Managed Service Providers – Strategic Investment or Cost Reduction?

March 10, 2020 by Leave a Comment

Many businesses will tell you that they initially decided to engage a Managed Service Provider (MSP) to reduce their information technology costs or avert adding additional employee resources. Fast forward to 6 months later and those same businesses may speak of the strategic value they have gained from the financially motivated move. While it is true that the right MSP can help control costs and expand resources, the right MSP can also bring considerable strategic value that was perhaps not part of the initial business decision.

Persistent ongoing security threats and continuous operational tasks place a significant burden on internal IT resources responsible for managing the company’s systems and networks. While properly trained full time resources often provide excellent support, in many small to mid-sized companies these resources are stretched beyond limits leading to missed tasks that can negatively affect service and security levels. Over time a once efficient and secure infrastructure can become exposed to slowdowns, outages, data losses or worse yet, compromise. MSP resources can be a welcome addition to help assess, patch, configure and restore the infrastructure to its former state. 

Managed Service Providers can add to an organization’s technical depth and know how specific to tools, approaches, and methods to maintain and improve service levels and security. MSPs interface with its customers through Standard Operating Procedures tailored to client requirements. These procedures help define service delivery, improve efficiency, and communications between the organizations. Additionally, custom tool sets used by MSPs can be leveraged to identify potential weaknesses before problems impact business operations or security. 

Simple vulnerability assessments can identify unpatched systems that are vulnerable to exploitation. As has been the case for many years, attacks continue to propogate through improperly patched systems. Unfortunately, many unchecked systems and networks have vulnerabilities that persist, raising the probability of an inevitable compromise. Simple ongoing systems maintenance has a significant impact on improving an organizations overall security profile and operating availability. However, many companies do not maintain proper patch management across their networks, systems and applications. Whether your business operates its own infrastructure or uses cloud services, ongoing systems management and maintenance is still a requirement.

A MSP brings value not only in the services which it provides but also in the knowledge of what is available and should be done in order to protect an organization. Ask any of the municipalities, government offices, or others that have spent millions recovering from recent attacks which were propagated through unpatched systems, certainly they would do things differently to avoid the events if they could go back in time. To believe there is little chance for your organization to fall prey is a mistake.

So what are some improvements a Managed Service Provider can provide its customers?

  • Improved service levels
  • Expanded knowledge and resources
  • Monitoring and assessment tools
  • Improved security posture
  • Improved processes and efficiency
  • Increased awareness 
  • Proactive planning
  • Personel redundancy
  • Reduced operating costs

While not an all encompassing list the above can provide significant improvement to any organization and its business infrastructure.

Network Management Solutions has been providing custom information technologysolutions since 1996 for large, mid-sized and small businesses.  We provide a variety of design, assessment and managed services customized to meet your business needs. Please call us at 908-232-0100 for a complimentary, confidential discussion of how Network Management Solutions can help your organization better manage its technology challenges.

Filed Under: News Tagged With: , , , ,

Ransomeware – Should You Be Concerned?

September 3, 2019 by Leave a Comment

There has been a lot of news lately regarding ransomware. What is ransomeware and should you be concerned? Ransomware as defined by CERT is a “type of malicious software, or malware, designed to deny access to a computer system or data until a ransom is paid”. Theft of proprietary information, credit card data, or personal information is not a motivating factor, taking control of vulnerable systems and denying access to the information is. It’s essentially a kidnapping of your IT environment. Ransomware can spread through direct targeting of a system, phishing emails or by unknowingly visiting an infected website.

Ransomware attacks started out primarily with individuals and it origins date back to the late 1980’s. Perhaps you know someone who paid a “fee” of $25 or $50 to have their computer “cleaned” of malware detected by some random third party organization. While it seemed to be somewhat suspicious that an unknown organization would detect your computer problem, for many it was just easier to pay the “fee” and move on. 

Ransomeware exploits today are aggressive, intrusive and demanding with Bitcoin or other cryptocurrencies being the payment of choice. While crypto platforms are not technically anonymous, they do provide opportunity to act anonymously. Crypto platforms make currency exchanges between wallets. The person(s) associated with the wallet are not identifiable in the transaction. In some places crypto exchanges are required to collect personal information but this is not the case in many places.

Ransomware attacks target individuals, corporations, governments, schools and even police departments. The ballooning monetary demands of ransomware extortionists are claimed by some as being fueled by cyber-insurance companies who prefer to pay claims to help drive new business. For an insured, having a ransom paid by an insurer is the quickest way to end a crisis and get back in business.

Lake City, Florida  at the end of June this year paid 42bitcoin worth about $460,000. The loss was covered by cyber-insurance with Lake City paying a $10,000 deductible. According to ProPublica, Baltimore, Maryland did not have cyber insurance and chose not to pay a $76,000 ransom payment and has spent $5.3M to date recovering locked files. Atlanta similarly balked at a $53,000 payment and has spent $8.5M to date on recovery. Another unnamed company chose to pay a $10,000 ransom payment when they realized that recovering their data from backup tapes would take weeks. Most recently, 22 municipalities in Texas were attacked simultaneously with extortionists demanding millions of dollars in ransom payments. 

Blaming insurance companies for helping escalate extortionist’s demands by paying claims is ignoring the elephant in the room. As business owners, managers and technologists, what is important is to focus on is how these exploits occur so we can prevent infection and its potentially devastating impacts. While having insurance as a financial tool is great, preventing the event is paramount to keeping the business operating.

Cyber exploitation occurs due to mismanaged or improperly patched systems, lacking processes and procedures, compounded by insufficient employee training. Unpatched computer systems are vulnerable to exploitation either through direct attack or by individuals browsing infected sites or clicking on malicious links. Once compromised, an inability to detect the breach allows the attack to propagate over time resulting in an ultimate loss of control over the organization’s systems and information. Without a proven disaster recovery plan, an organization stands little chance of regaining control in a timely manner.  

Some questions to ask yourself and your organization supporting your IT systems are:

Do we have a properly designed infrastructure?

Do we have a process to apply security updates ongoing?

Do we regularly backup our critical data?

Do we have a disaster recovery plan that is updated and tested on a regular basis?

Do we regularly validate our security posture, including audits and testing?

Are all of our methods documented and reviewed on an ongoing basis?

If we were to suffer an attack do we have a planned response, as well as the financial resources to recover?

Network Management Solutions has been helping organizations since 1996 design, implement, monitor and manage critical IT assets. Please call us for a free, confidential discussion regarding your IT challenges and goals. We can be reached at 908-232-0100 or on the web at www.nmscorp.com.

Filed Under: News Tagged With: , , ,

Why Your Business Needs A Professional Information Technology Team

September 7, 2018 by Leave a Comment

You may run your small to midsized business with ad-hoc resources that support your IT infrastructure. What do I mean by IT infrastructure? You know your desktop computers, servers, internet connectivity, cloud infrastructure, all the technology ‘stuff’ that enables you to track inventory, bill for services, manufacture inventory, produce reports; all the things your business needs to operate. You may utilize an in-house resource for some IT things since they have perceived knowledge but it’s not their primary role. You also call on outside resources such as a local computer store, your Internet Service Provider, email hosting company, or others depending on the perceived issue.

You might think that you’re saving money by not having dedicated resources that can monitor, manage and secure your infrastructure but you are not. You might think that much of what an IT person or company would do is not necessary for your small or mid-sized company but again you are mistaken. Having provided services for over the last 22 years we have seen many companies make assumptions that they can get by until they find that their business is in jeopardy having suffered a data breach, data losses, system outages or other problems that now threaten the company and perhaps its viability.

What do outages and slowdowns cost your business over the course of a year? If you or your employees cannot work for an hour or two, or you can’t track orders or inventory, or if you can’t appropriately communicate with your customers for the day, or run a production line for an extended period what is the cost? What if your server gets compromised and begins emailing all your clients malware? In all these cases there is not only a quantifiable cost in dollars but perhaps also in loss of reputation. I don’t know about you but if I can’t count on the companies that I interface with I go elsewhere for the products or services I need.

At Network Management Solutions we have seen in many instances where companies cannot operate for days or beyond. Improper software or hardware setup can not only cause performance issues such as slow response but also lead to data breaches. Malicious phishing attacks are emailed on an ongoing basis, without proper setup an employee’s mistake of clinking on a link may lead to malware, compromised passwords and systems. Perhaps the real value of the IT infrastructure and the business reliance on it were not scrutinized until the small problems became momentous.  

So what  can a service provider do for you and your company? While no one can guarantee that IT problems will never occur, a professional services organization like Network Management Solutions can ensure that problems are reduced to a minimum and the effects of any outages are quickly recognized and mitigated.

A proper Managed Service Provider (MSP) will make certain that your infrastructure is appropriately designed to meet the business information needs, focusing on reliability, information security, and performance. This may include ensuring desktop computers are maintained, servers are updated, security patches are applied, outages are addressed in real time, and the overall health of the infrastructure is monitored to prevent and mitigate potential outages. Additionally, an MSP will identify design flaws and recommend measures that will improve service levels, security, and data retention. You can’t get these services from a full time employee acting as a part time IT resource, or a part time IT firm of 2 people that may be assisting other customers and cannot address your business needs for days.

If you are interested in protecting your business, its information assets, and the systems that help it operate while maintaining a fiscally sound approach we would like to speak with you. Network Management Solutions can be reached at 908-232-0100.  Please contact us for a free, confidential discussion to learn more about how we can assist your organization.

Filed Under: News, Uncategorized Tagged With: , , , , , ,

Financial Fitness For Your Business

January 23, 2013 by Leave a Comment

You are always on the lookout to fine-tune your business finances. Have you thought about how Information Technology (IT) fits in that picture?  It’s likely you’ve made some significant investments in computers, servers, and networks, but perhaps at the time you didn’t consider it an investment so much as a necessary expense.   The fact is IT can and should make your business much better at what it does.  Not only by providing a utility function, but also serving as a business enabler.  Let’s focus, for instance, on what proper maintenance might do to provide a financial gain right now.

For starter, is scheduled maintenance really necessary for your IT?  Absolutely! Consider your IT as analogous to your car. Most people don’t need the frustrating experience of a roadside breakdown to understand that high-tech equipment functions much better and more reliably with regular checking and attention.  Just like your car, IT that is maintained will serve your needs better, last longer, and hold its value over time.

Not sure?  Consider what a server failure or network outage cost your business in terms of lost opportunity, employee expense or otherwise. For some business owners there is an immediate and quantifiable number obtained.

Less tangibly, but very important to assess, is what does an IT slow-down cost?  That’s a bit tougher to answer, but if your systems are non-productive, so are your employees and that is reflected in the business, including customer satisfaction.

An important final consideration in evaluating the protective benefits of scheduled IT maintenance should be the financial and even legal impacts of losing customer or project data due to a theft or crash.  Properly maintained systems enable the business to do what it does best, deliver on the promise of your brand.

So, in summary, here are the business benefits that scheduled IT maintenance provides:

  • maximum up-time of your systems
  • reduction of unnecessary slow-downs
  • insurance that sensitive information is best protected from data theft
  • certainty that your business can recover systems and information in the event of a failure

Making sound technology investments and maintaining the IT infrastructure is clearly one of the smartest things you can do for the financial success of your business.

 

Filed Under: News, Operations Management Tagged With: , , , , , ,

Superstorm Sandy Tested Business Continuity Plans

December 3, 2012 by Leave a Comment

Superstorm Sandy ripped through the Northeast at the end of October creating significant damage throughout New York and New Jersey.  Many residents and businesses were without power for days and in many instances weeks. The storm damaged coastal homes and properties and in certain cases devastated entire towns.

How did your business fare during and after the storm? If you were not seriously impacted was it due to being prepared or were you lucky? Were you prepared in that you had a Business Continuity Plan (BCP) in place to call on, or were you lucky that you were able to scramble for alternatives, or were there no significant service disruptions experienced? Did your prior planning ensure that redundancy was available and alternate measures in place to sustain business operations and that those who could not get to work had designees in place to take over in the interim?

Now is the time to take stock of your preparedness and assess what went well and how you might have done better. Many times an outage will expose weaknesses in a company’s BCP and Disaster Recovery Planning.  We heard from numerous businesses that felt the effects of Sandy and realized they were not prepared.  Equipment damage, data losses and long standing service outages and an inability to rapidly provide alternate resources hurt those businesses.

Companies that prepared plans and tested their viability ongoing did remarkably well.  Critical services were available and key business activities continued. The effort to develop, execute and manage the plan was well worth it to those who prepared.

Network Management Solutions provides Business Continuity and Disaster Recovery Planning.  For more information please contact us.

 

Filed Under: News Tagged With: , , , ,

Using MSP Tools to Supplement Security Management

October 15, 2012 by Leave a Comment

Many SMB environments have limited budgets and tools to assist in the management of IT assets. Those SMBs that use the services of a Managed Service Provider may be able to gain additional benefit from their providers beyond the initial intent.

While perhaps the primary intent is for the MSP to manage availability and performance of the IT environment and provide response services to outages, the MSP may also be a first line of defense in identifying a potential attack or compromise of a client environment.

Traditional MSP tools monitor availability and performance of the environment to ensure that the client environment operates at optimal levels.  This is done through monitoring the availability of hosts, host based services, applications, and networking facilities and devices, along with the consumption of the aforementioned device resources, i.e. bandwidth, host memory, cpu etc.

Alerts pertaining to overconsumption or the unavailability of the managed devices while traditionally due to growing needs, and or failed components may also be the result of a security event or breach.  High bandwidth consumption at odd hours outbound may indicate a breach and ongoing data exfiltration, or high utilization of web facing hosts or networks indicate a DOS attack or test of some sort, while the unexpected reboot of a host many be due to exploit code that has successfully planted itself.

While there are many robust security tools that can be employed to prevent atacks and identify anomalous behavior, the tools may be out of the reach from a cost perspective for many SMB environments.   Supplementing security efforts with MSP alerting mechanisms may help provide some improvements in security and the ability to identify the start of an unwanted event.

 

Filed Under: News Tagged With: , , , ,

Understanding the Cost of IT Outages

August 15, 2012 by Leave a Comment

You insure your business, home, auto, life, health, maybe even purchase some sort of insurance for information technology.  Utilizing insurance as a tool to mitigate financial risk is common practice. Much of the insurance we purchase we don’t think twice about as we may be mandated to comply or it just makes good logical sense when considering the potential downside.

The same logic however many times does not seem to apply when considering what the cost of an IT outage means to a particular business and what the organization can do to better prepare to mitigate the risk.  Many small to mid-sized businesses knowingly have significant IT risks due to weak implementations and poor operational management and choose to act only when crisis erupts, deferring the obvious believing this is some how sensible.  Many times a major IT disruption severely impacts the business and its ability to operate for an extended period leading to both financial and long-lasting reputational harm.

Perhaps many businesses are not thinking about the daily cost of slow downs, minor outages, and other nuisances which make the staff and business inefficient.  There is a quantifiable cost and in most cases it far exceeds the cost to maintain the right equipment and operational support. Beyond that, proper maintenance ensures that the likelihood of major disruptions are significantly reduced.

Most small to mid sized businesses are experts in areas other then information technology.  Even organizations that properly fund IT initiatives may find it difficult to hire, retain and manage the area. Managed Services Providers can be a beneficial resource to expand technical expertise, oversee key areas, reduce the cost of operations while improving service levels.

For further information about how Network Management Solutions can assist your organization in improving services while effectively managing technology spend please contact us.

 

 

Filed Under: News Tagged With: , , , ,

Keeping IT At Pace With Business Demands

July 11, 2012 by Leave a Comment

I frequently speak with business owners that have done a remarkable job of building incredible businesses.  Their vision and ability to create a thriving enterprise never ceases to amaze me. Whether it is a NY metropolitan records storage company, a global manufacturer of goods, a local NJ services organization, or otherwise, the creativity, market knowledge, and the capacity to innovate and grow market share is impressive.

Unfortunately these same bright and unique individuals many times find their businesses stymied by information technology demands. We see a recurring theme that is a lack of information technology expertise and accountability to guide the business, meet operational demands, maintain the infrastructure and make sound information technology investments.  Many times the business owner or several employees on a part-time basis get to dabble in IT.  Ultimately this becomes a recipe for disaster.

Many small to mid sized business rely on 3rd party resellers to advise them on products, and or services, which have little to do with ensuring the solutions meet the business needs ongoing.  Or they have a break-fix person that is called in to respond to whatever the latest crisis is, patch things up and move on.

Network Management Solutions frequently becomes involved when an organization realizes that the manner in which they have been managing IT is no longer working.  This can be due to an extended outage that can’t be cured by the current provider, or in house “staff”, or repetitive outages or slow-downs that can’t be explained or resolved, or worse yet a theft or loss of information.

Network Management Solutions guides organizations to make sound technology investments, delivering 24×7 remote managed services, while maintaining accountability for the performance, reliability, and well being of the technology infrastructure at a price point below a traditional self-service model.

The Managed Service Provider model works well, if you have the right partner.  For additional information please contact us.

Filed Under: News Tagged With: , , ,

Ten IT Tips to Protect Your Business

February 21, 2012 by Leave a Comment

Strong IT practices are essential to the success of any business.  Lacking IT oversight can directly contribute to computer outages, lost data, data thefts, reduced employee productivity and ultimately business losses.  Many organizations struggle with the costs of IT or ignore proper practices until a catastrophic event occurs that threatens the viability of the business.

Break fix service providers, limited in-house resources, lacking tools or manpower to monitor activity do not provide the critical oversight necessary to protect the business.  Extended damages can occur when routine tasks are not managed properly.

Many small to mid sized business owners do not become aware of lacking IT practices until there is a crisis.  While other areas of the business may undergo risk review and mitigation, the information technology area is many times overlooked.  This critical mistake can cost the organization dearly. Lacking attention and oversight of IT  is unwise.  Here are a few tips to help management conduct some oversight of information technology.

1. Set a strategy and framework to guide all activity and ensure  an ongoing dialogue

2. Identify key company data and segment access on a need to know basis

3. Ensure that proper backups are run on a daily basis and that the data is securely stored

4. Ensure that OS updates are reviewed and applied on a regular basis.  Update Antivirus daily.

5. Implement software based firewalls that control application behavior on desktops and servers

6. Implement outbound filtering on network layer firewalls

7. Implement a web based email filtering service and  content filtering service for web browsing

8. Control the use of personal devices for remote access and remote desktop programs like LogMeIn

9. Baseline and monitor the availability, performance and security of your environment ongoing

10. Conduct regular third party reviews of IT practices, business processes, and compensating controls

Most important is to have the proper professionals engaged to manage the infrastructure, protect information assets, provide oversight, and reduce risk within your business. Network Management Solutions provides robust solutions, expertise and resources to complement and support your business objectives.  Please contact us for further information.

 

Filed Under: News Tagged With: , , , , ,

Management of Hosted Networks and Applications

January 20, 2012 by Leave a Comment

You have moved all your critical processing and applications to a hosted facility.  You have designed in all the fault tolerance and backup capabilities that would address any reasonable failure scenario.  Security is tight, the network is fast, latency is at an all time low and the cost of delivery is down. Mission accomplished, time to celebrate, right? Not exactly.

While you have been able to squeeze the design to get maximum performance and keep costs in line with projections you may have missed out on how to maintain that balance ongoing. The cost per square foot of data center space and or computer cycles and storage is at a premium. Your environment is a dynamic one and growth is inevitable.

In being a good steward, it is of critical importance that you can identify how resources are being consumed to keep pace with a growing demand. Unlike when you hosted your own equipment the cost to add a server or expand an application is more readily apparent as it will most likely appear on next months bill. Without performance management and monitoring  you may be lost for answers when management asks for justification.

Availability and performance management ensure that your finger is on the pulse of your infrastructure. Anomalies in usage may point to more than increased traffic to your sight or usage of core applications. There may be ongoing security issues you are unaware of, the latest generation of your new in-house application may be consuming inordinate resources and needs tuning, slow downs may indicate network segmentation is required.

Utilizing a third party Managed Services Provider can deliver significant benefit in managing your resources as well as reducing the cost in technical support staff.  Improved performance, expanded technical expertise, and cost benefits are obtainable with the right provider.  Network Management Solutions can assist in making your transition to hosted facilities an immediate and long-term success.  Please contact us to find out more about how we can help.

 

Filed Under: News Tagged With: , , , , , ,
Next Page »