Ransomware attacks target organizations around the world all the time. Irish businesses of all sizes became aware of the threat of ransomware when the HSE disclosed the devastating cyber attack on its IT infrastructure in May 2021. This post overviews what ransomware actually is and highlights five key strategies for ransomware prevention.

What is Ransomware?

Ransomware is malicious software that blocks access to devices or the data on them by encrypting files. The attackers demand that their victims pay a ransom if they want to remove the encryption and access their files again. Typically, victims find a note displayed on-screen informing them that their files are encrypted along with payment instructions for removing the encryption.

Ransomware is the most widely used method of attack for cybercriminals because it’s potentially incredibly lucrative. As evidence of how lucrative successful ransomware attacks can be, the Colonial Pipeline Company in the United States paid a $4.4 million ransom in May 2021.

Industry predictions state that ransomware attacks will target businesses every 11 seconds by the end of 2021.

Ransomware Prevention Best Practices

The ransoms demanded by hackers typically reach hundreds of thousands of Euros or even millions for SMBs. And even if you pay the hefty ransom, there’s no guarantee you’ll get all your files back. So, when it comes to these attacks, prevention is definitely better than cure.

1. Require Multifactor Authentication

Ransomware attacks often start with social engineering techniques that persuade people to reveal their login credentials to a business application or system. Once the attacker has access to a network using those credentials, they can move through the network and install malicious software that encrypts important files.

A good way to harden your network against this type of entry route is to require multifactor authentication to verify user identities. When you only require a simple set of username-password credentials to verify users and let them log in, all it takes is a persuasive phishing email to expose your entire network. This risky dependence on passwords alone is amplified in a world where employees work remotely and often access resources from their laptops using Remote Desktop Protocol connections.

Multifactor authentication (MFA) requires users to provide an extra type of evidence along with their username-password combination before they can access a system or resource. A username-password pair counts as something users know. The point of MFA is to use another category of evidence to mitigate the risk of password theft.

A good alternative type of evidence to require is something the user has, such as a USB security token that generates one-time PIN codes. Another type of category favoured by some companies is something the user is, which typically means using biometric data like a fingerprint or facial recognition scan.

2. Have a Backup and Disaster Recovery Plan

A big pain point of successful ransomware attacks is not having access to important files, systems, or servers. A solid backup and disaster recovery plan can prevent these issues from arising.

With a recent backup in place, even if someone manages to encrypt the data with ransomware, you can restore it without needing to pay the ransom. A disaster recovery plan can implement failover solutions so that operational disruption is minimal. For example, if key business services or applications get taken down due to a server being encrypted, your disaster recovery plan can kick in and you can resume those services using cloud infrastructure.

The use of backups has been so successful that some cybercrime groups have evolved their ransomware to use a technique known as double-extortion. The use of double-extortion ransomware doesn’t just lock your important data. This type of ransomware also extracts data from your network with a threat to leak it online or sell it.

There is debate within the information security world on whether backup and disaster recovery are still useful tools for ransomware defence. Not all ransomware attacks use double extortion, though, so backing up data remains a valid form of proactive defence against these attacks.

3. Invest in Cybersecurity Awareness Training

Your company’s ability to prevent ransomware is strongly correlated with the level of overall cybersecurity awareness among employees. Cybercriminals know that humans are often the weak link that they can exploit to access your network and encrypt your files.

Cybersecurity awareness training can highlight the common methods outsiders use to gain unauthorized access to business assets. Employees should know about the dangers of opening email attachments or clicking links from untrusted sources. Good training can teach employees how to differentiate between genuine emails versus phishing emails.

The topics worth covering in training include:

• Selecting strong passwords that aren’t easy to guess
• Social engineering techniques and how to protect against them
• The risks of revealing sensitive information on social media
• The importance and use of antivirus, anti-malware, firewalls, and other security solutions
• How to use Wi-Fi networks securely
• How to securely browse the Internet without compromising the business network

Not every business has the capacity to develop its own cybersecurity awareness training modules. There are third-party companies that specialise in this area. Investing in training can definitely pay off in a big way in terms of ransomware prevention.

4. Restrict Privileged Access

Whether you’re managing remote user accounts or any other account on your network, it’s important to restrict privileged access for your users. When an employee has more privileges on the network than they need to perform their daily work, you introduce greater risks should that employee’s account become compromised.

Privileged access can enable hackers to wreak havoc across an entire network. Privileged users can install malicious software on all devices or modify operating system registry keys.

Restricting privileged access puts a limit on the damage that malicious intruders can cause. While some ransomware families can cause damage regardless of privilege level, minimizing privileged access is a good practice that improves your information security and is relatively easy to implement.

5. Use Patch Management

Exploiting users isn’t the only way people can break into a network and install ransomware. Hackers often seek to exploit businesses that run unpatched software, device firmware, and operating systems on their IT infrastructure.

There are various tools that can automate patch management for you. Aside from software and operating systems, you should push patches to WiFi access points, routers, firewalls, intrusion detection systems servers, workstations, and printers when they are released.

Proper patch management keeps all relevant IT services current by applying the latest updates in a timely manner. These updates often address security vulnerabilities that are found and reported to the company that coded the software or manufactured the device. It should be part of your company’s security policy that remote users also apply patches on time for devices they use to connect to your network.

Closing Thoughts

Preventing ransomware is both important and feasible for businesses of all sizes. It’s not an inevitability that your company will become a victim, especially if you adhere to these best practices.

At iPing, we can help Irish businesses prevent ransomware. We provide managed IT services that can spot problems and potential ransomware attack vectors before you even know about them. We also have business continuity services and we can help you support remote workers in a productive, safe way. Contact us today to find out more.

Among many interesting findings, the 2021 SonicWall cyber threat report featured a section on the biggest data breaches of 2020 in terms of the volume of records leaked. With the ongoing HSE data breach crippling Ireland’s health system, now is the ideal time to increase security awareness by looking at other major global data breaches and their causes. This article takes a look at the top five data breaches in 2020 and provides some actionable insights on what you can learn from them in terms of your organisation’s IT security posture.

Data Breaches in 2020 and Why They Matter

As you’ll see, several of the companies that were victims of the biggest data breaches were huge companies. Therefore, it’s natural to wonder about the applicability of this information to a small or medium-sized business.

It’s important to realise first of all that malicious intruders don’t solely focus their efforts on large businesses. Businesses of all sizes can learn from the causes of these breaches and take reasonable steps to ensure they don’t repeat these failures.

Secondly, and arguably, more importantly, data breaches are extremely costly. You might not have a database of hundreds of million customers, but many smaller businesses can easily grow a database of 5,000-10,000 customers.

Multiplying the per-record cost of a breach of personality identifiable information (PII) at $150 (~€125) by the size of a small customer database, and you have a bill of well over €500,000 to pay, which will sink most businesses. That’s why this information matters.

1. Estee Lauder Breach: 400 Million Records

The American multinational skincare company Estée Lauder became the victim of 2020’s largest data breach when a security researcher revealed he accessed an exposed database belonging to the company. The database contained a large number of user email addresses in plain text format. Also viewable in the database were internal documents, including audit logs and reports.

Luckily for Estée Lauder, the records didn’t contain any customer information. What was striking about this breach was that it was such a basic security flaw that enabled anyone with an Internet connection to access the data. This breach reinforces the importance of basic information security practices, such as encrypting data and requiring passwords to access them.

2. Facebook 267 Million Records

In 2020, consumer tech website Comparitech revealed they partnered with security researcher Bob Diachenko to uncover a database of 267 million records belonging to Facebook users left exposed online. The data included unique Facebook profile IDs, phone numbers, and full names belonging mostly to users in the United States.

Such data is incredibly valuable for cyber hackers who can use it themselves or sell it on to groups who want to conduct large-scale spam or phishing campaigns. The takeaway message here is that no matter the size of your company, you must take a prudent attitude to always protect sensitive data belonging to customers.

3. Microsoft Breach: 250 Million Records

In January 2020, Microsoft revealed they experienced a major data breach that actually took place over the course of December 2019. The breach revolved around an entire database of “support case analytics” featuring logs of conversations between Microsoft support agents and customers. The database was publicly accessible via the Internet.

In a blog post highlighting what happened, Microsoft described how, “a change made to the database’s network security group on December 5, 2019, contained misconfigured security rules that enabled exposure of the data.” This breach serves as a telling reminder of how misconfigurations pose serious information security risks. Some basic steps for avoiding misconfiguration risks include:

• Applying software updates/patches swiftly
• Disabling default accounts
• Use security scanning tools to look for misconfigurations
• Encrypt your data

4. MGM Resorts 142 Million records

Midway through 2020, reports began to circulate online that data belonging to 142 million MGM Resorts hotel guests was listed for sale on the dark web. The dark web is a part of the web that requires specific software to access. A veritable underworld marketplace in stolen data exists on the dark web where cybercriminals list stolen email addresses, credit card details, and more for sale.

The breach occurred when a hacker compromised a cloud server belonging to MGM resorts and accessed the customer data. This incident again raises questions about the efforts companies are taking to properly secure their cloud resources. It’s vital to be as cautious about securing information in the cloud as it is on-premise. Hospitality is a sector particularly vulnerable to cyber attacks because service providers typically collect customer data that is both personal and financial.

5. Pakistan Mobile Subscribers 115 Million Records

In May 2020, personally identifiable information about mobile subscribers in Pakistan surfaced online. Included in the 115 million breach records were full names, home addresses, and mobile phone numbers. The data was eventually listed for sale on the dark web where an anonymous hacker tried to sell this information for 300 bitcoins.

In terms of its cause, this breach was somewhat mysterious because some records stretched back as far as 2013. Industry commentators speculated the breach took place when a hacker gained access to an old backup file or that it was stolen directly from a server. Whatever the cause, this incident shows that companies around the globe are targets for cyber attacks, not just developed nations.

Closing Thoughts

One key thing that stands out from 2020’s biggest data breaches is the sheer diversity of industries in which the affected companies operate. From skincare to software to hotels, it doesn’t matter what the nature of your business is. In an IT-powered world, the risk of a data breach transcends industries and sectors.

Lastly, it can be somewhat disheartening as an SMB to see that large corporations fall victim to these breaches. You may think, “if they can’t stop breaches with their gargantuan budgets, what hope have we got?”

A more optimistic outlook is also a realistic one, though, because your IT infrastructure is not as complex as that of large-scale enterprises. You don’t have to keep track of as many user accounts, network components, or computing resources.

If you put some basic security measures in place, then you’ve already won half the battle in protecting your valuable data. These basic strategies include:

• Backing up data regularly and ensuring data completeness in backups
• Having offline data backups such as tape storage that can’t be accessed via the Internet
• Applying updates regularly to software, operating systems, and network device firmware.
• Always ensuring you authenticate users before they access data.

  iPing can help your business implement these data security methods and avoid data breaches with our managed IT services. Contact us today to learn more.

The decision on whether to outsource IT services as a start-up is an important one. There are many challenges faced by startups in terms of deciding what processes to take on versus what you should do in-house.

Ultimately, it’s difficult to facilitate growth when your workload becomes unmanageable. And IT is one of those tricky areas in which small problems can compound into big ones that take too much time and resources to fix alone. Here are six reasons start-ups should outsource IT services.

#1. Focus on The Core Business

Start-up founders are ambitious people who attempt to bring unique, innovative products and services that solve problems to a market. As a start-up founder, you want to grow and scale your business to serve a larger share of a market.

In the initial stages of your start-up project, your focus needs to be on the core business as much as possible. Handling IT services and the inevitable problems you’ll encounter can distract you from that core business.

Even if you have one or two co-founders with decent IT knowledge, the time spent on monitoring, configuring, and fixing IT systems and services is time that would be better spent on marketing your key product or service or improving its quality.

#2. Improved Information Security

Startups with limited information security expertise are easy targets for cybercriminals in the early stages of their growth. Some people mistakenly assume cybercriminals only target established enterprises because their data is more lucrative.

However, the statistics show that 43% of cyber attacks target small companies. While start-ups ultimately aim to become established large businesses through aggressive growth, they typically begin their journey as small operations.

You might understand the basics of running an IT department, but IT security is a different challenge. Cybercriminals are sophisticated technology users who can easily bypass basic security controls. Outsourcing your IT services can drastically improve information security.

#3. Cost Savings

When thinking about the cost of outsourcing IT, it’s helpful to consider the opportunity cost of managing your IT services alone. Bearing in mind that start-ups want to focus on aggressive business growth and scale quickly, getting bogged down by disruptions to IT services or system configurations ends up costing you time and money.

When you outsource your IT services, you’re hiring a dedicated team of people to support your business operations and help solve IT problems that you can’t afford to waste time on. For a start-up, time is money.

#4. Disaster Recovery

Many modern start-ups are highly dependant on a functioning IT system to support the delivery of key business services and products. What happens if your systems go offline and you don’t have a way to get them back? Even if you don’t want to outsource the bulk of your IT support or operations, it’s prudent to outsource disaster recovery.

Preparing for and executing a disaster recovery plan is beyond the scope of most small in-house IT teams. You’ll need specialists who help you recover your critical systems swiftly in the aftermath of a significant IT outage.

#5. Make Better Investments

An underrated benefit of partnering with a well-informed managed services provider is that you’ll get solid advice on choosing the most appropriate hardware and software solutions to meet the needs of your business.

Start-ups often assume they need the fanciest hardware or the most complex software and they acquire such investments at a high cost. Managed IT services can provide the advice you need to make the right investment. An MSP can cut through the noise and evaluate existing IT infrastructure to suggest the investments you actually need versus what would be nice to have.

#6. Not Getting Left Behind

Even if you or your co-foudners are adept with current processes, services and tools, IT, like any other aspect of technology, is a fast-paced and dynamic sector. It’s easy to become distracted by your core business idea and goals to the point where you get left behind in terms of the IT systems, tools, and processes that best support your company.

Outsourcing IT services as a start-up can provide an automated way of ensuring you don’t get left behind. Solid managed IT companies will stay on top of the latest trends, developments, and tools that streamline your IT processes. A well-informed managed services provider can give you invaluable advice about the current tools, hardware, and solutions that best suit the needs of your growing startup.

Closing Thoughts

Success as a start-up ultimately depends on achieving sustainable growth. Outsourcing IT services in the initial growth phase provides many benefits that can help support and achieve success for innovative companies, regardless of their industry.

If you are a co-founder at a start-up and you’d like some help with managing your IT services, contact us today to see what we can do to support your growth.

Small business owners often mistakenly assume that cyber criminals are unlikely to target them. However, the reality is that 43 percent of cyber attacks target small companies.

Small businesses face significant challenges in securing their data and their networks. They lack the expertise to implement the types of solutions that can secure their systems and networks against the full scope of modern cyber threats. With this in mind, here are some best practices to best protect your small business against a cyber attack.

Basic Security Awareness Training

Basic security awareness training improves the overall information security profile of small businesses. It’s often the case that data breaches or phishing attempts succeed due to a lack of basic security awareness knowledge among employees at small businesses.

While you’re unlikely to have the resources available as a small business to teach employees about advanced security threats, covering the basics in a brief training course often suffices. The point is to prevent the types of frustratingly preventable incidents resulting from human error.

Basic security awareness training should cover some or all of the following principles:

• Not opening suspicious emails
• Not clicking on links or attachments from unknown email addresses
• Only visiting approved websites in line with the company’s Internet use policy

It’s best to view security awareness as an ongoing project rather than a once-off session. To this end, you can purchase security awareness training materials and request employees to refresh their knowledge once or twice per year. If budget is a problem, there are some actionable and useful YouTube videos covering the basics, such as this one.

Regularly Update Your Software and Operating Systems

Regularly updating your software and operating systems is a simple yet powerful tip that immediately reduces cybersecurity risks for businesses of all sizes. There are cyber criminals who spend all day trying to exploit companies running outdated software or operating systems. Often, the reason updates are released for applications and operating systems is to address security loopholes that were flagged as vulnerable.

It’s worth noting that there typically comes a point in the lifecycle of software that the developer stops supporting it with updates altogether. This makes running really outdated software a very risky practice for businesses.

Many different software applications come with automatic updates. However, critical updates for operating systems still often require manual approval by users of those systems. A delay to take action and update as soon as possible can be critical.

The WannaCry event, which was one of the most damaging worldwide cyber attacks in recent years, was successful precisely because so many organizations failed to implement updates on time. When updates become available for software and operating systems, it’s best to approve them straight away.

Implement Multi-factor Authentication

Multi-factor authentication prevents unauthorized access to systems or apps by requiring users to provide two or more pieces of evidence to verify their identity. The point is that if someone gains access to a user’s credentials, they can’t log in to the system because they don’t have the other evidence needed.

Most people are familiar with multi-factor authentication in action when they log into their Internet banking. Typically, you need a password stored in your memory and a one-time code sent to your phone to successfully log in to your Internet banking.

When it comes to easy wins that dramatically enhance the security of key business apps and files, multi-factor authentication is a no-brainer. If you’re concerned about the cost and complexity of using multi-factor authentication, don’t fret. Most people are familiar with multi-factor authentication. Additionally, several popular software and cloud vendors implement it for free, including:

• Slack
• Google Drive
• Amazon Web Services
• Microsoft

If you have a small office with a few workstations and you’re concerned about security, there are solutions available that can enable multi-factor authentication for workstation logins. In reality, multi-factor authentication for your key business apps should be sufficient to prevent the majority of potential incidents from stolen passwords and user credentials.

Use the Least Privileges Principle

The principle of least privileges provides a useful conceptual guideline to reduce cybersecurity risks. The principle works by only allowing users access to the systems, data, and software that is absolutely necessary to perform their daily tasks. The idea behind this cybersecurity best practice is that it limits administrator privileges to a select few users who actually need those privileges.

Excessive administrative access increases the surface area for cyber attacks because administrators typically have unrestricted access to particular systems or data. It might seem off-putting as a small business owner trying to foster a sense of trust with employees that you should limit their access to systems. Proper enforcement of this cybersecurity best practice shouldn’t make a difference to end users because you’re giving them only the access they need.

Outsource Your Information Security

Some small businesses might want to consider outsourcing the complexities of information security management to an expert company specialising in this area. Managed IT security services can help implement proactive solutions to deal with malware, ransomware, and the threat of data theft.

While hiring a managed IT services provider adds an extra cost to your profit and loss statement, it’s worth bearing in mind that this often works out as a fraction of the cost of hiring an in-house dedicated cybersecurity team. And if you want to think of the big-picture costs, remember that 60 percent of small businesses fold within six months of a successful cyber attack.

Have A Solid Password Policy

Changing passwords regularly and trying to remember complicated passwords can be a pain for you and your staff, but it’s worth the effort. A solid password policy reduces the risk of data breaches and other incidents resulting from weak passwords.

Many hackers attempt to gain access to systems by using brute force automated tools that can guess hundreds of thousands of password combinations per minute. The more constraints you add to a password, the harder it becomes to crack.

At a minimum, require employees to use uppercase, lowercase, and numbers in their passwords. An even better tactic is to have a minimum length for passwords. In an interesting case study, it was found that an automated tool can crack an 8-character password in 3.75 days, but cracking a 28-character password would take 17 years. Asking people to remember 28 characters is probably not realistic, but the point is the longer the better.

Install Antivirus

As a ‘bare essentials’ cybersecurity best practice, you should install antivirus on all devices used in your small business. The scope of antivirus software should stretch to any BYOD laptops, tablets, and even smartphones that access your network, your data, and your key business applications. A reputable name within this space is Avast, but there are many vendors with cost-effective solutions.

Antivirus software won’t protect you from every type of attack but it provides a solid foundation to defend against:

• Malware
• Trojans
• Worms
• Adware

Regular antivirus scans can automatically find and delete suspicious files. Depending on the nature of your company and whether you collect sensitive data, you might want to consider more feature-rich premium solutions that cost a bit extra. In a cybersecurity landscape of constant threats, antivirus solutions provide peace of mind to small business owners.

If you’re searching for managed IT services in Dublin, you need to know how to pick the right provider. The decision to opt for managed IT services can result in IT expertise, cost savings, and flexibility for small-to-medium businesses.

However, if you make the wrong decision, you could end up locked into a contract with an MSP that doesn’t meet the needs of your business. The last thing you need is downtime in key business applications or increased susceptibility to cyber-attacks.

This article helps you find the right managed IT services in Dublin or (anywhere else) by focusing on the key questions to ask when evaluating service providers.

Should You Look Locally for Managed IT Services in Dublin?

A key consideration is whether you should focus on finding a local company providing managed IT services in Dublin or if you should broaden your search.

It’s typically more beneficial to work with local companies than fully remote ones. The main reason to go local is that for IT issues that need to be resolved on your premises, someone from the managed service provider can quickly commute to your office.

Another compelling reason to look for local managed IT services in Dublin is that local MSPs operate within the same business climate and environment as you. Local service providers better understand your company’s specific needs and pain points.

Opting to outsource IT needs to a local company also brings a level of in-person interaction that isn’t possible using remote-only or distant services.

What Services Are Offered?

It’s important when evaluating any managed service provider to find out the range and scope of services they provide. Some managed IT services focus on a standard offering for all clients that might include IT functions and support that your business doesn’t really need.

On the contrary, the standardised offering could include exactly what your company needs; you need to ask, though.

Other providers may take a more a-la-carte approach in which you can pick and choose different IT services in line with business needs. Maybe you only want Internet security and server installations. Make sure you find out every service included in the price you’re quoted.

When looking for managed IT services, it’s useful to know what to expect. Most companies should have at least the following services available:

1) On-site Installation and Support

One of the main services to look out for is on-site installation and technical support. Depending on the kind of IT implementation recommended for your business, there might be a need to install various software or hardware on-site.

After installation, it’s a fact of life that technical issues may arise for which your business will need support. The need for on-site assistance is one reason why choosing a Dublin-based MSP is advisable if your business is based in Dublin.

2) Remote monitoring and troubleshooting

Outsourcing some or all of your IT needs to a dedicated team often means they can remotely monitor your network and troubleshoot problems that arise without you even knowing. For many businesses this is the prime reason for outsourcing IT — you benefit from the right solutions while removing the friction of having to monitor and troubleshoot your network.

3) Information security measures

Information security is one of the key IT concerns for any modern business. Securing your valuable data and customer information is a complex task. A good MSP should have at least a basic cybersecurity service that provides some or all of the following:

Installing the latest security patches to keep software and hardware updated

Ensuring your network connections are properly secured

Suggesting the best cybersecurity solutions for your business

An advanced cybersecurity solution typically falls under the scope of a managed security service provider (MSSP). However, advanced solutions may not be necessary for small to medium businesses.

4) Support for cloud-based solutions

The proportion of SMBs using cloud IT services such as backup, storage, or software hosting has catapulted over the last decade. If your business plans to use the cloud, you’ll need help with implementing your desired solutions. In this instance, it’s useful to find an MSP that has knowledge of cloud-based business solutions.

Does The Provider Have Industry Expertise?

Depending on your industry, it might not be enough that your MSP has IT expertise. Often, certain industries have stricter requirements than others around data protection, data processing, and compliance.

Breaking these regulations unintentionally can result in hefty fines for your business. It’s advisable, therefore, that you strongly consider the level of industry-specific experience a provider has before doing business with them.

Even if your industry is not heavily regulated, it’s prudent to partner with a managed services company that understands your industry. Familiarity with your industry means that the MSP has a broad idea of the customer expectations and the technology needed to meet those expectations.

What is the Communication Process?

When it comes to outsourcing a business area as complex and important as IT, it’s critical to ensure transparent and clear communication. The ability of an MSP to provide a high-quality service depends almost as much on its communication abilities as its IT knowledge.

Ask potential managed services about their communication process. You should get clear answers about how you can communicate with them and at what times. You should feel that you can get help with questions or concerns. The MSP should also schedule regular reviews to measure progress against an agreed plan for implementing the IT services and solutions your business needs.

How Will The MSP Reduce Your Costs?

A huge part of the value that an MSP adds to your business comes down to reducing the costs of setting up and maintaining the IT solutions you need. Whether it comes down to advising you on the most cost-efficient technologies, choosing the right servers, or resolving IT issues before they result in costly downtime, the MSP should be able to spell out exactly how they can reduce your costs.

How Is the Company Structured?

It’s helpful to find out how the company is structured before partnering with them. You can ask how many employees the MSP has to gauge whether they can scale with your business.

It’s also worth finding out whether the company’s sole function is in managed IT services. Ideally, you want to work with a true MSP that has expertise in IT rather than a company that tacks managed services on as part of a broader suite of services, such as a digital agency.

Does the Company Stay on Top of IT Trends?

IT is a very dynamic and fast-changing industry. It’s always better to partner with an MSP that stays on top of the latest IT trends. Using outdated systems, processes, or solutions that competitors have moved on from puts your business at a disadvantage. Look for the type of MSP that stays on top of the latest IT trends.

Does the MSP Have Customer References, Case Studies, and Accreditations?

A reliable way to find out whether an MSP is likely to add value to your business is to find out how reputable the company is. Ask the service provider for customer references or case studies that demonstrate how they have added value to businesses like yours in the past.

If the MSP uses particular solutions in their service offerings, check to see that they have the relevant accreditations or certifications. For example, an MSP offering Sonicwall firewalls to secure a company's network. In this example, it would be a good sign if the MSP had Sonicwall certifications as it demonstrates a certain level of expertise.

That wraps up this list of eight questions to ask when choosing the right managed IT services in Dublin. If you want to partner with iPing, contact us today to get in touch about your IT need

It looks like we will be facing another lockdown. Which means more time spent working at home away from the office. The current pandemic has introduced us to remote working. But have we managed to make it a safe and secure environment? Before the pandemic would we happily have our laptops out in our local coffee shops working using the local Wi-FI? Of, course not so we have to make sure that we apply the same rules when remote working from home.

Before we come to the big elephant in the room that nobody is discussing. We should be making sure that we heed the following:

BYOD (Bring Your Own Device) has been very divisive but now it suddenly has no longer become an issue. As our home computers are used for work purposes. Businesses have to realise that employees who have been using desktops in the office may now be using whatever computer they have at home. This could be the family desktop or their own personal laptop. Which we all know will never be as secure as the desktops used in the office. The easiest way to fix this is to supply all your staff with laptops. These laptops will have been setup for use in a work environment. So, they will be as secure as any computer that you might use in your office.

If you are using your home computer or personal laptop. Make sure that you have anti-virus software installed and that it is up to date. If more than one person is using the computer that you are using. Make sure that each user has their own profile set up on the computer. This ensures that nobody else using the computer can access any of your work files, any cloud software you are using or access your office network.

Any smart speakers such as Amazon Echo, or Google Nest must not be in any home offices. They could be listening to any virtual meetings that you are partaking in. In fact, some law firms and local councils have banned virtual meetings taking place in rooms that have smart speakers.

The elephant in the room that was alluded to earlier is similar to BYOD in that you are using something not provided by your job. In this case its BYON (Bring Your Own Network). This is where you are using your home broadband and modem/router to do your remote working. If you were to use that setup in a proper working environment, it would not be acceptable. The default password for your modem/router settings has probably not been changed. There is also a high probability that you don’t have a firewall setup. A firewall will block out unwanted traffic and emails including phishing ones. 

IoT devices in your home such as smart lights or a smart fridge are another security headache. As it's possible to hack them via your broadband connection. So please make sure that your BYON and any IoT devices are as secure as possible. Have your IT department or Managed Service provider draw up a checklist that all your remote working employees must comply with, this will ensure that your employees are working in a safer environment. 

iPing provides managed services and IT services. We can help provide you with an overview of your current setup, and if you are implementing proper remote working procedures. So, if you need some help with the above please contact us or give us a call on 01 5241350.

This current outbreak of COVID-19 Coronavirus will have made many companies aware of just how important it is to have effective disaster recovery planning in place.

The impact of this outbreak and its rapid expansion is a demonstration of what can happen unexpectedly, and we will likely see the effects of this for a considerable amount of time to come.

Being prepared is half the battle, and it's up to you to make sure that you are not just prepared but that your company will thrive.

What is Disaster Recovery?

Disaster Recovery, or DR for short, is a plan which will be enacted should the unexpected happen.

So if, for example, your office went on fire, or there was a flood, you would be able to enact your DR plan and move to your backup site.

This allows for greatly reduced disruption to both your business and your customers.

There are certain areas that you will want your Disaster Recovery Plan to cover, here's a list of some:

• Identify key IT assets - software and hardware.
• Identify key personnel and provide contact details for them.
• How to access business-critical data remotely.
• Communication flow when off-site.

That is just a brief overview, we will expand on the theories and concepts below.

Identify key IT assets

This is a vital part of any Disaster Recovery plan as it will identify the tools your business needs to continue operating during times of crisis.

Key IT assets may include both hardware and software, some examples being:

Hardware

• PCs / Laptops
• Physical phones
• Printer(s)
• Mobile internet dongle

Software

• Email client such as Microsft Outlook
• Office software like Word, Excel, etc.
• CRM or database system
• Other proprietary software

It may seem obvious, but the whole concept behind DR is that your company can hit the ground running in case of an emergency.

As such, the ability to perform the day to day routine as close to normal is what we are aiming for.

Key personnel

You will need to identify which staff members are mission-critical to the core functions of your business.

Basically, these will be the members of staff whose duties and responsibilities will allow your businesses to seamlessly provide service to customers and clients during the emergency period.

Key personnel will not necessarily be high-end management or the like, although it's important that management are kept in the loop during the process.

The key personnel will generally be staff who are at coal face of day to day business operations. Remember that Disaster Recovery is about being a bridging action to make sure your business doesn't grind to a halt in a time of crisis.

As such, you'll want to make sure you have even a limited number of staff available who would be dealing directly with customers or their queries.

You will need some senior staff members to hand also as their additional experience will be beneficial in keeping the ship righted, so to speak during a time of potential panic.

Access to critical data remotely

This is extremely important, and depending on the type of business you operate, it may prove to be vital.

In our recent article on working from home during this Coronavirus pandemic, we showed the importance of able to access work-related data remotely.

Should you find yourself in a scenario where you need to implement your DR Plan, then having the ability to access your data will be key.

In order to streamline the operations of your company during this time, you will need to be able to access your CRM and data stores while working from your Disaster Recovery site.

One solution to this requirement is to have cloud-based backups of your files. These can be restored to your DR site and can aid in minimizing downtime for your company.

As the current COVID-19 restrictions have shown, quite a lot can be done while working from home. However, in the case of flooding or fire at your place of business then this may not be possible.

This is another reason why having data stored in the cloud can greatly decrease the disruption to your business flow during a time of crisis.

With the Coronavirus situation that has unfolded around us all in recent times, it's very likely that at least some of your colleagues are working from home.

It would be highly beneficial for you to take notes on the strengths and weaknesses of what is and is not working for your staff as they operate remotely.

These notes and ideas can be factored into your DR Plan and will help streamline its effectiveness.

Communications

This is another extremely important component of your Disaster Recovery plan as it's quite possible staff will be working in different locations during the disaster.

On your disaster recovery backup site, it will be vital that you have very good broadband connection, especially if you will be accessing online data more than normal.

Some things you may want to factor in:

Phone system

What type of phone system do you have? If you are using VOIP then it will make portability a lot easier, to the point where you can seamlessly route your office number to your mobile phone.

If you are using a more traditional PBX, then you'll want to have as part of your DR plan a contingency whereby your phone provider can route calling over to your DR backup site.

Shared access to files

As mentioned previously, your staff may be spread out over several locations, if this is the case then it's important that they can jointly access required files.

Usually, it would be the case that staff would access the files on the local office server, however, in this scenario, they will be accessed from several remote locations at once.

One of the better solutions for this is Microsoft OneDrive as it integrates nicely into the Office 365 platform and allows many users to access the same files concurrently.

Another solution of note for this is Google Drive, however it generally works better if you are using the Gmail system.

Conclusion

So as you can see, having an effective Disaster Recovery Plan in place is of extreme importance to your business.

The current situation we find ourselves in at the moment should help paint the picture for you of just how important it is.

Even with the best will in the world, you can never fully plan for a fire breaking out at your place of business or the office getting flooded.

That's why it's good to do the leg work and planning now so that should the need arise, your business will succeed while those who don't plan ahead will fail.

iPing provides managed services and IT services. We can help provide you with an overview of your current setup and advise you on the best course of action to take regarding getting your own Disaster Recovery Plan put in place.

So, if you need some help with the above please contact us or give us a call on 01 5241350.

By now, I’m sure you are all aware of the Corona virus that is doing the rounds.

It’s a serious threat to a lot of people’s health, this can be seen with the number of countries where the infection has surfaced, this includes Ireland.

Currently, the amount of confirmed infections here is quite low, but this little bug has shown that it can pop up all over the place extremely rapidly!

With this in mind, we are going to look at this from a business standpoint.

An expanding number of businesses in Ireland have instructed their staff to work from home, quite notable in this was Google.

The logic here is that they can still operate almost seamlessly while their staff are safe at home.

Modern technology has progressed to the point whereby many jobs can be performed remotely, not all of course, but quite a few.

With the advent of VOIP phone systems and remote access to office computers, the ability to work from home has really taken hold.

I suspect there are many employers who aren’t aware of this however, it’s only when extraordinary scenarios like this viral outbreak or extremely bad weather rear their ugly heads that the need for this ability becomes apparent.

We have some customers who use what’s called a VPN (Virtual Private Network) to connect into their office computer while out and about or at home.

This allows them to essentially work on their office computer as if they were sitting in front of it, which is a major boon to staff. It also provides peace of mind to management during these times of uncertainty regarding staff availability in the office.

GDPR Considerations

It should be noted, to get the most secure connection with a VPN, you will need to have a physical firewall installed and configured correctly.

Since the implementation of GDPR, having a firewall has become mandatory for businesses.

We recommend the Dell SonicWALL series of firewalls, however, a VPN and be configured almost any brand of firewall.

Considering how hefty the EU fines are in relation to GDPR infractions, which can result in a fine of up to €20,000,000 or up to 4% of the annual worldwide turnover of the preceding financial year, whichever is greater.

Looking at those numbers, I’d say it’s well worth picking up a firewall, assuming you don’t already have one.

Why a VPN is important during COVID-19 outbreak

This may seem obvious, but if you are unfortunate enough to encounter a scenario where one of your staff contracts the disease, then, of course, you don’t want them to visit the office and infect others.

This is where the abilities of the VPN shine, it will allow staff to connect to their office computer remotely and use it as if they were sitting in front of the machine.

It will also allow users to access the work data which is stored on their office server. They can access their shared drives and applications directly from their laptop remotely.

VOIP Telephony

Voice Over Internet Protocol (VOIP) has become much more commonplace in recent years.

It will allow staff to facilitate phone calls over the internet, either to a desk phone or to their mobile.

This can be configured in such a way as to allow staff to essentially use their office phone anywhere.

With the outbreak of the Corona Virus (COVID-19) the ability to work from home is almost a must.

Through a combination of a VOIP telephone system and the use of a VPN to allow remote access to your office-based computers then you and your staff should be able to circumnavigate these Corona virus woes.

Cloud based users

One notable exception to this situation is users who primarily access cloud based systems.

So, for users who have their files stored on the cloud on systems such as OneDrive or Dropbox, they will experience far less disruption.

The VPN solution is primarily for users whose files are stored on a server in their office.

Corona Virus outbreak scenario

Here, we will present a scenario of how your business can face the challenge of a COVID-19 Corona Virus outbreak.

In this scenario, let's assume that one of your colleagues has been unfortunate enough to become infected with the virus, forcing you to work from home.

If you have a VPN configured, you can connect into your work network from home and work remotely.

Also, if you have VOIP in your workplace you should be able to make and receive calls as if you were sitting in your office.

This could be done on your mobile phone or alternatively via a software phone installed on your laptop.

So in a scenario such as this, you will be able to work from home, access your files & data and handle phone calls.

This is an extremely useful ability, especially with the Corona Virus outbreak and all the uncertainty that goes along with it.

iPing provides managed services and IT services. We can help provide you with an overview of your current setup and advise if your business is prepared to handle this Corona Virus outbreak.

So, if you need some help with the above please contact us or give us a call on 01 5241350.

One of the latest computing buzz words is edge computing. So, what is edge computing and is it needed for your businesses IT strategy? Well, it transforms the way data is being handled, processed and delivered. It does this by processing information close to the edge, where various devices and people produce or consume that information.

How does edge computing work?

Edge computing works with businesses that process lots of data. Data is usually processed by data centres via the cloud. If the data centre is further away, latency is more likely to occur. Using sensors to collect data and edge servers to securely process data in real-time on-site. Connecting other devices including laptops and smartphones to the network, reducing the chances of latency occurring or downtime.

At the moment Edge computing is not so much something that a small business needs to be implementing for a companies Managed Service strategy and it is more something that companies should be looking at for a more long term IT Support strategy.

So the question is where does edge computing work best?

Edge computing works with:

IoT devices like traffic lights or smart bins.
Equipment on a factory floor
Faster networking technologies like 5G wireless.
Self-driving vehicles.
Artificial intelligence.
Video processing and analytics. 
Robotics. 
Drones.

Do you need edge computing?

Data processing is becoming more important to businesses. As the growth of IoT allows for scalability and flexibility. This allows businesses to respond to changing business needs more quickly. Mobile devices use apps to access and process data on nearby devices. Sending it directly to nearby computers or nearby cloud storage.

Answering yes to any of the following means you need to think about using edge computing, Do you:

Process data from multiple devices?
Need to access data locally?
Access and process biometric data?
Need to access and process data quickly?
Access and process data from local sensors?
Need to comply with GDPR?

iPing provides managed services and IT services. We can help provide you with an overview of your current setup, and if edge computing is for you. So, if you need some help with the above please contact us or give us a call on 01 5241350.