An Emergency Work-at-Home Toolkit for Business
Twitter just told all of its employees to work at home 100% of the time because of the coronavirus and you may be next when it comes knocking on your office door. It is a scenario all companies should be thinking about at this time and get ready for. Fortunately, off-the-shelf solutions that enable quick, secure and effective implementation of collaboration, communication and business continuity are readily available. Here’s an annotated checklist of key tools to look for that you can quickly roll out to your workforce and help your business come through this period unscathed.
Unified Communications & Collaboration
- Video calling. There’s not going to be time for a measured culture shift to a newly remote, distributed workplace. Adding familiar faces to conversations will help lessen the dislocation and keep people connected.
- Instant Messaging & Presence (IM&P): When you can’t walk down the hall, these tools make it easy for users to see whether a colleague is available for a chat, then instantly send a message.
- Collaboration services: Virtual, always-on meeting room space for ad-hoc or planned meetings so your teams can easily share information and collaborate using any combination of group chat, voice and video conferencing, desktop and application sharing, and file sending.
- Unified messaging: Remote users need access to emails, voicemails, and texts in the format that works best for them, depending on where they are and what they’re doing. Unified mailbox, notifications, and user-defined call routing increase user productivity.
Security & Continuity
While communication and collaboration are essential for remote workplace, so is security and business continuity. It is critical to have the right technology in place that supports the remote staff’s productivity and connectedness, while keeping the company secure. The last thing you need is to adopt a patchwork of complicated applications and systems that tax your IT department and create new risks. Look for solutions that include these elements:
- Comprehensive firewall management: You want your newly remote employees to be safe within the corporate network via secure VPN access that gives them access to critical applications and helps them remain productive. Firewalls can ensure internet traffic from remote workstations gets the same protection as if physically in the office, given they are up-to-date and properly configured and managed.
- Secure endpoints: The laptops now sitting on home office desks can become vulnerable points of entry for cybercriminals, so securing them properly is critical. You’ll want to make sure that they can easily receive security patches, Next Generation AV, secure remote control and troubleshooting support.
- Failover when the cable hiccups: For mission critical positions you want to ensure that there’s not a single point of failure looming. If the home broadband connection goes down and you’re streaming TV, it’s an annoyance. For a business with employees providing essential services, it’s a disaster. There are solutions like managed SD-WAN that will automatically switch to a 4G LTE connection that will keep your folks working for as long as needed.
- Reliable support: It’s always important to be able to call for help when you’re implementing a new system or tool, but that becomes a matter of business life or death when you’re in the middle of crisis management and making changes on a timetable measured in hours instead of months. Consider simplifying your crisis workload by working with a managed services provider that can coordinate all the moving parts during this time so you can concentrate on your business – and sleep a bit more comfortably.
Upwork’s “Future Workforce Report” predicts that 73% of all teams will have remote workers by 2028. Working remotely is slowly becoming “the new normal” and all companies should get ready for the work-from-home scenario.
If you need a hand, contact us or call: 855-924-1393 to see how we can help.
Here are some additional resources you can use:
Home Office Solutions
Infographic: Tips on Deploying a Remote Workforce
White Paper: The New Workplace Reality
About the Author
Lucie Hys is a Senior Product Marketing Manager at TPx. She is currently leading the marketing efforts for the company’s MSx suite of managed services. She has been working in marketing for more than 9 years, with the last four focusing on the cybersecurity industry. Lucie graduated with an MBA from Florida Gulf Coast University. In her spare time, she is an avid fitness enthusiast and a passionate traveler.
When we talk to customers, it’s clear that, slowly but surely, the mindset of SMBs is changing to be more hyper-vigilant when it comes to cybersecurity.
Sure, cybersecurity has traditionally been a back-burner issue for small- and medium-sized businesses (SMBs) – whose resources are laser-focused on customers, business growth and technology development. But the threat surface is growing, and SMBs are realizing they need to step up their security practices in order to survive.
In fact, according to the Ponemon Institute, a full 70 percent of SMBs have experienced a cyberattack within the last year. These attacks include ransomware, cryptomining, social media attacks, credential theft and business email compromise (BEC) – all of which are becoming top-of-mind.
Here’s a short recap of these top threats:
Most attacks (in general) typically involve attackers sending an email to unsuspecting employees with the aim of getting them to click on a malicious link or attachment that will execute malware on a victim’s machine. Ransomware is no different; from there, the malware infiltrates the company network, sniffing out endpoints and servers to lock up by encrypting their contents. The attackers then demand payment in exchange for the decryption key. Sometimes the adversaries threaten SMBs with extortion, saying they’ll make the data public if they don’t pay up. These attacks are becoming more targeted against specific businesses too, with attackers taking the time to know their victims to ensure they can craft convincing emails, inflict maximum disruption and garner higher ransoms.
Cryptomining malware arrives on victims’ desktops and spreads through networks in the same way that ransomware does. But the payload is a piece of code that highjacks computer’s processing resources in order to apply them to mining for cryptocurrencies (most often Monero). It’s a complex blockchain process that can be lucrative for those doing it – especially if they’re not paying for their own processing power. Cryptominers are quieter by nature than ransomware, and tends to quietly leach CPU cycles while remaining hidden on a client PC or inside the datacenter. For SMBs, this translates into degraded computing performance, system-crashing and more, and can plague everyday tasks and radically reduce productivity.
Social Media Attacks
Phishing is a well-known attack vector, where cyberattackers looks to scam users via fraudulent emails. As users get more savvy at recognizing fraud mails, adversaries are moving to more trusted platforms, like social media. At SMBs, where personal social media use and business machines mingle in the absence of hard-core web policies, scammers use fake profiles to trick users into turning over sensitive info, like passwords, account numbers, tax ID numbers, credentials and more. Scammers launch thousands of phishing attacks like these every day—and they’re often successful.
Speaking of credentials, the market for these is booming on the Dark Web. SMB usernames and passwords for cloud accounts, email, financial apps and more are all sought-after treasure for cyberattackers, which can be uncovered via phishing, brute force attacks or via spyware attacks. Those that steal credentials can easily sell them to other adversaries looking to take over accounts: Financial accounts to steal money directly, cloud accounts to steal company data, email accounts to carry out fraud (like BEC, our next top threat), social media accounts to cause brand damage and more. And, crooks can bank on employees using the same credentials across accounts – so, if an attacker has the password for, say a LinkedIn account, odds are the same combination will work against a more important service.
Business Email Compromise (BEC)
And finally, there’s BEC. While consumers mainly use their devices and various messaging apps to communicate, business users still predominantly use email. Cybercriminals are taking great advantage of this by impersonating executives, senior managers and supply-chain partners to dupe employees into authorizing fraudulent wire transfers or providing confidential information that can be used to defraud companies. These attacks are obviously at their most compelling when a cybercriminal has email account credentials and can log in and send a fraud email from the executive’s real account; but there are ways to spoof email addresses that are quite convincing.
No Business is Immune
The reality is, no one is immune to cybercrime, and SMBs need to take stronger action as they go forward. However, SMBs do face challenges when it comes to shoring up their armor: They have smaller budgets and limited resources to spend on training and security software. This makes them not only an ideal target for external cyberattackers that look for low-hanging quarry with limited defenses, but also ups the potential for negligent employees to make mistakes that have consequences (insider mistakes are to blame for 54 percent of SMB data breaches, according to Ponemon).
Luckily, they can turn to managed service providers (MSPs) like TPx to help. With our Managed Firewall and Managed Endpoint services, you gain your own dedicated team of security professionals working for you. And, we keep your defenses consistent: You never need to worry about installation, configuration, maintenance, patching or updating of your security infrastructure – and it’s all provided at a price you can afford.
Make your business more secure with TPx, so you can focus on growing your organization with the peace of mind that you have the latest, most up-do-date modern security defenses possible. Visit www.tpx.com/services/managed-it or contact your TPx representative to learn more!
About the Author
Erik Nordquist is the Senior Product Manager for TPx Communications’ managed security services. He’s led a broad range of critical activities, including Field Operations and the Hostmaster team where he built TPx’s anycast DNS network to service its 55,000 customer locations. His work on the Network Integrity team made him the resident expert for mitigating Denial of Service (DoS) attacks. After interfacing with customers for years, Erik is bringing his customer-focused approach to his Product Manager role, helping to deliver first-in-class security services to TPx clients with unsurpassed customer support.
The business landscape is becoming more competitive and having the right operational strategy in place can help organizations differentiate themselves, improve margins and free up resources to invest in core priorities. Small- and medium-sized businesses (SMBs) in particular are realizing that they can adopt a managed services approach to many mission-critical operational functions, including technology training, cybersecurity/compliance strategies, workflow and process improvements, policy development and implementation, and onboarding new technologies. MSPs investing in professional services practices will be uniquely positioned to provide SMB clients with affordable, high-quality alternatives to trying to carry out these functions with thin or non-existent in-house expertise. For smaller companies that may not have dedicated staff, these unique, value-added services can complement managed IT, security, SD-WAN and other MSP wares.
The Internet of Things
The rise of connected devices has been spinning up for years now – but IoT devices are finally crossing the chasm into the mainstream, with 10 billion of them expected to be deployed by the end of next year, according to Iota. A full 22 billion are expected to be in the field by 2025. Much of the business investment will come from “smart manufacturing” deployments, logistics/fulfillment and transportation – but everything from connected video displays to product sensors to smart lightbulbs and thermostats will find their way into a range of offices going forward.
All of this promises to revolutionize how businesses collect, manage and use data to inform strategic operational decisions. However, as with any emerging technology, there’s a substantial gap between the possibilities and practicality. Among other things, implementing an IoT ecosystem requires a solid cybersecurity strategy, an end-to-end device management stack, and options for managing bandwidth and connectivity – a tall order for many resource-constrained SMBs. Fortunately, the right MSP can help businesses bridge the gap by designing and deploying IoT solutions that add long-term value to their operations.
Digital transformation is continuing for organizations of all sizes as they look to harness the power of virtualization, DevOps and on-demand everything to accelerate their businesses and gain competitive advantage. To support these efforts, the rise of multi-cloud architecture will be the most significant trend in cloud for 2020.
Multi-cloud refers to the strategic decision to use multiple private and public cloud providers to meet different technical or business requirements. More specifically, applications and microservices can be built using component services from different cloud providers, depending on their specific requirements. There are multiple benefits of this approach, ranging from avoiding vendor lock-in and building redundancy, to segregating for security and exploiting best-of-breed solutions.
However, building these new platforms takes expertise in planning, migrating, optimizing and securing infrastructure across multiple cloud vendors – and multi-cloud being a new area, many businesses are at loss for where to turn to acquire it.
Automation can dramatically reduce workloads in IT and server environments. As standard processes become increasingly automated, look for complex and proprietary automations to become new sources of competitive advantage for MSPs. From onboarding to helpdesks to billing – and everything in between – opportunities for automation scripts to drive new efficiencies abound.
MSPs are perfect partners to help companies through all of the stages of this digital transformation journey. Managed planning services include evaluating infrastructure needs, assessing vulnerabilities and planning for disaster recovery and business continuity; migration involves selecting applications and services to implement in the cloud; optimization requires evaluating tradeoffs between performance, agility and efficiency, on the right combination of platforms; and, security requires protecting apps and data from breaches, denial-of-service (DoS) attacks and the remediation of malware threats.
2020 promises to provide plenty of opportunities for managed services to play a crucial role in companies’ growth trajectories through professional services, IoT and multicloud rollouts. If you are looking for a good company to join forces with, contact us today.
About the Author
Lori Hannan is the Product Manager for the MSx Managed SD-WAN Service for TPx Communications, a leading provider of UCaaS, Managed IT services and Managed Connectivity services, with approximately 30,000 customers and 53,000 customer locations across the U.S. Hannan has more than five years’ experience in SD-WAN technology and networks. She recently launched a second managed SD-WAN solution for TPx, which has been a great success. Previous to her network career, she worked with a variety of voice solutions and also launched a Voice over Internet Protocol (VoIP) cloud-based managed solution.
When it comes to the company network, cybercriminals are always looking for ways to infiltrate and uncover lucrative data that the can either sell on the Dark Web or use as reconnaissance fodder to plan follow-on attacks. And you don’t have to be a large business for threat actors to set their sights on you — small and medium-sized (SMBs) are just as targeted, if not more so, than their bigger rivals.
What’s also true is that company endpoints – the places where individual employees interface with both the internet and the internal company network – are among the weakest links when it comes to corporate security. So, while there are a lot of reasons to turn to a managed service provider (MSP) for your mission-critical IT and communications needs, endpoint protection should be at or near the top of the list.
Here are the basics that SMBs should know about managed endpoints and security. We’ve also put together a quick, two-minute video overview of what they are and why they need management:
1.What are endpoints, exactly? [0:11]
An endpoint is any device that is connected to your network that employees use to carry out their job functions. These include the web-facing servers that run the applications that power your business, as well as the desktop and mobile computers/devices that your employees use to do their jobs every day.
2.Why do endpoints matter? [0:32]
Think of unprotected endpoints as wide-open doors and windows to your business. If they’re not secured and managed properly, bad actors can easily get in, installing malware, monitoring employee communications or snooping around the files on a computer. They can also pivot, get onto the network, and reach other corporate resources beyond the endpoint itself. The result? Security breaches, frequent system crashes and performance issues, lost productivity, frustrated employees and possibly even competitive harm or legal trouble.
3.It sounds like I really need endpoint protection. Can I handle it myself? [0:54]
While many companies would love to handle things in-house, this is really only feasible if you have the right tools for the job and dedicated IT security staff who have the know-how to cover all the bases. Those bases include making sure every single application and operating system is patched and updated; running daily malware and antivirus scans; purchasing and maintaining the latest endpoint security software for intrusion detection and performance monitoring; ensuring employees are using only sanctioned cloud services; requiring strong passwords; and implementing employee education around things like phishing threats. Unfortunately, it’s often far too complex and expensive for small business owners to put all of these things into place on an in-house basis, especially the technology pieces.
4.Is there anyone who can help me? [1:32]
Yes! Fortunately, managed service providers (MSPs) can act as an extension of your staff, guaranteeing that all of the technical details – like patching and malware scans – are done and that all the tools in use are continuously up-to-date.
TPx, for example, has invested in the best endpoint management technologies, so you don’t have to. We manage troubleshooting and repair, and more, all at one cost-effective price. That way, you can focus on growing your business, with peace of mind that the doors and windows are locked.
If you’re looking for a reliable managed service that will keep your endpoints safe, consider TPx. Visit www.tpx.com/endpoints and contact your TPx representative to learn more.
About the Author
Joe Royer is the Product Manager for IT/Cloud services at TPx. He has 25 years of industry experience in sales, consulting, and product management for several leading MSPs.
Did you know that ransomware attacks worldwide rose 350 percent in 2017? Ransomware continues to be a scourge for businesses and individuals alike, as cybercriminals cast a wide extortion net in hopes of snagging a lucrative payday.
Made (in)famous around the world by the global Wannacry strike in 2017, the premise is simple: Crooks infect machines with malware that locks up all the files on a computer or business network, and then they demand a ransom (usually in the form of Bitcoin) in exchange for releasing the hostage documents.
The good news is that defenses are improving, giving businesses a host of great options for combatting the threat – which means that keeping current with the latest security tools is critical. Ransomware authors are hardly slinking away in the night: Instead, they’re evolving their tactics, using clever, targeted social-engineering techniques to get malware onto targeted machines and changing up their encryption schemes to make it more difficult for companies to unlock impacted files.
If you’re a victim, the conventional wisdom (which we agree with) is to not pay up – there’s no guarantee that the files will be released after the payment is made, plus it only encourages and funds the threat actors. But ransomware cleanup isn’t easy nor cheap – even after decryption (more and more tools are available to clean the compromised files). Securing the integrity of the network post-attack is a lengthy process.
The best thing to do is avoid becoming a victim in the first place. Managed security from TPx automatically keeps your defenses up-to-date with the latest state-of-the-art technology to combat the latest threats. That provides real peace of mind, but here are some best practices that every business should always adopt to protect themselves.
1. Educate and Inform Users About Ransomware
Training staff to recognize fake emails and to be wary of unsolicited mails is critical in the fight against ransomware. Malware generally arrives in the form of an email attachment or a malicious link. These scam messages will come in many guises.
Sometimes, the email will purport to be sending an important invoice or information on a shipped package. In other cases, the mail will claim to be sending HR information or other business-critical data. As attacks become more targeted, attackers are even doing reconnaissance on the business before sending the emails, tailoring the message to make it seem legitimate. In all cases, the point is to encourage users to open the attachment or click on a link, after which the ransomware is downloaded and then starts spreading through the organization.
If you think you can easily spot fraudulent emails, think again. The success rate in targeting the average human worker can be almost 20% in some cases, depending on the lure. Also, often the sender’s address will appear to be an internal address; or, the sender may even be someone in a user’s address book. The best course of action is to pick up the phone and verify that an unsolicited message is legitimate before clicking on anything.
2. Use a Good Backup Solution
Back up your systems and data both locally and offsite. Today’s leading hybrid local/cloud backup solutions, such as TPx’s MSx Managed Backups service, can significantly improve the performance and reliability of backing up and restoring important data. They offer the ability to back up systems multiple times per day to minimize the impact of a disaster. Advanced security technology available in some systems can also help you identify and recover from ransomware attacks without having to pay a ransom.
3. Keep Systems Patched and Updated
A critical method for preventing ransomware attacks is to make sure to keep operating system and software updates current. Installing a system or security update doesn’t have to be a hassle or an annoyance and take you offline for a few minutes if you leverage an automated patching software. And, it’s far better than the alternative: being open to a host of security threats, including ransomware.
That’s because attackers often deliver ransomware by exploiting unpatched security holes on a victim’s machine. When a visitor lands on a compromised website or opens a certain kind of file, the malicious code launches in the background to find these holes and infiltrate the system.
It’s also critical to note that Windows XP devices are no longer supported by Microsoft with security updates, so migrating off this platform to a more current form of Windows should be a priority.
4. Use a Good Antivirus/Anti-Malware Solution
Business-grade antivirus programs have the ability to scan files to see if they might contain ransomware or other threats. It’s critical to make use of them before downloading files or programs.
5. Consider Managed Security and Backup
While implementing user awareness training is up to you, you can implement other best practices with managed services.
The TPx managed security suite is designed to keep up with the latest protections. Gateway AV thwarts downloads of viruses, worms or other malicious content by checking all content for malicious code embedded within the payload and by blocking access to infected sites. The gateway security service also includes web content filtering and application control as well as intrusion detection/prevention (IDS/IPS), which uses SSL deep packet inspection to analyze even encrypted traffic which attackers now use in an attempt to circumvent firewalls. Two 24/7/365 Security Operations Centers staffed by A-list experts are always working to anticipate, prevent and respond to any attack.
TPx’s managed backup service, meanwhile, allows companies to back up complete systems locally and to the cloud on a continuous basis. That means you can resolve a ransomware attack by simply rolling back the affected systems to an earlier timestamp, to make it as if it never happened. This point in time rollback makes file restoration a breeze, and we’ll even work with you to get your backups restored.
We also offer help with system updates and patching with a managed endpoint service. Our automated patching service ensures that key servers and workstations stay up-to-date with recommended security patches available for the Windows OS and supported third-party applications.
These tips are a good place to start, but of course it’s not an exhaustive list of precautions your business should take. Reach out to your TPx representative today to see how we can deliver peace of mind when it comes to ransomware and other threats.
About the Author
Jared Martin has been in the Information Technology world for more than 20 years. He co-founded a managed services voice and Internet service provider in 2001 and grew the business to significant revenue. In 2008, that company was sold to Tel West Communications, which in turn was acquired by TPx in 2012. Jared has been a technology leader in driving change and adoption of new technologies, such as Software-Defined Wide Area Networking. He is always looking for new ways to use technologies that are outside of the box and to influence TPx to innovate and to be on the cutting edge. In 2016, Jared took charge of TPx’s new MSx line of business, formed as a result of the merger of TelePacific and DSCI. This brought Jared back to his roots of providing managed services and a consultative sales approach to customers.