6 Cyber Security Must-Haves for Remote Work

6 Cyber Security Must-Haves for Remote Work

The quick transition to remote work that many companies have had to make has revealed security risks that IT professionals are not able to monitor or correct as closely as they would be able to when employees work in-house. To mitigate these risks and protect data, employees will need to follow security best practices and abide by the requests made by IT. Fortunately, skills and security measures like the following that employees will need during these times help not only their employers in the present but protect them from personal security risks in the future. 

Secure Wi-Fi

The convenience provided by an open wireless network doesn’t mitigate the risk of sensitive data falling into the wrong hands, and this applies to personal financial information as much as it does to data relating to work. Employees will need to secure their home wireless networks with the most advanced protection available to them. Users should also have the latest firmware.

Encrypted Traffic

IT departments can consider a virtual private network, or VPN, on top of secured wireless networks to encrypt all traffic data. There are downsides to VPNs, however, including slower connection speeds. Some users may not like that their employer can monitor their network usage with a VPN, either.

Phishing Prevention

It doesn’t matter if a company uses the most advanced security software or the most impenetrable hardware if the user is the weak point. Employees should undergo training to detect and avoid phishing scams and their various modes — phone, text, and email —  before working remotely, even if they’ve already issued this training in the past.  All it takes is a careless click to give access to a user’s login information.

Fortunately, modern security software can even warn about potential phishing attacks.

Smart Password Usage

Not only is it risky to use the same password and username for multiple websites, but choosing simple passwords that are easy to crack also puts a user at risk. Because users won’t necessarily opt for best practices such as strong passwords that they periodically change, companies should ensure that their software systems require these password security measures and even use password managers to generate and store strong passwords. Businesses should also encourage two-factor authentication, which requires that users enter a second code that is typically sent via email or text, to log in.

Company-Issues Devices

Many of the risks listed above can be minimized when a company issues devices that prevent unauthorized changes and have the appropriate software installed so that employees have all the resources necessary to complete their jobs. Sending employees home with company devices keeps sensitive data away from personal devices, which may be less secure and more likely to be compromised, and companies can install enterprise-level security software to prevent malware and phishing attacks. 

If this is not possible, companies should set standards for which devices can be used, including software and hardware requirements, to ensure the devices being used are as secure as possible and to avoid the risk of “shadow backups” to personal cloud storage accounts.

Data Backup

Assuming that users abide by security best practices and a company’s software is set up securely, there is always the risk of hard drive or another mechanical failure, which is why a company must have a plan in place to back up data. Many companies opt for cloud storage, a solution that is especially useful when the office is inaccessible; however, some choose physical servers that their IT team members maintain themselves. 

Companies that want to increase security measures for remote workers or ensure that their systems are secure enough for telecommuting can contact us for a cybersecurity analysis.

3 Critical Services Your Current IT Support Is Missing

3 Critical Services Your Current IT Support Is Missing

It’s always fun for IT guys to see people in the financial industry marvel at Bitcoins and their fluctuations. Here in IT, fluctuation and change are the norm.  A significant service can be a lifesaver now but give it a few years, and it will be completely null.

Herein lies the problem. In IT, things change fast, and businesses that don’t adapt to these changes are flushed down the toilet. This is why choosing an IT Support is a daunting task. The service spectrum is broad, and needs are always changing, and it’s always difficult to tell if your IT service provider is providing you with the best services, or leaving some vital things out of their checklist.

Your IT service provider may be missing the following boxes on their service provision checklist:

Cloud Cost Optimization

The internet always seems free for everyone except for IT firms. Your internet provider may be intentionally or unintentionally, making you pay way more to the Cloud Service Providers than you should. Statistics show that most companies spend about 36% more than they should be paying to their Cloud Service Providers such as AWS.

Most IT businesses lose out on massive savings by outsourcing their Cloud Management to IT Service Providers who overlook cost optimization. To these providers, just getting you to the cloud is an accomplishment, even if your business has to spend fortunes to use it.

There are a plethora of actions your MSP should be undertaking to cut your cloud costs significantly. Your IT service provider should be:

  • Using or be heavily invested in Cloud analytics
  • Integration of Auto Scaling To reduce costs
  • Using AWS cost optimization tools
  • Power Utilization Practices such as Power schedules
  • Right-Sizing Of Computing Services
  • Use of Spot instances when necessary

Contingency Plans and Security

Once you have outsourced most of your IT service requirements to an IT firm, the security and safety of your data and the customer’s data becomes a priority. The two most essential things in security are contingency plans and constant improvement. Though most MSPs invest heavily in security, very few offer “Plan Bs” when the ceiling caves. Failure to plan, in IT more than any other industry, is planning to fail.

  • Your MSP should have:
  • Clearly laid out Disaster Recovery Plans
  • Insurance in case of a Cyber Attack
  • Extensive and Secure Backups for your data

In terms of constant improvement, your IT service Provider’s security plan should always be evolving. Security in IT is not a destination but a journey. Malware is continuously changing and improving, and so should your IT providers Security Plans. Your IT provider should be keeping up with the following cybersecurity and malware trends:

  • Increase in instances of Ransomware
  • Third-party Cryptomining
  • State-sponsored cyber attacks
  • Artificial intelligence in cyber terrorism

Regulatory Compliance

For years now, it was assumed that the web and IT were beyond regulation. Well, the amount of regulation in IT has significantly increased for two fundamental reasons. Governments and regulators have spent the past few years catching up. Also, the rise of IT and its growth has seen IT expand into uncharted territory and industries increasing its influence. This has called for more regulation.

Navigating the regulatory landscape is an essential service your MSP needs to offer. Some of the past, present and future regulations that have been lorded over the IT industry include:

  • The General Data Protection Regulation (GDPR) in the European Union
  • Consumer Privacy Act in California (CCAP)
  • The Biometric Data Law in Illinois
  • Consumer Online Privacy Right Act(proposed Bill)
  • Children’s Online Privacy Protection Act (COPPA)
  • To show how a lack of regulatory compliance can cost a business and how fast the regulatory climate is changing, YouTube was recently fined $170 million for violating the COPPA regulations.

Regulation in itself is a noble idea, but it may lead to massive losses in money and time if neglected. Your IT provider has the responsibility of preparing you for future regulations and how they will affect your business. Your IT provider should be able to

  • Extrapolate your current investments and plans to see if they will be legally viable in the next ten years or so.
  • Align the services they offer to ensure that they comply with present and possibly future regulation.
  • Assure the privacy of your IT firm and the data of your customers and staff.

Though it’s true that the IT climate is always changing, we here at 4 Corner IT have always been changing with it. For any inquiries about IT and Custom solutions on your IT needs, contact us and let us be part of your story.

Backup Data Offsite to Thwart Cyber Criminals

Backup Data Offsite to Thwart Cyber Criminals

Time and time again, managed service providers have stressed the importance of completing regular data backups, even for very small businesses. As even these small businesses have come to rely on their data more and more, most companies do understand why backing up their data is a very smart move on their part. Unfortunately cyber criminals are always on the lookout for additional targets and they do seem to target businesses much more than simple personal users. While performing regular backups is still a must, it’s important to discuss one additional aspect of backing up data that can make or break a company if the worst should happen and they become a target of a cyber thief.

Onsite Backups

If a company never encounters a threat from a cyber criminal, an onsite backup would still be an invaluable asset to have in the event of equipment failure or some other internal failure. All a company would have to do is restore their most recent backup, check for any issues, and once given the all clear sign, employees could continue their work.

The problem with onsite backups is that once a cyber criminal gains access to a company’s network, they likely can gain access to their onsite backup as well. In the case of a ransomware attack, a cyber criminal could hold the data of an entire company hostage, including their onsite backup. Either the company pays the ransom or they face potentially losing all their vital business data.

Offsite Backups

The above scenario is precisely why service providers not only encourage regular backups, but they also encourage companies to store a copy of their backups in an offsite location. As everyone becomes more dependent upon their business data to function, it’s a perpetual race to see whether the cyber criminals will take advantage of vulnerable institutions, or whether companies will start taking their business data seriously and take concrete steps to protect this vital asset.

If you would like to know more about establishing an offsite location for your data backups, please contact us.

Business Continuity – One of the Keys to Maintaining Success

Business Continuity - One of the Keys to Maintaining Success
Maintaining Success

In a global world, a company may find themselves competing with organizations, not just around the block or in another state, but perhaps with other businesses halfway across the globe. With more competition than ever, no reputable company wants to gain a fly-by-night reputation with the public. This is where focusing on business continuity comes into play. What does an organization need to do to cultivate a reputation that says they are reliable, trustworthy, and committed to fulfilling the needs and goals of its customers?

Understanding what contributes to the steadfastness of an organization can make the difference between being a company that quickly rose to the top, (and failed just as quickly), and is a company that truly earned its solid reputation.

Why Resiliency Matters

When the business climate is doing well, it’s relatively easy to rise to the top, perhaps even becoming a star performer. What often separates the wheat from the chaff is when there is a downturn in the economy or a business finds themselves in the middle of a natural disaster. Those who enjoyed success only on a superficial level often find their company’s reputation is in tatters, or perhaps the business simply folded altogether.

In contrast, organizations who incorporated the concepts of business continuity and resilience into their overall business plan may very well take some hits, but ultimately they will persevere through the down times because they used the right building blocks to create their foundation.

IT Providers – A Key Building Block

With today’s heavy reliance on information technology, any business that wants to ensure the resiliency and continuity of their organization must understand that selecting the right provider is one of the key building blocks for success. A successful business absolutely does need continuity in their information services in order to consistently provide the highest level of service to their customers.

It’s very important to find a provider who is not only reliable when business operations are running smoothly, but they are also ready to provide seamless support for your company if a less than desirable event should occur.

If you would like to know more about our commitment to providing outstanding reliable IT support, please contact us.

Backup for Small Business: Four Important Things to Think About

Backup for Small Business: Four Important Things to Think About

Sometimes it takes a disastrous cyber attack to remind businesses how important it is to back up data. Backup for small business is always important.

Backup for Small Business

A recent article from Small Business Trends, for example, mentions how ransomware has opened up discussions on the need for backups.

Keep in mind that backups are helpful not only for cyber attacks; they’ll save you from other disasters or problems as well. If a major storm hits your area, causing a power surge or outage that wipes out some of your data, you’ll have backups to retrieve and work off of. If an employee accidentally deletes a critical file, you’ll be able to restore the original.

What should small businesses consider when coming up with a data backup plan?

There are a wide variety of data backup solutions available. Not all of them will work well for your business or your data. When coming up with a data backup plan, consider the following points:

  1. Your main risks. How are you most likely to lose data? What kinds of disasters are you most vulnerable to? Answering these questions helps you choose the best kinds of data backup solutions for your business – file-level vs. image-based, cloud vs. local vs. hybrid solutions.
  2. Your most important data. Consider the data and applications that are critical to your business’s functioning and success. For them, you want the quickest restoration possible to avoid costly downtime and permanent losses. You want to ensure that the backups are comprehensive, timely, and well-protected.
  3. Your most sensitive data. Whatever backup solutions you choose, ensure that you’re safeguarding copies of your data – particularly the most sensitive data – from theft and destruction.
  4. Your metrics for backup success. How will you determine if your backup plan is a success? For example, you can set goals for maximum allowable recovery time or maximum amount of data you can afford to lose; does your backup plan fall within these parameters, or would you experience unsustainable losses? Always make sure to test your data backup measures.

Don’t hesitate to contact us for advice and assistance. Choosing the right backup solutions is critical for your business. When implemented thoughtfully, data backups become your business’s lifesaver, protecting you from the severe effects of IT disasters.