Why Your Business Needs A Professional Information Technology Team

You may run your small to midsized business with ad-hoc resources that support your IT infrastructure. What do I mean by IT infrastructure? You know your desktop computers, servers, internet connectivity, cloud infrastructure, all the technology ‘stuff’ that enables you to track inventory, bill for services, manufacture inventory, produce reports; all the things your business needs to operate. You may utilize an in-house resource for some IT things since they have perceived knowledge but it’s not their primary role. You also call on outside resources such as a local computer store, your Internet Service Provider, email hosting company, or others depending on the perceived issue.

You might think that you’re saving money by not having dedicated resources that can monitor, manage and secure your infrastructure but you are not. You might think that much of what an IT person or company would do is not necessary for your small or mid-sized company but again you are mistaken. Having provided services for over the last 22 years we have seen many companies make assumptions that they can get by until they find that their business is in jeopardy having suffered a data breach, data losses, system outages or other problems that now threaten the company and perhaps its viability.

What do outages and slowdowns cost your business over the course of a year? If you or your employees cannot work for an hour or two, or you can’t track orders or inventory, or if you can’t appropriately communicate with your customers for the day, or run a production line for an extended period what is the cost? What if your server gets compromised and begins emailing all your clients malware? In all these cases there is not only a quantifiable cost in dollars but perhaps also in loss of reputation. I don’t know about you but if I can’t count on the companies that I interface with I go elsewhere for the products or services I need.

At Network Management Solutions we have seen in many instances where companies cannot operate for days or beyond. Improper software or hardware setup can not only cause performance issues such as slow response but also lead to data breaches. Malicious phishing attacks are emailed on an ongoing basis, without proper setup an employee’s mistake of clinking on a link may lead to malware, compromised passwords and systems. Perhaps the real value of the IT infrastructure and the business reliance on it were not scrutinized until the small problems became momentous.  

So what  can a service provider do for you and your company? While no one can guarantee that IT problems will never occur, a professional services organization like Network Management Solutions can ensure that problems are reduced to a minimum and the effects of any outages are quickly recognized and mitigated.

A proper Managed Service Provider (MSP) will make certain that your infrastructure is appropriately designed to meet the business information needs, focusing on reliability, information security, and performance. This may include ensuring desktop computers are maintained, servers are updated, security patches are applied, outages are addressed in real time, and the overall health of the infrastructure is monitored to prevent and mitigate potential outages. Additionally, an MSP will identify design flaws and recommend measures that will improve service levels, security, and data retention. You can’t get these services from a full time employee acting as a part time IT resource, or a part time IT firm of 2 people that may be assisting other customers and cannot address your business needs for days.

If you are interested in protecting your business, its information assets, and the systems that help it operate while maintaining a fiscally sound approach we would like to speak with you. Network Management Solutions can be reached at 908-232-0100.  Please contact us for a free, confidential discussion to learn more about how we can assist your organization.

Are Shadow Cloud Services In Use Within Your Business?

Shadow Cloud Services are unsanctioned networks and services that are subscribed to by individuals and business groups without the involvement or knowledge of Information Technology, Security, Compliance Groups, or others.  These services can pose serious risks to the business including data leakage, data integrity, business continuity, and regulatory compliance issues. This is a formidable exposure for both the small business owner and the larger enterprise.

The ability for an individual or group to procure services for collaboration or individual use at a low cost price point makes it an attractive way for some to bypass IT and do things “on their own”.  Services that fall under this can include collaboration software, remote storage, customer relationship and human resources applications.

There may be considerable financial implications in larger enterprises due to duplication of services.  However, there are business risks that can far outweigh operating costs, including loss of intellectual property and trade secrets, regulated data exposures and the breach of rules pertaining to data handling, along with business continuity problems.  For the small business owner a rogue employee(s) utilizing personal cloud storage could lead to serious issues.

In a survey, conducted by Frost and Sullivan, of 300 IT employees and 300 business unit managers 80% of respondents reported using SaaS (Software as a Service) applications that were not approved by IT.  This is the equivalent of business units running non-sanctioned manufacturing facilities, offices, or lines of business.

Skyhigh Networks recently conducted a study of 200,000 public sector employees with various organizations in the U.S. and Canada.  The study found that the use of shadow cloud services was on average 10 times greater than the applications that IT was running within these government organizations.  A copy of the report can be downloaded here.  This is a serious issue that must be addressed if the government is to protect our personal information and control costs.

The ability to identify unsanctioned or rogue usage can be a complex issue to solve for most organizations large and small.  The outcome however can be well worth the effort and potentially avert serious issues.

About Network Management Solutions

Network Management Solutions (NMS) has been helping companies address their business and technology issues since 1996.  We are currently serving a variety of customers within New Jersey, New York, and the surrounding metro areas of New York and Philadelphia. For more information please contact us.

Preparing for Rouge Employees

Just as it is important to prepare for hackers, it is critical to prepare for internal theft or inappropriate use of resources stemming from employees and contractors. We routinely hear from our clients that there is suspicion surrounding an ongoing or recently departed employee or contractor. Without proper planning the ability to confirm or deny suspicions can be full of navigational landmines, both legal and technical that carry a stinging price tag.

Having the appropriate protocols and tools in place can help avoid panic and enable the organization to quickly obtain the facts. A clearly communicated plan will also reduce employee and contactor sensitivity surrounding monitoring that might otherwise kill a company’s culture.

So what should be done and what are some of the pitfalls to prepare for this unfortunate yet inevitable situation?

You need to be certain of both company and employee legal rights. Assuming that the monitoring of company equipment without notifying those who use it can be a mistake. Depending on the state your business operates in, your approach will vary. Many states require the employer to notify employees of its monitoring practices. This might include email activity, websites accessed, calls made, internal and external sites visited, files accessed, text messages and other communications. The best approach is to make certain that employee handbooks and policies reflect your right as an employer to monitor and that your employees acknowledge this.  For specific information pertinent to your business we suggest that your in-house or other legal council assist in developing your approach.

From a cultural perspective it makes sense if you choose to adopt tools to monitor employees and contractors, that you spell out what can be monitored along with the internal procedures and approvals necessary to monitor employees.  This will ensure that employee rights are not violated and overzealous management doesn’t create a draconian environment. Clearly defining your policies and why the approach is necessary helps reduce potential negative consequences reflected in employee moral and productivity.  Both human resource experts, legal counsel, management and employee representation should be integral in defining your approach and the spirit in which messaging is provided to employees.

On the technical side here are some tips specific to areas that should warrant your attention.

  1. Define Objectives – including what information and activity should be monitored and why. Do this while paying close attention to the impact on company culture and other potentially negative impacts.
  2. Define Systems – including where is critical information housed and how is it shared within and outside of the organization.
  3. Define Access – including how are systems accessed and who has access to them.  Pay attention to both in house connectivity and remote access.
  4. Define Portability – including what information can be transmitted and through what means.  Consider all media that can be utilized including flash drives, email, print, mobile devices, and other platforms.
  5. Define Methods – including what type of monitoring should be implemented, who will have access, and how will use be audited.  Clearly layout the steps taken when anomalous activity is detected.
  6. Define Tool Set – identify the necessary tools to meet the defined objectives.
  7. Implement Plan – review performance of the tool set in accordance with objectives and adjust as necessary.

Being prepared can save the organization from data loss, lawsuits, organizational and reputational harm among other negative consequences while protecting the rights of employees and contractors.

Network Management Solutions has been assisting organizations since 1996 to build, monitor and manage IT systems with a pragmatic business centric approach.  Please contact us for further information.