Plan Ahead for Data Protection

Here at Acropolis, we frequently get calls from someone looking for help with some sort of data protection or security issue after an event has occurred. This can be any one of a number of different events, ranging from careless (I left my laptop at a Starbucks and when I went back it wasn’t there) to sloppy (I accidentally emailed our tax returns to the all employees mail list) to the malicious (I think one of my employees wants to start his own firm, and he took all our secret files off the network). The problem with each of these situations is that if we didn’t have systems, controls, and processes in place in advance of these events, there is absolutely nothing we (or anyone) can do.

The data your company owns is the lifeblood of the organization. This can be anything from financial to marketing to R&D, but it’s what gives you a competitive strategic advantage and shouldn’t be shared with anyone you haven’t designated. The problem with protecting it, is that it absolutely cannot be a reactive solution. Data protection has got to be carefully planned out ahead of time, and put into place in order to be effective.

Let’s talk about the scenarios above quickly. If somebody gains control of your physical asset (phone, laptop, etc.) and it has proprietary data on it, there is no way after the fact to secure and protect that data. If you had planned ahead however, you could have the laptop encrypted, or have a mobile device management platform in place that could wipe the content of the phone. These solutions are simple up front, but completely impossible once an event has occurred.

How about the sensitive file that was accidentally blasted out? Once that unprotected file makes its way into somebody’s hands, there is generally no getting it back. If you protect sensitive data up front however you are going to be in a much more comfortable position. In this case, you’d have a lot of options. First of course you could simply encrypt all important files and protect them with a password. This should be the bare minimum of what you do. Sometimes however, that isn’t even enough. Let’s say somebody should have access to a file like that today, but something happens and tomorrow they should not. Or maybe they send it to somebody else who shouldn’t have access. Are you out of luck? Not necessarily. A technology like Information Rights Management is “living” information security that follows a document wherever it goes and can change instantly. Imagine being able to pull access from a file that somebody already has, and maybe even has forwarded outside your network? That’s what you can do with IRM.

How about the third scenario above? Well, all the same controls we’ve already talked about would apply, but maybe you are looking for something more. Let’s say you aren’t sure someone is taking or moving large numbers of files – you would need some sort of auditing solution in place. The catch, of course, is you can’t start implementing this after something has been moved or transferred. Once again, you need to have the solution in place before anything happens to ensure you get the answers you need, when you need them.

Information security controls are a lot like insurance. You need to put them in place before something goes wrong, and hope like crazy you don’t need to use them. I realize nobody likes to spend money on something they will hopefully never need, but the alternative is being left completely helpless in the face of some sort of major incident. Don’t wait until it is too late – put a plan in place to protect your most valuable assets today.

For more information on planning ahead to ensure your cyber-security, give us a call today.

Article authored by Evan Leonard of Chips Technology Group.


7 Common Misconceptions of Outsourcing IT

To outsource IT, or not to outsource IT? That is the question. It’s a question facing many small-to-mid-size business owners as most try to keep up with a rapidly changing and increasingly technological business environment. It can be hard to take a step back and look at all the possible options in which your IT landscape can evolve. Although many business owners have preconceived notions of what might benefit his or her organization the most, the fact is that outsourcing IT is one of the best solutions they have.

We are in the beginning stages of a time for rapid technological advancement. Over the past decade or so, we have seen that in regards to communication technologies. Where a company’s #1 client might live halfway across the world, but they still meet “face-to-face” every day. Where an office is no longer defined by a physical space, but a device instead. So with all these changes in the way we work and conduct business, it seems downright irresponsible to rely on the past to make a decision for the future.

With that being said here are 7 common misconceptions about outsourcing IT, and why they’re wrong!

1. Outsourcing IT is More Expensive

False. With the rise and wide-spread adoption of cloud computing, businesses are now replacing capital expenses with operational expenses instead. In an effort to reduce and control operating costs, businesses who outsource their IT to Managed Service Providers (MSPs) have their infrastructure, application, and support services packaged into a predictable monthly fee. Business owners who try and keep IT all “in-house” will actually encounter direct and indirect costs up to 25-30% higher in maintaining an up-to-date infrastructure.

2. Outsourcing IT is Less Secure

False. When you outsource IT, you don’t have to be a security expert or even hire one. MSPs are masters of their craft, which includes network security, business continuity & disaster recovery. When infrastructure fails, your business suffers from downtime, higher costs and lost valuable data. MSPs have also become experts in compliance regulations as they serve many companies in the same industries. They can provide systems built around and that ensure compliance, more often than not implementing changes based on evolving regulations much faster than an “in-house” technician.

3. Outsourcing IT Causes a Loss of Jobs

False. Many SMB owners hold the misconception that outsourcing IT is the equivalent of going “all-in”. When you outsource IT, you’re not exactly replacing your existing team, but instead expanding upon them. MSPs can “fill-in-the-gaps” that your current team might have, or even ease the load of an overworked department. Some companies start small, such as outsourcing one aspect at a time like a help-desk or migration project, it’s really up to you! Outsourcing IT doesn’t create a loss in jobs, instead it allows your current team to refocus their efforts on the business, and not the technology.

4. Only “Big” Companies Outsource IT

False. Technology has leveled the playing field between the “top-dogs” and the SMB market. In fact, because of this SMB owners who decide to implement newer technologies will notice an advantage in being able to scale their technological infrastructure rapidly, affordably and accordingly, enabling them to stay relevant and agile in an increasingly competitive marketplace. By outsourcing to an MSP, SMB owners can get access to all these great resources without incurring the up-front costs on hardware and labor.

5. You Will Lose All Control

False (sort of). This one boils down to the MSP of your choosing, and your relationship between them and your organization. I have heard countless stories from both sides of the table. When choosing your MSP, it’s important that they are transparent about their underlying physical infrastructure, security measures that are in place, and a clear audit of where your information is stored, backed-up to, and recovered from. It might also be in your best interest to visit their physical data center location. Staying informed and up-to-date on all the information mentioned above will allow you to maintain control and feel more confident in the way your data is being stored, monitored and protected.

6. Service Levels Are Significantly Lower Than In-House

False. Since today’s business environments enable employees to work remotely more often and more efficiently than ever before, providing 24/7 support for these employees can prove difficult for a handful of companies. MSPs have the expertise and accessibility to communications technologies that can provide and maintain remote support for your employees, at an affordable cost. MSPs also constantly and proactively monitor your networks, meaning they can immediately identify a problem before it arises, as well as implement the appropriate procedures to fix the current issue and prevent it from happening again.

7. MSPs Cannot Support Specialized Applications

False. Although many organizations have specialty applications that need dedicated support, they may not need that highly specialized and expensive talent all the time. Even worse, that specialized employee may begin to find that his or her career options have become too limited, resulting in a decrease of morale. Not only can MSPs provide these resources, but companies can take full advantage of the flexibility of scale that’s provided and only pay for the services being used accordingly. This also gives your specialized “in-house” talent opportunities for training and career growth which results in less turnover.

Wondering if outsourcing IT is the right move for YOUR business? Give us a call today.

Article authored by Evan Leonard of Chips Technology Group.