By the DynaSis Team

Although the majority of business owners (87% per one survey) have adopted cloud computing in some form, that doesn’t mean they understand it fully. Every day, we hear from business owners who want to explore the cloud further but are not familiar with the various aspects of cloud computing. What’s Software as a Service, and how does it differ from Infrastructure as a Service? What is the difference between a public cloud and a private one? What are the criteria for selecting a provider?

To help business owners familiarize themselves with these important issues—and to help them choose the right cloud provider—we developed a white paper, Big Cloud Little Cloud, that is available on our website. To pique your interest in learning more, this article will explain the various cloud services—one of the most confusing aspects of cloud computing for many business owners.

The Cloud as a Service

Unless an organization runs its own data center, all cloud “products” are actually services. The company licenses one or more cloud-based elements hosted in data centers run by IT solutions firms and made accessible (served) to the company. The three main categories of cloud service are Infrastructure as a Service (IaaS), Platform as a Service (PaaS) and Software as a Service (SaaS). There are other “services” that are often add-ons for companies deploying IaaS, PaaS or SaaS.  These are Desktop as a Service (DaaS), Disaster Recovery as a Service (DRaaS) and Backup as a Service (BaaS).

Software as a Service: With SaaS, software vendors host their applications on cloud servers and provide access to organizations and their personnel on a subscription basis (usually billed per user or per “seat”). The hosting company handles all licensing, upgrades, IT support and other aspects of the solution. Office 365, Salesforce, and Gmail are all examples of SaaS.

Infrastructure as a Service: IaaS is a hosted solution where a IT services vendor licenses server space in its data center. Organizations use IaaS to store and access corporate files in the cloud as well as to run applications, host websites and more. Some IaaS offerings include email, office productivity and other software, eliminating the need for firms to deploy and manage these solutions.

Platform as a Service (PaaS): PaaS is similar to IaaS, but it is more commonly used by organizations that develop, deploy and manage their own applications. PaaS solutions include hosted servers, operating systems, and other elements of a computing platform. In some scenarios, companies can also run third-party applications and store files and other assets on their PaaS resources, as well.

Desktop as a Service (DaaS): DaaS is often a front-end solution for an IaaS deployment. Personnel access cloud resources through a desktop portal that can be opened on any desktop, laptop or mobile device, eliminating the need for organizations to own and maintain desktop computers.

Disaster Recovery as a Service (DRaaS) and Backup as a Service (BaaS): Both DRaaS and BaaS provide hosted backup of an organization’s files, sometimes with selective (file by file) access. However, DRaaS generally creates complete system images that organizations can restore to recover their operations after a major outage. DRaaS solutions also may create backup images more frequently than do BaaS services, but this capability varies widely from one solution to the next.

As you can see, these solutions vary widely in their scope, and the specifics can be dramatically different from one provider to the next. As a result, we recommend organizations work with a qualified managed IT services firm, such as a managed services provider, to devise a plan. We go into detail about selection criteria in our cloud white paper. We hope you will find it helpful.

DynaSis is an Atlanta IT services and cloud computing provider for small and midsized businesses. All of our solutions focus on helping companies achieve the three fundamental IT necessities of the modern business—availability, security and mobility. We specialize in on-demand and on-premises managed IT services, managed cloud infrastructure, desktops and backups, and professional hardware and equipment installation. For more information about DynaSis’ IT support and services, visit www.dynasis.com.

By the DynaSis Team

With bad news about cybercrime appearing daily, many small and midsized business (SMB) owners may be wondering, “How vulnerable am I?” After all, most of the news accounts of data breaches and other attacks relate to major companies, governmental entities, and other very large targets.

Unfortunately, the reason SMBs aren’t making headlines is because they don’t make great news, not because they aren’t favored targets. A quick Internet search will turn up dozens of stories about the vulnerability of SMBs, as a group. In 2011, Symantec’s annual Internet Security Threat Report found that companies with fewer than 250 employees constituted 18 percent of targeted attacks. In the 2016 report, that figured had risen to 43 percent, with SMBs being the most heavily targeted group.

Why are SMBs so attractive? Major corporations have big security budgets, and they can afford to implement the latest techniques to protect their networks. Many have teams of security specialists whose primary tasks are to keep cybercriminals at bay. SMBs don’t have these types of resources, and hackers know that.

Nevertheless, the vulnerability of SMBs wouldn’t be enough, by itself, to make them targets. If hackers had to expend days, or even hours, finding and attacking a vulnerable SMB in exchange for a handful of proprietary information, they wouldn’t do it. Fortunately for the hackers, they don’t need to.

An entire ecosystem of cybercrime tools now exists, and many of them are freely available. Hackers have also learned they can turn groups of vulnerable systems into “botnets.” Here, multiple computing devices are interconnected and used to scan the Internet, looking for compromised websites to hijack, open corporate network connections to infiltrate, and other inadequately protected resources. Making matters worse, cybercriminals continue developing new attack tools and approaches, and even large organizations have a hard time keeping up.

For SMBs, becoming a victim at some point is a near certainty. In fact, most experts no longer counsel organizations that they can completely prevent a breach. Rather, the goal is to mitigate the damage when one happens.

Fortunately, it is neither expensive nor complicated to secure your firm and its resources and substantially reduce your odds of attack. It is also possible to implement automated mechanisms that will detect penetration and stop it, quickly. However, these tools are sophisticated and it is usually neither practical nor cost effective for in-house IT support teams to manage them.

For most SMBs, contracting with a managed services provider or an IT solutions firm is the most effective way of implementing and managing stringent IT security. However, not all IT consulting or IT support companies are created equal. Some are more security focused than others, with certified professionals and the latest technologies at their disposal.

To help organizations better understand cyber security and the considerations for hiring outside IT security assistance, DynaSis has developed two white papers: Cyber-Security 2016 and Managed IT Security. Both are complimentary downloads on our site. In future blogs, we will drill down into greater detail about cyber security, so stay tuned!

Selection of an IT outsourcing company is a very important business decision. For almost a quarter century, Atlanta’s small to mid-sized businesses have relied on DynaSis’ for managed IT services, internet security, and 24 x 7 x 365 helpdesk support. Today, with cybercrime becoming an ever-increasing threat, DynaSis has become an industry leader in network protection and ransomware prevention. Please take a tour through our website at www.DynaSis.com or speak with a technical expert at 678.218.1769.

The ROI of Outsourcing

By the DynaSis Team

If you are a small or midsized (SMB) business owner, how many times have you wondered, “Would it be less expensive to outsource a job rather than to retain staff in house?” For some functions, such as legal advice or trash collection, outsourcing is an obvious choice. For other roles, ranging from accounts receivable to marketing and beyond, the evaluation is more difficult.

A variety of “resource costing” tools, which SMB owners can use to calculate the hard costs of many functions, are available online (see one example, here). To arrive at a figure, most determine the time it takes an employee to perform relevant tasks and then multiply that number by the blended (pay plus benefits) rate for the job. Some include other factors that might be minimized or eliminated by using a professional (or an automated solution) to perform the work. These include the cost of space, supplies, and training, and even the cost of errors or other failures. Once the total cost is determined, SMB owners can compare it against the quote from a third-party provider to determine if there is any savings.

The problem with this approach is that it cannot account for benefits that are not quantifiable, nor can it project the gain or loss from things that do not happen. In our experience, nowhere are these intangibles more prevalent than with outsourced IT.

As a professional cloud and managed services provider, we sometimes hear from SMB decision makers that having in-house IT staff is less expensive than outsourcing IT services and IT support.

Invariably, the business leader is making his or her calculation based on hard costs, alone. They haven’t considered financial impacts that cannot be quantified or predicted. Consider these two examples:

• If a firm’s ecommerce website goes down at 2:00am and an employee doesn’t discover the problem and fix it until 9am the next morning, how much existing customer good will—or how many potential new customers—will the organization lose? Lost revenue can be calculated based on historical figures, but these other two factors are impossible to determine.
• If a sales pro wants to fine tune a proposal at 5am but the network is down and he cannot gain access to the corporate system before his 8am meeting, will the lack of last-minute polish impact the prospect’s opinion of the firm? Whether or not he lands the business, no one will ever know for sure.

With IT solutions, there are many such variables that firms should consider when determining the ROI of outsourcing. Following are just a few:

• Lost negotiating power from not proactively managing vendors.
• Added costs of hardware equipment failure for not planning staged upgrades.
• Reduced employee satisfaction and productivity caused by desktop computer problems.
• Lowered gross revenue (and productivity) from network outages.

Although highly competent, in-house IT professionals can minimize some of these issues, those workers  come at a high price. Furthermore, rarely can SMBs afford to keep their IT staffs fully updated on all certifications and training. As a result, most lack the know-how to deploy the automated monitoring and maintenance solutions proven to substantially reduce downtime compared to traditional IT approaches.

For some business functions, keeping the work in-house may be the most cost-effective approach. For many others, and especially for IT, outsourcing provides strategic business advantages that are beyond the reach of SMBs with in-house staffs. Increasingly, progressive SMB owners are recognizing the value of assigning critical functions to the experts.

For small to midsized business owners and executives who are concerned about managed IT support services and network threat protection, DynaSis is one company that has been at the forefront since 1992. In this ever evolving world of cybercrime, crypto virus and network access protection have become critical to every company’s security. DynaSis also provides 24 x 7 x 365 outsourced IT services, with its own trained staff for helpdesk, real-time monitoring and the DynaSis Business Cloud, for highly secure data storage and backup. You can find out more by calling us at 678.218.1769, or checking out our website at www.DynaSis.com.

[featured_image]

By the DynaSis Team

With all the news about the wonders of cloud computing, many small and midsized business (SMB) owners may wonder if they are making a mistake by not adopting cloud technology. Yet, they also have concerns, ranging from security issues to availability of offsite resources if Internet connections go down.

Depending on the SMB’s business model, location, and level of technological sophistication, these may be valid concerns. Yet, there is no doubt that cloud computing provides big benefits, and SMB adoption is accelerating. In a round-up of cloud computing “facts and figures,” Forbes noted that the cloud market for SMBs will double between 2015 and 2020, from 37 percent of U.S. SMBs to 78 percent.

The good news is that decision makers don’t need to choose between an off-site cloud and their current on-site systems. With a hybrid setup, they can have both—and they can selectively choose which resources to run in the off-site cloud. With this approach, often called a hybrid cloud, some data and other business assets remain hosted on company servers while others are run and accessed remotely.

The two sets of resources are tied together so that they run as a single, cloud-supported solution, with their on-site resources essentially serving as a “corporate” cloud. Yet each of the components can be configured differently to meet designated security, backup, and other requirements.

To determine if a hybrid cloud is the right approach, SMB owners must evaluate their current needs and future plans, as well as their ability to support on-premise systems. Such an evaluation is often difficult and time-consuming for business owners, who may benefit from the help of an objective, qualified outsider such as an IT solutions or IT consulting company.

If you are currently evaluating your resources for a new or expanded cloud deployment, consider these factors:

All Cloud Solution

• Most cloud-hosted services include updates, backups, monitoring and upgrades at no additional charge, reducing the need for IT staff.
• Cloud solutions generally have lower upfront costs, reduced hardware requirements and less overall maintenance than on-site equipment.
• Cloud-hosted products provide on-demand remote access to all authorized individuals with an Internet connection.
• Clouds are highly scalable (storage can be increased quickly and easily).

All On-Site Solution

• If the firm has a custom setup, such as a database resource that supports a customized application, on-site storage is likely the best solution.
• If the company operates under strict compliance requirements that require sensitive data to be hosted behind a local firewall, on-site may be the only option for those resources.
• If the organization runs software or services that interact with systems not connected to the Internet, the cloud may not work.
• If the company already has a large IT services department with professionals trained in varied roles, the cloud is less attractive.

Hybrid Solutions

If you like the benefits listed under All Cloud but some of the All On-Site criteria apply to your organization, a hybrid storage and delivery model could be the perfect option. With hybrid delivery, for example:

• You can store the majority of your assets securely in the cloud but meet compliance requirements with a secure on-site server.
• If you have a mix of out-of-the-box and customized applications, you can optimize delivery of the “standard” applications through the cloud but maintain your custom ones on-site.

A hybrid solution also allows you the flexibility to test a variety of cloud delivery and storage approaches to find the perfect mix for your firm.

Reputable managed services providers can help you evaluate and make these decisions and can also help you move resources to the cloud safely and securely. Some managed services companies offer ready-made hybrid solutions that include ongoing IT support.

Specializing in managed IT services and network security, Atlanta based DynaSis has been supporting small to midsized business for almost a quarter century. Among the services we provide are cloud computing through the DynaSis Business Cloud, 24 x 7 x 365 helpdesk support, and real-time monitoring enabling us to deal with “issues” before they become problems. For more information, please call DynaSis at 678.218.1769 or visit www.DynaSis.com.

[featured_image]

By the DynaSis Team

Despite mobility being one of the technology cornerstones for small and midsized businesses (SMBs), many organizations still are not making effective, long-term decisions for their firms. In May, we talked about the ongoing challenges of Bring Your Own Device (BYOD) to the workplace and the importance of having qualified IT support teams or managed IT services providers administer and manage this solution. However, numerous studies indicate that BYOD is not the only component of mobility where SMB owners and decision makers are having a hard time achieving optimal benefit.

Per data from research firm SMB Group, between 55 and 65 percent of SMB owners (depending on organizational size) agree or strongly agree that mobile solutions and services are “critical” to the business. Yet, the researchers also found that many SMB owners do not have a strategic perspective regarding mobile technologies. Following are a few examples:

• According to a Techaisle 2015 SMB Mobility Adoption and Trends survey: More than 80 percent of SMB employees require mobile access to company data, yet many owners remain overwhelmed by issues such as total cost of ownership (46 percent), compliance (44 percent) and integration with desktop, IT and communications infrastructure (37 percent).
• In an SMB Group survey of mobile application selection: For firms with 1 to 100 employees, “ease of use” and “low cost” are the top two criteria for adopting or allowing a mobile app in the workplace. Companies of 100 to 1000 selected ease of use and “integrates well with other applications” as the two top criteria. Neither selected such strategic drivers as “increases productivity and collaboration,” “ease of access and management” or “application security” as top application criteria.
• Per a study by RBC Capital Markets about mobile websites: 67 percent of SMBs do not have a mobile-optimized website, and similar studies show that even fewer use SMS or text messages to reach their partners or customers. The study noted that such low adoption rates could be hurting SMB sales—and even corporate reputation—given the uptake of mobile devices.

From these examples (and others), it’s apparent that SMBs lag behind larger competitors in the mobile arena. The development of the “mobile workplace” was supposed to help level the playing field for smaller companies. Yet, for organizational leaders who don’t have the time, expertise or sense of direction to take advantage of mobile opportunities, the reverse could be true.

What many SMBs need most is a cohesive mobile technology strategy, which is a key, not only to effective mobile adoption but also to mobile risk management. As with so many areas of the business, company leaders are often too wrapped up with daily operational issues to make time for strategic planning.

Having the assistance of an outside resource, such as a managed services provider or IT consulting firm, is often the best way to obtain both resource and expertise for objective planning and decision making. With a strategic plan in place, business leaders can make informed, long-term decisions that support both the organization and its personnel.

DynaSis has been providing managed IT support services to Metro Atlanta’s small to midsized businesses since 1992. We provide Availability – making sure your network is up and running; Mobility – allowing your employees world-wide access to your network; and Security – as an Internet security company, we resolve “issues” before they grow into problems. If you want to learn more, please visit www.DynaSis.com, or call us at 678.218.1769.

[featured_image]

By the DynaSis Team

In today’s IT-driven business world, networks have become the arteries that keep information pumping through a company. Yet, the technology of the networks themselves—what makes them operate most efficiently—is still a mystery to most people who use them. The good news is that there are now monitoring tools that can tunnel through networks, pinpoint their issues and often resolve them without human involvement.

Unfortunately, many companies still don’t use them. A study of 547 US and European-based network and security operations professionals found that 45 percent of IT staffs monitor network and application performance manually, instead of implementing network monitoring tools. As a result:

• Seventy-seven percent accidentally reported incorrect information to management teams.
• Eighty-seven percent reported the cause of a network event they weren’t certain was accurate.
• Seventy-three percent had currently unresolved network events.

This isn’t surprising, because networks are incredibly complex. They are webs of network hardware—firewalls and routers, for example, connected to dozens (if not hundreds) of endpoint devices, from desktop PCs and tablets to printers.

Furthermore, network hardware has become so adept at resolving or bypassing conflicts and other glitches that a few problems might not cause an outage. The issues mount until an outage occurs, at which time IT support staff must unravel a tangled web.

Even the most dedicated IT services experts cannot manage the current generation of networks (and their systems) manually, which is why monitoring tools were developed. They are fast, efficient and inexpensive, and they work with virtually no load on the system. More important for network security, monitoring tools can pinpoint network dangers that are not technically faults, such as unauthorized devices operating on the network.

Minimizing System Slowdowns—and Outages

So, what do monitoring tools do to help with network stability? They identify and monitor all connections and their relevant information and activity. They can also automatically fix a variety of minor problems that impact network speeds—before they become major problems.

To help ensure business health, monitoring tools can identify issues that require manual intervention before they cause an outage. They provide ongoing alerts and reports that properly trained IT solutions professionals can act upon. Any number of elements can cause an outage or significant slowdown, from excessive connection attempts that might indicate malware is attempting to penetrate the corporate firewall to an improperly configured device that an employee slips onto the network. Some can be resolved automatically, but others require attention, and fast.

Of course, like any tool, monitoring tools are most helpful when they are used by a qualified professional. For this reason, business leaders often work with a managed services provider (also called a managed IT services firm)—even when they have an internal IT department—to deploy these tools and follow up on any issues they detect. Such assistance not only reduces the incidence of system downtime dramatically; it also has been proven to free business resources, fostering innovation and a greater competitive edge.

DynaSis has been Atlanta’s premier IT support services provider for more than 23 years. As an IT company working with small to midsized businesses (10 to 150+ users), DynaSis has developed a unique 12-layer approach to network threat protection, ransomware prevention and crypto virus threat elimination. The DynaSis Business Cloud functions through a highly secure environment with full real-time data backup. Please contact us at 678.218.1769 or visit our website at www.DynaSis.com.

[featured_image]

By the DynaSis Team

On Tuesday, June 14, 2016 from 12:00-2:00 pm, the DynaSis Team will host an Open House at its new headquarters, located at 950 North Point Parkway, Suite 300, Alpharetta, Georgia. All of DynaSis customers, partners and associates, as well as local media, are invited to attend. At the event, one of our favorite local barbecue restaurants, ‘cue, will serve a luncheon to all attendees.

DynaSis’ move marks a milestone for our organization, as we have not only doubled our size but also expanded our systems to enhance the IT support and IT services we offer our customers. Recognizing the increasing challenge that small and midsized businesses (SMBs) face in today’s technology-centric, threat-laden landscape, DynaSis has taken significant steps to ensure it will remain the area’s most proactive managed services provider in coming years.

A recent study of IT security among SMBs, conducted by Wakefield Research, found that only 37 percent of IT decision makers felt their organizations were fully prepared to manage IT security and protect against threats. Equally concerning, fewer than 25 percent have a dedicated, in-house cybersecurity team or individual. Improvements we have incorporated into our new facility to directly address these shortfalls for SMBs include:

• New seats in our Network Operations Center and Help Desk departments.
• The addition of 300 percent more monitoring screens for support personnel to view situational awareness data for service delivery.
• A research and development lab and a dedicated training area.
• New, cloud-based IOT (Internet of Things) alarm, access control and surveillance systems.

During the event, visitors will have the opportunity to meet some of the DynaSis Team as we lead guided tours that showcase our new offices and equipment and explain the inner workings of the Managed IT Services model. As a thank-you to the Atlanta community for its years of support, we will also donate $10 to the Atlanta Community Food Bank (ACFB) for every Open House attendee. For the convenience of attendees, we can accept donations of canned and boxed goods and forward them to the ACFB on donors’ behalf.

For more information, or to RSVP, please email events@DynaSis.com

For small to midsized business owners and executives who are concerned about managed IT support services and network threat protection, DynaSis is one company that has been at the forefront since 1992. In this ever evolving world of cybercrime, crypto virus and network access protection have become critical to every company’s security. DynaSis also provides 24 x 7 x 365 outsourced IT services, with its own trained staff for helpdesk, real-time monitoring and the DynaSis Business Cloud, for highly secure data storage and backup. You can find out more by calling us at 678.218.1769, or checking out our website at www.DynaSis.com.

[featured_image]

By the DynaSis Team

Several recent reports have highlighted the growing importance for small and midsized businesses (SMBs) of outsourcing their IT functions. There is also new evidence that SMB owners are actively embracing the use of managed services.

Per a 2015 report from the MSPAlliance, an international association of cloud computing and managed services providers (MSPs), North American firms spend approximately $154 billion annually for managed services. The MSPAlliance also reports that SMBs are at the top of the list, in terms of adoption. Benefits cited by the SMBs contracting for managed IT services include increased operational performance, decreased operational risk, reduced IT costs and accelerated innovation.

The IT solutions offered as managed services range from computing, storage and networking resources to mobility strategy and management, expert, 24/7 support for users, and even telephony services. Some IT support companies offer ongoing monitoring, management and maintenance of the underlying infrastructure (with service guarantees).

The most engaged MSPs also offer IT consulting and strategic planning services to help organizations create roadmaps of upgrades and improvements, maximizing budget while minimizing downtime. With all of these options potentially—but not necessarily—available, SMB decision makers considering managed services must both identify their own priorities and vet their candidates carefully. Following are a few issues to consider.

• Does the technology partner focus on the business goals of its clients when it makes a recommendation? Providers must develop offerings tailored to the client’s business goals rather than recommending a cookie-cutter service plan.
• Does the partner take a long-term view of relationships and act as a trusted advisor? MSPs that see value in ongoing technology roadmaps help their clients be more resilient as market conditions change.
• Is the service portfolio comprehensive? Even if your company is outsourcing only a few functions initially, identifying an MSP that can grow with you will ensure you never have to manage multiple vendors.
• Has the MSP identified and addressed your technology pain points? The most qualified IT partners should perform assessments and make recommendations based upon your vulnerabilities, not just on their strengths.
• Does the MSP value and commit to close communication? If the provider doesn’t offer a timetable for regular meetings with account managers, reports that show the effectiveness of the engagement and periodic formal reviews, you won’t be able to benchmark the value of the relationship to your firm.

In the long run, many organizations find that contracting with an MSP for all IT services is the most cost-effective solution. This is especially true when the provider offers proactive monitoring and problem resolution, which is proven to reduce outages significantly. With virtually all SMB staff requiring computing resources, IT outages quickly become costly based on wasted staff resource alone. When the cost of lost sales and goodwill are factored in, the price tag is even higher. For even the smallest providers, the new reality is that uptime is no longer optional.

Selection of an IT outsourcing company is a very important business decision. For almost a quarter century, Atlanta’s small to mid-sized businesses have relied on DynaSis’ for managed IT services, internet security, and 24 x 7 x 365 helpdesk support. Today, with cybercrime becoming an ever-increasing threat, DynaSis has become an industry leader in network protection and ransomware prevention. Please take a tour through our website at www.DynaSis.com or speak with a technical expert at 678.218.1769.

By the DynaSis Team

[featured_image]

BYOD (bring your own device) is becoming an imperative for businesses. As we discussed recently, it is also one of the chief benefits of cloud computing. Yet, with the FCC and FTC recently announcing a joint investigation into mobile device security, BYOD is not a business practice to be taken lightly.

Statistics indicate many employees will engage in risky mobile behaviors, even with corporate devices. Business owners must develop and maintain a functional mobile security framework and then ensure their IT support team or managed IT services provider has the competency to administer it. It should be flexible enough to accommodate the realities of device usage but strong enough to protect business interests. Following are three key recommendations:

• Protect What Matters Most. Organizations should “compartmentalize” corporate assets so that only workers with a high level of clearance can gain access to the most sensitive materials. (Restricting data behind a cloud-based portal is a good solution; controlling access is an even better one.) Notify all personnel of the policy and remind them of the potential havoc that could ensue if they are careless with data.
• Enable “Lock and Wipe” Functionality. Mobile security solutions managed by an IT solutions firm almost always have the ability to wipe all traces of data from a device. Corporate “portal” solutions offered by managed services providers often go farther—with session wipes after corporate data is accessed from a mobile device. Firms that haven’t yet adopted these protections should at least require workers to enable built-in or provider-based remote lock and wipe features for any personal devices on the corporate network.
• Provide Appropriate Response for Infractions. There should be clear rules separating an inadvertent error, such as losing a phone, from engaging in “hacker-style” behavior. (One example is “jailbreaking,” where the user makes system-level changes, prohibited by the manufacturer, in order to install a third-party application.) For innocent mistakes, the business should encourage the employee to report the problem as soon as it is discovered and provide IT assistance if needed. In the later example, the employee should receive a formal warning—with dismissal a potential outcome.

Using BYOD may blur the lines between personal and corporate life, but that doesn’t mean business leaders can’t redraw them.

DynaSis has been providing managed IT support services to Metro Atlanta’s small to midsized businesses since 1992. We provide Availability – making sure your network is up and running; Mobility – allowing your employees world-wide access to your network; and Security – as an Internet security company, we resolve “issues” before they grow into problems. If you want to learn more, please visit www.DynaSis.com, or call us at 678.218.1769.

[featured_image]

By the DynaSis Team

For many small and midsized business owners, cybersecurity is a maze with no apparent exit. Bad news arrives daily, and “recommended” or “best practices” solutions can differ from one IT solutions provider to the next. As a managed IT services firm that helps companies navigate this maze on a daily basis, we understand how confusing cybersecurity can be. Even so, that doesn’t mean business owners can afford to ignore the threat landscape and hope it will go away. It won’t.

Last week, we read the annual Data Breach Digest from Verizon, an incident report that identifies cyberattack trends. To pinpoint the trend lines, a team of investigators explored more than 500 cybersecurity incidents from 2015 and then analyzed them with data from the two previous years.

Some of the results were unsettling, to say the least.

• Human error is still responsible for a large percentage of data breaches (30% over the past three years). Among breaches caused by human error, phishing (spoofed emails or websites that look real, to which users respond and become infected) accounted for 72% of those breaches.
• Initial compromise is happening the same ways it has for a decade, including email, social media, and infected thumb (USB) drives.
• Perhaps most disturbing, the report found that 80% of all data breaches--even those not officially assigned to human error--involve exploitation of stolen, weak, default or easily guessable passwords.

Since the dawn of corporate computing, experts have been urging companies to require secure passwords—and to teach employees how to keep them safe. The fact that 80% of breaches involve compromised passwords surprised even us.

Human gullibility will never be eliminated, which is why cybercriminals rely upon it. However, organizations can teach employees how to recognize danger—and avoid giving into their gullible natures.

In addition, requiring strong passwords throughout the organization is one of the single easiest steps a business owner can take to secure his firm and its assets. Even if you don’t think you can afford an advanced threat detection and mitigation solution or don’t have the time to conduct a “safe IT practices” training session for personnel, it is business suicide not to enact and enforce a password policy.

If you do not have a password policy, we urge you to create one, now. Issue a memo about passwords with a deadline, and identify a trusted management or IT staffer to follow up and ensure compliance. To get workers excited, sponsor a contest, and offer a gift certificate or other perk to the person with the best password and the one that reaches compliance first.

To help you get started, here are a few pointers:

• Passwords must contain at least eight characters; 14 is even better.
• Passwords must not contain the user name or parts of the user’s full name, such as a first name.
• Passwords must use at least three of the four available character types: lowercase letters, uppercase letters, numbers and symbols.
• Passwords must be changed at least every 90 days, and personnel should receive a task reminder via email, calendar, etc. that won’t go away until they confirm completion.
• Passwords for company resources must not be shared with anyone—even other employees—not should they be transmitted to other devices via email or other method “for safekeeping” or any other reason.
• The firm should have a written, enforced policy that states failure to adhere to password guidelines may result in termination.

Many data storage solutions incorporate strict password policies, and a number of affordable security solutions police them. After you get everyone on board with password management, consider working with an IT consulting or IT support firm to adopt a technology-based enforcement mechanism. It will pay for itself, quickly.

DynaSis has been Atlanta’s premier IT support services provider for more than 23 years. As an IT company working with small to midsized businesses (10 to 150+ users), DynaSis has developed a unique 12-layer approach to network threat protection, ransomware prevention and crypto virus threat elimination. The DynaSis Business Cloud functions through a highly secure environment with full real-time data backup. Please contact us at 678.218.1769 or visit our website at www.DynaSis.com.