How the Coronavirus crisis is the gateway to the other kind of virus

To say the COVID-19 pandemic gave the whole world a tough time would be an understatement. Economies collapsed, joblessness rose, people lost their loved ones and livelihoods to the disease. Adding to this situation was the need for social distancing and self-isolation which took a toll on mental health of millions across the world. 10 months into the pandemic or perhaps even before, people started growing tired of it and just when it seemed like humankind will give up collectively, there was a light at the end of the tunnel–Vaccines.

While the news of the first vaccine being approved and then administered in December 2020, was a huge victory for humankind and rightly welcomed with claps and cheers, cybercriminals were cheering too. For cybercriminals, this was a great opportunity to exploit the eager, mentally fatigued and vulnerable populace. Emails were sent with phishing links disguised as genuine which urged the recipients to fill a form to access their vaccination schedule and vaccine information. Some emails were made to look like it came from the FDA, United States CDC or the NHS (UK). Some had attachments that required recipients to download them and run exe (executable) files that planted malware into their systems. “E-commerce” sites were created overnight on the dark web and enticed people into ‘placing orders for vaccines’ at $250 each, in the ‘Black market’.

The point is, this is not the first organized cybercrime modus operandi and certainly won’t be the last. So, how do you protect yourself? Here are a couple of tips.

  • Do not download or open attachments or click on links from unknown, unverified sources or a source that you don’t trust.
  • Sometimes, the email or message may seem to be from someone you trust, but their account may have been compromised and used to send out the malicious link or attachment to you. Or, there may be a slight variation in the email ID (spelling), so while you get the impression it is a genuine email, the reality is different.
  • If something doesn’t add up, or if it doesn’t feel like the message was in fact written by the person you know, either ignore or call and verify if they did indeed send it to you.
  • Install firewalls that have the capability to identify and block dangerous sites, so you will be alerted of possible security threats and inadvertent clicks won’t take you to dubious clone sites
  • Make sure your antivirus software is up-to-date

From a business perspective, discuss a strong cybersecurity plan of action with an MSP. This includes investing in the right anti-malware tools, ensuring all your software programs are updated, and updating security patches released by your software vendors as soon as they are available. Educate your staff on common cybercrime tactics so they don’t accidentally expose your IT network to cybercriminals.

Your employee’ social media account was hacked. How does it affect you?

Did you know that social media accounts are one of the favorite targets for cybercriminals? You may think cybercriminals would prefer to hack online banking accounts or shopping accounts, but that doesn’t seem to be the case. Here’s why. Social media accounts hold A LOT of personal information including name, email ID, date of birth, place of birth, place of work (your business!) high school attended, names of family, friends and pets, anniversaries, and more…which means, they are basically gold mines of Personally Identifiable Data (PII). Plus, if you play games and have your credit card details saved, there’s more information and better the chances for the cybercriminal to commit fraud. All of this data can then be used to hack into other accounts of the user, including financials. So, hacking into someone’s social media account can help cybercriminals gain entry into other, more ‘useful’ and secure accounts.

But, how does it matter to you, as a business? If your employee’s personal social media account is hacked, it shouldn’t affect you, as a company, right? Wrong…here’s how it can affect you.

  • If the employee whose social media account is hacked is the administrator of your company’s official social media handles, you are in big trouble as hackers will gain access to your company account and consequently to customer information, because you may be having clients who follow your business account on social media. The whole situation can result in a lot of damage to your business and brand reputation and also result in penalties and possible lawsuits.
  • Even if your employee doesn’t handle your company’s social handles, the hackers may have enough of their PII to try and pry open a small entryway into your IT network.

You can avoid such mishaps by

  • Training your staff on social media and cybersecurity best practices including advanced privacy and permission settings for social media accounts
  • Ensuring your employees are able to identify and steer clear of phishing and social media frauds
  • Helping your employees understand the importance of practicing good password hygiene across all their online accounts–social, work or personal.
  • Ensuring they realize that their Facebook or LinkedIn account is not ‘just another online socializing platform’, but an actual gold mine of information and only those who they really trust should be able to access them.
  • Sharing regular Day Zero Alerts and relevant news articles with your staff that keeps them updated on the latest modus operandi and happenings related to cybercrime

Your managed IT services provider will be able to help you in organizing and conducting these kinds of training and awareness sessions at regular intervals for your staff.

Are your data security measures strong enough?

Let me start this blog by asking you a question. How did your business respond to the security threats brought on by the COVID-19 pandemic? The reason we are discussing this is because a recent survey conducted by Password Keeper and Ponemon Institute revealed that during the 2020 Coronavirus pandemic, the effectiveness of organizations’ IT posture in terms of cybersecurity dipped by almost 30%.

One of the main reasons for the compromise in IT security was the hurried transition of so many businesses to the remote work model. Working from home often meant the staff were using their personal computers to access work data, sometimes, even on shared WiFi networks without the latest software updates, security patches and firewalls–all invitations to cybercriminals. But, the research also pointed out that almost 50% of the respondents were also concerned about the physical safety of their data. When employees work from home, business data is stored on their personal devices. This includes personal laptops, desktops, thumb drives, external hard disks and sometimes, even smartphones and tablets. Ensuring the data stored in such a manner is not lost, stolen or inadvertently made public is a huge challenge. The cloud can help resolve this challenge to some extent. By migrating your data to the cloud you get a range of benefits such as

  • It is easily accessible-from anywhere, anytime using an internet enabled tablet, computer or even a smartphone
  • The cloud service provider offers multiple layers of security to keep your data safe from prying eyes
  • There is no chance of losing data due to misplaced thumb drives or computer hard disk crashes

An MSP offering cloud services will be able to assist you in making the transition from physical data storage to the cloud smoothly. They can also address cybersecurity concerns and offer solutions. However, migrating to the cloud alone is not the solution to all data security issues. You will still need to train your staff on how to identify and avoid malware attacks, phishing scams and to practice basic password hygiene and data security best practices.

WFH is here to stay. Are you ready?

The year 2020 was nothing like what we had seen before. At a certain point in time, it felt like the world would come to a standstill. With lockdowns and travel restrictions imposed across the world, businesses were pushed into a ‘new normal’. One of the things that was a part of the ‘new normal’, was working from home. This WFH set up brought along with it multiple challenges, especially to those organizations which weren’t into this model already. Accessing critical work information, carrying out meetings on Zoom, attending conferences remotely and even setting up trade show booths online, were all new concepts. While the pandemic may be temporary, one thing is certain–the remote work culture is not.

WFH existed even before the Coronavirus pandemic. There were a sizable number of companies–primarily in the IT industry that routinely hired remote workforce. Freelancers operated remotely too for the most part. However, the pandemic forced every company that can operate remotely to adopt the WFH model. While the initial switch was cumbersome, challenging and even frustrating, the benefits offered by the WFH model can’t be discounted.

Here’s how it benefited employees:

  • Helped save time and money that would otherwise be spent on commuting from home to work
  • Offered greater flexibility, as working from home let employees choose their working hours, at least in some cases
  • They needed fewer days off as things like staying home and caring for a sick child/spouse or an elderly parent didn’t mean having to take a day off work anymore
  • With lesser workplace oriented distractions, they were able to accomplish more in lesser time, which means they had more personal time and a better work-life balance

From the organizational perspective, work from home:

  • Meant more productive, focused, energetic employees with workplace distractions and long commutes eliminated
  • Resulted in lesser absenteeism as employees had flexible work schedules and could be home when their presence was needed, without having to take a day off
  • Helped them save on costs related to maintenance, utilities and employee recreation that they would be otherwise incurring
  • Can help companies save on huge rental expenses by trading larger office spaces for smaller/shared workspaces and conference rooms

So, there’s no doubt that the trend of WFH will continue well beyond this pandemic and become a norm in daily lives. It seems to be creating a win-win situation for both, the employees and the organizations they work for. However, for WFH to function smoothly, you need to have a solid IT infrastructure ensures the transition from the traditional office setup to the WFH model is smooth and the integration between the various elements involved in the new WFH environment is seamless.

Are you ready to switch to the WFH mode? It’s time to get in touch with a managed IT service provider who can help you make this move.

Data security in the ‘Work-from-home’ environment

2020 threw a lot of challenges at the world. One of them, from the business perspective, that overshadowed the others was cybersecurity. How to ensure data safety and security in an environment where businesses can’t really control what employees do even during work hours? With the world almost a year into the pandemic, new best practices emerged that will be in use not just during the pandemic, but probably also in the future, post-pandemic era. Because the trend of working from home now seems to be here to stay. This blog will discuss some best practices for data security that can be deployed when working remotely.

  • If you can provide your employees with a computer that they will solely access for work, then that solves the majority of the issues. When employees use their own devices for accessing work data, the risk of a security breach is higher as businesses don’t have any control over staff’s personal devices. Your employee’s computer may have security loopholes such as pending updates and security patches or unauthorized software programs. If, instead, it is a company device, you can install control mechanisms that limit what your employees can do with the device. You can impose firewall restrictions, make it a part of your intranet and also monitor employee activities freely.
  • If you are allowing employees to use their personal devices for work purposes, you can encourage them to keep their device safe by alerting them about software updates, security patches and offering to install the latest version of antimalware software for their devices. This is a win-win situation for you and your employees, as you get to keep your data safe, while they get to keep their device and personal data secure.

In either case, you need to educate your employees on the basics of data security. These include password hygiene, identifying phishing attempts, attachment hygiene, etc.

Don’t forget the cloud! The cloud can help you keep your data safe and secure even in the remote working environment by adding layers of data security and eliminating storage of data on local hard drives and removable storage devices. Contact a cloud service provider today to learn more!

How the cloud is a solid survival tool for your business during a crisis

One thing the Coronavirus pandemic taught businesses is the fact that it is important to move with the times and adopt and adapt to the latest technology. While you don’t have to be the first one in the market to invest in the newest technology, once its effectiveness and usefulness is proven, it does make sense to switch to it. Here’s how the cloud allowed businesses to overcome the challenges posed by having to suddenly switch to the remote operations model.

Challenge-1: Access to critical data and applications

This could have been easily resolved by migrating to the cloud. The cloud offers unparalleled connectivity to your data—from anywhere and at any time, with any internet-enabled device.

Challenge-2: Data safety, cybersecurity concerns

The cloud provides solutions to data safety and cybersecurity challenges as well, as data stored in the cloud is naturally much safer and difficult to break into than data stored on your employee’s home computer. The cloud offers multiple layers of security, including some from your cloud service provider.

Challenge-3: Data loss

With the cloud, businesses wouldn’t have to worry about losing data, as it wouldn’t be stored on their employee’s personal computer, but at a centralized location in the cloud.

Challenge-4: Hardware issues

The cloud rendered any hardware issues non-existent, as the employee’s personal devices were just gateways to access their work stored in the Cloud. They needed devices that met the basic specifications, and the rest of the work was happening online, without additional load on personal devices.

Challenge-5: Phones

Businesses that had adopted the VoIP (Voice Over Internet Protocol) were able to overcome this challenge easily. VoIP allows you to communicate by sending voice as data packets using the internet. The VoIP system is primarily software-based and can be accessed from anywhere, using an application that your VoIP provider offers. (Physical instruments are optional). This meant, companies with VoIP systems could keep their office phone numbers responsive even when their staff were working from home.

While these technologies can help a great deal to maintain business continuity, you will need the assistance of a reputable MSP to deploy them and also to ensure they are functioning as they are supposed to. Plus, there are always other security concerns that crop up in a remote working environment when you can’t monitor your staff’s IT activities. Your MSP will be able to offer solutions and control mechanisms that can help put those concerns to rest.

Tech agility: A must-have for crisis survival

It is a known fact that survival of any species depends on its ability to adapt to change. One major change for businesses in 2020 was the need to switch to the work-from-home model to keep things running during the time of pandemic. When countries all over the world started imposing lockdown restrictions, companies had no choice but to switch to remote operations if their line of business allowed them to do so. This blog post discusses the key challenges faced by businesses that had failed to adopt the latest technology on time.

Access to critical data and applications

For businesses that didn’t store their key data and applications in the cloud, this was a huge challenge. How do you ensure each of your employees have access to all the business data, programs and apps they need to operate efficiently? Companies that had already adopted the cloud as their core data storage means they didn’t face this challenge: everything was cloud-based and accessible from anywhere, using any internet enabled device (laptops/PCs/tablets/smartphones, etc., )

Cybersecurity concerns

With employees working from home, businesses’ fears of cybersecurity incidents were increased. Cybercriminals, on the other hand, knew full well all the security lacunae that existed in a hurried remote working environment setup and exploited them to the fullest. Industry reports showed that the initial few months of the pandemic saw an increase in cybercrime and related attacks on businesses.

Data loss

For businesses that didn’t operate in the cloud, data loss was another angle to look into. How do you ensure data backup and recovery when your staff is using their personal devices for work? Also, how to ensure they are taking all the precautions necessary to keep the data they are storing on their devices, safe?

Hardware issues

Some businesses provided their employees with work devices at home. For example, employees in some companies were allowed to take their office computers home for work use. But, that still didn’t solve the backup and recovery or cybersecurity challenges entirely, because the management still lacked ways to maintain control over the devices.

Phones

With employees working from home, it was a challenge for many businesses to manage their phone numbers–especially for client facing employees. Businesses with VoIP phone systems could make this transition easily, whereas those still relying on the traditional phone setup had to resort to cell phones and couldn’t use their business numbers for a while.

Key lesson: Move with the times, adopt new technologies, adapt to newer ways of working

What the COVID-19 crisis taught us about the cloud and business continuity

The COVID-19 pandemic has changed life as we know it, in many ways. While its impact on our day-to-day lives has been huge, the impact has been even more severe from a business perspective. The social distancing norms, staggered operating hours so as to limit crowds, the masks, shields, barriers, and what-not! From the business continuity perspective, companies have had to adapt themselves to the new normal very quickly.

During this global crisis, one technology that truly came to the rescue of business big and small was the cloud. The cloud made it possible for businesses to keep their operations running even with staff working remotely. With all critical data stored online, all that was needed was a compatible device with an internet connection and it was business as usual…well, almost.

Here are some core business challenges that were resolved due to the cloud.

  • Access to core business data and software programs that were needed for smoothd day-to-day operations
  • Data security concerns, though not entirely non-existent due to the use of personal devices, were largely taken care of, thanks to multiple layers of security offered by the cloud service providers
  • There were no “hardware hassles”…companies that were already on the cloud didn’t have to worry about the logistics of providing office computers to their employees working from home. With all the data stored online, they could use their home computers or tablets to get the work done.

Earlier what was perceived as an advantage for employees (the permission to work from home) was now mandatory for survival of the business. Even businesses that allowed employees to operate from home before the pandemic had a tough time migrating their entire setup to the work-from-home model.

What’s your argument against an SLA with an MSP? (And why it doesn’t hold water) Part-2

In our last blog post, we discussed 3 reasons SMBs usually cite for not signing a service level agreement with an MSP. In this blog post, we suggest how an SLA with an MSP will add value to your business, irrespective of your business size, budget and the presence of an in-house IT team.

Reason#1: Our IT requirements are limited

IT is not a one-time thing where you can follow a set-it-and-forget-it approach. Want this to run smoothly? IT needs regular maintenance– a service level agreement with an MSP is the answer. Regular data backups, timely security patch application, software updates, etc, are all important and won’t happen unless you have a dedicated resource working on them. Plus, there’s the issue of network latency. Services like periodic network monitoring offered by MSPs ensure that any latency issues are identified and taken care of before they result in a major system failure.

Reason#2: We are tight on budget

Agreed that SMBs may not have the kind of revenue inflow as expected in large organizations, but that’s no reason to skimp on your IT requirements. Skimping on IT needs and diverting the funds elsewhere may sound tempting, especially when your IT infrastructure is running great, but this can cost you a lot more in the event something goes wrong. Let’s take a look at a malware attack scenario, for example. If you don’t have an SLA in place, you are most likely to reach out to an IT expert or MSP on a transactional basis. It will not only result in a sky-high bill, but also, there’s no guarantee that you will be immediately attended to: customers with SLAs get preference over transactional ones in the event of an emergency. Plus, every minute your IT infrastructure is down, you are losing potential revenue–through online or even offline sales. In the event of a data leak or a compromise in customer/vendor data due to the malware attack, you are liable for penalties and may be even sued by your clients. So, saving a few bucks here and there by cutting back on IT expenses can prove much more expensive later.

Reason#3: We have our in-house IT person/team

So, you have in-house IT personnel? Great! But there are ways in which an SLA with a managed service provider can still add value to you. This kind of setup is called the co-managed IT model. By bringing an MSP onboard when you have an in-house IT team, you B

  • Benefit from their expertise and enrich your in-house IT team’s knowledge
  • Enjoy flexibility in terms of meeting your IT needs as you can scale your IT up or down based on your business needs
  • Reduce payroll expenses incurred as result of hiring new IT staff in-house
  • Help your in-house IT team focus on more important tasks by outsourcing the mundane IT processes to the MSP
  • Get an extra hand to assist your in-house IT personnel in the event of a major IT issue
  • Have 24/7 IT support, something that may not be viable with a small in-house IT team

Having a service level agreement with a managed service provider adds value to businesses under all circumstances, and should be considered an essential, not an option.

What’s your argument against an SLA with an MSP? (And why it doesn’t hold water) Part-1

Managed IT services are becoming more popular by the day. Businesses, big and small, are bringing managed service providers onboard to handle their IT requirements. The bigger IT players like IBM, Accenture, CISCO act as MSPs to larger organizations, while the typical managed service provider is often hired by SMBs. However, there’s a question that crops up time and again–Do SMBs really need an MSP? SMBs are sometimes in two minds when it comes to bringing an MSP on board and typically use one of the following justifications.

Our IT requirements are limited

A lot of businesses in the small to mid-size range believe that their IT needs don’t warrant a full-time service level agreement with an MSP. They believe the only times they need to invest in IT is at the start of their business or when rolling out new technology. As a result, they don’t see much value in signing a service level agreement with an MSP.

We are tight on budget

SMBs also tend to cut on the IT budget and invest those funds elsewhere–generally in areas where they see tangible results, such as hiring new customer-facing staff or a new advertising campaign. So, when SMBs find themselves a little tight on the budget, the IT department sees the cut.

We have our in-house IT person/team

Businesses with an in-house IT expert or even a small in-house IT team feel that is sufficient for handling any IT needs and an SLA is just an added expenditure.

So, did your reason make it to the list? Stay tuned for our next blog post, where we will discuss how an SLA with a managed service provider can add value to your business.