February 26, 2020

INSI Announces Partnership with Cybriant to Add Managed Security Services

Posted by Deborah Frazier in INSI Articles

INSI Announces A Partnership with Cybriant to Add Managed Security Services

Marietta, GA, 02/20/2020 – INSI, a Manage Service Provider and creator of the Customized IT Support model, today announced a strategic alliance partner with Cybriant, a leader in cybersecurity services. This partnership will allow INSI to launch a line of cyber risk management services that will allow their clients to proactively combat relevant threats from cybercriminals. Through these services, INSI is making enterprise-grade cybersecurity services attainable for all organizations.

Cyber Security Threats

Cybercriminals are using every resource available to find vulnerabilities.  Too often organizations find out what made them vulnerable after an attack. By adding the following managed services, INSI now can help clients use a preventative approach to cyber risk management. These services include:

  1. Managed SIEM with 24 x 7 security monitoring
  2. Managed Detection & Remediation
  3. Risk-based Vulnerability Management
  4. Responsive Patch Management
  5. Web Application Protection as a Service
  6. Risk Assessments
  7. Compromise Assessments
  8. Penetration Testing
  9. Incident Response & Incident Containment

INSI’s Cyber Security Commitment to Our Clients

INSI has also added consultative services that will provide a framework for architecting, constructing, and maintaining a secure business with policy and performance alignment. Clients can contact INSI for Virtual CISO, Risk Assessments, Compromise Assessments, and Penetration Testing.

“At INSI, we take our clients cybersecurity very seriously,” says Deborah Frazier, Head of Sales and Marketing for INSI and author of the book, IT Outsourcing Secrets.  “Most companies believe their Managed Service Company is providing full IT security services.  Unfortunately, they are disappointed when an event happens and they cannot recover from it.  I have seen this happen with multiple prospects over the years.”

Stephen Nowell, VP of Operations added, “The truth is, most MSPs provide basic block and tackle which includes monitoring, preventive maintenance, antivirus, and spam filtering.  Backups and Managed Security are an additional offering.”

“However, at INSI, we realized there was a big enough need to warrant 24/7 monitoring and response.  On the other hand, we also knew it would take at least fourteen cybersecurity specialists, and experienced Cyber Security leadership to provide that support.  That is why we sought out a Georgia-based reputable Cyber Security company.  This supports our goals to back the local community.” Stephen concluded.

Cybriant’s Commitment to Our Clients

“Having an effective Cyber Risk Management Service requires a vigilant effort by focused professionals,” said Bill Brown, EVP with Cybriant. “Through INSI, Cybriant can design, implement, and manage your entire cyber risk management program, or we can augment and reinforce your program where needed.

Contact INSI For Your Cyber Security Solution Today

With an increasingly dangerous cyber threat landscape looming, organizations should understand their vulnerabilities. Contact INSI by going to INSI to increase your cyber resilience.

About INSI

Since 1995, INSI has been providing IT support to small- and medium-sized businesses (SMBs) in both Georgia and Alabama.  They offer Managed Services and their own unique INSI Customized IT™ package.  Also, their unique tiered structure allows clients to choose the exact services they want while reducing 80% of their cost on IT support tickets.  Additional services include hosting, disaster recovery, managed security, and unified communications. For more information, go to INSI.net.

About Cybriant

Cybriant assists companies in making informed business decisions along with sustaining effectiveness in the design, operation, and monitoring of their cyber risk management programs. We deliver a comprehensive and customizable set of strategic and managed cybersecurity services. These services include Risk Assessments, vCISO, 24/7 Managed SIEM with LIVE Monitoring and Analysis, 24/7 MDR, 24/7 Real-Time Vulnerability Scanning with Patch Management. We make enterprise-grade cybersecurity strategy and tactics accessible to businesses of all sizes. Find out more at https://www.cybriant.com.

February 19, 2020

Why Your MSP’s Ticketing System is Vital to Your Organization!

Posted by Deborah Frazier in INSI Articles

Your MSP ticketing system

Your MSP ticketing system allows the MSP to take your IT support to the next level! Let’s face it.  Technology has forced companies to move at such a rapid pace that it is impossible to keep up without technology.  As a result, we have to do more than ever before in a shorter period of time. Undoubtedly, the expectations in both work and private life are at an all-time high.

Indeed, customers expect an instantaneous response – immediate support. Not only put do they put this pressure on themselves, but they also expect the same from everyone that serves them. Without a doubt, I don’t think anyone is feeling the pressure more than MSPs.

The Pressure of a Managed Service Provider (MSP) to Perform

Imagine tracking all of your customer requests and orders manually.  Likely, you would realize that rather quickly you need a system to track it.  Similarly, that is what a ticketing system does – only on a granular scale.

Above all, a ticketing system helps the MSP be more efficient and maintain control over thousands of tickets.  In particular, it tracks hundreds of metrics and ensures the systems and processes are working efficiently and effectively.

What Does the Ticketing System Measure?

Ticketing systems measure the key performance indicators (KPIs) against industry benchmarks. As a result, KPIs can help a company determine policies and standardization for continuous improvement.

Some of the more common KPIs measured in IT include:

  1. Ticket resolution time
  2. Response time
  3. Timeslip lag
  4. Average wait time
  5. Peak times
  6. Abandoned call detail
  7. High volume users
  8. Incident source – web, email, or phone
  9. Escalation frequency
  10. Meantime to resolution

Yet, an MSP must have a powerful ticketing system if they are to support hundreds or thousands of client environments across multiple industries.

Why Is It So Important?

In general, IT departments that do not have a strong ticketing system are inefficient at best.  For instance, I have worked with a lot of companies that had an internal IT department. Many times, their ticketing system couldn’t even produce the most basic report, such as:

  1. How many calls per month?
  2. Peak times
  3. Most common types of issues?

This basic information would allow me to determine the maturity level of the organization, how I could help them, the type of work I could expect, and how to staff appropriately.

Now imagine if an MSP ticketing system was just as limited, which many are; how could they improve the delivery for you?  Therefore, it is vital that you make sure the provider has invested in the right tools to sufficiently service your account.

Going the Cheap Route

Many MSPs start with a single engineer who has gone out on his/her own.  Unfortunately, it can take several years before an MSP is profitable enough to do things the right way. As a result, many small MSPs can’t afford a quality ticketing system because it is expensive to license, set up, and maintain. Therefore, they go with a cheaper option and lose all efficiencies in the process.

(Note: This is a very good reason you shouldn’t follow your favorite IT guy when he goes independent. You will lose service quality.)

Why should you pay the same hourly rate for an MSP who does not have the right tools?  Rather, wouldn’t it be best to hire a company that has invested wisely in their technology to service you?

My best recommendation for you is to make sure the system they use can track the information mentioned above so they can continuously improve their performance to you and their other clients.

Best MSP Ticketing Systems on the Market

There are several ticketing systems on the market specifically designed for MSPs.  Accordingly, they range from free to thousands of dollars in licensing annually.  Consequently, the free ones not only lack security, but they also do not have the necessary reporting capabilities to continuously improve their own performance. In contrast, the more expensive ones have all the bells and whistles, including monitoring software and asset tagging.

After reviewing multiple ticketing platforms INSI chose ConnectWise.  We feel ConnectWise does the best job of eliminating time-intensive and repetitive maintenance tasks.  Further, we found it to be the cleanest and most and intuitive ticketing system on the market.  Last, this platform provides a full solution with both asset tracking and remote management monitoring.  Most important, we can allow our clients with internal IT people to use the system on their accounts!

Do You Want to Know More About Ticketing Systems?

If you would like to know more about MSP Ticketing Systems and how it affects you, visit Amazon or Barnes & Noble for a copy of the book IT Outsourcing Secrets – A Small Business Guide to Comparing IT Support Companies.

 

February 12, 2020

Why Is IT Preventive Maintenance So Important?

Posted by Deborah Frazier in INSI Articles

First – What is Preventive Maintenance (PM)?

Preventive Maintenance is a quarterly or semi-annual planned network checkup.   Moreover, it ensures everything on your network is running safely and properly.  Subsequently, things like this are what make the difference between a good MSP and a break/fix shop.

The best thing about PMs is that they equip the provider to identify issues that may occur over the next 3-6 months before your next checkup. Then, if work is required, they will alert you with any hardware/software cost and estimated time to resolve the issue.  Further, they take this time to perform updates and patches to keep your system safe and running smoothly.

What Are The Benefits of a Good Maintenance Program?

There is one thing for certain when it comes to technology: things go wrong.  Strange things too.  Setting and configurations change.  The backups and monitoring stop working.  These things often manifest themselves during the worst possible times.  Yet, PMs will definitely decrease your downtime by providing a more secure, efficient, and reliable way to keep your network healthy.

What Does Preventive Maintenance Include?

So, what should be included in your network PM plan?  At INSI we check the following:

  1. Documentation – keep all documentation on the network up to date.
  2. Backups – make sure your backups are working properly.
  3. Updates & Patches – performed on both applications and operating systems.
  4. Cable Checks – check cabling and fiber to ensure it is not degraded.
  5. Errors – review the logs and check the hardware for potential failure in the near future.
  6. Network Utilization – Check devices for network utilization or any network communication errors.
  7. User Accounts – make sure employees who have left the company have been deleted and verify all administrator access on the network.
  8. Disk Usage – Check drive space and recommend changes.
  9. Monitoring Tools – make sure daily reporting is working properly.
  10. System Security – make sure your security setting and configuration are correct and working.
  11. Expiration – Check and verify expiration on hardware warranties, DNS name registration, and vendor software agreements.
  12. Password Policy – Verify password complexity and expiration is enabled on accounts.

 The IT World Without PM Due Diligence

Alternatively, imagine you had a major ransomware attack your system.  In the perfect world, your MSP would simply roll back time to the last backup.  As a result, you might miss a few hours, or days, depending on your backup frequency, but you will recover.

On the other hand, what happens if you find out your backups weren’t working at all?  Without a doubt, you would have to pay the ransomware.  In addition, the virus in this scenario likely came from unpatched Microsoft Windows 7 systems.

This was just one example of how PMs keep your system safe and secure.  However, multiple stories can be told.

Why Would My Provider Skip Preventive Maintenance?

Unfortunately, many providers will not include this in their package because it is time-consuming and not billable.  Billable is king when it comes to managed services providers.  A solid preventive maintenance visit will cost them 25-60 minutes per server and 15-20 minutes per network device.  Of course, the length of time on each server depends on the application.  In addition, they have to write up their findings which are variable.  Therefore, when all is said and done, this can get pretty costly for the provider.  Also, keep in mind, this is a non-billable cost every 3-6 months depending on the contract terms.

Engineers have other reasons to skip this step.  If they are held to high billable time, this is a very easy target to simply fill out the paperwork without doing the work.

How Do You Know if PMs Are Being Performed?

All server PMs are scheduled onsite. This visit allows the IT Support Company to perform all maintenance that could not be done remotely as well as provide them the opportunity to review their findings face-to-face.  Consider it a red flag if you don’t see them.

INSI’s Preventive Maintenance Promise!

INSI believes PMs are absolutely necessary to support our clients.  When we prevent problems from happening, we have longer tenure with our clients, established trust, and fewer catastrophes.  Further, we do not hold our engineers to a billable time incentive plan.  Rather, they are measured by doing what is best for the client.  PMs certainly fall into that category!

Do You Want More Information on Preventive Maintenance?

If you would like to know more about Preventive Maintenance and how it affects you, visit Amazon or Barnes & Noble for a copy of the book IT Outsourcing Secrets – A Small Business Guide to Comparing IT Support Companies.

 

January 22, 2020

How To Protect Your Company Data From Phishing!

Posted by Deborah Frazier in "How To" Articles

What is Phishing Email?

A phishing email is a general term for an email that requests you to click a link, open a document, or provide personal/corporate information.  The results of a successful phishing attack could mean stolen identities or credit card information, compromised passwords, malware infection (including ransomware), and various other problems.

How Do You Avoid Becoming a Phishing Victim?

INSI offers many useful tools to help protect your company from phishing, such as spam filters, antivirus software, firewalls, and data backups.  All of these tools are critical in the defense against phishing.  However, these resources alone cannot prevent all attempts from reaching users.  Ultimately, everyone must be educated and vigilant!

What to Look for in an Email?

Your end-users must be trained and tested on how to identify phishing emails.  Following are the most common clues:

Unclear Heading:

  • Make sure you know the sender.  Also, ensure that the sender’s name matches their email address.
  • Be wary when the subject is not clear.  Usually, phishing emails are known to have oddities in the subject lines.
  • Check to see who the greeting is directed toward.  A generic greeting is a sign of phishing.

Unusual Requests:

  • One of the single biggest red flags is if the email insists on urgent action.  Cyber-criminals know that panicked users will be more likely to click on a dangerous link.
  • Never click on a link that claims it will redirect you to the company website as these links can actually send you to a fake website and trick you into giving your username and password.

Inconsistent/Suspicious Content:

  • Most professional companies will review their emails so that they will not often contain spelling or grammatical mistakes.  Take another look if you see many simple errors.
  • If you know the sender, ask yourself if the language used sounds like the person you know.  Look for a writing style inconsistent with how that person usually communicates.
  • Ensure all attachments are clearly named.  Many phishing emails use obscure or generic names to pique curiosity and encourage the recipient to open the attachment.

Now Let’s Take a Look at Some Real Examples!

Phishing Example

Don’t Be Afraid to Ask the Sender!

When I am unsure if it is a phishing email, I call the person directly and ask them if they sent it to me.  Sometimes I reply to the email with the same question.  I have found people do not get offended and they are more than happy to answer this simple question.

INSI Security Package

INSI’s Security Package includes a phishing email to all your employees.  We track who clicks on the email to determine who needs additional training on cybersecurity.  This package also includes a security audit, network security vulnerability assessment, semi-annual security check, biannual penetration test, quarterly security checks, staff training, antivirus monitoring, web content filtering, web protection, spam protection, and 24X7X365 monitoring and response.

We have multiple other managed security options available to meet all your needs.

When In Doubt – Let Us Know

This post is part of the INSI Awareness Campaign that is designed to keep our clients protected and informed.  If you are concerned about a phishing email, please do not hesitate to contact our helpdesk at 770-387-2424 before opening it.  Our engineers are more than happy to check it out and make sure it is safe.  After all, we are here to serve you!

 

By: Brandon Schultz & Deborah Frazier

November 11, 2019

Microsoft End of Life Products #1 Culprit for 2020 Security Breaches

Posted by Deborah Frazier in INSI Articles, Uncategorized

Danger: 2020 Microsoft End of Life Products

In 2020 Microsoft Windows 7, Windows 8.1, Office 10, and certain versions of Windows 10 will reach the Microsoft end of life.  Likewise, in 2019 60% of all hacks were a result of unapplied patches according to ServiceNow.  As a result, this combination greatly increases the SMBs risk of being hacked.  For instance, there will be no new:

  • security updates
  • non-security updates
  • free or paid assisted support options
  • online technical content.

Accordingly, Microsoft end of life products creates an open playground for hackers.   I expect them to exploit these vulnerabilities and we will see a huge increase in security breaches in 2020.  For this reason, it is most dangerous for SMB because they are notorious for holding on to Microsoft end of life products.

Microsoft End of Life Financial Cost

Security threats have been on the rise over the past five years.  Add to that unsupported Microsoft end of life products, and you have absolute chaos.  As a result, once a hacker finds a vulnerability, they quickly embed themselves in the system.  First, they establish a foothold in the system.   Second, they analyze the environment.  Third, install malware.

Finally, once the hacker downloads malware on your system, they can easily collect information, intercept traffic, and scan devices. Most concerning, the average breach goes undetected for 276 days. That is nine months during which a hacker is peaking around and stealing your valuable information without your knowledge. Subsequently, you should ask yourself what type of information on your system they can exploit.  Is it intellectual property?  HR information?  Banking information?  Client information?  In the end, all these things have a monetary value.  For instance, they can keep you from accessing your information.  Moreover, they can seize your information and sell it.  Both can cause a serious financial crisis.

Steps to Protect Yourself

There are many reasons why a company will hold off on updating their software and reach Microsoft end of life.  However, there is a solution for each one.  First, some hold off due to cost.  Second, is the pain associated with change?  Third, are there compatibility issues with legacy software?

  • Cost – Cost can be a major factor in upgrading system software.  Today, you have more options than ever before.  For example, if your provider has the right connections, Office 365 can be billed out monthly.  You can also lease the software and labor installation to spread out the cost over several years.
  • Change – Downtime can be a major detriment to operations.  A mature IT organization knows how to plan for this.  Most updates can be done at night or over the weekend.  Also, a quality MSP will have an engineer readily available on the go-live date.
  • Custom Legacy Software Compatibility Issues –  Your custom software may not work with new operating systems or office products.  However, there are many affordable programs available in the market today.  Start looking at your options today.

At the end of the day, upgrading your Microsoft end of life software does not have to be hard.  If it is done right, your MSP will know the proper steps to make the transition smooth for both you and your end-users.

In conclusion, if you have Microsoft Windows 7, and Windows 8.1, Office 10, and Windows 10, it’s time to upgrade or risk being the next cybersecurity target.  INSI can help.  We can help you plan so you will never find yourself in this situation again.  Moreover, we will help prepare for the inevitable by planning for warranty expiration and end of life software products.  If you want to take control of your technology expenses, call INSI today at 770-387-2424.  A seasoned consultant will help you through the process.  Call now.

First ... 3 4 5 6 7

© INSI IT. All Rights Reserved