MSPNetworks Blog

Other than the innovative jump from tape, data backup hasn’t seen too many great leaps forward, so to speak. Sure, businesses don’t have to worry about resource-intensive manual backups anymore, but the standard approach is so rock-solid that innovation isn’t necessarily needed at this point. Today, we are exploring the backup and disaster recovery process and how modern-day solutions have made an effective tool even better.

In the wake of Hurricane Beryl, businesses have another reason to reflect on data backup, disaster recovery, and business continuity. Since the hurricane made landfall in Texas, despite being downgraded to a tropical storm, it still caused over $5 million in damage to islands across middle America.

A popular automotive dealership software platform has recently become the target of a cyberattack, resulting in the solution going down for several days. Any business that has a solution it relies on can sympathize with the situation. After all, if you lose access to your critical business apps for several days, would your operations be able to recover?

Perhaps predictably, the word “insure” has roots that tie it closely to “ensure,” as it is meant to ensure a level of security after some form of loss. Nowadays, that loss often pertains to data, making cyber insurance an extremely valuable investment for the modern business to make.

However, in order to obtain this kind of insurance, businesses commonly need to meet some basic requirements. Let’s go over some of these requirements now.

What Are Insurance Providers Looking for to Approve Cyber Insurance?

It’s important that your business is not only meeting the requirements that an insurance provider expects from you, but that you also have it fully documented. This helps make it easier for everyone to stay on the same page, as well as to evaluate how prepared the business is to protect its data. What follows are some of the preparations that many insurance providers expect to see from businesses seeking coverage.

Multi-Factor Authentication Protecting Email (at a Minimum)

It should come as no surprise that email is a major target for cybercriminal activity. It’s popular, it’s convenient, and—as countless attacks have proven—it works. If a cybercriminal manages to gain access to a target’s email account, they effectively have the keys to the castle, as any accounts tied to that email can then be altered and adjusted.

This is what makes it so important that if you have multi-factor authentication protecting anything, your email is a good candidate… although, we recommend that it’s implemented wherever it is available. Multi-factor authentication reinforces your security by adding additional requirements to a login process before access will be granted, ideally by also requiring a user to confirm their identity, often through a secondary key or by providing a generated code or biometric proof.

The long and the short of it is that MFA is a very effective means of eliminating unauthorized access, which is something that insurance providers want to see before they offer coverage.

Testing and Training for Cybersecurity Awareness

On a related note, insurance providers want to see staff engagement where a business’ cybersecurity is involved. After all, all the protection in the world won’t matter if one of your team members leaves the door open or allows an attacker in. This makes it critical that your team knows about the threats they face and—crucially—how to appropriately identify and react to these threats as they encounter them.

Due to the evolving nature of cybercrime, this needs to be an ongoing process. You should be regularly evaluating your employees with and without warning, providing immediate education to anyone who misses one of your simulated threats. Your potential insurance provider will likely want to see documented proof that these steps exist and are enforced as they consider your application.

Incident Response, Backup and Disaster Recovery, and Similar Defenses

In order for these policies to stay profitable, insurance companies will want to see that every precaution has been put in place. After all, the less likely a policyholder is to suffer the damages that their policy covers, the less likely it is that the insurer will have to issue a reimbursement payment. As a result, insurance providers like to see that businesses are as prepared as possible, so they don’t just want to see preventative measures, but mitigations as well.

Therefore, your insurance provider is going to want to see everything you have in place as a part of your incident response plan. They’ll want to see that your backups are situated and updated appropriately, they’ll want to see established processes and systems, and they’ll want to see that you have different people assigned to carry these processes and systems out.

Applicable Compliance Gap Assessments

Chances are pretty good that you process credit card information as part of your business operations in some shape or form. This means that you presumably need to align to the Payment Card Industry Data Security Standard (PCI DSS), which dictates what businesses need to do to protect the information of their cardholding customers. A gap assessment is a process that helps you identify anywhere that you fall short of true compliance, allowing you to more effectively resolve these issues to reach the standards expected. Because of this, insurance providers will want to see the results of your gap assessments and documentation of any steps that you’ve taken to fix the issues present regarding any applicable compliance requirements.

We can help you maintain the standards that an insurance company will be looking for to approve your business for cyber insurance coverage. Learn more about our managed IT services by giving us a call at (516) 403-9001.

Tape backup has been used for a long time, and it was once the most prominent solution for data backup out there. Nowadays, it’s not used much at all, mostly in favor of better and more convenient solutions. However, there has been a slight resurgence in tape backup, so we want to look at why some companies might still use it, despite its flaws.

Why Use Tape Backup?

Data redundancy tends to fuel businesses and their data strategies, and this is even more true as the cost and availability of digital backup systems has decreased over time. Tape backup has mostly been phased out, but some businesses still choose to cling to it for a variety of reasons. Here are some of them:

• Reliability and Longevity: Tape backup is reliable, and has been for a while. It can last for a long time when it’s cared for properly, being less susceptible to corruption over time compared to some storage media.
• Long-Term Storage: Tape is also helpful for storing large amounts of data for long periods of time. The infrastructure is the initial investment, but ongoing costs are low compared to other solutions.
• Data Retention Regulations: Data retention is a point of contention for some organizations, entities, and industries. Tape backup is a way to meet those standards for the sake of compliance, if nothing else.
• Large Data Sets: Businesses that have a lot of data to work with will find cloud backups somewhat impractical, largely due to bandwidth limitations. Tape backup can skirt around this issue.
• Legacy Systems: If compatibility with legacy systems is a factor, then tape backup could give businesses an out while they migrate to newer systems.
• Offline Backups: Tape is stored offline and in a secure off-site location, keeping data loss low in the event of a system failure or natural disaster.

Other Solutions Are Better, Though

We think it’s great that people are making the effort to protect their data, even if it’s with tape, and even if there are better options available. One such solution that we love to recommend to our clients is the BDR, or backup and disaster recovery solution. This system uses incremental backups that occur as often as every 15 minutes to save and store data both on-site and in the cloud or a secure, off-site data center. This provides the redundancy needed to guarantee recovery when it’s needed most.

In comparison, tape is labor-intensive and time-consuming. It could take hours or days just to restore a backup. It’s not reliable, and you can do so much better. Let us help you get there with BDR. To learn more, call us today at (516) 403-9001.

Cybersecurity is important. Scroll through a few pages of our blog and you’ll see article after article talking about threats and ways to make yourself and your business less vulnerable to cyberthreats. As an IT professional, however, I’d be so much happier if the state of the world didn’t require such a massive effort just to protect oneself and we could just talk about cool stuff you can do with modern technology all the time!

But alas, strong cybersecurity is crucial to virtually any organization, and it’s becoming even more important by the month.

You Can’t Flub Your Cybersecurity Awareness

Cybersecurity is something that you can’t just ignore. It’s not going to ignore you—cybercriminals target the people who think they aren’t a target in the first place.

Most businesses these days have at least some level of cybersecurity-based compliance regulations to meet and follow. Some can come from the state, some can come from the industry you are in, some apply based on the type of information you work with, and some can come directly from your business insurance provider. 

One of the biggest mistakes I see business owners and C-levels make is that they have overconfidence in their own cybersecurity. Most business owners are the least secure people I know (and I don’t mean that in an insulting way; CEOs and entrepreneurs, in general, are just wired to be efficient, and cybersecurity practices can feel like a big roadblock to efficiency.)

Heck, I lose sleep at night when I suspect that the owner of a company we work with refuses to use multi-factor authentication, but I catch myself longing to turn that feature off because of the extra couple of seconds it adds to getting into an account every day. 

The point is, even as a leader, you can’t skimp on security. In fact, you should be the shining example of it in your organization.

You Have to Know If You Are Compliant or Not

Depending on the regulations your organization needs to meet, you likely have a laundry list of tasks to check off quarterly or yearly. For many organizations, a part of that might include a regular penetration test.

A penetration test is a very specific set of tasks that involve an ethical hacker attempting to break into your business network using a variety of different ways. 

There are multiple phases that include reconnaissance, scanning for vulnerabilities and other weaknesses, getting in and attempting to steal, change or delete data, staying within the network undetected for a period of time, and looking for non-technical ways to exploit your organization, such as social engineering.

It’s not a small feat, and it’s far from the typical quick network audit or port sniffer scan and things that a technician might do to solve a problem or investigate an issue.

Don’t confuse the small stuff with a penetration test. I’ve talked to business owners in the past who were convinced their network was secure because a third-party ran some network audit tools that came back with devices that were out of date and fixed them. While that’s important to do, and something we do regularly, and maintain for our clients, it’s a long way from an actual penetration test.

Let’s Make Sense of Your Cybersecurity, Together

Protecting your business from modern-day threats and meeting regulatory requirements is a challenge if you try to do it by yourself. Let MSPNetworks be your trusted IT partner and keep your business operating smoothly. Get started today by calling (516) 403-9001.

We often discuss data backup and disaster recovery on our blog, and you may even be familiar with some of the terms and practices we throw around. Today, we want to take a closer look at the 3-2-1 rule and how it impacts your business’ ability to recover in the face of a disaster. Let’s dive in and see how the 3-2-1 rule can make or break your company’s data infrastructure.

What is the 3-2-1 Rule?

When we discuss the 3-2-1 rule, this is what we mean:

• Three copies of your data: You should have three updated copies of your data, including the original.
• Two types of media: You’ll want to use two different storage mediums, at the very minimum. For example, you could keep one in the cloud in addition to the original stored on your network.
• One copy off-site: Whether it’s in an off-site data center or stored in the cloud, you should keep one copy isolated from potential attacks against your network.

Of course, this isn’t an end-all-be-all for data backup and disaster recovery; it’s merely a baseline that you can augment in whatever way you need. For example, you might choose different storage sites for various parts of your data infrastructure, or other unique requirements in addition to the baseline established above.

Why Does the 3-2-1 Rule Work?

The 3-2-1 rule is important for businesses no matter the size or industry, and it’s an important part of ensuring redundancy for your organization. For example, if something happens to your on-premise hardware, you will rely on your cloud-based data backups to recover. This is particularly important in today’s ransomware-filled business environment. And don’t forget to test your data backups periodically, too; the last thing you want is to find out your backups are corrupted when you need them most.

MSPNetworks can help your business with our comprehensive backup and disaster recovery solution. Our BDR tools can help you ensure that your company follows the 3-2-1 rule while ensuring redundancy. To learn more, reach out to us at (516) 403-9001.

When you suffer a data breach, you might wonder how you can possibly come back from such an event, especially if it leads to a network compromise. Can your business rebound effectively, and if so, what do you need to do to make sure that it doesn’t happen again? It all starts with understanding how much data you need to function, as well as how much downtime you can afford to suffer from.

With all this in mind, you need to have a business continuity plan to prepare for the worst. Your business cannot afford to not be prepared for downtime-causing incidents. You can have the strongest security system in existence and still suffer from a data breach; therefore, you need to have contingencies in place that can help you navigate these unfortunate and unlikely scenarios in an effective way.

You should be backing up your data for multiple reasons beyond cybersecurity. You also must prepare for damages to your physical infrastructure that could affect your data, like natural disasters and user error. Let’s go over what business continuity and disaster recovery mean for modern businesses.

Business Continuity and Disaster Recovery Are Two Different Things

Business continuity and disaster recovery are often mistaken to be the same thing, but the fact is that disaster recovery is part of the greater business continuity effort. Business continuity includes far more than just data recovery; it also includes administrative aspects of running your business, including other events that could derail operations. Disaster recovery, in essence, is one part of an effective business continuity plan.

Disaster recovery starts with data backup, and if you think your business can run without it, you’ve never tried to run it without data or applications. Some businesses can suffer from downtime for longer than others without serious ramifications—this much is true—but enough downtime can cripple any business. This is why it’s important to know what standards you are working toward regarding disaster recovery.

What You Must Consider

Proper backup protocols include far more than storing copies of your company files in a safe location. It also means making sure they are accessible when you need them most. Not all disasters are going to hit you hard enough to knock you out of commission permanently, but you should treat each of them as seriously as they could. Even something as simple as a malware attack or a user error could make more work than necessary for your company if you’re not prepared to deal with it.

We want you to take this major point away from this blog. You should store multiple copies of your data in various locations, both on-site and in a secure, off-site data center (or the cloud). With these contingencies in place, you should be prepared for any situation that could derail your operations, whether it’s hardware failure or a hacking attack. A BDR solution from MSPNetworks can prepare you to restore your data as quickly as possible following a disaster through a temporary server which can keep operations moving while IT repairs or orders a replacement server. On top of that, our BDR solution is much faster at restoring a backup onto a new server compared to traditional backup methods, saving you a ton of time and labor.

To learn more about how a BDR system can be just the right proactive solution for your business, contact us today at (516) 403-9001.

We often think about disasters in the context that they completely destroy the office, rendering your business incapable of operations. However, this is only part of what is encompassed by the term “disaster,” and the whole picture is far more terrifying. Any disruption to your operations can be considered a disaster in its own right, so we wanted to take some time to go over what you should look out for with your disaster planning.

Sure, there are disasters that threaten your physical infrastructure, but the types of disasters that most organizations will suffer from are something quite different.

Disasters are Common Occurrences

Natural disasters might be the first thing that comes to mind, and depending on where your office is located, you might experience various different types of them, whether they are structural fires, electrical storms, floods, earthquakes, hurricanes, tornadoes, or others. They can inflict serious damage to your office and potentially make it impossible to conduct business from that site. There are other types of disasters that aren’t so in-your-face, though, and these are the ones we want to talk about today.

The disasters that don’t destroy your office are the ones that can impact your operations in serious ways, like data breaches, hardware failure, or user error. If you’re not careful, these disasters can bring your productivity to a sudden end. Hardware failure in particular can lead to data loss and downtime, both of which can be devastating for your bottom line.

Data breaches can be a serious problem, especially when they can impact operations. An active data breach makes your infrastructure inaccessible while the threat is mitigated, and in some cases, data can be locked down by ransomware. User error can also create situations where data is misplaced or lost. All it takes is poor security practices or a network misconfiguration.

Get Ready to Handle All Types of Disasters

If you want to keep your business from suffering due to unpredictable disasters, you need to 1) implement a data backup and disaster recovery solution, and 2) consider all aspects of business continuity.

With comprehensive data backup and disaster recovery solutions, you can follow through on the 3-2-1 data backup rule with three copies of your data in two locations, one of those located in the cloud for accessibility purposes. Business continuity includes much more than your data backup, though, and it includes aspects of running your business such as your workforce, your place of operations, and chain of command.

Let Us Help You Out!

To take some of the stress out of your disaster preparedness, give MSPNetworks a call at (516) 403-9001. Our trusted technicians can work with your team to implement the best solutions on the planet. We can even help you develop a business continuity plan. Don’t delay; call us today!

Insurance is a great asset, should you ever need it… including where your business technology is concerned. If you weren’t aware, there is a form of insurance—cyber insurance—that you can purchase in case your business suffers from a data breach.

Is this additional form of insurance worth the investment? Absolutely.

Let’s take a few moments and explore why you’ll be happy to have cyber insurance when the time comes

What is Cyber/Cybersecurity/Cyber Liability Insurance?

Cyber insurance, like any other form of insurance, is meant to help cover the financial impacts of a given event. In this case, the event would be some kind of cyberattack.

It can be easy to underestimate the fallout that a cyberattack can have. Sure, there’s the immediate issue that the attack itself creates in terms of lost time and productivity, but there are plenty of other impacts and aftereffects that are also associated with these attacks as well.

For instance, if you’ve lost data, you could very well face significant fines from the government, on top of the definite lack of trust the general populous will likely feel toward your business once word gets out about your data loss event.

Then, you also have to consider how much it will cost to restore your business, fixing the systems that have been impacted and influenced by the attack. You need to account for all the business that the aforementioned lack of trust will lose you. You need to factor in the cost of all the notifications that you will need to send out to those impacted by your data breach.

This is a pretty, pretty penny… far more than you can realistically budget away in your IT costs.

Hence, cyber insurance.

What Can Cyber Insurance Help Cover?

There are assorted needs that cyber insurance can help you to pay for, if need be, including:

• Notifying affected parties
• Resolving security issues
• Providing credit monitoring services for those impacted
• Extortion payments
• Expenses related to resuming your business practices
• Covering public relations costs

Who Needs Cyber Insurance?

To put it in no uncertain terms: any business that stores or handles sensitive information, whether that’s financial data, medical information, contact details, or personally identifiable information.

Don’t get us wrong, we don’t hope that you ever have a need for cyber insurance—we just know it is better to be prepared. Having said that, we’re also here to help minimize the chances that you’ll ever need it.

Reach out to us to learn more about our comprehensive cybersecurity services by calling (516) 403-9001.

There are countless ways your organization could face down a disaster, whether it’s a high-profile natural disaster, a physical disaster, or a technology-related disaster. If you aren’t prepared to face the consequences, your business could falter in the face of such incidents. How can your business best prepare itself for all manners of disasters?

Disaster Recovery Is a Big Issue

There are two ways to approach a disaster: reactive and proactive. The reactive approach involves the mindset that you cannot prevent the disaster; therefore, there is no reason to try, as you will experience the consequences anyway. The other mindset, proactive, subscribes to the idea that you can be ready for a disaster and can mitigate the damages ahead of time with the right amount of preparation.

In just about all situations, it’s better to be proactive than reactive, especially in the case of disaster recovery. Due to the nature of the situations, you never know if and when they will strike, so you had best be prepared to handle natural disasters, physical disasters, and technology disasters. Let’s go over them.

Natural Disasters

A natural disaster is usually what people think of when they think of disasters, and they include situations like fires, floods, hurricanes, tornadoes, blizzards, and so on. You could even put a pandemic in this category. While the severity might vary, there can be no denying that these situations can impact operations. You need to have a plan to address unexpected weather and illness for your business; the continuity of operations hangs precariously in the balance.

Physical Disasters

A physical disaster has to do with the physical infrastructure of your company, which might include your building, its utilities, physical security breaches, or theft. Examples include burst pipes, HVAC system errors, and power failures. While it might not seem like a massive loss, you can be sure that the accumulated downtime will be costly enough to make you wish you had a contingency plan in place.

Technology Disasters

Technology disasters are the result of technology failures, including the components of systems, as well as cybersecurity breaches. These are the most likely issues you will deal with regarding your hardware, and it will inevitably fail with enough wear and tear. Furthermore, they require a very specific skill set and expertise to maintain. Technology-related disasters like data loss and cyberattacks can both be prepared for, so it’s your responsibility to do so.

How to Go About Planning for the Worst

The general goal of a disaster recovery plan is to reduce downtime and get back to business as usual as quickly as possible. The devil is in the details, here; you need to know exactly what must be done, including metrics and benchmarks you want to hit, in order to successfully prepare for a disaster incident. There are certain things you’ll need regardless of the situation, though, such as data backed up both on and off-site. With the appropriate preparation, you can ensure that these situations don’t derail your operations.

MSPNetworks can help you build out a disaster recovery plan and test it periodically to ensure your business can recover without a hitch. To learn more, reach out to us at (516) 403-9001.

When we are talking about the continuity of your business, we typically use the colloquialism “disaster” for just about anything that could put the brakes on your business’ ability to do business. But what happens when that “disaster” is an actual disaster and threatens to derail your business completely? Today, we take a look at some disaster preparedness tips that can quite literally save your business from ruin. 

Tip #1 - Plan Emergency Guidelines

Your business can be humming along as usual when a disaster strikes. This could be weather-related, a structure fire, a malware attack, or any other circumstance that threatens to take down your business for good. For these circumstances, you absolutely need a plan. Emergency preparedness is a difficult endeavor since there are many different scenarios where you would need to enact it, and many of them require different considerations. That’s without mentioning that every business has unique elements that need consideration. 

The first thing that needs to be accomplished—even before you begin planning how to combat each type of emergency—is to ensure that you have the resources in place that will work regardless of the type of disaster. This includes thorough instructions for your team, including assigning roles individual people will need to fulfill in the case of a disaster. Having proactive strategies in place to combat large-scale business interruptions may be difficult, time-consuming, and oftentimes costly, but you will be glad you have them if disaster hits your business.

Tip #2 - 3-2-1

You will also want to have a comprehensive data backup and recovery strategy in place since most small businesses won’t be able to have the type of contingency plan that would involve moving to a new location immediately. For many small businesses, having access to their applications and data is a crucial part of being able to mitigate downtime. 

At MSPNetworks, we suggest following the 3-2-1 approach to data redundancy. That is having three copies of your data, two of those copies stored onsite, with one stored offsite. This allows for fast recovery in the event that the “disaster” isn’t something that takes out your ability to do business at your brick and mortar location, but also protects against tragic events that render your place of business offline, without power, or worse.

Tip #3 - You Have to Test

Nothing could be worse than taking all the time, effort, and expense to plan for a disaster, assign roles, and train your people in their assigned disaster recovery roles only to find out that there is a critical failure somewhere in your disaster recovery strategy. It’s like building levees to keep the water out only to find out when the time comes that they weren’t maintained properly. 

To keep this from happening, you need to know, not think, but know that your disaster recovery strategy will work if it is called upon. Part of risk management—and this whole plan is nothing more than managing risk—is to ensure that you are able to weather the figurative (or literal) storm and come out okay on the other side. To accomplish this, you need to test your disaster recovery system, your guidelines, and your overall strategy to ensure that it will work if the time comes. 

If you would like to talk to an IT professional about disaster recovery and what your business should be doing to ensure that when a disaster strikes your business that you will be able to reliably continue operations, reach out to our knowledgeable staff at (516) 403-9001 today.

Having a comprehensive data backup and recovery strategy in place can absolutely save your business. This means it’s extremely important. Unfortunately, too many businesses don’t consider their backup and recovery systems until it is too late. Let’s unwrap what makes a successful backup and recovery platform work, and how to get one for your business.

Many business professionals use data backup and disaster recovery as if they are interchangeable, but this is simply not the case. Data backup is the act of making copies of your data while disaster recovery is a process that includes the act of actually restoring the data using the data backup. Obviously, the two systems are related (as one can’t happen without the other), and today we’ll take a look at why they are both integral to the continuity of a business.

Data Backup

When you first implement your backup solution, you should be focused on which data (and how much of it) you want to back up. It’s important to remember that not all data is as important as other data and therefore it is critical that you think about what data will be necessary to keep your organization functional if and when you experience operational troubles. As a rule, you should try to back up as much as you can without it affecting your ability to restore later on. The ideal data backup process will happen automatically without any resource dedicated to running it, as user error has sunk more than a few businesses in need of a data backup.

Disaster Recovery

On a related note, disaster recovery deals with the process of restoring your data following a disaster. The main way of measuring effectiveness of disaster recovery is speed. How fast can you get back into a comparable situation where you’re not operating at a loss? You should also consider where you’re trying to restore from. Best practices dictate that you have at least three copies of your data with one stored in the cloud, and two stored on-site for ease of access. Furthermore, you need to consider running automated tests to ensure the disaster recovery process will work the way you want it to when you need it most.

Does your business need a hand with implementing data backup and disaster recovery? Our all-in-one Backup and Disaster Recovery (BDR) solution can provide you with a powerful preventative solution to ensure your organization doesn’t fall to unexpected disasters. To learn more, give our IT experts a call today at (516) 403-9001.

Most business owners that rely on their IT have heard about managed It services. Many already subscribe to some form of outsourced IT service. It is one of the best ways to cut down your business’ operational costs while gaining value through the use of services that, if they were to be purchased intermittently, would cost a lot more. Today, we thought we’d list some of the most important variables you should consider if you are looking to choose a managed IT services provider.

Fast, Fast, Fast

If your business is going to use a service over hiring your own IT professionals,you have to know that the service provider can provide you with the reaction speed necessary to do the job. At MSPNetworks, we can do you one better. We use some of the most cutting edge management software available to monitor and maintain your hardware and network’s integrity, patch your software before there are problems, and do all of this proactively.

You need an IT service provider who can return your IT to an acceptable standard of working order as quickly as possible, but if it’s always working as intended, that would be better, no? Get proactive and forget downtime. 

Disaster Recovery

Many business owners don’t know how to identify a disaster, let alone have a disaster recovery platform in place. With a comprehensive IT services platform from MSPNetworks, you will. Not only does our managed IT service offering come with comprehensive backup and disaster recovery built in, it comes with the experience of our certified technicians who have seen everything and can get your business back up and running quickly after any type of disaster, whether it be malware, user error, or full-scale disaster. 

Employee Support

Your staff is going to have computer issues. It goes with the territory. Sometimes they lose their passwords, sometimes the printer won’t print, sometimes the computer they’re using sounds like a small prop plane. No matter what the problem is, MSPNetworks offers a comprehensive help desk platform. Giving your staff direct access to certified technicians can provide the answers they need or the remote help required to deal with 98-out-of-100 situations. 

Budget Planning

As mentioned above, our people have seen it all. Our consultants can help you plan out your IT budget for the year, to the dollar. In order to get control over your IT budget, you will need to have a strategy to not only support your staff, service the machines that you have in house, and handle your cloud and software vendor agreements, you will need a plan for the future. We can help you plan out every single aspect of your business’ IT, and do it cost effectively. 

MSPNetworks Managed IT: Peace of Mind

The bottom line, if you don’t have managed IT services, you should really consider it, and if you do have managed IT services, you should know that not all companies deliver equal services. At MSPNetworks, we take pride that our New York clients are better for having trusted us to look after their business’ IT. 

 If you would like to learn more about what we can do for your business, give us a call today at (516) 403-9001.

How confident are you that your business could survive a data disaster of any size and scale, from a single misplaced file to a complete loss of your entire onsite infrastructure? Being prepared to recover from any version of events is key to your business’ success. Let’s discuss this concept, which is widely known as IT resilience.

What is IT Resilience?

Resilience is a kind of umbrella term, covering three more specific business IT concerns and consolidating them into a single concept. These three concerns are:

1. High availability of your business’ crucial hardware and software, covering how well it can rebound from issues like minor failures, user errors, and attacks. This means that your resources need some level of redundancy.
2. Cybersecurity measures, so your IT resources are protected against threats and any security issues that do arise can be rapidly identified and mitigated.
3. Disaster recovery solutions that can minimize your downtime should some event impact your business processes, so that you can quickly return to productive operations.

These three concerns each must be attended to for your company and its IT to be truly resilient… where these issues can be experienced and overcome, and your business can fully recover and resume operations as usual. Ideally, your resilience will be high enough that your customers could conceivably go without even noticing that an issue took place before you had already resolved it.

Ensuring Resilience

To best understand the process of making sure that your IT infrastructure is sufficiently resilient, let’s look at a different example.

How often do you cross a bridge? For that bridge, resilience is extremely important, as it will need to hold up against a lot of pressure to successfully do its job. This means that a lot of consideration and care need to go into its design and construction. Supports need to be able to handle the amount of traffic with precautions put in place, safety concerns need to be addressed for the bridge to continue functioning, and so many other concerns need to be seen to. The same can be said of your business’ hardware and software.

How well can the bridge resist intentional sabotage as well? If it’s easy for someone to make it more vulnerable to issues, “resilient” is hardly the right word. Tying this back to your infrastructure, how much cybersecurity is in place to protect it?

Finally, what’s the plan for the worst-case scenario, like if the bridge were to fail? What strategies have you prepared to deal with the immediate effects and the ramifications moving forward? Are you prepared to divert traffic to maintain operations? How well, and how quickly, can the bridge be repaired for traffic to continue? This kind of disaster recovery preparation is something that you need to have completed for your business.

Planning for Resilience

Each step of your processes and procedures needs to be examined to ensure that your strategies are sufficiently prepared for the potential events that could impact them. For instance, in terms of your disaster recovery strategy, where are your data backups stored? Keeping them in the same place as your original data is not resilient at all, as it could just take one disaster to lose it all.

Plus, even though there needs to be some ranking in terms of importance, you need to make sure that all your business’ IT is protected. All your data and its storage infrastructure, your business location, and yes, your employees, all need to be considered as you reinforce against disaster. Will it be cheap? No—but experiencing a disaster will be far worse.

Who Can Help?

True business resilience requires a very in-depth process, and as such, it requires the skill of an experienced IT professional. This is a hurdle for many businesses, with many currently relying on the skill of one or two of their employees to handle their IT needs and provide the support necessary—or seeking out external assistance from an outside provider.

The fact that resilience also isn’t one-size-fits-all, but more individualized to each business’ solution, is another complication. Neither an internal team nor a call-in, one-off provider can usually manage this challenge. However, for a managed service provider like MSPNetworks, this all is firmly in our wheelhouse.

What We Can Provide

Instead of offering all our clients the same solutions and assuming they’ll work, our team approaches things from a more personalized angle. After a comprehensive audit and review of your situation, we’ll work with you to design and implement an infrastructure and strategy that mitigates your weakness and leverages your strengths.

We can supplement your existing IT or step in as an outsourced department, whatever you need to keep your technology secure and available to your business regardless of the situation. To learn more about our services at MSPNetworks, and how they can boost your IT’s resilience, reach out to our team by calling (516) 403-9001.

Your data is vital for your organization’s continuity. Your data consists of everything from your company documents, accounting records, client contact information, prospects and leads, procedures, and everything else needed for you to keep operations running smoothly. That’s why all businesses need a solid backup solution that is monitored and tested regularly.

Why Should I Test My Backup?

As with anything, your backup solution isn’t infallible. A lot can go wrong when your backup is running, for example:

• Hardware/media failure
• Software failure
• Compatibility issues
• Network connectivity issues
• User error
• Task scheduling issues
• Files-in-use issues (especially for older backup solutions)

...and more!

Many backup solutions have a verification process to attempt to verify that a backup was taken properly and spit back any errors in the backup software if anything was found. Even the old, slow tape backup systems from a decade ago often had features like this. The problem is that sometimes with tape, the tape could be degraded to the point that it passes the verification test but ends up being partially or fully unreadable when it comes time to pull the data.

If you can’t tell, we don't prefer tape backup. It’s slow, arduous, and not very reliable, and the restoration process takes an incredibly long time compared to more modern methods.

Hard drive-based backup, including NAS (Network Attached Storage) and BDR (Backup and Disaster Recovery) solutions are much more reliable from a technical standpoint, but could still suffer issues if not configured properly or if they run into roadblocks like network connectivity issues.

Testing your backup could also reveal files, applications, or databases that aren’t getting backed up properly. It’s easy to configure your backup, and then install some new software later down the road and forget to make sure the data is getting backed up.

You want your data to be backed up and complete so in the event you need it, you can restore everything and be up and running quickly.

How to Test Your Backup

Essentially, you’ll want to deploy your backup in a virtual environment and run off of it. This simulates a catastrophic data loss event and lets you and your staff see if they can get by based on the data stored in the backup.

Not all backup solutions allow you to do this. Tape backups, for example, can’t be run or accessed off of the tape, so you would actually need to extract the archived data from the tape and redeploy it on a secondary or virtualized server. This could take several hours or even days to do, and by then the backup won’t be up-to-date.

Our BDR solution, however, allows us to virtualize your server and spin everything up. The process looks something like this:

1. Temporarily disable/disconnect your server from the network, simulating a hardware failure.
2. Spin up the backed up virtual copy of your server on the BDR.
3. Have the BDR take over all of the roles and responsibilities of your server.
4. Your network should be back up and running at this point, and all data should be fully accessible by your staff.

If it were a real hardware disaster, your BDR could serve as kind of a spare tire for your network, taking over for the server that had the issue. Things might be a little slower until the downed server is repaired or replaced, but at least operations can still run.

If you’ve been backing up your data (and you absolutely, definitely, positively, without-a-doubt NEED to), you should also be testing the consistency of your backup. Let’s take a look at your backup and run a test to see if everything is actually getting backed up so you aren’t surprised when you actually need it.

Give us a call at (516) 403-9001 to get started.

World events have always had a big impact on the banks that one finds on Wall Street, but in many ways, the one that coronavirus (COVID-19) has demonstrated has been unprecedented. As such, it almost provides a case study of the importance that disaster recovery planning has for any business… Wall Street institutions included.

As the virus has spread across the world, markets everywhere have felt its impact. Distribution patterns have been disrupted due to assorted blocks on travel. Additionally, the meetings and conferences that this industry typically sees have been cut off. Naturally, this has led to these banks rolling out their backup strategies, the pits that are typically filled with traders abandoned… but more on that in a moment.

How Has Coronavirus Encouraged Disaster Recovery Awareness?

Getting right down to brass tacks, it is clear that COVID-19 is a disaster, albeit one that you may not have considered a “business disaster” at first. However, anything that interrupts a business’ processes is considered a disaster… and it is safe to say that COVID-19 has done just that. So how do you prepare a business for a pandemic?

Actually, it isn’t all that different than what your routine business continuity processes should consist of, specifically, the fact that--in case of a disaster--you need to be sure that your business has the mobility it will need to survive.

Coronavirus’ hallmark is the social distance that is recommended to be kept between people to prevent the spread. Therefore, it makes sense that people would want to keep as far of a distance from each other as possible.

The solutions for remote work, software-as-a-service delivery, and cloud-based disaster recovery prove very valuable both when you want to give your users the capability to work from their home, as well as when your office is the location of a disaster event.

So, in order to protect your employees from the spread of coronavirus, you only need to be protecting your business from other disasters as well. Sounds like a win-win.

For assistance in implementing the technology needed to maintain your operations through any disaster, reach out to the professionals at MSPNetworks by calling (516) 403-9001.

COVID-19, or coronavirus, has been a major global health concern over the past couple of months. At this point, it is clear that this disease could have serious impacts on the workplace. We wanted to provide a brief rundown of good workplace and network health practices, as well as a few pointers on how you can handle health-based employee absences.

How to Minimize General Exposure in the Office

Based on what is currently known about the coronavirus, the Centers for Disease Control and Prevention have some recommendations as to how to keep the potential impact of coronavirus to a minimum:

• Encourage employees who are ill to stay home. This will help to minimize the spread of infection within your business. Make sure that your employees are aware of this policy by reiterating it verbally, and by posting notices around the office encouraging them to stay home if under the weather.
  
  Emphasize hygiene and etiquette. Properly stifling coughs and sneezes and keeping hands clean are surprisingly effective ways to keep your workplace healthier. Rather than using their hands to catch a cough or sneeze, your employees should use a tissue or--if unable to do so--use the upper part of their sleeve.
  
  The CDC recommends that tissues and alcohol-based hand sanitizer should be made readily available. Make sure your employees are washing their hands with soap and water for the recommended 20 seconds.
  
  

• Engage in keeping the workplace clean. There is a chance that coronavirus (and other illnesses) could be spread via infected surfaces. Make sure that all surfaces that are touched frequently, like desks, workstations, and doorknobs, are kept sanitized. Provide your employees with disposable wipes so they can proactively disinfect these surfaces before use.

If you find that one of your employees is confirmed to have been infected with coronavirus, make sure that you inform their coworkers of their possible exposure while still maintaining the confidentiality that the Americans with Disabilities Act requires. These employees and those who are living with a sick family member should assess their risk of exposure using the CDC’s guidelines.

Coronavirus as a Cyberthreat

Unfortunately, coronavirus will also require you to also keep an eye on your network security, particularly if you operate within the healthcare industry. Hackers and cybercriminals have taken advantage of the widespread concern that the disease has caused. For example:

• Scammers have phished healthcare providers with updates that appear to have come from the World Health Organization or hospitals local to their area, but actually introduce keyloggers into their systems.
• Those involved in the medical supply chain have been targeted with emails referencing the coronavirus that install malware to steal information.
• Ransomware has been introduced into consumer systems by promising recipients of an email information about COVID-19’s spread.

While the current climate may not make it easy, these emails and other threat vectors can be overcome through the same best practices that foil other cyberthreats. In addition to comprehensive digital protections, training your employees to spot these threats will be crucial.

Of course, you should also maintain a comprehensive backup in case you need to recover from a successful attack.

How to Maintain Productivity with Your Team at Home

With today’s technology, sending an employee home sick doesn’t necessarily mean that you will be sacrificing that employee’s productivity. We now have many ways that your team can work effectively from home, still contributing to your organizational agenda without exposing their coworkers to their illness.

Equipping Your Employees

Remote access solutions, paired with virtual private networking technology, can allow your employees to securely continue their work from home, safely accessing the applications and data their tasks require through an encrypted connection. As collaboration will certainly be necessary, you will want to be sure that your employees are also equipped with the communication tools that facilitate this collaboration as well.

Network Protections

You will also want to thoroughly secure your network infrastructure to help prevent threats like phishing attacks and other methods from being successful… as well as preparing for a potential breach or emergency with data backups and disaster recovery policies and procedures (including contact information for your employees) to help mitigate a worst-case scenario.

Employee Awareness

Finally, make sure your employees are on the lookout for any suspicious activity that could be a cybercriminal’s attempt at using the coronavirus as a means to an end. Not only should your employees know how to spot these attempts; they should also know the proper procedures for reporting and handling them.

Is the coronavirus scary? At this point, it is safe to say that it is, but does it have to interrupt your business operations entirely? Not if you are properly prepared.

For more assistance in preparing your business for any kind of disaster, reach out to the professionals at MSPNetworks by calling (516) 403-9001.

What is COVID-19?

COVID-19, better known as coronavirus, is a respiratory illness that first appeared in Wuhan, China, and was reported in the United States on January 21st, 2020.

As of March 3rd, 12 states have reported 60 total cases of coronavirus and six confirmed deaths, with no vaccines or specific antiviral treatments for the illness. Symptoms of the virus include fever, shortness of breath, and a cough, while those with complications from the virus can experience pneumonia in both lungs, failure of multiple organs, and death. 

Let me ask you a question… let’s say that you’re about one year from your projected retirement, when a ransomware attack encrypts all of your files. What do you do? Pack it in and retire early? This is precisely the situation that the practitioners of Brookside ENT & Hearing Services of Battle Creek, Michigan, have found themselves in - and it may not be over yet.

What Happened to Brookside ENT?

Typical of a ransomware attack, the malware began by deleting and overwriting all of the practice’s data - every medical record, bill, and upcoming appointment. A duplicate of each file was left behind, locked behind a password that the person or persons responsible promised to provide in exchange for a $6,500 wire transfer.

Under the advisement of an “IT guy,” Dr. William Scalf and Michigan state senator Dr. John Bizon didn’t pay the ransom, as they couldn’t be sure that the password would even work, or that the ransomware wouldn’t return in the near future. As their IT resource determined that the attacker hadn’t actually viewed any of the records, this event technically didn’t need to be reported as a breach under the Health Insurance Portability and Accountability Act (HIPAA). Nevertheless, without access to this data, the physicians saw little choice than to retire early.

Well, kind of. As they had no means of knowing who had an appointment scheduled, the physicians had little choice than to wait around the office for a few weeks and see whomever showed up.

Why Throwing in the Towel May Not Be Enough

From a purely academic point of view, it only makes sense that the medical industry would be one targeted by ransomware. Not only do its establishments rely greatly on the data they have stored, there is an urgency to this reliance that cannot be denied. Think about the possible ramifications if a medical practitioner was unable to properly diagnose a patient and recommend treatment because of some unavailable data.

Of course, the strategy that Brookside ENT has adopted to close up shop doesn’t leave its owners off the hook, either. They could still find themselves in plenty of regulatory hot water.

For instance, a ransomware attack (paid or not) could be considered a reportable incident under HIPAA, or even an instigation of a negligence-based legal action. Any patient could invoke HIPAA rules if their data was in digital form and have an investigation started by the Department of Health and Human Services’ Office of Civil Rights, simply by leaving a complaint.

How You Can Protect Your Business from Ransomware

While the best way to keep your business safe is to be able to spot ransomware infection attempts before they successfully fool you into allowing them on your system, statistically, you aren’t going to be able to spot all of them… so what can you do?

One great resource you have available to you is your team. Each uneducated user offers ransomware another way in, but each educated user is another shield to help protect your business.

You should also develop and maintain a comprehensive backup plan to help protect your data from ransomware attacks and other attempts against it. While it would be ideal to not need to use this backup, it would be far less ideal to need one and not have it. Make sure that you keep your backup isolated from the rest of your network as well, so that your backup isn’t also encrypted by a ransomware attack.

At MSPNetworks, we have plenty of experience in mitigating the damage that ransomware can cause, as well as in solving various other IT issues. For assistance with any of your business’ IT needs, reach out to us at (516) 403-9001.

With data looked on as more of an asset than ever organizations are finding that their data backup and recovery system needs to be comprehensive. By knowing more about backup and recovery, you stand to be able to plan the solution to meet your company’s needs. Today, we will look at the different types of data backup and introduce you to four terms you need to understand.

The Types of Backup
There are various types of backup that anyone looking to come up with a backup strategy should know. They include:

• Full backup - A method of backup where all selected files are backed up in their entirety. Typically, the first backup taken for any backup solution. Since it is a comprehensive backup of all selected files, it will take more time than other types of backup. If a full backup is the method of backup your organization chooses, backups will typically be done after business hours as long wait times will likely cause downtime.
• Differential backup - A method of backup that just backs up the changes made to data. While this allows for significantly faster backups, it makes for slower restores.
• Incremental backup - A method of backup that is much like the differential backup. The main difference is that the incremental backup backs up data regardless if the previous backup was a full backup or an incremental backup.
• Mirror backup - A method of backup that is a real-time duplicate of the source being backed up. In essence, total redundancy. One problem with a mirror backup is that if material is deleted by mistake, it will be deleted on the mirror backup as well. For this reason, many professional IT technicians do not consider the mirror backup to be a viable backup solution at all.

Now that you understand the types of backup, here are some other backup-related terms that you should know:

• Business continuity - As the name suggests, it is a plan that is put together by a business that will allow them to continue effective operations if hit with any number of unfortunate situations. Normally focusing on a business’ critical business functions, business continuity should be a strategy that every business prioritizes.
• Disaster recovery - As with any other security process, disaster recovery is a dedicated plan to protect your business in case of some significant data-based disaster. Anything from cyberattacks, to sabotage, to mistakes can cause major problems for your business.
• Recovery Point Objective (RPO) - As a part of a dedicated disaster recovery system, RPO is a benchmark indicating which data must be recovered for your business to resume normal business operations.
• Recovery Time Objective (RTO) - Also as a part of a disaster recovery system, RTO is the time your business needs to have its data back before the business becomes untenable. The lower the number, the faster you will need a full restore.

At MSPNetworks, we offer a comprehensive backup and disaster recovery that can keep you in the game even after the most devastating data loss incident. For more information about disaster recovery, business continuity, and data backup call our professional technicians at (516) 403-9001.