Some important reminders and guidelines to follow for any business focused on IT security, but our guide on maintaining a secure work environment from home is especially prescient for those seeking flexible options for their employees!
Computers can be a real source of frustration. Even professionals outside the tech field know that IT issues can be some of the most maddening for employers and employees alike. Seemingly out of nowhere, technical systems can malfunction or seem to run differently in a way that hinders productivity and ideal workflows. Workers who use technology every day tend to adapt over time to work around these daily frustrations for fear of making the problem worse.
IT problems require brainstorming, troubleshooting, and teamwork. When confronting a work-interfering IT issue with your in-house tech support team or MSP, you may feel discouraged if a resolution is proving difficult or slow to appear. At Anderson Technologies we recognize that if a technical challenge beyond the everyday arises, multiple eyes and minds working together are needed to get to the root cause.
Strive Fails to Thrive
Strive Dental’s* story of complex IT issues began in 2020, when owner Dr. R contacted Anderson Technologies for help with an operating system that was no longer going to be supported once Windows 7 reached end of life. Dr. R had reached out to the firm years before, but ultimately chose a competing IT vendor to partner with. Now they were seeking another IT perspective, and Anderson Technologies was happy to help.
The small dental office’s hardware was severely under-performing due to Windows 7 running on all the employee’s machines. Their hardware was old and had passed through the hands of multiple IT vendors, and the in-house application they used to manage patient data was installed on a Windows 7 computer rather than a server. Each night, employees had to manually copy their patient data to a CD in case the computer or application crashed. Even worse, their machines ran an outdated version of the application, which gave the software vendor the option to refuse to support the product.
Strive Dental’s challenges proved that the techie adage “breaking one thing by fixing another” carries a sizable nugget of truth.
The older the systems became and the farther behind their software fell, Strive’s team became increasingly locked into a routine that required unnecessary steps and risks.
Anderson Technologies and Dr. R developed a game plan to replace some of Strive Dental’s old hardware and create a new server environment with more reliable security and backups. System Administrator J.R. Reynolds says, “We formulated a multi-tier approach that spanned over three weeks, starting with replacing all three of their employee workstations with brand new machines.” Anderson Technologies’ experts went on site to install the computers and migrate their data from the old machines.
“We installed the server on the same day, and worked with their vendor to install a clean version of their application on to the server,” Reynolds explains. “After upgrading the database that housed their patient data, we migrated the data to the new server and verified access from all of their workstations.” Knowing the amount of protected patient data imported to the new server, the team installed a brand-new switch, firewall, and wireless access point to round out Strive Dental’s infrastructure upgrade.
Strive Dental’s next technology hurdle was not due to the new computers themselves but rather stress on the surrounding infrastructure. Reynolds recalls, “When we attempted to verify the connectivity from the user workstations to the new network equipment, we were getting connectivity far slower than expected.”
Upon inspection, the team found three individual routers installed between the main switch and the workstations. These old, daisy-chained routers didn’t allow for the faster speeds granted by the new switch. “We had to remove all of the old routers’ wiring,” Reynolds says, “and replace them with custom-length cables that ran directly from each device to the new switch.”
Once resolved, the greatly improved network speed amplified another slow performance issue lurking inside their in-house patient management application. Anderson Technologies attempted to troubleshoot the issues with the application’s vendor. After forty hours of working with the vendor to resolve the problems, the vendor finally revealed that they had known about the issue for several months and were still working on a solution.
When Reynolds and the Anderson Technologies team brought their findings to Dr. R, both parties came to the conclusion that other software suites might be a better fit for Strive Dental. “We’re currently piloting software from another vendor that has a far superior application to track their patient data,” Reynolds says. With their shiny new machines, Strive Dental’s employees no longer have problematic software as a foregone conclusion.
Strive Dental’s challenges proved that the techie adage “breaking one thing by fixing another” carries a sizable nugget of truth. Often solving technical issues reveals other infrastructure problems that may have gone unnoticed if not for fixing the issue masking it—especially during a time when we’re all forced to adapt to new tech situations very quickly.
A problem’s root cause can almost always be detected with perseverance—and by having a team of dedicated professionals on your side. Been thinking about how you can improve your office infrastructure or circumvent everyday complications to make work smoother? Give us a call today at 314.394.3001!
*Business name has been changed and personnel redacted as part of Anderson Technologies’ dedication to client cyber security.
Businesses across all verticals are struggling to adjust to the new digital workplace driven by COVID-19 and social distancing efforts. However, businesses fortunate enough to stay afloat rely now more than ever on IT vendors and IT managed service providers (MSPs) to keep their employees online and working.
What does a national emergency and sudden loss of normalcy look like for clients of an MSP?
Answering the Call
You’re probably used to seeing your MSP technician at your workplace, installing a new piece of equipment or troubleshooting a persistent issue. But since on-site IT support has halted until the COVID-19 pandemic ends, how are MSPs tackling hardware solutions?
IT Support Coordinator Elena Estrada describes COVID-19’s effect on hardware acquisition as “a perfect storm.” Businesses across the nation raced to purchase laptops for their workers transitioning to work from home—MSPs included. “Lots of our clients realized they didn’t have laptops or home systems to be able to remote into their work computers,” Estrada says. “It caused a mass panic for retail laptops.”
Anderson Technologies typically works with a few trusted outlet partners to provide the best hardware for their clients, but ordering laptops the usual way quickly became impossible as outlets sold out seemingly overnight. MSPs had to get a little creative. “We needed to find other options,” Estrada says. “A local electronics store had laptops in stock that weren’t necessarily what we normally send to clients, but we bought extra sticks of memory to accommodate. We had to bring multiple employees to the store because there was a two-system limit on hardware purchases.”
But finding enough hardware wasn’t the only difficulty. “The most challenging aspect is trying to navigate things that require physical interaction,” says Estrada. “Those types of situations are hard to work out.” Many of Anderson Technologies’ clients are local to the St. Louis area, meaning that mailing or shipping necessary hardware isn’t a customary practice, not to mention it puts unnecessary pressure on essential delivery personnel.
Channels of communication between MSP and client are more important now than ever. One of Anderson Technologies’ clients recently needed a laptop for a new employee. The configured laptop was ready to be given to the client on a Friday, but since the employee would be starting that Monday, the laptop wouldn’t arrive in time if shipped. Anderson Technologies was able to coordinate a drop-off plan with the client, but it shows how challenging it can be to safely navigate and standardize these situations from a business perspective.
Need for Speed
Many businesses have temporarily closed their doors due to statewide stay-at-home orders, and entire companies now work from home every day. When you’re used to working in your professional environment, it’s pretty easy to tell when something isn’t working correctly. This isn’t the case when working from home, especially if you’re doing it for the first time. Working from home exposes users to threats they would normally never encounter in their workplace.
“A lot of residential internet plans are not as fast as what they’re used to in the office, which causes some issues with their work,” Estrada says. “Many times, they think it’s a hardware issue or an issue with the program they’re using, but it ends up being that they need a bit more patience with their current speeds.” This makes managing expectations essential to working from home successfully, both for the MSP and the end user.
“I think the majority of people who have transitioned from their office to their home don’t realize that home internet greatly impacts their working-from-home experience,” says Senior System Administrator Eric Dischert. “Throw in some kids streaming music and The Office re-runs on the same connection, and the work-from-home experience degrades quickly.”
“Another issue is the internet line running to their actual office,” Dischert warns. “If that connection is sub-par or there are many users remoting into their work computers, that bandwidth shrinks and might need a boost.” When your work day relies on two internet connections functioning properly, you may experience more hiccups than you would at your normal workstation—meaning more work for your MSP.
Even as MSPs are problem solving new kinds of technical issues, they’re also adjusting to working within stay-at-home orders themselves. “Remoting capabilities have made things pretty seamless,” Estrada says. Anderson Technologies already incorporates remote monitoring software as part of their managed services plan, which made the transition a little easier for providing quick technical support.
Lock Your (Virtual) Doors
The COVID-19 pandemic has affected the globe, and bad actors all over the world are taking advantage of the newly-digital workforce. They are tweaking their phishing methods and other online attacks to sneak their way onto your more vulnerable home networks. Remote workers, stressed about their safety and livelihoods, look like sitting ducks to malicious actors. Every cyber security crack must be sealed.
Cyber security training has always been an important part of the MSP-client relationship, but businesses are kicking it up to protect their remote workers. “There are a lot of security issues involved in working from home due to lack of experience in doing so and just being a bit more comfortable in your home,” Estrada says. “Users aren’t as guarded.”
Distractions themselves contribute to users letting their guards down and create opportunities for phishers. “Personally, there are a lot of distractions at home that take my attention,” Dischert says. “Kids, dog, spouse, etc., are all buzzing around and it’s hard to concentrate, especially for people who normally do not work from home.”
Even after the pandemic ends, MSPs expect to see an uptick of clients seeking work-from-home solutions. This is part of a trend that’s been growing for over a decade, as the number of US employees working remotely has increased 159% over the last 12 years. Some workers thrive in their home environments where work arrangements are more flexible, reducing stress and increasing morale. These workers may choose to incorporate virtual desktop software or hardware setups that are easier to carry back and forth to the office.
Until it’s safe to return to their normal routines, America’s workforce will continue to adapt to the daily changes in this pandemic’s trajectory. But working from home doesn’t have to leave you vulnerable or without IT support when you’re working with an MSP. Expert MSPs know that disasters and emergencies are why it’s important to make sure your networks are healthy from the start.
Need help transitioning to a WFH model? Call Anderson Technologies today at 314.394.3001 for a free consultation!
Over the past weeks, we’ve worked with many of you to add or increase your work-from-home capabilities as a result of the COVID-19 pandemic. This move not only helps keep our coworkers safe but also our families and the greater community. As our team burns the midnight oil to do our part, our thoughts and prayers go out to everyone affected by this international crisis.
To better assist your work-from-home goals, please be mindful of the dangers of and best practices for remote work.
While social distancing is critical, we must also recognize the risks a remote workforce poses and be vigilant to keep our systems secure. Remote work immediately increases the vulnerability of your company’s cyber security. Suddenly, we’re no longer at one office location with multi-layered security measures in place. Our surface of attack is exponentially spread into homes that aren’t equipped with enterprise-grade firewalls and onto personal computers that may already be compromised (studies estimate that 1/3 to 1/2 of home machines are).
Taking advantage of the interest and coverage of COVID-19, cyber criminals are using new tactics in their phishing and malware attacks. Fake coronavirus websites, often with legitimate information from trusted sources, are being created to spread malware. New phishing emails and clickbait links using similar messages are also spreading. Do not trust COVID-19-themed emails, even if they appear to come from governmental sources. If you receive one and think the information may be worth clicking, go instead to the organization’s website. Any official, legitimate updates will be included there.
Avoid falling victim to one of these scams. Follow basic phishing prevention as we’ve explained in our learn page and phishing quiz, and always go to official government sites for coronavirus information.
As with all phishing attempts, never open attachments or links in unsolicited emails. If you know the person who sent it, confirm with them that the email is legitimate first, preferably by means other than email as responses can be faked. When searching for coronavirus information, hover over the link before you click and make sure the URL matches the source it appears to be in search results.
Working from home presents unique challenges to the privacy of your work, but your company’s confidentiality policies and contracts remain in effect no matter where you are. This is especially important if you are subject to HIPAA or other governmental regulations. Keep up to date with all regulatory changes made to accommodate the novel coronavirus situation.
There are measures all remote workers should follow to protect the confidentiality and security of their work space while in a home environment.
- Always lock your screens when you step away from the computer to keep curious children (or pets) from wreaking unintentional havoc.
- Work in your own room or create a space away from other members of your household. The space should be isolated enough to avoid onlookers and to conduct work conversations without being easily overheard.
- When using a company-owned device, keep it locked or turned off whenever you are not with it, and never allow others in your home to use it for any reason.
- If using a personal device for work, create a separate, password-protected user profile to access company data from. Do not allow others to use this profile.
- Keep any work papers or confidential information in a safe, preferably locked, place.
Home Network Performance
Home networks, including your internet service, are typically not as reliable as your office IT systems. With the additional load of millions of users across the nation trying to do the same things you are, you will likely face performance issues when working from home. Since home internet often isn’t as fast as your work connection, video conferencing may flake out and remote connections to your office network or devices may lag. The more people taxing your internet with activities such as online learning, streaming, gaming, or video chatting, the more likely you are to have performance issues.
Due to the increased need for high-speed internet to accommodate the sudden influx of both home-based work and schooling, some internet service providers (ISPs) are offering additional speeds for those with no or limited internet access at no extra cost. Others are removing data caps and related fees for those on fixed data plans. If you think you might qualify, contact your ISP for more information.
Home Network Security
Performance isn’t the only potential issue with a home network. Security is a big concern when connecting to the office network from home. Besides the obvious security measures such as having patched, up-to-date computers with strong anti-virus/anti-malware protections, here are a few more tips to securing your home network.
- Update router firmware if needed.
- Make sure Wi-Fi has WPA-2 or higher encryption with a strong password (not the default).
- Update firmware in all IoT (Internet of Things—smart thermostats, cameras, etc.). IoT is often more vulnerable to attack and has been used to infect home networks.
- Never use default passwords on any internet-connected device.
- Remove or deactivate all browser extensions not necessary for work. They might seem helpful, but many have tracking embedded in them and some are vehicles for malicious code.
- Use multi-factor authentication (MFA) whenever available.
Training & Communication
While knowing how to spot phishing and social engineering attacks is essential to network safety, that’s not the only kind of training those who work from home should receive.
Review relevant security and office policies and ensure that you know who to contact if an issue arises. What problems can be resolved by office staff or a coworker, and what problems need to go to IT experts? Work efficiency will suffer if you continually contact the wrong people to resolve your problem. Consider partnering with another team member to check in about potential suspicious activity or emails before reaching out to an IT professional. You may not be alone in experiencing an issue or threat.
We’re already taxing our systems and IT personnel; don’t give criminals the edge. Be even more vigilant at home. It’s easy to become relaxed in your own space, but those with malicious intent are also working overtime to capitalize on our situation.
Learn all about the managed services model of IT support, and understand the differences and benefits when compared to the traditional “break/fix” model.
The Anderson Technologies blog specializes in sharing the best ways for business owners to up their cyber security game, but sometimes accounts of tech gone wrong prove just as valuable.
Anderson Technologies spoke again with A. A., Chief of Staff of a wealth management firm located in West St. Louis County. Our last interview with A. A. discussed her firm’s network security audit experience and the projects to come with Anderson Technologies. This time, read about what can happen after the network security audit results and why it’s important to address problems as soon as they’re found.
“I should have listened,” A. A. says. “That’s the beginning and the end to this story.”
Before Anderson Technologies’ network security audit of A. A.’s firm in 2018, the firm already knew server reliability would be one of the first issues addressed. “You told us from the beginning that our server was a liability,” A. A. recalls. Her firm’s previous IT vendor had told her the server was old but still usable, while Mark Anderson flagged it for immediate resolution due to the amount of data and day-to-day tasks the server was responsible for.
“One of the reasons was security issues,” A. A. says. The server was the gathering point for all the firm’s and its clients’ data. “Our entire business is located there, so it was a huge risk for us.” Without guarantees that the server was reliably backing up the firm’s data, Anderson Technologies recommended that A. A. upgrade the server as soon as possible.
Like many other small businesses, the firm was hesitant to drop such a large amount of money on a piece of hardware right after signing on with a new managed services provider. The firm was planning a major update to their business model for mid-2019 and didn’t have a lot of wiggle room in their annual budget. “Anderson Technologies was really good with helping us prioritize what our first steps would be,” A. A. says.
You told us from the beginning that our server was a liability.”
After some planning with Senior System Administrator Eric Dischert, A. A. elected to migrate to the cloud in lieu of investing in a new server before the business model transition. “We already knew that we wanted to move to the cloud,” A. A. says, “so we said we can remove some of this risk by moving over our current files to Office 365.”
Headed for the Cloud
It may not have immediately solved the server problem, but moving to the cloud was a good choice for this particular firm. “We moved as much of our data over to Office 365 as possible,” A. A. recalls. The server remained in production as a bridge to log into the firm’s Active Directory and to scan and store documents locally.
Security was a huge factor contributing to the switch. “In the line of work we’re in as wealth managers, if something happened to our clients’ information, it could be the end of our business,” A. A. says. “It was exceedingly important for us to be proactive in being able to manage our clients’ data efficiently, effectively, and securely.” Migrating to the cloud also allowed for easier and more secure telecommuting, which was exciting for the firm as a whole. “It was simply fantastic to have everything set up and all you have to do is log in through Office 365.”
No Server, No Problem
While Anderson Technologies was preparing A. A.’s firm for the cloud migration, the worst happened. “Server meltdowns are like horror movies for business professionals,” she says, “worst case scenario.” Thankfully, Dischert and some preemptive measures taken by Anderson Technologies kept downtime to a minimum.
“One of the amazing things about the work you do, and especially Eric [Dischert], was he noticed right away before any of us were in the office that something was wrong with the server,” A. A. says. “He reached out to me, did some remote troubleshooting, and came into the office. . . then announced the time of death [of the server] later that afternoon.”
Since the firm had already been preparing for the cloud migration, the server was no longer business-critical at that point but could have created vulnerabilities if not taken off the network quickly. The only loss the firm experienced was scanned images stored on the local server since employees at the firm had already begun reorganizing their workstations’ data to make the transition to Office 365 smoother. “I knew everything would be okay,” A. A. says.
Everything Anderson Technologies did made an unfortunate situation much easier for us to handle.”
Downtime is a major concern when any business’s tech fails, and this firm was no different. “That was one thing that Anderson Technologies did aside from pinpointing the problem early on, ensuring that we did not have lost time,” A. A. recalls. The team was responsive, telling A. A. that “‘we can triage based on your schedules and make sure everyone’s ready the day before’ . . . I think we got a quote of two hours per computer, and they were able to complete everything in our relatively small office in less than half a day. We expected to be out at least a full day.”
In less than one workday, Anderson Technologies successfully migrated all user profiles and got the wealth management firm working from their new cloud platform. If Dischert and the Anderson Technologies team hadn’t flagged the problem during the network security audit and began the cloud migration process in time, the firm might have lost essential data and experienced significant downtime. Early intervention went a long way when it came to handling this meltdown, and A. A. and her team are especially grateful for the comprehensive approach.
Luckily, this is a story of lessons learned rather than a disaster. A. A. says, “Everything Anderson Technologies did made an unfortunate situation much easier for us to handle.”
Have you or your business been trapped under lifeless hardware and are considering a switch to the cloud? Cloud migration could be the best solution for you! Contact Anderson Technologies today to learn if you’re eligible for a free network security audit.
This February marks Anderson Technologies’ 25th anniversary providing exceptional IT services for clients in the St. Louis area and beyond. The milestone provides an opportunity to reflect on the company’s journey since its inception and provides a thoughtful lens on how the organization plans to forge a path for the future.
Founding Principals Mark and Amy Anderson met in college as Computer Science majors and started their professional careers in the late ‘80s as software engineers for McDonnell Douglas’ Avionics Laboratories. After several years, their entrepreneurial spirit kicked in and the company was incorporated in February 1995 as an IT consulting firm. “I’ve always enjoyed helping people and being entrepreneurial,” Mark recalls. Like many successful business owners, he has fostered that entrepreneurial spirit from an early age. Growing up in a military family as a seventh grader pushing a lawnmower around the yards of trusting homeowners, he’ll never forget the advice his father brought home from his commanding officer while stationed in Germany: “If in life you always strive to do your very best, work will seek you out.” This became a foundational idea in Mark’s outlook. By demanding honesty, integrity, and excellence in himself, everything else took care of itself. Amy’s strength has always been to implement Mark’s big ideas in a practical and risk-averse way, which fueled the birth of Anderson Technologies.
If in life you always strive to do your very best, work will seek you out.”
Initially the Andersons provided technology consulting to Fortune 500 corporations until the market shifted offshore in the early 2000s. This fueled the company’s move from software engineering to system administration and IT consulting. After the start of the new millennium, Anderson Technologies experienced what Mark and Amy describe as a “quiet decade” while their two children were still young. They gravitated towards custom projects that would serve as the foundation for a new division of the company, Anderson Archival. “We were approached by a client who asked us to do technical project management and archival work for them,” Amy says. “While that was going on, we were also performing system and network administration for a handful of companies and helping with their technology.”
Not only has Anderson Technologies evolved over the course of twenty-five years, but so has the IT industry. “At first there was no such thing as managed services on an ongoing basis, where clients would pay a monthly fee for proactive IT support,” Mark says. Once the IT industry’s standard break/fix model was transformed by the need for vigilant, comprehensive managed services, Anderson Technologies fully embraced and invested in this new way of providing outstanding services to its clients.
“Let’s pivot,” Mark remembers thinking, “to focusing on small and mid-sized businesses who will appreciate a relationship with an IT vendor they can look in the eye and wholeheartedly trust.” Developing this strong client-vendor relationship was the foundation upon which Anderson Technologies built itself.
In order to share this new, proactive managed services approach, the company started by asking small business owners what technical challenges they were trying to overcome—and if it didn’t have a solution for them, the team would find another vendor who could help. “We are known for being an organization who cares and who treats people fairly,” Amy says.
In 2020, Anderson Technologies is focused on growing into a new office space, which is about three times the size of the previous location. “It’s a huge milestone for us,” Amy says. “You can feel the momentum.”
Indeed, the firm blossomed over the last few years alone, nearly doubling in size and welcoming Farica Chang as a partner. For over a decade Farica has been integral to Anderson Technologies. “Farica is extremely talented,” Amy says. “When we make a promise to a client, she along with our wonderful employees, consistently find a way to deliver an exceptional result. Farica is key to the company’s current and future success, and we are so grateful she is now a partner.” Mark agrees. “Farica exemplifies the company’s values so well,” he says. “She’s fearless—there’s nothing she can’t do. Her character, work ethic, and talents have blessed all of us. We wouldn’t be the same company without her.”
Working for Mark and Amy after graduation from UCLA and her professional experience at Fortune 500 companies, Farica notes that the opportunities available as part of a smaller team are immeasurable. “Mark and Amy shared responsibilities with me that I could never have imagined had I been a small cog in the gears of a giant corporation,” she says. “Together we conquered thorny technical challenges and complex project management. They fostered an environment of mutual trust and support—nurtured my development as a leader—and showed me how to care for a client’s needs as we care for our own.”
Together we conquered thorny technical challenges and complex project management.”
Anderson Technologies wouldn’t be where it is today without its people. Each member of the team is a valued piece of the puzzle—offering key unique strengths and devotion to a job well done. “Honestly, I love my work because I love our team,” says Farica. “Even on the busiest days, I know I can turn to anyone for help. Many of my colleagues have been with us for five years or more. I’m so proud of their growth and can-do spirit.”
Mark, Amy, and Farica appreciate this moment to pause and reflect on how vibrant their IT company has become. The last twenty-five years have been busy ones, and they don’t foresee slowing down any time soon. “Our hearts are filled with gratitude,” Mark says. “Gratitude for our wonderful employees, clients, and business partners who have enabled us to realize a dream and together build something truly special.”
Here’s to 25 more years of Anderson Technologies!
For more information about the Anderson firms or to find out how Anderson Technologies or Anderson Archival can provide solutions for your organization, contact us today!
The start of a new decade brings a sense of changing times and new beginnings. For your cyber security, it marks a good time to review how the state of cyber threats has changed since the time of Y2K or the 2013 Yahoo data breach. With the evolving threats and methods deployed in cyber crime, basic security standards have also progressed to keep your network safe. Do you know the basic security measures you should take to protect your business in 2020?
Download your copy of Anderson Technologies’ Cyber Security Essentials Checklist for 2020!
We’ve talked before about the Zero Trust model for IT security. Even if you aren’t ready to bring your entire IT architecture up to Zero Trust standards, several of its security measures are now common-sense protections against modern cyber threats.
Multifactor Authentication (MFA) is quickly becoming the gold standard for preventing unauthorized access to your systems. In an age of Have I Been Pwned’s free credential checking and the all-too-often reuse of passwords, the question is no longer if your usernames and passwords have been stolen, but when and which ones.
MFA is the most basic way to prevent someone with stolen credentials from accessing your systems, and comes in various iterations, from an email or text code to authentication apps and security dongles like or RSA SecurID tokens. It’s a simple measure that ensures the bad actor needs more than a stolen credential to compromise your systems.
Access Controls: Minimum Necessary Use (Need to Know)
The days of free access within an organization are over. Clearly defining user roles and necessary access permissions is essential. There’s no reason for an intern to have the same access to your systems as the office manager or IT staff. Segmenting user access to the minimum necessary for their job performance means that if one employee is compromised, the bad actor won’t be able to reach every part of your business.
Stop Viruses and Malware in Their Tracks!
It’s common knowledge that anti-virus and anti-malware are required in this day and age, but remember that if your software firewall or anti-virus program catches an intrusion, the threat has already made it into your systems.
Know Your Hardware
Businesses need to understand the difference between a hardware firewall and a software firewall. You need to have the best protection against cyber threats, but many business owners don’t realize they are missing the necessary hardware firewall. Go to your IT closet and take a close look. Can you identify your modem, router, and hardware firewall? They are three different pieces of equipment, and if you aren’t sure which is which, talk to your IT staff or MSP to make sure all three are in place and properly configured for maximum protection and minimum interference.
Training and Filters
Firewalls and anti-virus programs won’t be of much use if an employee clicks a link in a phishing email and lets the bad actors in. Blacklisting certain websites and installing email filters like Proofpoint are great first steps for keeping malicious links and emails from getting through, but the biggest way to prevent phishing is training your employees how to recognize it. These tactics are too prevalent not to invest in comprehensive employee training.
Update! Update! Update!
Nothing invites bad actors into your systems like an unpatched computer, such as Windows 7 which stops receiving updates after January 14, 2020. Security updates are not just slight improvements; they often fix known bugs and zero-day threats that bad actors can use to infiltrate or bypass the implemented security safeguards. Without keeping up to date with your security updates, criminals can exploit unpatched vulnerabilities to breach your security and either install malware on or extract valuable and private information from your systems. So, when an update appears, make sure it gets installed right away and upgrade un-supported software as soon as possible.
Be Prepared for a Breach
The era of small businesses being too little to be profitable to hackers is long gone. Small, medium, and large business are all targets for cyber criminals and it’s essential to think not in terms of if you are breached, but when you are breached. How can you mitigate the risk or minimize the damage a breach could do to your business?
No business in 2020 should be without comprehensive and secure daily backups of their IT systems. Properly configured and tested backups are your insurance against ransomware and natural disasters. If you know you can restore all your data effectively and quickly from backups, there’s no need to pay a ransom for the hope you can get all your data back.
But don’t just grab the first out-of-the-box backup solution you find. Make sure your backup provider doesn’t keep only one iteration, meaning if your backup gets infected, you have no other options. Configure the solution correctly to back up all the information you need.
If you are in a HIPAA-regulated industry, encryption is not optional. It’s the best way to prevent unauthorized breaches when mobile devices and laptops are lost or stolen. A properly encrypted laptop lost on a business trip isn’t a breach even if ePHI is on it, since the encryption prevents anyone who finds the machine from accessing the data.
Encryption is a good idea for any business that uses laptop and mobile devices for work purposes. The last thing you need is someone finding a lost phone or laptop and suddenly having access to sensitive business information or programs.
The Daily Routine
Sometimes it’s the little things that end up being the source of a cyber intrusion. These security measures may seem like common sense, but that doesn’t mean you shouldn’t have a clear policy for them. Failure to follow basic procedures everyday can open the door for cyber criminals.
Passwords and Password Managers
Reusing or only making minor alterations to passwords across applications is a major problem. Too many passwords are hard to keep straight, but people struggle even more to remember secure randomized passwords. This can lead to the worst-case scenario of employees writing down passwords that anyone could find. Having a long phrase or sentence the employee can remember is best practice, but if you have a lot of programs that require passwords, you don’t want employees using only one across the board.
Password managers like Myki or LastPass are a great solution to this problem. Employees can create the long, randomized alpha-numeric passwords, which are considered most secure, without the need to write them down or repeat the same password over and over. These services also provide apps for mobile phones so employees don’t need to be at the desk to access their passwords.
Not every company institutes a screenlock timeout procedure for their business, but it’s a simple and effective security measure, especially if parts of your business are open to the public (HIPAA requires it). Even if you don’t have any public areas, screenlock policies can prevent insider threats from gaining access to an employee’s computer or information simply because they forgot to lock the computer before they left their desk. Make sure the screenlock requires a password and isn’t delayed to the point it’s useless to protect your information.
If you don’t have these basic policies and procedures in place, it may be time to re-evaluate the security measures you are using. Were they created for a different time and threat landscape? Can they continue to protect you against modern cyber crime? If not, it’s time to step up your basic security measures and stop criminals before they sneak into your business.
If you need help determining if your current security measures are adequate to protect your business, contact us today for a free consultation!
Remember Roomba? Maybe you have one, zipping around your home, getting caught under furniture and amidst wires. That seemingly simple machine, armed with programming and dust-sucking, became seamlessly integrated in the lives of millions. But even at the height of the Roomba revolution, there wasn’t a lot of talk about smart vacuums stealing our jobs or taking over our homes.
Everyone is fascinated with artificial intelligence right now. It is hard to deny the buzzword power of the term. Tinged with fear or awe, AI often feels like the answer to everything—or our impending downfall.
The reality is far from either. As it stands now, AI like the programming in Roomba, or Roomba’s grown-up relatives found at Walmart and Giant Foods, is a powerful tool. Limited to specific tasks or deep learning, AI may just be the best coworker you’ve ever had.
Is AI Coming for Our Jobs?
Here’s the truth: For employees whose primary job function may easily be replaced by single-task AI, the job hunt may be on. Computer-screen ordering interfaces and shipment-sorters may in fact reduce hours for the humans who previously held those positions and others like them. Fortunately, many businesses are utilizing AI as an opportunity to free their employees for more complex and customer-facing tasks.
For every job that might be eliminated or reduced, there are many more that just don’t work without human hands and minds.
And because thankless tasks are becoming automated, human workers can now spend their time and energy immersed in the more creative aspects of their jobs.
AI and IT: Working Together for You
It may not surprise you to learn that IT is currently the field most welcoming to our AI coworkers. For IT managed services firms that balance the cutting edge with enhanced security, a cautious approach still finds that within specific, defined roles, AI provides valuable services.
Tools like firewalls, antivirus, and remote monitoring, among others, are IT staples that frequently employ AI. There is a firewall AI, for example, that can be programmed to track traffic patterns (volume, uploads and downloads, behavior on websites), and if something appears contrary to what has been deemed “normal” patterns, the associated software can automatically isolate a user’s workstation and alert a human team member that there has been a potential compromise.
Deployed on a larger scale, this type of monitoring and pattern-detecting AI frees IT professionals from manually watching the same traffic. This means billing hours go to solving problems and providing meaningful solutions instead of wondering if a large file download is suspicious.
AI also has the potential to detect patterns and flag issues that human experts can’t identify themselves. Given data sets and known problems, machine-learning AI may move the IT industry into truly predictive safeguards. If used widely, this could mean no more frantic break-fix calls after hours because AI team members have long since identified the developing issue, and human counterparts have already fixed it.
AI as part of a managed services offering doesn’t have to feel inhuman. As a tool utilized by humans in order to provide an enhanced, fuller package of IT services, AI improves experiences.
Do you have questions about AI and what it could do to improve your business’s IT systems and cyber security? Call Anderson Technologies today at 314.394.3001 or send us an email at firstname.lastname@example.org.
How one St. Louis practice shed an underperforming MSP and questions to ask so you don’t end up in the same situation
Relationship challenges occasionally happen, even between businesses.
It’s frustrating when a potential vendor promises epic solutions to all your problems, but over the course of months or years prove themselves not up to the task. This was the case for M. C., owner of a St. Louis healthcare practice. She recently sought the help of Anderson Technologies to replace her managed services provider of over a decade. “I was pretty loyal to them,” M. C. says, “but it was nightmare after nightmare for ten years.”
A self-described workaholic, M. C. didn’t have time to spend worrying about the technology that carried her practice. “IT is the skeleton of [most] businesses in America today. If you don’t have it, then your practice has no skeleton. It’s just a floppy amoeba.” Much like the revenue lost during business downtime, time wasted waiting for computers to meet performance expectations or techs to return your phone call is a drain on your business’s resources.
Your managed services provider (MSP) should be working with you, not against you. According to M. C., an MSP and the work they do for your business should feel like “a blessing from God.” Here are four questions you should be asking to determine whether or not your MSP relationship is benefiting your business.
- Are they professional? Can I unequivocally trust them in my office and home?
M.C.’s relationship with her former MSP started with a trusted colleague’s recommendation. System administrators were in and out of her office and home, providing service on her internal systems and home workstations for remote connectivity. Her practice used specific programs and hardware daily. It was essential that these functions were reliable and safe for patients.
“Anyone with an EMR [electronic medical records] system really needs to have the best IT possible,” M. C. says.
If you don’t have good IT, you’re out of luck.”
It was when M. C. needed to move her practice to a new location that she realized how many problems the vendor had overlooked or, in some cases, caused.
“I had just spent $10k getting all new computers and they still weren’t working,” M. C. recalls. “They recommended that I change phone systems to save money, but what they actually did is cut out my fax and the phone situation just got worse.” These issues surfaced when one of M. C.’s employees pointed out that on the day of the install, the MSP only spent ten minutes on-site. Along with a few other questionable interactions with the MSP’s team at her home, M. C. began to lose complete trust.
- Are they communicating effectively?
After M. C. realized the extent of her technical problems, she reached out to the owner of the company, a person she felt she could trust. However, the owner wouldn’t acknowledge that his employees had been careless and made mistakes.
Aside from her annoyance with the work the company did do, it was often difficult to reach help during her early and long work hours. “I was at the point where I had to demand they come and fix things,” M. C. says. Communication breakdown reached a head when M. C. contacted the owner once more, only to be berated. “I had spent thousands of dollars at this point, and all he had to say was, ‘Why are you bothering me? You’re a demanding client.’”
- Are they taking ownership of their work and keeping detailed records of all solutions?
One reason problems weren’t getting resolved was because the MSP seemed very unorganized. Every time M. C. or one of her employees contacted the company about a problem, they acted like they had never stepped foot in the office, let alone replaced all the hardware.
“Troubleshooting was nearly impossible,” M. C. says. “After ten years they knew nothing. No organization, no blueprints of what I had, what went where.” The company also constantly insisted on upgrades to the practice’s hardware, but would replace them with old computers that were clearly used and not up to enterprise standards. Hardware replacement policies are a common MSP requirement, but the level of disorganization around the “new” computers they were recommending seemed suspicious. “It’s like there were no records of any improvements or work done.”
Mark Anderson stresses with importance of industry software and documentation with Business News Daily.
- Are they keeping their promises?
It took ten long years for M. C. to face the facts: her business relationship with her MSP was no longer serving her well. The promises the MSP made at the beginning of their partnership had never been realized. “My practice’s management system was still getting popups and crashing, computers were still slow and congested, we still had outdated hardware, no fax, scanners, or remote connectivity,” M. C. describes. “Systems were still so slow, and even slower when working remotely.”
She felt the managed services company took advantage of her, taking her money and then slapping Band-Aids on problems to conceal the bigger issues. “I was nervous spending the money to start over,” M. C. says. “It’s like getting divorced and finding someone new. For ten years I had the patience of Job, but I think it wasn’t really patience—I was just scared.”
Thankfully, she reached out to Anderson Technologies, which was able to quickly extinguish the immediate fires. “Once Anderson took over, 99% of the problems went away immediately.” Instead of making huge promises at the beginning of the partnership, Mark Anderson and the team developed a strategic action plan to implement long-term improvements.
Anderson Tech is reachable, affable, quick, professional,” M. C. says. “It’s been nothing but professionalism and action, ‘true to their word’ situations. I have never gone this long in my ten years where I didn’t have a problem.”
Now that M. C.’s IT infrastructure is efficient, reliable, and secure, she can focus on her clients and allowing her business to really grow over the next ten years. Thousands of dollars and a decade of frustration later, M. C.’s practice is building a new relationship with Anderson Technologies: “I wish I had met you ten years ago!”
To find out more about reevaluating your IT partnership, give Anderson Technologies a call today. We can be reached at 314.394.3001, and look forward to hearing from you.