The Bottom Line on MSP’s
With the end of fiscal year 2021 rapidly approaching, now is the time that many companies are setting next years budget, evaluating current positions in the market, and looking for ways to decrease headaches and increase their bottom line. Some companies are looking to hire new, talented employees, from salespeople to truck drivers and warehouse workers. Others are looking to find areas in which they can maximize existing assets to drive revenue and growth for their enterprise, and some are trying to right the ship to avoid a seemingly inevitable crash.
One of the focus points for many companies is their IT division if they have one or filling a gap in their network management in the most effective way possible. This is where a managed service provider comes in. A managed service provider gives you all of the expertise of an in-house IT department at a fraction of the cost. In the United States, the
average cost of employing an IT professional can range anywhere from $60,000 a year to over $100,000 a year depending on the level of experience and expertise of the employee. IT being the multi-faceted department that it is, if you were to try to fill all these necessary roles, such as help desk, security, network professionals, and CIO’s, you are looking at spending anywhere from hundreds of thousands to millions of dollars a year depending on the size of your enterprise. An MSP, such as DelVal Technology Solutions, gives you
unfettered access to these professionals on a contractual basis, often for less than it costs to employ a single IT person per year. For this lower cost, you have access to an entire team that can be on hand when needed, monitoring and securing your network, watching out for your blind spots, and advising you on important technological decisions.
Take a look around your office space, if you haven’t done proper technological house keeping in a while, there is a good chance you have a lot of unneeded hardware. When you bring on an MSP, one of the first things they will give you is a tech assessment and roadmap. Chances are you don’t need a lot of the extra hardware you are running or planning to buy. A proper MSP like DTS will help you take your business to the cloud. This move will free up a lot of space as well as help you cut down on your energy costs by eliminating
redundant hardware.
This also works with software too. Many MSP’s are partnered with top SaaS (software as a service) providers, allowing you to pay monthly for things like Microsoft Exchange, 365, and your Adobe suites. By subscribing to these licenses, it allows for easier, more affordable scalability and the ability to add users without an extra associated cost. Another benefit of an MSP is the amount of downtime you can eliminate on a consistent basis. Downtime can plague businesses, in fact, it has been said that 72 hours of downtime can lead to a destruction of a company almost 70% of the time. Having a great MSP on your side, such as Delval Technology Solutions, gives you access to technicians, a help desk, and a
security team all wrapped into one monthly payment. If you have a problem, be it an outage, employee confusion, or a catastrophe, your MSP is there to make sure
you are up and running again as quickly as possible.
Not having to worry about employing an entire in-house IT team also allows you to reallocate funds to other departments, as opposed to allocating new funds to these departments. This can open many doors for your business. That extra available revenue can be used to market your company, invest in new products or services, hire new employees, or incentivize your current team. Whatever you do with those funds is up to you, but partnering with an MSP can help you turn your savings into profit, not only helping your bottom line, but growing it as well.
Many companies look at cyber-security as insurance, but it can be so much more than that. Attacks and breaches can cost companies thousands if not millions in losses and regulatory fees, on top of the downtime it can cause. A security minded MSP partner, such as Delval Technology Solutions, can not only help you recover from these pitfalls, but also avoid catastrophe before it happens. They can aid in training your staff, monitoring your network, testing for holes that intruders can get into, and protecting your endpoints. On top of this they can help you ensure that you are compliant, which can be confusing as new regulations or changes to existing regulations seem to change on a near daily basis. Staying ahead of cyber-criminals and regulatory issues can be the difference between smooth sailing and lost revenue and market trust.
While partnering with an MSP may seem like a bill to pay, it is in fact a way to save money. You can cut down on existing overhead, be it personnel or technology. It allows you piece of mind that you will be able to enjoy reduced downtime and increased productivity, making for a healthier company ecosystem. The headaches and anxiety of cyber-security and compliance can be replaced with piece of mind knowing your business is protected, allowing you to focus on your bottom line.
Arm Your Employees with Cybersecurity Training in Pennsylvania
At Delval Technology Solutions, we know cybersecurity training is an excellent way to teach your employees how to spot a scam. But that doesn’t quite capture the urgency of making sure your team knows how to defend your business.
Hackers attack every 39 seconds, according to the University of Maryland. With cybercrimes increasing in frequency and criminals growing increasingly sophisticated with their techniques, training your team is no longer an option; it’s a necessity.
With a data breach that is all but certain to cause expensive downtime, compliance fines and reputational damage, it’s time you armed your team with a comprehensive array of cybersecurity solutions. From identifying spam and malware to social engineering and phishing, it’s not as complicated as you might think to get each team member on board with protecting your data — and your company.
A Solid Way to Defend Your Business
Professional cybersecurity training teaches the basics, such as how multi-authentication passwords are the first line of defense to protect your sensitive data from hackers. Your employees can be trained to never use the same password for their accounts. They can be taught to use strong passwords that use a mix of symbols, letters and numbers, so no one will come close to guessing it.
Your employees can’t be expected to walk in the door on their first day and know how to identify cybersecurity threats. But one of the downfalls with security awareness is that some employers only employ training as an onboarding event. Unfortunately, your team will be faced with threats continually — not just on their first day or week on the job.
When confronted with cyberthreats, most people can’t tell the difference between a legitimate link and a malicious one. This is probably why 95% of cybersecurity breaches are caused by human error, according to IBM.
Cybersecurity training mimics the latest threats and teaches employees how to separate legitimate and questionable emails.
As a business owner, you can institute policies that ingrain bulletproof cyber hygiene habits, such as instructions for emails, the internet and social media platforms. But be sure to make the training consistent and a regular calendar event.
How We Help
The team at Delval Technology Solutions gives you pertinent guidelines that keep your data safe with regularly scheduled training on how to avert the most up-to-date scams. It’s important that your employees stay fresh in their knowledge and on guard against cyberthreats. Once they’re in the throes of their roles, it might not be top of mind to safeguard your data. But frequent and continual training throughout the lifetime of their roles ensures that the skills they develop remain relevant and applicable to the most modern threats.
With more companies succumbing to cyberattacks, it’s crucial that 100% of your team is on deck to stave off lurking threats with cybersecurity solutions. If your long-term goal is to grow your business and succeed — we know it is! — training your employees to recognize malware and phishing or any of the other lurking dangers is a necessity.
If given a chance, your employees want to help you dodge cybersecurity threats. Give them the shared responsibility of acting as your defender, and they’ll gladly comply — they want your business to thrive, too. They just need the tools and knowledge on how to do it.
Cybercrimes are becoming more sophisticated, and data breaches are rapidly increasing. Arm your employees with the knowledge they need to improve their cybersecurity procedures, policies and best practices. Help them help you.
A Word on Social Engineering and Gift Cards…
I walked into my local supermarket yesterday and saw a curious poster. It had a police officer blowing his whistle, which is basically crime stoppers 101. That isn’t the interesting part. That would be that this poster existed to warn consumers that if someone is asking them for hundreds of dollars in Google, Apple, or Amazon gift cards, that they are probably getting scammed. With the rise in cyber-attacks ranging from government, to corporations, to private citizens, it is becoming increasingly important that you know the signs that someone is trying to trick you. This is what is known as social engineering.
Social engineering is a sophisticated form of manipulation. This is because the goal isn’t to use your technology against you, like malware and spyware attack, but to use you against yourself. These malicious actors seek to convince you to act against the best interest of yourself and at times your business or employer, using things such as email, SMS text messages, and phone calls. I’m sure you have gotten these messages at an increasing rate recently. Text messages telling you that you have been approved for a loan you didn’t apply for or won a contest you never entered. Emails telling you that you must act now because your account has been compromised, your job is in jeopardy or you owe the government money. Who can forget, the phone calls. Most of us at this point get about four calls a day about our cars extended warranty or that our social security number has been compromised. These all share one very common trait, they are coming from a new wave of hackers and scammers who want to get your login information, credit card numbers or your money directly.
How do these attacks occur? What should you be looking for? The most common form of social engineering attacks are text based. The latest batch come from what seems to be trusted sources. This could by anything from an “HR rep” who needs you to click a link and reenter your login credentials, to an email from your “boss” who is stranded in a foreign country with no money and can only get home with Itunes gift cards. It is first important to read these messages carefully and look for the signs of malicious activity. Do these messages come with a forceful sense of urgency? Phishing attacks are often set up to scare the recipient into making a mistake, be it downloading a malicious file or logging
in important information into a scam form. They will say things like “CLICKHERE TO AVOID INTERUPPTION” or “URGENT ACTION NEEDED”. This is because when we
are afraid, it oftentimes overrides our due diligence. We are working so hard to avoid the consequence, that it is easier to overlook the fact that something is off with the email or text.
One of these things that may be off is grammar and punctuation. The English language is incredibly complex with it’s grammar rules and punctuations. Many of the people carrying out these attacks are foreign actors who while they have a grasp on the English language, they don’t know the intricate rules that dictate it. This is important. Run on sentences, improper or complete lack of punctuation, or rudimentary grammar mistakes are all signs that this email or text isn’t coming from who they say it is and is in fact a phishing attack. Take your HR rep for example. Usually, the emails they send you are professionally written. However, if you receive one asking you to login to an unknown site or to send them your information, look closely. Does it start with Dear, or To Whom it May Concern or some other unusual greeting from someone who usually goes straight into the message? See that string of thoughts without the usual commas and proper tenses? That is a surefire sign that you are being phished. As a rule, if you receive something that appears out of the
ordinary, call the person or send them an email. If Mike from IT supposedly sent you the email, call him and double check that it’s from him. Chances are, it isn’t.
Another important thing to check is the email addresses, the links attached and domain names. If something seems off, a good trick is to check other emails from the “sender”. Is the email address the same, or is this a variation of their usual email address? Even an email from someone you know can be malicious if there are other red flags as compromised accounts are something that can happen. What about the attachment thaht’s there? Is there a hyperlinked piece of text? Hover your cursor over these things. Chances are they are links to a place you don’t want to end up such as a mirror site that goes to the hackers . Even if it looks good, take a closer look, as one letter or a hyphen can make all the difference in the destination. Cross reference that with the email address. If it says it’s from paypal.com but that link reads Pay-Pal.com, well dear reader, that’s a trap.
You can avoid these social engineering attacks ramifications, and it’s surprisingly simple to protect yourself. It comes down to awareness and discernment. If something seems out of the ordinary, chances are it is. Never answer a text message or click on a link from a sender who you are unaware of. If you receive something with an extreme sense of urgency seemingly at random, leave it be. If you get an email from a boss or colleague at a random hour, say 4:30 am, it’s probable they didn’t send it. Cross reference sender
information with old emails and keep an eye out for grammar issues. Never click on links or download attachments without due diligence, hovering for hyperlinks, and checking with the sender to see if they actually sent it. When in doubt, double check. Finally, always report these attacks to your IT team, be it in house or your friendly neighborhood managed service provider like your friends at Delval Technology Solutions.
Stay Clean: A Word on Digital Hygeine
We all have our daily routines we do in the name of hygiene. Showers, shaving, brushing our teeth, washing our hair, we do these so we not only look our best, but to avoid issues that come from not doing these things. We want our teeth to be clean, so they don’t fall out and we can smile without reservation. We want our hair at it’s best. Our skin and our clothes, well these are more than just first impression things, they also will help keep people around us, no one wants to be the smelly one. Hygiene is important, and that isn’t just for our bodies, also for our network.
Digital hygiene is a term that has become prominent in the past few years. It’s applying the same principals we use to our physical hygiene, a combination of routines, cleanliness and upkeep, to make sure our network is running at an optimal rate. Digital Hygiene also ensures that we are running a safe network for our business, our customers, and ourselves. But what should be on this checklist?
Many companies use various SaaS (software as a service) products. However, this can leave holes in your system without proper maintenance. Updates and patches for these products occur for a few reasons. One of which is adding new features to your software, as SaaS allows for quick and constant product evolution. The other reason is more about security. When hackers attack these software’s, or holes are reported to the developer, new patches are usually put out as quickly as possible. A great example of this is the Zero Day
attack on Microsoft Exchange servers. Once reported to Microsoft, their team worked quickly to patch these holes that allowed for the intrusions. Make sure you are checking your notifications from these developers frequently and updating your software as soon as they become available to ensure you are running smoothly and safely.
Your backups are also important. We here at Delval Technology Solutions recommend the method of 321. This means each important file and folder should be backed up three different times. You want to make sure they are backed up in at least two different places, be it cloud networks, external hard drives or flash drives. Finally, one of these copies should be kept offsite in case of emergency or not being able to get access to your internal network. From there, you want to ensure that these backups are properly encrypted and can only be accessed with a properly corresponding key. This way, if any unauthorized party does get through, the information is useless to them as they cannot read it.
Finally, it is of the utmost importance that you regularly test these backups. Many people think all you have to do is backup your data and leave it at that. In reality you need to check these backups to ensure that they are legible, accessible, and can be used in case of an emergency. Speaking of emergency’s, have a proper disaster plan in place is important to your digital hygiene. We have touched on this before in other blogs, but it bears repeating. There is no such thing as a 100% foolproof system. Human error can occur, a hacker could sneak in, or a natural disaster can take down your office or your network. How you handle these situations can be the difference between a minor headache and a catastrophe. You should be properly training your staff to protect against social engineering attacks, doing walk throughs of you office space to ensure that your hardware is placed in safe and secure areas. Testing is another important area of digital hygiene. This extends past your backups. You should be testing your hardware, your software and most importantly, your security.
Having a proper MSP by your side, such as Delval Technology Solutions, will ensure that you have a team of experts with trained eyes running these tests. They can look for flaws in your firewalls, backdoors for hackers to access, and test your endpoints. On top of this, if anyone did get in your system, these tests can allow you to find them at a much quicker rate and get them to where they belong, away from your network.
The final part of this is about access, who has access to what in regard to your network. Not everyone in your organization needs access to every file, which makes it important to segment your data accordingly. Certain information should be kept on a need-to-know basis, in order not only ensure a proper workflow, but also proper security. Another important part of access is your passwords. We recommend using random password generators, as it will keep the urge to use basic passwords that while easy to remember are also
easily cracked. Update these passwords every few months, so if you make any organizational changes or do have intrusions, you can at least ensure that they
won’t be able to get back in if they are unauthorized.
Think of your digital hygiene in the same way you do your regular hygiene. It is more than just about keeping up appearances. It can also dictate how people interact with you, as well as give you piece of mind when interacting with the outside world. Things such as testing your systems and your backups, changing your passwords, running proper updates, and having a disaster recovery plan are your maintenance routine. These are the teeth, hair and skin of your network, and as with many other things, a clean workplace is a happy, productive workplace.
Set It and Forget It Is Not Security
The term “set it and forget it” is one that was popularized by Ron Popeil when he took to the airwaves to push his at home Rotisserie. You could put your chicken in, set the timer, and go on with your day. Now, for those of use who like a good rotisserie chicken, this was the perfect device. However, the “set it and forget it” mindset began to take hold in many things
that it shouldn’t. Personal investments, business devices such as contact centers, these are things that cannot just be set and forgotten. Another one of these things, cyber-security. Unfortunately, many businesses across the country use the “set it and forget it” model when implementing their cyber security, and don’t realize they made a mistake until it’s to late.
When you think cyber-security, what comes to mind? For most of us over a certain age, our minds harken back to the days of anti-virus software, where you would install your program of choice, and hope it covered the rest. Just like basically everything else in terms of technology, your cyber security needs evolve, sometimes at a rapid rate. Hackers today are more sophisticated than ever, and even sell their services to novice hackers. This means that the threat of an attack is always on the horizon. This is a huge part of the reasoning against a set it and forget it model to cyber-security. If the hackers are taking steps every day to refine their tactics, and finding new ways to access your network, shouldn’t you have a cyber-security plan that tries to stay ahead of them?
Let’s face it, advertising works. We buy products, ask our doctors for prescriptions, and make choices partly due to the marketing surrounding a product. You may see ads for cyber security programs, new malware, spyware, and anti-virus software telling you that it’s all you need. Don’t fall for it. What you need is expertise. A proper MSSP or Managed Security Services Provider, such as Delval Technology Solutions, will begin with what’s referred to as a risk assessment. This is when a set of trained eyes look at your system for all
the holes that can leave open doors to cyber criminals trying to steal your precious data. This isn’t limited to your pc’s, your cloud systems, software, and basically any other piece of infrastructure that can be accessed by your staff as well as hackers and disgruntled former employees. This can cover everything from your endpoints to unpatched software that you have installed, and your company workstations.
From there, these experts can tell you what they see that the untrained eye most likely would have missed. They will work with you to both upgrade and streamline your systems. Any pieces of software and hardware that no longer serve a purpose will be eliminated, saving you space and money. They will work with you to ensure that all updates and patches are installed, to further help plug up the holes that may be plaguing your network. New, up to date security software, as well as things such as 2 factor authentication will be implemented to make sure that your team is able to access your network safely and securely from anywhere.
A proper MSP, such as Delval Technology Solutions, who is security minded will also aid you in training your staff on proper security measures. This is not a one time thing, but a monthly process, as the methods of cyber attackers are ever changing. This gives you a vigilant front line who is ready to spot and report malicious activity before it can destroy your
network. It will also give you an indication of areas you need to focus on further to ensure that your team is able to handle any situation that may be thrown at them.
The job of a good MSSP isn’t just to make sure you are secure, it’s also to ensure that you are compliant to any regulations that may affect your industry. In the past two years alone, more privacy regulations have been passed than the preceding 100 years. Staying on top of these is a full time job in and of itself, but one that can cause pain to your customers,
employees and bottom line if they aren’t properly adhered to. A great partner will stay on top of these new regulations and not only keep you aware, but help you stay compliant.
Finally, a good partner will monitor your network in real time. After all, these are experts who know what to look at. Just as you would hire a mechanic to fix your fleet of trucks, a proper security team can spot red flags that you may have missed and implement real time solutions to stop hackers in their tracks, before they can take down your network.
Set it and forget it is a fantastic way to make delicious juicy chicken. However, by implementing a set it and forget it model to your cyber security does nothing but make you a delicious, juicy target to cyber-criminals and other malicious actors. Staying on top of security is a full time job. The best way to do so is partner with an MSP that handles your security in real time. Cyber criminals are always growing and evolving their methods of attack, so find a partner who is always growing and evolving their methods of defense.
Dark Web Protection in Pennsylvania – Four Strategies to Shield Your Business
Delval Technology Solutions has years of experience countering attacks in the Pennsylvania area that stem from the dark web, and it can create quite the mess for your business. Cybersecurity and dark web protection go hand in hand, with many forms of ransomware, malware and phishing originating from this anonymous online underground. And once you’ve been targeted, it can be hard to recover.
Data breaches result in downtime, which can cost a company on average $5,600 per minute. And if you don’t have a professional business continuity solution with 24/7 support, productivity can completely collapse during the recovery stage. In the worst-case scenario, your business could end up closing like sixty percent of small businesses that experience a data breach.
But cybersecurity and dark web risks don’t have to be inevitable for your business. Here are four ways you can reinforce your cybersecurity and dark web protection starting today.
1. Install Dark Web Scanning
Dark web protection and scanning can defend your data by continually monitoring your systems for suspicious activity, attempted breaches and security weaknesses. Automated software can then send alerts to let you know what data is potentially compromised, allowing you to act faster and stay secure.
2. Take a Proactive Approach
Don’t wait until you’re the victim of a cyberattack to react. The number one thing cybercriminals want you to do is not notice what happened until afterward. By then, they’ve likely already started sharing and selling your data on the dark web. With cybercrime on the rise, it’s smart to incorporate technology to monitor your network before — not after — you experience an attack on your business.
3. Employ Training and Security
Cybercriminals won’t discriminate. They want your personal and business data, educational information, medical records and everything in between. Once it hits the dark web, odds are, it will sell. Protect your assets from the frontlines by training your employees to spot a phishing attempt and teach them what to do in the event of a possible security breach. Simulations are another aspect of cybersecurity training that tests your staff’s security knowledge and can be incorporated into a fun and educational team bonding challenge.
4. Partner with a Professional
Managed service providers monitor your data for security breaches, install and patch software to defend against ongoing threats and train your employees to keep your business data safe and secure. Not only will you feel safer, but your team will regain the capacity to focus on your business objectives with ongoing IT support and consulting services available when you need them.
When you partner with Delval Technology Solutions for any and all of your technology and cybersecurity needs, we outfit your business with affordable technology that leaves you feeling protected, supported and empowered. To find out if your business is at risk or to learn more about our services, contact us today for your custom assessment.
HELP…desk: I Need Somebody
Look, we all need a little help sometime. This can come in the form of a loan from the bank, calling AAA if your car breaks down on the side of the road, or a help desk to reach out to in case of emergency with your network. The question we have though, “Are all help desks created equal? What should we look for in a help desk?” There are many factors involved in having a help desk that helps you with what you need, when you need it. Today we are going to look at a few things that let you know if your help desk is helpful, or just
another thing that needs to be fixed.
PERSONNEL
It may seem obvious, but this one is a big part of having a successful help desk. Who is manning it? The purpose of a help desk is for your in-house team to have someone to go to in case something goes awry. Having an unqualified person behind the desk is akin to asking a waiter what type of stove the cook is using. Yes, you may get an answer, but it’s probably not going to be the correct one, or something that is a general piece of information, like “a gas one” instead of the relevant information needed to answer your question. A proper help desk doesn’t just rely on one person. There is the customer service advisor who is manning the helm, they know a little bit of everything and can help with basic to moderate level issues. From there, a great help desk, such as the team at Delval Technology Solutions, will have a team of experts ranging in coding to security, ready and able to handle any
situation that may escalate.
RESPONSE
The stereotypical IT guy that we have seen in TV and movies for decades is usually some brash nerd who is going to make you feel downright infantile for asking a question. This is 100% not what you want in a helpdesk. A proper help desk usually not only can answer your question in a courteous manner, but should also be able to inform you on how to take matters in your own hands if the problem is a basic enough one or a commonly occurring one.
Another thing you want to keep track of is response time. When you reach out to your help desk you want to make sure that your wait time is as little as possible. Some problems can be fixed quickly, and few things are more frustrating that waiting hours to fix something that can take a couple of minutes. Also, not all problems are small ones. Some IT issues can go from bad to worse relatively quickly if you don’t get the help or advisement that’s needed. Having an avoidable issue become a catastrophe is the last thing anyone wants, and having a help desk that responds in a timely manner can make all the difference in how your business handles a potentially dangerous issue.
The other component in a great help desk response is how many channels you have to get in touch with them. Some only offer support via email, which we all have but at times can cause things to get lost in the shuffle. The other problem with email only is that while you may receive an answer in a prompt manner, it does become harder to step by step troubleshoot a problem. For that step-by-step troubleshooting, oftentimes having a live chat component can be incredibly useful. Find out if the live chat is automated, which may cut down on response time, but also may only work for basic issues. Some problems are not so simple as one answer, many are multi-faceted and having a real time answer to your question can make all the difference.
What if you aren’t by a computer, or the problem has completely shut your terminal down? Well , that’s why many providers, such as the good folks at Delval Technology Solutions, offer SMS help desk support. This way if you have a critical error on a machine, you can still get an answer to help you and your team get back to work with minimal headaches and anxiety.
SCALABILTY
For the most part, the goal for business owners is to grow their enterprises. It’s the American success story as old as time, a company goes from a small operation to a worldwide giant. For that to take place, you need to keep scalability in your mind when making your choices and a help desk is no different. As your volume grows, be it number of computers, to your hours, to even your locations, can you help desk handle it? If so, at what point does it cost you more money? These are all relevant questions to keep in mind when making your help desk choice. An ideal help desk is one that minimizes bottlenecking. As we spoke about before, some problems can go from small to large in a short amount of time. When your company grows, you want to ensure that your help desk of choice can give you the same response time and functionality that you had received when you signed on.
A helping hand can make the difference between climbing back up a mountain or falling of a cliff. Your help desk is no different. When making this decision, ask questions. See if the company is willing to let you test out their help desk. Ask them about their average response time. If you are looking to grow, see if they have pricing that is consistent, or if you
have to allocate additional funds if you need to scale up. Some companies that focus on customer service may even introduce you personally to their help desk staff so you can put a face to a name as to who you are going to be dealing with. Make sure you check how many lines of communication they have, to ensure that no matter what happens, you get the help your business needs.