by Felicien | May 16, 2019 | Education
A healthy, growing business is almost always a good thing. Still, expansion brings with it certain responsibilities on your part.
If your business is growing quite quickly, it’s important to understand that large changes or adjustments may need to be made. This could mean hiring more employees, starting to provide employee health insurance, advertising more and spending more on marketing services, or obtaining more physical office space.
One area that you certainly won’t want to ignore as your business expands is your company’s information technology provider.
Many businesses who start small assume they can keep their IT provider as they grow. However, it’s important to realize that some providers aren’t equipped to handle larger businesses — those who often necessitate sprawling networks and extensive security needs.
To determine whether your company will soon require new IT services, consider the following questions about your current IT provider.
How familiar are they with your specific industry?
Often, when you’re just starting out, you’ll hire an IT provider who handles information technology services for a broad range of industries. Without a doubt, working with these types of providers will help your growing business by cutting costs. At the same time, you’ll still have your IT taken care of.
But as your business grows, you’ll want an IT provider with unique expertise in your industry. Niche IT providers who specialize in IT for hospitals, transportation services, or optometry offices, for example, are much more likely to provide you with better-quality service and improved security.
They are knowledgeable about and regularly brush-up on industry standards. They keep up with new and cutting edge technologies in your industry. And most of all, they are constantly aware of common security threats (and solutions) to businesses like yours.
Do they service other companies of similar size?
Take a look at who else your IT company serves. Are there any clients who match your company’s size? If so, do you believe those companies would also necessitate the same amount of attention and security as your company?
Even if your current provider services a company comparable to your size, if that company is a greeting card business and you own a chain of dental offices, you may have more to think about than just size. Namely, you’d have personal medical information within your network and a unique and crucial need to avoid breaches, scams, and possible liability catastrophes.
How often do you require troubleshooting services?
Are you already in near-constant communication with your IT provider for recurrent outages, network errors, slow-downs, and other problems?
Certainly, troubleshooting is one of the reasons you have an IT provider in the first place. However, the best providers should be able to set-up a network that requires infrequent service.
Moreover, preventable errors that happen once should not happen again. The downtime that results from problems in your network will inevitably hinder your business’s success. Moreover, as a company that’s growing, things will only get worse if you do not improve your service now.
How have they handled network problems to date?
When you have needed to make a service request in the past, what’s been your current provider’s track record?
Consider how easy they are to get in touch with. Are you able to speak with your own account manager or at least a representative who’s knowledgeable about your business?
How fast is your request handled? If it’s an emergency, such as a security breach or a system failure, how fast do they respond? If it’s a routine question or small system error, how fast do they respond?
Larger businesses need IT providers who know their business and are at-the-ready when a problem occurs. In fact, you should have a direct line to call when problems arise — one that answers to a live person.
Furthermore, as a growing business, you’ll want to anticipate that future problems will inevitably be more calamitous, especially when left unhandled for even a day or two. As your business expands, your IT provider must be immediately responsive, fully capable of handling any problem, and prompt in their service calls.
Have they presented a plan for accommodating your company’s growth?
First of all, have they taken notice of your company’s growth? A quality IT company will come to you first, noting that your company has been expanding and ideally, presenting a plan for your extended IT needs.
However, even if it’s you who needs to take the knowledge of your company’s expansion to your IT company, you’ll want to look for signs that they have a plan in mind to accommodate your anticipated needs.
They may, for example, suggest that you move from an as-needed payment plan to a monthly or yearly management plan. Many of the best IT providers who handle a range of company sizes will have at least these two options for their clients. When moving to a managed plan, you’ll be able to request assistance whenever necessary, paying a flat rate for their on-call care.
Find an IT Company Who Will Help Your Business Flourish
If, by evaluating the questions above, you’ve determined that it may be time to hire a new IT company, this certainly doesn’t mean that your current provider is entirely insufficient. It simply means that you’ve outgrown them, which in turn means that it’s time to move on to a more capable provider.
Taking the time to assess and realize your business’s extent of growth and possible outgrowth of an IT provider is an important step in your business’s expansion. Hiring an IT provider with adequate resources and capabilities to handle your expansion will ensure you’re fully prepared when it comes to your information technology — a foundational element that is, today, an invaluable component to businesses of all kinds.
by Felicien | May 16, 2019 | Education
Are you willing to pay the piper when it comes to cyberattacks?
Despite the growing number of cyberattacks on small- and medium-sized businesses, there is still a lack of awareness or proactive defense of the networks, computer systems, applications and devices being used. This inattention means it’s even easier for criminals to attack your business by worming their way into your data, stealing it and threatening to expose it. Other cyberattacks target the business itself, making systems and websites inoperable, costing businesses millions in the process.
Freeing the data or access often means paying a ransom, usually in the form of Bitcoin or some other cryptocurrency that’s impossible to trace.
How Much of an Issue is Cybercrime?
When it comes to cyberattacks on small businesses, the reality is, if you haven’t already been attacked, you will be. What matters is that you have the security protocols in place to make sure your business withstands these attacks and is not victimized by intruders looking to do harm.
The scope of cyberattacks, especially on SMBs, is staggering.
According to the 2018 HISCOX Small Business Cyber Risk Report, almost half (47 percent) of small businesses suffered a cyberattack in the previous year. Of those attacked businesses, 44 percent encountered a second, third or fourth attack. Eight percent had five or more attacks.
Yet the report shows a paradox. Business executives surveyed identified cyberattacks as one of their top two concerns, along with fraud. Sixty-six percent said they were concerned or very concerned about cyberattacks.
However, among those executives, the majority haven’t taken even basic steps to protect their businesses.
What Does a Cyberattack Mean to My Business?
If you do not invest in cybersecurity measures, you are a sitting duck. That means you’ll have to pay a ransom when your business is attacked. You will incur costs as well, including steps to identify and eradicate the intrusion, notify customers and regulators and pay for deep web monitoring or credit monitoring.
What is that financial cost? According to HISCOX, it’s $34,600 for small businesses. The 2018 Cost of a Data Breach Study: Global Overview conducted by the Ponemon Institute shows that among SMBs and enterprises, the worldwide average total cost is $3.86 million. The costs are increasing each year, too.
The Ponemon study shows some of the other inherent threats and disruptions a data breach can bring upon your business. Among key factors influencing the cost of a data breach, according to the study, are:
The unanticipated loss of customers after a data breach is reported. Organizations that have established institutional trust and offer identity protection to victims are more successful in retaining customers.
The scope of the breach and the number of records lost or stolen. Ponemon calculates the per-record cost at $148.
Time. The longer it takes to discover the data breach and contain it, the more costly it is to the affected business.
Scope of remediation. When an attack is discovered, your business is going to incur expenses it didn’t plan for, including for independent investigators, forensic analysis, auditing services, crisis PR management and continuing brand and reputation repair initiatives.
Service needs. These included the demands for help desk services, marketing and communication, distribution of new account information or credit cards, legal costs, regulatory investigations and fines, product and service discounts to retain customers and increased insurance premiums.
The costs, both real and impressionistic, can cripple a small business that does not have the resources to recover from a cyberattack.
What Should Our Business Do To Protect Itself?
Protection begins with a thorough assessment of your systems and procedures to determine where there are vulnerabilities that need to be addressed. Working with a qualified managed service provider, you can understand where the exposures are and plan to fix them.
Your managed service provider will want to look at several components, including:
Network security that’s based in next-generation firewalls to identify and contain unwanted activity
Automated solutions to update anti-malware applications and install updates and patches
Policies regarding access, password protocols and authentication
With the proper security in place, you can avoid paying a ransom and putting your business at risk.
by Felicien | May 16, 2019 | Education
Impacted Systems:
Windows Server 2003
Windows XP
Windows7
Windows Server 2008
Nonimpacted Systems:
Windows 10
Windows Server 2016
Windows Server 2019
If you are still using Windows Server 2003 or XP, Windows 7, Windows 2008 R2, or Windows 2008 you could be in trouble. A wormable virus may be coming your way. The virus is designated as CVE-2019-0708.
This means that the virus can get into your system without you doing anything like clicking a malicious link. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights without your knowledge.
What Should You Do?
Microsoft has released a critical update for their Remote Desktop Services that impacts multiple Windows versions. The patches are for devices and systems that are both in and out-of-support, which is rare for Microsoft to do. This shows the importance of these patches.
The update addresses the vulnerability by correcting how Remote Desktop Services handles connection requests. To apply the patches, go to the Microsoft Security Update Guide for in-support systems and KB4500705 for out-of-support systems.
Note: Clients & Customers on a valid managed services agreement are being taken care of and there is no immediate action for any computer, server or other devices under a valid managed services agreement.
Microsoft recommends that customers running one of these operating systems download and install the update as soon as possible.
Does This Mean Even Systems Without Support Can Get The Patch?
Yes, Microsoft is aware that some customers are running versions of Windows that no longer receive mainstream support. This means that you wouldn’t have received any security updates to protect your systems from the CVE-2019-0708 virus.
Given the potential impact on customers and their businesses, Microsoft decided to make security updates available for platforms that are no longer in mainstream support.
All Windows updates are available from the Microsoft Update Catalog.
What Should We Do Before We Apply The Update?
It’s recommended that you back up all of your important data first. If you have a reliable backup, if the patch creates problems you can still access your data. You should do this before you install any patches.
What If We Can’t Apply The Patches?
If you can’t apply the patch for your system there are other things that you can do:
If you don’t need the Remote Desktop Services, you can disable it.
Block the TCP port 3389 (this prevents unauthorized requests from the Internet).
Enable NLA (Network Level Authentication) for Windows 7 and Windows Server 2008.
Of course, the best thing to do is to contact your local IT services company. They’ll know exactly what to do.
What Is A Wormable Virus?
This means that any future malware that uses this vulnerability could propagate from one vulnerable computer to another. This is how similar malware like WannaCry spread around the world. Experts are worried that this flaw could be used to fuel a fast-moving malware threat like the WannaCry ransomware attacks of 2017.
Here’s what Simon Pope, director of incident response for the Microsoft Security Response Center tells us:
“This vulnerability is pre-authentication and requires no user interaction,” Pope said. “In other words, the vulnerability is ‘wormable,’ meaning that any future malware that exploits this vulnerability could propagate from vulnerable computer to vulnerable computer in a similar way as the WannaCry malware spread across the globe in 2017. It is important that affected systems are patched as quickly as possible to prevent such a scenario from happening.”
Have There Been Any Attacks Yet?
Microsoft said they haven’t found evidence of attacks against this dangerous security flaw. But one could happen at any time. Right now they are trying to prevent a serious, imminent threat with these patches.
Simon Pope goes on to say:
“While we have observed no exploitation of this vulnerability, it is highly likely that malicious actors will write an exploit for this vulnerability and incorporate it into their malware.”
What Does The Microsoft Remote Desktop Do?
You use the Microsoft Remote Desktop application to connect to a remote PC or virtual apps and desktops made available by your admin. You can control your desktop computer and all of its contents from another computer.
The app lets you connect to your desktop from wherever you are. The access to the remote desktop happens over the Internet or via another network. It lets you interact as if you were physically working from your desktop.
The Remote Desktop application also gives the “master” computer access to all of the contents on the remote computer.
What Else Should We Know?
If you had updated from Windows 7 to Windows 10 or from Windows Servers 2008/2008 R2 to Windows Server 2016 or 2019, you wouldn’t need to worry. This is why it’s essential to keep your systems up to date.
Soon, on January 14, 2020, support will come to an end for all Windows Server 2008, 2008 R2 equipment and the Windows 7 operating system.
If you’re still using these servers or operating system, it’s crucial to replace them now so that there’s no disruption to your daily operations or loss of data.
Any hardware or software product that reaches its end of life is a potential gateway for hackers to enter through. In addition to the security hazard, there are other reasons why it isn’t a good idea to keep using old equipment such as unresolvable outages.
Where Can We Get Help?
Contact us to ensure your Microsoft desktops and servers are secure and protected from unauthorized intrusions.
by Felicien | May 15, 2019 | Education
Open source software has come a long way since the 1980s. Back when the concept was first developed, it was a philosophical revolution in the software world. Releasing software for free wasn’t new, but releasing the source code behind the software and even encouraging others to improve upon it was game-changing.
In its infancy, open source software wasn’t the sort of thing most enterprises would consider. Times have changed, though. If your organization has never seriously considered whether open source software has a role in enterprise IT, you may be missing out on some serious advantages.
Open Source Software’s Changing Role
Open source software used to be viewed as the software equivalent of homebrew beer: an interesting hobby with sometimes attractive results, but not at all useful at scale. Over the twenty-five-plus years since its origins, things have changed. There’s no perfect analogy, but you might say the open source crowd has evolved into the equivalent of a network of craft brewers. Each brewer crafts something unique, and they all share their recipes and brewing techniques freely, both with other brewers and with consumers. Because of this collaboration and free sharing of information, the results just keep getting better.
Enterprise Adoption Grows
This evolution has had an effect on enterprise adoption. Today, most companies utilize some open source software. Red Hat, a Linux distributor and a major player in the open source space, commissioned a study of enterprise IT in 2019. The study determined that 83% of enterprises surveyed were using open source software, and 69% of those respondents described open source software as being either extremely or very important to their organization.
Uses of Open Source Software
Uses of open source software in enterprise settings vary widely, of course. Small businesses may not venture far outside OpenOffice, an open source alternative to Microsoft Office. Enterprise level businesses, however, tend to do more. That same Red Hat study names five areas where open source applications are being used in surveyed enterprise businesses at a rate of 41% or higher. These five are website development, cloud management, security, big data & analytics, and databases.
Pros and Cons of Open Source Enterprise Software
We don’t want to give you the wrong impression. The world of open source software isn’t a miracle utopia that will solve your every business IT problem. There are pros and cons to using open source software for enterprise IT. Here are a few.
Pro: Open Source Software Is Almost Always Free
If the source code is freely available, the software itself is almost by definition offered for free as well. There are limited exceptions, but most of the time, open source software is free to use. This makes sense practically, as it’s challenging to charge for the shell when you’re giving away the innards for free. It’s also a philosophical decision, as the open source movement is closely connected to the ideas of the free software movement.
Con: Supporting Open Source Software Isn’t Free
Open source software at the enterprise level isn’t being designed by hobbyists with day jobs. This is complex software that takes real development work. You may be wondering, then, how the developers put food on the table. In many cases, the answer is support.
When you purchase enterprise software from a traditional source, you usually enter into a license agreement where the seller or the developer will support your use of the software, for a yearly fee. Similar arrangements are available to help you support many open source enterprise applications. The software is free, and you’re free to customize it. If you need support, though, you’ll need a service level agreement (SLA) or something similar. These aren’t free.
Pro: Open Source Software Is Customizable
Off-the-shelf software solutions don’t allow you to customize the software beyond whatever settings the developer offers. You’ve likely experienced this on a small scale. Many people who use Microsoft Outlook for email, for example, aren’t thrilled with the program’s search function. Too bad: neither users nor company IT departments have the ability to enhance this feature beyond what Microsoft provides.
Open source software is different. Companies can tailor the software to their needs and can tweak the source code so that the new software interfaces properly with their existing systems.
Con: You Have to Do It Yourself
The previous pro is a bit of a double-edged sword. The ability to customize software is great, but your company needs people with the skills to do that customization well. Even the best IT pros may get stuck in this process, and finding dedicated support can be a challenge.
Contrast this with complex high-end proprietary enterprise software suites, which often come with support from the vendor. Vendor agreements may include some custom interfacing work. The software and service agreements are costly, but you aren’t left on your own to do the customizing.
Conclusion
For many businesses, open source enterprise software can save money and improve functionality, but navigating the open source waters can be a challenge. If you need help, contact us today!
by Felicien | May 15, 2019 | Education
Opportunities to spend on tech are endless these days. But your budget isn’t endless. Your company needs to invest in technology, but you need to do it in a way that’s smart and strategic. Check out our CFO’s guide to smart investing in information technology. We’ll show you how to prioritize your technology investment so that you can make smart decisions and stay on budget.
The Problem
The problem with smart investing in information technology is the sheer number of choices available. Hardly a day goes by without a new B2B information technology product hitting the market. You can’t possibly purchase them all, nor does your business need them all.
As the CFO you may or may not be involved in specific purchasing decisions, depending on the size of your business and the size of the purchase. You do, however, bear ultimate responsibility for setting your purchasing strategy. With so many IT investment options available, you may be overwhelmed trying to cut through the noise and decide what’s best for your organization. The lower your comfort level with technology, the worse the confusion gets.
Understand the Importance
The first step toward solving this problem is to engage with it. Understand that in many real ways technology is the future. You can’t afford to sit on the sidelines or to keep doing business as usual. Your competitors aren’t, and you’ll be left behind.
Simply put, picking the right new tech and integrating it successfully into your business can give you a competitive advantage over competitors. Therefore, in concert with your business’s technology team, you and the financial team must evaluate new IT developments, selecting and implementing the trends that will keep you competitive.
A Framework for Evaluating Emerging IT Innovations
Typically, companies receive far more internal requests for new software or hardware that can be approved within the current budget. To add to the problem, B2B sales efforts come from every direction. These promise to solve one problem or another or to give you that competitive advantage over your competitors. Never mind that the salesperson is trying to sell the exact same solution to those competitors.
What’s needed is a framework for evaluating emerging IT innovations. The questions below can help you decide which internal requests and outside sales pitches are worthy of your attention . . . and your money.
Question 1: How does the tech improve the group requesting it?
Many businesses receive countless technology requests from within. You and the finance team likely can’t approve every one of these, nor should you. The easy questions to ask are “does an employee want this software?” or “Will this software improve the employee’s situation?”, but those aren’t the right questions. Instead, ask “how will this piece of software improve this department or the whole company?”
This strategic question can help you prioritize your technology spend. Software A may very well improve life for that one person in sales, but if Software B realizes far more gains for a 30-person division, it ought to rank higher in the budget.
Question 2: Would this investment disrupt our existing IT deployments?
Sometimes blowing up the status quo is just what you need to succeed. Other times, though, wisdom is to leave well enough alone. If a new technology investment isn’t going to play well with your existing systems, you want to find this out before signing off on the purchase.
Neither internal requests nor external sales pitches are immune from this danger. Work with your technology teams to discover how a new investment will interface with your current system. Don’t spend the money until you’re convinced that the new tech will integrate into your current systems.
Question 3: Would this investment disrupt our workflow?
This is similar to question 2, but it focuses on the human component. A shiny new piece of software may well speed up Step 4 in a complex process in your business. Maybe it even cuts the time in half. Sometimes, though, there are trade-offs. You need to know if it’s going to make Steps 1 through 3 an absolute pain to complete, or whether it will add time to Steps 5 through 8.
Avoid facing an employee mutiny by fully vetting the impact the new technology will have on your current workflow. Be sure it’s a true net step forward before you commit.
Question 4: What are the returns on investment we will see by implementing?
With question 1 you’ve already established how the product will benefit one or more departments. Now, take it a step further and look at your ROI. How greatly will this investment increase sales? What estimate can you place on the productivity or quality-of-life gains? Is the cost worth the advantage you’ll gain over competitors? Answering questions like these gets you to a more specific understanding of the true worth of a proposed investment.
Conclusion
Navigating the new technologies available will always be a challenge for CFOs. By asking these 4 questions, you can prioritize your technology investments smartly.
