Monthly Archives: December 2016
Just a few short years ago, the image of an IT department for small and medium businesses was one of Dilbert-looking technicians noodling around with Cat 5 cable and speaking in a blend of Klingon and Robot. In other words, IT seemed completely remote, complicated and inaccessible to most employees. Additionally, each new hardware and software deployment, including installing malware protection, could take weeks to manually implement across the enterprise, and rarely went smoothly.
One solution – outsourced IT – has found greater acceptance in the past few years as its benefits have become more tangible to even small businesses. It is estimated that globally, 74 percent of companies use some form of outsourced IT solution, up 25 percent from 2009.
Read further for compelling reasons why a small or medium business should consider the IT-outsourcing trend.
Moving IT off-site can save an SMB thousands of dollars per year. As most business decisions are predicated on the bottom line, this is often the main driver in the decision to migrate. Areas of savings include:
Reducing hardware expenses. Servers, storage, cabling, cooling, and datacenter square footage expense can now be on a cloud vendor’s dime, not yours.
No salary or benefits expenses for IT employees.
Potential tax savings by converting capital expenditures (servers), that depreciate slowly over time, to a monthly cost which can potentially be deducted in the current tax year.
The latest software versions – hassle-free
Outsourcing IT means software, including malware protection for endpoints, can be updated automatically by the provider. This obviates the need for a local tech to run around taking workstations offline for upgrades.
Furthermore, updating software not only unlocks newer features, but also closes exploits in older versions that might allow hacker penetration. So it’sworth exploring any platform that can make this process painless and automatic, such as a cloud service.
Focus on your business, not technical issues
Anyone who survived working in Corporate America from the 1980s onwards is familiar with the spectacle and lost productivity that accompanies the proverbial “system going down.”
When outsourcing IT to the cloud, this nightmare occurs less often as data is often distributed redundantly across many servers that are monitored constantly, leading to greater stability and uptime, and less worrying about IT matters.
Are you tiring of users continuously badgering you to get corporate network access for their mobile devices? Does your corporate management want to buy tablets for the sales team? If so, your small- to medium-sized business (SMB) needs to start proactively addressing mobile security breaches such as malware.
Modifying your existing security policies and protocols, establishing new policies and educating your mobile workforce are economically sound frontline solutions for securing your corporate enterprise and trade secrets.
Here are some tips on how to address mobile device security breaches beforethey happen:
- Establish corporate information access guidelines. It’s important to pre-determine how mobile device users will access corporate information. Will users download data to devices? Will they access the data remotely? The answer will vary from company to company, so be sure to consider your situation uniquely. If your company has to be in compliance with a regulatory body like PCI Data Security Standards (DSS) or the Health Insurance Portability and Accountability Act (HIPAA), then consult with your auditor before enabling network access to mobile devices.
- Establish device control policies. Bring Your Own Device (BYOD) can be full of benefits like saving on corporate hardware purchases and increasing productivity for your mobile workforce and SMB. However, the negatives can outweigh all those positives when a BYOD device brings malware into your network. Create a policy that governs how your corporate IT staff can gain control over a personal device, while maintaining your network security. Include information about how to keep personal information private (e.g., via a mobile device backup strategy that doesn’t touch personal data) and define corporate ownership over data and applications.
- Enforce device-level security. Both corporate-owned and personal devices should have secure passwords and screen locks; document this requirement in your mobile device policies. In addition, make sure it’s clear that both personal and corporate mobile devices maintain up-to-date corporate-approved (and preferably corporate-managed) antivirus and security software installed to guard against malware and other security risks.
- Develop and deliver mobile workforce security training. Education can be just as powerful a security tool as technology. Develop and deliver mobile workforce security training built around keeping your mobile workforce productive and prepared to be the first line of defense against malware and other security threats to their mobile devices. Spell out your corporate policies and include a participant sign-off stating that they understand and will abide by the policies.
- Determine deal breakers for your mobile device policies. In establishing mobile security policies – regardless of your industry – there are going to be deal breakers when you have to deny certain user requests.
Deal breakers might include devices not running the current version of its OS, or they may be jail broken. There should also be a defined escalation path for deal breakers so the denial can be dealt with in an official manner with reasons formally documented in your mobile device security policies.
Trojans, worms and spyware sound like elements straight from a summer blockbuster, but the kind of action/adventure they provide on your PCs, Macs, smartphones and tablets make them more like a horror movie.
By deploying effective endpoint security, you can help prevent attacks and keep your users safe from viruses and other malware, such as spear phishing and advanced persistent threats. Today’s state-of-the-art endpoint security has come a long way from its early roots in “antivirus” and has morphed into a complex suite of sophisticated protections against modern threats.
But good protection isn’t free; so, how can you save money, while still protecting your computers? Here’s how to reduce your investment….
Keeping users safe
In an ideal world, users would be perfectly security conscious. These mythical users wouldn’t:
- Click on suspicious links.
- Open file attachments emailed by criminals pretending to be their friends.
- Respond to phishing messages that appear to be from a bank.
- Disable software updates because warnings and reboots are annoying.
- Disable a security product because it slows down their PC.
- Install free software from an untrustworthy developer, because their friend “liked” it on Facebook.
Sadly, our world is less than ideal. Much, much less: A recent report said that 86 percent of U.S. businesses surveyed had lost sensitive data during the previous year.
User awareness training helps, but it isn’t sufficient. That’s why your endpoints need securing. Doing so helps prevent your users from accidentally exposing sensitive business information, such as your banking credentials, secret-sauce recipes or future product plans.
Save time and money on endpoint security
Your challenge is to protect your users while minimizing costs: How do you save time and money, while keeping your company safe?
Look for a modern endpoint security solution – not one thrown together from an old antivirus program and a fresh coat of paint.
How can you tell?
A start-of-the-art solution does the following:
- Works intelligently in the background, without bogging down the user’s computer
- Scans for malware in seconds, not hours
- Uses a reliable, built-from-the-ground-up cloud security service to identify malware, not a huge signature file that’s quickly out-of-date
- Works intelligently while offline, reconnecting with the cloud service to check changes made while disconnected
- Fixes infected PCs, if necessary, by rolling back the computer’s state to a known-good point
- Automatically monitors untrusted software executions to prevent infection
- Allows you to enforce certain policy settings, such as use of USB ports, and prevents users from disabling security features
- Doesn’t fight with competing installed products, to allow you to test it safely