Home » Blog » Archives for Keith Herstek

Author: Keith Herstek

outsourcing your IT

Outsourcing your IT

Why outsource your IT?  As a Small – Medium Business (SMB), the question of outsourcing your Information Technology (IT) may have frequently crossed your mind, especially with the surging security breaches that the media outlets seem to broadcast weekly.  Whether your business does not already have a dedicated IT Department or if you are seeking complementary services to your already established IT infrastructure, outsourcing your IT technology can provide tremendous benefits to your business.  Using the 3 R’s (Reasons, Risks & Rewards) can provide a base to examine if outsourcing your IT may be beneficial and effective for your business.     

 

REASONS to outsource your Managed IT Services

  • Outsourcing is Budget Friendly – Cost Effective – Reduce & Control Operating Costs.
  • Would your business like to improve your and Your Employees’ Focus and Resources?
  • Would your business like to Reduce Labor Costs?  
  • Is your business finding it difficult to keep up to date with Routine Maintenance on Workstations and Servers?
  • Is your business finding it difficult to start or manage IT Projects?
  • Make capital available for other means in your business.
  • Reduce Security Risks.

 

RISKS involved with outsourcing Managed IT Services

Any time you hand over responsibilities for any aspect of your business you are inviting risk. Whether hiring a staff member or outsourced service, you may have lingering hesitations, such as, What are they supposed to do? Or Will they fit in with the company culture? Or Did I hire the right person?  

 

Some other risks that you may consider when outsourcing your Managed IT Services:

 

  • Loss of Control – Oversight
  • Confidentiality of DATA – entrusting someone to your company’s intimate practices may seem like a risk, but an Outsourced IT Service provider can also help protect your DATA from ending up in the wrong hands
  • Disaster Recovery – much like confidentiality, an Outsourced IT Service provider can mitigate and help to make a plan for Disaster Recovery
  • Some IT functions are not easily converted
  • Employee Morale
  • Your business may get locked into a contract

 

REWARDS of outsourcing your Managed IT Services

  • Acquire a Valuable Partner –  a committed Expert of Outsourced Managed IT that provides professional, objective and best practice advice along with keeping up with the most current technology trends.
  • Add to your In-House capabilities.
  • Little to no Human Resource (HR) Investment.  Hiring an employee hosts a staple of expenses from the hiring process, background checks and supplying a space to work to account for benefits, vacation, sick days, worker’s compensation, continued training, employee performance reviews, human resources, and of course, employee turnover.
  • Cost Savings.
  • Flexible to your Company’s changes in size, volume, and strategy.
  • Security – Keeping your Systems updated, leveraging Virus protection and proactively monitoring.
  • Predictable Monthly Budget.
  • Prevent Burnout of Yourself and Employees.

 

BONUS – Tips to Working with your Outsourced Managed IT

  • Clearly formulate and communicate goals and objectives of the business relationship
  • Have a Strategic Vision
  • Keep Open Communication

 

Managed IT Outsourcing companies have a lot of experience with different types of businesses and thus – a better understanding of a client’s expectations. This is the main reason why outsourced companies are able to be flexible with your requests and visions. They can even propose new ideas that can change your perspectives. Outsourcing companies see your existing infrastructure from a different vantage point and can customize a solution for your individual business needs.  

 

About Herstek & Associates, LLC

Herstek & Associates, LLC is a professional outsourced computer service company serving small to medium businesses in Luzerne and Lackawanna Counties in Northeast Pennsylvania (NEPA). Our specialties are network planning (network consulting), network projects, and ongoing network/computer maintenance. We pride ourselves in not only delivering the results you expect but also being knowledgeable, systematic, accountable, trustworthy and easy to work with. To speak with a Support Advisor about the the computer support provided by Herstek & Associates, LLC please call us at (570)779-4018 or contact us.

Section 179 Deduction

NEPA Section 179 Deduction

It is a great time of year to take advantage of the section 179 deduction. If you purchase software or equipment by December 31rst, you can deduct the full purchase price and a bonus depreciation. Section 179 is the product of a recent stimulus bill that is geared to help small business grow.

There are limits to what you can purchase. Most computer equipment qualifies. Most “off-the-shelf” software qualifies. PC, Laptops, Servers, and network equipment all qualify. Custom software does not but server-based software, PC operating system upgrades, MS office products, and accounting software like QuickBooks all do.

How about a business class i7-6700, 8GB ram, 250GB SSD with windows 10 pro with a 5-year parts warranty?

business class i7-6700, 8GB, 250GB SSD with windows 10 pro

Or maybe you need a new rack mount server with a Xeon Processor, 32 GB ram, 8TB hot swap raid 5 for your new virtual server host.

 Xeon Processor, 32 GB ram, 8TB hot swap raid 5

Or it could be time to upgrade your aging routers. Maybe a new SG-3100 pfSense router with 2x1GbE (gigabit ethernet) internet ports so that you can keep your business running on a backup internet connection even when the main lines goes down?

SG-3100 pfSense

Or maybe you have read some of my ransomware articles and now you are ready to have a serious disaster recovery system in place. We can configure a local backup system and supplement it with online backup. The hardware for the local backup could fall into the section 179 deduction.

Onsite Bare-Metal Recovery with Cloud Replication
We can source you other products as well. Ready for your Dual monitor setup? How about upgrading your laptop to an SSD drive? Maybe it is time to upgrade the memory on your unit?

Dual Monitor

Contact us now and we will be more than happy to configure a custom quote for whatever you need so you can take advantage of the section 179 deduction this year. Contact us here…

 

 

 

 

 

Outsourcing Updates

Keep Up to Date by Outsourcing

Updating your business software is one of your best protections against cyber-attack, but actually going through and running the updates is a task that often gets overlooked. Either they take too long, they pop up at inconvenient times, or you simply don’t know when an update is available. Do you have a plan in place to ensure all your tech is up-to-date, or are you flying by the seat of your pants?

Emergency updates are a killer

Just between us, most businesses update their software only when the repair techs come to fix a major breakage. The techs run the updates before they leave, then the systems sit there with ever-widening security gaps… until another breach happens and the techs are called back for another band-aid solution. Emergency only updates in a break/fix model are a great little earner for those techs, not so good for your uptime or budget.

Finding time for maintenance

To keep your business up and running securely, you need someone who lives and breathes updates. They’ll need to have top tech skills so they know when and how to apply all the patches, and how to make sure all your other tech is playing nice (and do it all after-hours). If you have an in-house IT specialist, you’re set – and they should already have an update plan. But if you don’t have a qualified IT team member, outsourcing to managed services is the perfect solution. You get highly skilled technicians remotely applying your network updates after hours. It’s also a great alternative when your in-house IT team is overloaded and has no time left for routine maintenance. We’re able to partner with your existing techs to take care of the small tasks, leaving them free to focus on bigger initiatives.

What else needs to be checked?

Beyond running security patches, it’s important to keep your business moving forward. Here are a few areas our techs look at as part of managed services:

Hardware health: The last thing you want is days of downtime after a piece of hardware dies a spectacular death, dragging other components down with it. By not staying on top of your hardware health, you’re opening yourself up to lost productivity, lost income and unknown delays. Our managed services can assess and replace components before they break. If suitable, we’ll also save you money by recommending (and helping) you move to a cloud solution, so you can access your data with inexpensive hardware like tablets.

Operating system expiry: While it’s great that you have a preferred OS, keeping it after the manufacturer ceases support can leave your business wide open for attack. It’s simply not a good combination. Our managed services technicians will advise you of any changes coming up for your OS, and suggest the best upgrade for your needs.

Legacy programs: Updates to your software have the potential to disrupt older programs, either resulting in errors, slow performance or even downtime. With technology advancing so fast, we often find additional requirements with an update, such as extra processing power, memory or graphics. Our technicians always make sure to check for compatibility as a whole before running an update.

Staying on top of your maintenance and upgrades can be a huge challenge for small business. Outsourcing to our managed services can help more than your budget – call us today at 570-779-4018.

New ‘KRACK’ Wi-Fi Security Issue: This Affects All of Us

The invention of Wi-Fi has been a science fiction dream come true. We can use our laptops anywhere in the house, our phones are using home internet instead of sucking down our cellular data, and our gadgets are all communicating. It’s essentially the backbone of the smart tech boom for home and business alike. Most networks are password-protected with an encryption called “WPA2” and this has been safe and secure, until now.

Recently, a security flaw called KRACK was discovered that allows hackers to break into Wi-Fi networks – even the secured ones. Your laptop, mobile phone, gaming console and even your smart fridge are possibly vulnerable as a result.

How KRACK works: The Key Reinstallation AttaCK isn’t a problem with your device or how it was set up. It’s a problem with the Wi-Fi technology itself. The attack gets between your device and the access point (eg router) to reset the encryption key so hackers can view all network traffic in plain text. Since we rely on Wi-Fi so much, this might mean hackers have a front row seat to your credit card numbers, passwords, chat messages, emails, photos and more.

NOTE: The hacker must be in physical range of your Wi-fi to exploit this flaw, it doesn’t work remotely like other attacks we’ve seen recently. Given most Wi-Fi ranges extend well past your own home/business, this is small comfort, but important to know.

How to protect yourself

Run your updates: Software updates are being released which fix the flaw. Microsoft has already released one for Windows, Apple has one coming in a few weeks. Take a few minutes to make sure you’re up to date with all your patches on any device that uses Wi-Fi (your smartphones, laptops, tablets, PCs, game consoles, etc). Unfortunately, some devices may be slow to get an update, or if they’re older, may not get an update to fix this issue at all. If possible, consider using a cabled connection on those older devices or upgrade to one with support.

Be very careful with public Wi-Fi: While your local business center, library or school campus has expert IT professionals keeping guard over your security, it’s a very different matter at your local coffee shop. It’s unlikely small locations such as this will be on top of security patches. Remember, a hacker exploiting this flaw only needs to be in the same Wi-Fi area as you, so be careful you don’t give them a dollop of private information with their coffee.

Check your browser security: Before sending anything secure over the internet, check you’re using a HTTPS site. You’ll know these by the little padlock you see next to the URL, and the address specifically begins with HTTPS. Major sites like Facebook, Gmail and financial institutions already use HTTPS.

If you need help updating your devices, or want us to check if you’re safe, give us a call at 570-779-4018.

business disaster

Most Businesses Won’t Survive a Disaster. Could Yours?

With the crazy weather we’re seeing, natural disasters and cyber terrorism echoing for years, it’s not a case of ‘if’ a disaster will strike your business, but ‘when’. Surprisingly, it’s not the scope and scale of the event that influences how deeply your business is impacted, it’s your business continuity plan.

Put simply, this is the all-important set of precautions and pre-planned responses to an event, laid out in bullet-proof detail and implemented with one driving focus: keeping your business running with little or no downtime. Think about what would happen if your business was hit by a natural disaster tomorrow. Would it survive? How much downtime would it take to push you into dangerous territory?

According to an IBM study of all the companies that had a major loss of data, 43% never reopen, 51% close within two years and just 6% will survive long-term. For a fraction of those survivors, business even continued as usual thanks to their ‘failsafe’ business continuity plan. It’s more than disaster recovery, it’s full preparedness that bypasses the need for 2+ weeks of downtime, financial ruin, wasted salaries and reputation loss – but it does require a higher level of planning…in advance.

Recommendations to Put You in the Surviving 6%

Prioritize: You’ll need to plan exactly what you’ll recover first and know who’s in charge of making it happen. It goes beyond jotting down a checklist of things to do, it’s taking an analytical, process-based approach to recovery for each unique business perspective. But it’s also realistic: there’s no point dedicating precious time to reviving the email system if your customer data is leaking onto the internet, even if email did rank as your top communication priority!

Backup: Of course, the most critical part of your business continuity is having full backups in three places. Why three? One copy locally which you use each day, a backup on another (disconnected) device in the same location, and one in the cloud. That local backup is your life-saver for system crashes, cyber-attacks and the like; the cloud backup comes into play when your business has taken a major physical hit, perhaps from fire or flood. Some businesses can run entirely location-independent when using cloud systems like Office365, which can be enough to put them in that 6% of disaster survivors.

Test: Make sure all employees know what the plan is if something goes wrong, and their specific roles in these scenarios. You can test, prepare and rehearse your continuity plan under simulated disaster conditions, which will uncover new obstacles, priorities and additional threats.

As your IT environment becomes more complex, carrying more responsibility and risk, so does the importance of a robust business continuity plan. The best BC plans look beyond disaster recovery, taking into account scalability of your system and scope of your individual business, to create strong battle lines that will keep your business operational, both now and for the long term.

Give us a call at 570-779-4018 to create a custom business continuity plan for your business.

mac malware

Apple devices and Macs get malware!!

I don’t like picking on Macs… Oh, wait. That is a lie. I do like picking on Macs because I am tired of hearing “Apple’s don’t get viruses or malware.” This absolutely not true!

There hasn’t been a serious ransomware outbreak on Mac but that doesn’t mean isn’t coming. There are a few ransomware programs in the wild and there has been increased activity in the mac security sector just like there has been in the PC world. Other malware and scam software are out there and on the rise.  “Our tracking of Mac malware has seen a more than 220 percent increase in malware so far in 2017 over 2016,” said Malwarebytes. The main reason that Mac desktops and laptops seem to not be affected is that they only are about 7% of computer users. They are a much small target so there are less malicious programs out there. That doesn’t mean they don’t exist. They will still steal your data if they can. WIth RaaS (Ransomware as a Service) and cross-platform malware, it is becoming easier for the bad guys to target whatever they want. They don’t even have to be proficient at programming anymore. And with an attitude like “we don’t get malware,” you might be easy pickings.

Beyond that, you are also just as likely to lose your online data as a PC user! Just because you are browsing the internet from your Mac doesn’t mean things like the Yahoo and Equifax data breaches will not affect you. You still need to be vigilant in the cloud and protect your personal information.

Protect you and your Mac

  • Backup your data – Onsite, Offsite and Cloud
  • Keep your software and OS up to date
  • Don’t use unapproved software
  • Use an extra anti-malware solution
  • Be wary of unknown websites and unsolicited email
  • Use strong password and 2fa (Two-factor authentication) wherever you can
  • Use a standard account over an admin account for everyday use
  • If you have a laptop, consider full disk encryption

We offer backup, monitoring, and antimalware solutions if you use Apple products in your business. Let us know how we can help!

Public Sector IT Security

NEPA Public Sector IT Security

Are you in a NEPA local or state government entity? Are you worried about audits and compliance? Have you been quoted some solution that you can’t afford?

Ask us about our NG firewall and endpoint solutions!

Our NG (next generation) firewall has an option that was designed specifically for state and local government compliance. There are public sector discounts for all the security packages.

Already have a system in place? We ofter a conversion service as well as system optimization service. The NG firewall device can be installed “inline” which means you may not have to replace all your current network hardware.

We will monitor these solutions for you via our MSP/MSSP packages. Monitoring is part of compliance rules!

Some of the key features of Untangled NG Firewall:

  • Helps meet compliance for FISMA, NERC, NIST, FIPS, and several other state and county rules
  • Unique and granular policies for specific departmental and user access
  • Firewall, Router, IPsec VPN, Advanced Antivirus, Intrusion Prevention and Phish Blocking
  • HTTPS/SSL traffic inspection
  • Active Directory/LDAP Integration
  • Prioritize network traffic for mission-critical applications
  • Layer 7 application awareness to identify all incoming application traffic regardless of port destination
  • Prevents network slowdowns caused by any individual or group of users and applications

Give us a call at 570-779-4018 so we can schedule your free consult!

 

better business owner

3 Tech Tips to Make You a Better Business Owner

There’s no doubt about it, business can be tough! You’re juggling employees, customers, suppliers, stakeholders…the list is endless. You’re also operating in a competitive, high-tech economy that keeps trying to speed ahead without you. It’s no wonder you’re craving ways to get ahead of the competition, cut costs, boost productivity and dreaming of a vacation. Here are 3 tech tips that will make your life easier – and maybe get you closer to that ‘World’s Best Boss’ mug.

Consider a commuting policy

With better technology and faster internet connections, remote working isn’t just a possibility now, it’s an expectation. Clearly, not for every job (virtual burgers anyone?), but there are a lot of computer tasks in your business that could be done from home. Even if you offer a split week with 1-2 days at home and the remainder in the office, this can be a huge boost to your productivity.

From your perspective, remote employees can be more efficient without the distractions of yet another birthday sing-along, they have fewer absences and stay in the job longer. From the employee perspective, they don’t need to waste time commuting, get their work done faster, and generally feel happier and healthier.

Don’t cheap out on technology

Unsurprisingly, a tech newsletter is advising you to invest in tech, but hear us out. Technology is rapidly becoming the backbone of most businesses, yet we still see people who try and get by with the bare minimum investment and maintenance. And by ‘see people’, we mean they’re our most frequent repair and data recovery clients.

When you take shortcuts with your tech you’ll always get higher failure rates, more downtime, and employees who can’t do their job even though you’re still paying them by the hour. When businesses keep old tech longer than they should, thinking of the immediate cost saving, they usually end up paying more in the long term.

Embrace the cloud

Many of your existing software packages have a cloud version, which would allow multiple people to access it at once and give added backup or synchronization benefits. Your remote workers, mobile staff, accountant or CFO can all view the same reports without anyone having the trouble of sending out separate copies.

Cloud technology is also perfect for notetaking and collaboration using software like Evernote or OneDrive. You and your employees can think of ideas while out and about, make a few notes on a mobile device, and have it all synced perfectly to your desktop when you need it. You can even scan in paperwork and have your entire filing cabinet in your pocket.

Your business tech can unlock multiple possibilities that will make your days run smoother, more profitable and put you miles ahead of the competition. Ready?

Give us a call at 570-779-4018 to make your tech work harder for you.

nonprofit nepa

Nonprofit NEPA – What do you do for computer service?

Is your nonprofit company calling for computer support only when things are broken? Are you calling an IT company at all?

IT can be challenging even for larger nonprofit organizations. Many places have older equipment but have a high demand to use new software. Some do not have computer savvy staff to take of the mundane computer tasks. Most appear to have a high employee turnover. A few desire secure remote access. All have sensitive client info that needs to be kept private. All of these things require cybersecurity to be high on the list of priorities as they all present opportunities for hackers and evil doers to gain access.

It is all too expensive to worry about, right? And who would want to hack our small company? You would be surprised. On both counts. Even Non-Profits can get HIPAA Fines. You can still be held accountable for your client’s data loss.

Cybersecurity and IT can be affordable. You may not be a “for profit” business, but you are still an organization that needs to have a secure and efficient computer system. There are many budget-friendly ways to accomplish this for nonprofit companies.

  • Free hosted email
  • Free spam scanning and encryption
  • Low-cost hardware and software options
  • Open source software solutions
  • Donated or Recycled hardware
  • Monthly service or all-inclusive plans that are easier to budget

These are only some examples. If our years of experience working with NPOs has taught us anything, it is each organization is unique and may benefit from different solutions.

Let us take a look at your current setup and see if we can offer some cost-effective solutions to get your nonprofit on the right track.

 

Hackers, Ransomware, and Malware. Oh, My!

Is your company protected?

These attacks continue to rise. They are targeting more and more small businesses. 1 in 5 small businesses will suffer a cyber breach this year. 97% of breaches are preventable. There are affordable solutions to protect yourself.

These are some things that you and your IT company should talk about implementing:

  • Backup — Backup. Backup. Backup. You should have onsite and offsite backups. Consider full operating system disaster recovery and testing. These should be monitored and tested frequently.
  • Updates — Update everything! Software, firmware, and operating systems. If you are running on unsupported or outdated systems you are asking for trouble.
  • Spam email prevention — This is one of the main sources of attacks. You need to train your employees and have a spam filter in place. Even if you are using a service like Gsuite or Office 365, you should consider using additional protection.
  • Passwords — Everyone hates passwords but they are a necessary evil. At the very least you should make sure they are long and not easy to guess. We recommend changing your passwords every 90 days. And please don’t use the same passwords everywhere! All it would take is one breach to loose all your data. There are tools available to help keep track if you are like me and have 300 of them.
  • Multi-factor Authentication — Consider using this everywhere you can. If your password is stolen, this adds another layer of protection to your data. Avoid SMS/Text if possible as these can be intercepted.
  • Advanced endpoint security — Simple definition based anti-virus is not enough anymore.
  • Firewall — Make sure built protection systems are enabled and the log files are being monitored.
  • Encryption — This protects hackers from accessing your data via stolen hardware. Mobile devices (phone, laptop, tablet) should always be encrypted. Consider encrypting at rest data and devices as well.