17 August 2018

IT Myth #3: “Bringing in outsourced IT services stifles the in-house team”

We're Just A Call Away

This is a common factor when bringing in outsourced IT services to a company that already has a dedicated IT department. It is a defensive expression that springs up whenever change is mentioned. It must be clarified that when a worthwhile IT company is brought in to consult or supplement onsite management of an IT system, it is just that: supplementation and consultation.

Sometimes, in-house IT professionals see this as a threat or affront to their jobs or capabilities, and that simply isn’t true. Managed onsite services and proactive work can be the perfect supplement to an onsite IT team, allowing your company to run smoothly and your in house IT professional to sleep soundly at night knowing someone has his back.

14 August 2018

IT Myth # 2 "We don’t have enough time to do this correctly"

This Implies “we have plenty of time to do things wrong” There in an interesting relationship between the quality of a product and the speed by which it is developed. This phenomenon is true of any product being built.

The faster the delivery of a product means the greater the chance of inferior quality. The slower the delivery, the greater the chances are for superior quality. Neither extreme is acceptable; an even balance must be maintained to assure one does not have an adverse effect of the other.

Instead of developing a long range plan that incorporates an information strategy, management nurtures the problem by saying the need everything “yesterday.” Software vendors prey on companies like this by offering miracle products promising to accelerate development while producing quality results. Without the appropriate management environment, they deliver neither and compound problems further. These tools concentrate on efficiency, not effectiveness. Before you can streamline your operation, you must first know what you are doing. That is why our roadmap, fit assessment and site survey process is so incredibly important.

1 August 2018

IT Myth #1: "Our Problems are Unique”

Many managers will be the first to state that their problems are unique to their company. They point at the overwhelming pressure they operate under, uncooperative users, and some cultural constraints. In many cases, we at AYS have seen separate companies, geographically separated and in different industries, completely exclusive of one another, both describing the same problems, yet viewing themselves as unique.

 

In reality, most companies share the same problems:

– A substantial backlog of user requests

– Difficulty with communications between the I.T. staff and external end-users

– Project cost overruns and slipped schedules

– Employee dependencies to maintain and support systems

– Hardware/software dependencies; systems are tied too closely to a particular vendor, making upgrading difficult

– Redundant data and lack of adequate documentation

– Design inconsistencies

– Systems personnel clash with database personnel

– Current information systems do not meet users needs

 

Frequently, many companies end up in a “fire-fighting” mode of operation constantly patching problems. In this case, it is best to bring in third- party IT support in order to mitigate these issues. That is where we come in.

25 July 2018

The Incredibly Important Element of the Backup

Backup solutions come in all shapes and sizes: hosted backup, cloud, onsite cross-covering backups, etc. It is important to remember that if you are a business with multiple locations you should have a backup in every location of your enterprise. Furthermore, this backup shouldn't just be for that one location; it should store everything from all possible locations of your business. In that case, if something happens at one site, the other site(s) have you covered. 

Cloud backup is another solid option when it comes to keeping a plan B for your information, but with cloud storage one can begin to run into limitations on the amount of information that can be stored and the privacy of your data. If pursuing this route, proceed with caution. 

20 July 2018

The Art of the 24/7 Ticketing System

In this day and age, most, if not all, major IT companies have a 24/7 reporting and ticketing system. The purpose of this apparatus is to allow for the fastest possible response time to everyday issues that the client (you) would run into with their IT system. It is vital to ensure your IT services provider operates in tandem with a 24/7 system. 

However, beyond this piece of advice there is another thing to watch out for- beyond the existence of a 24/7 system itself- that the company you choose to provide your onsite services has a low response time to individual problems and tickets.

What is a low response time, you ask? The best possible time would be under an hour. Here at AYS, our average ticket response is less than 30 minutes, far below industry standard.

Beware from large companies that look like they would have a short response time: always ask during initial meets with prospective IT companies what their response time is and ASK FOR PROOF. 

It pays to be stringent with your expectations- this is your time and money invested!

16 July 2018

The Importance of Local Business

Local business has long been the staple to a strong economy, an abundance of trust, and quality of service. This applies in almost any industry, including the world of IT.

What makes us a more solid choice than our larger competitors, then?

Our company was founded with one goal in mind: to not lose a single customer due to dissatisfaction with our services. We have not failed in our mission yet. As a smaller local company, we stop at nothing to make sure our customer’s best interest is in mind at all times. When you contact us on the phone with an issue, it’s a conversation, not robotic answers and hours on hold. When you reach out to us with additional needs, we don’t try to sell you everything in the book for a profit on our end. We listen, and try to find the best fit solution for your problem.

We strive to build relationships with our clients, because we understand the inportance of building a rapport of trust and familiarity.

On the other side, take a look at our engineers and technicians and you will notice that they are masters of their craft. They are professional and knowledgeable in everything they do.

Next time you have an issue with your IT systems, do yourself a favor and go local- you won’t regret it.

21 June 2018

Eight Cyber Security Best Practices

It’s easy to think because you have a small to medium-size business, cybercriminals will pass over attacking your company. The “not much to steal” mindset is common with small business owners in regards to cyber security, but it is also completely incorrect.

In reality, the U.S. Congressional Small Business Committee found that 71 percent of cyber-attacks happened at businesses with less than 100 employees. Even more concerning, the 2016 State of SMB CyberSecurity Report by Ponemon and @Keeperfound that 50 percent of SMBs have had a security breach in the past year.

But why are small businesses attacked more often than larger businesses? Almost all cyber-attacks are to obtain personal data to use in credit card or identify theft. While larger enterprises typically have more data to steal, small businesses have less secure networks, making it easier to breach the network. CSO.com by IDG’s article “Why criminals pick on small businesses” says that by using automated attacks, cybercriminals can breach thousands or more small businesses, making the size less of an issue than the network security.

The CSO.com article says that lack of time, budget and expertise for proper security is a top reason for the high rate of SMB attacks. Other reasons include not having an IT security specialist, not being aware of the risk, lack of employee training, not updating security programs, outsourcing security and failure to secure endpoints.

How does your SMB avoid being a victim of a cyber-attack? Here are 8 best practices for SMB cyber security:

 

1) One of the first lines of defense in a cyber-attack is a firewall. The Federal Communications Commission (FCC) recommends that all SMBs set up a firewall to provide a barrier between your data and cybercriminals. In addition to the standard external firewall, many companies are starting to install internal firewalls to provide additional protection. It’s also important that employees working from home install a firewall on their home network as well. Consider providing firewall software and support for home networks to ensure compliance.

2) While small businesses often operate by word of mouth and intuitional knowledge, cyber security is one area where it is essential to document your protocols. The Small Business Administration (SBA)’s Cybersecurity portal provides online training, checklists and information specifically to protect online businesses. The FCC’s Cyberplanner 2.0provides a starting point for your security document. Consider also participating in the C3 Voluntary Program for Small Businesses, which contains a detailed toolkit for determining and documenting cyber security policies.

3) With 59 percent of businesses currently allowing BYOD, according to the Tech Pro Research 2016 BYOD, Wearables and IOT: Strategies Security and Satisfaction, it is essential that companies have a documented BYOD policy that focuses on security precautions. With increasing popularity of wearables, such as smart watches and fitness trackers with wireless capability, it is essential to include these devices in a policy. Norton by Symantec also recommends that small businesses require employees to set up automatic security updates and require that the company’s password policy apply to all mobile devices accessing the network.

4) Employees often wear many hats at SMBs, making it essential that all employees accessing the network be trained on your company’s network security policies. Since the policies are evolving as cybercriminals become savvier, it’s essential to have regular updates on new protocols. To hold employees accountable, have each employee sign a document stating that they have been informed of the policies and understand that actions may be taken if they do not follow security policies.

5) Yes, employees find changing passwords to be a pain. However, the Verizon 2016 Data Breach Investigations Report found that 63 percent of data breaches happened due to lost, stolen or weak passwords. According to the Keeper Security and Ponemon Institute Report, 65 percent of SMBs with password policies do not enforce it. In today’s BYOD world, it’s essential that all employee devices accessing the company network be password protected. In the Business Daily article “Cybersecurity: A Small Business Guide,” Bill Carey, vice president of marketing and business development at Siber Systems, recommended that employees be required to use passwords with upper- and lowercase letters, numbers and symbols. He says that SMBs should require all passwords to be changed every 60 to 90 days.

6) While it’s important to prevent as many attacks as possible, it is still possible to be breached regardless of your precautions. The SBA recommends backing up word processing documents, electronic spreadsheets, databases, financial files, human resources files, and accounts receivable/payable files.  Be sure to also back up all data stored on the cloud. Make sure that backups are stored in a separate location in case of fire or flood. To ensure that you will have the latest backup if you ever need it, check your backup regularly to ensure that it is functioning correctly.

7) It’s easy to assume that your employees know to never open phishing emails. However, the Verizon 2016 Data Breach Investigations Report found that 30 percent of employees opened phishing emails, a 7 percent increase from 2015. Since phishing attacks involve installing malware on the employee’s computer when the link is clicked, it’s essential to have anti-malware software installed on all devices and the network. Since phishing attacks often target specific SMB employee roles, use the position-specific tactics outlined in the Entreprenuer.com article “5 Types of Employees Often Targeted by Phishing Attacks” as part of your training.

8) Regardless of your preparation, an employee will likely make a security mistake that can compromise your data. In the PC Week article “10 Cyber Security Steps Your Small Business Should Take Right Now,” Matt Littleton, East Regional Director of Cybersecurity and Azure Infrastructure Services at Microsoft, says using the multi-factor identification settings on most major network and email products is simple to do and provides an extra layer of protection. He recommends using employees’ cell numbers as a second form, since it is unlikely a thief will have both the PIN and the password.

 

Security is a moving target. The cyber criminals get more advanced every day. In order to protect your data as much as possible, it’s essential that each and every employee make cyber security a top priority. And most importantly, that you stay on top of the latest trends for attacks and newest prevention technology. Your business depends on it.

12 June 2018

Why We Do What We Do

Here at AYS, our proof is in the pudding- and because we're a locally owned and operated company, our reputation is everything. We love what we do here down to a person, because we have all had experiences dealing with less-than-honorable companies in the past.

We've taken lessons from our previous experiences not only in what to do and how to act, but what not to do and how not to act. We understand that business ownership and operation is a risk. As a local company, too, we want to help others like us. 

We take our greatest satisfaction in our work from knowing that we serve as a trusted advisor in the community, and we plan to continue to do that work for years to come. Thank you for your support!

1 June 2018

Summer Is Here, and SonicWall is on the Road!

It is summertime in Rochester once again, and the folks over at SonicWall have hit the road once again to show their partners and vendors- AYS among them- what is in store in terms of developments and upgrades to their services and upgrades to their services and products in the coming year.

They have really rolled out the red carpet for this RoadShow, and AYS will be there for your updates and inquiries regarding what SonicWall can do for you. 

For more information on the SonicWall Roadshow and SonicWall's products and services in general, visit

https://www.sonicwall.com/en-us/home

 

24 May 2018

Your 2018 SonicWall Threat Report

As a business owner, your main concern should be running your business- not stressing about the multitude of threats that face your enterprise in the cyber world. That's why our friends over at SonicWall release a year Cyber Threat Report, which advises partners and business owners on the up-to-date threats presented in the IT sphere and exactly what should be done to counter them.

Don't stress about tailoring your own solutions for security- head on over to

https://www.sonicwall.com/en-us/lp/2018-cyber-threat-report

And learn what you must do with a verified partner and re-seller like AYS Technologies in order to really understand what can be down efficiently and affordably to ensure your personal and private information and systems are safe.

16 May 2018

BIG NEWS ALERT: The Small Business Essentials Package Has Arrived!

SMB package

THE BIG NEWS HAS ARRIVED: AYS TECHNOLOGIES NOW OFFERS AN AFFORDABLE MONTH-TO-MONTH SMALL BUSINESS ESSENTIALS PACKAGE!

For the last year and a half, we have been hard at work devising a way for smaller businesses to attain the "big three" of IT security essentials at a low monthly cost. These three essentials- antivirus software, hosted backup, and firewall- are what every business needs in order to ensure the security of their information. 

We've finally managed to do it- with the help of our trusted partners and vendors, of course. 

Give us a shout if you're interested in hearing how we can provide these three necessities to your business, regardless of size.

Don't get caught wanting in your time of need!

12 May 2018

Standby For Big News!

We have some huge news coming.

We're really excited. We hope you folks love it. It's been in the works for a really long time!

Standby for a big announcement sometime in the next week- this is going to be the hottest thing since sliced bread.

 

(... Okay, not THAT big, but you get the idea. It's going to be sweet.)

Standby to standby!

6 May 2018

Small Business Month at AYS Technologies- and We Are On Instagram!

May is small business month at AYS Technologies. And because of that, we will be releasing some awesome new content and a HUGE update on our offered services to you- the SMALL BUSINESS- to show you how much we care.

Without the support of local small businesses, we wouldn't be who or where we are as a company, and that is the honest truth. For what it's worth, AYS Technologies is a small local business as well- so it just so happens to be our wheelhouse.

Keep checking up here and on our social media posts in the next month to get an idea for what we are doing for local businesses around the Greater Rochester area... we think you'll be pleasantly surprised.

 

Also, we are live on Instagram! Follow us on Insta at atyourservicetechnologies for funny pictures of Zach, Kev, and the boys- we promise you won't be bored.

25 April 2018

Everything Is Better When Your Bring Your Friends...

Hey there again from all of us at AYS Tech!  

As our company has grown over the last few years, we’ve been able to see the positive impact our work has on YOU- our friends and clients.

In that respect, we are so grateful as a company for your business and support, and we look forward to continuing to provide excellent service for years to come.

We have friends and clients like you refer other businesses frequently, and as such, we’ve decided it’s high time you benefit from that, too.

Refer a friend, and if they come onboard with AYS Tech we’ll hook you both up with a credit to your monthly bill when they sign up for proactive services with us. It’s as simple as that!

  • To you, our client: up to $125.00 off your next monthly service invoice
  • To them, your referral: up to $50.00 off their first monthly service invoice

We want to continue to grow as the neighborhood provider for outsourced IT services in the area- being “just down the street,” we- and you- understand that integrity in everything we do gives us the edge over all others.

So, from the bottom of our hearts: thank you again for your loyalty, and the trust you place in our hands every day to take care of the most crucial aspect of your business.

 

- Zach D.

19 April 2018

Backup Best Practices for Healthcare Companies

HIPPA and Backup

Before making any technical decision in healthcare, you can be sure that HIPAA will need to be considered. HIPAA violations can result in hefty fines, legal action, and significant damage to your organization’s reputation and credibility. While you may think implementing your backup solution by yourself due to budget restraints, regulatory concerns may have you considering a managed approach. Cloud managed service providers can keep you in check with HIPAA and application monitoring; services that you may not be able to find in your own IT department. Your data recovery system isn’t just equipped to recover massive amounts of data; it also needs to focus on the loss of individual files and smaller data sets. Recovery solutions often copy data as one single file, which means that if you’re looking for one single file you’ll experience something not unlike searching for a needle in a haystack. In public cloud, with the ability to copy over data in its original configuration, you won’t have to worry about any of that.

The times of a backup being an optional feature are very close to coming to an end. It is necessary to consider the idea that within the year, it will be law to require a data backup if your firm or company operates in the healthcare field. With the advent of Cloud backups, there is really no reason not to have the contingency in place.

-Zach D.

17 April 2018

SonicWall Launches Capture Cloud Platform

Capture More - Fear less

Today, SonicWall made a landmark announcement in the launch of the innovative SonicWall Capture Cloud Platform. Complemented by a host of new products, services and capabilities, the Capture Cloud Platform tightly integrates security, management, analytics and real-time threat intelligence across our full portfolio of network, email, mobile and cloud security products.

The new Capture Cloud Platform ensures you are always protected by the absolute latest threat intelligence — updates, signatures and alerts — to automatically defend your networks, data and other sensitive information from today’s most advanced cyber attacks.

The ability to backup to the Cloud remotely is an awesome development- it means that there is no reason not to have a backup in the rising age of ransomware threats.

Read more at

https://blog.sonicwall.com/2018/04/sonicwall-capture-cloud-platform-ushers-in-new-era-of-threat-intelligence-connectivity-and-automation/?utm_campaign=FY19Q1-NA-Partner_April_Launch_Capture_Cloud_platform&utm_medium=email&utm_source=Eloqua

12 April 2018

4 Ways to Ensure PC Security

Nearly sixty percent of the American business workforce works remotely- that is, outside of traditional office spaces. Every day, we log into laptops at cafes and airline terminals, dialing into conference calls and video'ing from the kitchen table. This is a new norm- but how does security factor into this?

First, it's important to remember to make your passwords as complex as possible within the realm of being realistic for the sake of your own memory. In short, don't make them a single word! 

Second, don't stress too much when browsing the web on an unsecured network- but be shrewd regarding the websites you visit. "Oops-clicking" is a real thing- so don't click on a pop-up ad hoping to dismiss it. It may trigger a malware download. Additionally, software like SureClick from HP will isolate each browser tab as if it were in a virtual sandbox, so to speak, so anything that you click on that IS malicious won't reach the rest of your PC.

Third, consider using a privacy screen on your PC. This deters people from "helicoptering," or "shoulder surfing," which means actually snooping over one's shoulder to lift sensitive information. Privacy screens make it so that unless someone is sitting in the primary position in front of the PC's screen, they won't be able to see anything.

Lastly- pay attention to when your camera is on or off-- and control what it could see even when you think it is off. Simply placing a piece of solid-colored tape or paper over your camera when it is not in use (or buying a fancy camera shutter) will ensure that anyone accessing your camera remotely will not be able to see you or the work that you are doing.

 

Stay safe friends!

 

-Zach D.

3 April 2018

Backup Month at AYS!

April is the best month of the year for the AYS team. Want to know why? Because April is AYS's Backup Month. All month, we are going to be showing you guys the importance of backing up your information and data- especially in light of breaches like the ones at Lord and Taylor and Saks Fifth Avenue.

To kick off our month, here are five reasons you, as an employer, should back up your employee's PERSONAL computers.

1) Protection for Important Data- Almost everything your employees do, they do on their computers. Your users and company couldn't function without PC's. Up to 80 percent of vita company data is kept on PC's- so why not secure that?

2) Safety for Ransomware Infection- In 2016, nearly 50 percent of organizations in the US were hit with ransomware, with an average ransom of $679. Industry experts predict that the threat is only going to grow, and the only assured recourse to recover PCs from ransomware infections is a good backup.

3) Efficiency with Storage Deduplication- "Storage De-what-now?" In IT, data deduplication is a specialized data compression technique for eliminating duplicate copies of repeating data. Many employers and companies cite lack of storage capacity when justifying the absence of PC backups. Network bandwidth concerns abound as well. However, this issue is easily mitigated with data deduplication. Usually your employee's PCs will have a lot of common data like operating systems and applications. This makes deduplication very effective- and can reduce your storage capacity requirements by an order of magnitude. No excuses not to have a backup then, folks!

4) Mobility with Cloud Storage- Many employers utilize remote or mobile employees; the perfect solution for them would be to store backups in the Cloud, instead of backing up data to your office via a VPN. The data can be securely encrypted at-source- so it will be safe in-flight and at-rest.

5) Productivity with Ease of Recovery- With a backup, if a file is lost or encrypted by ransomware, it can be restored with a few simple clicks. If the system has crashed entirely, you can restore the full image as well. With very little effort on your side, you will be more productive, secure, and successful. 

Take these steps and sleep better at night! See you guys soon!

-Zach D.

27 March 2018

Safety Begins at Home!

While institutions are continuously adapting to the latest cybercrime techniques, the first line of defense is at home. Here are a few tips you can employ in the comfort of your own home to remain secure.

1) Watch for phishing!

2) Verify virus alerts- don't call that 800-number to verify, but instead a trusted source!

3) Update your software by setting your system to auto-update!

4) Beware of phone scams- remain suspicious if a number you don't know calls!

5) Reset your passwords frequently!

From all of us here at AYS, stay secure and stay safe!

-Zach D.

21 March 2018

Three Types of Cybercrime to Watch For

There are three main types of cybercrime that you, as a business, or consumer, should be on the lookout for. Furthermore, here are some ways to protect yourself against cybercrime and identity theft.

1) Financial- If you notive suspicious activity on your credit card or bank statement, contact all financial institutions where you hold accounts and place a 90-day fraud alert on your credit reports. This should be done through all three major credit reporting agencies individually. This prevents identity thieves from opening new accounts in your name. Furthermore, protect your social security number, and don't give it out over insecure channels ever!

2) Medical- Your health insurance information can be used by someone else to see a doctor, get prescription drugs, and file claims to your insurance provider. Estimates show that 1 in 3 Americans were victims of medical identity theft in 2016. To mitigate this, read all medical and insurance statements carefully, and if something looks unfamiliar or off to you. call your health insurance customer service number to cross-reference your information with theirs. If someone has used your information, contact your medical providers immediately!

3) Online- A sharp increase in social media use means greater opportunities than ever before to steal identities or information online. Avoid "oversharing"- each time you make a social media status update, think about whether it could be used to compromise your privacy or security in any way.

And remember stay vigilant, stay secure!

-Zach D.

14 March 2018

The "If" Mindset- And Why It is Dangerous

The "If" mindset is one that we at AYS Technologies caution against employing when it comes to your system security. Let's have a quick chat about this.

Say that you live in a gulf coast state, and you've just opened a small business. Would you purchase flood insurance for that business? 

Sure you would. Why? Because hurricanes are likely in the area of the United States where your business is located.

How about if you lived in Oklahoma? Would you buy home insurance that covers damage due to tornadoes?

Of course! Why? Because in Oklahoma, tornadoes are a "when" circumstance, not an "if" circumstance.

One more. If you lived in New York City and owned a car, would you make sure your auto insurance covered collision? 

You definitely would. Why? Because in New York City, it's not a matter of "if" that taxi is going to rear end you on icy roads, it's a matter of "when."

The same mindset should be applied for system security. If you operate a business that handles private information- credit card info, health records, etc.- at all, it is not a matter of "if" you will be hit from an attack, it's a matter of "when." It's just that simple.

Outsourcing your IT services to a trustworthy local company is buying that insurance in tornado country. It is having collision in the big city. It is purchasing flood insurance before the hurricane. 

-Zach D.

7 March 2018

Small businesses and Ransomware: It Will Happen To You

Keeping in step with our last blog post, a bit of insight on how ransomware can affect smaller businesses as well as larger corporations and fields like healthcare:

1) Threats can enter networks in a variety of ways; to mitigate these risks, consider deploying solutions to secure multiple threat vectors, such as email security and a next-generation firewall. 

2) Do your part in educating fellow users on how to detect common email threats. Phishing attacks continue to evolve, and most are incredibly hard to detect. By doing research on best practices to mitigate phishing attacks, you too can educate your friends and peers at work to mitigate this issue.

3) Keep your systems updated by employing the use of an outsourced IT company to spend a few hours a month on-site. This takes the worry of staying up-to-date out of your mind, and allows experts to keep you safe.

4) Change your default passwords frequently.

5) Employ the use of a good data backup. If you don't have one and your system is spiked, that data is gone- forever. In layman's terms, buy the flood insurance before the flood occurs.

Keep in mind: these days 70 percent of ransomware attacks target small businesses, so if you think you're safe because you're a smaller entity- you're not, but it's never too late to take steps to become so.

-Zach D.

 

 

1 March 2018

Healthcare and Ransomware: Threats

There are two types of ransomware: 

1) Locker ransomware, which prevents the victim from using the system by locking components or all of the system, and

2) Crypto ransomware, which targets the data and file systems on the device versus the device itself, so the computer is functional except the ability to access the encrypted files.

Since 2013, the amount of detected ransomware in systems of healthcare companies across the United States has jumped from 4.8 million to 18.3 million.

Ransomware attacks on hospitals across the country have increased, putting the personal data and information, including financial data, at risk. Servers are commonly held ransom, lasting in duration from hours to days, leading to thousands of personal records being breached at a time.

Mac McMillan, CEO of CynergisTek, Inc., a leading national information technology and security company, was quoted as saying,

"There needs to be a fundamental shift in our thinking about security today. More priority needs to be given to detection and response, but detection and response without protection will be less effective and can fail."

We at AYS technologies couldn't agree more. Leave it to us- the experts- to keep your security up-to-date. For companies in the healthcare field especially, the time is near that outsourcing IT and system security will be not only recommended, but mandatory by law.

-Zach D.

27 February 2018

Firewall Best Practices for Employers

1) Ensure you are using multiple layers of defense with properly integrated products. Start with a security policy that trusts nothing and nobody (vendors, franchisees, internal personnel, etc.), and add exceptions where needed

2) Build a “human firewall” by teaching your employees, especially those dealing with payments, how to deal with potential threats, such as malicious emails and suspicious pop‐ups.

3) Deploy a next‐generation firewall that is capable of high‐performance (SSL/TLS) Secure Sockets Layer/Transport Layer Security inspection enabled to ensure you are able to inspect all traffic regardless of ports, protocols or file size, decompressing and decrypting every packet and examining every byte to identify threats quickly.

4) Standard sandboxing solutions do not catch encrypted malware since they cannot see inside encrypted traffic. SSL/TLS inspection is a necessity, as is a network sandbox that will block traffic until it reaches a verdict and not only detect zero‐day attacks but prevent them in an automated fashion.

5) Add content filtering to keep users from visiting dubious sites, and use a gateway anti‐virus and intrusion prevention system to protect them from compromised “good” sites.

6) Deploy an enforced endpoint solution so you can detect a system that’s been compromised outside the network and flag it for remediation.

7) Keep all software, including browsers, operating systems and firmware, up‐to‐date with security patches.

8) Update your security settings to increase browser security levels. Also, be sure to restrict Microsoft Office files containing macros.

9) Isolate the corporate network environment into private and public zones and implement multifactor authentication for cross‐visiting. Isolate critical systems, Internet of Things (IoT) devices and POS systems as well.

LASTLY,

10) Invest in managed security services. We at AYS Technologies specialize in helping local businesses step away from worrying about these issues by maintaining the security and integrity of your system for you, in order to let you focus on what you do best.

21 February 2018- Fear not, SonicWall customers:

SonicWall stands strong in face of Spectre and Meltdown vulnerability

SonicWall Spectre Meltdown vulnerability update Jan 3 AYST AYS At Your Service Technologies Rochester

At this point, most people associated with the IT world have heard of the Meltdown and Spectre update that occurred early last month. On 3 January, it was discovered that a set of security flaws with the ability to affect computer chips manufactured within the last two decades were active and present in the update. The consequences of this development, and the very existence of the Spectre and Meltdown vulnerabilities, can be examined in-depth here:

 

https://www.csoonline.com/article/3247868/vulnerabilities/spectre-and-meltdown-explained-what-they-are-how-they-work-whats-at-risk.html

 

In short, the existence of Spectre and Meltdown could mean that possible attackers have a new avenue to obtain information previously considered completely impervious to attack. As we mentioned, the consequences could be gravely serious.

 

However, good news exists, and it is directed toward those utilizing SonicWall for their primary IT protection method: SonicWall recently released a notice stating that those using their software have no need to worry about the Spectre/Meltdown vulnerability, as all SonicWall products and services have been tested and confirmed to hold strong against any possible vulnerability exploitation.

 

This doesn’t only apply to SonicWall/TZ/NSA/SuperMassive firewalls, either; it also applies to all other SonicWall products. We’ve linked to the SonicWall Knowledge Base on their website if you’d like to check out the details:

 

https://www.sonicwall.com/en-us/support/knowledge-base/180104215849838?utm_campaign=FY18Q4-NA-Partners_Meltdown_S_Ransomware_WW&utm_medium=email&utm_source=Eloqua&elqTrackId=b381a1ceebdb43ed89d070e2761007a2&elq=6be42f6d104d4894b435d0c0ec607d02&elqaid=20940&elqat=1&elqCampaignId=7214

 

Fear not, SonicWall customers. They’ve got your (and your data’s) back.

 

-Zach D.

19 February 2018

Two major decisions you have to make as a business owner

It's okay to call for backup.

IT is a complex and not oft-desired topic to contemplate for many business owners. On a basic level, there are two decisions you- as the owner or director of your company- must make:

1) Whether or not to outsource IT services

2) The best policy and approach for IT system maintenance

You'll find our recommended choices on both of these topics below.

First dilemma: Keep IT entirely in-house, or outsource to a professional IT company?

Decisions, decisions. It can seem like the better option to keep an on-site IT team as employees of your company; who would want to bring in outside companies for your company's system security, anyway? It seems like a very personal thing to have outsourced.

However, a professional company with a solid reputation can help you stay ahead of the curve in a few areas.

  • It's easier on the wallet. Outsourcing IT can be more cost-friendly than keeping an IT team on-site, often by an order of magnitude. Who doesn't like the prospect of saving on cost?
  • It frees up effort and energy for other aspects of your business. Outsourcing IT keeps that aspect of your business off your plate, allowing you to divert the energy, time, and resources of employees that otherwise would be addressing tech maintenance to doing what you originally got into business to do: deliver quality services or products and expand your business.
  • It keeps you on the forefront of security and innovation. Information technology is a constantly changing and evolving field. The fluidity with which technologies become either relevant or obsolete is alarming, and the rate at which technologies change is only expected to increase. By outsourcing your IT services, you will be able to stay on the forefront of technological relevance, which means more security for your business and, most importantly, your customers.
  • It allows you, as an owner, to refocus attention to your customers. You entered business and founded a company in order to first and foremost service your customers. Outsourcing IT is the responsible choice- because a well-maintained IT system keeps your customers secure and safe.

Second dilemma: Preventative maintenance, or break-fix?

More often than not, the perceived best-practice when it comes to maintaining your company's technological security is initial setup followed by a policy that professionals in our field refer to as break-fix; that is, once the IT framework and system are established, services are only required when hardware or software needs to be updated, is past due for updates, or flat-out breaks. While this is lower in cost, the ramifications of this choice can be more serious than originally perceived. Software or hardware malfunctioning or breaking could mean lapses in services or, even worse, interrupted security for your customer's data. This could, in the long term, harm your reputation as a company with your current and prospective customers alike. What, then, is the alternative?

Preventative maintenance, or managed onsite services, occurs when you hire a company to dedicate a certain amount of time each month to work onsite at your company and perform function checks, security updates, and inspect your hardware. In layman's terms, this is buying the flood insurance before the flood, not after- as in the case of break-fix policies. In short, no one wants to be caught in a situation where their IT system goes down or malfunctions, because it could disrupt your ability to communicate with customers, keep their personal information safe, and provide uninterrupted services to clients. While managed onsite services can be more expensive in the short-term, it is guaranteed to save you time, money, and- most importantly- reputation, in the long-term.

-Zach D.