by Felicien | Jul 10, 2018 | Education
The Cloud offers quality, timely, and affordable services by doctors to their patients. It is a platform that enables users, in this case, doctors and patients, to have real-time consultations without necessarily having to go to the doctor’s office. This is made possible due to the Cloud features that are available on most devices with an internet connection. Your computer, your phone, or even a tablet is all you need.
Why healthcare providers have turned to the Cloud
The Cloud is a less expensive alternative because users don’t have to pay consultation fees to access the services of a doctor. It is faster because you can access the services online at any time 24/7. These services are becoming much more prevalent today because doctors and their patients lead such busy lives. In addition, Cloud services adhere to HIPAA regulations, so this protects both the patient and the doctor.
Providers are pressed with the need to reduce their operational costs. In today’s world, the cost of everything is rising, including employee wages and day-to-day expenses. More providers are moving toward offering Cloud services to cut back their expenditures and save time. Doctors can see more patients and they still get the quality care they deserve.
Patients seem to like the added convenience of having these kinds of treatment options available. Nowadays people are so much more involved in the management of their own healthcare. Using the Internet, it’s easy to check online for treatment of certain conditions. Though this can be helpful, it is also risky because there’s a lot of information out there and someone might get the wrong facts and make their condition worse.
Advantages of using the Cloud in healthcare
Cloud computing solutions are relatively cost-effective when compared with traditional IT costs. Using the Cloud, companies can choose a line of services that best suits their business needs. Even storage options are completely scalable. The Cloud offers automatic upgrades when new software and firmware becomes available. This type of flexibility is an attractive feature for most healthcare providers. When they sign up for the Cloud, they can select from a range of packages where services are bundled to save money.
Using the Cloud, millions of patient records and other data can be stored online where it’s accessible from any device or location. That gives clinicians many advantages over old-fashioned storage methods. From test results to pharmacy information, a doctor can consult with a specialist sharing things that can help to lead to a better diagnosis for his patients. Data can be shared in real time. This is much more effective than exchanging emails and phone calls with other doctors.
Disadvantages of using the Cloud
The Cloud relies heavily on the internet and downtime is a challenge associated with internet services. This will temporarily make information unavailable or take a longer time to gain access to the right records.
Bandwidth is another issue. If too many users are trying to access the same site at the same time, traffic may slow down. This can cripple accessibility.
Security is another major issue when you have your data stored on online platforms. Providers need to have multiple layers of security installed. Many doctors have gotten used to conferring with specialists while they’re on the move. Public broadband connections lack the security requirements of HIPAA. Though the Cloud is easy and convenient for a doctor and his staff, it’s very important to make sure that everyone knows the importance of security. You can’t access the network from unsecured public locations and many healthcare workers may not comply with Best Practices.
Services offered by Cloud
Basically, users can take advantage of various types of cloud services including private, public, and hybrid Clouds. The private cloud deals with an on-premises environment, where data is generated and stored within the network system of an organization. A public cloud is more or less the kind of data that is uploaded to an online platform and can be accessed by just anybody. Health facilities use the public cloud to upload medical resources such as medical articles, research statistics, and the likes. A hybrid Cloud offers both private and third-party cloud services. It’s like having the best of both worlds.
New WANs in Healthcare
A Wide Area Network (WAN) is another technology made up of multiple Local Area Networks (LANs) and the two are interconnected using a router or any other device that is multifunctional. Innovators in healthcare technology are trying to establish new WANs based on broadband connections supplemented by software overlays.
This is because broadband connections are cheaper when compared to private lines. The new innovation will enable providers to expand their bandwidth according to their needs and even allow them to use other kinds of connection technology such as wireless networking. Installing the new WANs will not affect the existing IT infrastructures. This will automatically help improve cloud services.
Wrap Up
Cloud services for the healthcare industry are trying to meet the immediate demands of both the providers and the users by offering access to IT resources such as greater storage options and more versatile applications. The best part of opting to go with cloud services is that the organization will not need to install or manage any software or hardware. Cloud services can be accessed from anywhere giving both the providers and healthcare users greater convenience.
by Felicien | Jul 9, 2018 | Education
Exactis Data Leak Reveals the Dangers of Less Efficient Security Measures around People’s Data
The new data leak at Exactis, a marketing and data-aggregation firm based in Florida, presents a great many opportunities for cybercriminals to launch any number of attacks on unsuspecting victims over the next several months.
Exactis, which collects loads of personal data on nearly every U.S. adult, recently leaked detailed information on both people and businesses in the country, according to an exposé by a security researcher.
The exact number of people that this breach has affected remains unknown, but reports indicate that about 340 million records were involved in the leak on the company’s publicly available server.
The Florida-based data aggregation company claims to be in possession of data on a whopping 218 million U.S. adults, including some 110 million households. It further has some 3.5 billion records (digital, consumer, and business records).
Exactis data leak a lesser threat?
Many potential victims may take comfort in the fact that Exactis does not collect people’s payment information such as credit or debit card data, nor their Social Security Numbers. The marketing firm is largely interested in personal information – including names, addresses, and other very basic and specific details about people’s private lives such as hobbies, religion, and individual preferences.
Additionally, unlike the Equifax data breach that involved massive loss of people’s payment information into the hands of cybercriminals, no evidence has come to light yet indicating that the leaked data on the Exactis server actually fell in the hands of anyone with malicious intent.
According to the individual who discovered the breach, Exactis has since taken protective measures to secure the data.
However, this is not a guarantee that there’s no need for alarm. There is no way to tell just how long the individuals who infiltrated the server might have stayed there undetected. Neither does anyone know the details of their exact intent nor the kind of information they might be interested in.
What is now public knowledge, however, is that the exposed information also included home addresses, email addresses, and phone numbers – which can be a time bomb in the hands of a bad actor.
What was the mistake that led to the Exactis server leak?
The data leak at Exactis was possible because the company left the information up on a public server without any protection around it. This way of storing information in the company left the massive collection exposed for anyone who cared to access and use it. There’s no denying how tempting something like this would be for a data thief, as the database had information about “pretty much every U.S. citizen in it.”
While Vinny Troia, the security expert who exposed this leak admits to not knowing where Exactis obtains all their data, he confirms that the database is truly one of the most comprehensive information resources available of its kind.
Should this data security breach and the numbers associated with it be anything to go by, it would be one of the most detrimental to hit the U.S. in a while. This data leak would beat 2017’s Equifax breach hands down. The Equifax breach has held the record as being one of the most devastating security data breaches to date. It affected the highest number of consumers – up to an estimated total of 145.5 million individuals.
What potential risks are victims of this breach are facing?
The damage is done, so what are the repercussions? What does this mean to the individuals and businesses whose details have been breached? What possible solutions do they have at their disposal?
Spam emails
Persons whose personal details are now out there can expect to receive streams of annoying spam emails in their inboxes.
If spammers got hold of someone’s personal information from the Exactis data leak, this would mean a fresh new list of email addresses to send unsolicited offers to. This class of cybercriminals makes money off signals such as website pop-up ad impressions or email response rates. Clicking on their unsolicited emails would be generating money for them without intending to.
Phishing attacks
A direr possibility, the data might fall into the hands of identity thieves. These criminals could use the email addresses obtained from the leaked collection to create any number of phishing schemes.
The consumers who have lost their personal information, therefore, run the risk of being targeted by phishing attack emails, which involve criminals impersonating legitimate senders attempting to trick them (unsuspecting recipients) into clicking malicious links in these emails. Clicking such malicious links would trigger the download of malware onto these victims’ computers.
Attackers may also trick these victims whose emails they (attackers) have gathered, into giving out some confidential and more valuable information such as usernames and passwords, credit card data, and even Social Security numbers.
Wrap up
Knowing what to expect is the first step in preparing for the consequences of this breach. At the end of the day, you must protect yourself. It is utterly important that you do not open any email that originates from an untrusted source. Better still, consider using a suitable email authentication service to protect you from interacting with malicious emails. Watch for phishing schemes—expect them to come to your inbox and be prepared. Don’t be fooled by emails that seem a bit too urgent. Cybercriminals always use fear to get you to click on their bad links.
by Felicien | Jul 6, 2018 | Education
ROI for Managed IT Services: Are You Reaping the Returns You Should Be?
When’s the last time you measured the ROI for your managed IT services?
No one needs to tell you how important technology is to your business – you live it and breathe it every day. If your technology isn’t playing the role it’s supposed to, team productivity and morale go out the window. So, it’s no surprise that partnering with a managed IT service provider is an investment worth making.
But rarely do we stop to wonder about the tangible return-on-investment (ROI) that a managed IT partner can offer an organization like yours. You know, the actual benefits and impacts to your bottom line that you can see. Sure, it helps to get annoying tech problems out of your hair, but the true ROI benefits that managed IT providers offer should be much more dynamic.
First Things First: When it Comes to Managed Services, What Exactly is ROI?
The tricky thing about managed services is that there is no ‘one-size-fits-all’ way to measure ROI benefits for businesses. Small businesses likely have much different service arrangements compared to medium or larger-sized businesses. However, when it comes to determining ROI for managed IT services, cost-efficiency and positive cash flow are benefits all businesses could make use of.
The ways managed service providers can help open cash-flow for your organization is countless. It all depends on how your managed IT service agreement is laid out and on the extent of services you require. However, despite the type of business you’re in or the size of your operation, managed IT service providers should always provide a positive impact on your bottom line.
The Basics: Here’s the Baseline ROI You Should Be Getting from Your Managed IT Provider
As mentioned, the relationship that each business has with their managed IT partner will vary. Not every company or organization needs the same amount or type of IT support and service. Some larger entities will have dynamic network monitoring services and regular strategic sessions. Other, smaller entities will perhaps rely on more basic management and troubleshooting services.
However, no matter the size or nature of the organization, there are some basic managed IT ROI benefits that professionals should be receiving. At the end of the day, an IT investment should ensure that technology is making the lives of your team easier, more secure, and ready for growth.
Check out these basic ROI benefits that your managed IT partner should be guaranteed:
Streamlined Efficiency
Downtime is perhaps the most common and notorious money sucker that plagues the business world. It may sound cliché, but time really is money. If your team is stuck dealing with tech delays and old equipment, valuable minutes and hours of the work day are flying right out your office window.
A managed IT service partner should offer dynamic support and strategic planning that helps streamline processes and boosts productivity in your office. Technology should always be working in your corner – helping you and your team get work done faster and simpler than ever before. A good managed IT partner will ensure that your IT infrastructure is minimizing downtime and maintaining a healthy workflow during business hours.
Security & Peace of Mind
Another huge threat to your bottom line? Cybercriminals stealing data and demanding outrageous ransoms for the encrypted goods. Even worse, potential internal threats like disgruntled or untrustworthy employees looking to get their hands on company funds or information without authorization.
In an increasingly digital workforce, internal and external security threats must be considered seriously. A reliable and strategic IT partner will have a detailed security plan that seeks to cover your organization at all endpoints. Your managed IT provider should be offering you consistent security support and peace of mind that your network is sufficiently monitored and secured.
Scalability
One of the most important – but often overlooked – ROI benefits for managed IT services is scalability. Business today changes rapidly and organizations must be able to keep up – not only with changing conditions but with developing technology as well.
You and your team are busy enough trying to stay on top of your own industry trends. Your managed IT partner should be proactively managing your tech development. Whether your business grows or downsizes, a good IT partner is one step ahead of the game, prepared to modify your IT infrastructure as needed. This kind of support means you have a partner for the long-term – a dedicated IT expert willing to ride the waves with you.
The Extras: Managed IT ROI Benefits You May Have Overlooked
So, we’ve covered the basic ROI that your managed IT provider should be offering you regularly. However, there are other ways your IT partner can have a positive impact on your bottom line. Sometimes it’s the little things we overlook the most. However, the little changes that a managed service provider implements really do add up over time.
Check out these additional ways that a managed IT service provider offers real-life ROI:
Going Green
Saving costs on paper and energy aren’t just good for you – it’s good for the planet. A good managed IT provider is going to ensure that your technology is set up to use as little paper as possible and will ensure energy waste is kept to a minimum. By keeping your energy and paper waste low, your bottom line will definitely see some operational relief.
CapEx vs OpEx
Another great benefit that a managed service provider can offer is a huge decrease in tech investment. Businesses are able to rent equipment directly from providers instead of making huge upfront investments on their own devices. This allows organizations to transfer IT spending from Capital Expenses (CapEx) to Operational Expenses (OpEx). Making this switch means your company can reap big tax deductions to boost ROI.
Team Building/Empowerment
Perhaps the most valuable benefit that managed IT providers offer is the bonus of having a knowledgeable expert in your corner. Not only does it help to have someone to call upon – it’s priceless to have someone teaching you to be your own expert.
A good IT partner is going to pass on as much expertise to you and your team as possible. Think of it as cost-free training! Encouraging and empowering your team means they’ll feel more confident to use technology efficiently and effectively. A morale boost like that can only have positive impacts on your bottom line.
Taking Charge: Don’t Be Afraid to Talk ROI with Your Provider
At the end of the day, the best way to get a concrete idea of your managed IT ROI is to have an open and honest conversation with your current or potential provider. A good and worthwhile provider is going to want you to understand all the benefits you’re getting from the investment. Hold them accountable and have them offer a detailed explanation of how you’ll benefit from this investment.
Tech support is pretty much a non-negotiable investment these days. However, it doesn’t have to be an investment that you stress about or lose anything from. In fact, as we’ve mentioned, establishing a strong IT partnership should positively impact your cost/profit margins. Take the time to understand what you’re looking for from an IT provider and talk with them transparently about what you expect to see in return. You’ll be surprised how much ROI the right managed IT provider can offer!
by Felicien | Jul 6, 2018 | Education
Pricing Out a Managed IT Services Plan: What You Need To Know?
Developing a cost-effective and customized price plan for managed IT services
It’s no surprise that any modern business is – to some degree – dependent on technology. No matter what kind of devices your organization uses or the kind of work your organization does, making sure your technology is up and running to support operations is critical. Even more critical? Determining the right kind of IT support to match organizational needs and determining the right price to pay for it.
Like with any other managed service, pricing out IT support services must reflect the unique needs and realities of each business. There really is no ‘one-size-fits-all’ managed IT price plan. Professionals looking to price out managed IT services need to adopt an informed and proactive approach. Don’t wait until a disaster happens to start pricing out managed IT support. The first step is determining what you need – and that means taking a detailed IT inventory.
Strategic Spending: How Taking a Tech Inventory Will Help You Price Out Managed IT
When you go to the grocery store, it’s common practice to make a list. Otherwise, you find yourself wandering the aisles, unsure of what needs to be stocked up at home. You end up getting home with a big full of things you didn’t need and realize you forgot some of the main items you went to the store for. It sounds simplistic, but pricing out your managed IT service plan should follow the same logic
You don’t want to dive headlong into pricing out a provider before you know exactly what you need. How many computers and devices does your company use? Do they all need to be monitored? What about software and hardware updates – is your organization behind the times and in need of rejuvenation? Do you need round-the-clock support or are you looking for help on an as-needed basis?
Asking yourself these questions will make pricing out managed IT services much easier. Even better? It will help ensure that you don’t end up with a wealth of services and features that you don’t need or that don’t apply to you. This way, when you meet with providers, you’ll be armed with a clear idea of what’s required and what isn’t. Being proactive and thorough is the best way to start a transparent and productive pricing conversation with potential providers.
Comparing Existing Models: Understanding the Pros and Cons of Each
Once you understand the extent and type of IT support services you require, exploring the existing pricing models is a great next step. There are five main pricing models that organizations choose from. Each has its own benefits and drawbacks. However, the ultimate usefulness of each will vary based on the needs of different organizations.
Let’s explore some of the leading managed IT service pricing models:
Per-Device/Per-User
The per-device or per-user pricing models are celebrated for their flexibility and simplicity. On the per-device model, you pay a flat rate for a device that is supported and monitored by the IT partner, including desktops, laptops, servers, smartphones, tablets, etc. Per-device models are attractive in that they offer the easy adding or removing of devices as needed. However, it’s a good idea to do some research and ensure the per-device rate you’ve been offered is set appropriately based on market realities.
On the per-user device model, a flat rate is issued for each user or employee at your organization – no matter how many or what kind of devices each person uses. Per-user pricing models are attractive because they simplify the billing process. However, if your user base is continually growing and each user is starting to use two or three devices each, keep in mind that your managed IT partner may want to revisit cost-margin considerations.
Value-Based Flat Fee
Flat-fee, value-based pricing models are becoming more and more popular in the managed service sector. Often referred to as ‘cake’ pricing, the value-based model offers organizations ‘full-service’ coverage instead of separated and specialized components. On this model, you truly do ‘buy the cake’ rather than the ingredients you need to make it. Value-based pricing models are great options for SMBs since the model offers wide-spread, comprehensive coverage and services.
Under the value-based pricing model, your managed IT partner essentially takes on the role of your outsourced IT department. They take care of everything for a singular flat rate. Keep in mind though, that if you select this option, you must trust your managed IT partner to cover all your bases and provide adequate full-scope coverage as your IT needs evolve.
Tiered
Under the tiered pricing model, managed service providers offer a variety of service packages, ranked using levels like Bronze, Silver, Gold, and Platinum. Each tier includes a specified range of services and support. This makes it easy for business owners to check out the specs of each package and choose one that is both cost-effective and tailored to their specific needs.
Do keep in mind, however, that sometimes service packages will contain some things you need and some you may not. While its possible, pre-established tiered service packages may not always be a flawless fit with your needs and budget parameters. When using this model, its best to select the service tier that gives you as much relevant support as possible while staying inside your cost margins. This way you’ll avoid investing in services or fancy solutions that you don’t want or need.
A-la-carte
The a-la-carte pricing model works just as it sounds. You’re able to build-your-own service plan based on the supports and solutions that you require and nothing more. This is perhaps the most celebrated model as it offers maximum flexibility and customization for organizations.
However, when using an a-la-carte pricing model, it’s a great idea to consult with a third-party expert to ensure you have all your bases covered. The last thing you want is to draw up a service agreement, thinking you’ve thought of everything, only to find out later that you’re missing critical supports and services. Also, be sure to discuss scalability with your provider when using an a-la-carte model. Your needs now may change over time as your business develops. Be sure to have the future in mind and make sure your managed service provider does too.
All-inclusive
Finally, the all-inclusive model offers a flat-fee for all services. This model truly focuses on providing the ‘whole-package’ and a total service experience for one, fixed cost. Instead of offering different tiers or ‘build-your-own’ options, the full-service, all-inclusive option seeks to be one-size-fits-all support solution applicable to any business.
This is an attractive model for business owners who don’t want to get lost in the nuts and bolts of their IT support – they just want to be supported and have their technology to work consistently. However, though tempting, the budget conscious should keep in mind that the “all or nothing approach” can come with the heftiest price tag.
Setting Priorities: The Features and Services Your Price Plan Should Prioritize
When it comes down to it, your managed IT price plan should be a guidebook for how you’re going to make the most out of your IT support investment. Of course, you want to get as many features as possible for the best price. However, the bottom line is, budgets are often tight and getting the enterprise-level, full-service IT experience may not always be a financial possibility. So, while it’s important to make the most of your investment, it’s critical that at the very least, your IT support partner is offering you some very basic ROI benefits.
No matter your needs or the model you choose, your managed IT price plan should include these three features as priorities:
Security
It’s no secret that today’s cybersecurity climate is more complex and hostile than ever before. With more devices in the workforce and more sophisticated cybercriminals waiting in the shadows, the risks to your business data can seem overwhelming.
When pricing out a managed IT plan, security and peace of mind should be on the top of your priority list. No matter the model you choose, your price plan should include specific mention of reliable and dynamic security services and solutions.
Scalability
The nature of business today is rather unpredictable. Your business could be small one month and growing rapidly in the next. Or, you could start big and have to scale back certain areas of your business as things change. No matter the type of business you’re in, change is inevitable.
So, when developing a pricing model for managed IT services, organizations should put a deliberate focus on scalability. The IT partner you choose to invest with should offer concrete ideas regarding how your service plan will grow and evolve with you as your business does.
Streamlining
Technology should make your life easier, not harder. The operations at your organization should be improved and supported by your IT support. Smart and supportive IT solutions will help streamline even the most basic processes in your office.
When developing a managed IT price plan, be sure to emphasize to potential partners that you’re looking to make things work seamlessly. A thorough managed IT price plan will include specific details on how services provided will improve operational efficiency.
Finalizing Your Managed IT Price Plan: Use a Guide, But Trust Your Gut
At the end of the day, you are your own best expert when it comes to developing a managed IT price plan. Only you know what you’re willing or able to spend and only you and your team know what kind of support is most important. So, the best advice we can give is to use these suggestions as a guide, but trust your gut to know when an investment is worth making
As mentioned, take the time to understand what your organization truly needs when it comes to IT support and service. Create an inventory, explore the different models, and choose a solution that makes the most sense for your team and your organization as a whole. Going in with an informed and proactive mindset will be half the battle in pricing out a strategic IT support plan.
Finally, once you’ve done the leg-work, don’t hesitate to reach out to an IT professional for consultation and guidance. Don’t leave it up to the IT pros to price out a plan for you, but do feel comfortable asking questions and getting feedback. A combination of your own insight and expert advice will help you develop a managed IT price plan with major ROI potential.
by Felicien | Jul 6, 2018 | Education
Is Your Organization Protected Against These IoT Exploit Risks?
In a changing digital environment, is your business keeping up with risk management?
The modern workforce is more connected and dynamic than ever before. Digital communication continues to dominate the way businesses get work done. This digital transformation has helped professionals of all kinds make huge strides to get work done faster and from anywhere. Additionally, the Internet of Things (IOT) has made office management and operational efficiency easier than ever.
However, this transformation has come increased risk. In order to provide anywhere, anytime access to business data, organizations are using more devices and in turn, have created more access points to their company networks. Though employees may be able to work from anywhere and through office operations are streamlined, the risks to IT security have undoubtedly increased.
Increased access and IoT streamlining are amazing technological developments that organizations should definitely be taking advantage of. However, with increased access points comes increased risk of cyber attacks of all kinds. In this new age of increasing connection, organizations would be smart to get informed about IoT risks and develop proactive strategies for patching holes and addressing vulnerabilities.
Defining IoT: What is The Internet of Things?
First things first, some may be wondering: what in the world is the “Internet of Things” (IoT). Though it may sound like part of a futuristic sci-fi movie, it actually involves the process of connecting and integrating everyday objects such as tech devices on internet networks. IoT involves the various range of devices that can now be connected to a business network and integrated with other connected devices.
Computers, smartphones, tablets– these are the obvious ones that most businesses use and rely on daily. However, IoT involves a much more expansive range of devices from all corners of an organizations operations. That SmartTV or SmartBoard in your conference room? The new, digital thermostats that allow you to remotely control the office temperature? Your security cameras or digital lock system? All of these modern devices represent access points that leave you vulnerable to cyber invasion.
Securing an IoT Network: Considerations and Challenges
So, with such an expansive network of potential access, security in the IoT age must be a top priority for businesses and organizations of all kinds. Gone are the days of simple firewalls and password protocols. While these things are still critically important, IT security strategies must be much more sophisticated if they’re to stand a chance against increased cyber risk.
Without a strategic and proactive approach to IoT security, your organization can and will be left open to threats you never would have considered. For instance, consider the case of the high-profile casino whose network was hacked via a fish tank thermostat! Yes, that sort of thing is now possible and hackers are taking every opportunity to break through the weakest security areas and wreak havoc in your network.
However, there’s no denying that trying to lock down and manage a growing number of network access points is no easy task. This is especially difficult when more and more businesses are greenlighting bring-your-own-device (BYOD) models. Each of these is another access point where cybercriminals can now infiltrate your computer network.
The only way to get a handle on more proactive and all-encompassing network security is to take inventory of all the access points you need to protect. This will include the basics, like company-owned computers and phones, but should also include the wider range of devices used in your office including thermostats, security systems, employee and visitor devices, etc.
The IoT Exploits You Haven’t Considered: Securing Your Digital Headquarters from All Angles
For context, let’s break down some of the key weak spots that are often missed as business professionals attempt to secure their networks. Take a minute to think. Can you think of all the potential devices or access points that exist in relation to your company network? Our guess is that even if you can, you may be missing some. Further, even if you can think of them all, can you say for sure that each access point is completely monitored and secured?
Check out these leading IoT exploits that could be keeping your organization vulnerable:
Tablets
Tablets have revolutionized the computer in the business space. They’re portable, convenient, and can be used for a variety of purposes. Many employees bring them to meetings for taking notes. More and more, organizations are relying on tablets to help them get work done faster and more efficiently.
Tablets can be found in conference rooms, emergency rooms, and in the briefcases of remote workers. Often, tablets function as a mission control port from which audio-visual systems can be controlled or team meetings can be logged and recorded. However, though tablets have become second nature, their connection to your network make them ports for potential cyber invasion.
If your organization uses tablets, you must treat them like any other computer in the office. Their use should be subject to access control and their connection to the larger network should be secured. This means tablets should be subject to monitoring in the same way that computers and smartphones are. If a device is connected to your network, it must be considered a potential open-door for cybercriminals.
SmartTVs
Speaking of conference rooms, SmartTVs and SmartBoards are quickly replacing the AV equipment of the past. Sleek presentations can be displayed on these devices in hopes of making business meetings more interactive, integrated, and engaging. This has been a great boardroom improvement; however, the increased risk must not be ignored.
SmartTVs are connected to your company network and often have a connection to the public internet for easy searching and browsing. Even worse? SmartTVs are notorious for having less-than-ideal security protocols. This can leave a gaping hole in an organization’s network security. In fact, there have been cases of SmartTV malware hacks where the infected TV attempts to infect any connected device in its range. This can have catastrophic effects for your network.
So, be sure to include all your organization’s ‘smart’ devices in your security inventory. If you rely on a SmartTV for regular meetings or use a SmartBoard to upload company data to the network, these devices must be secured. The last thing you want is a cybercriminal listening in on company meetings or holding your network hostage thanks to an unsecured SmartTV.
Security Cameras
Organizations of all shapes and sizes rely on security monitoring to keep a constant eye on company property and office space. In the spirit of the digital transformation, most security cameras are now IP-based and are connected to company internet networks. They’re cost-effective and offer Cloud-storage and web-streaming features.
Security cameras are supposed to help keep your organization safe, right? That’s obvious. However, these digital security cameras present a unique problem. Because the security feeds can be accessed via the web, they’re easy prey for malicious hackers. Countless stories have hit recent headlines about hacks on company webcams or security cameras that allowed remote spying.
Even worse, some hackers are attempting to infect the camera itself in hopes of getting inside the network to cause trouble. Just like with the SmartTV, security cameras can be hacked and infected with malware. The infection can spread to other connected and in-range devices. This could be devastating for your organization.
If your company relies on a digital security monitoring system, be sure to give it the top-notch security it deserves. The ease and peace of mind offered by anytime access to your security feed are tempting. However, if you’re going to take this approach, you must make sure these endpoints are secured and reserved for your eyes only.
Healthcare Devices
It must be noted that the corporate business world isn’t the only place where IoT devices are dominating. The healthcare sector is evolving, adopting more and more digitized healthcare devices than ever before.
X-ray and MRI machinery are continually becoming digitally connected. Electronic Medical Record (EMR) software is changing the way patient data is stored and shared. Heart-rate monitors and fitness trackers are personal health devices that can connect to networks wherever they go. In fact, most healthcare environments have a 10-1 ratio of IoT devices to computers – meaning that IoT attacks are much more likely in the healthcare setting.
Even worse? Many of these healthcare IoT devices run on old or outdated versions of Windows, making them more vulnerable to new and worsening cyber threats. With outdated operating systems, patches and loophole fixes are harder to implement. This means that critical healthcare devices like MRI machines can be subject to widespread attacks like the 2017 WannaCry hack.
For healthcare professionals, ensuring that devices are secure can be a huge challenge. Especially when considering the heavy weight of patient confidentiality and regulatory standards. Healthcare professionals and their IT teams must be consistent and diligent in their efforts to control access and secure IoT devices.
Unauthorized Network Bridge
Take a second to think about the day-to-day operations in your office. You likely use a printer semi-regularly and its likely set up wirelessly over Wi-Fi or Bluetooth. This is a no-brainer for most modern businesses as it makes it more convenient for anyone on the team to access printing services anytime, without requiring a physical connection to the network.
However, as is the trend with IoT, often it’s the things that make life easier that also open your organization to increased risk. Printers are especially dangerous because many larger entities have a huge number of printers wirelessly connected to the broader network. This leaves a massive security hole and offers the potential for any in-range device to use the printer as an unauthorized network bridge.
So, while your company printers may seem like the last thing you need to worry about in terms of network security, think again. To patch these security holes, make sure that each printer in your office is a monitored and secured device among all other network devices.
Protection of Gas Distribution Facilities
Okay. We’ve covered business and healthcare, but what about the increasing digital transformation in the manufacturing and utility industries? Industrial IoT is continuing to drive efficiency in these sectors. Using connected devices like sensors, valves, and other control mechanisms make remote control easier and optimize production.
However, these devices are very enticing to hackers and cybercriminals. And, given the nature of the work these industries do, the potential impacts from hacks on connected devices can be devastating and even fatal. Manufacturing and utilities do not make IoT security a priority and these devices were not designed with security in mind. As such, the manufacturing devices are difficult to patch and update, meaning even greater risk for the organizations using them daily.
In order for manufacturing professionals to prevent deadly hacks or mischief, these IoT devices must be secured at all endpoints. A good rule of thumb for manufacturers is to give every device a second glance. In fast-moving industries that have been subject to wide-spread digitization, analyzing all the technology in use and making sure everything is adequately secured is critical to larger network security.
Rogue Network Stealing Credentials
Finally, the modern office is subject to one wide-reaching risk. Most organizations these days – especially those with public spaces – are equipped with multiple wireless access points for user connection. Additionally, many modern devices are designed to connect automatically to the closest and best available network. Further, when faced with choosing a network, wireless users will usually opt for the strongest looking connection.
Sophisticated cybercriminals have learned to exploit this wireless activity by creating phony wireless access points in hopes of duping users into connecting. This offers hackers the opportunity to invade connected devices and get their hands on confidential data and user credentials.
If your organization offers access to a wireless network, be wary of this potential spoofing tactic. Do whatever you can to secure your wireless network and create a guest connection for visiting users who don’t need access to your larger network. Be open and honest with your team about wireless connection protocols and train them to be vigilant when connecting to wireless networks on business devices.
Navigating the New Cyber Landscape: Security for Today’s Digital Environments
There’s no denying this is a lot of information to take in and it represents some critical security concerns for you to consider. We get it! All this information can be seriously overwhelming, especially with new devices and tech developments happening at lightning speed. However, as challenging as it may seem, it doesn’t have to be impossible or daunting.
As mentioned, the key is keeping a detailed inventory of what devices are connected to your network and maintaining a record of all access points. Additionally, your organization should have key policies and procedures in place regarding network security and access control management.
Clearly posted expectations for employees is imperative, as is ongoing training for them. Employees must be reminded often of the importance of maintaining the security of your organization. Stay on top of employee training. Make sure your team understands the significance of securing the company network at all endpoints. It’s especially important to provide training for your staff in higher positions, such as managers, supervisors … even those in the boardroom.
Make it a priority to develop a plan for staying on top of the continually evolving digital business climate. Being proactive and consistent will help ensure that your organization stays alert and up-to-date when it comes to risk management.
Finally, when in doubt, reach out to a managed IT services partner for consultation and guidance about navigating the IoT landscape and managing risks with efficiency and focus. IT security concerns can seem much less daunting with the experience and expertise of an industry professional in your corner.
by Felicien | Jul 6, 2018 | Education
Customer Data Safe Even as CareSync Shuts Down, Laying Off All Employees
It is the end of the road for a promising tech startup CareSync following the discontinuation of the company’s operations on June 21, 2018. As cybersecurity enthusiasts, what lessons can we learn from the way CareSync is handling customer data at this far end of its 7 years of service?
What happened?
It all started with the departure of CareSync founder and CEO Travis Bond that came without warning. Several rounds of layoffs followed – the company was downsizing to avert an imminent course to its deathbed, but this yielded little success.
A ray of hope
In an attempt to salvage the sinking company and restore its financial footing, the interim CEO Bob Crutchfield agreed to sell the tech firm to Shipt, a grocery delivery company. Shipt founder Bill Smith and his family would buy and fully own the company. It looked like the deal would move forward in what he (Smith) termed as a “very significant financial commitment to the company… to build this company for the long-term.”
Failed rescue mission
This deal flopped, according to information from both CareSync and Shipt. “After 7 years of working tirelessly and closely with our stakeholders to deliver best-in-class chronic care management products and services, CareSync has discontinued its business operations and closed its facilities in Tampa and Wauchula, Florida.” This statement was posted on the CareSync.com website June 21, 2018.
Statements from CareSync revealed that its leadership had made their best efforts to find strategic partners and raise the much-needed extra capital that would help keep the tech startup on is feet. However, these attempts were ultimately unsuccessful – partly due to time constraints, according to the CEO of Shipt.
“A syndicate of investors, including the Smith Family Office, had intentions to acquire CareSync,” Smith said in a statement. “We were hopeful that our support could save the company and would ultimately lead to a successful outcome for everyone involved, including the employees.” He added this: “Unfortunately, the company ran out of time.”
CareSync chief operating officer Joy Powell confirmed this unfortunate turn of events in a final statement that accompanied the filing of a Worker Adjustment and Retraining Notification to the state of Florida. The contents of this notification indicated that all of the company’s 292 employees were being laid off as of Thursday, June 21.
With these announcements, the IT operations that had helped enterprise customers with the management of their medical records for seven years came to a screeching halt. CareSync, which became operational sometime in 2011 and combined technology with data and other services to improve people’s care coordination, would no longer serve these patients who had depended on them.
The Florida-based healthcare technology provider ended all business operations and closed its doors to a huge community of customers following the unsuccessful attempt at selling the company as a last-minute resort to prevent it from shutting down.
The company’s main phone line would then stop accepting calls, with a prerecorded message explaining the situation to callers. In the process, the defunct tech firm provided its former Medicare clients with an online platform to help them keep all of their medical records, appointments, and prescription schedules in a single place. Its message also indicated that the patient portal would remain operational for some time.
Not everything is lost
If CareSync’s assurance is anything to go by, the consumer data in its possession will remain safely protected within its servers and accessible to its members and customers. Apparently, the tech company had taken the necessary security measures around this data to keep it safe even as the company came to a complete shutdown and ceased all operations.
People have questions though – and justly so.
What will happen over the coming weeks or months? Who will be managing the patient portal that has remained accessible to customers and shareholders?
Will it remain secure for the long run? Does CareSync intend to invest additional resources in their cybersecurity software now that their IT solutions are no longer available? And what guarantees do the people whose data is at stake have?
Now that this closure is public knowledge, could hackers take advantage of the situation and start targeting the data stored in this patient portal?
These are all tough questions and it may be difficult to get the answers that consumers are looking for. No one wants to think that their personal information and medical history is out there in cyberspace where criminals could steal it. Unfortunately, CareSync has run out of money and may not be able to provide the excellent cyber security protection that their former customers deserve.
Conclusion
When choosing any tech solutions provider, be sure to do your homework to be certain that you are working with the right people. What is their technology like? What is their track record? What measures are they putting in place to ensure the complete safety of your data? Only after you get the right answers to these concerns should you allow yourself to settle for their service – but not a minute before.
