What Should I Consider When Moving to the Cloud?

The cloud is transforming information technology and more companies are moving their entire infrastructure to a cloud-based system. The cloud is agile, scalable and offers easy accessibility to essential applications that are a key component in business continuity. This infrastructure shift has businesses rethinking how they can use technology to accomplish their business goals. The IT department is out of the basement and in the board room!

What is the cloud?

There are various ways to define the cloud, but in basic terms, you are utilizing capital, infrastructure and resources offered by a cloud provider. This is a concept companies are taking advantage of instead of using time and resources to build their own infrastructure. The cloud is a predictable expense offering speed, efficiency and innovation.

Cloud Strategy

Cloud migration takes time and should be implemented strategically with a well-thought-out plan. The most important thing to focus on when navigating the cloud is to ensure you have incorporated a business strategy. Focusing on cloud initiatives from a technology-only standpoint can cause inefficiency and wasted resources.

Cloud Security

Once in the cloud, security is a top priority. To ensure the best security, you’ll need to diligently examine and choose a cloud provider. You will need services such as data encryption, audit and compliance regulation, and managed tasks with patching and monitoring to ensure optimal health of your applications and systems.

Cloud Types

            Be thoughtful when analyzing native cloud solutions and determine how it integrates with your applications, systems and current infrastructure. A hybrid approach might be best if you are looking for cost savings or to utilize a recent hardware purchase. A multi-cloud approach can be a strategic tool to avoid committing to a single cloud service provider.

ProTech can assist with planning your cloud strategy to help save your business money and provide agility. Contact us to get started. 

at Thursday, March 8, 2018

How Do Third-Party Security Problems Affect My Business?

What a year 2017 turned out to be – especially from a security perspective! From WannaCry and Nyetya to the Equifax breach, 2017 was marked with security events. And yet, as spectacular as 2017’s security failures were, 2018 is already shaping up to be even more stunning.

Within mere days of the start of the new year, it was publicly disclosed that CPU hardware design flaws, lovingly dubbed Meltdown and Spectre, allow vulnerabilities between applications and the operating system and break the isolation between applications. The problem affects virtually all computers and devices globally, and companies are still grappling with the security implications. 

A closer look reveals that there is a common thread with these compromises, hacks and vulnerabilities that have emerged. You as a business owner or manager will likely be impacted by an oversight or compromise by a third-party provider that you didn’t cause and cannot control. While it hardly seems fair, that is the reality of today’s increasingly interconnected security ecosystem. Let’s take a closer look at some examples:

  • Nyetya – Cisco’s TALOS group asserts that the Nyetya attack started with third-party accounting software (M.E.Doc) via a compromised update server.
  • Equifax – An Apache Struts vulnerability, that was not patched for more than two months, lead to the compromise of approximately 145 million Equifax customers’ data.
  • Spectre & Meltdown – Two architectural flaws affecting Intel, AMD and ARM processors and companies such as Microsoft, Apple and Google are rushing patches to remediate the impact. 

Most businesses trust their third-party partners to protect them from dangerous attacks. Last year’s security incidents illustrate just how important it is to utilize trusted partners and proactively maintain and update software. But with an ever-evolving threat landscape, it can be difficult to keep track of everything.

Our managed services solution is designed to proactively monitor, secure and support your business IT environment. As a trusted partner, we handle the “waterline” activities: performing security scans, judiciously patching systems and reporting progress so you know it’s done.

Third-party security threats require a third-party solution dedicated to protecting your business and furthering your goals. We would love to partner with you for a secure 2018; contact us today. 

at Wednesday, January 24, 2018

How Do I Create a Technology Budget and Plan?

Over the years, the IT industry has evolved into a necessity for business operations. Almost every industry now sees IT as a key aspect of their productivity strategy. As we've advanced in IT innovations we've moved from siphoning marketing's budget to buy computers to having a plan when we spend marketing's budget, to creating an independent IT budget.

There is a rising need to not only plan and budget for IT, but to strategically plan for future goals and initiatives. Established companies have developed numerous methods of creating viable IT Roadmaps that stretch 3, 4 even 5 years ahead. But if you're new to strategic IT planning, how do you catch up with companies that have years of lessons learned?


If you've ever managed a project you know that planning is the most important key to success. You almost can't plan enough! Just like any project or strategic plan, IT has the same constraints that need to be discussed. The three most important of these constraints are budget, quality and risk. Each of these  are key to a successful IT strategy.


Technology costs can vary depending on the solutions your business needs. If you are thinking, "But I have no base line to go by, how do I even start an IT budget?" You already have one.

Consider your phone, printer, computer, monitor, cell phone, email service…etc. Unless you stole those items, they all cost something. Start with the basics:

  • What do you have now?
  • Does what you have work?
  • Is it old or non-functioning?
  • Should you replace it?

A few topics to narrow your considerations in your budget are security, efficiency, replacement or repair, and cost. Those few items will generate a lot of questions for any initiatives you may have in your budget.

Next, talk to your employees. Your staff knows the tools that would make their life easier and will happily tell you about them. Let them guide your research for innovation and find out what their ideas cost. Often, suggestions may lead to budget savings.

When you start to plan your budget, talk to the vendors that you work with daily about what innovations or enhancements may be available. Some of the biggest innovations and initiatives will come from your vendors. Never shy from talking about the topics that are most important to your business. If you trust your vendor partners, use them! Plus, partners often quote out an exact price for an upgrade or replacement, allowing you to be more accurate with your budget.


Quality is something you should always consider when planning. Setting expectations of the outcome, not just to yourself,but your employees as well, is important. As you and your IT partner lead the way into a strategic roadmap for more productive solutions, the outcome and expectations of the quality should match.

Imagine you decide to purchase a new business software that will save your employees hours of manual labor allowing them to perform more important tasks. You talked to the vendor, got the sales pitch, and had a painless rollout. But, your employees hate it and won’t use it.

Engage your employees when considering the quality of a solution. Find out what their expectations are for the final product and set the expectations with your vendors for that outcome. Your employees are your strength when it comes to a strategic IT roadmap. Knowing where they are will always lead you where you need to go.


IT is risky business and lots of questions get thrown around.

  • How do I know the next best thing won't come out tomorrow?
  • What if our partner stops making the product?
  • What if it doesn't work right?

These questions are difficult to answer and only cause stress and worry. Instead, consider these options:

  • Will this need align with my company's goals?
  • Will this enhance or hinder my employees from fulfilling these goals?

If you stick to questions likes these you'll find that your strategy will most certainly align with your business and help minimize risks.

Technology Roadmap

Roadmaps are just prioritized plans. Once you understand the outcome of your business goals, the roadmap writes itself. It could be something as simple as a visual diagram, a To-Do list in excel, or even a framed napkin with scribbles on your wall. If your roadmap reveals the direction and priorities of your business, it will be a success.

Contact our Managed Services team to learn how we can help you plan and budget for your technology. 

at Wednesday, October 4, 2017

Why Should My Business Move to the Cloud?

The cloud is often seen as a mysterious concept that no one quite understands. So, before we tell you why you should move, let’s make sure you understand what cloud computing is.

Cloud computingnoun; the practice of using a network of remote servers hosted on the Internet to store, manage and process data, rather than a local server or personal computer

In short, all those servers that are housed in a closet or room at your office are gone. Instead, your data and software is stored online. Many businesses are diving in and moving everything to the cloud. Others are taking a split approach by moving some things into the cloud and leaving others on premise; this is called hybrid cloud.

However you decide to approach it, moving to the cloud is becoming inevitable for businesses. But, there are some great benefits that businesses receive from switching.

Disaster Recovery & Business Continuity

Working in the cloud makes disaster recovery efforts much easier. Because your data and software are already operating in the cloud, if a flood, fire or storm takes out your equipment, you can still access your data without disruption. Employees can continue working when they would otherwise be unable to perform their necessary tasks. Decreased downtime keeps from inconveniencing your clients and maintains your bottom line.


The work force is becoming increasingly more mobile thanks to technology. Often employees are working from home or their car between appointments. Before the cloud, this would have been nearly impossible. But, businesses utilizing the cloud can provide their employees access to documents from any device at any location.

The added mobility also allows you to recruit from a larger pool of talent. Instead of having to find local employees that can come into the office every day, you can expand to anyone with a necessary skillset and provide them access to your cloud environment.


The best businesses utilize the strengths of each employee, making collaboration a necessity. Many cloud programs allow for team collaboration. Each member can contribute and offer insight and feedback in real time. This allows everyone to stay up-to-date on the project status and eliminates long meetings that fail to accomplish the task. Through cloud computing employees can access projects and documents from wherever they are.


Another major upside of the cloud is scalability. The cloud can grow with your business. There is no need to purchase another server, wait for it to be installed and then start growing. Cloud computing allows you to upgrade your storage and solutions quickly and easily so that your business needs are always met.

In addition, the cloud gives you the ability to scale down as well - maybe your business has a slow time of year. Up or down, the cloud makes it easy to adjust your solutions to your specific business needs.

These are only a few of the many ways that cloud computing can benefit a business. If you’re interested in learning more or migrating to the cloud, contact us today!
Posted by Chelsea Nelson at Wednesday, May 31, 2017

What Tools Do I Need For a Mobile Workforce?

There are a variety of things that move business productivity towards a more mobile and often remote workforce. Some companies are simply "born in the cloud" and rely almost completely on remote resources working together, while others find that as they expand into new markets, it is far more cost effective to have a remote staff rather than establish an office with infrastructure. Other times it may be the result of an unforeseen situation, like a flood or fire, that pushes the workforce to mobilize. 

Whatever the reason, the ability to maintain productivity amongst a distributed workforce is critical to operating your business and having a handle on how to effectively do so can give you a competitive edge.

Just as there are many different types of companies, there is an array of solutions for providing technology services to mobile and distributed workforces. And while each solution can meet specific needs, there are some over-arching aspects that should be the cornerstone of your mobile and remote workforce strategy.


While it goes without saying that communication is critical to successful teams, establishing the necessary tools to ensure that communication is effective and accessible to both employees and customers can be more complicated than just phone calls and instant messaging. Here are some key considerations:


From the internal team perspective, you should consider the need for a messaging application that provides not only one-to-one messaging but also one to many and group messaging. Additional considerations include the ability to have central storage of messages and the ability to search through messages as needed. It is also beneficial to have a messaging system that indicates user presence and, where possible, can integrate with your phone solution.


Presenting information visually to team members and customers is one of the easiest and fastest ways to convey a message. Every team should have access to a solution that can provide both presentation capabilities to others along with screen sharing and collaboration tools. 

Document Sharing

While much of the information shared amongst teams may be within core business applications, it is rare that businesses don't end up having files and documents that also have to be shared, not only internally, but often with customers. It is important to consider the level of security that is needed around documents and the granularity of access required to ensure that only those needing access to documents can gain it. Many popular services also allow for users to directly modify documents from the cloud and utilize features like file tagging for fast searches, versioning for review, and commenting on documents.


Depending on the type of organization the needs from a phone solution may vary. In any organization, consideration should be given to the ability to support remote workers as though they were just another extension on a premise-based system. 

I Need Help With Mobility


Just as important as communication is the need for users to access your core business applications effectively in a remote setting. If your applications are web-based, then, there isn't much to do, short of ensuring that users have a secure mechanism in which to access those apps. However, if your applications are not web-based, you will need to consider how effective those apps are to mobile users.  One of the most common methods for accessing core application remotely is through Virtual Private Networking (VPN). Most companies today take advantage of this connectivity, allowing remote users to securely access the companies network and in turn access applications. 

Unfortunately, not all applications present themselves well over lower bandwidth solutions, like mobile and remote devices.  In some cases, these usability issues can be overcome, but even the best application, published for low bandwidth, may not be user friendly on a smaller mobile device. To give your users the best experience, consider applications that meet your business needs but also provide versions that work well on your mobile workforce's devices.

Management and Security

A common concern around a mobile and remote workforce is how to manage the devices and keep data secured effectively. While there may be various levels in overall sensitivity of the data stored on users devices, at minimum, user devices should require either passwords or passcodes to access them, minimizing the risk of unauthorized access to company and user data stored on the device. Beyond this, there are a number of things that should be considered:

  • What control of the device do I need should it be lost or stolen?
  • What actions would I need to perform in the event the user suddenly left the organization?
  • What types of data are users allowed to access on their mobile device?
  • Should users be able to move data between company applications and personal applications?
  • Do you need to lock the device down to only run company applications?
  • In the case of laptops, is there data stored on it that you wouldn't want released to the public?
  • Do you need to know the location of your mobile devices?

These are just a few of the questions you should answer as you release your data to your mobile and remote workforce. There are a number of mechanisms available to enforce policies on mobile devices, track location, remote wipe, fully encrypt, segregate work from personal data, as well as manage these devices remotely. A good plan up-front on how to handle mobile and remote workforces when it comes to security and management can save a lot of effort on the back end.

Mobile and remote workforces are already becoming more prevalent in today's business. Knowing how to effectively take advantage of this while maintaining security and control will help keep your business moving forward. 

ProTech offers a suite of tools to help your business embrace a mobile work environment while protecting your organization. For more information, contact us
Posted by Chris Bradley at Wednesday, March 29, 2017

How Can I Keep My Employees Productive and Engaged?

Productivity and employee engagement are at the top of every business owner’s wish list. But, it can be hard to motivate employees when their technology options are outdated and cumbersome.

Implementing Microsoft’s Office 365 is a simple transition to a platform that employees are already familiar with and use daily. The Office 365 suite offers tons of tools to help keep your employees on track.

While getting everyone to adopt the latest technology is difficult, your employees will soon realize that that Office 365 is a tool that looks relatively the same, but is entrenched with new benefits. You can skip the learning curve associated with implementation of a new software making it a time effective option. Your business and employees can begin to immediately realize the added benefits of such a robust platform.

With Office 365, you can use Microsoft’s classic applications, such as Word, Excel, PowerPoint and Outlook that your employees are already familiar and comfortable with. This leaves your employees with the ability to focus on Office 365’s suite of new offerings. The program facilitates productivity due to the ease of enhanced collaboration and convenient access.


In today’s work environment, employees have different schedules and can be scattered across the globe, making team projects difficult.

Office 365 makes true collaboration a reality. The ability to edit documents in real-time with two or more users allows for remote office workers, traveling workers and in-house workers to collaborate on documents, presentations and spreadsheets in real-time, eliminating the need to meet in person or wait on edits to be emailed for review by the team.

Show Me How to Collaborate


With mobile becoming the new norm, your employees need a solution that they can take with them. Office 365 gives you the ability to modify documents on mobile devices and automatically synchronize with your desktop. Your data is stored in the cloud, allowing for access anytime via any device, by any employee. Ease of access leads to greater productivity by everyone. In addition to the ability to install your Office 365 suite on 5 personal devices, Office Online provides access to Online Word, Excel, PowerPoint and other online applications. These programs open from nearly any device, allowing you to access your data from wherever you have access to the Internet. Any modifications made to a document will be automatically synchronized so the entire team is aware of changes.


When employees are able to effectively communicate with each other, projects move faster and employees stay engaged. Office 365 has various communication tools to make sure your team is always connected. Instant messaging, video conferencing and online meetings keep your team in constant communication.

Skype for Business enables instant messaging, audio/video conversations and online meetings, allowing for effective and efficient communication regardless of your employees’ location. Skype also provides “presence”; allowing you to see when your employees are available, in a meeting, away from their desk or on vacation. Your team can quickly make decisions on their latest project without sorting through an email chain.


Having the ability to share documents with people inside and outside the company can help your team get necessary approval and revisions quickly. Office 365 offers the ability to create a password-protected portal to share files inside and outside of your company.

SharePoint Online gives you the ability to share information and collaborate with both co-workers and customers. PowerPoint presentations can be shared over the Internet, even to those without the application. In addition to the ability to collaborate with one or more users to edit documents at the same time, it also provides you with the tools to manage existing projects and team members. 

Whether your company is a small to medium business or an enterprise level corporation, Office 365 has features and benefits to make your company and employees more productive, organized and empowered for success in today’s hectic, on-the-go business environment. Implementing Office 365 is an investment in the future of your company and your employees, giving them the tools to be productive without being tied to the office.

If you think Office 365 could benefit your business, contact ProTech to learn more. 

I Want Productive Employees!
at Tuesday, January 24, 2017

What If I Need Email Security?

We send emails constantly throughout the day. We communicate with colleagues, clients, prospects, and our favorite stores and news outlets, and most of us do so from one inbox. That inbox houses vitally important information that could potentially cause issues for your business if it ends up in the wrong hands. Your email solution should provide you with basic services that protect your business while maintaining productivity.

ProTech’s email solution provides you just that. We ensure that your data is protected from various different threats in the background while you work.

Spam Filtering

Those emails that are offering free tickets to the newest movie premiere or a million-dollar payout from a Nigerian prince are pretty easy to spot. But, what about an email that looks like it’s coming from your President that wants you to open an attachment? The reality is, both are spam emails and both pose a serious threat to your business.

ProTech’s solution scans each email that comes into your network for malware and viruses. Emails that seem suspicious are flagged and placed in quarantine and must be manually removed to open.

While some spam may still slip through the cracks, you can be sure that you are much better off than before. And, if you’re concerned about those few that slip through, ProTech offers Security Awareness Training for your employees.

Email Encryption

Sometimes your email is meant for a specific party and doesn’t need to be viewed by anyone else. It may be personal information about employees that could prove costly if intercepted by a malicious hacker.

To keep that private information from being seen by the wrong eyes, our solution allows for email encryption. You have the ability to choose which emails should be encrypted so that confidential content remains confidential.

Email archiving

There are some emails that you need to keep in a specific location to have for future reference. This information is often sensitive and confidential. Our email archiving is HIPAA compliant so it’s perfect for healthcare providers to keep important patient information.

Sensitive Information Protection

Sometimes employees make mistakes. They send information out to the wrong person; sometimes due to ignorance, and sometimes due to a missed keystroke. With ProTech’s solution you can be sure that sensitive information such as client details are never sent to someone that is not authorized to view them.

HIPAA compliance

Many of ProTech’s clients are in the healthcare field; so, we understand how important it is to maintain HIPAA compliance. Our solution is 100% HIPAA compliant. You can sleep easy knowing that your patient’s information is safe and secure.

Email is still the most widely used form of business communication. A lot of information flows in and out of your organization through employee inboxes. If you need a solution that can protect your network and your valuable information, contact ProTech today to learn more about our email security solutions. 


Contact Us About Email Security Solutions


Posted by Chelsea Nelson at Wednesday, November 16, 2016

What If I Need to Secure My Data?

Let’s face it, unless you are living on your own personal island with no access to media, you have seen how companies are being hit with new forms of Ransomware. Or, there has been another data breach and some company is now doling out one year subscriptions for credit monitoring.  For each of these stories in the news, there are thousands more that are hitting other companies.  These companies are small and go unnoticed by the media, or the incident is never reported. In today’s environment, “it’s not if, it’s when.”  Small to medium sized businesses are just as likely to be targets of attacks as large corporations. There is no shortage of hackers that would be more than happy to make your business their next victim. 

So, what if you need to protect your data?  

If you’re a small to medium sized business (SMB), there are steps you can take to greatly reduce your risk of becoming a victim of hackers and malware.  Most companies know they need a firewall between your businesses network and the Internet. While this does reduce the threat, it only provides partial protection against today’s more advanced attacks.  To truly reduce the risk of attack, your business requires several layers of security.  As a managed services provider, we are tasked with helping to minimize the risk within our clients’ IT environments and have found that a layered approach, involving various solutions, provides some of the best risk aversion available.  

ProTech’s SMB Security Stack works to prevent malicious attacks for our clients. Below is a snapshot of the various layers and the actions they perform to keep your business safe.  

Learn About Our Security Stack

Cloud-Based Domain Filtering

At the network level, we introduce a cloud-hosted solution that continuously tracks known malicious websites and Internet hosts. We pass all Internet traffic through this layer to block access to malicious sites, thus reducing the ability of the user to access potential malware. Additionally, the effectiveness of malware packages that “phone home” before committing atrocities upon your systems is greatly reduced.

Security Appliance

ProTech utilizes a security appliance that provides standard firewall features, intrusion detection and prevention mechanisms, network edge virus and malware detection, and content filtering.  While providing the usual firewall features, the addition of virus and malware content searches at the edge of the network adds a second layer of protection against threats.  By introducing content filtering at this layer, we reduce the ability for users to access the types of sites that are often the source of malware.

Email Filtering – Inbound and Outbound

More and more of the Ransomware and malware that hits companies today is arriving through email.  With the advent of Phishing and now Spear-Phishing (the act of explicitly targeting key individuals within an organization), automated systems often cannot detect that the email content being delivered is not valid.  By implementing a reliable email filtering solution, ProTech is able to drastically reduce the number of emails carrying malware payloads and reduce emails utilizing commonly know Phishing attack styles.  The outbound filtering ensures that. should a user unknowingly infect their device, the ability for the infection to spread to others, via the email systems, is minimized. It also prevents data loss and provides SPAM filtering.

Endpoint Protection

Everyone knows they need antivirus on their computer.  This additional layer helps to stop malware that somehow makes it through the other layers or is introduced through an external device, such as a USB or CD.  But, endpoint protection is only as effective as its updates.  In order to ensure that the endpoint protection software stays up to date, ProTech utilizes cloud-hosted management consoles which allow our staff to monitor the definition updates to our clients' endpoints.

Patch Management

One of the most overlooked items in the SMB market is operating system patch management.  Ensuring that servers and workstations have the latest security and critical patches applied is crucial.  ProTech provides ongoing monitoring of systems patching to make sure that machines are updated in a timely manner, which can be the difference between being secured and attacked.

Business Continuity and Disaster Recovery (BCDR)

Occasionally overlooked as a component within a security stack, the BCDR layer sits quietly saving and storing data.  A BCDR appliance allows allows your business to not only recover specific files in the event of damage due to a security incident, but also the ability to virtualize a protected server from one of many snapshot points over time.  As further protection, the solution we have chosen moves all data securely offsite into bi-coastal data centers. So, even if your business is attacked, your data is secure.

Security Awareness Training

New social engineering schemes aim to introduce malware into networks by tricking users into installing software or opening payloads within attachments. ProTech now provides security awareness training for our clients’ user base to enable them to identify threats.  Even though this is the final layer in our security stack, it has proven to be one of the most beneficial in thwarting Ransomware style attacks.

Each of the layers in our security stack provides great protection for specific things, and in some cases, layers overlap each other in function.  However, by building our security stack in this layered approach, we have found success in minimizing the risk of data loss and downtime for our clients.

If you’re ready to secure your data, contact ProTech to discuss our Security Stack and how it can benefit your business.


Learn About Our Security Stack

Posted by Chris Bradley at Thursday, September 1, 2016

What If My Employees are my Biggest Security Threat?

Employees often use their employers’ networks and computers for personal use on company time. While the occasional glance at Facebook or paying a household bill is deemed okay, what about the times when they put your company at risk?

Malicious content can be found just about anywhere online which opens your network up to vulnerabilities if your employees are visiting sites that are not deemed safe or appropriate by your organization. Downloading videos, streaming content, complying with email requests and online gaming can all lead to potential data and monetary loss for your company. Those videos may be hiding malware that can hold your data ransom forcing your business to shut down temporarily or in some cases, permanently. The email request may be a spoofed address attempting to take advantage of your unsuspecting employee and make a few, quick bucks. All of these are potential scenarios we see every day that can wreak havoc on a business.


Protect your Business


But, what if there was a way to monitor and control what your employees did online without ever having to talk to them about it? What if you could educate your employees about email authenticity? Wouldn’t it be great to block sites that are suspected of distributing malware?

The solution to all those issues can be found in a Security Stack. This is a multi-layered approach to Cyber Security. Through the use of various tools, you can help protect your network and data from would be hackers.

ProTech’s Security Stack offers a multitude of tools that fulfill various functions in protecting your network. We offer tools that proactively monitor and block threats from entering your network. Additionally, we can train your employees on identifying potential threatening emails through our Security Awareness Training. Our Security Stack also offers tools that allow you to permit certain websites while blocking others. The ability to customize each users’ computer permission is incredibly simple with our solution.

So, if you think your employees could be culprits of the same habits in our video, look into employing a Security Stack. Ensure that the solution you do choose covers a wide range of possible problems. While there is no magical cure to prevent malware and online threats, you can better prepare your employees and help establish barriers that keep your data safe by implementing a Security Stack. 

Learn more about ProTech's Security Stack solution.
Posted by Chelsea Nelson at Wednesday, August 3, 2016

What If I Lose My IT Guy?

It’s inevitable - you found a great information technology (IT) resource that fit well with your company’s culture, you invested in training to get him up to speed on your critical systems and after a few years he lets you know he has taken that knowledge and found another job. Or perhaps you have found that your needs have grown and your IT resource just hasn’t been able to keep up with the changes so you decide to part ways.  If you are like many companies today, your business relies on technology, not only for internal management, but also for customer acquisition and service. Doing business without IT support is just not an option.

With many companies, the first instinct is to immediately begin the search for a new IT resource, but as you just found out, having the resource on staff doesn’t always work out to your advantage.  So, what steps should you consider when your IT resource leaves?  

Step 1: Triage

As when any employee leaves, you should start by changing key passwords and disabling that user’s accounts.  If you are lucky, your resource gave you a couple weeks notice, giving you a small window of time to put together an interim solution to maintain your systems.  If you’re not so lucky, you will need to address this issue quickly.  This is a good time to draw from previous experiences working with an IT company or get a quick referral from someone you trust.  You will want to ensure that you have access to some technology support until you are able to make a decision on how to permanently proceed.  If necessary, have a previously used IT company help you ensure  passwords are changed, your backups are working, and your data is secured.

Step 2: Determine your Needs

Now that you have mitigated risk by finding a temporary solution for supporting your IT, it’s time to look for a replacement for your resource.  Before running an ad in the local paper or combing Monster.com, you may want to take a moment to consider outsourcing your IT needs to a managed service provider.  Often times organizations find that outsourcing their IT allows them to get better support than can be provided by an internal technology resource.  Managed service providers specialize in supporting organization’s technology solutions through the implementation of best practices, the inclusion of specific solutions designed to mitigate risk, improvement of system stability, and maximization of network uptime.  With a provider, you receive an entire team of IT resources, with a variety of specialties, certifications, and experience. This, combined with a standard technology stack usually costs about the same as hiring a single IT resource.  Most managed service providers will be happy to meet with your business, review your needs, and discuss the benefits that they can bring as an outsourced provider.   

Ask A Pro What Your Company Needs


Step 3: Get Engaged

If you have determined that outsourcing you IT support to a provider meets the needs of your business, make sure to take full advantage of the engagement process.  When evaluating potential providers, make sure to spend some time asking questions and meeting some of the provider’s staff.  As with an internal IT resource, working with a provider is a relationship, and you want to be sure that the provider is a good fit for your company.  Make sure that they are clear on your needs and that you are comfortable with their level of expertise.  Some key items you should consider when engaging with a provider:

  • Process Driven - Ensure that the provider utilizes processes in all aspects of their service delivery.  
  • Technical Expertise - Ask about their technical expertise and how it relates to your organization’s IT. 
  • Best Practices - Make certain the provider will establish and maintain best practices within your organization
  • Service Levels - Ask about the service levels you can expect from the provider.
  • Vendor Management - Determine how the provider works with your various IT vendors, such as your Internet provider. Ensure they are willing to work with the vendor.
  • Customer Service – Make sure the provider is focused on customer service and satisfaction. Determine if they have a team member dedicated to service satisfaction.
  • Security & Compliance – Evaluate if the provider understands your security and compliance needs and that they are prepared to address them.
  • Technology Advisor/Virtual CIO – Ensure that the provider will routinely meet with you to discuss your organization’s direction and how technology plays into your growth.
  • Proactive Approach to Support - Ask the provider what they do to proactively support your organization’s technology solutions.
  • Communication - This is one of the most important aspects of a managed service partnership, make certain that you can easily communicate with the provider at various levels.

Step 4: Establish the Partnership

Now that you have done your due diligence and identified a provider that you are comfortable with and that meets the needs of your business, you are ready to partner.  I use the word partner because as with any relationship, it is critical to maintain an open channel of communication between yourself and your provider so you get the most out of the relationship.  While the provider will handle support of your IT without a lot of discussion, ensuring that you spend the time to discuss your organization’s direction and needs will help your provider develop the appropriate courses of action and direction for your technology.  If your business has regular meetings, invite your provider to sit in - it doesn’t have to all be about IT - often, by simply better understanding how your business works, providers can make recommendations on how to utilize IT to help solve problems in ways you may not have thought about.  Ultimately, make your provider a member of your team.

Things may not be the same without your IT guy, and that may be good or bad, however, by engaging with a team dedicated to ensuring you have a secure, stable, and productive IT environment that is aligned with your business goals, you can now avoid that uncomfortable feeling of being without an IT guy ever again.

Posted by Chris Bradley at Monday, June 20, 2016

What If I Get Hit with Ransomware?

Brother, can you spare a Bitcoin?

Many business owners do not equate the threat of cybercrime with going out of business.  Even if they acknowledge the threats, they are not acting as if it is a matter of utmost importance – especially concerning small to midsize businesses (SMBs).  According to an article from the U.S. Securities and Exchange Commission (SEC) in late 2015, “It has been estimated that half of the small businesses that suffer a cyberattack go out of business within six months as a result.” 

One of the greatest cyberattack risks to businesses today is Ransomware.  For the uninitiated, Ransomware is a type of malware that encrypts your files and demands you pay a ransom, typically in Bitcoin, to regain access.  In the FBI’s April 29, 2016 bulletin, it was stated that there had been a marked increase in Ransomware attacks against businesses – and the ransoms that cybercriminals are demanding have grown larger.  Given the amount of money extorted in the first quarter of 2016, Ransomware is projected to net a billion dollars this year – not including losses due to stalled productivity.

Update Your Security


Using Ransomware to Go Out of Business

You may be thinking, “This really isn’t a big deal.  We’ve already been hit with Ransomware on one or two computers.  We didn’t pay the ransom; we just reformatted the machines, and went about our merry way.”  But, the cyber landscape is changing rapidly and recent variants of Ransomware are now attempting to “land and expand” from the initial victim’s computer to the entire network.  In an exhaustive whitepaper entitled Ransomware: Past, Present, and Future, Cisco’s TALOS group warned that advanced Ransomware will “pivot deeper into the target network, looking for credentials to escalate their privileges. The ultimate goal for this stage of invasion is to locate and destroy networked backups before mass-distributing Ransomware to as many systems on the network as they are able to access.”  In other words, we are now facing a future in which RansomWorms will take over your entire network and demand a massive ransom in order to return your business back to its rightful owner.

If you're looking for a cyber disaster for your business, here are three behaviors to employ:

Step 1:  Do not utilize or test off-site backups of your data.

It sounds ridiculous, but this is the approach that some businesses have taken when it comes to data backups.  From no data backup at all to tape backups that are stored in the same location as the server, businesses are gambling with their future.  The Locky Ransomware variant seeks out files and folders labeled “Backup” and deletes them.  It’s not enough to have off-site data backups; you need to test restoring your data backups to ensure that the integrity and availability of the data is preserved.  Remember, just because you have data backups doesn’t mean that Ransomware recovery will be painless.  There can be multiple days of down time for your users that are affected by Ransomware.

And while we are on the subject of data backups, it doesn’t do much good to have tested, off-site backups of your important files if you, or your employees, are still saving data to local hard drives.  A Ransomware attack will encrypt files stored on the victim’s PC and, if you don’t pay the ransom, data will be lost forever.  We have seen many employees store vast amounts of critical data on the local drive of laptops, representing years worth of lost data in the aftermath of a Ransomware attack.

Step 2:  Believe that every email is legitimate and should be clicked with reckless abandon.

People are generally trustworthy, right?  If you receive an email that looks like it’s from your bank, a vendor, or client shouldn’t it be safe to open?  Why would anyone take the time to mock up an email to fool you?  Who has that kind of time and energy?  Turns out, there is a lot of money to be made by sending out fake emails to you and your employees. 

It’s not just Ransomware that bloats the bank accounts of cyber criminals.  Business Email Compromise (BEC) has cost businesses over 2 billion dollars since 2013.  BEC, also known as the CEO scam, is effective because scammers send an email to the CFO, which appears to be coming from the CEO, asking for a wire transfer.  This same approach can be used to trick you into thinking that the IT department is emailing you asking for your login credentials. 

The key to avoid falling for cyber criminals’ traps is, “Think before you click.”  If you are not expecting the email, don’t click on links or open attachments.  Ensure that wire transfers require a two-step process, NOT just an email request.  Also, no legitimate entity will ever ask you for your password via email.

Step 3:  Do not provide security awareness training to all employees.

No doubt, you’ve made a considerable investment in your technology infrastructure:  anti-virus, SPAM filtering, web filtering, next generation firewalls, and so on and so forth.  But, if you are like most business owners, you have not prepared your human firewall.  What is a human firewall, you ask?  Your employees are either your last line of defense or your weakest link.  Time and again we’ve observed companies that have extensive physical and logical security established, only to have their human firewall fail with the click of a malicious link containing Ransomware. 

ProTech has tested the vulnerability of thousands of end users to determine how likely they would be to click on malicious emails that could contain Ransomware.  We have found that, on average, 18% of employees will click on potentially malicious email links and attachments.  You only need one employee to click on one malicious email to expose your network to Ransomware. 

No one wants to lose their business due to cybercrime - but doing nothing is not a strategy.  Remember, in some cases, cybercriminals are engaging with your employees more often than you are! 

Let ProTech help design a security roadmap to keep you and your business safe. 


Update Your Security

Posted by Chelsea Nelson at Wednesday, May 25, 2016

What if I have never tested my backup and disaster recovery solution?

How much would it cost your company to stop working for one day? What about one week?

As humans, our time is easily the most important commodity we have, and until someone figures out how the flux capacitor works, we will continue to live our lives against Father Time.

When explaining the magnitude of data loss to business owners, I typically ask if they have monetized a day of downtime for their company. The typical responses are that it would be expensive, or worse, they haven’t even thought about it!

What if I asked you, “When is the last time you tested your data backups at the office?”

If you are not testing data backups, then, you have no idea what will happen if you have to call upon the backup and disaster recovery (BDR) solution currently in place for your business. This video might help you understand what happens when data backup systems aren't regularly tested.

What is a Good Data Backup and Disaster Recovery Solution?

Basically, a trusted BDR solution is the closest thing to owning a DeLorean with a working flux capacitor. It allows us to go back in time as needed to retrieve files. A great data backup and disaster recovery solution can help any business owner sleep better knowing that their files are safe and they can avoid catastrophic data loss.

In this post, our data backup experts have put together some information to help business owners and managers understand the importance of both having a great backup and recovery plan and testing that solution before it's time to actually use it.

1. Know the Type of Backup and Disaster Recovery Solution You Have

There are two types of data backups: file-based and image-based solutions. These solutions are very different!

A file-based backup solution frequently backs up and stores files only from software and applications. If the server goes down, the IT resource will need to perform tasks to get the software and applications running on the server before the files that were backed up can be accessed and utilized.

This process can take anywhere from a few hours to a few days. Even though having a file-based setup is better than not having a backup solution at all, how much downtime can you truly afford?

An image-based backup solution also frequently backs up and stores files from software and applications. However, it also stores copies of the applications and software so users can still access and utilize the files while the IT resource works on repairing the issue.

This backup and recovery solution saves time for the users as they do not have to wait until everything is fully repaired. These files can usually be accessed and used within minutes of an issue. This type of backup solution can save your company time and money. [For an in-depth look at file-based and image-based data backups, read Adam Blankenship's blog:Evaluating Backup and Disaster Recovery Amidst Storm Season]

“But what if I have tape backup?”

Tape is no longer a viable option for backing up your business information. Tape data backups require manual assistance, and therefore increase the risk of lost or damaged backups. If you think about the importance of the information you save and backup daily, then it is easy to understand why it is not worth the risk. If you still aren’t convinced, let me provide you with some statistics:

  • 31% of PC users have lost all of their files due to events beyond their control.
  • 4% of companies that have tape data backups fail to test their backups; and of those that do, 77% have found tape backup failures.
  • Most alarmingly, 60% of companies who lose their data in a disaster will shut down within six months of that disaster.

So, I ask again, can your company afford downtime? If the answer is no, ensure that you have the proper backup and disaster recovery solution in place.

2. Understand That Data Backups Can Fail

Backups can and do fail sometimes. This is why monitoring your data backup solution is extremely important, and should be done regularly.

When a data backup and disaster recovery solution fails or becomes corrupt, it affects your backups from that point forward. Testing will help ensure that the information can be pulled from the backup when needed. It also provides you with confidence in your backup solution when it's used regularly. 

If you find issues when testing your backup system, you have the opportunity to step back and fix the problem before you lose data forever.

3. Know the Cost of Downtime

I know I’ve already mentioned this, but you really do need to know what it will cost should you lose a day or more of work time due to disaster and data loss. Fires, floods, tornadoes, hurricanes and thieves do happen, and the value of having a reliable backup and disaster recovery solution in place can not only provide peace of mind, but also save your business time which translates to money!

By understanding the ultimate cost of any potential downtime, you can work to implement a backup system that best aligns with your company’s needs. Additionally, you can fully understand the need to check your data backup and disaster recovery solution regularly to avoid downtime costs.

It should now be obvious that data loss and time loss are one in the same. Once data is gone, it’s gone forever. So unless you’ve created your own working flux capacitor, test your data backup solution regularly to ensure that it is functioning in line with your expectations, because otherwise you could be the unfortunate guy in the video.

If you need help testing your backup or implementing a solution, our data backup and disaster recovery team is here for you.


Get a Backup Assessment


Posted by Jason Smith at Wednesday, April 27, 2016