For many businesses, the most secure and affordable way to handle their network is by utilizing an external company’s expertise. By using managed IT services, companies are able to focus on their business, while simultaneously meeting compliance and security standards. In the age of network breaches and cyberattacks, it is more prudent than ever for businesses to understand how managed IT compliance and managed IT security differ and why it matters.

The Ins and Outs of Compliance and Security

Prior to learning about the differences between managed IT compliance and security, it’s imperative to understand IT compliance and security.

Compliance Is External

“IT compliance is the business of making sure that everyone is following the rules. The question is, what rules are they compliant with?” – Chapter President of ISSA – Chattanooga

The external rules facing companies are typically found in the form of statutes or laws. These can be laws relating to specific industries such as the Family Education Rights and Privacy Act (FERPA) for Education or the Health Insurance Portability and Accountability Act (HIPAA) for Healthcare. Other standards are used as a means of risk management for national security. A prime example of this is the Payment Card Industry Data Security Standard (PCI DSS). This standard was put in place to protect credit card users from schemes.

Rather than focusing on the technical needs of the company, compliance is used for reporting purposes and aimed at meeting regulations to keep legally running their business. With hundreds of IT standards to meet, companies often enlist managed IT compliance services from another company. This decision allows them to focus more of their time and energy on their operations, while the IT services ensure the company’s IT network is meeting the benchmarks set by their respective regulatory committee to avoid paying fines that can reach up to $1.5 million per violation each year.

Security Is Internal

Whereas compliance focuses more on satisfying an external entity, security is about protecting the company’s internal network and confidential information. A company that provides IT security to businesses, when broken down into its simplest form, finds ways to mitigate any network issues and prevent harmful threats from ever occurring. Essentially, the company is hiring someone who has a broader range of capabilities and offerings to protect their business. While internal IT may have some ability to safeguard a business’s network, they may not have the manpower to handle a company-wide security threat. Managed IT services have teams dedicated solely to protecting the client’s entire company from threats. This kind of security guarantees that a business’s data and sensitive information is safer than it would be using the capabilities it possesses in-house.

The Security and Compliance Relationship

Compliance standards are all about ensuring companies are meeting certain levels of security in order to protect individual users on a national, and sometimes international, level. There is a certain level of IT security that a business inherently has when they are meeting regulatory compliance. From this stand point, security and compliance seem to go hand in hand with one another. While meeting the compliance benchmark may seem to provide a sufficient amount of security for a business, this is often not the case.

“Being compliant does NOT mean you are secure, as many recent breaches have shown.” – Chapter President of ISSA – Chattanooga

Meeting bare-minimum compliance standards in an effort to reduce costs associated with information security leaves a company vulnerable and highly susceptible to a cyberattack. Another reason to avoid simply meeting compliance targets is the ever-changing nature of Information Technology. A business is never truly finished protecting itself. Constant upgrades and improvements are being made to protect businesses from threats that are more adaptive and intelligent in design.

Why Managed IT Is the Proactive Solution

Compliance benchmarks, though they may be updated periodically, are reactionary in nature. After a large breach, action committees need to get additional laws and amendments passed to alter the original law. Unfortunately, this process takes time and requires evidence of need -such as a large breach- before it is enacted. Needless to say, simply being compliant prevents a business’s IT security from being up to date. As formerly stated, managed IT services help put a company’s focus back on managing their business rather than staying compliant. When a company employs the help of managed IT services for regulatory compliance, they acquire a team of IT professionals. This team uses its expertise to provide an advanced-network security program that not only meets compliance standards, but exceeds them. They proactively seek out potential hazards in the pipeline in an effort to eliminate any threat before it happens.

 

Is your business safe from the next wave of cyberthreats? Learn more about how RJ Young’s Managed IT Services can help your business stay secure and meet your industry-specific regulatory requirements by filling out our contact form or calling us at 800-347-1955.

We are halfway through 2018 and RJ Young is ready to help you meet all of your business resolutions that you may have forgotten about this year. Over the last few months, we have helped businesses identify ten ways to simplify their business, from outsourced IT services to having a one-stop shop for your office technology needs. Make 2018 the year you simplify your printing,  technology needs, and improve your back up and disaster recovery methods.

Is your business ready for a disaster?

Resolution: Backup and Disaster Recovery

RJ Young felt the unexpected impact of a massive fire in March of 1998. Consequently, we understand what it’s like to lose everything and have to start over from scratch. FEMA says that more than 40% of businesses that encounter a disaster never reopen, and of those that do, only 29% were open two years later.

We survived our fire, and because of that experience, we are the best partner your business could have in preparing for disasters. Click here to read more in-depth about our fire disaster and how we used back up and disaster recovery to save important documents.

What Recovery Services Does RJ Young Offer to Help My Business Prepare for a Disaster?

RJ Young is prepared to help you prepare for a backup and disaster recovery scenario.  You can trust us to help develop proactive backup solutions to increase your data protection and keep your business safe from the unfathomable.  Additionally, here are some of the ways RJ Young can help you secure your critical business documents:

  1. Scanning Services

Replacing paper files with PDFs and digital documents can lead to more than just clearing up the clutter in the office.  Furthermore, our customer support team will design a scanner plan and ensure that your equipment continues to run optimally.  Another way to utilize our scanners is to scan all of your documents into your Document Management System. 

  1. Don’t Have a DMS?

RJ Young can help you set up a customized Document Management System for your business, increasing your business continuity and ensuring that your critical documents are accessible anytime, anywhere. Learn more here.

  1. Supporting Copy
  2. Store Your Backups Offsite

In a business world that is rapidly changing, it is important to make yourself readily available.  With RJ Young’s Managed IT Services, you can have an automatic offsite backup and disaster recovery solution for all of your critical files and systems.   These offsite solutions include cloud backup solutions, public clouds, data recovery services, and solutions, and data protection.

What Kinds of Documents Should I Backup Offsite?

You know what you need to run your business and protecting those critical documents should be a top priority. You should have offsite data backups for documents including:

  • Tax records
  • Contracts
  • Tax Identification Documents
  • Employee Records
  • Patents
  • Historical Financial Information
  • Legal Agreements
  • Customer Records
  • And more

Transform Your Documents  

You can trust RJ Young to manage the most critical components of your business – your files. Records, contracts, financial documents and more are safe from fires, floods and other disasters when they are digitally backed up offsite. Learn more about how RJ Young can help you transform your paper documents into digital files.

Millions of emails are exchanged daily throughout the world. As email continues to be a prominent form of communication, our Managed IT Services team warns that the opportunity also increases for a cyber threat. Phishing is one of the most common cyber threats in today’s world.

What Is Phishing?

Phishing is one of the most frequent causes of security breaches. According to Tech Target, “Phishing is a form of fraud in which an attacker masquerades as a reputable entity or person in email or other communication channels. The attacker uses phishing emails to distribute malicious links or attachments. More importantly, these links and attachments can perform a variety of functions, including the extraction of login credentials or account information from victims.”

Phishing cyber criminals instruct individuals to provide sensitive data like personal information, bank and credit card details, or passwords through electronic forms or ransomware. Individuals can be notified by email, telephone, or text message. Thieves use this strategic method to lure you into giving them your most precious information, threatening your network security. Phishing attacks result in credit card fraud, identity theft, and financial loss.

One of the most common ways that phishing cybercriminals obtain sensitive data on their victims is through email. According to Phishing.Org, these are few simple tips to think about before opening and clicking an email:

Too Good To Be True

You know those emails you get saying you have won a free cruise? In spite of the fact that you have not entered a for that cruise? Those offers all seem too good to be true, probably because they are. Enticing offers are used to attract your attention right away. The cybercriminal wants you to click the call to action button which will in return, allow them to attack your personal information. In this instance, the most natural thing to remember is that if an offer seems too good to be true, it probably is.

Sense of Urgency

A common tactic amongst cybercriminals is to add a sense of urgency. These criminals may tell you that you have a limited time to claim the offer or threaten immediate account suspension. That is just not true. Generally, most credible organizations will give you ample time to respond when your intimate account details are involved. When in doubt, contact the organization in question. The organization will be able to provide you with all the necessary information and verify the email in question.

Inaccurate Hyperlinks

One of the fastest ways to verify a cyber threat in an email is to check all the hyperlinks. Take your mouse and hover over the directed hyperlink. Hyperlinks should match the URL they are leading you to and that the URL in question is spelled right. For example, if the hyperlink says RJYoung.Com, but when you hover over it says AJYoung.Com, do not click it. If you suspect the link may be suspicious, it is better not to click it.

Unusual Attachments

If an unexpected email has an attachment, do not open it! Often these attachments contain ransomware or other viruses that can overtake your entire computer to steal your personal information.

Unusual Sender

Whether you know the sender or not, does the email make sense for you to receive? If not, do not even open it. Also accidentally opening the email can cause issues. Most of the time cybercriminals have a call to action in the email. Whether it is donating to a fundraiser or asking for personal help, be conscious of how the email’s wording and what they are requesting. Many times, the email will explain there is a problem you need to verify, notify you that you are a winner, or ask for help.

Information Request

A bank will never ask for personal information via email or suspend your account if you do not immediately update your personal information. Most banks and financial institutions usually provide an account number or other personal details within the email. 

Protecting Your Business From A Cyber Threat

Cyber Security Education

Make sure that you are continually learning how to defend yourself, and arm your business with an information technology expert. Just as experts are staying up to date with the latest technology, so are the cybercriminals. Be sure to always educate yourself on how cyber threats are changing and how they can affect you.

A Practical Application

Recently, we conducted an internal email test for our employees using Sophos Intercept X. This technology is one of many used by our clients as part of their Managed IT Service Plan. We sent a fake phishing email to all of our employees and tracked the number of opens and clicks to evaluate our own risk of a cyber threat.

After that, we sent out an educational email to make employees aware of the test and provided detail information on what to be mindful of when receiving a potential threatening email. We presented our employees with an easy to follow infographic to use as a guide for analyzing phishing scams in the future. Education is often the most cost-effective solution to protecting your network’s security.

Cyber Security Service

If it seems like cyber threats seem to be occurring more frequently and taking down business operations across the globe, you’re right. The number of data breaches in the U.S. has jumped 29 percent in 2017 according to The Identity Theft Resource Center and CyberScout. The best way to prevent these attacks is to have a proactive plan for your business. Make sure your Managed IT service partner understands your business. RJ Young’s Managed IT Services include the design, upgrade, and maintenance of cloud services and  IT networks for small to mid-sized companies. We create customized plans for our customers to fit your specific needs and goals for success.

 

As technology advances, so do cybercriminals. Cyber attacks seem to be occurring more frequently than ever and hurting businesses throughout the world. Furthermore, for many small to enterprise-level businesses, a cybersecurity breach can quickly impact the business’s compliance with significant IT compliance regulations. Even companies with enterprise-level IT support can benefit from easy and necessary IT Security safeguards. Here are 3 easy ways to help safeguard yourself against a cybersecurity breach that takes only 5 minutes each week.

Change Your Password: IT Services TIp

1. Change Your Passwords

Every IT network support progressional will tell you – change your passwords often! This fast and easy fix could save you from a cybersecurity threat. Set time aside to update your passwords on all of your accounts. Experts recommend having different passwords across all your personal network. This ensures that if one is compromised the hacker has access to only one system, not all of them.

Forget the tough passwords; new guidelines recommend keeping it simple. According to the United States National Institution for Standards and Technology (NIST), new password guidelines help you stay protected. NIST suggests, keeping your passwords simple, long, and memorable. Phrases, lowercase letters, and typical English words and objects are suggested when creating passwords. This recommendation had changed from when the organization suggested using unique characters and a mix of lower and uppercase letters.

These new guidelines may seem surprisingly easy, Paul Grassi, senior standards and technology adviser at NIST, who led the new revision of guidelines, says that these new guidelines will help users create longer passwords, which are harder for hackers to break.

Once a cybercriminal has access to your personal credentials they can impersonate you to send personal emails directly to your friends, family, and co-workers. Soon, and IT security breach can lead to imposter postings on your social networks where cybercriminals seek to collect even more sensitive information. This a small business managed network services nightmare. It is also often a socially and professionally embarrassing experience.

Managed IT Services Expert Tip:

A bank will never ask for personal information via email or suspend your account if you do not immediately update your personal information. Most banks and financial institutions usually provide an account number or other personal details within the email. This information is how you can ensure that the email or phone call is coming from a reliable source.

 

Think Before You Click IT Services

2. Think Before You Click

Many IT network security threats happen by accident. You see an email from an old friend or a significant update from your bank, and you just go ahead and click on the email without thinking. Unfortunately, these emails are socially engineered to look like they came from a trustworthy source, not a cybercriminal. Here are some things to think about before clicking an email.

One of the fastest ways to verify an email is to check all the hyperlinks. Take your mouse and hover over the directed hyperlink in an email. Make sure that the hyperlinks match the URL you land after clicking. Check for spelling errors in the web address. Popular websites are often manipulated but contain spelling errors. For example, if the hyperlink says www.mybank.com, but when you hover over it says wwwmybank.com, do not click it. If you suspect the link may be suspicious, better to not click it.

Is this offer too good to be true?

Most of these cybercriminals will present you with an eye-catching deal to make you think you have won a contest; you have not entered or asking you to claim a prize that is too good to be true. In an instance like this, it is best to remember that if the offer seems too good to be true, it probably is. If you ever have questions, contact the organization directly from a contact page on a trusted website, or your business’s managed IT services team, not the email in question.

Who is sending this email?

Whether you know the sender or not, does the email make sense for you to receive? If not, do not even open it. Simply, delete and move on. Accidentally opening the email can cause IT security issues and potentially make you vulnerable to a cybersecurity threat. If someone you know is asking for money, call or text to verify. When in doubt, always think critically before acting.

Install Updates IT Services

3. Install Updates

We all know how annoying it can be when your computer continually reminds you to update your software. That said, an enterprise-level managed network services expert will tell you these updates are essential in protecting you against a cybersecurity threat. Updates give you more than just the latest and greatest features; they make sure you also have the most updated security to protect your IT network. Thousands of new malware variants run every day. Having out of date security software is almost as bad as having none at all.

Is your software up-to-date?

Your un-updated software is vulnerable. According to Sophos, cybercriminals can exploit this vulnerability by writing code explicitly targeting your network’s system. This can infect your computer without you ever taking action. When your computer is compromised, cybercriminals steal data and gain control over your computer and personal information.

Managed IT Services

The 5 minutes each week you devote to strengthening your network will help protect you from any future threats. Small to enterprise-level business owners who are not comfortable with handling their network’s security are good candidates for Managed IT Services. Managed IT services allow business owners to rather than their system. RJ Young offers free network assessment for businesses. We ensure your organization is protected from IT security vulnerabilities.

Why should I care about small business Managed IT Services? If you are a small business, chances are that you do not have an IT department on staff. Hiring a full time dedicated IT staff can be costly. So, how do you monitor your network? Install, integrate, and maintain your network? Provide desktop support to your staff? Select new technology?

In too many cases the answer is not very well or not at all. But what if there was a cost-effective way to help you with all of this? The answer: Managed IT Services

The experts behind Managed IT Services work with your business to implement processes, procedures, and tools that are specific to your business needs and network, while also making recommendations, system fixes and updates so you are better prepared in case of an emergency.

Here are five reasons why small business Managed IT Services is critical:

Reduce Downtime With Managed IT Services

1. Decrease Downtime

In today’s ever-changing world of technology, every business can benefit from having a proactive IT strategy. This strategy allows companies to react quickly and efficiently when problems arise. With a small business Managed IT Services provider, your team of experts is on standby to assist with any IT emergency such as power failures, security breaches, data loss or other disasters that could damage accounts and cause customers to question credibility. They are familiar with your IT network and work fast to prevent the kind of damaging impact a downtime event could have on your business.

In 2016, the Emerson study showed that unplanned outages lasted 130 minutes totaling $946,788. That is just a little over $7,200 per minute of downtime. With an IT service plan, downtime situations are handled immediately, and systems are restored rapidly, saving your time and reputation.

Save Money With Managed IT Services

2. Cost Savings

Many IT budgets consist of hardware costs, software and network costs, cloud solutions costs, labor, and maintenance, to name a few. These resources are all vital to keep your network up and running to the best of its ability. Most of the time, smaller companies are outsourcing each of these items individually, which can start to add up. With a Managed IT Service provider, your small business Managed IT Services experts will create a roadmap of service costs and needs. This roadmap allows you to know all costs associated with your network and plan accordingly each month, which in turn can provide cost savings.

Team of Experts WIth Managed IT Services

3. Team of Experts

When you implement a Managed IT Service provider, you suddenly have a team of experts at your fingertips. These small businesses Managed IT Services experts have a working knowledge of your business available to help troubleshoot and remediate issues that arise without your business. They are on call to answer any questions, help your company stay up to date with the latest technology trends and create solutions that ensure uptime and profitability for your business. They also can assist in specialized projects and consult with you on any other network related tasks. For small businesses, this is another key to business success.

Increase Productivity With Managed IT Services

4. Employee Productivity

As a small business, your employees are the heart and soul of your organization. In most small companies, your most significant monthly cost is employees, so why not make sure that they have the resources they need while at work? Depending on your business, it is likely that most of your employees use a computer to do their job. If their computer is infected with a virus or suddenly crashes, they can’t work. Taking a proactive approach to having a Managed IT Service on call allows this problem to be handled fast. This also helps your employee attitude and frustration knowing their issue will be taken care of and they can get back to work in no time.

Better Technology With Managed IT Services

5. Up to Date Technology

As technology evolves, so should your business. Managed IT Services allow your business to adapt to latest technologies as they become available. Your team of experts keep you up to date on the latest cloud solutions, handle network security, and more. You can expect them to be in the know of the most recent and best software applications and modern programs.

As cybercrimes continue to grow and evolve, your team of experts can provide the latest information on how to best protect yourself and your network from threats. Your experts can work with you and your employees directly on how to spot and avoid cybercrime.

————————–

RJ Young’s Managed IT Services design, upgrades, and maintains IT networks for small businesses that want to focus on their work, instead of their network. We create customized plans for our customers to fit their specific needs and goals for success. Visit https://rjyoung.com/services/it-services/ to learn more.

Most people look at the computer on their desk and think “it’s a computer” and “it does this stuff.” If you pin said person down and ask them what that “stuff” is, you would probably get an answer along the lines of, “well, you know email, and Internet Explorer and Microsoft Office.” If you asked CAD engineers they would say Pro-E or Solidworks, accountants would list QuickBooks, Excel or a tax package, medical workers would reference an EMR or practice management package such as eClinical Works, Allscripts or Athena.

The more you asked the worker about their day, the more you would wonder why you’ve been buying so many pens and pencils because you realized EVERYTHING your workers do is on their computer. The “stuff” your workers’ computers do for them, and for you are called “network services.” We keep those services running with a high-level of availability by managing them, thus the term Managed Network Services (MNS)– much like the janitorial department transitioned to the name of “Environmental Services,” the geeks have come up with a fancy name to say we keep your “stuff” working.

It’s not just Managed Service Providers (MSPs) that build MNS programs – every IT department and computer firm in the world provides MNS.  But just like any department in your company – you need a good manager.  You need a person to manage your services that can comprehend how important they are to your company’s existence, that can see the big picture of your company’s growth and that doesn’t try and run a budget like the US Government.  So whether or not they claim the title, if you hire an IT firm to help your company, you are hiring a MSP. 

So then, if you were hiring a Quarterback would you pick up a guy who loves to play wide receiver, or the guy who has spent his life preparing to be a franchise QB?  Just remember, when it comes to contracting an IT firm, you should hire a company who has been structured entirely to be an MSP.

 

James Walker

Regional Director of Managed IT Services.

James oversees the Chattanooga, Nashville and Huntsville markets of our managed IT Services department. In his role he manages service delivery and support of engineers in all regions, does security and compliance auditing, and works with businesses in network design, implementation and troubleshooting. He has been in the technology industry for over 24 years. James is originally from Boston, MA and works out of our Chattanooga office. He joined RJ Young in January 2013 through the acquisition of his previous company, Preferred Computers, Inc. 

Managed Network Services – it’s a buzz-term in the information technology (IT) industry these days – many IT firms are adding a Managed Service Provider (MSP) shingle to the front of their shop.  So like many business owners, small business and large businesses alike, you might be asking, “what the heck is that?”

In short, Managed Network Services are systems built by IT Providers that enable you to have a network designed and maintained like an enterprise business.  For those of you in the manufacturing industry – ask yourself, if you were Ford Motor Company, a leading manufacturer, would you manage your IT infrastructure the way you do now?   What if your company was twice the size with twice the income?  For those of you running a medical practice, how would you manage your network if you were a larger clinic, or a hospital?   What would your network look like?   How would you support users and ensure compliance?

Many small-to-mid size business owners dismiss the idea of having a strategically structured and proactively managed network with “it costs too much.”  Before you dismiss this idea, ask yourself two more questions:

  1. Can your business operate effectively without your computer systems?
  2. Does downtime proportionately hurt your business any less than your larger counterparts?

If you answered those questions as most small-to-mid-size business owners, you said “no.” In fact, larger businesses are probably more capable of absorbing an interruption in network services.  Larger companies hire experts to design and proactively maintain their network in order to prevent and eliminate downtime, maintain a competitive edge, control IT related expenses and strategically plan for growth.

MSPs help small-to-midsize business owners achieve this same level of efficiency. MSPs design and maintain their networks with the same proven effective methods as their larger counterparts do at a budget scaled to their size, simply for many clients, most with no in-house IT department or small IT departments striving to control costs.

As you tackle business planning for 2015 for your small-to-midsize business, consider knocking on the door of a Managed Services Provider. It could be the answer to improving efficiency and productivity in running your business for the coming year.

 

James Walker – Regional Director of Managed IT Services

James oversees the Chattanooga, Nashville and Huntsville markets of our managed IT Services department. In his role he manages service delivery and support of engineers in all regions, does security and compliance auditing, and works with businesses in network design, implementation and troubleshooting. He has been in the technology industry for over 24 years. James is originally from Boston, MA and works out of our Chattanooga office. He joined RJ Young in January 2013 through the acquisition of his previous company, Preferred Computers, Inc.