IT Voice

Blog

  • WHAT IS A HOSTED SOLUTION?


    When it comes to business phone systems, there are two main solutions: on-site and hosted. Both of these can be broken down further into a wider variety of phone technologies, but the decision to have your phone system located in your office or hosted by a third party is a major step.

    WHAT IS A HOSTED SOLUTION?

    A hosted phone system solution is one in which the actual software and servers are located off-site with a third party provider. The system relies on a network connection (likely the Internet) to give all of your computers and handsets access to the system and enabling the use of call routing and other features.

    WHY CHOOSE A HOSTED SOLUTION?

    There are a number of benefits offered by hosted solutions over in-house solutions. First of all, hosted solutions often improve the reliability of a system. The third-party provider typically has hundreds of servers tied together which handle fluctuations in demand. In addition, if any server goes down, the others can pick up the traffic instantaneously. An added benefit is that all of the maintenance of the hardware happens on their end, so there is no need for an IT team to deal with troubleshooting or setup.

    Hosted solutions also offer a great ability to scale your phone system up or down according to your needs. Since the host has unlimited space on their servers, it is possible to add or subtract lines as necessary. It is a cost-friendly option for businesses of any scale.

    HOSTED SOLUTION CONS

    While many companies tout hosted solutions as the premier service, the reality is that they may not be the right fit for everyone. Small companies who don’t need the extra server room probably will not benefit greatly from the hosted service overall. In addition, businesses who do not have reliable Internet access will not gain any reliability from the hosted servers on the other end. In terms of cost, it may be cheaper up front to choose a hosted partner. However, the cost of an ongoing subscription may be more than the cost of purchasing a standalone box for your office.

    Hosted solutions are becoming increasingly popular as a way of increasing the range and reliability of phone systems, especially for mid-sized businesses and corporations. However, they largely rely on the same software solutions that are available for smaller scale operations and may not be the right fit for everyone. Your expected growth and the amount of equipment already in place at your office may offset the benefits of upgrading to a third-party host.


  • Mastering Cybersecurity with an Optimistic Approach

    Join seasoned cybersecurity professionals, as they take you on a captivating journey through the world of cyber threats. Often when we talk about cybersecurity, we end up with a series of cautionary tales of what can go horribly wrong. Today, we talk about success stories. What can happen when all the right people and tools are in place to prevent a cyber attack?

    (more…)

  • Think you are too small

    Think you are too small to be targeted by a cybercriminal? Think again.

    When I meet with clients, especially SMBs, I often hear them say that they feel their business is too insignificant to be a target of cyber-criminals. Why would someone go after my business when there are bigger ones out there, making more money? Here are a few reasons why.

    1. Because you think so – The fact that you think you are safe makes you more vulnerable, because you are not prepared for the eventualities that arise from an attack. Most SMBs I interact with don’t have a well-defined plan in place in terms of IT security
    2. Your staff is a gateway: Smaller businesses rarely conduct formal training sessions or provide information updates to their staff about the latest cyber threats. Such sessions are never a priority when the staff is too caught up with other ‘real’ work. As a result, your staff is more likely to fall for phishing messages and unknowingly become a gateway for cybercriminals to enter your organization.
    3. You work on shoestring budget: Many of my clients claim that they are strained for financial resources and would rather invest in growing their business than on something like preventive IT measures. Well, guess what? Cybercriminals know that too. They know that large corporations have multiple IT security layers in place that are difficult to penetrate. Your business, on the other hand, is a soft target for them since your investment in IT security is negligible.

    What you can do to keep your business safe without straining your budget?

    1. Change your mindset- No business is too big or too small for cybercriminals. In fact, a data loss or data compromise is more likely to be fatal for a smaller business than a bigger one.
    2. Train your staff: Teach your staff to identify malicious links, spam, phishing messages, etc,. Send them Day Zero Alerts regularly that keep them updated about the latest threats in the cyberworld.
    3. Consider bringing a managed service provider onboard: Having an in-house IT department can be expensive and not always worth the cost. You can benefit from having a SLA with a managed service provider (MSP). This arrangement gives you the benefits of having a dedicated IT team at your disposal minus the headaches that come with having it in-house.
    Don’t forget…it is only a matter of time before you become a victim.

  • What the COVID-19 crisis taught us about the cloud and business continuity

    What the COVID-19 crisis taught us about the cloud and business continuity

    The COVID-19 pandemic has changed life as we know it, in many ways. While its impact on our day-to-day lives has been huge, the impact has been even more severe from a business perspective. The social distancing norms, staggered operating hours so as to limit crowds, the masks, shields, barriers, and what-not! From the business continuity perspective, companies have had to adapt themselves to the new normal very quickly.

    During this global crisis, one technology that truly came to the rescue of business big and small was the cloud. The cloud made it possible for businesses to keep their operations running even with staff working remotely. With all critical data stored online, all that was needed was a compatible device with an internet connection and it was business as usual…well, almost.

    Here are some core business challenges that were resolved due to the cloud.
    • Access to core business data and software programs that were needed for smoothd day-to-day operations
    • Data security concerns, though not entirely non-existent due to the use of personal devices, were largely taken care of, thanks to multiple layers of security offered by the cloud service providers
    • There were no “hardware hassles”…companies that were already on the cloud didn’t have to worry about the logistics of providing office computers to their employees working from home. With all the data stored online, they could use their home computers or tablets to get the work done.
    Earlier what was perceived as an advantage for employees (the permission to work from home) was now mandatory for survival of the business. Even businesses that allowed employees to operate from home before the pandemic had a tough time migrating their entire setup to the work-from-home model.

  • IT Defense in Depth Part II



    Defense in Depth Part II

    In our last blog we started talking about the different layers of security necessary to fully defend your data and business integrity. Today we will look at the human aspect of it, and network defenses. The human layer refers to the activities that your employees perform. 95% of security incidences involve human error. Ashley Schwartau of The Security Awareness Company says the two biggest mistakes a company can make are “assuming their employees know internal security policies: and “assuming their employees care enough to follow policy”.

    Here are some ways Hackers exploit human foibles:
    1. Guessing or brute-force solving passwords
    2. Tricking employees to open compromised emails or visit compromised websites
    3. Tricking employees to divulge sensitive information
    For the human layer, you need to:
    1. Enforce mandatory password changes every 30 to 60 days, or after you lose an employee
    2. Train your employees on best practices every 6 months
    3. Provide incentives for security conscious behavior.
    4. Distribute sensitive information on a need to know basis
    5. Require two or more individuals to sign off on any transfers of funds,
    6. Watch for suspicious behavior
    The network layer refers to software attacks delivered online. This is by far the most common vector for attacks, affecting 61% of businesses last year. There are many types of malware: some will spy on you, some will siphon off funds, some will lock away your files.

    However, they are all transmitted in the same way:
    1. Spam emails or compromised sites
    2. “Drive by” downloads, etc.
    To protect against malware
    1. Don’t use business devices on an unsecured network.
    2. Don’t allow foreign devices to access your wifi network.
    3. Use firewalls to protect your network
    4. Make your sure your Wi­Fi network is encrypted.
    5. Use antivirus software and keep it updated. Although it is not the be all, end all of security, it will protect you from the most common viruses and help you to notice irregularities
    6. Use programs that detect suspicious software behavior
    The mobile layer refers to the mobile devices used by you and your employees. Security consciousness for mobile devices often lags behind consciousness about security on other platforms, which is why there 11.6 million infected devices at any given moment.

    There are several common vectors for compromising mobile devices
    1. Traditional malware
    2. Malicious apps
    3. Network threats
    To protect your mobile devices you can:
    1. Use secure passwords
    2. Use encryption
    3. Use reputable security apps
    4. Enable remote wipe options.
    Just as each line of defense would have been useless without an HQ to move forces to where they were needed most, IT defense-in-depth policy needs to have a single person, able to monitor each layer for suspicious activity and respond accordingly.

  • The dark web: An introduction

    The dark web: An introduction

    Have you come across the term, dark web, recently? As a business, you might have heard that you need to keep your data safe from the dark web. So, what is the dark web anyway? Read on to find out…

    What is the dark web?

    The cybercrime landscape is evolving fast. The “Nigerian” email scams are now old. Cybercriminals are smarter and more organized now–almost functioning like professionals. In fact, there’s a sort of a parallel universe where they all operate in a very corporate-like manner. And that parallel universe is called the Dark Web.

    The surface web, the deep web and the dark web

    Essentially, the internet can be categorized into 3 parts.

    • The surface web, which includes your ‘regular’ websites–the kinds that just show up on web searches. For example, you type, Dog Videos and links to a bunch of dog videos on YouTube shows up. YouTube, in this case, is an example of the surface web.
    • The deep web, which shows up in web searches, but requires you to log in to view specific content. For example, your internet banking page or your netflix subscription.
    • Then comes the dark web.
    The dark web is part of the internet that isn’t visible to search engines and requires the use of an anonymizing browser called Tor to be accessed. The dark web offers anonymity and hence is the hub for all sorts of illicit activities in today’s internet age. Strictly speaking, the dark web typically hosts illicit content. The kind of content that you find in the dark web include

    • Credit card details, stolen login credentials for something as serious as internet banking accounts to something as trivial as Uber or Netflix,
    • Contact details/communication platform for striking deals with hitmen, drug dealers, weapon dealers, hackers, etc.,
    • Marketplace to buy malicious codes to help corrupt or jam IT systems and even RaaS (Ransomeware as a service!)
    All of the above and more, for a fee of course. In short, the dark web is like the underworld of the internet. So, how does it concern you and why you need to steer clear of it? Read our next blog post to find out.

  • A Smarter Approach to Mobile Device Management

     
     
    A Smarter Approach to Mobile Device Management
     
    More people today use personal mobile devices like smartphones and tablets for business purposes. Such devices, coupled with greater Wi-Fi accessibility and cloud services, have empowered us with the ability to access data and do business from practically anywhere at anytime.
     
    Needless to say, many small-to-medium sized business owners have embraced the BYOD (Bring-Your-Own-Device) revolution. The benefits are obvious; increased employee productivity, enhanced services to customers/clients, and better overall customer and employee satisfaction.
     
    But what about the potential consequences associated with this mobility revolution? Are small business owners doing enough preemptive planning to address potential risks that could arise with the use of BYOD devices?
     
    Mobile Device Management – Questions Every SMB Should Ask
     
    First, it is important that small business owners honestly assess whether their systems, networks, data, and overall infrastructure are ready for the use of an array of mobile devices.
     
    Once it is firmly established that both internal IT and components in the cloud are prepared for BYOD, solutions should then be put into practice that are concurrent with terms of use policies or any guidelines pertaining to remote/telecommute workers or the sharing of sensitive data. The following questions should be answered.
    • What particular devices or applications are permissible for work use? Assuming security requirements are in place, not every device or application will meet those.
    • Will anyone in the company be tasked with the daily management of BYOB strategies? What should BYOD policies cover and what kind of management solutions will be needed? Would a BYOD management tool that collects device information, deploys and monitors usage, and offers insight into compliance be helpful?
    • Which costs will be the responsibility of the employee? This pertains to any fees associated with usage – from network plans, to the device itself, to software, accessories and maintenance costs.
    • What data will be accessible? Will data encryption be necessary for certain information traveling through the personal devices of employees? Which employees will have read, write, update/delete privileges?
    • What is the process when handling sensitive data stored on lost or stolen devices, or the personal devices of ex-employees? Does the company or organization have the right to wipe out the entire device or just corporate data and apps?
    BYOD is here to stay as it affords smaller-sized companies the mobility of a corporate giant without a huge investment. But when it comes to ensuring that devices, applications and networks are safe from the variety of threats linked to greater mobility, small business owners may find it necessary to enlist the help of a managed service provider to adequately take on mobile management challenges and provide ongoing consultation.
     
    Contact us at Slappey Communications

  • Your Vacation Auto-Reply Might Be A Hacker’s Favorite E-mail

    You set it. You forget it. And just like that, while you’re packing for vacation, your inbox starts automatically broadcasting:

    (more…)

  • Four ways unified communications can improve productivity Part II



    Four ways unified communications can improve productivity Part II

    In our last blog we suggested that unified communications has value to an organization’s efforts to increase productivity. It can facilitate smoother, more efficient collaboration in a 24/7 workspace.

    Unified communications can
    • Improve the functionality of our 24/7 workplace – The reality of 24/7 availability has been around for a while, and learning to place constraints on that is for another e-guide. However, unified communications can play a role on the 24/7 expectation problem. For one thing, with a single portal to an individual’s multiple communication channels, an employee can more easily communicate across those channels that they are not available and therefore limit expectations for an immediate or timely response when that is not possible. Also, with a unified portal, responding to different channels in off times can be easier and therefore less time-intrusive.
    • Improve client satisfaction – Nothing is more irritating as a customer than needing support and finding support elusive. Waiting for call-backs with no answer, or worse, re-telling your story over and over until you finally reach the right resource? Unified communications can go a long way in mitigating these frustrations. Unified communications is being heavily introduced into contact centers, where customers can use multiple integrated channels to discuss issues, questions, or problems.
     Look to a managed service provider for ways that you can begin to introduce unified communications into your organization.

  • What is a business continuity plan?

     
     
    What is a business continuity plan?

    You may hear a lot about business continuity plans and may even hear them incorrectly referred to as disaster recovery plans. So, what is a business continuity plan?A business continuity plan is a total blueprint for how a business or organization ensures that its output–products or services–will continue to be provided with as little interruption as possible, despite a disaster. Disaster could be any major disruptive event. Most commonly, we tend to think of these plans as being developed to respond to natural disasters, such as hurricanes, floods, and earthquakes. It should also be noted, business continuity plans aren’t just written to handle natural disasters. Anything which threatens output–for example, the loss of key leadership personnel, cyber attack and civil unrest– are prepared for in a business continuity plan. A business continuity plan has several parts. This blog will outline the major four sections that comprise many business continuity plans.
    1. Risk Assessment: This is the first step in the plan. This involves scanning the environment to determine the risks that are out there which could threaten the ability of the business to create outputs to meet customer needs. Determining threats is always the first step.
    2. Business Impact: This stage evaluates each risk and looks at the impact it would have on every portion of the business should it occur. For example, if we lost all internet connectivity for 2 days, what would be the result? How would it impact our ability to function. The best plans look at these in terms of quantifiable consequence. Number of customers affected, revenue lost, etc.
    3. Recovery and planning: This stage involves developing the specific plans to circumvent barriers created by the disaster to keep the business function in the short term, as well as plans to restore the business to complete functionality over the longer term.
    4. Testing: The final step is key. Developing training plans for everyone in the firm, and conducting drills and tests to determine the effectiveness of the plan. The results of these tests should be used to refine the recovery plans and should be an ongoing exercise, not something done once and then shelved. Your business evolves and so must the business recovery plan.
    As for the question “Aren’t business continuity plans and disaster recovery plans the same?” The answer is simple. A business continuity plan is the complete plan that covers every aspect of anticipation of risk, the impact of the event on the business, recovery, testing and evaluation. Disaster recovery is one piece of the business continuity plan that falls in the recovery section. Now you know.