Independent Contractors

July 22, 2020

Network Security is the Biggest Threat to Your Business Relationships!

Posted by Deborah Frazier in INSI Articles

Network Security Risks: Your Clients, Vendors, and You!

Did you know the average hacker lives on your network for 9-months before being detected?  That is 9 months of cybercriminals digging into your financials, human resources information, and intellectual property!  Further, if your business is storing, accessing, or transmitting client or patient data, you legally responsible for securing those records.  As a result, clients, prospects, and patients will now view you as a security risk for sensitive information.

History of Network Security for Small- and Medium-Sized Businesses (SMB)

In the past, managed security was unaffordable to SMBs.  However, in recent years, the cost has come down significantly.  More importantly, managed security technology has advanced tremendously.  Therefore, small- and medium-sized businesses no longer have to rely on the basic block and tackle security techniques.  Instead, they can now armor their network with the most advanced security measures.

Do Criminals Want SMB Data?

Remarkably, the average SMB CEO claims hackers are not interested in their small company.  Yet, that is exactly what makes them a great target.  According to the Ponemon Institute, 69% of targeted attacks were SMBs.  Even more daunting is the fact that 60% of SMB businesses never recover from a severe cyberattack.  Therefore, network security is a must-have for all businesses that rely on their data, regardless of size.

Are You Responsible for Your Clients’ Data?

Unfortunately, a lack of security does not just put your data at risk.  In today’s world, many businesses are trusted with sensitive information that belongs to another company.  For this reason, supply-chain network security has become a mandatory requirement for vendors who want to do business with enterprise or government entities.  Specifically, these are vendors who have access to, transmit, or store their sensitive data.

Similarly, the HITECH Act requires all covered entities (healthcare providers) to adopt Business Associate Agreements.  This can be found in the HIPAA Risk Assessment Administrative Safeguards.  In short, this rule makes the vendors equally responsible for protecting patient data.

In addition, you should also take precautions if your business captures individuals’ personal information.  Examples include:

  • Credit Card/Debit Card Information
  • Social Security Numbers
  • Phone Numbers
  • Addresses
  • Drivers License Number
  • Passwords
  • Banking Information
  • Your employees’ personal information

It is a good exercise to think through all the companies you share this information with.  Examples include telemarketers, HR companies, data analysts, etc.  Next, take precautions to ensure your vendors are safeguarding your company’s sensitive information.

Georgia State Security Breach Notification and Network Security

Interestingly, all 50 states have implemented Security Breach Notification Laws that require businesses to notify individuals when there has been a breach that involves personally identifiable information. Specifically, Georgia Security Breach Notification Law lists the types of data that make individuals most vulnerable. Additional requirements state a company “shall notify the information broker or data collector of any breach of the security of the system within 24 hours following the discovery.”

Therefore, it is not only in your best interest to perform a Risk Assessment on yourself, but also on every vendor you share sensitive information with. This is because regardless of who is at fault for the breach, your employees and clients will ultimately hold you responsible if you did not do your due diligence.

Root Cause of Most Data Breaches

Interestingly, negligent employees and contractors account for 62% of all data breaches.  Unfortunately, Ponemon Institute 2019 Global State of Network Security report states, “The biggest problem is not having the personnel to mitigate cyber risks, vulnerabilities, and attacks (77 percent of respondents). The next biggest challenges are insufficient budget (55 percent of respondents) and management having no understanding of how to protect against cyberattacks (45 percent of respondents).”  That is where INSI can help.

INSI Has Network Security Programs for SMBs

Fortunately, you do not have to go through this alone.  INSI has comprehensive Managed Security packages to help protect your sensitive data.  Examples include:

  • Security Information & Event Management (SIEM) – 24/7 real-time threat monitoring, event correlation, and incident response.
  • End-Point Managed Detection & Remediation (MDR) – The next level of anti-virus analyzes and monitors events on devices, detect threats, stops the threat, and guides you to remediation.
  • Risk Assessments – Identify strengths, weaknesses, opportunities, and threats (SWOT) to your network by using policy-based frameworks.
  • INSI Complete Security Package – includes a security audit, network security vulnerability assessment, semi-annual security check, biannual penetration test, phishing email test and training, quarterly security checks, staff training, antivirus monitoring, web content filtering, web protection, and spam protection.

Contact INSI today to find out more about our security offerings at 770-387-2424.

About INSI

Since 1995, INSI has been providing IT support to small- and medium-sized businesses (SMBs) in both Georgia and Alabama.  We offer Managed Services and our own unique INSI Customized IT™ package.  Additional services include hosting, disaster recovery, managed security and unified communications.

June 10, 2020

When To Use Independent Contractors for Business IT

Posted by Deborah Frazier in INSI Articles

Using Independent Contractors for Business IT

Independent Contractors (IC) can be useful for a number of IT projects, maintenance, and support.  However, they should not be the primary means of IT support for a company that is dependent on their technology.  A good analogy of this is a football team.   We all remember that legendary high school football game when our team was down by one touchdown.  When all seemed lost, the center snapped the perfect hike, the offensive line protected the quarterback from certain annihilation, and the running back distracted two defensive players.  Suddenly, the quarterback threw the winning pass and the kicker made the final extra point that took the team to victory.  Then, with just one point in the lead, the defense held the opposing team to prevent a comeback!  Victory!

In the same way, your business network needs a team to protect it and ensure your staff stays productive.  After all, your IT holds all the intellectual data of your business.  Every email, phone call, and document is a window into your business.  That is why it is so important to protect it from hackers, hardware failures, software glitches, and end-user mistakes.  Yet, one person does not have all it takes to protect and care for your network.  Similar to an individual trying to play all positions on the football field, they lack the people, resources, and technology to protect your network. That is why you need a mature Managed Service Provider.

Concerns of Using an Independent Contractor for IT Support in a Thriving Business

Unfortunately, Independent Contractors do not have the tools, resources, or technology to deliver the same level of support that a mature Managed Service Provider can.  Some examples of this include:

  1. Unpredictable Cost – Independent Contractors offer ad hoc services which are “pay-as-you-go.”  Due to the many issues associated with ad hoc, the risk is high and the cost can get out of hand quickly.
  2. Single Point of Failure – Sickness, vacation, full-time job offers, and even death can be devastating to your business IT if you use an independent contractor.
  3. Limited Knowledge – While you can find independent contractors who are extremely talented, there is not one IT person who knows everything that is needed to fully support a network.  Further, they typically don’t keep up on new certifications.  This results in the IC learning on your time.
  4. Lack of Documentation – It can take years to make an IT support operation successful.  For this reason, IC’s lack the robust ticketing systems, asset tagging, and business process to track the issues and assets.
  5. Low Availability – In short, one person can not be in two places at one time.  Consequently, the IC will put its more profitable clients first.
  6. Lack of Insurance – The vast majority of IC’s do not have business insurance.
  7. Insufficient Monitoring – Monitoring is essential for catching issues early on.  Yet, robust monitoring tools are not affordable for IC’s.

It’s important to ask questions surrounding these concerns when considering any outside individual for ongoing IT support.

When To Use an IC for Business IT

There are indeed times when it makes sense to use an independent contractor.  For example, it is great for companies whose needs are less than 1/4th of an hour per person per month for support.  Or, if a company has less than 5 computers.  In these cases, the companies are not highly dependent on their IT to justify daily support.  Rather their needs are sporadic and an IC is more appropriate.

Another time independent contractors are good for business is when their specific skill sets can help with strategic consulting or temporary projects.  This typically makes sense when you have an internal IT department and need outside expertise on a temporary basis.

When NOT to Use an IC for Business IT

However, when you need more than 1/4th of an hour of support per person per month, an IC won’t do.  In these cases, you are highly dependent on your IT and are likely a target of hackers.  You need the breadth/depth of experience, technology tools, and resources only a Managed Service Provider can provide.  With a mature Managed Service Provider you will get:

  1. Documentation
  2. Monitoring of Network and Desktops
  3. Tracking of Key Performance Indicators (KPI) and Continual Improvement
  4. Asset Tracking
  5. Live Network Operations Center
  6. Breadth and Depth of Multiple Engineers and Various Levels of Expertise
  7. High Availability

Trust INSI For All Your Business IT Needs!

A better alternative to Independent Contractors is INSI’s Managed Services or Customized IT™.  INSI has a tiered structure that can offer decreased rates on 80% of the IT support issues without sacrificing quality.  This is because our tiered structure allows us to charge entry-level rates for entry-level tickets, which constitutes 80% of the IT support tickets.  Further, we can manage the entire environment, fill in the gaps for an internal IT team, or we can break out the services to the client’s exact needs.  Finally, we can do all this for a fixed fee.

Do You Want To Learn More About The Difference Between “Independent Contractors” and INSIs Customized IT™?

Go here to see the various types of IT support, their pros and cons, and great questions to ask the provider on each one.

In addition, if you would like to know more about this topic and how it affects you, visit Amazon or Barnes & Noble for a copy of the book IT Outsourcing Secrets – A Small Business Guide to Comparing IT Support Companies.

© INSI IT. All Rights Reserved