NetStandard | Kansas City's Managed Technology Leader | Sales: 913-428-4202 | Support: 913-428-4200
Posted by: In: IT Managed Services 24 Apr 2018 0 comments

 

 
Think Quicker Recovery Time, Not Quicker Backup – While incremental backups are much faster than executing a full-backup, they also prolong recovery time. In the event of data loss, a full restore will require loading the most recent full backup and then each incremental backup tape. Having too many incremental backup tapes not only adds time to this restoration process, but it also increases the probability of not recovering all of your data. A tape could be lost, unintentionally skipped over, or contain corrupted data. Be sure to focus on optimizing the restore time to ensure faster data recovery. A quicker recovery time should be the main objective, not the need for a quicker backup process.
 
Maintain Sufficient Backup History – Within the blink of an eye, current data files can become corrupted and inaccessible. This will necessitate the loading of an earlier data backup that is clean of corruption. Many smaller companies make the mistake of failing to keep a sufficient backup history.
 
Be Sure to Backup Essential Data AND Applications – Some businesses don’t feel the need to backup all data, but be sure essential databases, documents and records are backed up frequently. Don’t overlook applications that are critical to day-to-day business operations either. Many companies fail to backup applications, only to realize when it’s too late that they don’t have access to the original installation disks when they’re trying to recover from data loss or an outage.
 
Have Off-Site or Online Backup – Some businesses backup data simply by moving essential files to tapes or external hard drives that are then stored somewhere onsite. But if they’re kept onsite, what happens if a fire, flood or other natural disaster takes out not just your server but your backup tapes and drives? Onsite backups can also be susceptible to theft. Having secure off-site, or even online backup, is simply the smart thing to do to ensure quick recovery when trouble comes to town.
 
Fix Broken Access Controls on Your File Server – Many businesses have folders with confidential data residing on a file server with overly permissive access controls. Why take the risk of having a disgruntled – even former – employee access and misuse this data when access can be limited to only those in the company who need it?
 
Be Sure to Test Restores – It happens time and time again. Business owners think they have a data backup plan in place. Tapes are changed diligently each day and everything appears to be backed up and good to go. However, it turns out the backups haven’t been working for months, sometimes even years, right at the very moment they’re needed. Either the backups had become corrupt and useless or large segments of data were not being backed up. This happens often. Don’t let it happen to you.

Posted by: In: IT Managed Services 22 Apr 2018 0 comments

 

Just Because You’re Not a Big Target, Doesn’t Mean You’re Safe
Not too long ago, the New York Time’s website experienced a well-publicized attack, which raises the question – how can this happen to such a world-renowned corporation? If this can happen to the New York Times, what does this bode for the security of a small company’s website? What’s to stop someone from sending visitors of your site to an adult site or something equally offensive?

The short answer to that question is nothing. In the New york time’s attack, the attackers changed the newspaper’s Domain Name System (DNS) records to send visitors to a Syrian website. The same type of thing can very well happen to your business website. For a clearer perspective, let’s get into the specifics of the attack and explain what DNS is.

The perpetrators of the New York Time’s attack targeted the site’s Internet DNS records. To better understand this, know that computers communicate in numbers, whereas we speak in letters. In order for us to have an easy-to-remember destination like nytimes.com, the IP address must be converted to that particular URL through DNS.

Therefore, no matter how big or small a company’s online presence is, every website is vulnerable to the same DNS hacking as the New York Time’s site. The good news is the websites of smaller companies or organizations fly under the radar and rarely targeted. Larger targets like the New York Times, or LinkedIn, which was recently redirected to a domain sales page, are more likely targets.

For now…

There is no reason to panic and prioritize securing DNS over other things right now. But there is a belief that DNS vulnerability will be something cybercriminals pick on more often down the road.

Here are a few ways to stay safe

Select a Registrar with a Solid Reputation for Security

Chances are, you purchased your domain name through a reputable registrar like GoDaddy, Bluehost, 1&1, or Dreamhost. Obviously, you need to create a strong password for when you log into the registrar to manage your site’s files. Nonetheless, recent DNS attacks are concerning because they’re far more than the average password hack.

It was actually the security of the registrars themselves that was compromised in recent attacks. The attackers were basically able to change any DNS record in that registrar’s directory. What’s particularly frightening is the registrars attacked had solid reputations. The New York Time’s, along with sites like Twitter and the Huffington Post, is registered with Melbourne IT. LinkedIn, Craigslist and US Airways are registered with Network Solutions. Both had been believed to be secure.

So what else can be done?

Set Up a Registry Lock & Inquire About Other Optional Security

A registry lock makes it difficult for anyone to make even the most mundane changes to your registrar account without manual intervention by a staff registrar. This likely comes at an additional cost and not every domain registrar has it available.

Ask your registrar about registry locking and other additional security measures like two factor authentication, which requires another verifying factor in addition to your login and password, or IP address dependent logins, which limits access to your account from anywhere outside of one particular IP address.

While adding any of these extra safeguards will limit your ability to make easy account change or access your files from remote locations, it may be a worthwhile price to pay.

Contact us at NetStandard

Posted by: In: IT Managed Services 20 Apr 2018 0 comments

 

 
Keep Your IT Guy and Outsource IT Services, Too
 
Everyone in the office loves Eric. Sporting a different ironic t-shirt everyday, Eric is the one we call when technology spits in our face. Whether it’s a slow system, a bug that needs to be squashed, a website issue, or a crash that results in unexpected downtime and data loss, Eric is right there. Not only does he get to the bottom of any issue but he also rights the ship like he’s some sort of miracle-working captain who just happens to have a pretty wickedly funny Peter Griffinfrom Family Guy impersonation.
 
But business is growing and Eric is overworked. Eric has certain skills that you’d love to use to develop innovative applications and revenue-generating projects– but he’s too busy running around fixing things that break. Or he’s performing the most mundane and routine tasks day-in-and-day-out just to keep things secure and running smoothly.
 
You get a sense that Eric’s overburdened and he’s saddled with too many responsibilities. His demeanor has changed from pleasant to moody. He’s listening to angrier metal and punk music and you’re noticing cracks in his work. You fear Eric is being pulled in too many directions and the reliability of your server, network, and applications, as well as the integrity of your data, are all at risk.
 
Someone who has watched a bit too much of Donald Trump on The Apprentice might think Eric should be fired. We’re not going to fire Eric. But we’re also not going to hire a full-time salaried Robin to his Batman or Cheech to his Chong. We’re going to help Eric by exploiting IT automation and managed services to handle many of the monotonous tasks making Eric hate his job right now.
 
Let’s help Eric…..
  • Focus Primarily on Cost-Cutting and Revenue Increasing Projects: First things first, Eric has to realize that he can’t do everything himself. Where are his skills best used? Whether it’s processes that help drive down costs or ones with the potential to raise revenue, evaluate the projects in the queue and rank them by what impacts the bottom line the most.
Once that’s done, look at the day-to-day processes designed to keep things running securely and efficiently. What can be off-loaded from Eric? Determine which of those tasks can be automated either through the cloud or managed services.
 
  • Take to the Cloud: Some IT people fear the cloud spells the end to their job security. Meanwhile, the cloud can actually help them take on a more prominent contributing role in the company’s success.
    The cloud should be seen as another tool that further eliminates the mundane yet necessary daily drudgery from their workday. Those who work WITH the cloud will find that they have more available time to take on more meaningful cost cutting or revenue generating projects. 

  • Use a Managed Service Provider: Using outsourced managed services not only alleviates much of Eric’s pressure and stress, but also boosts productivity and gives the company a much improved ROI (Return-on-Investment) on their technology investment.
While technology has gotten easier for the end user, it has become more complex on the backend with the advent of virtualization, cloud computing, and advanced infrastructure.
 
Using an MSP gives Eric access to a trusted advisor, a 24/7 help desk, remote monitoring and management tools, mobile device management tools, and much better disaster recovery and business continuity solutions. All without the overhead that comes with hiring more help for Eric. MSPs offer a consistency to not just your end-user but also your main IT guy who will certainly appreciate the help.
 
Contact us at NetStandard

Posted by: In: IT Managed Services 18 Apr 2018 0 comments

 

 
A Smarter Approach to Mobile Device Management
 
More people today use personal mobile devices like smartphones and tablets for business purposes. Such devices, coupled with greater Wi-Fi accessibility and cloud services, have empowered us with the ability to access data and do business from practically anywhere at anytime.
 
Needless to say, many small-to-medium sized business owners have embraced the BYOD (Bring-Your-Own-Device) revolution. The benefits are obvious; increased employee productivity, enhanced services to customers/clients, and better overall customer and employee satisfaction.
 
But what about the potential consequences associated with this mobility revolution? Are small business owners doing enough preemptive planning to address potential risks that could arise with the use of BYOD devices?
 
Mobile Device Management – Questions Every SMB Should Ask
 
First, it is important that small business owners honestly assess whether their systems, networks, data, and overall infrastructure are ready for the use of an array of mobile devices.
 
Once it is firmly established that both internal IT and components in the cloud are prepared for BYOD, solutions should then be put into practice that are concurrent with terms of use policies or any guidelines pertaining to remote/telecommute workers or the sharing of sensitive data. The following questions should be answered.
  • What particular devices or applications are permissible for work use? Assuming security requirements are in place, not every device or application will meet those.

  • Will anyone in the company be tasked with the daily management of BYOB strategies? What should BYOD policies cover and what kind of management solutions will be needed? Would a BYOD management tool that collects device information, deploys and monitors usage, and offers insight into compliance be helpful?

  • Which costs will be the responsibility of the employee? This pertains to any fees associated with usage – from network plans, to the device itself, to software, accessories and maintenance costs.

  • What data will be accessible? Will data encryption be necessary for certain information traveling through the personal devices of employees? Which employees will have read, write, update/delete privileges?

  • What is the process when handling sensitive data stored on lost or stolen devices, or the personal devices of ex-employees? Does the company or organization have the right to wipe out the entire device or just corporate data and apps?

BYOD is here to stay as it affords smaller-sized companies the mobility of a corporate giant without a huge investment. But when it comes to ensuring that devices, applications and networks are safe from the variety of threats linked to greater mobility, small business owners may find it necessary to enlist the help of a managed service provider to adequately take on mobile management challenges and provide ongoing consultation.
 
Contact us at NetStandard