Category: Business Continuity Plan

5 Critical IT Services For 3PL Organizations

Posted on by Gretchen Thomas

As an IT company for Utah and Idaho small businesses, we specialize in providing IT Services for 3PL organizations (Supply Chain Logistics & Fulfillment Center). For the past four years, we have managed Elite OPS‘s network and have identified 5 critical IT services that every successful 3PL company should have.

  1. API integration to offer 100% customization
  2. Experienced personalized network management
  3. Clear WiFi coverage throughout warehouse
  4. Strategic network configuration for times of growth
  5. Business to business cybersecurity

“We are a supply chain management business in the Greater Salt Lake area and offer outsourced logistics. We would highly recommend [Integrinet IT] to any company in need of IT services.”

Elite ops

1: API integration – 100% customizable

Firstly, API Integration is one of the most critical services 3PLs should have. Elite OPS seeks to be 100% customizable to their customers. Every one of their clients has customized branding, software, and business operations. In order for their customers to manage business finances, operations, and customer relations, they use a variety of software and services. For example – their CRM software: some use Amazon Prime Seller Fulfilled, others use Magento, and still others use Oracle NetSuite to name a few. Elite OPS manages these integrations with a state-of-the-art warehouse management system. It translates the orders coming from each of these CRMs so that Elite OPS can efficiently process them.

That is to say, it takes a lot of strategy behind the scenes to allow the different network configurations and software packages to play nicely together. Incompatibilities between unique businesses with unique computer networks are inevitable. API, or Application Programming Interface, is a tool that connects two or more applications and allows them to exchange data. In other words, it enables Elite OPS and other fulfillment centers to organize the multitude of incoming orders and outgoing shipments. And that increases their productivity. If you haven’t yet taken advantage of these technology tools and want to learn more about them, here are 2 videos and one article:

“One of the greatest benefits of using API technology in a 3PL business is that APIs are capable of transmitting data back and forth across the supply chain in milliseconds, making real-time supply chain management a reality.”

Elite Ops

2: IT services for 3PL organizations require experienced personalized network management

Secondly, like most logistics companies, Elite OPS has a complex network with many moving parts:

  • 450,000 sq ft warehouse
  • Wireless Internet network (warehouse-wide)
  • Warehouse management system
  • Data center with several servers
  • Internet and WiFi
  • Switches
  • Firewall
  • Printers
  • Scales
  • Hand-held Scanners
  • Mobile devices
  • 150+ Workstations (computers, keyboards, mice, monitors)

In order for Elite OPS to get the most out of their infrastructure and warehouse management system, they need all of these components to work together seamlessly. They need them to be consistently up and running. For this reason, Integrinet IT’s service engineers work behind the scenes to manage their network. They know downtime is revenue lost and work hard to prevent it from happening.

Our engineers monitor their systems 24/7, provide onsite and remote helpdesk services, ensure their WiFi coverage is clear and consistent, back up their data regularly, and tighten their security. When we first started taking care of Elite OPS, our engineers spent months getting to know the ins and outs of their infrastructure. They created network maps to document their extensive configurations. So, when something happens (and it always will), they can more efficiently troubleshoot it.

We Provide Elite OPS with:

  • IT Consultancy
  • Onsite & Remote Services
  • Hardware Care & Procurement
  • Cybersecurity Protection
  • Email Health & Maintenance
  • Data Backup & Business Continuity
  • Personalized & Professional Pro-Action Team

If you don’t have an IT company with expert service engineers that get to know your computer network personally, you most likely are experiencing a lot of unnecessary pain.

Check out our Managed IT Services

Read about our Customized IT Solutions

3: IT services for 3PL organizations must include clear WiFi coverage throughout their entire warehouse

Thirdly, most supply chain organizations have huge warehouses to manage their customers’ inventory. Elite OPS has a 450,000 sq ft warehouse with 60 ft Ceilings. They also have huge 30 ft shelves to safely store their customers’ goods. But these shelves end up blocking WiFi signals generated from low-level access points. And while large spaces and shelving units are perfect for their fulfillment services, they always present a challenge for WiFi coverage.

When we first began services for Elite OPS a few years ago, they didn’t have WiFi coverage at all. So one of our first major projects with them was designing and building a powerful wireless network. It provides them with Internet access at every square foot of their space. Mounting several access points from the 60 ft. ceilings has enabled their teams to stay in continuous communication with their customers, their management system, and each other. We implemented tools to remotely monitor the hardware on the ceiling to keep it fine-tuned, ensuring it works with all devices. Rarely do our technical engineers need to physically get up there to service them.

If you don’t already have a powerful wireless network that reaches every square foot of your fulfillment center warehouse, you need to find a good IT company to design and build it for you.

Read more about Integrinet IT’s WiFi/Internet Solutions:

WiFi solutions for a Boise manufacturing company

Customized High-Speed Internet For Your Unique Business: Case Study

4: Strategic network configuration for times of growth

Fourthly, with the E-commerce, logistics, and distribution boom over the last year, 3PLs have experienced an intense spike in growth. While this has been an exciting journey for Elite OPS, it has given them a lot to manage. Our service engineers worked long hours to assist them with their rapid expansion of services. They recommended and installed new hardware, software, cabling, security, and WiFi system in their new Georgia warehouse.

“Since we have been with Integrinet our business has quadrupled in size and we have expanded into another state – we added an additional warehouse in Georgia. Integrinet has been with us throughout our journey and has facilitated our growth with innovative solutions every step of the way.”

Elite OPS

So, if your 3PL business is expanding exponentially, you need an experienced managed IT service provider that has already set up the infrastructure for other businesses like yours. Choosing an IT company that is familiar with your specific industry’s needs and has actual experience taking care of 3PL organizations will reduce the time it takes to set up your network and thus your costs.

Free Crash course in Office 365: How it can help you grow your business

5: IT services for 3PL organizations & business-to-business cybersecurity

And last but definitely not least is cybersecurity. As a large 3PL company, Elite OPS interacts with countless businesses. They have the responsibility to keep their confidential and proprietary data safe. With ransomware attacks on the rise, it is more important than ever to fortify your network to safeguard your business as well as your clients’ and partners’ businesses. Integrinet IT’s service engineers and remote tools are working 24/7 to secure Elite OPS’s network. We monitor their servers 24/7, ensure they have a strong backup and disaster recovery plan in place, and administer employee security training.

Additionally, we perform security patches, operating system updates, hardware drive/firmware updates, and server monitoring. Server monitoring includes weekly checks of event logs. We ensure their hard drives have plenty of disc space to store data and data backups. Our service engineers watch for alerts that signal it’s time for equipment replacement. They make recommendations to purchase new equipment before the old fails or warranties expire. This minimizes downtime and cost. In the event of a crash or hard drive failure, they are covered by their warranties and backups.

Because you do business with other businesses, you need to keep your network cyber secure. Cyber gangs are working 24/7 to hack into large and small businesses. Don’t make it easy for them. Did you know that if you are hacked, they can potentially hack into your customers’ networks through your portal as well?

If you don’t have a strong defensive cybersecurity strategy that consists of multiple layers of protection, make the move now to reach out to an experienced IT company to help you get started.

Backup Solutions Decrease the Severity of a Ransomware Attack

IT Services For 3PL Organizations

In conclusion, while we haven’t been the reason Elite OPS has been exponentially growing, we have been behind the scenes supporting and securing their network so that they can.

“It’s important that our IT network runs at peak efficiency at all times so we can keep up with the demanding process this industry requires. Integrinet IT does that for us. They have been our managed service provider since 2017. Our service engineers are the best that we have ever had. They keep us at the top of our game.”

Elite OPS

If you are a Supply Chain Logistics & Fulfillment Center and in need of IT Services, give us a call.

Utah (385) 316-7202

Idaho (208) 510-0967

Backup Solutions: Decrease the Severity of a Ransomware Attack

Posted on by Gretchen Thomas

With our Backup Solutions, we can help you decrease the severity of a cyberattack and minimize the impact on your business operations and proprietary data. Consistent off-site data backups will reduce the monetary impact of system and data recovery if a cyberattack is successful.

If you have been watching the news, you know about the recent onslaught of ransomware attacks on businesses. Due to cybergangs’ advanced strategies and widespread incidents, we highly recommend that you have an offsite backup solution. It is no longer just larger companies and billion-dollar enterprises that these gangs are targeting. They are now going after smaller companies like ours and yours.

Latest Ransomware Attacks

While cybersecurity solutions significantly increase our defenses, bad actors are out there searching 24/7 for any vulnerability they can use to penetrate our networks. Some of the most security-diligent companies have recently been attacked. There are even several local small businesses that these gangs have infiltrated.

How Cybergangs Work

When cybergangs find a vulnerability in your business’s network, they hack in, encrypt your data, and lock you out. In every file they have encrypted, instead of finding your data, you will find a .txt note that might begin like this: “Your files – photos, documents, and confidential data have been encrypted.”

The only way to recover your data is to enter a unique key that the cybercriminal gang will provide once you pay them an enormous fee – we’re talking $40K and up. If you pay, sometimes they will restore your data. Other times they won’t. And sometimes they will publish confidential files online or sell them to third parties who will use them for their own nefarious purposes.

  • REvil (also known as Sodin or Sodinokibi) is a ransomware gang that hacks into businesses’ networks and encrypts their valuable confidential data and then holds it for millions of dollars ransom. If the company doesn’t pay, the gang either permanently destroys their confidential data or publishes it online.
  • DarkSide is a cybercriminal gang that encrypts sensitive data including backups through Recovery as a service (RaaS).
  • Conti ransomware uses a double-extortion technique to encrypt data on an infected machine. Attackers from this group usually send a phishing email from an address that the unsuspecting employee trusts.

Backup Solutions: Tighter Security & Cloud Backup

After a breach, the outcome is never good, but we can help you decrease the severity of it by implementing tighter security and cloud backup solutions. If you have offsite cloud backup, you can at least recover your data without having to pay their ransom demands.

Because your current environments, quantity of data, and budget vary, the backup solutions we recommend are different. We strongly encourage you to talk to your service engineer today to identify the solution that will increase your defenses against these ruthless attacks.

Why Is Security Awareness Training Important?

Why Is Security Awareness Training Important?

Posted on by Gretchen Thomas

Malicious emails are up 600% since the onset of COVID-19 and organizations are actively searching for solutions on how best to implement security awareness training for their teams. Business Managers are struggling with the following questions as they consider implementing a plan to train their teams:

  1. How do we train our teams?
  2. What is their current awareness level?
  3. How can we motivate them to take the training seriously?

The Root Cause of Security Breaches

The root cause of security breaches is a lack of awareness. Cybercrime groups are always looking to penetrate a network through our natural weaknesses and vulnerabilities. The frequency, cost, sophistication, and size of cyberattacks have been dramatically increasing over the past few years. Human error is the number one cybersecurity threat to businesses in 2021. It was a major contributing cause in 95% of all breaches.

Phishing Email Statistics

As mentioned before, malicious phishing emails have gone up 600% in the last year. Cybercriminals choose to use this technique because they know that most companies are not yet up to speed with security awareness.

The bad news is that the statistics aren’t looking any better for 2021. The trend continues with breaches such as the Colonial Pipeline, Marriot, and Nintendo.

So, cybersecurity is a serious issue for organizations in today’s world. Unfortunately, even one small click on a link in a phishing email can lead to crippling consequences. The costs are too high to ignore. Security awareness training should be one of an organization’s highest priorities.

Call us to learn more about Security Awareness Training.

Utah: (385) 316-7202
Idaho: (208) 510-0967

Backup Solutions: Decrease the Severity of a Ransomware Attack

Customized High-Speed Internet For Your Unique Business: Case Study

Posted on by Chris Dent and Gretchen Thomas

The Need: Faster Internet Speeds

High-Speed Internet is constantly evolving. What was once cutting-edge speeds have now gone the way of all dinosaur technology. Newer technology gives businesses the highest speeds and the most reliable connections. But integrating the new solutions with your business’s infrastructure can be tricky.

One of our clients wanted faster Internet speeds to handle synchronous off-site backups and other cloud processes for three separate locations. One of their locations is in the middle of a desert. Another is in a small rural town and the last is close to a large city. Their Internet Service Provider (ISP) was a global media and technology company. They had been providing them with Broadband Internet services with maximum speeds of 150 Mbps. A few years ago these speeds were at the high end but with advancements in Broadband and Fiber Optic cabling technology, it’s now possible to get up to 1,000 to 2,000 Mbps. There are even some companies offering, on a very limited basis, up to 10,000 Mbps and more (Fastest Internet Providers 2021).

The ISP’s Proposed Solution

The ISP promised they could provide Fiber Optic Internet to all three of our client’s locations. They also included in the plan the promise of:

  • Personalized and customized project management
  • VPN tunnel between all three locations
  • Guarantee of Higher Speed Internet
  • VoIP phone system
  • Backup Internet solution during their wait-time

Problems With Setting Up High-Speed Internet

There were many problems with these proposed solutions, but our client didn’t spot them right away because they are not IT professionals. The first was bringing Fiber Optic Internet to a location in the middle of the desert. It’s starting to become more widely available but it is not yet available in such remote locations.

Additionally, their ISP’s progress in implementing any of their solutions was incredibly slow. They were unresponsive and their project management was nonexistent. Eighteen months into the project, they told our client that they couldn’t do many of the things they had promised:

  • Upgrading their desert location to Fiber Optics Internet was not a viable option.
  • They never provided the VPN tunnel.
  • VoIP phones were never installed.
  • The backup Internet solution was provided but never discontinued even after it was no longer needed so our client was paying for services they didn’t need.

Integrinet IT’s Solution

As a service engineer for Integrinet IT, I was asked to take over the management of the entire project. Because I was personally familiar with our client’s complete network and knew the ins and outs of Internet services, I understood what they needed versus what they didn’t and I understood what was possible versus what was impossible.

Discovering that many of the solutions the ISP had proposed were not attainable, I worked with them and our client to develop customized and cost-effection solutions that were.

High-Speed Internet Services In Remote Locations

Because it was impossible to get Fiber Optic Internet in the middle of the desert, I came up with a viable solution that would speed up their Internet. I upgraded their satellite Internet to faster speeds. I also discontinued their DSL connections which were costing the company an exorbitant $3K a month.

Additionally, their satellite Internet provider has its dishes on top of a couple of local mountains. A hawk made its nest on one of the dishes. Because the hawk is a protected bird, moving the nest was out of the question. It took two weeks for the provider to install another dish up there. Meanwhile, our client’s Internet was incredibly sluggish.

Consequently, I consulted with our client about backup Internet solutions for future protection. We ended up deciding to pre-order Elon Musk’s Starlink Satellite Internet. Elon Musk has been launching Starlink satellites for the last 3 years with his company SpaceX. They have nearly 1,500 satellites in orbit. It’s just starting to go live this year (SpaceX continues Starlink deployment with latest launch).

Fiber Optic Internet Services

Fiber Optic Internet was available through our client’s global ISP for their city location. I worked with them to get it set up, which was time-consuming because they were slow to respond. But now that it is up and running, our client enjoys speeds of up to 1 Gbps. There was also Fiber available in the small town but through a local provider. Instead of paying higher fees to their global ISP to piggyback on the local provider, we were able to acquire Fiber Internet directly from the local provider at a significantly lower cost.

VoIP Phone Systems

I brought in our VoIP provider who we partner with. They came in and installed everything needed in a timely manner. I also worked with our client to consolidate various redundant services. Discovering that certain lines, connections, and services were not even needed, I advised them on what was needed and what wasn’t. These efforts resulted in a savings of roughly $1K in their monthly bills.

Duplicate Charges Refunded

In regard to the backup Internet solution, I worked with their accounting department to evaluate the plethora of bills and communications from their ISP. I unearthed some costly duplicate charges. Our client had been receiving five different monthly bills, each with a different account number. These totaled over $6K a month!

I then navigated a consolidated solution, which reduced their number of bills to only two. Their total monthly cost was reduced from $6K to $2K. On top of that, they had been paying over $3K a month in duplicate Internet charges. And for that, I negotiated a refund of over $13K for the backup Internet services that should have been discontinued sooner.

IT Managed Services: Viable, Cost-Effective, Time-Saving Solutions for High-Speed Internet

In order to manage major projects like acquiring High-Speed Internet, it is much more cost-effective and time-saving to hire an IT Managed Services company that assigns your business a team of service engineers. These service engineers should oversee your entire infrastructure. They should understand the ins and outs of computer networks in general. And they should personally come to know the uniqueness of your specific network and how everything works together. It is not wise to leave the management of it up to an ISP or any other vendor because the software and hardware of various vendors are interwoven and interdependent on each other. They also may not be aware of your locations and specific limitations.

It has been a pleasure to become part of our client’s team. I have seriously enjoyed the opportunity to use my experience and education in computer technology to bring solutions that saved them time and money. Even though they have to pay for our IT Services (which, by the way, ends up being much less than hiring in-house IT staff), they ended up saving more than $24K with the elimination or consolidation of redundant and unnecessary charges, equipment, and services. And not only did they save that much money, but they also have much faster Internet connections at all of their locations and a more streamlined, secure system to boot.

Learn more about Fiber Optic Internet: What Is Fiber Optic Internet?

Why Do We Resist Updating Technology?

Posted on by Gretchen Thomas

Updating technology is a major concern for today’s businesses. Technology has rapidly developed over the last 40 years. And these days, it seems like tech companies are coming out with a new hardware or software version before we’ve even learned how to use the previous one. It sometimes feels like we are being manipulated into buying the newest fandangled devices and software features even though we don’t really need them. While it’s true that some of the new features solve real workflow issues, there are others that don’t seem to make any significant improvements.

On top of that, software updates usually outpace the need for hardware updates. There always seems to be a tradeoff when it comes to updating: If I update now, will my desktop computer, laptop, mobile phone, or tablet be able to handle it, or will I have to buy a new one?

And even with all the tech companies now offering monthly plans with “free” software updates, replacing hardware can get pretty expensive. This is why most of us resist updating our technology.

  • We don’t want to spend money on something before we actually need it.
  • We want to put to good use, for a good long time, the investment we have already made in our current technology.
  • We remember all too well how much we shelled out for it.

Plus, we like to stick with processes we know. And it’s usually not just us that have to learn the new system. Our entire staff needs to learn it too. Learning a new way of doing things initially slows down our productivity even if it later improves it. So, long story short, there are many opportunity costs to taking the time to retrain everyone.

The real reason for updating technology

The truth of the matter is, there is a balance between hanging on to the old and buying the new. That balance amounts to 3-5 years. Holding onto devices longer than five years means significantly increased issues, repairs and patches, and security vulnerabilities. This basically adds up to increased costs and slower, clunkier workflows

Here is why this is the case: Software applications are meant to interact with other software applications and hardware. And computers are designed to interact with other computers and devices. When there are incompatibilities between them, things get messed up. The result: Network Vulnerabilities. And cybercriminals are always searching for these vulnerabilities. That’s how and where they hack into our network to steal our valuable data.

Computers keep us connected

Computers connect us with the rest of the world – our clients, customers, partners, wholesalers, resources, and every other person we interact with and do business with. Because this is true, we have to keep our computer network compatible with the computer networks that belong to those people.

It is also the hard truth that if our competitors are updating technology, and it increases their speed and decreases their delivery time, our potential customers get used to being treated that well. They will come to expect that of businesses in our industry. And they usually come to expect it of businesses in every industry. This may not be a pretty picture, but it is the way it is. We all know it because we also play the consumer role in many of our relationships.

So, the bottom line is that we all are reliant on each other for personal and business relationships. We do a lot of interacting and communicating through technology. This is especially true in business. We conduct most business transactions over computers, phones, email, and the Internet. Speed and quality of communication and delivery are highly dependent on our level of technology. To achieve a high level of efficiency, it’s important that our hardware and software remain compatible with each other’s. Incompatibilities slow and break down the lines of communication. They also create vulnerabilities in networks.

Read about how communication increases net profit: Business Communication Increases Net Profit

Signs: Is it time to update technology?

Many of us (myself included – proud owner of an iPhone 7) avoid updating because we like to keep it simple and we don’t like to make purchasing decisions based on the latest craze. But now that we know that updating isn’t about that, we can make smarter decisions. (After writing this, I think I’m going to update to the iPhone 12 or maybe wait for the 13 coming out in September.)

There are actually signs we can watch for that indicate it is time to update technology. Three to five years is still a sizeable window. And four to five years is usually pushing it. Within this window of time, it would be good to know when our hardware is getting to what they call “End-of-Life” or EOL. When hardware or software reaches EOL, it means that the companies that design them stop making the parts and security patches for them. And again, most software companies now offer monthly plans which provide automated updates. So, our real concern is when to replace our desktop computers, laptops, tablets, smartphones, and other network devices.

The signs to watch for

  • The device is regularly running out of storage.
  • Updates cause your computer to have increasingly more issues (e.g., white, black, blue, green screens of death, colored stripes in places they shouldn’t be).
  • There are strange lovely noises coming from your computer.
  • You can’t even install the updates for your critical software.

Because we’re all on this ride together, we need to keep our technology current. So, hang on to your technology for the full three years before replacing it if everything is working fine. In years four through five, be extra vigilant in watching for the signs. Incorporate the necessary technology updates into your budget. One idea is to replace a percentage of your devices each year so you don’t have to replace everything at once.

If you need help with monitoring your software and hardware, choosing good machines, and keeping them fully functional within their life spans, give us a call: Idaho (208) 510-0967 or Utah (385) 316-7202.

Read more about the signs you need to watch out for: How Long Do Computers Last? 10 Signs You Need a New One

Microsoft Exchange Server Zero-Day Exploit: Update Now!

Posted on by Gretchen Thomas

Starting in early January 2021, another pandemic in the form of a zero-day exploit has been taking advantage of on-premise installations of Microsoft Exchange Server. Threat actors have been attacking business networks around the world as quickly as COVID-19 attacked our global health.

What is a zero-day exploit?

A zero-day exploit is when attackers find an unknown vulnerability in software or hardware and then leverage it before security teams detect it and create a defensive patch. It goes unnoticed until attackers send their ransom note.

In this recent zero-day exploit, attackers searched for and found vulnerabilities in Microsoft Exchange Servers that many businesses use on-premise. The attackers exploited these vulnerabilities to access emails and obtain long-term access to business networks. Once inside a network, they withdrew valuable data and stored it in their own cloud servers.

The four flaws in Microsoft Exchange Server

CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, and CVE-2021-27065

Stealing Passwords & Searching for Vulnerabilities

Cyber attackers usually get into networks by stealing passwords. But they sometimes get in by searching for vulnerabilities as in the case of this zero-day exploit. Firewalls and antivirus software don’t detect the infiltrators because they basically steal the digital identity of someone who should have access. They can then create remote access to control the server and steal data from the company’s network.

Their end goal is to steal information. They scramble the organization’s valuable data so they can no longer access it. Then they use it for ransom. They may even destroy the network and data permanently.

National cybersecurity groups suspect a Chinese nation-state group, Hafnium, to be the source of these attacks. Microsoft engineers worked 24/7 to create the needed patches. They used out-of-band emergency patches. Out-of-band patches are fixes created and sent out immediately instead of waiting for the next scheduled update to issue them to the public. This means that Microsoft considered this threat to be very dangerous. All businesses should apply the update ASAP.

Hafnium’s Attack on Microsoft Exchange Server

Hafnium rents servers in the US even though the individuals themselves are based in China. They usually target organizations in the United States such as medical research organizations, law firms, universities, DoD contractors, and non-government organizations.

Even though this group is responsible for the initial exploits, there are many other bad actors that are moving in like vultures to take advantage of the situation.

Security Patches – Shields Up!

IT companies around the globe have been moving as quickly as possible to apply the updates and protect their clients.

The government department in charge of homeland cybersecurity reported worldwide exploitations. They have ordered all businesses and other organizations to apply Microsoft’s patches or disconnect email servers that are at risk. The direction has been to treat all organizations as if they have been compromised. If IT companies can’t find signs of the infiltration, they should disconnect the Exchange Server and rebuild it. Additionally, organizations should install and run security updates as an administrator as opposed to running them in normal mode. If you have made the mistake of doing this in normal mode, Outlook (for those who access it through their browser) and the Exchange Control Panel may stop functioning properly.

It has been a busy few months for our cybersecurity teams as well as others around the world.

One of the most important ways you can protect your technology is to keep it updated with patches and newer versions. This applies to all your computers, devices, machines, software, and servers. If you don’t keep them updated your vulnerability to cyberattacks increases.

Usually, Microsoft doesn’t provide patches for older versions of Exchange because businesses are responsible for keeping their technology patched and updated. But because of these global attacks, Microsoft has worked tirelessly to create more patches to protect those that still had older versions.

Give us a call if you need our help.

Read more about what’s been going on:

Emergency patch addresses MS Exchange Server zero-days

Mysterious Hades ransomware striking ‘big game’ enterprises

Microsoft Exchange attacks: Now Microsoft rushes out a patch for older versions of Exchange

What is a Zero-Day Exploit?

Is Your Business Network Vulnerable?

Posted on by David Rucker and Gretchen Thomas

Is my business network vulnerable? That’s a question that keeps many business owners awake at night. Penetration tests for business networks often show that a network is most vulnerable from the inside. For example, it is not unusual when people write down their passwords and put them on their desks. I see it all the time.

Awareness of Local Exploitation

It’s important to be aware of the fact that there are vulnerabilities that can be exploited locally by individuals with the intent to steal data or cripple a business. Some might pose as a repairman or janitor. Some might be dumpster diving searching for information like account numbers, contact names, and numbers. And they want to breach your business to access your data.

The Value of Your Data

Your company’s data is the meat on the bones. It’s the most vital part of your business. Everything but the data can be replaced. So, if hackers can access your network and take your data, that can be devastating to your business. Too many businesses don’t realize how crucial it is to have their servers and networking equipment physically secure with a locked door or cabinet.

My Experience with Business Network Vulnerability

In my previous experience, I performed work for a large business that worked with sensitive, protected data. I brought it to the attention of management that the building’s network had a physically exposed element that could have been exploited by a hacker posing as a repairman or janitor.

This is why I continue to encourage the clients I work with to secure their network.

The following article (and video) is a great resource to understand how businesses can increase their network security. In non-techy language, it explains the most common network vulnerabilities. It even includes things like shoulder surfing, tailgating, and dumpster diving.

Read the full article: Common Types Of Network Security Vulnerabilities In 2020

At Least Put a Lock on the Door

The above article says businesses should have biometric authentication (fingerprint or face recognition) and access cards to protect servers. While I agree with this one-hundred percent, it is better than nothing to at least have a lock on the door and managers holding the keys.

A Firewall Is Critical for Business Security

Posted on by Fred Bauerfeld

Having a reliable firewall is extremely important in today’s environment. In the first half of 2019, 59% of MSPs reported Ransomware attacks on the companies they managed, according to a recent Datto Survey. The average ransom is $5,700. That is up 37% from the year before. You can see how essential it is to protect your server.

You must keep your guard up to keep nefarious actors out of your network. Your guard is your firewall. It protects your servers and infrastructure. There are many on the market and most are pretty good. Some last for years.

Keep Your Firewall Up to Date 

Keeping up with the latest technology is the best way to know which firewall to choose for your company. When researching, it’s important to know what you are doing because it can get pretty technical. Read the reviews and shop according to your budget. You should consider not only the purchase price but also the yearly services and support costs. Some businesses like the DIY option, but others prefer consulting with an IT Service company.

Fight Viruses & Hacking Exploits Floating Around in the Wild 

Maintaining a service subscription for your firewall will keep it up to date, which keeps your business safe from viruses and hacking exploits floating around in the wild. When you keep your subscription current, it will update your firewall with the latest version of firmware. Firmware is the software that runs the components in the firewall device and the software that runs it.

Prevent Business Operations Disruptions 

Support for your firewall allow you to call the manufacturer and talk to them about setup and repairs. If it has issues and you don’t have anyone who can log in and repair it, your Internet will go down. That disrupts your business operations, whether you’re working in the office or from home. This is happening more often than it should these days.

When Your Firewall Gets Too Old 

Your firewall is a critical piece of equipment. Keeping its support up to date is very important. Firewall companies only offer support for a certain period of time. After that period ends, you need to renew it. When the device gets too old, the manufacturer will no longer sell support for it. Once it fails, you will need to purchase a new one.

Without A Firewall for 30 Minutes – 699 Attacks 

Shipping times for new firewalls vary. You might have to wait for up to 3 days. That is a long time to go unprotected. We once tested what would happen to an Exchange server on the internet. It was password protected but had no firewall guard. Within 30 minutes, it was attacked 699 times by someone who was trying to hack through the passwords.

Understanding the importance of a firewall is paramount for a small business. If managed right, it will keep your confidential data safe from harm. We’re here to help you with that. Please give us a call to assess the state of your firewall. (844) 400-0616

Learn more about the Cybersecurity we offer!

Datto’s Global State of the Channel Ransomware Report 

Disaster Recovery Plan: 8 Points to Consider

Posted on by Fred Bauerfeld

With Covid-19 gripping many businesses around the world, we’re receiving a crash course in the importance of a Disaster Recovery Plan. Within a matter of weeks, we went from a free-flowing economy with no real work restrictions to a suffocating lockdown. Over the summer we experienced a glimmer of hope when the economy slowly opened back up. But flu season has descended upon us and cases have started increasing again. We’re now facing the possibility of another lockdown. Some companies are prepared, but others are not. 

Natural Disasters & Other Random Events

The pandemic isn’t the only disaster that can affect business continuity. Have you thought through the wider variety of disasters that could hit your company? The following situations can happen to any business:

  • Servers crash and systems go down
  • Sprinkler systems malfunction and water intrusion ruins computers, printers, or other business devices
  • Severe storm weather knocks out the power, and the power company takes a few days to repair it
  • A thief breaks in and steals your equipment
  • Construction crews accidentally cut the power to your office and you’re down until they can repair it

Those Who Fail to Plan, Plan to Fail 

Do you have a recovery plan if any of these disasters hit your office? The best way to prepare is to create a plan that is customized to your company. Customized plans are better than a one-size-fits-all approach. Every company is unique. Each has critical business operations that need to be accounted for in the event of a disaster. A good IT Service Company can help you explore the questions and answers relevant to your business.

8 points to consider for your disaster recovery plan

Risk Analysis

What are your critical operations? Prioritize them so you know which to address first in the case of an emergency.

Recovery Time

Timewise, how much wiggle room does your company have before all hell breaks loose? Know your maximum downtime.

Compliance

Does your recovery plan meet with PCI, HIPPA, or other compliance rules you have to follow?

Disaster Recovery Team

Does everyone in the office know who will have the authority to make the decisions when in an emergency? Who are the go-to people when disaster strikes? This all should be decided in your disaster recovery plan.

Critical Information

Keep critical information like primary contacts and account numbers available in a safe place. When computers and other electronic devices go down or you can’t work from your office, how will you access this critical information? Think cloud backups.

Communication Plan

How will you communicate if your office computers and phones go down? Do you have a list of employee cell phone numbers available, so communication is not completely cut off?

Working from Home

If you and your employees can’t come to the office for an extended period of time, where can you temporarily set up your workstations? What technical support will you need to make this happen safely and effectively? An important part of a disaster recovery plan is having the process and technology in place for employees to work from home beforehand.

Review Your Plan

Employees come and go. Business roles, contact information, and accounts change. Review your plan regularly. Are employees who are named in the plan still with the company? Are account numbers and contact information current?

Business continuity is about maintaining critical business operations even when faced with long-term interruptions. Most of us were caught off guard when COVID-19 hit. We have faced this disaster for the past 10 months. We’re now wide awake and a little wiser.

We don’t know how long we will have to do business in this locked-down economy. We’re unsure if it will get worse. We can’t be certain when other random disasters will hit. But we can increase confidence and security by creating a solid disaster recovery plan. This is the best solution to reduce risk, data loss, and network downtime.

Integrinet IT can help you develop a customized disaster recovery plan for your business.