Contact Us Today!   314.394.3001   |   info@andersontech.com

Working from Home Due to COVID-19: Keep Your Company Data Protected

/in , , /by

Over the past weeks, we’ve worked with many of you to add or increase your work-from-home capabilities as a result of the COVID-19 pandemic. This move not only helps keep our coworkers safe but also our families and the greater community. As our team burns the midnight oil to do our part, our thoughts and prayers go out to everyone affected by this international crisis.

To better assist your work-from-home goals, please be mindful of the dangers of and best practices for remote work.

While social distancing is critical, we must also recognize the risks a remote workforce poses and be vigilant to keep our systems secure. Remote work immediately increases the vulnerability of your company’s cyber security. Suddenly, we’re no longer at one office location with multi-layered security measures in place.  Our surface of attack is exponentially spread into homes that aren’t equipped with enterprise-grade firewalls and onto personal computers that may already be compromised (studies estimate that 1/3 to 1/2 of home machines are).

COVID-19 Scams

Taking advantage of the interest and coverage of COVID-19, cyber criminals are using new tactics in their phishing and malware attacks. Fake coronavirus websites, often with legitimate information from trusted sources, are being created to spread malware. New phishing emails and clickbait links using similar messages are also spreading. Do not trust COVID-19-themed emails, even if they appear to come from governmental sources. If you receive one and think the information may be worth clicking, go instead to the organization’s website. Any official, legitimate updates will be included there.

Avoid falling victim to one of these scams. Follow basic phishing prevention as we’ve explained in our learn page and phishing quiz, and always go to official government sites for coronavirus information.

As with all phishing attempts, never open attachments or links in unsolicited emails. If you know the person who sent it, confirm with them that the email is legitimate first, preferably by means other than email as responses can be faked. When searching for coronavirus information, hover over the link before you click and make sure the URL matches the source it appears to be in search results.

Maintaining Confidentiality

Working from home presents unique challenges to the privacy of your work, but your company’s confidentiality policies and contracts remain in effect no matter where you are. This is especially important if you are subject to HIPAA or other governmental regulations. Keep up to date with all regulatory changes made to accommodate the novel coronavirus situation.

There are measures all remote workers should follow to protect the confidentiality and security of their work space while in a home environment.

  • Always lock your screens when you step away from the computer to keep curious children (or pets) from wreaking unintentional havoc.
  • Work in your own room or create a space away from other members of your household. The space should be isolated enough to avoid onlookers and to conduct work conversations without being easily overheard.
  • When using a company-owned device, keep it locked or turned off whenever you are not with it, and never allow others in your home to use it for any reason.
  • If using a personal device for work, create a separate, password-protected user profile to access company data from. Do not allow others to use this profile.
  • Keep any work papers or confidential information in a safe, preferably locked, place.

Home Network Performance

Home networks, including your internet service, are typically not as reliable as your office IT systems. With the additional load of millions of users across the nation trying to do the same things you are, you will likely face performance issues when working from home. Since home internet often isn’t as fast as your work connection, video conferencing may flake out and remote connections to your office network or devices may lag. The more people taxing your internet with activities such as online learning, streaming, gaming, or video chatting, the more likely you are to have performance issues.

Due to the increased need for high-speed internet to accommodate the sudden influx of both home-based work and schooling, some internet service providers (ISPs) are offering additional speeds for those with no or limited internet access at no extra cost. Others are removing data caps and related fees for those on fixed data plans. If you think you might qualify, contact your ISP for more information.

Home Network Security

Performance isn’t the only potential issue with a home network. Security is a big concern when connecting to the office network from home. Besides the obvious security measures such as having patched, up-to-date computers with strong anti-virus/anti-malware protections, here are a few more tips to securing your home network.

  • Update router firmware if needed.
  • Make sure Wi-Fi has WPA-2 or higher encryption with a strong password (not the default).
  • Update firmware in all IoT (Internet of Things—smart thermostats, cameras, etc.). IoT is often more vulnerable to attack and has been used to infect home networks.
  • Never use default passwords on any internet-connected device.
  • Remove or deactivate all browser extensions not necessary for work. They might seem helpful, but many have tracking embedded in them and some are vehicles for malicious code.
  • Use multi-factor authentication (MFA) whenever available.

Training & Communication

While knowing how to spot phishing and social engineering attacks is essential to network safety, that’s not the only kind of training those who work from home should receive.

Review relevant security and office policies and ensure that you know who to contact if an issue arises. What problems can be resolved by office staff or a coworker, and what problems need to go to IT experts? Work efficiency will suffer if you continually contact the wrong people to resolve your problem. Consider partnering with another team member to check in about potential suspicious activity or emails before reaching out to an IT professional. You may not be alone in experiencing an issue or threat.

 

We’re already taxing our systems and IT personnel; don’t give criminals the edge. Be even more vigilant at home. It’s easy to become relaxed in your own space, but those with malicious intent are also working overtime to capitalize on our situation.

A Cautionary Tale: Lessons Learned from a Mid-Level Manager

/in , /by

The Anderson Technologies blog specializes in sharing the best ways for business owners to up their cyber security game, but sometimes accounts of tech gone wrong prove just as valuable.

Anderson Technologies spoke again with A. A., Chief of Staff of a wealth management firm located in West St. Louis County. Our last interview with A. A. discussed her firm’s network security audit experience and the projects to come with Anderson Technologies. This time, read about what can happen after the network security audit results and why it’s important to address problems as soon as they’re found.

“I should have listened,” A. A. says. “That’s the beginning and the end to this story.”

Server Standstill

Before Anderson Technologies’ network security audit of A. A.’s firm in 2018, the firm already knew server reliability would be one of the first issues addressed. “You told us from the beginning that our server was a liability,” A. A. recalls. Her firm’s previous IT vendor had told her the server was old but still usable, while Mark Anderson flagged it for immediate resolution due to the amount of data and day-to-day tasks the server was responsible for.

“One of the reasons was security issues,” A. A. says. The server was the gathering point for all the firm’s and its clients’ data. “Our entire business is located there, so it was a huge risk for us.” Without guarantees that the server was reliably backing up the firm’s data, Anderson Technologies recommended that A. A. upgrade the server as soon as possible.

Like many other small businesses, the firm was hesitant to drop such a large amount of money on a piece of hardware right after signing on with a new managed services provider. The firm was planning a major update to their business model for mid-2019 and didn’t have a lot of wiggle room in their annual budget. “Anderson Technologies was really good with helping us prioritize what our first steps would be,” A. A. says.

You told us from the beginning that our server was a liability.”

After some planning with Senior System Administrator Eric Dischert, A. A. elected to migrate to the cloud in lieu of investing in a new server before the business model transition. “We already knew that we wanted to move to the cloud,” A. A. says, “so we said we can remove some of this risk by moving over our current files to Office 365.”

Headed for the Cloud

It may not have immediately solved the server problem, but moving to the cloud was a good choice for this particular firm. “We moved as much of our data over to Office 365 as possible,” A. A. recalls. The server remained in production as a bridge to log into the firm’s Active Directory and to scan and store documents locally.

Security was a huge factor contributing to the switch. “In the line of work we’re in as wealth managers, if something happened to our clients’ information, it could be the end of our business,” A. A. says. “It was exceedingly important for us to be proactive in being able to manage our clients’ data efficiently, effectively, and securely.” Migrating to the cloud also allowed for easier and more secure telecommuting, which was exciting for the firm as a whole. “It was simply fantastic to have everything set up and all you have to do is log in through Office 365.”

No Server, No Problem

While Anderson Technologies was preparing A. A.’s firm for the cloud migration, the worst happened. “Server meltdowns are like horror movies for business professionals,” she says, “worst case scenario.” Thankfully, Dischert and some preemptive measures taken by Anderson Technologies kept downtime to a minimum.

“One of the amazing things about the work you do, and especially Eric [Dischert], was he noticed right away before any of us were in the office that something was wrong with the server,” A. A. says. “He reached out to me, did some remote troubleshooting, and came into the office. . . then announced the time of death [of the server] later that afternoon.”

Since the firm had already been preparing for the cloud migration, the server was no longer business-critical at that point but could have created vulnerabilities if not taken off the network quickly. The only loss the firm experienced was scanned images stored on the local server since employees at the firm had already begun reorganizing their workstations’ data to make the transition to Office 365 smoother. “I knew everything would be okay,” A. A. says.

Everything Anderson Technologies did made an unfortunate situation much easier for us to handle.”

Downtime is a major concern when any business’s tech fails, and this firm was no different. “That was one thing that Anderson Technologies did aside from pinpointing the problem early on, ensuring that we did not have lost time,” A. A. recalls. The team was responsive, telling A. A. that “‘we can triage based on your schedules and make sure everyone’s ready the day before’ . . . I think we got a quote of two hours per computer, and they were able to complete everything in our relatively small office in less than half a day. We expected to be out at least a full day.”

In less than one workday, Anderson Technologies successfully migrated all user profiles and got the wealth management firm working from their new cloud platform. If Dischert and the Anderson Technologies team hadn’t flagged the problem during the network security audit and began the cloud migration process in time, the firm might have lost essential data and experienced significant downtime. Early intervention went a long way when it came to handling this meltdown, and A. A. and her team are especially grateful for the comprehensive approach.

Luckily, this is a story of lessons learned rather than a disaster. A. A. says, “Everything Anderson Technologies did made an unfortunate situation much easier for us to handle.”

 

Have you or your business been trapped under lifeless hardware and are considering a switch to the cloud? Cloud migration could be the best solution for you! Contact Anderson Technologies today to learn if you’re eligible for a free network security audit.

Celebrating 25 Years of Anderson Technologies

/in , , /by

This February marks Anderson Technologies’ 25th anniversary providing exceptional IT services for clients in the St. Louis area and beyond. The milestone provides an opportunity to reflect on the company’s journey since its inception and provides a thoughtful lens on how the organization plans to forge a path for the future.

Founding Principals Mark and Amy Anderson met in college as Computer Science majors and started their professional careers in the late ‘80s as software engineers for McDonnell Douglas’ Avionics Laboratories. After several years, their entrepreneurial spirit kicked in and the company was incorporated in February 1995 as an IT consulting firm. “I’ve always enjoyed helping people and being entrepreneurial,” Mark recalls. Like many successful business owners, he has fostered that entrepreneurial spirit from an early age. Growing up in a military family as a seventh grader pushing a lawnmower around the yards of trusting homeowners, he’ll never forget the advice his father brought home from his commanding officer while stationed in Germany: “If in life you always strive to do your very best, work will seek you out.” This became a foundational idea in Mark’s outlook. By demanding honesty, integrity, and excellence in himself, everything else took care of itself. Amy’s strength has always been to implement Mark’s big ideas in a practical and risk-averse way, which fueled the birth of Anderson Technologies.

If in life you always strive to do your very best, work will seek you out.”

Initially the Andersons provided technology consulting to Fortune 500 corporations until the market shifted offshore in the early 2000s. This fueled the company’s move from software engineering to system administration and IT consulting. After the start of the new millennium, Anderson Technologies experienced what Mark and Amy describe as a “quiet decade” while their two children were still young. They gravitated towards custom projects that would serve as the foundation for a new division of the company, Anderson Archival. “We were approached by a client who asked us to do technical project management and archival work for them,” Amy says. “While that was going on, we were also performing system and network administration for a handful of companies and helping with their technology.”

Not only has Anderson Technologies evolved over the course of twenty-five years, but so has the IT industry. “At first there was no such thing as managed services on an ongoing basis, where clients would pay a monthly fee for proactive IT support,” Mark says. Once the IT industry’s standard break/fix model was transformed by the need for vigilant, comprehensive managed services, Anderson Technologies fully embraced and invested in this new way of providing outstanding services to its clients.

“Let’s pivot,” Mark remembers thinking, “to focusing on small and mid-sized businesses who will appreciate a relationship with an IT vendor they can look in the eye and wholeheartedly trust.” Developing this strong client-vendor relationship was the foundation upon which Anderson Technologies built itself.

In order to share this new, proactive managed services approach, the company started by asking small business owners what technical challenges they were trying to overcome—and if it didn’t have a solution for them, the team would find another vendor who could help. “We are known for being an organization who cares and who treats people fairly,” Amy says.

In 2020, Anderson Technologies is focused on growing into a new office space, which is about three times the size of the previous location. “It’s a huge milestone for us,” Amy says. “You can feel the momentum.”

Indeed, the firm blossomed over the last few years alone, nearly doubling in size and welcoming Farica Chang as a partner. For over a decade Farica has been integral to Anderson Technologies. “Farica is extremely talented,” Amy says. “When we make a promise to a client, she along with our wonderful employees, consistently find a way to deliver an exceptional result. Farica is key to the company’s current and future success, and we are so grateful she is now a partner.” Mark agrees. “Farica exemplifies the company’s values so well,” he says. “She’s fearless—there’s nothing she can’t do. Her character, work ethic, and talents have blessed all of us. We wouldn’t be the same company without her.”

Working for Mark and Amy after graduation from UCLA and her professional experience at Fortune 500 companies, Farica notes that the opportunities available as part of a smaller team are immeasurable. “Mark and Amy shared responsibilities with me that I could never have imagined had I been a small cog in the gears of a giant corporation,” she says. “Together we conquered thorny technical challenges and complex project management. They fostered an environment of mutual trust and support—nurtured my development as a leader—and showed me how to care for a client’s needs as we care for our own.”

Together we conquered thorny technical challenges and complex project management.”

Anderson Technologies wouldn’t be where it is today without its people. Each member of the team is a valued piece of the puzzle—offering key unique strengths and devotion to a job well done. “Honestly, I love my work because I love our team,” says Farica. “Even on the busiest days, I know I can turn to anyone for help. Many of my colleagues have been with us for five years or more. I’m so proud of their growth and can-do spirit.”

Mark, Amy, and Farica appreciate this moment to pause and reflect on how vibrant their IT company has become. The last twenty-five years have been busy ones, and they don’t foresee slowing down any time soon. “Our hearts are filled with gratitude,” Mark says. “Gratitude for our wonderful employees, clients, and business partners who have enabled us to realize a dream and together build something truly special.”

Here’s to 25 more years of Anderson Technologies!

For more information about the Anderson firms or to find out how Anderson Technologies or Anderson Archival can provide solutions for your organization, contact us today!

2020 Cyber Security Essentials Checklist

/in , , /by

The start of a new decade brings a sense of changing times and new beginnings. For your cyber security, it marks a good time to review how the state of cyber threats has changed since the time of Y2K or the 2013 Yahoo data breach. With the evolving threats and methods deployed in cyber crime, basic security standards have also progressed to keep your network safe. Do you know the basic security measures you should take to protect your business in 2020?

Download your copy of Anderson Technologies’ Cyber Security Essentials Checklist for 2020!

Verify everything!

We’ve talked before about the Zero Trust model for IT security. Even if you aren’t ready to bring your entire IT architecture up to Zero Trust standards, several of its security measures are now common-sense protections against modern cyber threats.

MFA

Multifactor Authentication (MFA) is quickly becoming the gold standard for preventing unauthorized access to your systems. In an age of Have I Been Pwned’s free credential checking and the all-too-often reuse of passwords, the question is no longer if your usernames and passwords have been stolen, but when and which ones.

MFA is the most basic way to prevent someone with stolen credentials from accessing your systems, and comes in various iterations, from an email or text code to authentication apps and security dongles like or RSA SecurID tokens. It’s a simple measure that ensures the bad actor needs more than a stolen credential to compromise your systems.

Access Controls: Minimum Necessary Use (Need to Know)

The days of free access within an organization are over. Clearly defining user roles and necessary access permissions is essential. There’s no reason for an intern to have the same access to your systems as the office manager or IT staff. Segmenting user access to the minimum necessary for their job performance means that if one employee is compromised, the bad actor won’t be able to reach every part of your business.

Stop Viruses and Malware in Their Tracks!

It’s common knowledge that anti-virus and anti-malware are required in this day and age, but remember that if your software firewall or anti-virus program catches an intrusion, the threat has already made it into your systems.

Know Your Hardware

Businesses need to understand the difference between a hardware firewall and a software firewall. You need to have the best protection against cyber threats, but many business owners don’t realize they are missing the necessary hardware firewall. Go to your IT closet and take a close look. Can you identify your modem, router, and hardware firewall? They are three different pieces of equipment, and if you aren’t sure which is which, talk to your IT staff or MSP to make sure all three are in place and properly configured for maximum protection and minimum interference.

Training and Filters

Firewalls and anti-virus programs won’t be of much use if an employee clicks a link in a phishing email and lets the bad actors in. Blacklisting certain websites and installing email filters like Proofpoint are great first steps for keeping malicious links and emails from getting through, but the biggest way to prevent phishing is training your employees how to recognize it. These tactics are too prevalent not to invest in comprehensive employee training.

Update! Update! Update!

Nothing invites bad actors into your systems like an unpatched computer, such as Windows 7 which stops receiving updates after January 14, 2020. Security updates are not just slight improvements; they often fix known bugs and zero-day threats that bad actors can use to infiltrate or bypass the implemented security safeguards. Without keeping up to date with your security updates, criminals can exploit unpatched vulnerabilities to breach your security and either install malware on or extract valuable and private information from your systems. So, when an update appears, make sure it gets installed right away and upgrade un-supported software as soon as possible.

Be Prepared for a Breach

The era of small businesses being too little to be profitable to hackers is long gone. Small, medium, and large business are all targets for cyber criminals and it’s essential to think not in terms of if you are breached, but when you are breached. How can you mitigate the risk or minimize the damage a breach could do to your business?

Backups

No business in 2020 should be without comprehensive and secure daily backups of their IT systems. Properly configured and tested backups are your insurance against ransomware and natural disasters. If you know you can restore all your data effectively and quickly from backups, there’s no need to pay a ransom for the hope you can get all your data back.

But don’t just grab the first out-of-the-box backup solution you find. Make sure your backup provider doesn’t keep only one iteration, meaning if your backup gets infected, you have no other options. Configure the solution correctly to back up all the information you need.

Encryption

If you are in a HIPAA-regulated industry, encryption is not optional. It’s the best way to prevent unauthorized breaches when mobile devices and laptops are lost or stolen. A properly encrypted laptop lost on a business trip isn’t a breach even if ePHI is on it, since the encryption prevents anyone who finds the machine from accessing the data.

Encryption is a good idea for any business that uses laptop and mobile devices for work purposes. The last thing you need is someone finding a lost phone or laptop and suddenly having access to sensitive business information or programs.

The Daily Routine

Sometimes it’s the little things that end up being the source of a cyber intrusion. These security measures may seem like common sense, but that doesn’t mean you shouldn’t have a clear policy for them. Failure to follow basic procedures everyday can open the door for cyber criminals.

Passwords and Password Managers

Reusing or only making minor alterations to passwords across applications is a major problem. Too many passwords are hard to keep straight, but people struggle even more to remember secure randomized passwords. This can lead to the worst-case scenario of employees writing down passwords that anyone could find. Having a long phrase or sentence the employee can remember is best practice, but if you have a lot of programs that require passwords, you don’t want employees using only one across the board.

Password managers like Myki or LastPass are a great solution to this problem. Employees can create the long, randomized alpha-numeric passwords, which are considered most secure, without the need to write them down or repeat the same password over and over. These services also provide apps for mobile phones so employees don’t need to be at the desk to access their passwords.

Screenlocks

Not every company institutes a screenlock timeout procedure for their business, but it’s a simple and effective security measure, especially if parts of your business are open to the public (HIPAA requires it). Even if you don’t have any public areas, screenlock policies can prevent insider threats from gaining access to an employee’s computer or information simply because they forgot to lock the computer before they left their desk. Make sure the screenlock requires a password and isn’t delayed to the point it’s useless to protect your information.

If you don’t have these basic policies and procedures in place, it may be time to re-evaluate the security measures you are using. Were they created for a different time and threat landscape? Can they continue to protect you against modern cyber crime? If not, it’s time to step up your basic security measures and stop criminals before they sneak into your business.

 

If you need help determining if your current security measures are adequate to protect your business, contact us today for a free consultation!

Robots? Working with Me? It’s More Likely Than You Think

/in , , /by

Remember Roomba? Maybe you have one, zipping around your home, getting caught under furniture and amidst wires. That seemingly simple machine, armed with programming and dust-sucking, became seamlessly integrated in the lives of millions. But even at the height of the Roomba revolution, there wasn’t a lot of talk about smart vacuums stealing our jobs or taking over our homes.

Everyone is fascinated with artificial intelligence right now. It is hard to deny the buzzword power of the term. Tinged with fear or awe, AI often feels like the answer to everything—or our impending downfall.

The reality is far from either. As it stands now, AI like the programming in Roomba, or Roomba’s grown-up relatives found at Walmart and Giant Foods, is a powerful tool. Limited to specific tasks or deep learning, AI may just be the best coworker you’ve ever had.

Is AI Coming for Our Jobs?

Here’s the truth: For employees whose primary job function may easily be replaced by single-task AI, the job hunt may be on. Computer-screen ordering interfaces and shipment-sorters may in fact reduce hours for the humans who previously held those positions and others like them. Fortunately, many businesses are utilizing AI as an opportunity to free their employees for more complex and customer-facing tasks.

For every job that might be eliminated or reduced, there are many more that just don’t work without human hands and minds.

And because thankless tasks are becoming automated, human workers can now spend their time and energy immersed in the more creative aspects of their jobs.

AI and IT: Working Together for You

It may not surprise you to learn that IT is currently the field most welcoming to our AI coworkers. For IT managed services firms that balance the cutting edge with enhanced security, a cautious approach still finds that within specific, defined roles, AI provides valuable services.

Tools like firewalls, antivirus, and remote monitoring, among others, are IT staples that frequently employ AI. There is a firewall AI, for example, that can be programmed to track traffic patterns (volume, uploads and downloads, behavior on websites), and if something appears contrary to what has been deemed “normal” patterns, the associated software can automatically isolate a user’s workstation and alert a human team member that there has been a potential compromise.

Deployed on a larger scale, this type of monitoring and pattern-detecting AI frees IT professionals from manually watching the same traffic. This means billing hours go to solving problems and providing meaningful solutions instead of wondering if a large file download is suspicious.

AI also has the potential to detect patterns and flag issues that human experts can’t identify themselves. Given data sets and known problems, machine-learning AI may move the IT industry into truly predictive safeguards. If used widely, this could mean no more frantic break-fix calls after hours because AI team members have long since identified the developing issue, and human counterparts have already fixed it.

AI as part of a managed services offering doesn’t have to feel inhuman. As a tool utilized by humans in order to provide an enhanced, fuller package of IT services, AI improves experiences.

 

Do you have questions about AI and what it could do to improve your business’s IT systems and cyber security? Call Anderson Technologies today at 314.394.3001 or send us an email at info@andersontech.com.

Should You Break Up with Your MSP?

/in , /by

How one St. Louis practice shed an underperforming MSP and questions to ask so you don’t end up in the same situation


Relationship challenges occasionally happen, even between businesses.

It’s frustrating when a potential vendor promises epic solutions to all your problems, but over the course of months or years prove themselves not up to the task. This was the case for M. C., owner of a St. Louis healthcare practice. She recently sought the help of Anderson Technologies to replace her managed services provider of over a decade. “I was pretty loyal to them,” M. C. says, “but it was nightmare after nightmare for ten years.”

A self-described workaholic, M. C. didn’t have time to spend worrying about the technology that carried her practice. “IT is the skeleton of [most] businesses in America today. If you don’t have it, then your practice has no skeleton. It’s just a floppy amoeba.” Much like the revenue lost during business downtime, time wasted waiting for computers to meet performance expectations or techs to return your phone call is a drain on your business’s resources.

Your managed services provider (MSP) should be working with you, not against you. According to M. C., an MSP and the work they do for your business should feel like “a blessing from God.” Here are four questions you should be asking to determine whether or not your MSP relationship is benefiting your business.

  1. Are they professional? Can I unequivocally trust them in my office and home?

M.C.’s relationship with her former MSP started with a trusted colleague’s recommendation. System administrators were in and out of her office and home, providing service on her internal systems and home workstations for remote connectivity. Her practice used specific programs and hardware daily. It was essential that these functions were reliable and safe for patients.

“Anyone with an EMR [electronic medical records] system really needs to have the best IT possible,” M. C. says.

If you don’t have good IT, you’re out of luck.”

It was when M. C. needed to move her practice to a new location that she realized how many problems the vendor had overlooked or, in some cases, caused.

“I had just spent $10k getting all new computers and they still weren’t working,” M. C. recalls. “They recommended that I change phone systems to save money, but what they actually did is cut out my fax and the phone situation just got worse.” These issues surfaced when one of M. C.’s employees pointed out that on the day of the install, the MSP only spent ten minutes on-site. Along with a few other questionable interactions with the MSP’s team at her home, M. C. began to lose complete trust.

  1. Are they communicating effectively?

After M. C. realized the extent of her technical problems, she reached out to the owner of the company, a person she felt she could trust. However, the owner wouldn’t acknowledge that his employees had been careless and made mistakes.

Aside from her annoyance with the work the company did do, it was often difficult to reach help during her early and long work hours. “I was at the point where I had to demand they come and fix things,” M. C. says. Communication breakdown reached a head when M. C. contacted the owner once more, only to be berated. “I had spent thousands of dollars at this point, and all he had to say was, ‘Why are you bothering me? You’re a demanding client.’”

  1. Are they taking ownership of their work and keeping detailed records of all solutions?

One reason problems weren’t getting resolved was because the MSP seemed very unorganized. Every time M. C. or one of her employees contacted the company about a problem, they acted like they had never stepped foot in the office, let alone replaced all the hardware.

“Troubleshooting was nearly impossible,” M. C. says. “After ten years they knew nothing. No organization, no blueprints of what I had, what went where.” The company also constantly insisted on upgrades to the practice’s hardware, but would replace them with old computers that were clearly used and not up to enterprise standards. Hardware replacement policies are a common MSP requirement, but the level of disorganization around the “new” computers they were recommending seemed suspicious. “It’s like there were no records of any improvements or work done.”

Mark Anderson stresses with importance of industry software and documentation with Business News Daily.

  1. Are they keeping their promises?

It took ten long years for M. C. to face the facts: her business relationship with her MSP was no longer serving her well. The promises the MSP made at the beginning of their partnership had never been realized. “My practice’s management system was still getting popups and crashing, computers were still slow and congested, we still had outdated hardware, no fax, scanners, or remote connectivity,” M. C. describes. “Systems were still so slow, and even slower when working remotely.”

She felt the managed services company took advantage of her, taking her money and then slapping Band-Aids on problems to conceal the bigger issues. “I was nervous spending the money to start over,” M. C. says. “It’s like getting divorced and finding someone new. For ten years I had the patience of Job, but I think it wasn’t really patience—I was just scared.”

Thankfully, she reached out to Anderson Technologies, which was able to quickly extinguish the immediate fires. “Once Anderson took over, 99% of the problems went away immediately.” Instead of making huge promises at the beginning of the partnership, Mark Anderson and the team developed a strategic action plan to implement long-term improvements.

Anderson Tech is reachable, affable, quick, professional,” M. C. says. “It’s been nothing but professionalism and action, ‘true to their word’ situations. I have never gone this long in my ten years where I didn’t have a problem.”

Now that M. C.’s IT infrastructure is efficient, reliable, and secure, she can focus on her clients and allowing her business to really grow over the next ten years. Thousands of dollars and a decade of frustration later, M. C.’s practice is building a new relationship with Anderson Technologies: “I wish I had met you ten years ago!”

 

To find out more about reevaluating your IT partnership, give Anderson Technologies a call today. We can be reached at 314.394.3001, and look forward to hearing from you.

Downtime Lifeline: One Law Firm’s Battle with Outdated Tech

/in , , /by

When companies, non-profits, or entire city governments find themselves victims of cyber crime, it can feel like they’re frozen as the world moves on around them. This feeling, to a lesser degree, might also come as you’re sitting in front of your office computer every morning, twiddling your thumbs waiting for it to boot up so you can finally start your work day.

Ransomware looms as one of the biggest business tech threats of 2019. Organizations of all sizes are finding themselves in the cross-hairs of cyber crime actors who seek high payouts from insurance agencies and panicked data hostages. Why are some companies so quick to pay off the ransom?

Too often it’s the fear of downtime, or money lost while hackers obstruct you from your data and your business’s day-to-day operations. However, while ransomware dominates the tech industry news, a much more common and avoidable cause of downtime significantly affects organizations without raising alarms—outdated technology. A minute lost every time you try to access a file or launch your internet browser adds up quickly over the course of days and weeks. These wasted (and often-unnoticed) minutes can mean thousands in lost revenue for your company.

Let’s explore the real-life implications of business downtime due to hardware and software that has long been ready to be replaced. Luke Bragg, Lead System Administrator at Anderson Technologies, witnessed this firsthand.

Efficient Until Obsolete

A St. Louis business law firm reached out to Anderson Technologies in 2018 for help. Their old server was dying. It hadn’t been patched or updated in over a year, leaving it vulnerable to ransomware and other cyber attacks.

“Security was a major concern,” Bragg says. Slow speeds and cyber vulnerabilities were starting to impact the firm’s daily operations. Days after contacting us for help, the firm’s aging server experienced a catastrophic system failure and died altogether: “The server completely failed, and we had to keep them functional on emergency hardware while we put a new server in place.” Thankfully, the failure wasn’t caused by ransomware or another cyber attack, but the law firm felt how close they came to experiencing futile downtime.

Read more about the effects of downtime on a business here!

Downtime can be detrimental to any business, but some may feel the effects more strongly than others. Law firms constantly collaborate with other businesses and clients, as well as government organizations and the judicial system. Timing can be what makes or breaks a potential account. “Every business is different in how much downtime they can tolerate,” Bragg explains.

“This is a law firm, so their workflow is very critical with very little room for outages.”

Tell Old Tech to R.I.P. (Replace Itself Promptly)

The crashed server was a wake-up call, and acted as a jumping-off point for replacing more of the firm’s outdated hardware. Their workstations and wireless network benefited from a sprucing up as well.

Aside from the obvious security breaches, law firms and all kinds of other organizations suffer from negative effects of downtime due to antiquated tech. Employee productivity suffers when hardware is sluggish or undependable. Similarly, websites that aren’t mobile-optimized or user-friendly could turn away potential clients and impact your company’s digital presence.

Law firms especially run ethical risks when using outdated technology. “Technological competence” is a modern addition to the American Bar Association’s Model Rule 1.1. The last thing a law firm wants is a law suit because negligent treatment of the devices they use every day caused harm to a client. A big part of the work Anderson Technologies did for this law firm involved maintaining uptime and strengthening security during the hardware upgrade.

“Law firms tend to have constant workflows that are time sensitive,” Bragg says. “The key to success is being extremely detailed and properly communicating every step with the client so that scheduled downtime for things like network upgrades or system replacements is properly planned and the client’s expectations are factored into the equation.”

Anderson Technologies is now focused on replacing the firm’s outdated Windows 7 machines before the January 14, 2020, end of life deadline. “No other major projects are on the horizon at this point,” Bragg says, and the firm can rest easy knowing their new server is secure.

Businesses in need of a top-notch attorney wouldn’t wait until the last minute to seek out critical legal advice.  Similarly, this St. Louis law firm discovered the value of employing knowledgeable and proactive IT experts well before the threat of downtime surfaced.

 

You don’t want to find yourself drowning in downtime because of outdated technology equipment. To find out if your business could use a tune up, contact Anderson Technologies today.

5 Fraud Trends and How to Beat Them: Top Tips to Implement for Cyber Security Awareness Month

/in , , , /by

Every October, Cyber Security Awareness Month is a time to learn, assess, and make changes to protect yourself and your business from the latest, most sophisticated dangers. Beyond damages to reputation and production, monetary costs from cyber crime add up in the billions of dollars.

Stay safe and aware this October. Here are five fraud trends that you’ll want to know:

Fabrication

Synthetic identity fraud is a cyber crime long game. First, a hacker procures a social security number by theft or purchase on the Dark Web, and then fabricates an associated name, DOB, email account, or phone number. From there, the fake identity is legitimized and nurtured.

Once a fraudster is able to become an authorized user for lines of credit, a process that typically takes 5 months, the “bust-out” is ready to be executed. This leaves creditors and businesses with dummy accounts filled with credit card maximums, loans, and cell phone/utility plans.

Ransomware

Ransomware can send chills down the spine of any business owner, and for good reason.

Two cities in Florida were forced to pay over a million dollars in aggregate bitcoin ransom after losing access to phone and email systems for multiple weeks. A quick glance at data breach headlines on any given week will reveal SMB attacks as well. Ultimately, ransomware boils down to economics, and it will require a concerted effort by organizations to shift the paradigm, refuse to pay criminals, and protect data before attacks.

Business Email Compromise (BEC)

A sophisticated scam, BEC targets anyone who regularly processes requests for electronic fund transfers. The scammer compromises an email account through phishing or intrusion tactics and requests that transfers of funds or personal information such as W2 forms be sent immediately.

Because the request comes from a familiar face, and may even be routine, this scam is highly effective—and very expensive. As of July 2019, total dollar loss has exceeded $26 billion.

Account Takeover (ATO)

The commoditization of crimeware and “spray-and-pray” techniques have led to a higher frequency in breaches, many of which are executed by non-sophisticated hackers. Solving ATO fraud at the small and medium business level in today’s world requires purpose-driven teams and technologies that can protect your business in a smarter, more efficient way.

Dark Web

Security researchers estimate that in the first half of this year alone, over 23 million credit and debit card details were being sold in underground forums. What’s worse, nearly two out of every three originated in the United States (64%), followed by the UK (7%) and India (4%). Once such data dumps hit the Dark Web, cyber criminals will exchange stolen information and credentials in order to orchestrate damaging fraud schemes.

Now that you know some of the trends in cyber crime, here are several helpful solutions.

Guard yourself and your business against these threats. Here are our Top 12 Cyber Security Tips:

  1. Involve all stakeholders in raising cyber security awareness across your organization.
  2. Backup key data regularly and perform scheduled test restores to ensure their integrity.
  3. Enable multi-factor authentication company-wide and establish and enforce an appropriate password policy for all users.
  4. Install enterprise-grade anti-malware and spam-filtering solutions with anti-phishing capabilities across your network.
  5. Leverage internet content filtering to block phishy websites.
  6. Prepare for cryptojacking attacks.
  7. Purchase SMB security suites that include Dark Web monitoring.
  8. Assess your organization’s cyber security policies and procedures and review annually.
  9. Ensure that all third-party partners have cyber security protocols and policies in place.
  10. Build a cyber security incident response plan and democratize key information.
  11. Bind an appropriate level of cyber security insurance to cover your company in case of a breach
  12. Partner up with expert managed IT services providers to train your employees and implement the above.

Awareness and action go hand in hand. This Cyber Security Awareness Month, contact Anderson Technologies to protect your business from the newest threats, and enhance business functions every day.