MSPNetworks Blog

You may have been in a position where you tried to implement a technology solution in the past only to find that your staff is simply not responsive to it in any capacity. Maybe they do not see the value in the solution, or they do not understand what issues the solution resolves for your organization. To help you instill the correct mindset in your employees regarding technology, here are some training tips!

Explain the Value of the Solution

Before breaching the topic of new technology with your staff, it helps to have a bit of context for what issues the solution is actually solving. If your employees understand the value of the solution you are implementing, as well as how it makes their lives easier, they will be more receptive to the solution and more likely to buy into it.

Offer Training Sessions on a Regular Basis

Once employees understand why you are implementing your new solution, they might be ready and willing to learn how to use it. These training sessions should be offered regularly for any employees who want to learn more about the technology and how to use it as effectively as possible for their particular roles. Training does not have to be a one-and-done thing, either; you can cover specific topics, accept recommendations from employees so you are teaching them what they want to know, and reinforce training on a regular basis for those who need a refresher. Training is best done in multiple different ways to accommodate different types of learners.

Use the Solution Yourself and Set an Example

Your employees will only use a tool that you yourself find some value in, so one of the best ways you can make any technology deployment successful is to show them what it looks like in action. Take some time before making the solution readily available for your team to learn the ins and outs of it yourself. This gives you the ability to answer questions about how it might be used, what some of the great features of it are, and what they might be able to expect from using it. Your staff will appreciate knowing that you have done your research and are committed to getting the most out of the technology solution, and leading by example is a great way to make them see this.

Of course, any new technology deployment will come with its fair share of challenges and roadblocks—t just takes a bit of time and effort to overcome them. Thankfully, you don’t have to do this alone!

Let Us Help!

Implementing new technology can be a hassle in and of itself, so don’t let your employees’ reticence to utilize it become a barrier to implementation. MSPNetworks can help your employees understand how best to use their new technology, and we can even offer training sessions to provide them with the support they need to succeed. To learn more, give us a call at (516) 403-9001.

For decades, technology has been the driving force behind some of the biggest and most radical shifts in business. Therefore, it makes sense to assume that the keys to your organization pushing past its limits and becoming truly exceptional lies in the implementation of new technologies that change operations in a profound way. The process of digital transformation does not have to be difficult, but it is important in a business environment so that you can stay competitive.

Digital transformation is the process of implementing new technologies and rethinking the relationship that your goods, services, and operations have with them. It can be seen as a way to innovate and make advancements in ways that might not otherwise be possible. The ongoing COVID-19 pandemic has forced many companies to accelerate their adoption of technology, so digital transformation is a trend that is rapidly increasing in popularity. To help your company make the best decision possible regarding technology, we have put together an easy three-step process you can follow when implementing new technology for your company.

Make Sure Your Objectives Align with Your Business Goals

The technology you implement should align with what you are trying to accomplish as a business. If your goal is to develop products, consider technology solutions that streamline that process. If your goal is to get the word out about services, consider ways that technology can help you get the word out. If your goal is to provide exceptional customer support, think of ways that technology can streamline the process for customers to receive the help they need when they need it. In other words, implementing technology without a clear and defined goal is not going to help your business; if anything, it will make your infrastructure more complicated and bogged down, so we encourage you to think about what your business does well and how technology can help you do it better.

Lean On Your IT Department or IT Resource

When it comes to your business’ implementation of new technology solutions, you want to take as hands-off a position as possible. Too often management and the C-suite get too involved in the decision-making process regarding IT. It is important to remember that you have an IT department or IT resource for a reason; respect their opinions and consult them on the implementation process. Understand that you may have a biased opinion of the technology because you want it to succeed and you think that it can be a great asset, but know that the ones making the cold and calculated decisions are often the IT resources implementing the solution. Just because something works perfectly for one organization does not mean that it will for you, and you should ensure that any solution you choose to implement is right for your organization well before the implementation process begins.

Get Your Staff On Board

Any new tools you implement will surely come with some resistance from your staff. Sometimes those who have been with you for a while are stuck in their ways and might not immediately see the benefits of implementing great new technology solutions. Therefore, it becomes your responsibility to show them just how much they stand to gain from not just learning your new tools, but mastering them as well. Implementing new technology is most beneficial when it’s done in a top-down manner, meaning the boss shows the employees just how confident they are in the solution by actively using it themselves. Employees are more likely to buy in when they know there is some passion behind it, and they will appreciate any training you can offer so they too can learn as much as possible about it.

Get Started with Digital Transformation Today

MSPNetworks can help your organization adopt new technology solutions and improve operations for the better. Our trusted technicians can be there for every stage of the process, from design to implementation to training and support. To learn more about how we can make a difference with your digital transformation strategy, reach out to us at (516) 403-9001.

It’s no secret that new technology can be useful for a business, unfortunately too many businesses struggle with their technology implementations. When adding new tools to your business, you will need to understand that the more deliberate you are, the more success you will find. Rushing any new deployment is sure to have some types of issues. For today’s blog, we take you through some of the best practices of adding new technology to your business.

Your Business’ Needs

When looking to add technology, you should only do so when you recognize a need for some. Too many businesses add technology that, in theory, will enhance productivity only to have problems supplanting the practical usefulness of their current technology. Of course, there will always be some type of transitional period, but the more a business is identifying problems and deploying technologies as a response, the fewer problems they will ultimately run into. 

Take a Beat

Another solid practice to adhere to before you go ahead and start putting new technology in place is to take a bit before you make any financial commitments. Can you make do with the technology you have? Could it just be some strategic alterations you can make that won’t necessitate the time and expense that goes along with new technology? Sometimes it’s just about using the tools you have more effectively, not introducing new tools. Take some time to adjust and monitor, but at the end of that time, if you’re convinced the new technology gives you the best chance to be competitive, then go ahead and go for it. 

Assign a Competent Project Manager

A large percentage of new technology implementation failures happen because the people running the project are stretched too thin, or aren’t up to the task of carrying out the project. For small business owners, it is tempting to do it yourself, but your influence is more important in other parts of your business. You need to have a project manager to serve as the point of contact, develop the training regimens and schedules, and deal with the inevitable challenges that arise during the new technology deployment. 

Stand Behind Your Choice and Get to Training

Once the project begins, one of the most important parts of implementing new technology is to get your people behind it. Typically, there is some type of pushback, even if people have been complaining about the old technology for some time. Workers get comfortable with one thing and are afraid that their jobs will change for the worse if they are forced into using new technology. Some even think that their jobs will be irrelevant. For the business owner to get their people behind the new technology, you need to explain how it will positively affect their jobs and the company as a whole. By getting people to understand the positive aspects of implementing new tools, they will be more engaged in the training process, and ultimately, get up to speed faster. 

Testing 

After implementation and training, understanding how best to use the technology is going to be a process. The best way to ascertain this is by testing. Testing the solution, the employees, and the whole workflow is a critical step in understanding what changes need to be made, what policies need to be altered, and how the system works for your business. You’ll want to give your workers advanced notice that there will be training and monitoring as to make them understand that the more committed they are to getting the technology incorporated, the faster things can go back to normal. Additionally, you will want to get feedback from your employees. They are the ones that are using the new technology, after all. 

Get It Working 

Finally, after all the hand wringing, politicking, testing, and tweaking, your business will have new, and hopefully better technology to use. Adjustments to the tool will be ongoing, of course, but it’s a solid practice to get it as close to finished before you start using it for day-to-day operations. 

New technology can be extremely useful for a business, but without the consideration that it is going to change the way you do things, it can be a major problem, too. If you would like to talk to one of our IT experts about how we can help your business implement the technology you need to improve your operations, and do it successfully the first time, give MSPNetworks a call today at (516) 403-9001.

If you are looking for a way to smooth out the edges of your business, consider putting together a knowledge base that includes all policies, procedures, and other information so it is readily accessible by the people that interact within and from outside your business. Businesses that have well-documented policies and procedures have a tendency to have less difficulty onboarding new hires, fewer operational problems, and can always provide access to resources needed by employees, customers, and vendors. Today we will give you a few tips on how to successfully create a working knowledge base.

Step #1 - Figure Out What Knowledge Is Needed

The first step to creating a useful knowledge base for your business is to truly understand what information should be included. If too much information is included or is not easily defined, the platform can actually be a hindrance and even become a problem. You will need to determine what information your audience will need and where there are gaps in knowledge with your day-to-day operations.

Think about it this way, if you want to create a knowledge base that caters to your customers and your staff, you will need to know what their various concerns are. What questions do they continually ask? What part of your business is most hindered by information requests? You’ll need to take into consideration what information they regularly need to know and plan the makeup of your knowledge base around that. 

Step #2 - Choose the Type of Knowledge Base You Will Be Focusing On

There are six types of knowledge bases: Internal, hosted, self-hosted, customer, external, and open-source. Each has benefits but may not work for your particular situation. You have to make a decision on how you want to forge ahead. Here is a little information about each type of knowledge base system

• Internal - Used by employees only. This typically includes policies for your company as well as workflow procedures to give workers the access to the information they need to be as productive and efficient as possible without having to rope other employees in.
• Hosted - This is a knowledge base system that is hosted in the cloud for ease of use for employees, customers, and vendors alike. 
• Self-hosted - This is a knowledge base system that works much like the hosted system, but is hosted on company-owned servers. This provides more control over security.
• Customer - Used to provide information to customers only. Many businesses forgo this option with a simple FAQ, but it is a good resource for support.
• External - This is a knowledge base system that is publicly available and accessible. This is a great resource for sales and marketing teams as they attempt to find new customers. 
• Open-source - The open-source knowledge base, like a wiki, is one that anyone can edit. This typically isn’t a great option for small businesses, but for groups of people that are passionate about a subject, it can be one of the best types of knowledge base on the Internet.

Typically, companies will set up a hosted or self-hosted knowledge base if they plan on supporting information geared towards employees and customers. 

Step #3 - Create Content

Using the research you conducted in step one, get the experts inside your business to create the content for the knowledge base system. This can take some time, but the more thorough your knowledge base, the more resolutions you will be able to facilitate without productivity interruptions. When creating content for your knowledge base, you want to keep things simple as to not exacerbate people’s problems. You want to keep a question-and-answer-based system that is searchable. You want answers to be clear, readable, engaging and have the utility necessary to solve the problems that someone would need solved when accessing this database. 

Step #4 - Don’t Just Set It and Forget It

You will absolutely want to continue to update information as it becomes available. This becomes easier if you make efforts to add it into the workflow when circumstances change. Having a knowledge base filled with inaccurate information won’t do your business any good, so you will want to understand which material is accessed the most and keep adding to it so it represents the most up-to-date information possible. 

The knowledge base can be a major benefit for any business as it can cut down on support costs, keep workflows efficient, and help with training. Give MSPNetworks a call today at (516) 403-9001 if you would like to have a conversation about setting up a knowledge base system for your business.

As a business owner, we are sure that you have your fair share of day-to-day stressors. Oftentimes, these stressors can lead to the development of bad habits. When this happens, you might get the urge to correct the bad behavior and replace it with good, productive habits. That said, it’s easier said than done to build good habits, especially when you have so much else on your plate.

Still, building good habits can be paramount to developing yourself on both a personal and professional level, so it’s worth a shot to give it a try. Here are three tips for developing good habits that will actually stick with you for years to come.

Create a Schedule (and Stick to It)

If you don’t give yourself time to work on your new habit, it naturally will not become one. Schedule a little bit of time each and every day to work toward your new habit. We are sure you can carve out five minutes to floss or half an hour to read a book. You can also plug this into your calendar to give yourself notifications, if you are having trouble remembering.

You can start by easing your way into the goal by making it achievable. Even a little bit of progress is progress… in the beginning, at least. If you find that you are consistently hitting your deadlines/goals for this habit in the first week or so, you can try to expand it a little bit to offer more of a challenge. For example, if you want to write a little bit every day, maybe you start with 200 words, then gradually increase that amount over time. You can also get an accountability partner, or someone who can check in on your progress periodically. After all, it would be a shame to let them down, right?

Eliminate Resistance (or Add It)

Things that are easy to do are just that--easier to do. This means that, if you are trying to build a habit, doing so will be much easier if you make it easy to stick to. Let’s use someone who is trying to lose weight as an example. Keeping the freezer stocked with frozen vegetables will make healthy eating much easier than if it were stocked with pizza rolls or ice cream. For a more business-oriented example, let’s say you want to read more often. Keep an interesting book on your desk at work or your coffee table at home. Just having it out in the open will make you more likely to pick it up and read a bit.

On the other side of the coin, there is adding resistance, or making bad habits harder to stick to. To use the same example as above, you might simply keep sweets or other unhealthy foods out of the house; or, if you would like to keep some around, put them at the back of the cupboard where they are difficult to get to. For the reading example, you want to cut out other time-wasting activities. Put the television remote in a drawer or, if you are particularly bad about this, take the batteries out of it. This will make it much more difficult to actually participate in the bad behavior.

Reward Yourself for Sticking To It

While sticking to a habit that is good for you should be reward enough, let’s face it; some habits are not as attractive as others, despite being good for you. Going to the gym three times a week can be made more attractive if you give yourself a small reward for doing so. Reading a certain number of pages a week will be easier if you know that, after you are done, you can do something you enjoy afterward.

There is a fine line to walk here, though. You don’t want the rewards to turn into bad habits themselves. If you make the rewards too enticing, you might just skip the habit being built altogether and jump straight to the reward, which can be counterproductive to your goal of building a habit.

Bonus Tip: Try a 30 Day Challenge

If you aren’t confident in your ability to develop a habit in the long term, try committing to something more in the short-term. Try to stick to a habit for a minimum of 30 days and see how you do. Who knows? Maybe using the above tips, you will find that it’s not as hard as you think.

The important thing to remember is that true change takes time, so don’t get discouraged if you don’t see immediate results from your efforts. What are some good habits that you want to build? Let us know in the comments below.

When we say “improve communications” you probably are expecting an article about telephone systems or which video conferencing platform works the best. Normally, you’d be right, but today we decided to briefly go over four ways that you can foster better communications between management and their employees inside of your business.

We know that good, effective communication can be tricky, but if you can set up constructive give-and-take, your business is sure to benefit from it. Let’s take a look at four ways your business can create an environment where communication actually helps your business. 

Create a Collaborative Company Culture

A collaborative company culture is one where people trust others to pick them up when they need help to produce the best products and services possible. It’s true that every business relies on the efforts of their employees. Why then are there often such efforts taken to keep them out of the loop? Sure, the staff doesn't need to know everything in order to do their jobs, but in order to build the relationships necessary to create trust, being transparent about how things are going and the goals you have for the business is a solid practice. 

If everyone that works toward a singular goal understands where the organization stands, they will not only be open to being helpful toward others inside the business, they are more likely to provide feedback that is a key resource to better business processes. 

Listen to Learn

Business is often fast-paced and doesn’t offer a lot of time for reflection. This is why when employees talk, managers have to listen. The truth is that people aren’t adept at listening. Everyone has their own responsibilities and sometimes the thought of taking more on is impossible. For decision makers, it can be difficult to listen to superfluous information that doesn’t have anything to do with getting the job done. 

Well, it’s your job to listen.

If you want to have the kind of business where communication is a major part of what you do, you better listen. Most of those superfluous gripes are not actionable, sure, but if you just don’t listen to what your staff is saying and go about dictating what needs to be done without taking any of their suggestions or comments or complaints seriously, you are going to be in for a tough time. You can’t make everyone happy, but what you can do is listen to the people you depend on if only to ascertain their perspective. 

Don’t Rely on Meetings

If you are going to make an announcement to the staff, a staff meeting is the best way to do so. You can gather everyone there either in the conference room or via video conference and make announcements. If you are looking to enhance communications, however, meetings are some of the worst settings for communication between people. Firstly, people never say what they are thinking as to not rock the boat or cause arguments, so they are much more conservative in a meeting setting.

If you want more effective communications, choose settings that will keep people from putting their defenses up. That means smaller meetings or one-on-ones. You’ll get more out of many smaller chats than you ever will out of a large-scale meeting. Managers should always encourage feedback and accept it with grace, and check in on those they manage from time to time. Your managers should also expect to be checked in on by those above them too.

Solid communications can boost productivity and the morale of your entire organization. What do you think? Do you have any other tips that can help knock down barriers and create a better flow of information within your business? Leave your comments below and reach out to us at (516) 403-9001 to talk with us about finding the technology to improve your business’ communications.

By now you’ve heard of VoIP (Voice over Internet Protocol), the telephone system that runs through your Internet connection rather than a phone line. VoIP can save your business up to 60 percent off your current phone bill. What many people don’t know—even ones that utilize a VoIP platform—is that there are many available options that can have major benefits for your business. Companies that have VoIP typically only use between one-third and one-half of the available options. Today, we wanted to showcase five VoIP features that you may not be taking advantage of.

Call Screening

Of course, nobody will ever really admit that they are screening their calls, but most people are guilty of it. Whether you just don’t cop to it or not, it can keep you from having to have conversations that you just don’t have time for. With VoIP, you can send the call to voicemail, disconnect it without giving the caller the chance to fill up your email with solicitation, or you can push it to your mobile phone. Either way, you have complete control. 

Auto Attendant

One useful feature is the auto attendant. It’s basically a simple automated receptionist that can facilitate call transfers, send callers to voicemail, or even provide basic information and support. A lot of businesses completely forego having an actual receptionist and use the call attendant feature as a call hub to direct calls. It’s extremely useful. 

Find Me, Follow Me

Some members of your staff are always on the move and it can be difficult for clients and other people to get them on the phone in their office. The find me, follow me feature is a sophisticated form of call routing. It provides a person to go where they are needed and still get the calls that come through for them by calling multiple phones at one time. 

Hold Music

Many VoIP platforms don’t just make the people you put on hold listen to the same ol’ elevator music, you can pick your own. This may be a completely aesthetic feature, but it can be a benefit and fit in nicely with the company culture you are trying to cultivate. Insert marketing messages, promotions, and helpful advice for your callers.

Do Not Disturb

This is a feature that is not used enough. If you want to stay productive you need to be able to eliminate distractions. Nothing is more distracting than your phone blowing up constantly. In fact, studies have shown that people take over ten minutes to get back into the flow after a call. If you want to shut it down and focus on the task at hand, using the do not disturb feature can help you get in the headspace you need to be truly productive. 

With other features like text messaging and video conferencing, VoIP can add a lot of value to your business’ roster of communications tools. If you would like to learn more about VoIP or other productivity-boosting tools, give us a call today at (516) 403-9001.

Cybersecurity is critically important to businesses of all sizes, which means that all businesses need to put forth a concerted effort to ensure their security is locked down. This, in turn, will require someone to take point on developing a cybersecurity-focused internal culture.

Who better to do this than the boss?

Here’s the deal: it doesn’t matter how advanced your cybersecurity solutions are, or how recently your team updated their passwords. No amount of cybersecurity safeguards will protect you if your team members aren’t behaving in a security-conscious way.

The Importance of a Cybersecurity-Centric Company Culture

Have you ever heard of social proof? While it is more often a term associated with marketing, describing how people can be convinced by testimonials from their peers and contemporaries, it can play a significant role in shaping your workplace environment… although this can be a double-edged sword.

Basically, the culture around your cybersecurity will reinforce itself over time.

Let’s say that John Doe gets a job with a company, and is busy getting set up with network access and permissions to everything he will need to do his job. With a poor cybersecurity culture in place, his coworkers may suggest he just repeat his username as his password, or take some similar shortcut. If the whole department insists that this practice is okay and accepted, it’s likely that John will do just that. What’s more, old Johnny boy will likely amplify this message to Jane, the next person hired, and so on and so forth.

However, if we take this same scenario and change just one detail—the message that the team shares with their new coworker—the outcome could be much, much different. If company policies outline the expectation that passwords will meet a set of best practices and the employees emphasize this in their day-to-day, it is far more likely that they will be upheld.

The Boss is the One Who Sets the Tone in the Business

So, apart from turning your employee handbook into a glorified cybersecurity dream journal, what can you do to infuse security awareness into your day-to-day? There are a few things, actually:

• In addition to implementing password policies, you can enforce them by only permitting passwords that meet these policies to be accepted.
• In addition to establishing access controls, you need to audit your protections at regular intervals to identify any overlooked weak points, civilly calling attention to these shortfalls as you encounter them.
• In addition to adding security training into your onboarding processes, you should periodically have your employees go through a refresher training course on occasion.

As the business’ leader, it is on the boss to take the lead in all things. Security is not where you want to make an exception. MSPNetworks is here to facilitate your improvements to your cybersecurity. Reach out to us today by calling (516) 403-9001 and find out the many ways that we can assist you in improving your business—whether it's regarding your security, your processes, or any other IT considerations.

Passwords are probably the most important part of keeping accounts secure. That’s why it is so important to follow industry best practices when creating them. Today, we’ll take a look at the standards outlined by the National Institute of Standards and Technology (NIST) in creating the best and most secure passwords.

What Is NIST?

For years, NIST has been the predominant organization in the establishment of password creation standards. They continuously change their advised practices to meet with the current cybersecurity demands. They recently updated their guidelines so we thought we would go over what strategies they suggest, to give you an idea of what makes a secure password. 

New Guidelines

Many corporations are currently using the NIST guidelines and all Federal agencies are expected to utilize them. Let’s go through their newest password guidelines step by step. 

#1 - Longer Passwords are Better than More Complicated Ones

For years, it was preached that the more complicated the password, the more secure the account. Today’s guidelines refute that notion. NIST suggests that the longer the password, the harder it is to decrypt. What’s more, they suggest that organizations that require new passwords meet a certain criteria of complexity (letters, symbols, changes of case) actually make passwords less secure. 

The reasoning behind this is two-fold. First, most users, in an attempt to complicate their passwords will either make them too complicated (and forget them) or they will take the cursory step of adding a one or an exclamation point to the end of a password, which doesn’t complicate the password as much, if at all. Secondly, the more complex a user makes a password, the more apt they are to use the same password for multiple accounts, which of course, is not a great idea.

#2 - Get Rid of the Resets

Many organizations like to have their staff reset their password every month or few months. This strategy is designed to give them the peace of mind that if a password were compromised that the replacement password would lock unauthorized users out after a defined set of time. What NIST suggests is that it actually works against your authentication security. 

The reason for this is that if people have to set passwords up every few weeks or months, they will take less time and care on creating a password that will work to keep unwanted people out of the business’ network. Moreover, when people do change their password, they typically keep a pattern to help them remember them. If a previous password has been compromised, there is a pretty good chance that the next password will be similar, giving the attacker a solid chance of guessing it quickly. 

#3 - Don’t Hurt Security by Eliminating Ease of Use

One fallacy many network administrators have is that if they remove ease of use options like showing a password while a user types it or allowing for copy and pasting in the password box that it is more likely that the password will be compromised. In fact, the opposite is true. Giving people options that make it easier for them to properly authenticate works to keep unauthorized users out of an account. 

#4 - Stop Using Password Hints

One popular way systems were set up was to allow them to answer questions to get into an account. This very system is a reason why many organizations have been infiltrated. People share more today than ever before and if all a hacker needs to do is know a little personal information about a person to gain access to an account, they can come across that information online; often for free.

#5 - Limit Password Attempts

If you lock users out after numerous attempts of entering the wrong credentials, you are doing yourself a service. Most times people will remember a password, and if they don’t they typically have it stored somewhere. Locking users out of an account, at least for a short period of time is a good deterrent from hackers that use substitution codes to try and guess a user’s credentials. 

#6 - Use Multi-factor Authentication

At MSPNetworks, we urge our clients to use multi-factor or two-factor authentication on every account that allows them to. According to NIST they want users to be able to demonstrate at least two of three authentication measures before a successful login. They are:

1. “Something you know” (like a password)
2. “Something you have” (like a mobile device)
3. “Something you are” (like a face or a fingerprint)

It stands to reason that if you can provide two out of three of those criteria, that you belong accessing the system or data that is password protected. 

Security has to be a priority for your business, and password creation has to be right up there with the skills everyone should have. If you would like to talk to one of our IT experts about password management and how we can help your business improve its authentication security, give us a call today at (516) 403-9001.

Today, employees have to be a major part of every business’ cybersecurity attempts. The reasoning is simple: attacks are more likely to come in the form of end user correspondence than on a direct assault of the network. As a result, it is important that cybersecurity is more than just another line item on a task list, it has to be built into the culture. Let’s discuss a few ways to get your employees to care about cybersecurity.

Why Is Cybersecurity A Nuisance?

This is not a new phenomenon. Your employees want to be productive. In their minds, any extra tasks that are assigned are a hindrance to that aim. Cybersecurity, in today’s businesses, also has a tendency to intrude on their desire to separate their home life from their work life. While this isn’t really the case in most scenarios, there certainly needs to be some cooperation from them to properly secure your network. 

By now your workers understand that security is extremely important. What they don’t understand is how it is their problem. You hire them to do a job, and for most of them, that job isn’t "security guard." That’s why it is important that cybersecurity is something they are confronted with from the beginning of their employment. It is a culture issue, not just an operational one. Let’s go through some ways you can get your staff to care about cybersecurity.

Remove the Red Tape

Today, a well-executed hack or social engineering attempt can completely devastate a business. In some cases, and this is especially true for smaller businesses, a hack can cause the closure of a business. Those types of events affect more than just the business owners or the stakeholders. 

To ensure that your staff gets just how important this issue is, level with them. You don’t need to keep the threats a secret any longer. A unified approach to cybersecurity requires that your employees know how hackers and scammers will go about trying to trick them into handing over access to the company network. This will not only actively remove the indifference most employees have about cybersecurity, but it will also ensure that they realize how important doing the right things are. 

Make Sure Your Staff is Personally Invested

For the average employee, any indifference they have about a business’ cybersecurity efforts comes from the idea that it doesn’t really have any effect on them. This is not true. Hackers don’t just want access to business information, they want access to the network. That means all of the data on that network. 

Making sure that employees understand that it’s just not company information, it is their personal information and that of their contemporaries. Reminding that their data is at stake might just be the thing needed to get them to take security measures seriously. 

Build Solid Training and Literacy Right Into Your Culture

As we mentioned above, one of the best ways to ensure that your staff understands their role in your organization’s cybersecurity plan is to build it into your culture. To do this, it has to be out in front. You need to mention it in your hiring process (interview, any collateral you use to outline employee responsibilities), it needs to be parsed out properly in your organization’s documentation (employee handbook, etc.), and it has to be something that every person in the business knows that they will be confronted with at some point.

Ensuring that your people don’t get complacent is a massive point of emphasis if you want to keep their cybersecurity literacy ongoing. On top of training, you need to keep up some type of consistent reminder that they are important to organizational efforts to keep hackers and other unauthorized entities off of the business’ network. The more time and effort you put into planning out your cybersecurity training, the more that people will get out of it. 

We Can Help!

Keeping your business from falling victim to a cyberattack takes a lot of effort. Our security professionals are constantly readying ourselves to assist our clients in keeping them free of threats and a lot of that is helping them come up with policies, procedures, and strategies to keep their employees engaged in this never-ending fight against hackers. Give us a call at (516) 403-9001 today to learn how we can help you protect your business.

One of the most effective means for a business to shave a few dollars off its budget (and potentially boost employee engagement, for that matter) is to adopt something called a Bring Your Own Device policy—effectively, an agreement that allows their team members to access business-owned documents and files on devices they personally own to get their work done. While these policies have been shown to be very effective, they also need to be carefully considered so they can be adopted appropriately.

Let’s take a few moments to review some practices that are recommended for a secure BYOD implementation.

Determine Acceptable Parameters

Device and OS Requirements

For your productivity to remain intact and for your organizational security to be preserved, the tools your team brings to use need to meet the baselines that you set—otherwise, there is likely to be a shortcoming that leaves an opening. Certain workflows may require a specific operating system to be used, simply for the processes to be compatible. Keeping track of your team’s chosen hardware will help you determine if their devices are eligible to participate.

Accepted Software

On the topic, your business workflows should have defined software solutions identified for your team to use so that processes can flow smoothly. Make sure your team knows that they are expected to use these titles for their work processes and that they are expected to have certain protections in place on their mobile devices before they can use them to work.

Upkeep Policies

When using a personal device to access your business’ network, there needs to be some supported expectation that the user will ensure that the device remains functional and secure. This could mean that only authorized dealers or professionals are authorized to perform basic maintenance tasks and that these tasks are carried out promptly.

Security Preparations

Encryption Policies

In terms of protecting your data from the prying eyes of hackers, you’d be hard-pressed to find a more effective method than encrypting it. Considering this, it is important that you encourage/require encryption to be put in place as a part of any BYOD policies you implement.

Password Standards

We know, we know… the importance of secure passwords is a topic that has been covered frontways, backways, and every which way for a long time. However, once people start to follow these guidelines, we’ll stop bringing it up. When it comes to strong passwords, make sure your team is using them on all their devices, and that these devices are set to lock if an incorrect password is repeatedly entered.

Data Handling Guidelines

Where your data is concerned, you need to also establish the proper means for it to be stored and accessed while an employee is using a personal device. Ideally, your BYOD plan will have the means to block any data transfers to an insecure device as well as establish the proper procedures for accessing this data.

Necessary Prerequisites

Data Removal Circumstances

When an employee’s device has access to your company’s data via a BYOD strategy, it is critical that you retain the means to rescind that access as needed—like if a device is lost or stolen, or if an employee leaves the company. You may also want to include the right to review an employee’s device for company-owned data so that it can be removed if they were to leave so that your data isn’t brought elsewhere or abused.

Lost or Stolen Device Procedures

On the topic, your team needs to have a reporting process to follow should something happen to their device that will help to ensure that mitigating actions can be appropriately taken. Reinforce that these reports need to be promptly submitted to help minimize the potential impact of such occurrences.

Breach of Policy Consequences

Finally, you need to establish how employees will be reprimanded should these policies go unheeded or disregarded. While the loss of BYOD privileges is a common tactic, you should also seriously consider what is acceptable before an employee should be terminated. Once these distinctions have been made, share that information with your team when they opt into your BYOD implementation, so they are aware of the severity of such indiscretions.

A Bring Your Own Device policy is an essential piece of the modern office’s IT considerations and is something that we can help you out within much more detail. Find out what needs to be done by calling (516) 403-9001 today.

Considering what the past year has been like, the idea that workplace burnout has been a hot topic isn’t all that surprising—even though less time has been spent in many offices than almost any other time to date. Regardless, burnout simply isn’t an office issue, meaning that remote workers are still susceptible to its ill effects.

This isn’t something that you want to encourage, so let’s go over what constitutes burnout and how to identify and address it for the benefit and betterment of your team.

What is Burnout?

Let’s face facts—most people that read this blog will have likely felt burnout for themselves at some time or another. Having said that, many likely underestimate the full experience that burnout can bring.

Most probably understand the all-encompassing tiredness that burnout is commonly associated with, both mentally and physically, but this state can also have additional impacts. Burnout also tends to make people feel apathetic and cynical, and it can lead to impaired motivation, lessened self-confidence, and other negative attributes.

When these outcomes come together, it can encourage the development of toxic workplace conditions that—if not avoided entirely—need to be addressed and resolved. To do that, you need to be able to spot burnout as it happens.

Spotting Burnout Amongst Your Team

If you hope to have any chance of catching burnout, you need to have a good awareness of your team members’ (and your own) mental state. Dedicating a few moments to brief self-evaluation to help identify the triggers that dictate how you are engaged (and likewise disengaged) in your work can make a huge difference over time.

With so many people currently feeling a loss of control over many aspects of their life, such stresses need to be kept under control in the office environment. One way to accomplish this is to establish some consistent and predictable routines to be followed in the office, emphasizing control, and decreasing the potency of employee burnout.

Resolving Burnout

Finally, one of the biggest key points to preventing the ill effects of burnout is the importance of taking a step away from it all—particularly when you don’t seem to have any time to waste.

While the human brain is a shockingly complex and capable construct, it does have its limits. Like anything else, it just isn’t built to support 100 percent efficiency, and forcing it will work out about as well as it sounds like it would. Giving yourself some respite in the form of some time off—even a few moments of it during the workday—can help prevent burnout from taking hold. 

On an organizational level, incentivized collaboration and other support incorporated into the workday can help prevent burnout even further.

MSPNetworks can help you where this comes into play. By giving your team the tools necessary to cultivate a cohesive and collaborative environment, we can help reduce the factors that contribute to burnout in general. Find out more by giving us a call at (516) 403-9001 today.

I’m not sure we need to tell you how important passwords are: they are the front-line defense to most of the accounts you create. What is often overlooked is the strategy of how to use a password to successfully protect accounts and data. Today, we will discuss best practices   when creating and managing your passwords and how you are likely approaching your password strategy improperly. 

Creating Strong Passwords 

It’s true that passwords can be a pain to manage. Anyone who has been locked out of an account because they can’t remember their password knows this all too well. That’s why it is important to create passwords that are both easy to remember and that are secure enough to protect you. Cybercriminals have tools at their disposal that do a pretty good job of being able to crack passwords, so you need to keep that in mind when you are choosing yours. 

As you set out to create your passwords, you should keep the following two points of emphasis in mind. 

1. A hacker may try to brute force attack any password that cannot be guessed or cracked, rapidly trying each combination possible.
2. A password’s security and its resistance to brute force attacks are two different things.

Brute force attacks can really be devastating, but when you create your passwords, you have to keep in mind that any hacker with the will to brute force your computing network and left with the time to complete their hack, will likely find a way into your network. What you are doing when you are selecting a strong, memorable password is trying to make certain that the only way they are cracking your password is through brute force.

Typically we like to encourage that your passwords meet the following metrics:

• Are longer, typically over 16 characters
• Use a combination of numerals, letters (with upper and lower case characters), and symbols
• Don’t use privileged or personal information, or any information that can be tied to you through online searches
• No common words or numbers
• No consecutive letters or numbers

So How Do You Optimize Your Password’s Effectiveness?

With those practices, you will be pretty far along, but you also have to understand that the hackers’ tools are extremely powerful. That’s why on top of those suggestions, you will also want to add some complexity to your passwords. Studies have shown that about 41 percent of all passwords are composed exclusively of lowercase letters. If we have access to this information, it stands to reason that someone who makes a living breaking into networks and stealing data knows it as well. Therefore, along with adding symbols, varying cases, and numerals, one strategy is to use a passphrase of random words. 

The reason for this is that, with a password that looks like this “7i&3RkIn&4L1f3” the chances that you remember it if you use the account sparingly is pretty low. Besides, it is not that secure, as it is effectively a complex sentence. Remember, the hacker has to get your password completely correct to effectively gain access, so instead of trying to come up with intricate ways of typing statements that can be easily guessed, try taking three words that don’t have any natural connection, incorporating numbers and some varying capitalization, and padding either side with symbols.

A process like this makes the password more usable. It very likely won’t be guessed, is long enough to protect your account, is effective against the brute force attack, and will be easier for you to remember. 

Speaking of which, since you shouldn’t use the same password for multiple accounts, you will end up with dozens of passwords. Keeping them straight, especially over the long haul (as you will likely have to reset passwords from time to time), is difficult. That’s why we recommend using a password manager. Many people take advantage of the password saving feature inside their browser. This is effective, but we recommend using a third-party manager that features encryption. This tool will be the most secure and reliable; and, you won’t have to worry about remembering every password. 

At MSPNetworks, we consider cybersecurity one of the most important parts of a business’ IT strategy. Give us a call a (516) 403-9001 to see how we can help you keep your IT assets safe. 

It isn’t often that you’ll hear a managed service provider say something like, “There’s no school like the old school.” In many ways, however, the basic principles of a solid business IT strategy haven’t changed all that much… despite the momentous changes that we’ve witnessed in terms of the technology we use. Let’s consider some of these principles, and how they’ve changed over time (if at all).

Securing Your Hardware Solutions

Restricting access to your business’ essential hardware solutions is certainly not a new idea. Even when on-site network and storage infrastructures were the way of doing things, these elements were restricted to employees who needed to work with the equipment—and had the key needed to get in.

Of course, these hardware solutions can be expensive to procure, run, and maintain, particularly for a small business. So, rather than investing the time, space, and energy into supporting these processes, businesses have instead shifted to procuring cloud services. This gives the subscribing organization access to the computing resources required for their needs, while freeing them of the associated responsibilities.

This also helps secure the business’ hardware, as the important stuff is tucked away in a provider’s data center. Since it is stored there, it is under their care and protection… certainly an effective means of restricting access.

The Purpose of IT

Let’s make something clear: information technology was never to be—and should never be—seen as a luxury investment for a business to make, or to simply be procured for the sake of having it. Rather, every new solution brought into your business needs to have an operational benefit.

Therefore, a business should not look to its IT resource to constantly be adding to its solution set, but it should also anticipate that the IT resource will do more than just keep their operations going. Instead, there needs to be a concerted effort by IT to establish how a new technology or approach to the business’ processes would provide some observable, positive results. In this regard, any IT resource that an organization leans on should be considered a consultant: an expert voice providing beneficial feedback and input—not just the reason that the computers work.

Threat Management

The typical processes for a business’ IT threat management have gone through a few iterations. Initially, a lot of these processes were responsive in nature—if a hacker could potentially get in, throw a few restrictions and password requirements into the mix. As time passed and threats developed further, this restrictive approach was amplified.

More recently, this has seen a bit of a shift, although keeping a network secure is still a priority. Nowadays, however, the solutions that are being utilized themselves feature greater security features, with more emphasis placed on educating users to better identify threats. After all, the employees a business hires are going to inherently be one of its bigger security liabilities without some understanding of how they make a company vulnerable.

Clearly, while the available technology we have access to has improved, the practices we’ve developed have needed to in kind. MSPNetworks is here to help you implement the technologies and processes that can make your business operate to its highest efficacy. To learn more about the solutions we can help you put into place, and how to leverage them to their full potential, call (516) 403-9001 today.

To preserve your cybersecurity, you need to have a comprehensive view of everything involved with your technology—and we do mean everything. Let’s consider a recent close call, involving the Democratic Republic of Congo that exemplifies this perfectly that could have potentially exposed millions of Internet users to serious threats.

First, it will be helpful to go over how websites work (giving you a hint as to the nature of the close call we’ll be discussing).

How Web Browsing Works

When navigating to a website, you type that website’s URL into your address bar and you’re brought to the website, right? While this is how it appears on the surface, there’s actually a lot more going on underneath.

The domain name we know, as users, to go to a website is different than the actual functioning name that your Internet browser recognizes. Instead, your browser recognizes a series of numbers known as an Internet Protocol (IP) Address. IP addresses are too in-depth of a topic for us to go into much detail here, but to sum up: they tell the browser which web server it needs to direct towards to find the desired website.

Obviously, a series of numbers is more difficult to remember than a name, so this discrepancy would make the Internet much harder to use if it weren’t for nameservers.

Nameservers are the component of the Internet that helps bridge the URL to the IP address. When you type a website into the address bar, the browser references a nameserver to find out where the correct web server is before requesting content from it. In essence, the nameserver helps your browser translate your request into a language it understands—in many ways acting like your browser’s GPS.

In other words, the nameserver is a crucially important part of how the Internet functions, which means that these servers are particularly important to keep secure… particularly if the nameserver in question controls a top-level domain (the “.com”,”.net”,or “.edu” part). If an attacker were to gain control of a top-level nameserver, man-in-the-middle attacks could be used to redirect web traffic to malicious websites.

What Happened in the Democratic Republic of Congo

Therefore, when security researcher Fredrik Almroth noticed that one of the nameservers for the .cd country code top-level domain (belonging to the Democratic Republic of Congo) was set to expire, he took notice. When these domains expire, as did the nameserver domain scpt-network.com did in October, the governments that own them have a set amount of time to renew it before someone else could claim it.

Almroth was monitoring this domain to ensure that it was renewed, just to be safe. Once the end of December rolled around, the security researcher was quick to snap it up to protect it from ne’er-do-wells who would otherwise abuse it. Because the other nameserver to the domain was still operational, Almroth simply had any requests timeout of his nameserver and be passed to the working one.

What Was at Risk?

In short, quite a bit. With possession of such a nameserver, an attacker could potentially intercept any traffic—encrypted or not—directed to a .cd domain. This could give an attacker a frightening amount of power and control over thousands of websites.

The Congolese government ultimately opted to set up a new domain, ensuring that security was never in question.

What Your Business Can Learn From This

In short, technology can be complicated, which means that threats can potentially come from every angle.

Cybercriminals are irritatingly resourceful and will absolutely resort to cheap tricks to get their way. The size of their target is also irrelevant to them, so whether they’re targeting a government infrastructure or the website a local store keeps up doesn’t particularly concern them. As such, businesses of all shapes and sizes need to have a trusted resource they can rely on to keep their IT in order, especially in terms of its security.

As such a resource to many businesses, MSPNetworks prioritizes keeping an eye on all aspects of our clients’ technology solutions to help avoid issues like these that could otherwise have gone unnoticed. To find out more about what we can do for your operations, give us a call at (516) 403-9001 today.

2020 was… well, 2020… so it really isn’t any surprise that those businesses that made it to 2021 aren’t quite out of the woods yet. The many difficulties and challenges that 2020 brought will carry over into this year, many of them pertaining to information technology and how businesses utilize it. Let’s take a few moments to anticipate how these IT challenges will manifest this year.

Where Work Can Be Done

In the recent past, remote work was almost seen as a taboo subject—many businesses either discouraged it or neglected to implement any organized policies in the first place. Even amongst those businesses that did adopt some form of remote work, only 20 percent or so of their employees were able to work remotely.

2020 changed this considerably, as many businesses hastily adopted remote work as a means of remaining operational. Some businesses—if they were able to do so—completely transitioned to remote work.

These shifts have necessitated numerous changes to be made so that businesses can ensure their workforce’s productivity and safety simultaneously. These changes won’t go away anytime soon if projections are to be believed.

Moving forward, companies will need to ensure that the correct security protocols are implemented, and processes carried out, particularly because many users will likely be working on their personal devices. This means that implementing remote monitoring and management solutions will be an important step for businesses to take from here on out.

Fighting Burnout and Downtime

With the prospect of remote work preserving productivity, it becomes important to protect it from other negative influences. The fight against downtime should be a matter any business takes very seriously… after all, its clients will expect 100 percent uptime, and anything less than that will quickly erode the trust they have.

After the year we’ve all just experienced, that trust is something no business can squander.

In addition to having trustworthy technology, businesses must also make sure that their team members are receiving the requisite TLC. Technology solutions aren’t the only component of your business subject to downtime: fatigue and burnout can each have a considerable impact on morale and output. Considering this, these factors also need to be addressed.

Budgeting

The past year flushed many business’ budgets down the proverbial toilet, which will carry over into this year by some measure. Money is bound to be tight. As a result, any proposed investments need to be scrutinized for the return they provide to the business.

We predict that this will lead many more businesses to the cloud as a means of acquiring the services and solutions they need. In addition to this, we expect automation and tools like it to be given much more consideration.

One way or another, 2021 will see some considerable changes to how businesses do their business. MSPNetworks can be here to help you see them through, and beyond. Learn more about our solutions and how they can benefit you by calling (516) 403-9001 today.

Unfortunately, the more people lean on technology, the more data breaches there are. The correlation makes sense, but with so much innovation in data security and data systems, it’s a shame more can’t be done to keep businesses and individuals from losing data to opportunists and scammers. That’s why knowing how to circumvent these forces is essential to keep your data safe. Let’s take a look at how the people that are best at it keep their data secure. 

Best Practices Keep It Simple

To avoid negative data situations like this you will want to ensure that your best practices are being followed. In this particular case, they aren’t very complex. They include:

• Keeping data (particularly sensitive data) organized in secure locations
• Keeping data on a need-to-know basis via access controls

That’s the list. It’s not a lot to consider on the surface, but let’s unpack them a bit. By keeping data in a secure location, it makes it easier for the professionals that manage your data and infrastructure to respond to a breach; and, by controlling who can access what, they can easily identify where the problem comes from and work to remedy it. 

Detecting When You’ve Been Breached

Obviously, to remedy against data breaches, you actually have to know that you’ve been breached. Unfortunately, attackers are using more sophisticated methods than ever to hack into your network, making evasion a priority. This means that the speed in which you identify a data breach is taking place is one of the most important factors. 

Businesses today are using smart technology to consistently monitor and automate a response. A Netwrix 2020 Data Breach and Security report suggests that organizations using automation were better able to detect data breaches in minutes rather than hours or days. Comparatively, most of those without (56 percent) measured their detection time in days.

Respond Confidently

It can be quite off putting to consider that people are trying to break into your network. This is why you have all those procedures in place, after all. For those that haven’t gotten around to concocting a cyber threat response strategy for their team, it’s important that it is standardized and consistent; it makes it easier to follow should you have to deal with it. 

Your business will definitely have to train its staff on what to do if they are confronted with a cyber threat. Training your staff on phishing, password hygiene, and more will put your workforce in a position to help you sustain a record of security, not hinder it. On top of testing, you should consider evaluating each worker individually to better understand who needs more training and who is competent to effectively respond against these threats.

Staying On Your Toes

Having the tools to recover from a data breach is almost as important as thwarting one. Your business may be on solid footing today, but one scam, hack, or situation brought on by outside forces can floor your business. Not only do you need to have the infrastructure and the support team in place to deal with a potential data breach, you have to know that your business can recover from one. This is why you need a business continuity plan with a full data backup and recovery strategy in place. Additionally, the exploit you have dealt with could have come from a vulnerability on your network (not a human). You will need to ensure that your team’s access credentials are updated and all software patched to their most current versions.

This is not a situation you have to handle alone. Call the IT professionals at MSPNetworks today at (516) 403-9001 to learn about how we can help you protect your business against cyber threats, and provide you with the tools and support to handle any situation that comes your way.

When looking to improve your business via the use of technology, it helps to keep a few basic tenets in mind. Let’s review some strategies to help reinforce their importance.

Consistently Utilize Uniform Tools and Processes

Picture it this way—while it is perfectly possible to transfer data from Microsoft’s solution suite to Google Workplace (and vice versa), it just isn’t nearly as convenient for your employees to do so… and since this transfer is entirely in their hands, there is a high potential for user error and other issues to slip by.

The same goes for how your internal data is handled. Without established storage conventions or an established storage space shared amongst your team, things are bound to go missing or be inaccessible to others who need it. By establishing and enforcing standard operating processes, you better enable your team members to stay on the same page and working cohesively.

Prioritize Security

Your team members all need to have a well-developed appreciation for the importance of data security, particularly when using the tools discussed above. From password requirements to multi-factor authentication to phishing awareness and more, you need to make a concerted effort to keep focus on the consequences a data breach could have and how the security safeguards you have in place can help protect the business and its data.

Numerous other tools and solutions exist that allow you to lock down your business more effectively. However, your team members also need to buy into these ideas. Encourage these practices and policies by performing regular evaluations of your team and giving them feedback based on their responses.

Promote Mobile Solutions

Finally, mobility is an important part of a business’ processes, so the capability to bring your work around with you needs to be promoted throughout your operations. This will help your business to be more flexible, responsive, and productive wherever and whenever the opportunity presents itself.

MSPNetworks can provide the tools needed to enable all of these practices. To find out more about what we can do for you, reach out to us at (516) 403-9001.

It is important that you have a handle on the technology that your business utilizes, which will require you to maintain comprehensive documentation regarding it and its support. Here, we’ll go through what a managed service provider includes in this documentation, as well as how it is used.

What Does This Documentation Include?

In short, everything there is to know about every piece of technology you rely upon to function. This can easily be divided between your hardware and software resources:

Hardware

This documentation covers all the information about the physical devices you use.

Serial/Model Numbers — This allows for simple identification of the technology that needs support, as well as the kind of device it is for your support team’s benefit.

Purchase Dates — Knowing when a piece of hardware was acquired can help you to make decisions when weighing the cost benefits of repairing or replacing it if something were to go wrong.

Warranty Information — Knowing whether a piece of equipment is still under warranty can also help the above decision-making process. After all, why buy something new if you can get it replaced or repaired for free?

Installation Dates — Again, like the purchase date of a piece of hardware, knowing when it was installed can help with the troubleshooting process if it were to need support.

Physical Locations — Knowing where a piece of IT is located not only helps your support team to service it more easily, it enables you to keep better track of where your assets are.

Device Names — Standardized technology deployments can make it challenging to confirm if the right device is in the right spot. Naming the device helps to differentiate it from the others just like it.

IP Addresses — Much like it helps you to know the physical location of each device, knowing the IP address simply helps you to identify a device on your network.

Support Information — Finally, keeping your hardware documented makes it easier to locate the appropriate support information, should it ever be needed.

Software

Meanwhile, this documentation covers all the critical information about the software you possess.

Product Licenses — This is effectively the same as the serial number on a hardware solution. This tells you the individual identification number of the copy (or copies) of the software you are able to use.

Purchase Dates — Again, knowing when you acquired something is an invaluable data point concerning its support, as it helps define if your solution is under warranty and other important variables.

Install Dates — Similarly, knowing when a software solution was installed can provide a variety of important information, particularly involving any weaknesses in its programming.

Subscription Details — Or, in other words, how many of a software’s capabilities are you able to use, and for how long? This is vital to know if you want to keep these tools available to your users.

Usernames — Speaking of your users, you need to define who can access each software title with their username. This will help you keep track of each user’s capabilities and permissions.

Version History — Finally, keeping track of the current version of each of your software will allow you to know if an update is called for, or if there are any vulnerabilities that you need to be concerned about.

Of course, you should also maintain documentation on the proper procedures to maintain all these solutions, as well.

What is the Benefit of All This Documentation?

With the help of a managed service provider like MSPNetworks, these in-depth records immediately become worth the effort. In addition to simply keeping this documentation up-to-date, an MSP will also refer to it as a resource.

Let’s assume that one of your hardware solutions begins acting up. It doesn’t really matter which, as the MSP working with you has up-to-date records of all of them. So, as your desktop/router/server is acting up, the MSP not only has a historical record to help them shape their approach, they have additional data to help guide their decision.

For instance, if this piece of technology has required you to spend excessive time on it over a given timeframe, you will have that data tucked away in your documentation. As a result, the next time an issue arises, you will be able to determine if it is more economical to replace said technology than it would be to continue repairing it.

In many ways, documentation simply serves as a better alternative to relying on memory.

If you’re interested in learning more about how working with MSPNetworks can benefit your business processes through improved documentation and so many other means, give our team a call at (516) 403-9001! 

Data security isn’t a matter to be taken lightly, as too many businesses have found out the hard way. Unfortunately, there are far too many simple ways to correct common security issues - enough that it’s foolish not to do so. We’ll review a few ways to fix security issues, after discussing one of, if not the, most egregious security failings in modern history.

The Equifax Problem

Sometime between May and July of 2017, the credit-reporting giant Equifax suffered a massive data breach that, as of this writing, exposed 148.1 million records containing the personally identifiable information of their customers. In other words, this breach exposed the data of almost half of the population of the United States of America.

In the aftermath of the Equifax data breach scandal, former CEO Richard Smith was cross-examined by Congress. Upon hearing Smith’s defense of “human and technology errors,” Chairman of the House energy and commerce committee Greg Walden quipped, “I don’t think that we can pass a law that fixes stupid.”

How to Fix Your Business’ Security

While Walden may be correct that stupid can’t be fixed by legislation, it may be able to be mitigated through the faithful enforcement of certain standards and practices. These standards should be enforced both on an organizational level, and on a case-by-case, personal basis.

First, let’s review what you should enforce in your organization:

1. Compliance should be the baseline - Unfortunately, compliance with regulations often does not equal true data security. Instead of looking at compliance as being the ultimate goal for your business, consider it the first step to your business security strategy.
2. Vulnerabilities need to be promptly remediated - It is astounding that so many exploits rely on known vulnerabilities… a full 99 percent of them.  Furthermore, other attack vectors often utilize vulnerabilities that are a half a year old at least. Patching these vulnerabilities as soon as possible will help cut down on threats to your business’ data and infrastructure. 
3. Data security needs to be centralized, organized, and assigned - While security should be a shared responsibility throughout the company, there needs to also be someone taking lead and accepting responsibility for ensuring that data is properly distributed in a secure fashion. Part of this responsibility should be to implement access controls, ensuring that the data only can spread to whomever it needs to and no one else.

Encouraging Your Employees’ Security

Of course, your employees are largely in control of how secure your company remains. This could be a bad thing, unless they are also held to certain best practices that keep data, and the accounts that can access it, secure. There are a few basic rules you can enforce among your staff to help encourage them to act securely.

1. Lazy credential habits - There are a variety of behaviors to adopt that can better protect the accounts and solutions that your employees have. First of all, the classic password problem: reusing the same password for every account. If one or more of your employees does this, each one is essentially creating a master key that someone could use to access everything in their life, including your data. Neglecting to set a passcode of some sort for a mobile device can cause the same issue. An effective way to remedy this kind of behavior is to utilize a password management system. That way, your employee can reduce the number of passwords they have to remember, without sacrificing security.
2. Oversharing - While you can’t necessarily control what your employees do in their off-hours, you should reinforce how easily a cybercriminal could piece together their passwords through some examination of their social media, especially if they subscribe to the lazy credential habits we just reviewed. See if they’ll avoid sharing personal anecdotes or information without first restricting the audience that can see that particular post. At the very least, they should have their social media accounts set so that only their approved friends can see their content. Furthermore, do your best to avoid oversharing from the office. Images can easily show confidential information if you aren’t careful, by accidentally capturing an invoice or your customer relationship management solution pulled up on a screen in the picture. Review what you are about to post before taking the image and before you share it online. 
3. Using the wrong Wi-Fi - While public Wi-Fi connections may be convenient, you should remind your employees that this convenience comes at a price: the security of public Wi-Fi is suspect at best. They should be warned against doing anything especially important over a public Wi-Fi signal, like banking or checking their email.

Data security is a critically important consideration, in part because there are so many ways that it can be undermined. We have some solutions to offer that can help keep your business secure (despite what may sometimes seem to be your employees’ best efforts). Reach out to MSPNetworks at (516) 403-9001 today!