Home » Blog » IT

Tag: IT

Https now

It’s Official: Your Business NEEDS to Use HTTPS

You may have noticed many business websites now have a green padlock in the address bar next to the letters ‘https’. Until recently, you’d only see that on shopping or banking sites, but it’s now become the expected norm for all business websites – even if you don’t ask people to log in or enter credit cards. Simply put, the ‘s’ in https stands for secure and means any data sent/received by the visitor is encrypted.

Clearly, it’s an essential feature for e-commerce sites, but why have all the info-only websites started using https too?

The New Google Rule

As of July 2018, Google will mark your page as insecure unless you’re using https. It’s a movement they started a few years ago to make the internet a more secure place by default. Since Google pretty much rule the internet search and increasing security is always a good idea, businesses have been gradually switching over. Without https protection, someone with access to your internet connection, whether from digital eavesdropping or hacking, could intercept the information. They could also place malware onto otherwise legitimate sites and infect innocent visitors. That’s why eighty-one of the top 100 sites online have already switched to https and a strong majority of the web is following suit.

The Browser Bar Says It All

In the same way a green padlock in the browser bar indicates a trustworthy site, you can expect non-https sites to be marked with a “not secure” warning. Previously, users had to click an information symbol to actively investigate non-secure sites. The shift to plain sight markers will be most noticeable on Chrome, however it’s expected that other browser developers will follow suit. Visitors may then be alarmed by landing on your site and seeing that the connection isn’t secure.

The fact that you may not be asking them to log in, enter personal details or payment is irrelevant. You may not be asking them to enter anything at all, but perceptions matter. Eventually that warning will be changed to an alarming red as Google declares war on unsecure sites. As the common understanding is that a warning = bad, you may get more visitors bouncing away within seconds or even contacting you to report that your site has a problem.

Boosts for Secure Sites

Google is taking its commitment to safe web browsing further by favoring https. That means the search algorithm is taking your site security into account, preferring to display results that it knows will protect users from hackers. Since https status gets the nod, you may find yourself climbing in the ranking while other businesses scramble to catch up. It really is a win-win situation.

What to Do Next

In an ideal world, your site would have a secret switch on the back-end you could flick over and suddenly be https, but it’s a little more complicated than that. In fact, you may have already noticed some sites experiencing trouble with the migration. When the setup goes wrong, users don’t see your website with a little warning in the corner, they’re blocked by a full page error and offered a return to ‘safety’ (away from your site).

The easiest way to make the move to https is to contact your IT technician or web developer, as they’ll be able to make sure you’re keeping Google happy and rolling in the green.

We can migrate your site to https – call us today at 570-779-4018

Getting tech new business

How to Securely Dispose of Old Computers

Getting new computers for your business is exciting, but what happens to the old ones? Depending on the age, some people sell them, others throw them out. That’s the easy part. The problem is the sensitive data on them. There are passwords, account numbers, license keys, customer details, medical information, tax returns, browser history…. the works! Each computer, whether laptop, tablet or desktop, contains a treasure trove of sensitive information that cybercriminals would love to get their hands on.

Unfortunately, hitting delete on your files doesn’t actually make them disappear, nor does waving a strong magnet over the drive. These mistakes have cost businesses millions of dollars over the years.

Most businesses are unaware that specialized data cleanup is necessary, others think calling someone to collect the computers will cover all the bases. A 2016 experiment proved just how dangerous the situation can be when they bought 200 used hard drives and found 67% held unwiped, unencrypted sensitive data, including sales projection spreadsheets, CRM records, and product inventories. Frighteningly, they didn’t need any special hacking skills to get this data, it was all right there and helpfully labeled. It’s also not surprising that with simple data recovery tools, people have also been able to access British NHS medical records and missile data, all waiting patiently on a discarded hard drive.

Why hitting delete doesn’t help

Data on a hard drive works like a book with an index page. Every time data is written, it pops a quick entry into the index so when you need it again, it knows where to look. The index is used for files you create as well as system files you can’t even see. Sensible, right? Except if you delete a file it’s more like changing the index to say nothing is on page 10 and you can write something else there when you’re ready. But if you manually flip to page 10, you’ll find the information is still there – the file still exists until it’s been written over – it’s the index reference that got deleted.

Wiping data before disposal

There are software tools you can get to do it yourself, as well as dedicated security firms, but your best option is to choose an IT business you know and trust. With that in mind, a methodical approach is required to ensure not a single drive is left untreated. You don’t want to leave data behind, or even clues that a motivated person could extrapolate any private information from. The approach might include using checklists to maintain security, or dedicated processes to guide each step in decommissioning. Careful records should also be kept, including who signs off on completion of the retirement, and where the computers are sent afterwards. A proper inventory and auditing process may slow the rollout of the new computers slightly, but it’s always better than having your old data come back to haunt you.

We can migrate any needed data, backup the information to your server or external drive, then wipe or destroy the hard drives for you. We can assess the age of your old computers and either dispose of them for you or point you in the right direction of computer recyclers. Plus, the quicker you dispose of your old computers, the easier the process will be. Recyclers will be able to send less of your equipment to landfill, and you’ll be less likely to forget how valuable the drive contents are.

Upgrading your business computers should be a happy time for you and your employees, so with a little forward planning, you’ll be able to keep everyone smiling and all your data secure.

Need help with your old hardware? Call us today at 570-779-4018

Getting tech new business

How to Get the Right Tech for Your New Business

Congratulations on your new business! Start-up costs can easily escalate, and tech is often one of the bigger expenses. It’s not that everything is high priced, but the sheer number of technologies available can overwhelm smart decision making. The latest tech is dangled in front of you with amazing features you didn’t know you needed, and suddenly your budget has gone boom!

Here’s how to get the tech right for your business, without the headache and drama.

1. Check if you actually need it

In a lot of cases, using a cloud application means you can skip the big server purchase, along with the on-site technician to manage it. Many of your business programs will have a cloud option that allows you to get all the benefits without the big expense. Before you make the tech purchase, work out which applications you’ll be running and whether a local installation or cloud access is preferred. As part of this stage, think about how you’d like to use the applications – perhaps remote access is a priority, or perhaps collaboration will underpin your business culture. This level of clarity is often overlooked and the number 1 reason why tech expenses spiral.

2. Get expert advice

It’s easy to ask friends and family what to buy, but there are many more factors to consider than just their personal preference. You trust their opinion, of course, but they may be speaking from a consumer perspective or basing their recommendation on brand loyalty. Every business is different and pairing the correct technology with the business will save you a lot of money in the long run.

3. Buy business grade

Unfortunately, the computers and laptops you see in department stores aren’t up to business standard. They’re designed for home users to perform quick tasks, not run a full 8 hour (or more) workload. Business grade systems have additional features that your business needs, plus longer warranties and better support. Even the attached devices like networking or printers are built to a higher standard, to last longer and perform better. Considering the cyber climate we live in, taking a special interest in the security offered by the business grade technology is a wise decision.

4. Prioritize flexibility

Businesses evolve rapidly during their first few years and the last thing you want to do is go out and buy new tech, playing catch-up with your vision and smushing together an assorted mismatch of devices. Your new technology should be as scalable as your business, which means making purchase decisions based on strategy, not price. Perhaps this means instead of workstations for employees, you only need tablets. Rather than having a fixed point of sale system, you might choose mobile checkout devices so your staff can assist customers on the go. These examples highlight how easy it is to commit to certain tech because it’s ‘what you do’ but later discover you’re locked into a certain way of doing business. Trying to change your processes down the line impacts productivity, efficiency and culture in a big way, so we recommend buying with your future success in mind.

5. Choose an IT partner

During your set up and moving ahead through growth, you’ll need an IT partner who can not only help with your purchase strategy but support you through any tech problems as they arise. That’s the difference between a partner and a supplier, they’re committed to driving long-term business success.

You’ll be able to call on your partner and know they’re immediately up to speed with your business, they know how IT can help leverage your competitive advantage and which critical systems they should focus on. Getting good tech in place shouldn’t be seen as just an expense. It improves productivity and allows you to serve your customers better while enjoying consistent growth.

If you need an IT partner to help your business grow, give us a call at 570-779-4018.

The True and Unexpected Costs of Being Hacked

There are the normal costs everyone associates with a breach, like getting your own server and computers fixed up, with maybe a little downtime. But really, most businesses view the possibility of getting hacked as more of an inconvenience than a bottom-line cost. For those who’ve come out the other side though, it’s a very different story. They know the hidden and ongoing costs of a data breach can be crippling, and that IT security exists to protect your business on multiple levels. All those surprise costs that spiral out of control are why most businesses close after a cyber-attack. Here are a few of the hard, but common realities of life after a hack.

Raiding the budget to reduce downtime

From the moment a cyber-attack gets into your system, things get expensive, and the longer the attack goes, the more it costs. Latest stats reveal most breaches aren’t identified for around 191 days, then it can take on average another 66 days to contain the damage. During this time you’re cleaning PCs, mobile devices, laptops, servers and even entire networks. Add to this the fee for experts to fix everything up, all the new tools and software they insist you have, and all the hours/days/weeks when your business is struggling with downtime, you’ll exhaust your emergency funds very quickly.

The long arm of the law

Depending on what data was stolen and how you handled the situation, you could be liable for fines into the millions. Having any medical data or legal files leak is a particularly messy scenario with fines coming from multiple sources. In any case, new privacy laws mean businesses are liable for massive fines if they don’t disclose a data breach, even if only email addresses were stolen. Where this gets even trickier is that the burden is on your business to know exactly what data has been stolen/illegally accessed, so you can report it before the fines stack up. This means that even if you were able to fix up the systems yourself, you still need to hire an expert who can identify exactly what the hackers took, from where and when.

Customer retention measures

In a double-down crush to your bottom line, not only does your business have to bear the cost of the hack, your future income takes a hit as customers lose trust and leave. To offset this, many businesses need to engage PR experts, spend more on advertising, and go all out to ensure they survive to fight another day. Even so, your breach disclosure will still come up in search results for many years. The more negative publicity your breach attracts, the more you’ll need to spend on customer retention.

All your secrets exposed

While you may not have Pentagon level secrets to protect, your business does have information that you’d like to keep to yourself. Hackers love going after those juicy tidbits, and the more closely you guard them, the more attractive they are. Think Coca Cola recipe, Big Mac Secret Sauce or 11 Herbs & Spices…While those corporations would be big enough to keep their competitive edge after the breach, your business success relies on at least some information staying secret. It may not be a secret recipe, but your proprietary methods and databases have a black-market value all of their own.

But simply avoiding a breach doesn’t cost much at all…

The thing is, it’s not expensive to stay on top of it all and keep your business protected. For a low monthly fee, we can reverse the entire scenario and secure your systems against the unknown. That means no need to raid other department budgets in a panic, pay crippling fines, make embarrassing public announcements, or fight to retain your competitive edge.

We can help with making sure your systems have the latest security patches and your anti-virus knows the latest tricks to watch for. Our technicians can build a virtual fortress around your business that keeps the bad guys out while letting you thrive, and even monitor security with early warning systems. Whatever your needs are, both now and moving ahead, we’re here to help keep you safe while keeping your IT costs low.

Ready to secure your business against breaches? Give us a call today on 570-779-4018.

outsourcing your IT

Outsourcing your IT

Why outsource your IT?  As a Small – Medium Business (SMB), the question of outsourcing your Information Technology (IT) may have frequently crossed your mind, especially with the surging security breaches that the media outlets seem to broadcast weekly.  Whether your business does not already have a dedicated IT Department or if you are seeking complementary services to your already established IT infrastructure, outsourcing your IT technology can provide tremendous benefits to your business.  Using the 3 R’s (Reasons, Risks & Rewards) can provide a base to examine if outsourcing your IT may be beneficial and effective for your business.     

 

REASONS to outsource your Managed IT Services

  • Outsourcing is Budget Friendly – Cost Effective – Reduce & Control Operating Costs.
  • Would your business like to improve your and Your Employees’ Focus and Resources?
  • Would your business like to Reduce Labor Costs?  
  • Is your business finding it difficult to keep up to date with Routine Maintenance on Workstations and Servers?
  • Is your business finding it difficult to start or manage IT Projects?
  • Make capital available for other means in your business.
  • Reduce Security Risks.

 

RISKS involved with outsourcing Managed IT Services

Any time you hand over responsibilities for any aspect of your business you are inviting risk. Whether hiring a staff member or outsourced service, you may have lingering hesitations, such as, What are they supposed to do? Or Will they fit in with the company culture? Or Did I hire the right person?  

 

Some other risks that you may consider when outsourcing your Managed IT Services:

 

  • Loss of Control – Oversight
  • Confidentiality of DATA – entrusting someone to your company’s intimate practices may seem like a risk, but an Outsourced IT Service provider can also help protect your DATA from ending up in the wrong hands
  • Disaster Recovery – much like confidentiality, an Outsourced IT Service provider can mitigate and help to make a plan for Disaster Recovery
  • Some IT functions are not easily converted
  • Employee Morale
  • Your business may get locked into a contract

 

REWARDS of outsourcing your Managed IT Services

  • Acquire a Valuable Partner –  a committed Expert of Outsourced Managed IT that provides professional, objective and best practice advice along with keeping up with the most current technology trends.
  • Add to your In-House capabilities.
  • Little to no Human Resource (HR) Investment.  Hiring an employee hosts a staple of expenses from the hiring process, background checks and supplying a space to work to account for benefits, vacation, sick days, worker’s compensation, continued training, employee performance reviews, human resources, and of course, employee turnover.
  • Cost Savings.
  • Flexible to your Company’s changes in size, volume, and strategy.
  • Security – Keeping your Systems updated, leveraging Virus protection and proactively monitoring.
  • Predictable Monthly Budget.
  • Prevent Burnout of Yourself and Employees.

 

BONUS – Tips to Working with your Outsourced Managed IT

  • Clearly formulate and communicate goals and objectives of the business relationship
  • Have a Strategic Vision
  • Keep Open Communication

 

Managed IT Outsourcing companies have a lot of experience with different types of businesses and thus – a better understanding of a client’s expectations. This is the main reason why outsourced companies are able to be flexible with your requests and visions. They can even propose new ideas that can change your perspectives. Outsourcing companies see your existing infrastructure from a different vantage point and can customize a solution for your individual business needs.  

 

About Herstek & Associates, LLC

Herstek & Associates, LLC is a professional outsourced computer service company serving small to medium businesses in Luzerne and Lackawanna Counties in Northeast Pennsylvania (NEPA). Our specialties are network planning (network consulting), network projects, and ongoing network/computer maintenance. We pride ourselves in not only delivering the results you expect but also being knowledgeable, systematic, accountable, trustworthy and easy to work with. To speak with a Support Advisor about the the computer support provided by Herstek & Associates, LLC please call us at (570)779-4018 or contact us.

Section 179 Deduction

NEPA Section 179 Deduction

It is a great time of year to take advantage of the section 179 deduction. If you purchase software or equipment by December 31rst, you can deduct the full purchase price and a bonus depreciation. Section 179 is the product of a recent stimulus bill that is geared to help small business grow.

There are limits to what you can purchase. Most computer equipment qualifies. Most “off-the-shelf” software qualifies. PC, Laptops, Servers, and network equipment all qualify. Custom software does not but server-based software, PC operating system upgrades, MS office products, and accounting software like QuickBooks all do.

How about a business class i7-6700, 8GB ram, 250GB SSD with windows 10 pro with a 5-year parts warranty?

business class i7-6700, 8GB, 250GB SSD with windows 10 pro

Or maybe you need a new rack mount server with a Xeon Processor, 32 GB ram, 8TB hot swap raid 5 for your new virtual server host.

 Xeon Processor, 32 GB ram, 8TB hot swap raid 5

Or it could be time to upgrade your aging routers. Maybe a new SG-3100 pfSense router with 2x1GbE (gigabit ethernet) internet ports so that you can keep your business running on a backup internet connection even when the main lines goes down?

SG-3100 pfSense

Or maybe you have read some of my ransomware articles and now you are ready to have a serious disaster recovery system in place. We can configure a local backup system and supplement it with online backup. The hardware for the local backup could fall into the section 179 deduction.

Onsite Bare-Metal Recovery with Cloud Replication
We can source you other products as well. Ready for your Dual monitor setup? How about upgrading your laptop to an SSD drive? Maybe it is time to upgrade the memory on your unit?

Dual Monitor

Contact us now and we will be more than happy to configure a custom quote for whatever you need so you can take advantage of the section 179 deduction this year. Contact us here…

 

 

 

 

 

Outsourcing Updates

Keep Up to Date by Outsourcing

Updating your business software is one of your best protections against cyber-attack, but actually going through and running the updates is a task that often gets overlooked. Either they take too long, they pop up at inconvenient times, or you simply don’t know when an update is available. Do you have a plan in place to ensure all your tech is up-to-date, or are you flying by the seat of your pants?

Emergency updates are a killer

Just between us, most businesses update their software only when the repair techs come to fix a major breakage. The techs run the updates before they leave, then the systems sit there with ever-widening security gaps… until another breach happens and the techs are called back for another band-aid solution. Emergency only updates in a break/fix model are a great little earner for those techs, not so good for your uptime or budget.

Finding time for maintenance

To keep your business up and running securely, you need someone who lives and breathes updates. They’ll need to have top tech skills so they know when and how to apply all the patches, and how to make sure all your other tech is playing nice (and do it all after-hours). If you have an in-house IT specialist, you’re set – and they should already have an update plan. But if you don’t have a qualified IT team member, outsourcing to managed services is the perfect solution. You get highly skilled technicians remotely applying your network updates after hours. It’s also a great alternative when your in-house IT team is overloaded and has no time left for routine maintenance. We’re able to partner with your existing techs to take care of the small tasks, leaving them free to focus on bigger initiatives.

What else needs to be checked?

Beyond running security patches, it’s important to keep your business moving forward. Here are a few areas our techs look at as part of managed services:

Hardware health: The last thing you want is days of downtime after a piece of hardware dies a spectacular death, dragging other components down with it. By not staying on top of your hardware health, you’re opening yourself up to lost productivity, lost income and unknown delays. Our managed services can assess and replace components before they break. If suitable, we’ll also save you money by recommending (and helping) you move to a cloud solution, so you can access your data with inexpensive hardware like tablets.

Operating system expiry: While it’s great that you have a preferred OS, keeping it after the manufacturer ceases support can leave your business wide open for attack. It’s simply not a good combination. Our managed services technicians will advise you of any changes coming up for your OS, and suggest the best upgrade for your needs.

Legacy programs: Updates to your software have the potential to disrupt older programs, either resulting in errors, slow performance or even downtime. With technology advancing so fast, we often find additional requirements with an update, such as extra processing power, memory or graphics. Our technicians always make sure to check for compatibility as a whole before running an update.

Staying on top of your maintenance and upgrades can be a huge challenge for small business. Outsourcing to our managed services can help more than your budget – call us today at 570-779-4018.

Public Sector IT Security

NEPA Public Sector IT Security

Are you in a NEPA local or state government entity? Are you worried about audits and compliance? Have you been quoted some solution that you can’t afford?

Ask us about our NG firewall and endpoint solutions!

Our NG (next generation) firewall has an option that was designed specifically for state and local government compliance. There are public sector discounts for all the security packages.

Already have a system in place? We ofter a conversion service as well as system optimization service. The NG firewall device can be installed “inline” which means you may not have to replace all your current network hardware.

We will monitor these solutions for you via our MSP/MSSP packages. Monitoring is part of compliance rules!

Some of the key features of Untangled NG Firewall:

  • Helps meet compliance for FISMA, NERC, NIST, FIPS, and several other state and county rules
  • Unique and granular policies for specific departmental and user access
  • Firewall, Router, IPsec VPN, Advanced Antivirus, Intrusion Prevention and Phish Blocking
  • HTTPS/SSL traffic inspection
  • Active Directory/LDAP Integration
  • Prioritize network traffic for mission-critical applications
  • Layer 7 application awareness to identify all incoming application traffic regardless of port destination
  • Prevents network slowdowns caused by any individual or group of users and applications

Give us a call at 570-779-4018 so we can schedule your free consult!

 

Hackers, Ransomware, and Malware. Oh, My!

Is your company protected?

These attacks continue to rise. They are targeting more and more small businesses. 1 in 5 small businesses will suffer a cyber breach this year. 97% of breaches are preventable. There are affordable solutions to protect yourself.

These are some things that you and your IT company should talk about implementing:

  • Backup — Backup. Backup. Backup. You should have onsite and offsite backups. Consider full operating system disaster recovery and testing. These should be monitored and tested frequently.
  • Updates — Update everything! Software, firmware, and operating systems. If you are running on unsupported or outdated systems you are asking for trouble.
  • Spam email prevention — This is one of the main sources of attacks. You need to train your employees and have a spam filter in place. Even if you are using a service like Gsuite or Office 365, you should consider using additional protection.
  • Passwords — Everyone hates passwords but they are a necessary evil. At the very least you should make sure they are long and not easy to guess. We recommend changing your passwords every 90 days. And please don’t use the same passwords everywhere! All it would take is one breach to loose all your data. There are tools available to help keep track if you are like me and have 300 of them.
  • Multi-factor Authentication — Consider using this everywhere you can. If your password is stolen, this adds another layer of protection to your data. Avoid SMS/Text if possible as these can be intercepted.
  • Advanced endpoint security — Simple definition based anti-virus is not enough anymore.
  • Firewall — Make sure built protection systems are enabled and the log files are being monitored.
  • Encryption — This protects hackers from accessing your data via stolen hardware. Mobile devices (phone, laptop, tablet) should always be encrypted. Consider encrypting at rest data and devices as well.

Feeling the Budget Pinch? Here’s How Managed IT Can Help Save Your Business.

When it comes to running a modern business, technology is always a growing line item in the budget. Costs seem to creep up every quarter, along with a new learning curve for simply keeping everything running along smoothly. It’s no wonder then that budget restrictions for tech were recently found to be a universal concern for small/medium business.

You’re balancing the outlay of maintenance with replacement, plus securing against a steady stream of threats – all while making sure every dollar gives maximum return on investment. It even sounds exhausting! What typically happens is the tech budget gets stripped to a bare minimum, hoping nothing unexpected pops up and everything keeps moving along nicely. After all, everything is working just fine and that money could make a real difference elsewhere… except as soon as an IT emergency strikes, that tiny budget is obliterated and you’re left to either limp along with insufficient tech or dip into another budget area.

Now imagine if budget wasn’t an issue. Imagine all your tech expenses were predicted and capped, and you got everything you needed without resorting to financial magic tricks. Sounds good, doesn’t it?

Put simply, that’s how a Managed IT Service works. It’s a service designed for businesses with a limited budget who don’t have time for tech issues. For a fixed price each month (which is no doubt less than you’re thinking), you get a team of IT technicians actively monitoring your systems in order to catch issues before they occur, repairing problems on the fly, and ensuring your business is always as secure as possible. Included as part of your Managed IT Service, you also get expert business consulting around the solutions you need now, which solutions will help you rapidly scale, and which technology you don’t need. All for one predictable, fixed price each month. It gets better:

You’ll reduce downtime and associated revenue loss.

Forget scrambling while systems are down, with Managed IT Services you’ll know which tech is failing and can proactively repair or replace before it impacts your business. Downtime is planned/minimized and your staff are working uninterrupted by tech drama.

You’ll skyrocket efficiency.

You’ve probably been responding to your IT events in ‘firefighter mode’, essentially dealing with problems as they arise and switching to new, improved tech only when you must. With Managed IT Services, problems are automatically reported and optimal solutions designed in advance. Even the small issues that have been slowing your business down and limiting progress come to light, ready to be solved for greater efficiency.

You’ll secure against data loss.

Whether you’ve been following the news and worrying about the next cyber-attack, or you’re working with confidential customer or proprietary data, your Managed IT Service has you covered. Our technicians secure your business against attack using the latest technology, full backups, software updates and leverage every drop of their know-how to keep your valuable data safe.

Learn more ways Managed IT Services can benefit your business – give us a call at 570-779-4018.