Posts

Fast Fact Friday: Trusting Cloud Security

/in

Fast FactAccording to a recent survey of 950 IT executives and staff members by BetterCloud found that:

IT Execs are 29% less likely than their staff to say their team lacks full control over their SaaS applications

IT Staff are 56% more than their bosses likely to feel they lack full visibility into SaaS applications

IT Staff are 139% more likely than IT Execs to believe the former employees still have access to company data

Are you moving to the cloud? Is your roadmap in line with your business goals? Contact us for a no-obligation Cloud Advisor session.

 

Single Sign On Misses the Mark for SMBs

/in ,

Directory as a Service
As you move your small or midsize enterprise into the cloud, you will face new challenges around identity management.  Historically, identity management was an operational issue that managed user logins to desktops and local area networks. As you move to the cloud, the network is no longer local. Your network includes the suite of applications and services run and hosted by others. Identity management is now a security issue that should control access to your cloud applications, data, and services as well as your computers and mobile devices.

Single Sign On for SMBs

Even with the proliferation of usernames and passwords, most SMBS are not investing in Single Sign On (SSO).  With many applications using federated or 0Auth login services from platforms like Google Apps or Office 365, SMBs expect users to adapt and manage their identities. The result is a mix of usernames, passwords, and connections without a clear system of record and no centralized management. And while Single Sign On can help eliminate this mess, most SMBs struggle to justify the value.  In addition, SSO solutions lack the ability to manage access to devices, WiFi services, and other resources.

With SSO in place, you still need to manage and maintain a directory service. Directory services, such as Microsoft’s Active Directory and the many LDAP solutions are, in theory, capable of managing more than on-premise systems. Actually integrating directory services, however, is complex, costly, and requires regular maintenance.

Directory-as-a-Service and Identity Management

Directory-as-a-Service® (DaaS) is a modern identity platform that centrally manages user connections to this new world of cloud and SaaS-based infrastructure. Features of a cloud-based directory service include:

  • Mac, Windows, and Linux devices are all treated as first-class citizens
  • Tight integration with Office 365 and Google Apps, centralizing control over the productivity platform and enabling single sign-on capabilities for end users
  • Single Sign On integration with other cloud applications and services
  • Improved WiFi security that connects the authentication request to the directory service
  • Multi-factor authentication at the system level
  • Hosted LDAP capabilities can eliminate the need to have an on-prem LDAP server

In short, Directory-as-a-Service covers what contemporary organizations need in a modern identity management platform.

Learn more about Directory-as-a-Service and JumpCloud (our preferred DaaS solution) at our 3T@3 Webcast on October 18th, or contact us for a free, no obligation Cloud Advisor Session.

 

Cloud Computing Still Needs a Grand Strategy

/in ,

In a recent post on Forbes, columnist Joe McKendrick discusses a Cisco-sponsored IDC survey results showing a lack of coordinated cloud strategies among large enterprises.  Nearly half, or 47%, describe their cloud strategies as “opportunistic” or “ad hoc”. The 14% or respondents claiming managed, optimized cloud strategies, report substantial and tangible business benefits. These successes come from how applications are built and deployed, a strategy that does not always work for small and midsize businesses (SMBs).

SMB Cloud is Different

Cloud StrategyWhereas most enterprise cloud strategies focus on building new line of business applications and rebuilding existing systems for the cloud, most small and midsize businesses are not building or customizing their own applications. When SMBs do use custom applications, they typically rely on outside firms for development and support. When SMBs move to the cloud, they normally start with “infrastructure” services like email and file services. Existing business applications are often replaced by SaaS (Software-as-a-Service) cloud solutions — either from the current vendor or as a replacement.

SMB Cloud Forward Strategy

Without a strategy, you can end up struggle to get all of the pieces of your IT in the cloud connected to each other and/or your on-premise systems. For you, as an SMB decision maker, a sound strategy will:

  • Identify your business goals and objectives
  • Use these goals and objectives to define and prioritize your near-term and long-term technology needs
  • Create an architecture that defines the pieces — platforms, applications, and data — and how the pieces fit together
  • Drive your decision to go Google Apps, Microsoft Office 365, and/or another cloud platform or ecosystem

Creating your cloud strategy requires some thought and effort, but need not be a lengthy or overwhelming task. Starting with your business priorities and answering a few key questions gets you most of the way there. Once in place, your Cloud Strategy will guide your product selections as well as the order and timing of your deployments.

Interested in creating or updating your Cloud Strategy? Contact us for a Cloud Advisor session — for free and without obligation, or complete our Productivity Cloud Questionnaire for a free assessment and recommendation report.

 

Overconfidence in Disaster Recovery: Common and Costly

/in ,

support-liferingAs reported in CloudTech, a recent study in the UK of 250 businesses finds that 95% experienced outages or data loss in the past year, with 87% needing to go to failover systems.

There is a mismatch between expectation and reality when it comes to disaster recovery.

Of the 87% that executed a failover, 82% were confident it would go well, but 55% encountered problems. And while 69% stated outages lasting minutes would be “highly disruptive” or “catastrophic”, only 27% were able to recover all systems immediately following an outage. With 37% of respondents indicating they do not regularly test their DR capabilities, many organizations have no basis for expecting a smooth failover.

Outage Sources

While we often focus on the “big disaster” that could interrupt our businesses, 53% of the outages were to mundane system failures and 52% were due to human error (more than one response was possible). Cyber attacks and environmental issues caused 32% and 20% of the outages, respectively.

Three Things We Can Learn

  1. Comprehensive disaster recovery and business continuity costs money. Running infrastructure and systems in the cloud and/or using cloud-based DR and Business Continuity solutions can help mitigate these costs.  You will, however, need to assess potential downtime and time to recover, the impact of downtime, and the cost to create the right balance for your organization.
  2. Testing your DR/Business Continuity solutions should be easy and cost-effective. Plan on testing at least twice per year.
  3. Your DR/Business continuity solution should help reinforce your overall data protection and business operations. Shifting from a “recovery”-centric strategy to one of resilience can lower costs and minimize the risks and impacts of unplanned outages.

If you want to improve your business’ resilience and lower your IT costs, contact us for a free Cloud Advisor session.

 

Rethinking Risks and Responses

/in ,

Malware, Ransomware, Natural Disasters and More Keep Hitting SMBs Hard

Never have we had a greater ability to work together to get things done than we do right now. As our cloud and hybrid environments expand, the ease-of-use encourages us to share ideas and information and to collaborate in new and exciting ways.

Never have we been under attack from so many directions. Changing weather patterns and aging infrastructure leave businesses without power for days instead of hours. Fading employee loyalty means more chances for information to walk out the door. The same features that let us easily share information also let us accidentally share information we shouldn’t. Malware and viruses have evolved from a nuisance to potentially existential threats with the increase in ransomware and advanced persistent threats.

Our Businesses, Employees, and Customers Need and Expect Protection

With the risks and impacts on the rise, we as small and midsize business owners and technologists should rethink how we both prepare and respond. Since the dawn of business computing, large enterprises have built expensive solutions to ensure that their businesses keep running “no matter what”.  Now that we are in the cloud, and solutions are incredibly affordable, we need to adopt the same approach.

Business continuity is no longer just being able to keep your business running after a disaster.

Business continuity means that you are able to prevent business disruptions and distractions, regardless of the cause. Business continuity means …

  • You actively work to minimize the chance of a ransomware attack, and that you can respond and recover quickly should it happen.
  • You have systems and procedures in place to prevent data loss and privacy breaches, and that you can detect and mitigate issues quickly and effectively.
  • You and your team are no longer tethered to the hardware, Internet access, and electricity in your offices.

For SMBs, now is the time to consider the tangible and intangible costs of business interruptions of all types and to see the value in solutions to prevent and recovery. Understand the value proposition of that goes beyond dollars and cents to include the customer relationship impact and the toll that business disruption has on your team.

Food for Thought:

Ransomware is Front Page News (Again)

/in ,

Over the past several weeks, we have been aggressively communicating with our customers and others about the sharp rise in ransomware hitting small and midsize enterprises.  We have blogged about the need for preparation against attacks and for recovery just in case, as well as the full cost of ransomware attacks. While some organizations are taking action, others still see the threat as a low risk.

This weekend, the Wall Street Journal emphasized the critical nature of the threat with a front page article reinforcing the severity and scope of the problem. The article reiterates the rapid growth of Ransomware, the increasing ransoms, and the ease by which computers become infected.

To help organizations better understand the risks, strategies for prevention, and preparation for recovery “just in case”, we recently published our Business Guide to Ransomware.  Written for the non-techie, it is a must read for any small or midsize enterprise with an Internet connection.

Want help with your Ransomware strategy, contact us for a free consultation.

 

Resource Center Helps Small and Mid-Size Businesses Make Better Cloud Decisions

/in

Westborough, MA – The volume of information about cloud computing can be overwhelming for small and mid-size enterprises as owners, executives, and IT professionals look for the best solutions.  To ease their burden, Cumulus Global launched a new online resource center to help SMEs learn and make better decisions.

“Much of the discussion about cloud computing focuses on the infrastructure and platform services used by larger enterprises,” note Cumulus Global CEO Allen Falcon. “Our Resource Center focuses on information most useful for small and mid-sized businesses, nonprofits, and government entities.”

The resource center (https://www.cumulusglobal.com/resources/) includes access to a library of whitepapers and eBooks, upcoming webcasts and live events, blogs, and recordings of past webcasts and events.  In addition, visitors can subscribe to daily and weekly online newspapers that deliver cloud computing ideas, innovations, and news stories to your inbox.

“Our goal is to provide decision makers with perspective and knowledge,” stated Falcon. “If we can help small and mid-size businesses see past the hype, they will make better decisions and will be happier with the results.”

Don’t Let Outdated Technology Slow Your Business Down

/in

Old Tech
This is the first in a multi-part series providing ideas and guidance for companies looking to modernize their business with cloud and mobile solutions.

For many small business owners, it is easy to put off technology decisions for more pressing day to day matters. Sometimes, however, “If it ain’t broke; don’t fix it!” can do more harm than good. Outdated IT slows you down and costs you money in lost productivity and missed opportunities. Your technology also sends a message to your customers about how well your business can serve theirs. In today’s cloud and mobile world, your small business has affordable access to the same caliber tools and services as large enterprises. If your business is not taking advantage of the close and mobility, your competition is and you are falling behind.

Go Big or Go Home?

Moving to the cloud does not need to be an “all or nothing” proposition. Most small businesses start with email and move on to file sharing/collaboration. Business apps, like Customer Relationship Management (CRM) and Accounting can also be good places to start, delivering a high return and value for the migration effort and spend.

For some, going cloud and mobile is easiest to accomplish with the latest version of tools and software that you already use. For others, moving to the cloud and mobile is an opportunity to change the way your team works, so moving your team to new tools is best.

Google Apps or Microsoft Office 365?

This is the question we are asked most often by fellow small business owners and IT leaders. Google Apps or Office 365?

Our answer is: YES.

We are not saying your choice doesn’t matter. We are saying that Google Apps and Microsoft Office 365 fit different businesses differently. Microsoft Office 365 extends the Microsoft Office ecosystem with collaboration, communication, and data/information tools that will never exist in your desktop version of Office.  Google Apps integrates broadly with most of the newer, cloud and mobile first tools preferred by small business. And, we have five ways to integrate your MS Office desktop software with Google Apps, so you don’t need to abandon the tools you already know.

Both ecosystems help you get stuff done faster, communicate more efficiently, and make mobility easier. Which solution is best for you depends on a factors ranging from where your team works and how you want to improve communications and collaboration to which line of business systems are critical to your success. By looking at your full IT environment, you can pick the cloud productivity platform and other cloud services that make the most sense, and delivery the greatest return.

Footprints, Workloads, and Clouds

Beyond your basic productivity suite (email, documents, spreadsheets, files, etc) and collaboration tools (voice, chat, conferencing, document sharing), more small businesses are moving other workloads from their on premise footprint into the cloud. Do not get flustered by the jargon! Workloads are simply applications or data processing; your footprint is the physical IT systems you use; and the cloud is, well, any cloud or hosted service where you can run your workloads.

For small businesses like yours, moving other applications into the cloud will improve security and reliability, offer better business continuity, and mitigate or lower costs. And while some applications don’t have a cloud version you can use (i.e., Quickbooks Online lacks features and reports most of our costomers want or need), you can move those systems onto cloud server with remote desktop access.

We All Have Our Job to Do

Your job is your business and serving your customers. Our job is to make sure your IT helps you do your job better and more efficiently.

Talk to us about your business, your goals, objectives, and priorities. Challenge us to find ways to help you reach your goals. We will bring our vision, enthusiasm, expertise, experience, and pragmatism, along with our commitment to either add value, or get out of the way.

Complete the form; let’s start the conversation!

When the Single Point of Failure Actually Fails

/in ,

 

While the heavy, wet snow continues to fall and cling to the power and fiASA5505ber optic lines in our area, today’s Internet outage was not due to the first real storm this winter. Being fully in the cloud, any Internet outage could be a disaster, bringing business to a halt. In reality, the “single point of failure” really isn’t. True, we do not have multiple routers. Nor do we have multiple broadband connections.  What we do have, is the ability to work over any form of Internet connection. Here is our case study (still in progress).

Late yesterday afternoon, our trusted Cisco 5505 stopped working. Poof. Red Status light on; activity lights on the embedded switch ports blinking; no traffic. A few reboots and a few attempted hard resets later, we are still not working. A quick call and discussion, and our Cisco guru tells us “it’s a brick”. Covered by warranty and a solid support/service plan, a new unit will arrive in several days. In the meantime, we must continue to service our customers.

Quick Fix

The immediate response is to get our staff connected to the Internet in any way possible.  A few mobile hotspots activated on our phones and one MiFi device booted up, and we are back in business. Performance is acceptable, not great, and we will plow through our data plan, but we are in business with only a few minutes disruption.

Interim Fix

Our FiOS service enters our office through a service unit that converts the Fiber to Gigabit Ethernet.  We split this signal through a switch to 2 routers — one provided by our VoiP service and the FiOS router/cable modem that comes with our service.  The now dead Cisco ASA plugs into the FiOS router.

Why two routers in sequence? Having 2 routers in sequence creates a physical DMZ: a network that can receive traffic from inside and the outside while letting us stop traffic from going all the way out or coming all the way in. It’s “old school” as virtual DMZs are the trend.  We use the DMZ and the FiOS router for a guest network and wireless.  Guests can gain access to a physical or wireless connection while staying completely outside our secure network. The Cisco ASA, at the secure end of the DMZ, manages our inbound traffic, NAT, and legacy DMZ services (let over from the days when we had a few systems on-premise and needed remote access). Our secure WiFi runs off a Cisco/Linksys WAP inside the secure border of the ASA router.

With a few minutes of work, we reconfigured the FiOS router, removing the DMZ and mimicking the settings and security configured in the ASA.  Moving a few wires, we are up and running until the new ASA comes in.

Lessons Learned

Our focus has always been on the FiOS service as the single point of failure at greatest risk.  Outages have traditionally been short and as we have been able to adapt by using hotspots, MiFi, and working from home or other locations, we have not seen the need to bring in another ISP as an alternate service. The ASA failing was never really a consideration.  The box is not yet out of warranty and our prior Cisco routers lasted much longer than the 5 year extended warranty (we upgraded for features, not out of necessity).

Not having seen this scenario coming, we had to rebuild the FiOS router from scratch. Going forward, we have now saved this “emergency configuration” for future use.  Once our new Cisco ASA arrives, we will create an emergency configuration that will let us remove the FiOS router from the network.  Finally, we will build a configuration for the Cisco/Linksys WAP, as this has routing features and could replace the FiOS router in a pinch.

The biggest lesson, however, is the value of a cloud-based infrastructure with respect to business continuity. Storm or no storm, hardware failure or not, we know that we will always have options to keep our business up and running. Even when the “single point of failure” happens to fail.

Changing the Way You Buy Office

/in ,

0365 across devices
At Microsoft’s 2015 Worldwide Partner Conference, Microsoft openly discussed plans to replace Enterprise Agreements and most Open Value licensing with subscription based models. Going away are the per-device, traditional “box” software.  For Microsoft, this is more than a change in method, it represents a change for the better in how the company will distribute, update, and enhance MS Office and other products. Forget major releases every 2 years, a subscription model enables continuous incremental improvements and will make Microsoft even more responsive to customers’ needs.

This Change is Good for You, the Microsoft User

In addition to better access to innovation, the new Office 365 Business and Office 365 ProPlus licenses are the best fit for most small and mid-size businesses.

  • Each license covers 5 PCs or Macs, 5 tablets, & 5 phones per user
    Your team can install MS Office on any device they use, giving them the ability to work on nearly any device, from anywhere, at anytime.
  • Local and/or Web Versions of MS Office
    Depending on your license choice, you can have both the local and web versions of MS Office.  Your team has added flexibility and features, and the ability to work securely from anywhere at anytime.
  • 1TB of Cloud Storage
    Keep documents secure, usable, and sharable without messy sync-and-share apps, email attachments, or thumbdrives.
  • License Flexibility
    Adjust your license count, as needed, on a monthly or annual basis, avoiding sunken costs on unused licenses and features.
  • Lower Cost
    Licenses with local and cloud Office licensing are as low as $99 per user per year, about 1/3 less than purchasing Office with Software Assurance or paying for upgrades every 3 to 4 years.

If you are thinking about, or ready to upgrade to your MS Office licensing, contact us for a free license consultation and Office 365 Business or Office 365 ProPlus quote.  We will match you the best license option.

And, through January 31, 2016, you can save at 5% or more on annual prepay Office 365 Business licensing.

Webcasts

Small Business Guide to Cyber Threats, Security, and Response

/in

(6/15/2021) – A practical guide to cyber threats and security. We will share data that quantifies the most prevalent types of risks and will outline practical, reasonable, and affordable steps you can take to both protect your business and, should an attack succeed, respond and recover.

Read more

Productivity Suites: Google and Microsoft Revisited

/in

(5/18/2021) – Take a fresh look at Google Workspace and Microsoft 365 and how each might best serve your business. Rather than a feature-by-feature comparison, we take a strategic look at positioning, architecture, services, subscription options, and integrations.

Read more

Next Normal: WFH and Remote

/in

(4/20/2021) – We explore how Work From Home and remote workers alters your IT service needs. Taking a holistic view, we look beyond using apps and accessing files, discussing factors that protect your business and support productivity

Read more

Next Normal: Apps & Servers

/in

(3/16/2021) – COVID-19 and the events of the past 10 months have, and continue, to change the way we run our businesses. Explore how your team accesses the applications, systems, and data they need to succeed, whether in the office or working remotely.

Read more

Next Normal: IT Efficiency

/in

(02/23/2021) – COVID-19 and the events of the past 10 months have, and continue, to change the way we run our businesses. Are the IT choices made during the crisis the best for your business in the long term?

Read more