Month: February 2018

Categories
Casserly Consulting Blog

Tech Term: Understanding Encryption

term_encryption_400.jpg

With data security becoming paramount for almost everyone, encryption is one of the more important technology terms you will need to know. Since data security has to be a priority–not just for your business–but for you, understanding what encryption is, and how its used can put you in a better position to understand tomorrow’s security solutions. For this week’s tip, we will take you inside cryptography, and more specifically, data and network encryption.

What is Cryptography?
Simply put, cryptography is the art (or science) of writing or solving written or generated codes. Cryptography is the strategy of using a predefined key to convert data into a format that is indecipherable. Since no entity can view the information without the key, the information secured by encryption is able to be stored and transmitted securely. To decode the message, you need a cipher or a key.

A Short History of Cryptography
As long as there has been human communication, there have been secrets. The first known evidence of the use of cryptography was found carved in hieroglyphics on a wall in Egypt, and has subsequently been used throughout human history to send and receive secret messages.

Centuries later, Julius Caesar was known to use a form of substitution cipher that shifts each letter three spots in the alphabet to encode a message. In fact, there are some that still call this type of cipher a Caesar cipher. The Caesar cipher looks like this:

ib cipher 1

It’s clear that this type of cipher is dependent on the secrecy around the system, not a dedicated key to unlock the cipher. Once the system is known, these basic codes become known almost immediately. In fact, most substitution ciphers can be broken with a simple pad and paper.

This changed in the 16th century when Giovan Battista Bellaso came up with an improvement by using a series of interwoven ciphers. The process was misattributed to Blaise de Vigenère, and has since been referred to as the Vigenère cipher.

Despite all the coded messages sent and received over the centuries, cryptography as we know it has only come into fashion over the past century as technological advancements have facilitated more sophisticated methods of encryption. In the early 20th century, Edward Hebern, while sitting in jail for stealing a horse, came up with a method of encryption using an old typewriter fashioned with a rotor. The purpose was to turn what to the user was a simple Caesar cipher into a Vigenère cipher with the use of Hebern’s two-way rotor machine. A user would push a key and the rotor would provide the corresponding substitution key to decrypt the message. b2ap3_thumbnail_ib_cipher_2.png

If this machine started modern encryption, Enigma changed it forever. Shortly after Hebern’s invention, German engineer Arthur Scherbius innovatively built what was essentially a Hebern device with multiple rotors and called it Enigma. For a decade German naval superiority over mainland Europe had as much to do with their ability to send and receive coded messages as it did to their manufacturing might.

Modern Encryption
When we speak of encryption today, we are just talking about the same type of thing that Hebern and Scherbius were doing: cloaking data to provide privacy or security to the parties involved in the correspondence. Today, data is worth more than ever; as a result businesses are spending more on their encryption solutions.

All businesses collect a fair amount of personally identifiable information (PII). This information includes names, birth dates, Social Security numbers, and financial and medical information. The liability companies have today is immense, as they can (and often are) sued if a customer, employee, or vendor’s PII is stolen and leaked or shared.

The modern business uses several types of encryption. Individual file encryption encrypts specific data; volume encryption secures a container where files and folders can be stored; and, full-disk encryption secures all the information on a computer or server. To ensure that the data is protected from theft, encrypting all the information deemed sensitive should be a priority.

In order for your business’ encryption initiatives to be successful, there are some best practices that users need to know. One is password security. Often the key to your encrypted information is a simple password. In order to mitigate risk and keep encryption working for you, there are some password management tips you should adhere to. Following these will keep your encrypted data, and your business safe. They include:

  • Use passwords with eight characters or more.
  • Use different passwords for different files, computers, and systems.
  • Change your passwords frequently.
  • Utilize upper and lowercase letters, numbers, and symbols in your passwords.
  • Don’t use common words or phrases.
  • Don’t use words spelled backwards, common misspellings, or abbreviations.

More Encryption
Other than your standard protection against the loss of data, there are security solutions that allow you to encrypt communications you have with your customers, staff, and vendors. Email encryption has become an essential business tool. Many of today’s enterprise email solutions come with options to encrypt your messages, keeping communications secure.

Another way encryption is leveraged by the modern business is with the use of a virtual private network (VPN). The VPN offers users who are outside of a network to get an encrypted and secure pathway to share and receive files from a centralized server. Remote file exchange is important for many businesses, and the use of VPNs can go a long way toward quelling the risks inherent in this process.

Types of Encryption Finally, understanding what types of encryption there are can help you understand what position your organization is in, in regards to file, server, and communication security. The types of encryption used today include:

  • Triple DES – Designed as a replacement to the single Data Encryption Standard (DES) that doesn’t hold up against the tools modern hackers have. Triple DES uses three individual keys with 56 bits each, which in total adds up to 168 bits, however experts place it closer to 112 bits of key strength.
  • RSA – RSA is a public-key encryption algorithm and is currently the standard for secure transmission of data over the Internet. Since it uses two keys, a public key to encrypt it and a secure private key to decrypt it, it makes it very difficult for hackers to decipher.
  • Blowfish – Designed to replace DES, Blowfish is a symmetric cipher that splits messages into blocks of 64 bits and encrypts them individually. As a result, it is extraordinarily secure and often used in e-commerce platforms and password managers.
  • Twofish – The developer of Blowfish has released Twofish as a faster option that makes it a perfect encryption tool for hardware and software systems.
  • AES – Available in 128-bit, 192-bit, and 256-bit options, the Advanced Encryption Standard is basically uncrackable. Used by governments and other organizations that deal in extraordinarily sensitive information, AES has begun to become the standard in encryption due to its impenetrable record.

Data security is more important today than ever. At COMPANYNAME, our knowledgeable technicians can help your organization come up with data and network security plan that is sure to keep your data safe, and keep your business running efficiently. To learn more, don’t hesitate to call us today at PHONENUMBER.

Categories
Casserly Consulting Blog

Cisco Bug Ranks as One of the Worst

cisco_bug_400.jpg

A new exploit is making the rounds in the security environment, and this time, it affects virtual private networks. According to Cisco, the flaw affects its Adaptive Security Appliance (ASA) tool, and it should be patched as quickly as possible. If you don’t do so, your organization could be subject to remote code exploitation as a result of this vulnerability.

Cisco has showcased that the VPN bug can essentially allow hackers to infiltrate their security devices using the ASA operating system. The vulnerability is found in the Secure Sockets Layer (SSL) and can, according to Cisco, “allow an unauthenticated, remote attacker to cause a reload of the affected system or to remotely execute code.” What does this mean in plain English? In theory, an attacker could take complete and total control over a system (a considerable threat for any organization, especially considering the ramifications from a physical security standpoint). This vulnerability is so dangerous that it has earned a 10-out-of-10 on the Common Vulnerability Score System, taking its place among the upper echelon of major vulnerabilities.

While the vulnerability is only allowed if WebVPN is enabled, it’s still a major threat that you don’t want to overlook. According to ZDNet , here are some of the devices that are affected by this vulnerability:

  • 3000 Series Industrial Security Appliance (ISA)
  • ASA 5500 Series Adaptive Security Appliances
  • ASA 5500-X Series Next-Generation Firewalls
  • ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers
  • ASA 1000V Cloud Firewall
  • Adaptive Security Virtual Appliance (ASAv)
  • Firepower 2100 Series Security Appliance
  • Firepower 4110 Security Appliance
  • Firepower 9300 ASA Security Module
  • Firepower Threat Defense Software (FTD).

At its time of discovery, the bug was not being exploited in the wild, but Cisco has been made aware of attempts to leverage of the vulnerability. Since the announcement, the vulnerability has been spotted in the wild, and the initial patch that Cisco implemented to combat this vulnerability proved to insufficient, as there were additional features and attack vectors that were not identified until later.

Cisco has released an updated patch for this vulnerability, so you need to implement it if you don’t want to take a needless risk, and endanger your network and data. It’s a good rule of thumb to never let known vulnerabilities linger too long, as you could be placing your business in harm’s way.

It’s incredibly important that your business be mindful of not just these vulnerabilities, but all vulnerabilities found in critical business software and hardware. This Cisco bug isn’t the first software vulnerability to be found, and it certainly won’t be the last. Hackers are always working to undermine the efforts of developers who are trying to keep their software as secure as possible. It’s up to you to ensure your organization isn’t exposing itself to threats by neglecting patches and security updates.

COMPANYNAME can help your organization ensure that patches and updates are applied as needed. We can do this remotely in most cases, without the need for an on-site visit. It’s a great way to get more value out of your business’ technology without sacrificing security. To learn more about how you can make technology work for you, reach out to us at PHONENUMBER.

Categories
Casserly Consulting Blog

A Brief Dive into Digital Signatures

sign_digitally_400.jpg

Think for a minute the power a signature has. Signatures have started and ended wars, they have committed whole nations of people to rule of law, and they are attached to birth and death. For the individual, the signature is one of the most powerful possessions. You can use it to acquire money, property, and transportation. You use it to enter agreements and to end agreements. With so much importance squarely focused on the signature, it seems curious how people today are now signing documents digitally; but, with the security behind this solution, people won’t have to be on hand to sign with theirs.

Nowadays, businesses often choose to utilize electronic documents to reduce printing costs, and to provide remote workers the ability to sign mandatory documents without the need for postage or travel. Besides, more businesses are attempting to go paperless and do away with their bulky filing cabinets, ensuring that finding documents is an easier task.

Up until recently, if something was to be signed “electronically” it would still have to be printed out, signed, and returned to the organization that needed the signature, either by mail, or by scanning the document after a signature was completed. Now things have progressed to the point where many PDF editing software titles provide a perfect solution to this problem through their digital signature features.

Understanding the Digital Signature
Since official documents aren’t worth much without a signature, it was important for people to develop a way to sign documents remotely, since people can’t always be in the same place all the time. The old print, sign, and scan method may as well be called the print, sign, and scam method. It would be simple for people to forge the signature onto an important document, setting in motion a series of unfortunate events.

PDF software mitigates this risk since a digital signature is more than a graphical representation of a signature. It is rooted in cryptography, the same technology that protects nearly every secure transaction that happens over the Internet. It works like this: the digital signature uses digital keys to confirm the attachment of your identity to the document that is being signed. In fact, these encrypted digital signatures are far more difficult to forge than a typical paper document as long as the keys that were used to create the field are kept secure.

Just as a physical signature, inside a digital signature solution, you will see the graphical representation of your signature, a common name of your choosing, the location where you signed the document from, and of course, a time stamp displaying the date and time you applied the signature to the file.

Not all PDF software solutions provide the full variety of features needed to create digital signatures. Without one, however, your organization will be less flexible, and as a result, move slower than it would with a dedicated electronic signature solution. By pairing the features the modern PDF program has with an electronic signature, it will cut down on postage and printing costs and help your business move faster.

For more information about digital signatures, contact our IT professionals at PHONENUMBER today.

Categories
Casserly Consulting Blog

Tip of the Week: Browser Security 2018

browser_comparison_400.jpg

The Internet browser is one of the most utilized applications on most computers. With so many complex and aggressive issues popping up on the Internet it would be useful to know which of today’s most utilized browsers are best at keeping your computing network free from threats. Today we will take a look at each of the five most utilized web browsers to find out which is the most reliable and secure for your business to use.

What Risks Do You Face?
The risks are numerous and unrelenting. Around every corner on the Internet there are muggers with knives looking to take your stuff. The good news is that for many of the threats present, there are solutions to a lot of them–pretty much as soon as they are discovered. The Internet security community has leveraged this constant attention into immense profits. According to an article in Forbes, the cybersecurity industry is growing rapidly and is expected to be worth $170 billion by 2020, with a good portion of growth dependent on the ever-present Internet of Things.

To get a good idea about what kind of threats you face, all you need to do is take a look at the cybersecurity markets.There are cybersecurity markets for gadgets, appliances, cars, and more. There is cybersecurity insurance. PricewaterhouseCoopers has forecasted a $7.5 billion market for data insurance to come to fruition by 2020.

Four of the largest banking institutions in the world, J.P. Morgan Chase, Bank of America, Citigroup, and Wells Fargo spend upwards of $1.5 billion on cybersecurity annually. If the least risk-averse people in the world are spending a fortune, you know what you are up against. These organizations have seen companies decimated by cybersecurity lapses and understand the risk; something you and your business should consider a sign that it’s time to do something about protecting the people that depend on you against the rogue actors who breach and roam around computing networks like yours and take what they please.

Small Business Browsing
You’d think that in the context of a small business’ computing, they wouldn’t need the protection that global banking institutions do, but with all the risks that are there, there has to be some attention paid to the issue and some investment in understanding how to mitigate those risks that are laid on your organization by constant threats from the web. The good news is that most of what you need to do is attainable by simply understanding how the web works, and through the use of a secure Internet browser.

The most well-known, and most utilized, Internet browsers include: Google Chrome (56.3%), Apple’s Safari (14.5%), Mozilla Firefox (5.7%), with other browsers making up for less than 5% including Microsoft Edge/Internet Explorer, Opera and others. Any Internet browser worth its salt will do a great deal to keep users’ computers and networks from being maligned by malware and other problems.

This is accomplished by producing secure connections. In the browser, any website identified with the protocol “https://” has a secure connection. This connection encrypts the data that is sent and received through the browser to keep any transmission of data on that site from being intercepted, stolen, or leaked. This allows data to be protected during interchange providing a semblance of privacy. Since the two components every secure connection requires are privacy and identification, this encryption starts things off pretty well.

Since the typical connection between the Internet browser and any server it is cooperating with is initially short on security, websites rely on secure connections through the use of digital certificates in order to know exactly who a website is owned and run by to establish a trustworthiness of the Internet browser.

Google Chrome
Google Chrome, long known for its reliability and popularity, sports the most powerful sandbox of any of the major browsers. A sandbox is an isolated environment that attempts to keep the Internet contained, and thus away from your network or computer. Google has the fastest response time to security vulnerabilities, but with the use of “Chrome apps”, weaknesses begin to present themselves. If you stick to the browser itself, you are looking at the most secure of the major Internet browsers.

The issue of privacy, however, makes Chrome tricky to get a hold on. Google, after all, has built an empire by knowing things about its users. This lack of privacy, even if it just results in you having more advertisements targeting you than before, is disconcerting to some and can be seen as a necessary evil for using Google’s browser.

Mozilla Firefox
Firefox is getting old. Since Firefox doesn’t utilize the sandbox technology, it doesn’t have the buffer between the user and the web that most browsers have. Firefox has a problem with their JavaScript plugins sharing the same namespace, which exposes all plugins to potential attack by any malicious plugin. In order to get the most out of Firefox, you have to understand and practice safe browsing habits, and aren’t installing plugins from developers you don’t trust.

Privacy, however has been Firefox’s strength from day one. Mozilla collects very little data and does not trade information on its users; and, remains the only of the major browsers that is open sourced. This allows users to open up the source code to see exactly what is going on.

Apple’s Safari
Apple’s browser is limited to just Apple products after attempting, and failing, to move the browser over to the PC. Safari is known for developing and releasing patches fast, and as a secure browsing experience because the risks were just not as prevalent for devices running macOS or iOS as they were for those that run Windows.

Like Chrome, and the Microsoft browsers we will mention later, user privacy isn’t on the list of priorities for Apple. While a lack of privacy could be looked upon as a positive characteristic of a browser (as more transparency helps develop bug fixes faster), if you are running a Mac OS, sticking with Safari is your best bet.

Opera
Opera is the oldest Internet browser on this list. Having gone through a major overhaul in 2013, Opera replaces their proprietary engine to go with Chromium, the same engine used by Google’s Chrome browser (and others). As far as security goes, Opera has a lot going for it. Having a small percentage of the market share is a major one (one their developers would gladly shed), as this kind of security through obscurity keeps threats to a minimum. Despite using the same browser engine as Chrome, Opera doesn’t support browser apps, limiting its already minimal exposure.

Privacy in Opera is much like Firefox’s. They have a very conservative data collection policy which despite the software not being open sourced, does present users with privacy concerns some peace of mind.

Microsoft Edge and Internet Explorer
Microsoft’s browser was once the predominant one in use. Today their market share has dwindled into the single digits, with the “new” Edge browser still gaining traction. Internet Explorer is barely being supported any longer, so it’s best to avoid that software at all costs, but Edge seems to be just a scaled down IE that doesn’t support ActiveX technology or Browser Helper Objects. It has its own limited set of in-browser apps that give people looking to infiltrate the browser more access points.

Privacy in Microsoft’s browsers is non-existent as Microsoft has a history of collecting everything. There are options to make it less transparent, but users should be happy the Edge isn’t IE.

No matter what browser you use, you have to be cognizant of sharing data you don’t want others to see. Understanding what your responsibilities are will go a long way toward keeping your data and network safe from security threats. For more information about Internet browser security and privacy, or to discuss your organization’s general network security, call COMPANYNAME today at PHONENUMBER.

Categories
Casserly Consulting Blog

The IoT Can Be Very Useful, but Also Risky

internet_of_thing_blue_400.jpg

You might be surprised to hear how the scope of the Internet of Things has increased over the past few years. These connected devices are all over the place. In order to ensure that your business isn’t affected in a negative way by these IoT devices, you’ll need to consider the many risks and how you will respond to them.

What is an IoT Device?
Essentially, any device that connects directly to the Internet or sends data to and from the Internet through another device is considered an IoT device. A smartwatch that connects to Wi-Fi, or a fitness tracker that shares data fall into this realm. From smart appliances, like Amazon’s Alexa and Google Home, to Internet-connected coffee machines are all Internet of Things devices. While the data they share might not always be extremely sensitive, they could open up other ways for your sensitive data to be reached.

Ask yourself – does this device connect to the Internet or network in some way? If so, it doesn’t mean it is a risk, but it does need attention.

What are You Risking?
When you’re putting together your business’ policies regarding the IoT, you should consider what assets you’re willing to leave vulnerable. It essentially boils down to what you’re willing to let your employees access. If your employees have access to a lot of data, you’re increasing the risk involved with IoT devices in the office. In much the same way, you can control how much data is at risk by limiting which employees can access it. It’s a great way to ensure that the Internet of Things poses a minimal threat to your business and its data.

On the other hand, it’s important to remember that IoT devices will still pose a threat in some way, simply due to the amount of them. There will always be too many factors to take into account to guarantee safety from any and all devices. Therefore, you should consider as many as feasibly possible. The data’s sensitivity is chief among these considerations, as well as the employee’s particular role within your organization. If they are mostly separated from confidential or sensitive data, then perhaps they can use basic IoT capabilities with little consequence. Granted, this assumption varies between industries, so be sure to make it clear what you expect from your staff in your employee handbook.

Train and Prepare Your Staff
Security isn’t something that can only come from one employee–rather, it “takes a village,” so to speak, and everyone must be mindful of security practices. This is incredibly important for the Internet of Things, but everyone needs to be on board–not just management or leadership. All employees need to be aware of the cybersecurity policies used by your company, as well as the various risks associated with the Internet of Things. Plus, it never hurts to be aware of even the most benign warning signs of common security threats.

Lead by Example
If you want your employees to prioritize security for your workplace, start by taking the first steps yourself. After all, you can’t expect your employees to do something that you yourself don’t do. Management should be able to set an example for their workforce, and this is how the IoT is prepared for most effectively.

Is your business utilizing any IoT devices? COMPANYNAME can help your business prepare for this connected technology revolution. To learn more, reach out to us at PHONENUMBER.

Categories
Casserly Consulting Blog

Are You Intrigued By the Tech of CES 2018?

new_tech_ces_2018_400.jpg

CES 2018 introduced the world to some downright interesting (and some absurd) electronics. The Consumer Electronics Show gives the technology industry just the outlet to showcase the best and brightest of what manufacturers have to offer. Here are some of the more interesting highlights from Las Vegas, Nevada.

The Interesting
In case your home television system isn’t big enough already, Samsung introduced the world to “The Wall,” a television that measures 146-inches diagonally. It uses technology similar to those used by scoreboards at sporting events, scaled down to meet the size of the screen. The Wall still has some challenges facing it, but if anyone can overcome them, it’s Samsung.

Another technology that has recently seen an increase in popularity is voice-responsive tech and connected homes. Amazon’s Alexa device was a huge hit at CES, but perhaps the most notable benefit of it is the sheer number of applications and services that can be used through voice commands. Even more services have been offered this year, which makes Alexa an interesting and valuable voice companion for everyday life.

Finally, there was a technology created with the intent of helping older generations. ElliQ is a digital companion that can help meet the needs of older users. ElliQ can remind users of upcoming appointments or allow them to hold conversations with them.

The Practical
One of the more practical uses of technology in the consumer technology market is fitness. As such, CES had a showcase where the best of fitness technology was on full display. Peloton, known for its connected indoor cycles that stream fitness classes, introduced a new treadmill that allows the user to view pre-recorded classes or live classes. This device, called the Peloton Tread, features many fitness classes and some other strength/circuit classes as well.

Taking the concept of fitness one step further is the Spire Swim Tracker, the first smart swimsuit. This automatically measures your swimming metrics. It then connects to the swim.com app, where the user can view the information. Furthermore, you don’t even have to charge the tracking tag, as it is purposely designed so that it lasts longer than the suit.

Finally, virtual reality is making a splash in the fitness community. Black Box gyms will soon have VR capabilities that can make going to the gym a bit more interesting. Basically, it turns something like a resistance workout and transforms it into a video game, allowing for an entertaining and satisfying 30-minute workout.

The Strange
Some of the devices introduced at CES 2018 were a little unorthodox or designed for a specific audience. For example, the device Keen allows for an inertial measurement to help those with bad posture better their bad habits. It basically lets users kick bad habits in due time. Another interesting technology was Moodo, which allows you to use a diffuser to throw scents into the air via a smartphone app. Other gadgets, like the self-driving store and a ping-pong-playing robot, also made appearances at CES, but one of the weirdest was the Somnox Sleep Robot, a device that is basically a glorified body pillow that simulates breathing and helps users fall asleep.

What are some of the devices that you would like to see at future CES conferences? Let us know in the comments.

Categories
Casserly Consulting Blog

Tip of the Week: Which Storage is Better for Your Needs?

cloud_storage_vs_local_400.jpg

Keeping your company’s data safe is extremely important no matter where it is stored. Making the decision to store data in the cloud or in an in-house server is just one consideration you need to make. Today, we will compare these two options to help you select the one is right for your business.

Cloud Storage
There are many advantages to using the cloud for backup and storage. Firstly, the platform is cost-effective because not only are you likely paying for only the space and services that you need, you also don’t have the extra utility and maintenance costs that onsite hardware tends to come with.

Another benefit is the scalability that you can get in the cloud. You can always get just the amount of space and computing services that you need, which is not something that you can expect in the case of an in-house computing platform. By being able to increase and decrease space as needed, all you’ll need to do is notify your service provider, and they will increase or decrease your storage space accordingly.

With cloud-based storage, you also typically improve on your accessibility. Any data stored in a cloud-based storage facility can be accessed through most Internet-connected devices that run an Internet browser (or through an app). Just log into your account and gain access to all the information you need when you need it.

Depending on your business needs, some of the few disadvantages cloud storage brings may not even impact your decision. The big one is speed. If you have a lot of data to store, and your Internet connection is less than stellar, backing up or transferring data to the cloud provider could take a while.

Local Storage
Speed is the one main advantage of storing your data locally, but there are some others. Businesses that rely on in-house computing infrastructures have more options than those that use cloud-hosted solutions–especially since you can just unhook the drive and the data is protected.

By having complete control over the management and design of your in-house computing infrastructure, you can create some pretty useful setups that will save your business money. Not only can you set up multiple virtual machines on one server, you can have full-scale redundancy to protect all of the information on your systems.

Some downsides include the upfront expense of purchasing all the major hardware and software systems needed. Scalability is more difficult, and most damning, if your data is saved, backed up, and protected in one place, if that one place gets hit with any issues, your data could be inaccessible, or worse yet, destroyed altogether.

While you have to make decisions for your business, depending on COMPANYNAME to help you make the right ones is advisable. Call us today at PHONENUMBER and one of our professional IT experts will help you design and implement a storage plan to meet your business’ needs.

Categories
Casserly Consulting Blog

Skills that Your Project Manager Should Have

project_management_outsourced_400.jpg

One of the keys to launching any sort of technology initiative is to have a skilled IT project manager at the helm. As such, it is important to keep certain high standards in mind as you find someone to act in that capacity for your business. Today, we’ll review a few key traits that your IT project manager should exhibit.

Respect for ROI
Any decision made in a business, whether or not it pertains to IT, is largely informed by the likelihood that return on investment, or ROI, that the business could potentially see is promising enough that it makes he decided-upon action worth it. A quality IT project manager should have the ability to estimate the ROI of a proposed project well enough to judge if the return is worth the anticipated investment. The project manager you bring in should know to question if the change will help to increase operational efficiency or profits, and be able to determine that based on situational analysis.

Problem-Solving
An analytical mind should be a prerequisite in your search for a project manager. The ideal candidate will have considerable insight into IT systems and how they operate, from physical hardware and networking components to software solutions and cloud-based applications, and the ability to predict and mitigate obstacles to the end goal. Keep an eye out for candidates who can take all of these considerations into account and develop a best-fit approach for your business’ needs.

Loquacious with Laymen
If all of your employees had the same knowledge and insight concerning your IT projects as your IT project manager did, there wouldn’t be a need for a project manager in the first place. As a result, your project manager will likely need to discuss technical aspects of a project with non-technical business members. This will require the ability to translate the technologies that are implemented in such a way that you and your other employees are able to grasp the benefits and tradeoffs that each solution offers.

Be Decisive
There’s a natural inclination to resist change, especially in the workplace, even more so when these changes are going to put restrictions on employees. However, the IT project manager is the one responsible to put these changes into place, pushing against that resistance. Sometimes that may take the form of blocking access to social media sites through a content filter, or deciding to cancel an IT project if it doesn’t generate the return on investment that it needs to. Whatever the situation, a project manager needs to be able to make the tough calls and form a decision based on all information available.

If your company is in need of the services that a project manager can provide, COMPANYNAME is here to offer support. Call PHONENUMBER to learn more about how our team can help you reach IT success.

Categories
Casserly Consulting Blog

Preventing Issues is Easier with Remote Monitoring and Management

RMM_automated_400.jpg

Do you know who manages and maintains your business’ technology? In most cases, it will be either a small in-house IT department or technical individual, but often times small businesses simply don’t have the assets to throw around on this. More importantly, they often ignore technology maintenance, either because they can’t afford it, or there’s nobody to do the work.

This shortcoming brought about a shift in the way small businesses approach technology management. An internal IT department is certainly one way to resolve this issue, but not all companies can afford to hire dedicated personnel for this purpose. The natural course of action became to outsource the responsibility to a third party, but the way that it’s outsourced can have a considerable impact on how much value is received from the relationship.

For example, if you only respond to issues but do nothing to prevent them in the long run, you will end up spending too much on repetitive repair costs. Conversely, if you take an active role in the prevention of IT issues, you save money by minimizing the damage done by potentially catastrophic problems. Ultimately, your organization stands much to gain from keeping small issues from evolving into major problems, and the best way to do so is by implementing an automated remote monitoring and management solution from COMPANYNAME.

Remote monitoring and management, or RMM for short, is a tool that allows managed service providers like COMPANYNAME to take care of your technology solutions without being in your office. For example, we can monitor your business’ network for any security discrepancies or weaknesses in your infrastructure. We can remotely deploy patches and security updates to ensure that your systems are protected.

Considering how this type of solution requires very little hands-on work from your in-house team, it almost counts as an automated solution all its own. We can resolve the majority of issues with your infrastructure without an on-site visit, which lets your business save a considerable amount of capital without paying for traveling costs or other expenditures. It also makes for a much more convenient way of getting the management and maintenance that your network needs, as you won’t have to wait–we’ll administer service according to your service level agreement, and we can do it without taking up any of your staff’s time with an in-house visit.

Granted, some problems will need an on-site visit, but we generally try to keep those to a minimum. We’re all about making sure that your company has the most convenient experience possible with COMPANYNAME’s services. To learn more, or ask us about our remote maintenance and management solution, reach out to us at PHONENUMBER.

Categories
Casserly Consulting Blog

Tip of the Week: Do You Know How to Protect Medical Data?

medical_records_digital_400.jpg

Businesses that work with medical data are in a tricky situation, as the slightest issue with security could place considerable risk on storing this data. If you’re not careful, you could be putting your business at risk. With the compliance issues that have to be regarded, the security of any medical data you store on your infrastructure has to be made a priority. How can you minimize the risk of storing this data without compromising your business’ effectiveness?

Compliance regulations, like the Health Insurance Portability and Accountability Act (HIPAA), will make things a bit more difficult for your business. However, your business shouldn’t be hit too hard if you’re being mindful of the regulations while planning how you store medical records and other sensitive information. Here are some tips to help you keep your business as secure as possible.

Encryption is Key
The strange thing about HIPAA is that it doesn’t necessarily require that your business have data encryption implemented. Considering how much it helps in the event of a data breach, it’s ludicrous to think that it’s not required at all. Encryption essentially scrambles data so that you need an encryption key in order to view it properly. This makes any stolen data practically useless, as military-grade encryption is incredibly tough to crack by your average hacker.

Implement Comprehensive Security Solutions
More often than not, it’s better to stop attacks from happening before they infect your infrastructure rather than respond to them afterward. You can do this by implementing a Unified Threat Management solution, which includes a firewall, antivirus, content filter, and spam protection to minimize the security threats of your company at all times. These preventative measures don’t necessarily guarantee immunity to threats and hackers, but they significantly reduce the chances that you’ll suffer from them.

Limit Access Based on User Roles
The more users have access to certain data, the more threats can potentially access that specific data. Think about it this way; if you have 10 computers on your network, any one of those computers can be used to infiltrate your network. However, it’s unlikely that all 10 of the users also need the same privileges to access important data. You can keep specific data safe by limiting the number of users who have access to it.

Does your business utilize medical records or other sensitive information? Your company could be at risk of being fined due to compliance regulations. To find out how your business fares regarding data compliance, reach out to COMPANYNAME at PHONENUMBER. We can work with you to ensure that you’re being as proactive as you need to be to ensure your data is secure.