Contact Us
How to Access --- Employee Portal
Apply Now
Free Quotes
Open a Support -- Ticket
IT Investments

IT Investments you should always focus on

The first questions are:

What is standing between your business’s data and hackers? What’s your plan when your on-site server fails?

When you withhold on technology and IT solutions for your business, the answers to these two questions are simple:

1) There is nothing standing between your business’s sensitive data and people who want to take advantage of that data

2) There is no redundancy plan

It happens way too often, and businesses may not focus on their technology infrastructure or security.

Avoiding security can cost them dearly in time, money, resources and clients. When it comes to investing in IT, here are three things you never want to under-invest on.

SECURITY.

Far too many businesses – from small to large, under-invest in IT security. We touch on this topic because we see it a lot. These are business owners and managers who fall into the mindset of “It won’t happen to me.” This is a dangerous line of thinking.

For small businesses, a data breach can be devastating. Not only is data compromised and potentially copied or stolen, but your clients will also immediately question whether they should trust you. There’s a good chance they end up taking their business elsewhere.

When IT security isn’t a priority and you invest in the cheapest option available, it’s like asking hackers to let themselves in. One study by the security firm Imperva found that over 50% of all Internet traffic is made by bots. Many of these bots are looking for security holes. They test websites and networks, looking for entry. If they find their way in, they can do some serious damage.

Investing in solid IT security – with an experienced team of IT specialists behind that security – can prevent that damage from ever happening in the first place. It’s not only about protecting your business assets but also protecting your clients and giving them another reason why they should trust you.

BACKUPS.

You keep all of your data on-site with no backups. It’s all stored in one central location and that’s it. This is a recipe for disaster if you get hacked, but it can be an even bigger disaster if a hard disk or server fails.

Suddenly, you find yourself unable to access client information, invoices, phone numbers – you name it. Having a backup on- site or in the cloud means everything you do has an extra layer of protection. A backup gives you the ability to restore your data should the worst-case scenario occur.

It’s even better to go a step further and have a backup for the backup. Have one on-site solution and one cloud-based solution. Even if the backup to the backup is as simple as a 4TB hard drive from Amazon, it has the potential to save your business should anything go wrong.

Of course, you also need a system in place to make sure data is being regularly and accurately updated.

Another mistake business make is buying a backup or backup service, but not making the best use out of it. For example, they simply never bother to set it up. Or it is set up but isn’t configured correctly and is not backing up data as intended – or is backing up data too infrequently to be useful.

UPDATES.

How old is your technology? Think about the hardware you’re running – and the software on that hardware. Letting your technology fall behind the times, is not good. Not only are you opening yourself up to security vulnerabilities, but you may also be operating on technology that’s no longer supported by the developers.

If the developers are no longer publishing updates or supporting the software, this is a huge security red flag that you need to update. On top of that, should you or an employee need to troubleshoot a piece of unsupported software, you may find yourself going up against walls. There might be no one to call, and if a Google search doesn’t help, you may be out of luck.

The potential headaches don’t end there. If you’re running unsupported software on shiny, new hardware, you may be voiding the warranty of that hardware (always check your warranties and the fine print of any hardware you buy).

Alternatively, if you’re trying to run brand-new software on old hardware, chances are you’re going to run into compatibility issues. That wonderful piece of software might not work, or work the way you expected it to, all because you didn’t want to update your old hardware.

Sometimes, upfront – you cannot see the security investment working to your advantage. Although, being prepared will save much more money in the long run and reduce the worry of something happening to your business.

0
Read More
Security Plan

Implement A Security Plan For Your Business

First, What is a Security Plan?

A Security Plan or System Plan documents the controls that have been selected to mitigate the risk of a system. The controls are determined by a Risk Analysis.

Assisting with the process NIST (National Institute of Standards and Technology) provides a catalog of controls with templates outlining the Cybersecurity Framework for Critical Infrastructure and Security Plan. Businesses may use the outline when creating their Security Plan.

How to Implement Your Security Plan?

1. Take an inventory of your physical and information assets (what are you protecting?).
2. Perform a risk assessment to determine what level of security is needed to protect your information assets.
3. Complete the checklist to make you aware of your security strengths and weaknesses
4. Complete an evaluation. Evaluate your findings and discuss recommendations to correct deficiencies and/or improve security with departmental administration and IT staff.
5. Develop a security plan. Create a plan with target dates for implementation.
6. Set Deadlines / Completion Dates
7. Project Management – Monitor the process from start to finish
8. Evaluate upon completion

Responsibilities for a Departmental Security Plan

  1. Inventory – IT Staff
  2. Risk Assessment – Systems Administrator
  3. Checklist – Systems Administrator
  4. Evaluation – Systems Administrator
  5. Plan – IT Staff & Systems Administrator

What does a simple IT security plan schedule look like?

Tasks Example:
  1. Draft Security Plan
  2. Submit Plan for review by other managers / outsourced IT company for this process.
  3. Edit
  4. Finalize Security Plan
  5. Submit to Board of Directors “if needed”
  6. Distribute the Plan to all Management
  7. Distribute the Plan to all Personnel
  8. Meet with Management – set dates – begin implementation
  9. Establish means to accomplish Security Tasks and events
  10. Establish Security Breach Committee
  11. Establish Proactive Security Committee
  12. Obtain and install required new equipment if needed (servers, workstations, programs, etc.)
  13. Implement new policies (ex – clean desk, remote working, etc.)
  14. Evaluate the implementation
  15. Evaluate Security Program
    1. Internal Review
    2. External Review
  16. Modify Security Program and Plan
    1. Schedule follow up meetings / audit
0
Read More
5 Things you need to know about IT Data Security

5 Things You Need To Know About Data IT Security

Over the past year, 4,149 data breaches compromised more than 4.2 billion records, shattering the previous all-time high of about 1 billion exposed records. This assessment comes from the 2016 Year End Data Breach QuickView Report.

Too many companies are failing to implement basic data IT security controls

Its extremely important that companies follow the basic data security needs. It doesn’t take a genius to realize that there remains a disconnect between the realities of the breach threat and the practicalities of defending against it. Businesses must understand the risks, and how to best protect themselves and their clients against a potential breach.

At the end of the day a Ransomware outbreak or data breach will strain the relationship between you and your clients, so you need to focus on delivering consistent, quality service and limiting the possibility of a breach.

Here are five things you definitely need to think about when it comes to IT Data Security:

  1. Always make sure your data is stored properly in an encrypted database.
  2. Develop an organization-wide data security plan
  3. Remove unnecessary data from your electronic devices and keep tabs on what data remains.
  4. Hire professionals to completely clear all electronics of unnecessary sensitive data.
  5. When upgrading or disposing of devices with sensitive data, contact a professional for physical destruction of the data-containing component of the device. Deleting files from your hard drive isn’t enough. Data can still be recovered if not correctly destroyed.

Furthermore, dealing with breaches will never be an easy task and that’s why you must protect yourself before they become an issue. Understand what data can be compromised and how. Search the internet for tips, documents and case studies. If you still feel like your business is “at-risk” call the managed IT professionals, SecurityRI.com.

Also, we can assess your network at no charge. If you need additional information regarding why to outsource your IT department, please check out our white paper on improving your security technology today.

 

 

0
Read More

Rhode Island’s Mandatory Identity Theft Protection Act

Is your business compliant with Rhode Island’s Mandatory Identity Theft Protection Act?

On June 26th, Governor Gina Raimondo signed the New Rhode Island Identity Theft Protection Act of 2015.  Although, are you aware that updated provisions have been made, and businesses must comply?

You’re probably thinking if the act applies to your business?

It does apply for anyone or entity who or that “stores, collects, processes, maintains, acquires, owns, uses, or licenses personal information about a Rhode Island resident.”  This act has no exclusions based upon an organization’s size or number of employees.

(more…)

0
Read More
Locations

Corporate Headquarters
58 Waterman Avenue - North Providence RI 02911

MA Office
26 Cedar Lane - Seekonk MA 02771

Toll Free: (888) 219-5296
Local: (401) 231-8130

Operating Live 24∙7∙365