Online Payment
image description

tech blogging > our corner of the web

tech blogging >

Creating a Cost Effective IT Strategy :: Top 3 IT Services You Need

Tuesday, August 01, 2017
Implementing a cost effective IT strategy will benefit your business in countless ways. For starters, it gives your employees the productivity tools they need to be successful, keeps employees educated on IT security, and keeps your business protected against security threats - inside and outside your network. The big question is, where do you begin? We've taken the guesswork out of it by laying out the services you need to build a foundation that supports your critical business applications.

What are the “must have” IT services?

SECURITY PROTECTION: You need protection from outside and inside sources to keep all devices safe. Email phishing and wire fraud are real threats that can be very costly; and ransomware is the leading risk for data loss and corruption. To avoid these headaches, executing an appropriate security solution is key.
1. Educate your staff – train employees on how to detect threats and phishing emails, use strong passwords, and always secure devices with a PIN
2. Purchase a cloud-managed firewall with integrated threat prevention
3. Use a layered security solution that protects all devices
4. Encrypt your drives and keep your systems up to date
5. Ensure your solution is actively monitored with reporting options that show your current security risk level
Pro tip when purchasing a security solution:

Always buy software that is user-based versus device-based. A user-based license can be used on multiple devices so that your employees are protected on every device they use.

DATA BACKUPS: Part of a great security policy is an even better data backup policy. Don’t keep your most valuable asset – your data – in one location. Implement a cloud-based backup and disaster recovery service that will provide in-house data backup and restore capabilities. It’s also important to confirm your backup solution is being actively monitored and you receive easy-to-understand status reports. Always regularly test your backups.
A properly configured backup solution should always:
1. Protect against accidental deletion, system failure, and Ransomware
2. Allow your business to keep running in the event of a loss
3. Encrypt the backups to prevent data theft
4. Follow or exceed the 3-2-1 rule - have at least 3 copies of your data, 2 of which are local and on different mediums and 1 copy that is stored offsite
Pro tip when purchasing a backup solution:
Tell your IT provider: “I want a backup solution that protects all my systems and data, regardless of where they are”. Also, make sure that you establish how often you want your data backed up and that the backup solution is compatible with your in-house infrastructure.

EMAIL SOLUTION: Everyone uses email but what about security and collaboration? Employees are working from everywhere and teams still need to come together to get stuff done. Your e-mail solution must allow you to securely communicate with your staff and customers from any device at any time.
1. Use a cloud-based email solution for the highest security, most features, and most cost savings. Moving from in-house email to Office 365 saves up to 90% in admin and maintenance costs.
2. Take advantage of the collaboration capabilities for both internal communications and with your customers – instant messaging, document sharing, video, instant meetings, etc.
3. You don’t have to do it by yourself – work with a certified Cloud Partner for ease of administration and maintenance.
Pro tip when choosing an email service:
Make sure it has built in security, encryption, secure access from any device, multifactor authentication, the ability to set policies to control access to files, and user based pricing so that you can have the service on multiple devices.

If you have any questions, are looking for additional information, or would like to discuss your IT strategy, please reach out to our sales team or give us a call at 616.837.6930. We’re happy to be a resource to your business.

Security Awareness Webinar :: Sign Up Today

Tuesday, May 23, 2017
With all the recent news about ransomware and phishing attacks – keeping security awareness top of mind among your employees is more important now than ever before. Every single business could benefit from some additional security training and that's why we're hosting an upcoming webinar on security awareness training.
 
You’ll want to join this session if you..
- Want to avoid ransomware and phishing threats
- Need to be PCI DSS, HIPAA, SOX or GLBS compliant
- Don’t have existing security awareness training

You'll learn about the capabilities of KnowBe4’s security awareness training and why it’s so important for every business to have. The webinar will include a demo so you can see for yourself how streamlined and easy security training can be! 
 
KnowBe4-Security Awareness Webinar
Wednesday, June 28th
2:00 PM  |  Eastern Daylight Time |  1 hr
 
Register online here or email your RSVP to Kim.

*All webinar attendees will receive a FREE KnowBe4 t-shirt!
 
Feel free to forward this post to others on your team so they can log-in / dial-in from their own desktops if they'd like.

Don’t want to worry about RansomWare - Build a better backup strategy

Thursday, May 18, 2017
By Andrew Smith, Director of Technical Services

In light of the recent ransomware attack, the Internet has become as unsafe as it can be. Imagine walking down a dark alley with hundred dollar bills pasted to your clothes wondering if you would get mugged. That is how many people feel right now, and it is deserved.

Last week over 300,000 computers were held for “ransom” as they were locked by malicious activity. Obviously there are a variety of layers you should address to be safe, but in the end if you want peace of mind you should look at your backup strategy right now, this minute, no waiting.

A world map shows where computers were infected by WannaCrypt ransomware since Sunday, May 14, 2017 (as recorded by MalwareTech.com.) MalwareTech.com/Screenshot by NPR

Of course there are antivirus solutions out there, and those may work. There are a variety of network appliances that will help you avoid issues, and of course training is the biggest area most people should focus on and don’t. The reality is, someday, somehow there may be something that gets through and a backup may be your only solution. There are plenty of solutions out there, but you have to remember two things as you are navigating the world of backups. RPO and RTO.

RPO or Recovery Point Objective is simply, how much data are you willing to lose?
RTO or Recovery Time Objective is simply, how long are you willing to be down?

It seems like an easy question but as both numbers go down, cost goes up. That’s not all. If you think copying files somewhere is a backup, you're mistaken. You need a real solution, something that does not overwrite past backups. Why?

It seems we have had a few customers copying their files to the cloud, let’s say Cube for the sake of argument. They were copying because they had access to Cube, and when they were locked, guess what, Cube was locked as well. The net result is no backups.

At IT Resource we can help you find a way to back up your files using quality solutions like Datto, Veeam, and Zerto. Our skilled Solution Architects will find a price and a level of safety that is right for you and will allow you to meet your objectives. Our goal is to have customers that know things will work, because we are helping them. If, by chance, you don’t go with us, find someone who will help you be safe in this currently uncertain world and have the best backups possible to ensure your business will be here tomorrow, and the day after that. Give us a call at 616.837.6930 to get started.

Seller Beware :: Amazon Email Scam

Wednesday, May 10, 2017
By Tim Felstead, IT Consultant

People need to be careful and informed to avoid a phishing attack.

If you're like most, your email Inbox is an important part of your day. However, during the hectic pace of the business day, it can be too easy to miss a security threat staring at you from your own computer screen. Nowadays, it’s best to slow down and take a few extra minutes when going through your Inbox. Here is a case in point. I recently received an email that stated there was a balance due on my Amazon seller account and asked that I update my credit card information. I was immediately suspicious. After looking closer, I realized it was a sophisticated phishing email attempting to steal my credit card information.


As you can see, they put some effort into making this look like an official message. The email address appears to be from Amazon Seller Notifications and there’s even Copyright information at the bottom of the message. They even used good grammar on the message. Poor grammar or multiple incorrectly spelled words are the very first red flag that a message is a fraud.

So let’s break down how we can determine if a message is legitimate or not.
1. Is the email relevant to you? In this case, No I don’t have an Amazon seller account. If you get an email from a bank, store, or other online vendor and you don’t bank with that company, shop there, or have an account with them… delete the message because it’s a scam.

2. Is the sending email address complete? If you notice, the address on this email does not contain a .com on the end of the address. The senders address as listed is <seller-notification@amazon>, not <seller-notification@amazon.com>. Always check the sender's email address.

3. Will the link take you to the correct website? In the message, when I hover over the embedded link for “Seller Account information” I can see that the address is not for Amazon.com. The link is actually sending me to the URL http://vuongqucsen.com/indx.html.php?id=dGltZA0=. Not only is this not Amazon.com, it is not a secure link. A secure link is indicated by the “s” in https://. Always carefully mouse over any embedded links in a message to see where the URL will actually be taking you.

If the message seems questionable, odds are good that it is. A couple quick checks beforehand can save you hours of grief later on. If you have questions on a potential phishing scam or what to do if your network has been compromised, call our help desk at 616.837.6930.

Upcoming Webinar: Strengthen your Human Firewall

Thursday, April 27, 2017
Join us as we welcome KnowBe4 Security Awareness who will be presenting an educational webinar on strengthening your human firewall on Wednesday May 17th, 2017 at 2pm EST.

If you didn’t get a chance to join us last month, be sure to register for this upcoming security awareness webinar in May! Human error combined with increased security threats is highlighting the need for security awareness training for every business. Keeping your employees educated on security is so important and that’s why we’ve partnered with KnowBe4, the market leader for security awareness training and simulated phishing tests. 

KnowBe4 trains your entire workforce via interactive modules, and then sends out simulated phishing tests to identify the individuals who require additional training – and maintain awareness throughout your organization. Plus – this training addresses compliance requirements - whether you need to comply with PCI DSS, HIPAA, SOX or GLBS.

Invite your Security Team so that they can log-in / dial-in from their own desktops if they'd like. RSVP HERE or send an email to Kim.

IT Event: Cost Effective IT Strategies For Your Business

Monday, April 24, 2017
Join Gary Lutz as he presents Cost Effective IT Strategies for Your Business at the next GR Business Breakfast event.

Cloud-this, security-that, firewalls, backups, managed services, ransomware – STOP!  What’s all that have to do with running your business? In his discussion, he will cover:
- Straight forward IT strategies for any size business
- Questions to ask your IT staff or partner to insure you are protected
- Top 3 reports you should be getting every month

Gary will also discuss ways to raise technology discussions to the business-owner’s level, not down to the technical level to better align your IT spend to your specific business needs. We hope you can join us at this event!

Event Details
Date/Time: Tuesday, May 9 from 7:30 to 9:00am.
Location: SarahCare, 2211 East Beltline NE, Grand Rapids, MI 49525
Cost: $12 in advance or $15 at the door

Learn more and register here. 

Still Being Infected by Malware? Try Cisco Umbrella

Monday, April 03, 2017

As the workforce becomes more mobile, you have to worry about security like never before - but do you know where to start? What if there was a way to prevent certain attacks before they even entered your system? Ransomware has a lot to do with exploitation of the human element – like employees, customers, and suppliers. Attackers have many ways to initiate an attack including common malvertising and phishing methods to sophisticated thumb drive drop tactics. Bottom line, attacks are becoming more prevalent and refined and businesses need to take action to prevent it.

Luckily there's a new player in town and it's stopping malware in it's tracks. Cisco Umbrella is a layer of security that provides the first line of defense against threats on the internet wherever users go. It’s a cloud security platform built into the foundation of the internet, the first of it's kind. Using big data analytics and predictive intelligence, it will stop threats and attacks before they happen. Umbrella even blocks users from getting to phishing sites (intentional or not) – whether they are in the office or working remotely.

Industry’s first Secure Internet Gateway in the cloud
Before users connect to any destination on the internet, a Secure Internet Gateway provides the first line of defense and inspection. Core capabilities include:
- Visibility and enforcement on and off network
- Protection over all ports and protocols
- Open platform for easy integration
- Live threat intelligence
- Proxy and file inspection
- Discovery and control of SaaS

For less than $5 per user per month, Umbrella is a no-brainer for any organization, it’s a 'set it and forget it' product and requires very minimal setup. If your organization is ready to get started with Umbrella, give us a call today at 616.837-6930 or email us.

Why You Need Security Awareness Training

Wednesday, March 29, 2017
Want to know who the most vulnerable employees in your organization are? Someone's going to click on that malicious email and expose your business to a slew of threats. If you can train employees on security risks in advance you could save a lot of time, money, and hassle.

Why Security Awareness Training? Ransomware, That’s Why. Old school Security Awareness Training doesn’t hack it anymore. Today, your employees are frequently exposed to sophisticated phishing and ransomware attacks.

People are one of your most valuable assets, and one of your biggest security risks. Ransomware is all over the news and everyone knows how devastating it can be – but do you know if your employees can distinguish a real email from a phishing email? Trend Micro reported that 91% of successful data breaches started with a spear phishing attack - an email scam targeted towards a specific individual or business, intended to steal data for malicious purposes, or to install malware on a user's computer. It only takes one wrong click and many times, the most vulnerable employees are targeted.

Keeping your employees educated on security is so important and that’s why we’ve partnered with KnowBe4, the market leader for security awareness training and simulated phishing tests. KnowBe4 is recognized by industry analyst Gartner and is in the Top 20 training companies in the world.

In addition to the on-demand training, the program also lets you send simulated emails to phish your own users. You can identify the individuals who require additional training – and maintain awareness throughout your organization. The program comes with hundreds of email templates to choose from so you can continually send out emails to keep your employees alert. Plus – this training addresses compliance requirements - whether you need to comply with PCI DSS, HIPAA, SOX or GLBS, this covers it.

Features include:
- Baseline Testing
Assess the Phish-prone™ percentage of your users through a free simulated phishing attack
- Train Your Users
On-demand and interactive training with common traps, live Kevin Mitnick demos, new scenario-based Danger Zone exercises, education with ongoing security hints, and email tips
Phish Your Users
Fully automated and simulated phishing attacks, hundreds of templates with unlimited usage, and community phishing templates
- See the Results
Enterprise-strength reporting showing stats and graphs for both training and phishing, ready for management so you can see the ROI

Get your free Email Exposure Check
Get started with the free Email Exposure Check to see how many email addresses from your organization are exposed on the internet. With this one-time free service you'll receive a report containing the list of exposed addresses and where they were found within 2 business days! Click here to get started and make sure to list IT Resource as the partner name.

To get started with a complete package, give us a call at 616.837.6930.  Strengthen your human firewall and educate your employees!

Windows 10 Enterprise E3 + Enterprise Mobility Suite

Sunday, February 26, 2017

Why choose Windows 10 Enterprise E3?

Lock down your sensitive data with the most secure edition of Windows.
Protect your business with the same level of security and control used by some of the world's largest organizations. Ideal if you process sensitive data, operate in a regulated industry, are publicly listed or are planning to issue an IPO, and/or have strong inhouse R&D or IP development.

Simplify your IT with the help of a trusted partner.
Small IT staff or no IT staff at all? No problem. Let us deploy and manage, and secure your devices so you can focus on more strategic priorities - like growing your business. We'll also work with you to develop a customized device strategy tailored to the needs of your business.

All at a small business price of $7.
Per-user, per - month pricing and a pay -as-you go subscription model give you the flexibility to scale as our business needs change, purchasing access only for the employees that need it.

How can EMS make Windows 10 Enterprise E3 even better?

One user, one login.
Give your employees access to all their Microsoft services with single sign on using Azure Active Directory Premium (AAD) in EMS. They'll be happier
and more productive with just one password that doesn't require signing in again between apps.

Customize and scale your device strategy.
With Microsoft lntune in EMS, we can easily configure the features of Windows 10 Enterprise E3 at scale, across all of your users and devices, in the way that best meets the needs of your business.

Compliance made easy.
Using mobile device management tools in EMS, along with the powerful security and control features in Windows 10 Enterprise edition, we can monitor your devices, network traffic, and data integrity and provide detailed compliance reports on a regular basis.

Upgrade for FREE!
Windows 10 Enterprise E3 gives you best in class security and management with flexible, pay as you go, pricing from just $7 per user, per month. Plus, for a limited time, customers can move from Windows 7 or 8.1 to Windows 10 Pro at no additional cost! This could be a huge cost savings for your business but the offer won’t last long. Please email or call us today to get started on your free upgrade.

Small & Medium Business (SMB) Technology Solutions

Thursday, February 02, 2017

If you own a small or medium sized business you still need technology solutions that can take on your competition, and give your business the edge it needs to drive growth – all without breaking your IT budget. Our experience with highly technical, large enterprise solutions, combined with our dedication to the SMB marketplace allow us to offer enterprise-level results at a cost that even the smallest business can afford. Our SMB solutions provide customers with necessary business operations like unified communications, e-mail & messaging, virtualization, and backup solutions at a fraction of the cost of enterprise systems. Just because you are classified as a small or medium business doesn’t mean you can’t have enterprise capabilities.

COMMON SMB SERVICES
Business owners often wear many hats, and as a result you may be trying to handle the technology portion of things yourself. We understand that you need the proper solutions in place without breaking the bank, and that's where we come in. Let's talk about how we can begin saving you time and money.