Technology is a benefit that’s wonderful and infuriating at the same time. The more dependent we become on it, the more we are negatively affected when it fails us. Unfortunately, that problem isn’t going anyway any time soon. The only way to resolve it is to minimize the potential for system disruption.

So, how can you best go about that? According to a 2009 study performed by research firm IDC, “Well-targeted upgrades, couple with a rigorous program to standardize and improve IT practices, can deliver substantial risk reduction and could reduce total annual outage risk by as much as 85%, in some cases, with downtime reduced from an average of over 2 hours per month to less than 45 minutes.”

If you’re an IT executive or IT-engaged business owner, you likely already know this. You also know how hard it is to manage your system upgrades and patches while trying to implement sound, standardized IT practices among company personnel.

In fact, if you’re an IT professional working for an SMB, you’re probably already spending more than 50% of your time on tedious, painstaking maintenance tasks, and still not getting to them all. (A 2010 study, “The State of IT Systems Management,” indicates that 67% of IT pros spend 50-74% of their time on maintenance.) You probably don’t have time to teach anyone, anything.

You may also be aware that there are great managed service providers that can give you end-to-end system management 24/7/365. These providers use automation tools to deeply scan your systems continuously, providing a level of detailed inspection that would cost a fortune if a person tried to do it (assuming it was even possible).

The best of these providers have a “command center” that lets them act on any signs of trouble immediately, no matter when it occurs. They also handle all your patches and updates, and in general keep everything running smoothly. (Hint: we’re one of them.) If you’ve never heard of these types of solutions, I’d be happy to tell you more—just give me a call.

If you’re aware of them, but budgetary restrictions or management resistance prevent you from exploring them, here’s a bit of ammunition: The IDC study mentioned earlier found that SMBs lose as much as $70,000 in business value (sales, productivity, customer service and other tangibles), per hour of downtime. In nearly every scenario, turning system monitoring and maintenance over to a third-party vendor will save you more than it costs.

With 2012 an increasingly distant memory, have you considered how your IT systems fared last year? Are you implementing any big changes in 2013? If you are an upper-level IT executive, statistics show that this year, you are probably redirecting responsibility from internal staffers to third-party resources. Whether you are an IT exec or a business owner, if you don’t have such a plan, let me provide some insight into this trend and explain why this strategy makes sense.

According to a survey of CIOs (chief information officers) and other top IT execs by the Society for Information Management (SIM), internal staff consumed 33% of firms’ IT budgets in 2012, down from 38% in 2011 and 43% in 2010. In 2012, outsourcing accounted for 17% of those budgets. In 2013, survey participants expect outsourcing to jump to 23% of the IT budget.

This outlook reflects a reality that’s increasingly becoming an imperative for many companies. The cost of adding IT professionals to the payroll outweighs the expense of outsourcing IT responsibilities to third-party managed service providers. This is true, not only for management tasks such as IT systems maintenance and monitoring (more about that in a later article), but for project-based staffing, as well.

For small and medium-sized businesses (SMBs), it’s too expensive to have a full complement of tech staffers that can effectively cover every aspect of a firm’s IT systems and infrastructure. And, with IT evolving at lightning speed, it’s impossible for even the most talented IT pros to stay abreast of every breaking development. As a result, when SMBs embark on highly specialized projects, either the minimal in-house staff must ramp up quickly (with unpredictable results), or outside help must be brought in.

With on-demand IT staffing, firms can procure highly targeted expertise in small increments, ensuring all their projects are executed by someone who is competent in that particular IT discipline. These specialists provide the technical foundation to ensure project success and prevent budgets from scaling out of control. As a bonus, third-party, on-demand IT assistance is a ready resource that doesn’t ask for insurance and never calls in sick during crunch times.

Well-rounded IT service firms such as DynaSis offer this type of on-demand staffing, whether a company needs network engineers to design an expansion or a high-level planning expert to assist with a strategic infrastructure roadmap. Top IT execs are increasingly awarding a large percentage of their projects to outsourced experts. To learn how you can join them, give me a call.

by Dave Moorman

In January 2013, Internet security firm Kaspersky proclaimed that in 2012, spam hit a five-year low. Specifically, the report stated, “This continual and considerable decrease in spam volumes is unprecedented.”

However, before you and your employees dance in the streets at the thought of less spam, consider this: Kaspersky attributed the reduction, not to a lessening of spam messages, but rather to the success of spam-fighting technologies. In other words, spammers are still plying their nefarious trade, but they are less successful getting through.

Of even greater concern, cybercriminals (with whom spam is now a favorite target) are becoming increasingly malicious and inventive. Kaspersky described the range of subjects used in malicious emails as “impressive.” At DynaSis, we think “alarming” is a better description. For many years, malicious attackers have used tricks such as faked notifications and messages from a variety of legitimate (and fictional) sources such as credit card companies, financial and government organizations, and other trusted entities.

In 2012, criminals expanded their repertoire to include fake messages from airlines, coupon services, travel reservation firms and other leisure-industry firms. Some of these messages look like innocuous reservation confirmations and other routine communications. Others offer too-good-to-be-true “deals.” (Yes, the lure of saving big money continues to take down a lot of folks.)

Like other dangerous spam, these fake emails usually contain malicious attachments or links to malicious sites. Clicking them can do anything from installing a zombie bot that takes over your network to launching a worm that eats your data. And, because it happens inside your defense shields, it may go undetected.

For this reason, it continues to be utterly vital for SMBs to incorporate best-practices IT security management, including strong spam protection, into their overall IT strategy. If you are not absolutely certain your IT infrastructure is a veritable fortress and your email is effectively protected from spam, contact DynaSis for a no-strings-attached consultation.

Don’t count on your employees being savvy enough to outsmart malicious spammers. If they can trick the top management of Fortune 100 firms and global governments, they can dupe anyone.

by Dave Moorman

In the 1990s, terms such as telecommuting and teleworking became popular descriptions for the pursuit of work outside the office—with the help of technology. (Telecommuting usually referred to work at home; telework sometimes referred to work at a satellite office.)  Today, those terms are being replaced by newer catchphrases like workshifting and the remote [or mobile] workplace.

In reality, all these terms describe essentially the same activity—getting work accomplished anywhere that is not your main place of business. However, the way employees view these activities—and their popularity—varies widely. In a future post, I’ll talk about more about the benefits of other remote workplace solutions. Today, I’d like to share the benefits to SMBs in supporting telecommuting (using the definition of staffers working from home).

According to a study of 67,000 workers, published in June 2012 in the Department of Labor’s Monthly Labor Review, approximately 30% of surveyed workers perform some form of telecommuting (full or part time). That’s approximately the same as in the 1980s.

What’s changed to the benefit of their employees is the amount of extra time they put in at home. In complete opposition to the notion that telecommuters goof off more, the study indicated that those who perform any work at home tend to work five to seven hours more per week than if they weren’t telecommuters. Furthermore, 71% of the telecommuters were managerial or professional employees, who generally aren’t paid overtime.

Here’s some more good news. Despite the extra hours they have to put in, employees want to be able to work from home. In WIRED magazine’s recent reader survey, 62% said the ability to work remotely was important—and their favorite environment, by far (84%) was home. The survey also found that nearly 50% of workers felt more productive and less stressed working remotely.

So, not only are your employees going to work more hours when you let them telecommute at least some of the time, half of them will get more work done than at the office. That’s a powerful incentive to expand your remote working program.

Here’s the kicker: Even if you allow telecommuting, you have to provide the right environment for all these great numbers to fall into place. In the WIRED survey, 45% of respondents said they were encumbered by unmet needs outside the office. The number one complaint (82%) was lack of a high-speed Internet connection to access corporate resources.

DynaSis can’t help you persuade the territorial manager hesitant to give up direct control of his staffers (a leading impediment to the practice, per sources cited in the DoL report). We can help you transition to a cloud-based mobile productivity solution that always gives your workers high-speed, remote access to corporate resources, wherever they are. Give me a call soon and let’s discuss how you can extract the latent productivity in telecommuting.

by Dave Moorman

In the IT security world, service firms toss around terms such as Vulnerability Assessment and Penetration Testing as if everyone knows what they mean. This may leave you wondering, “What do these two processes do, and are they both important or do they cover the same ground, twice?”

Vulnerability Assessment (also called Vulnerability Analysis) is the process of identifying weak points on a network where a cyber-attacker could potentially gain access or otherwise do harm. Vulnerabilities can be anything from open ports (the “doors” that let data flow between devices on a network and the Internet) to open, rogue access points (unsecured, unauthorized Internet connection points). During a Vulnerability Assessment, specialized software scans and analyzes network traffic, connected devices and other elements of the network to identify flaws that increase vulnerability to attacks.

Penetration Testing, on the other hand, focuses on gaining unauthorized access to the system and its resources by simulating an actual attack on the network and/or its devices. Although Penetration Testing can reveal vulnerabilities, its goal is to determine what an attacker could do once he found the system’s flaws. Furthermore, Penetration Testing is often used as a way of validating whether or not implemented security improvements are working or holes can still be exploited.

The two processes work together in much the same way that a home security expert might examine your house for windows that are easy to open (Vulnerability Assessment) and then determine how difficult it would be to bypass your alarm system, open the windows and get inside to steal your jewelry (Penetration Testing).

In other words, Vulnerability Assessments tell you what within the network needs securing; Penetration Assessments confirm whether or not the network is actually secure. Both processes can play a role repeatedly throughout the lifecycle of an IT framework as new devices are added, network configurations change and other adjustments are made.

Most importantly, these two processes are part of an enduring IT security management effort designed to secure your system, its resources and its assets against intrusion, theft and exploitation. With companies from global conglomerate Sony to the smallest Mom and Pop shops falling victim to cyber-attacks, IT security is something no business owner should overlook. To learn more about security management and the role these two processes play, give us a call.

By Dave Moorman

If you read my blog last week, you know that service-provider hosted cloud environments of all types are more secure than on-premise (in-house) owned and managed infrastructure in nearly every instance. What you may have missed in that blog is that the survey didn’t evaluate on-premise IT environments where a service provider manages its customers’ security needs.

If a cloud-hosted environment isn’t right for you (for any reason) you can significantly mitigate your risk of successful attack or intrusion by using managed security services. For small to medium-sized businesses—especially those with distributed locations where confidential information is being shared across the Internet—the complex, specialized, and rapidly evolving nature of IT security (not to mention the growing focus on regulatory compliance) make it nearly imperative for most SMBs to have some type of managed security solution in place.

“So,” you may be asking, “what does this mean?” Managed security services encompass a wide array of assistance that helps a firm secure the intellectual and business assets that could potentially be acquired by unauthorized individuals (inside or out). Although some firms have created “one-size-fits-most” packages, the best companies will work with their customers to develop a systematic approach to managing the organization’s security needs.

Functions of a managed security service (some of which may already be present in a managed IT services solution, if you have one), may include:

1. Penetration and vulnerability assessments, testing and audits
2. Round-the-clock monitoring and management of intrusion detection systems and firewalls
3. Monitoring and interpretation of important system events such as unauthorized and malicious behavior and other anomalies
4. Proactive trend analysis
5. Patch management and upgrades
6. Security policy monitoring and change management
7. Content filtering for email and other traffic
8. Emergency response, mitigation and recovery

Although organizations are, in the end, legally responsible for defending their networks against security and business risks, offloading the security functions to a service provider lets management focus on core business activities. Using managed security services also makes it easier to certify compliance with the regulatory and privacy requirements that are affecting an increasing number of industries.

by Dave Moorman

Cloud computing, as you may have heard, is an environment where a company’s data, programs and other IT assets are hosted off-site on either shared or private servers and then delivered on demand through high-speed Internet connections. This not only can reduce costs but also can enable remote productivity by giving employees access to corporate resources from home or on the road.

One objection I hear to cloud computing is security. The media has done a great job in recent years of promoting the concept that cloud computing environments aren’t secure.

Since “the cloud” is an aggregate term used to describe solutions where data, programs, and/or infrastructure are stored remotely and run over the Internet, it is certainly possible for a cloud computing solution to have security flaws.
However, “cloud” computing environments running from best-practices data centers (like the ones DynaSis operates), are remarkably secure.

The relative safety of the cloud was borne out in a report released recently by security provider Alert Logic. The company surveyed 1600 firms and compared the number of incidents reported for on-premise (in-house) installed and managed hardware environments versus service-provider solutions including virtual, managed and dedicated environments (more about these three options in a future article).

In five out of seven vulnerability categories, companies with in-house installed and managed hardware reported a higher percentage of incidents than companies using cloud service providers, sometimes by a dramatic margin. More importantly, because service providers manage environments for multiple customers, the number of incidents per impacted customer was lower in every category for service providers than for on-premise installations.

Here are a few highlights:

1. App attacks (attacks by a malicious application executing code on the system): These were experienced by 18% of on-premise installations, but only 1% of service-provider environments.
2. Malware/botnet attacks: On-premise customers, on average, experienced 29 of these incidents; compared with 6 for service-provider customers.
3. Brute force attacks (a computerized effort to decrypt data such as passwords by trying random combinations) occurred at a rate of 72 incidents per on-premise customer versus 46 for service-provider customers.

Our prospective customers sometimes express concern about “losing control” of their IT assets by moving to cloud computing or even allowing us to manage their on-premise IT infrastructure. It’s a fact that more criminals are targeting smaller firms (perhaps because they are perceived as being more vulnerable). If you become the target of a cyber-criminal, you’re already in a position to lose control of your assets. Isn’t it better to give your firm the least exposure possible?

by Dave Moorman

Corporate mobility has been in the headlines so much over the past few years that you might assume its potential has peaked. Nothing could be further from the truth. Every day, application developers debut new products that businesses can implement to fuel the mobile productivity of their workers. For SMBs, the proliferation of BYOD (bring your own device) policies is making it easier—and more affordable—than ever to bring mobile devices into the workplace.

Of course, BYOD comes with risks, but that’s a topic I’ll cover in depth in a different article. Today is all about how you can maximize these devices to propel your business success.

Email: As I mentioned in an earlier blog, numerous surveys report that employees frequently check corporate email during off hours. The amount of benefit your business gains from this is staggering: a study by Good Technology, as reported in August 2012 by CNBC, indicates that after-hours email checking and other “work from home” adds up to a month and a half of overtime, per year.

However, that same article cautions that companies should enable, not expect, their employees to spend time on work issues and email after hours. The key is to strike a balance between employee satisfaction and accomplishment—that’s where the greatest productivity occurs.

Expand Your Boundaries: There are so many helpful business apps available for smartphones (many of them free) that you’re doing yourself a disservice not to explore them. For example, Bump lets two individuals with the app installed exchange business card data, photos, and other information simply by bumping their phones together. And, Bump is cloud-based, not Bluetooth-reliant, with a “smart” protocol that ensures it sends your information only to the phone you actually bumped.

These are just two of the many, many great ideas SMBs can adopt to increase their employees’ mobile productivity. There is a world of opportunities available to you (I’ll share more ideas in future articles.)  If you find yourself uncertain which ones to adopt (or how to make them safe), we’ll be happy to help you develop a roadmap that’s both dynamic and safe.

by Dave Moorman

Infrastructure as a service (IaaS) is one of the most efficient IT cost-control mechanisms ever invented. As a bonus, it also eliminates the cost and hassle of equipment maintenance and reduces downtime dramatically.

So, how can infrastructure (hardware) be a service, and how does it provide these great benefits? IaaS, companies pay an IT provider a flat monthly fee for providing, installing and maintaining their IT infrastructure, such as servers, storage appliances and backup devices. There are no hidden fees or unpleasant surprises—the provider takes care of everything.

And, since the provider (and not the customer) owns the equipment, it has a vested interest in making sure everything stays in top-notch condition. When equipment nears the end of its life, the provider replaces it. Most also offer upgrade plans that enable customers to move to faster, more powerful equipment on a scheduled timeframe.

This solution is truly a win-win for the customer, and it amazes me that more firms aren’t taking advantage of it. Its benefits speak for themselves:

• Gain access to an immediate hardware upgrade without new capital outlay.
• Avoid the expense and hassle of selecting and purchasing IT hardware in the future.
• Transition hardware costs from a CapEx to an OpEx, eliminating the need for depreciation schedules and allowing full expensing each year. (This benefit may become especially valuable if the expanded Section 179 deduction is not renewed this year.)
• Work with an IT expert whose best interest is served by maintaining the hardware and ensuring it doesn’t fail.
• Implement business plans with confidence, knowing that appropriate hardware replacement cycles are built into the program.

The one caveat about IaaS is that you must be confident your new IT partner adheres to the highest standards of service to avoid an excessively long and painful transition to the new system as well as workflow disruption during routine maintenance.

If you would like to learn more about how these programs work and can be customized to your needs, give me a call. I’d be happy to help you navigate your way to embarking on a truly revolutionary approach to IT.

Alpharetta, Georgia – DynaSis, Atlanta’s premier provider of IT services and support for small and medium businesses (SMBs), today announced a partnership with Veeam, a leading provider of disaster recovery services for small and medium-sized businesses (SMBs). Partnering with Veeam gives DynaSis yet another best-practices disaster recovery option for its clients. For customers that prefer to retain a traditional, physical backup solution, DynaSis will continue to offer robust disaster recovery support.

“Current best practices for backup and recovery recommend virtual imaging to cloud-based data centers, and we believe that trend will only escalate as more companies recognize the security and convenience enabled by cloud solutions,” said DynaSis President Dave Moorman. “DynaSis has always ridden on the leading edge of technology, and this partnership with Veeam keeps us in that position.”

With the Veeam solution, DynaSis customers’ data and servers will be replicated from their virtual servers to DynaSis offsite data centers, eliminating the need for onsite backup appliances or servers. Customers will enjoy instant file-level recovery, application-item recovery and virtual server recovery plus deep support for VMware and Hyper-V virtualization environments. Veeam’s software-agent-free solutions are optimized for virtual environments, making them more cost effective and efficient than physical (hardware-based) backup solutions.

“DynaSis has built its reputation on anticipating customer needs rather than responding to them after the fact, said Moorman. “Adding Veeam to our line-up of disaster recovery solutions gives customers a full palette of options to meet their current and future requirements.”