains. “It’s really a dynamic place to be!”

The influx of activities and participants meant that Crown Center relied more than ever on its online means of communication. Reaching a larger group of people required strong cyber security and reliable hardware and connections. It was time to reevaluate their previous approach to IT.

Choosing an IT Company

Before Crown Center partnered with Anderson Technologies, they’d been with the same company for ten years. “I think our needs evolved over time,” Dattilo says, “and we found they weren’t meeting our needs anymore.”

Crown Center’s server and firewall weren’t being updated, which can create network security holes on top of reducing hardware functionality. Their IT support line offered help when necessary, but Crown Center needed more than just a break/fix approach. They started looking for someone who would take ownership over their infrastructure.

“We took a pretty long time to decide which company to go with,” Dattilo admits. After narrowing the proposals down to six companies (Anderson Technologies included), it was difficult to compare them and decide which would be the best fit for Crown Center. “While I did that, Mark [Anderson] had called me a few times just to check in…. He wasn’t being a pest or anything but wanted to see if we needed any other information. That was helpful.”

But how Anderson Technologies really impressed Crown Center was through proactivity. By offering to conduct a thorough infrastructure audit “Anderson did something that no other company did,” Dattilo says. “It gave us a lot of good information about the status of our security and how our backups are working and the hardware, our remote access.” Offering an infrastructure audit with no strings attached—and making sure Crown Center fully understood their technology needs—made Anderson Technologies the clear choice for IT support.

Bolstering the Firewall

The first project on Crown Center’s to-do list was tackling their outdated firewall. Firewalls are a business’s first line of defense, but many users fail to realize they need to be monitored, maintained, and updated in order to work most effectively. The firewall established by Crown Center’s previous IT support company hadn’t been regularly updated, wasn’t running any type of internet content filtering, and didn’t provide the granular reporting data necessary to quickly detect network activity. This left any machine with internet access more vulnerable to malicious sites and programs.

Also, the team was unfamiliar with the firewall manufacturer. “I was a little concerned because they said they had never heard of it,” Dattilo says. “You know most of the tech people all use the same equipment, or they at least know the name of it.”

Anderson recommended a new Meraki firewall, a trusted name in enterprise-grade security. This cloud-based management system makes maintaining cyber security and providing IT support easier for our managed services team. “Now that we’re getting updates as they’re released by Meraki, we’re not worried about any security issues,” Dattilo says. “We know that they’re watching.”

Reconnecting with Wireless

Crown Center officially became an Anderson Technologies client at the beginning of the year, which meant tax season was approaching. This made their connection issues that much more urgent. “Every year,” Dattilo explains, “we have about six to eight people from AARP that come here to do taxes. They do taxes for the community and for our residents. Every year, they have connection issues.” Each AARP representative used their own computers, all with varying operating systems and update schedules.

Anderson sent in reinforcements to help during this time. Joseph Baker, Anderson Technologies’ System Administrator, spent a couple of days at Crown Center providing onsite IT support for the visitors from AARP. Dattilo was grateful to see their connection issues finally resolved: “I had someone who was going to take care of these people instead of them all just looking at me saying ‘I can’t get the internet.’”

Since then, Anderson replaced Crown Center’s Wi-Fi networking equipment with four new wireless access points that provide reliable connections for the entire facility. Crown Center gratefully acknowledged our onsite IT support in their time of need. “It really gave me a sense that these people are being taken care of, we’re being taken care of, and that our partnership with AARP was important, and the community members who signed up to get their taxes done were able to get them done,” says Dattilo.

Sprucing Up Hardware and Software

One technological issue that often catches our clients by surprise is how quickly hardware and software become obsolete. Many organizations budget for equipment upgrades but struggle to know when and where to implement those changes. “Each year we replace about three to five computers,” Dattilo says. Even though she keeps an updated spreadsheet of the staff’s machine specs, it’s not always easy to know which computers take priority.

Taking into account Crown Center’s budget and planning, Anderson Technologies put in place a system to replace a portion of the facility’s computers every year as a part of the managed services contract. “That’s a great feature,” says Dattilo. “That way we have new technology, and nobody’s computer is going to be more than five years old.” She’s currently working with Senior System Administrator Eric Dischert to decide the best placement for Crown Center’s new hardware for this year.

Along with complete IT support, St. Louis’s Anderson Technologies experts are always scouting out current tech news so our clients can benefit from technological advances as soon as possible. Crown Center had always purchased their software licenses from a retailer that offered discounted rates for nonprofit organizations. However, when Crown Center applied to upgrade their computers from Microsoft Office 2010 to Office 2016, Microsoft had changed their volume license qualification criteria and denied their application.

Software licenses are an expensive investment for most organizations. “We worked every angle we thought we could work,” Dattilo recalls. “That’s been a tricky thing to navigate.” To provide the staff with up-to-date software on a reasonable budget, Dischert worked to acquire five licenses and found an alternate solution.

The Best IT Support St. Louis Has to Offer

Anderson Technologies remains committed to Crown Center’s mission and priorities as it continues to cross projects off Crown Center’s checklist. Crown Center’s approach to IT called for a managed services provider that would hold themselves accountable for balancing innovation with functionality and budget. “We’re never going to be the first organization to try a new technology, but we don’t want to be the last one either,” reflects Dattilo. “I’d say we’d like to see what the early adopters discover, let the bugs get ironed out, and then we would jump in and start to have one or two people try something new.”

Recognizing this, Anderson Technologies’ focus has been and continues to be engaged, proactive service. Projects like hosting Crown Center’s website allow staff to focus on the community instead of worrying about what happens if their online communication becomes unreachable.

Dattilo has always been the go-to staff member for issues like these, so the convenience of both on-site and remote IT support alleviates her role as the tech support middleman. “Before if people contacted me I would be the contact with our old IT company because we had so many hours a month that we were charged for,” she explains. “I wanted to make sure that we were [only] charged for important issues. Now if there’s an issue I have them call you guys because there’s a record of it, and I don’t have to be the contact anymore. It’s very helpful.”

Not only does Crown Center’s nonprofit mission enrich the lives of the 300+ families they serve—it satisfies a need for engagement in St. Louis’s community. Anderson Technologies is proud to play a part in this organization’s important service. “You guys have brought some good technology to the table,” Dattilo says, “and we’re glad to be one of your clients.”

For more information about how Anderson Technologies can revolutionize your organization’s IT infrastructure, sign up for a free consultation or call us at 314.394.3001.

When Phishing Strikes: The Tool Your Business Needs When Cyber Criminals Succeed

Email-delivered threats have increased drastically over the last few years. Even businesses with enterprise-level email services and employee training can fall victim to creative manipulation. To battle this, Anderson Technologies offers a solution that protects email when other systems fall short.

The Incident

Imagine turning on your work email to find a message from your biggest client. “If we get one more spam email from your accounts, we will stop doing business with you.”

How can this be? You pay for managed services, educate your employees on email security, and even recently upgraded your email services. How could something like this happen? Sure, your employees have received some suspicious-looking emails in the past, but there’s no way that could seep into your client interactions.

Except that’s exactly what happened to Intrante.*

According to Farica Chang, director at Anderson Technologies, the system administration team was able to trace the outgoing spam to a single “malicious phishing email that successfully executed code inside two employee Outlook applications.” The malware set up email rules that “hid its behavior from the users and began spamming everyone in their address books with email sent through their accounts.” Those emails not only went out to every internal company inbox but also to many clients and vendors.

Intrante couldn’t afford for this to happen again. Imagine this happened to you. What would you do?

The Response

Upon learning of the spam coming from Intrante’s accounts, senior systems administrator at Anderson Technologies, Luke Bragg, immediately took action. “The first thing we did was reset the passwords for the suspected accounts that were compromised,” he said, thus cutting off further access from cyber criminals. “From there we started digging into the accounts to see what other data or settings had been maliciously modified.”

Once the scope of the incident had been uncovered and repaired, Bragg and his team needed a stronger email spam filtering solution to implement to prevent a similar incident from occurring in the future.

He looked to the August 2017 study from SE Labs, which analyzed email threat protection services. This data made it clear—while many popular email services catch spam and phishing attempts, messages still slip through the cracks. Three email filtering services analyzed by SE Labs received their “AAA” rating: Mimecast, Forcepoint, and Proofpoint Essentials. While all three provided excellent coverage, only the last service achieved a 100% accuracy rating.

Proofpoint inspects both inbound and outbound emails.  According to the SE Labs study, not only does Proofpoint quarantine or send threats to junk mail, it stops or rejects threats before they reach the user. If URLs are present in an email, Proofpoint’s system opens every link inside a controlled sandbox environment. “This action and analysis allows it to determine if the link is legitimate and safe before it releases the email to the recipient,” said Chang.

In addition to its stellar record, Proofpoint’s four subscription tiers also offer features that many clients of Anderson Technologies request. An Essentials Business account gives access to most of Proofpoint’s features, but the Advanced and Pro levels include email encryption (and along with that, HIPAA and PCI compliance) and social media account protection. Pro also offers a tamper-proof, off-site, unlimited (10 year) email archive.

With this distinctive solution, Anderson Technologies’ managed services team brought their answer back to Intrante.

Why Email?

According to Bragg, “email threats are extremely common, and probably one of the most targeted systems.” Email is the perfect delivery system for malware, spam, and phishing campaigns, all of which saw an increase in 2017, according to Symantec’s Email Threat Report. Email can be utilized by bots, entities with malicious intent, and acts (unintentional or intentional) by authorized users to spread these threats.

Even educated employees can miss the subtle tricks of an effective spammer.

Phishing emails may look and feel like they come from a well-known company, like Amazon, Apple, PayPal, or UPS. Frequently, these attacks ask the reader to “click here to log in to your account,” providing login information to a wolf in sheep’s clothing. These attacks are easy to mass generate and make money for the perpetrators even if only 1 in 100 falls for the trap.

According to Symantec’s Email Threat Report, “one out of every nine email users encountered email malware in the first half of 2017!” These emails typically offer an attachment disguised as an invoice or other important document. These may appear to be sent from other employees and may even be routed through their real email addresses.

Malware-spreading emails typically urge the reader to act NOW, inhibiting the thought process through urgency.

Another vulnerability tied to email is information hacking.

Even comparably low-value targets can provide lucrative information to hackers—information like other user names, passwords, client information, industry secrets, or proprietary data. Email is as insecure as a postcard. As long as it is only read by the intended recipient, your message is moderately safe. Even so, never send passwords, financial credentials, Social Security numbers, etc., in a plain-text email.  Once in the wrong hands, unencrypted email is easy to read.

Don’t be fooled. “Even with additional layers of filtering and security,” says Chang, “there will always be malicious emails that get through. Teaching employees to be wary and practice caution is the best defense.” Take advantage of education services like free seminars, or Anderson Technologies’ free eBook on cyber security.

Email may be the perfect vehicle for bad actors to find their way into your network, but you and your business don’t have to be a victim. With spam monitoring and encryption services like those offered by Proofpoint, a mistake or foolhardy action doesn’t have to mean the destruction of your business.

Protect Today!

Anderson Technologies strives to ensure the IT products and tools it recommends are fully vetted and employed internally first. Principal Mark Anderson reports that after implementing Proofpoint Essentials, his junk email count has dropped by over 90%! According to Symantec’s Email Threat Report, an estimated $1,177.42 annual cost for the time one employee spends managing spam.

Bragg recommends a layered approach to email security.  The first layer being perimeter protection with a good hardware firewall that has additional malware and intrusion defense capabilities.  From there, Bragg notes the importance of enterprise-grade anti-virus software on all workstations and servers. It is important that this software be closely monitored and updated to truly be effective. The final layer is spam filtering, and for that, Anderson Technologies recommends Proofpoint.

Of course, there is also user training, which is “challenging,” according to Bragg, “but necessary.”  Even for businesses that are confident in their employees’ cyber security training regarding email, Proofpoint brings operations closer to a Zero Trust mindset, truly making your operations secure.

Are you interested in adding a spam filtering or encryption service to your business? Contact Anderson Technologies today! Email info@andersontech.com or call 314.394.3001.

*Names have been changed to protect the identity of the business and its executives.

Cloud Storage Service Provider Keeps Things Working Smoothly

Is Your Cloud Provider Working for You?

By now, most companies are working hand-in-hand with cloud providers. Cloud storage is unavoidable, incredibly useful, and becoming more relied upon every day, especially for companies moving toward a paperless office. Therefore, an important question to consider is: are your providers working for you, or do they end up being a hassle?

Cloud services should be seamlessly integrated into your network and IT system as a whole for best practice. Above all, cloud services should be reliable and secure. If they are affecting productivity or leaving you vulnerable to data breach, it’s time to start thinking about changing to a new cloud service provider!

Assess Your Needs

Every company has specific needs their cloud provider must meet. Usually, this includes security, reliability, speed, and regulation compliance related to their industry.  Companies in the medical industry need a provider that is HIPAA compliant, while organizations in the investment industry need one that’s SEC/FINRA 17a-4 compliant. Whatever your needs, it’s vital to ensure that your provider meets those standards.

Your company’s unique environment dictates different network and system requirements. For instance, a company that centers on remote access requires different security measures compared to a company that works solely from a single main office. Budget, granular permissions, and whether you need a dedicated server environment must be taken into consideration when assessing and choosing a cloud service provider.

Cloud Provider Warning Signs

There are several cloud provider warning signs to look out for.

Data loss and lack of flexibility or scalability are major red flags. Data loss should never happen. If you lose data due to a failure within the cloud provider, they are either not testing backups or not doing them—neither of which is acceptable. If there is an outage and you don’t get your data back, that alone is reason to switch.

Some cloud providers also fall short with granular file-based permissions and cloud applications that don’t allow companies the control they need over their files and don’t allow them to assign permissions for individual employees. The lack of cross-platform support and poor mobile apps is another reason companies switch providers. As your company grows, scalability becomes incredibly important. You should be able to double your cloud infrastructure in the same day. If the cloud provider isn’t prepared for an increase in infrastructure, it’s a problem. Flexibility is one of the driving forces of cloud computing, so don’t be dragged down by poor scalability.

How to Assess Your Cloud Provider

According to Joseph Baker, systems administrator at Anderson Technologies, companies should pay attention to four things when assessing their cloud providers:

  1. Uptime/Service Level Agreement (SLA)

The most important thing to look at is uptime/SLA.  Major companies such as Microsoft, Google, and Dropbox have very good guaranteed uptimes and SLAs.

  1. Data Ownership

Some cloud companies claim that if data is stored on their servers, it’s theirs. They are not going to use it to copy your business, but if you don’t pay your bill or if you decide to migrate, they could legally hold your data ransom.

  1. Data Center Locations

Partner with a cloud service that has data centers in the same part of the world as you to decrease latency. Many low-cost cloud vendors are located in China and India, but the latency will be noticeably higher than with a domestic choice.

  1. Multi-Tenant or Single-Tenant “Dedicated Server” Environments

Some businesses care about multi-tenant environments. This means your data is stored on a remote server along with someone else’s data, or even a few different clients’ data, depending on resources needed. This is generally safe and the data is segregated, but sometimes there are compliancy requirements, and there is a chance that if someone’s data is infected, it might affect the entire server. If you want the peace of mind and are willing to pay more, a single-tenant “dedicated server” is another option.

After checking these things, don’t forget to look at the front-end, too. Make sure you ask the following questions:

  • How do I access the cloud provider?
  • Is the provider antiquated and forcing me to use outdated Internet Explorer or can I use any browser?
  • Does the provider have a smartphone app?
  • Does the provider work with Mac, Linux, and Windows?
  • Will my legal compliance be met?

Compliance isn’t always ubiquitous, even among the bigger companies. If your company has a specific compliance requirement, request the specific certification for it from your cloud vendor.

Is Your Provider the Most Economical Option?

There are a wide variety of cloud service providers, and each with different options and services, depending on what you need and are able to afford.

If speed and reliability aren’t a priority for you, it may make sense to go with an overseas data center. There will be some latency, but the vendor will be cheaper.

For cloud storage, you want to purchase a plan that fits your needs. If you know that you need somewhere close to 500 GB, it is wise to purchase that right off the bat so you have it and won’t need to change plans. If your company is planning to grow, but you don’t know at what rate, a “pay as you grow” plan may be your best solution. You will pay for what you use on a per GB basis.

Some providers charge overages for unexpected traffic spikes. If you have a cloud-hosted website, this could mean outages or huge overage charges to keep your site online. Keeping your cloud services economical depends on what’s important to each individual company.

Speed, reliability, and ease of access should always be vetted before making a decision. On the most basic level, as long as your internet is decent, you should be able to upload something and walk across the office to another workstation and access the file.

Hybrid solutions are another option to consider. Many companies like having cloud storage in conjunction with physical storage, just in case something happens to either storage service. They also like knowing that what they have is theirs instead of being reliant on another company. Hybrid solutions can be cost efficient and simple to implement.

OneDrive Might Be the Solution for You

Anderson Technologies recommends using Microsoft’s Sharepoint OneDrive and Office 365 because they quickly, reliably, and seamlessly integrate with many common Microsoft applications. It’s one of the only cloud providers that can be combined with other apps—and still work! Not only does it work, but Office 365 is HIPAA, FISMA, and HITRUST compliant, which can be a big relief.

Baker says that once someone switches to OneDrive, they note that “their previous cloud application didn’t allow them the control they needed over their files,” nor did they have the ability to permission them out to employees. “OneDrive uses NTFS permissions which is the same thing as all the versions of Microsoft Windows, so a lot of people are used to setting that up, and it’s a little more intuitive.”

Contributor at Forbes and owner of Evans Strategic Communications LLC, Bob Evans says, “Microsoft remains an absolute lock at the top due to four factors: its deep involvement at all three layers of the cloud (IaaS, PaaS and SaaS); its unmatched commitment to developing and helping customers deploy AI, ML and Blockchain in innovative production environments.” Behind Microsoft, Evans ranks Amazon’s and IBM’s cloud services as the next best options.

Originally, consumers dismissed OneDrive because it wasn’t as feature rich as Dropbox, but with so many people moving to Office 365 and the improvements Microsoft has made to the system, it’s now a much more viable option. OneDrive is extremely reliable with an uptime of 99.9% for each of the last four quarters.

Are You Ready for a New Cloud Service Provider?

If you are paying for a service you aren’t getting, or if you have lost data because of unreliable services, talk to your IT provider about a more reliable and economical system.  Managed IT services can assist you in the migration process if you choose a new cloud service provider, and help with all IT needs.

Your time is valuable, and you want your cloud service to be working for you! Call Anderson Technologies at 314.394.3001 for a free consultation.

Use Managed IT Services to Handle Common Tech Problems

4 Common Tech Problems Impeding Your Business’s Growth

Like most business owners who live and breathe their enterprises, you and your long-time employees are probably familiar with the quirks and qualms of your office technology.

Does one of the front-desk workstations sluggishly boot up at the beginning of the day or frequently crash? Do your mobile devices only pick up a wireless internet connection on one side of the office? Simply coping with these issues costs your business valuable time and money.

Without a consistent framework for growth in place to manage your technology, your business may face unnecessary challenges preventing it from reaching full potential. This was the case for the corporate office of a large property management company based in Florida that manages many residential properties throughout the southeastern US and Arizona.

Having grown from a start-up to midsize company in just a few short years, the company inherited a significant number of legacy IT systems and hardware from acquisitions.  It didn’t have a scalable platform to support further growth.  “We’d been growing very quickly and didn’t have a solid foundation for IT,” says Todd Reid, Vice President of Finance and Administration. “As we acquired new properties and hired more people, we decided we needed one standardized system that met all our business requirements and was available to all employees. We couldn’t afford to continue with a mix-and-match approach. It wasn’t efficient.”

“It also became clear that we needed someone to manage IT on an ongoing basis,” says Reid, “not only for the right functionality, but also for security and helping us make the right choices.”

When Reid contacted Anderson Technologies, it was not only to bring on a managed IT services partner to handle an expansive company network, but also to build a platform that could be used to efficiently onboard new properties for years to come.

Principal Mark Anderson worked closely with Reid, first evaluating the corporate headquarters’ immediate needs. The two also discussed to what extent Anderson Technologies would be involved. “At first, we looked at using a consultant,” says Reid, “but we quickly realized that we need more than just a part-timer who is ‘on call.’ We needed someone who was willing to take ownership.”

Anderson quickly identified areas where the company had learned to cope and where radical improvement was needed. With the help of Anderson, Reid and his team became aware of how legacy infrastructure adversely affected the company’s operations.

Four common technology problems came to the forefront after an initial assessment.

  1. Unreliable and Slow Internet Connection

One of Anderson’s first priorities was helping Reid get their internet up to snuff. “The company network was completely wireless, and they were paying for a 300 Mb connection,” says Anderson.  “However, their laptops were only getting anywhere from 1 to 12 Mb. Abysmal!”

From VoIP telephone services dropping or not receiving calls, to slow access to vital documents, a temperamental internet connection has many costs. Inconsistent access or frustrated clients may result in lost sales and wasted time.

Not only was the network unreliable and slow, the entire network was running on a single wireless router provided by their internet service provider—a router without an enterprise-grade firewall. “We had an unsecured network that really didn’t have any kind of firewall on it,” explains Reid.

Anderson recognized the office’s physical environment was greatly impacting the network’s performance and reliability. “They were in a high-density office building,” Anderson says, “so tons of businesses were fighting each other for clean Wi-Fi.”

Wired connections to stationary devices proved a perfect solution. Hardline connections aren’t subject to severe weather or frequency interference. Anderson says, “Unless you hammer a nail through it, the wire in the wall is good forever.”

Maintaining a wireless option was still important to the company. Employees who travel to the properties need an internet connection for their laptops and mobile work devices while they’re at corporate headquarters. To give them the wireless support they need, Anderson Technologies installed a Meraki device, an enterprise-grade wireless network and security appliance.

“What’s great about our Meraki solution,” says Anderson, “is it automatically detects channels with lots of interference and auto-selects the cleanest one. The speed is now dramatically improved.” After Anderson Technologies’ intervention, its wireless devices now regularly see 250 Mb instead of 1 to 12 Mb!

  1. Outdated Hardware

Reid had many remote employees who work on machines that should have been retired years ago, not realizing their equipment barely qualifies as home-grade. This was especially the case with many of its more mature properties. Every property operated under varying technological standards. Machines at some properties were still running Windows Vista!

“We’ve grown really quickly through acquisition,” says Reid.  “Elena [a member of the Anderson Technologies team] helped us put together a survey of all our hardware [at different properties]. She made sure that we knew what was out there and made recommendations for replacement.”

Because the organization was growing so quickly, discovering this information and securing recommendations was vital. Anderson Technologies got “everyone onto hardware that actually works for what we need,” according to Reid.

The recommendations ensured that not only was hardware up to date, but they were enterprise-grade and protected against today’s cyber security threats.

  1. Inconsistent Email Configuration

Beyond building out the company’s hardware and network infrastructure, Anderson Technologies also took charge of internal organization. When onboarding new properties, Reid noticed wildly disparate email configurations. “It was clear that the way it had been configured wasn’t right and there were downsides to continuing to use it,” says Reid.

The answer for these disparate systems was to migrate everything to a single Office 365 environment. This system of tools and applications enables every employee to work on the same cloud infrastructure. Office 365 also houses the company’s email, and moving forward as new properties are acquired, they’ll be seamlessly integrated into the primary email domain.

In concert with Microsoft’s Office 365 platform, Anderson Technologies’ remote monitoring and management platform makes a difference when it comes to IT support and rapid issue remediation. “It’s the right solution for us,” Reid says.

  1. Missing a Strong, Multi-Layered Backup Solution

With the corporate headquarters located in Florida, natural disasters such as hurricanes are a concern to the company. While Tampa was largely spared from 2017’s Hurricane Irma, elsewhere in Florida, more than 58,000 insurance claims were filed for commercial property and business interruption.

“One of our biggest potential IT risks is data loss,” says Reid. “I wanted to make sure that our financial data is covered by a real-time backup solution.”

Anderson installed a Datto device that serves as a standalone server backup with a redundant cloud backup to Datto’s two geographically dispersed data centers. This way, if a disaster hit corporate headquarters, the local data infrastructure could be almost immediately virtualized and made accessible online via Datto’s proprietary cloud platform.

When Reid and his colleagues discussed whether a managed IT service provider was right for them, it became clear that the IT solution Anderson Technologies provided was exactly what they needed. “It’s nice to have somebody who’s monitoring the status, health, and warranty of everything out there to feel much safer against any kind of threat,” says Reid.

What seemingly inescapable tech problems plague your business? Are there issues that may be affecting your speed and efficiency? Are you ready to utilize managed IT services to find out? Let us know by requesting a free consultation today, or call 314.394.3001 to speak with a member of our team!