How to Tell a Client You Are Relocating Your Office

Making the decision to relocate your organization is the first step in the process of a very long list of to-do’s.  It is a complicated but rewarding process.  It will take careful planning to eliminate employee downtime and for you to minimize the impact on your business’ day-to-day operations.

One of the crucial tasks involved with moving is to be sure you make it as simple as possible for your clients to find you. Here are some tips to help you communicate that message effectively:

Tell Your Clients as Soon as Possible.  Start telling people far in advance of the actual move date. Use whatever tools you would normally use to reach out to your clients.  Use email, social media, announce it on your web site, include a notice on your email signature and put a note on your invoices. Be sure to post regular reminders and updates about the move.

Why Not Make It Local News?  Contact your chamber of commerce and networking groups to request they make announcements.  It’s a great and effective way of getting the word out there, and typically you’re not paying extra dollars for reaching many people in the community.

Make It a Big Deal.  In every piece of content that you announce the move, make it exciting! Tell your clients why it’s exciting – whether it means a bigger location, you’re expanding your business, or that you’ll be closer to your clients. If you are downsizing, it can be described as a positive business decision aimed at decreasing wasted resources.  Either way, it’s all in how you package it.

Post A Notice On Your Website.  Put an announcement on your homepage in a very visible way. Create a page dedicated to move updates so expectations of office relocation dates are very clear.  On your About Us and Contact Us pages, add information for both your current and new location, including dates you will be moving or closed for moving. If you have a blog, post updates regularly.

Hopefully these tips will help your organization spread the word to your clients to make the transition easy for them!

Manufacturing Organizations – A Prime Target for Malicious Cyber Attacks

On May 12th, 2017, a dangerous ransomware virus named WannaCry, infiltrated thousands of computers across the globe.  Ransomware worms its way into a network, encrypts files, and locks them down until a ransom is paid. The creators of WannaCry designed the ransomware to hold business data hostage until a ransom was paid. After 3 days, the ransom would double. If it wasn’t paid within a week, the encrypted data would made non-recoverable.

These malicious attacks exploit a company’s vulnerabilities by blocking access to critical business data which leads to lost productivity, loss of earnings, and consumer trust.  Thousands of companies fell victim to the attack, including a large number of manufacturing plants.  In fact, one car manufacturer had to shut down operations to deal with the fallout.

Phishing emails and compromised websites are the most common form of cyber-attack and are often disguised as harmless attachments or documents. As manufacturing automation has evolved, the security measures used to protect business data remains obsolete. Cyber criminals are becoming more sophisticated and organizations need to be better prepared.

Why Target the Manufacturing Industry?

Manufacturers invest in machine automation to stay competitive and to be able deliver on time, but most manufacturing industries forget that as physical systems are upgraded, network security must be updated.  There is simply not enough attention being given to network security and cyber criminals will exploit an organization who have security loopholes.

Unlike the healthcare industry, manufacturing organizations don’t have the regulations for cyber security.  This “no consequence” environment allows factories to continue with little to no security practices. If security compliance was mandatory, manufacturing plants would be more diligent about updating network protection, making it more difficult for criminals to disrupt production.

There is a lot at stake within the manufacturing industry.  Factories and warehouses operate on strict production and delivery schedules.  If a cyber-attack created a halt in production, it will cause missed shipments, lost revenues and lost man hours. In addition, if one link in the supply chain is attacked, it hurts the businesses that partner with them too.  Manufacturers cannot afford any downtime which is why this industry is more likely to pay a ransom to restart production.  The problem is that there is no guarantee an organization will receive its data back, even if the ransom is paid.

How to Protect your Factory and Keep Production Running

Failure to effectively protect manufacturing networks/data often stems from a lack of awareness about cybersecurity and where the company is left exposed. Integrating proper security protocols seems like a daunting task due to the planning, reconstruction, and continuous monitoring involved.

Working with a managed service provider like Bryley Systems will remove the worry and the work involved in managing these security tasks.

Partering with Bryley Systems can tighten your network security:

We understand the manufacturing industry and can work effectively with factory owners and managers to fill in security gaps. Partnering with us will give you a focused and layered cyber security integration plan that is custom built for your organization.  Shield your manufacturing plant from a cyber-attack and put the focus back on innovation.

Contact us at 978-562-6077, or by email at ITExperts@Bryley.com to learn more. We are here to help.

Learn on how Managed IT Services can help your business.
Discover the best IT Company suited for your business.

Bryley Systems Exhibiting at the 2018 Corridor Nine Business EXPO

We are excited to announce that we will be exhibiting at this year’s Corridor Nine Business Expo.

Come and Join us on April 4th, 2018 at the DoubleTree Hotel in Westborough, MA.  It is free to attend!

Event Details:

April 4th, 2018
4:00 to 8:00 p.m.
DoubleTree Hotel 01581
5400 Computer Drive
Westborough, MA

Free to attend!

Windows 7, Windows 8, or Windows 10? Eeny, meeny, miny, moe?

By Anna D, Client Relationship Manager, Bryley Systems

Choosing which Windows operating system (OS) to install on your computer is not child’s play.

I know, because as the Bryley Systems’ Client Relationship Manager, I have this conversation with clients over and over again, especially when clients are purchasing new computers.

Here’s what I recommend.

If you are purchasing new computers for your organization, you should seriously consider installing Windows 10. 

Some clients want to install Windows 7, perhaps because they’re familiar with it. However, Windows 7 has a relatively short lifespan. It will be at “end of life” on January 14th, 2020.  This means that Microsoft will no longer be providing security updates for that operating system, in which case your computer will be more susceptible to viruses and your organization will not be compliant.  In 3 years, you will have to upgrade that operating system. An upgrade involves labor costs, software licensing, and employee downtime. Not the best idea.

What about Windows 8? Good question. Windows 8 was the operating system that Microsoft “abandoned,” probably because it was not well received. Windows 8 was only around for 3 years, making it one of the most short-lived operating system licenses that Microsoft has ever released. What’s more, many distributors are not stocking their inventory with computers that have Windows 8 or 8.1 pre-installed. That’s a problem.

That brings us to Windows 10, which is definitely my recommendation. Of course, prior to installing Windows 10, you need to find out if all of your applications are compatible with this newest operating system.  We can help you make that determination.

Transitioning to a new operating system isn’t always easy, but it is a best practice and we can guide you through the process. For more information, please call Bryley Systems at 978-562-6077 or toll free at 844-449-8770. Of course, you can also email us at ITExperts@Bryley.com.

The Importance of BU/DR in the Manufacturing Industry

What would happen to your organization if plant production was taken to a halt?  How would you get it back up and running?  Or, could you?

Whether the disaster is caused by mother nature, a human error, a cyber-attack of some sort (and yes, there are many types), it can wreak havoc on your organization – it can even take the company down to its knees.  Each moment of downtime equates to lost dollars and lost customer satisfaction. Manufacturing firms have to effectively ensure that production and distribution is consistent.

Technology is used throughout manufacturing in many ways – to store data, run automated machinery on the plant floor, track inventory and support distribution. Your technology is intertwined with your business processes and if you suddenly weren’t able to use those processes, it could be a catastrophic situation.

A few scenarios of how a disaster can disrupt manufacturing, and what you can proactively avoid it.

Halt in Production.  Complex automated equipment and inventory tracking are just two processes that are severely influenced during a disaster. Do you have a recovery plan in place for a worst-case scenario?  Production logistics may be the most challenging area to recuperate, but having a strong backup and disaster recovery (BU/DR) plan safeguards data and allows for immediate access to mission-critical applications.

Whether your organization experiences a cyber-attack, or even a power outage that shuts down productivity for several hours, all of your applications used to run the automated machinery will not work because the system cannot connect to the network. Depending on the size of your plant(s), you could be facing up to millions of dollars in lost revenue and customer reimbursement.

BU/DR To The Rescue.  If your senior management team turned to a BU/DR expert – like Bryley Systems –  to assess the possible vulnerabilities associated with an outage and developed a proactive plan to recover and access data, your BU/DR provider would be able to access your data and apps to get your operations back up and running with a minimum amount of downtime.

Halt in Distribution.  Downtime is never acceptable when it comes to distribution.  All schedules must be strictly followed to satisfy delivery expectations. Customers don’t care if your warehouse floods.  They want to receive their order on time. Logistics management utilizes computerized tracking and ERP systems to understand how many products are stored and where they are at any given time to enhance product readiness and customer fulfillment.

Imagine this scenario – you work as an IT Director for a large New England pharmaceutical manufacturing company. Your network is more vulnerable to external hacker attempts simply due to the size of your business and the value of your data.   All of a sudden, your systems are corrupted with vicious malware and the entire database is inaccessible. To continue operations at your normal efficiency level and avoid downtime, your backup and recovery disaster plan kicks in to eliminate the malware and restore your plant data to where it was before the attack. Investing in a custom BU/DR plan serves as disaster protection ensuring your ability to move products to their destination.

The key to effective disaster recovery is planning ahead. Partnering with a BU/DR professional to support your critical infrastructure and resources adds additional layers of security and communication. When unexpected disasters strike, your recovery strategy will be there to save the day by restoring your data and reducing your downtime.

 

The Bryley BU/DR process:

  • For on-premise equipment, we deploy a BU/DR appliance onsite to provide local backup-and-restore capability and to speed recovery.
  • We take an encrypted image of your system and copy it to our data center.
  • We stream encrypted, differential changes from your site to our datacenter

Isn’t the survival and security of your manufacturing organization worth the investment of BU/DR?  Our team of experts will help you navigate through this process and implement the most effective BU/DR tailored to your environment and budget.  Contact us at 978-562-6077, or by email at ITExperts@Bryley.com to learn more. We are here to help.

Learn on how Managed IT Services can help your business.
Discover the best IT Company suited for your business.

National Clean Up Your Computer Day

Here’s a new ‘holiday’ we should all osbserve – it’s called National Clean Up Your Computer Day which is celebrated on the second Monday in February.

Ok, you may be thinking, really??

Technology was designed to make our lives easier and more efficient, but it can only do that if it’s maintained. Files and programs that are unused on your PC can clog the memory. Over time, your computer will slow down, and performance will be sluggish.

Taking the time out of a busy day to look at your files and programs may actually save you time later on and improve your efficiency.

Here are a few ways to clean up your computer:

Keyboard

Do you eat on or near your computer? If so, crumbs may have inadvertently fallen underneath them and could be impeding their function. Once a month, turn the keyboard upside down and gently shake it to remove the bigger crumbs. If the keys are still sticking, use a can of compressed air to gently remove the dust and other debris that is out of reach. Don’t forget to disinfect the keys! This can be performed using a Q-Tip, or other cotton swab, and some rubbing alcohol. Make sure you do not saturate the Q-Tip as you only want the alcohol to go on the keyboard surface, not inside!1

Defrag your computer

If you notice a drop in speed, and you have a SETA drive (one that spins, not an SSD drive) it may be time to defrag your computer. Fragmentation occurs when there is not enough contiguous space to hold the complete file. An algorithm is then used to break that data so that it fits into the available space.2 The slowness is caused upon retrieval; the computer must search the entire hard drive to find all the pieces of the data or file. “When you defrag your computer you not only increase the speed of the computer but you also keep your hard drive healthy and extend its lifespan. The wear and tear of fragmentation will eventually shorten its life but with proper maintenance you keep it running smooth and steady.”3 The general rule of thumb is to defrag when your disk is more than 10% fragmented.4 The frequency of running a defrag depends upon the usage of the computer. If the machine’s main duties are for general use (web browsing, email, games, etc.), completing a defrag every month is recommended. If you use it more often (8 hours per day), it should be performed roughly every two weeks. It is important to know that a defrag may take a few hours to complete so it is best to perform this overnight. Just make sure energy-saving features such as a screen saver are temporarily turned off as this may cause the defragmentor to stop and restart the process.5 Make it easy and set up an automatic defrag schedule.

Cleanup your folders

Take regular stock of what is housed on your computer. If you have files that you haven’t touched in months or even years and are not necessary to keep, delete them from your computer. Having too many files will slow your machine as it needs to sort through them all when conducting a search.

Delete Programs you no longer use

Similar to files that you haven’t opened in a long time, go through your programs and delete ones that you have not used. Maybe this will give you the added push to learn that software you downloaded months ago, but never pursued.

Cleanup your desktop

While keeping files on the desktop can make files easier to find, but can quickly become overwhelming and inefficient. The last thing you want to do is to be rifling through icons looking for that one document. Instead, place them in subfolders within “My Documents.” By creating a file system, it will be easier to find the folders and will take up less space on your hard drive. Additionally, files on the desktop are not as protected as those in “My Documents” or “My Pictures. “For instance, if you use System Restore to return Windows to its state as of last Wednesday, the feature will remove any files added to the desktop since that date. The files in My Documents will be left untouched.”6

Cleanup your browser

Similar to cleaning your desktop, it is recommended that you regularly check your browswer applications to see if there’s any that can be removed. This will streamline your browser and lower the demands on the hard drive.

Install Updates

Just because your system appears to be running well, doesn’t mean you should ignore system updates. “Staying current on updates will not only keep your computer running well today, it will fend off unforeseen problems tomorrow.”7
By performing these tasks regularly, you will be able to extend the life of your hard drive, and be more efficient. There’s nothing worse than replacing a device far sooner than you expected because preventative care measures weren’t taken.

February: The Relationship Month – Are You Feeling the Love from your Managed IT/Cloud Service Provider?

by A. Baker

February 14th is Valentine’s Day! A day devoted to celebrating relationships between people. A day on which we at Bryley Systems like to reflect on the importance of establishing personal relationships with our clients.

After all, trust is the keystone of everything we do as a managed IT/Cloud service provider (MSP).  Without trust, our entire relationship with our clients would fall apart.  That is why we thought we would take time as Valentine’s Day approaches to comment on the importance of establishing a personal relationship with your MSP, and provide a few thoughts on how to go about doing so.

Think for a moment about your current MSP and your relationship with them.  Are you “feeling the love” from your MSP?  Do they respond to your requests in a timely manner?  Do they really understand your organization’s infrastructure and goals?

If not, read on…

A Healthy Relationship with your MSP is Key to your Organization’s Ongoing Success!

The benefit of outsourcing part or all of your IT/Cloud infrastructure’s needs is to remove those tasks and worries so that your organization can focus on your clients.  The cornerstone of maximizing the business value and benefit of your Managed IT/Cloud Service Provider (MSP) is to ensure that the relationship between your organization and your service provider is carefully designed, proactively supported, and jointly managed.  Here are a few pointers for building and maintaining a great relationship with your current or prospective MSP partner:

Organizations should spend time with their MSP.  Organizations should involve their MSP in discussions and give them access to as much information as possible, without violating any commercial, data, or security policies.  Relationships are developed between people and that’s why it’s important to designate a person (or two) to be the key point-of-contact for a variety of reasons: open/create tickets, make phone calls/communicate needs or requests to your MSP, and oversee the relationship in general.

Having regularly scheduled meetings with key people from your MSP is always a good idea.  During these meetings, it is important to involve your MSP in your organization’s business plans and to get their input on strategic decisions related to IT/Cloud.  With this level of insight, all parties can better understand the bigger picture and contribute to the shared, long-term goals of your organization.  A discussion of your organization’s business and technology needs can establish a roadmap for future projects. The creation of that roadmap can, in turn, flow into a conversation around budget planning.

An effective MSP will understand the unique demands, business cycles, and priorities of your organization.  Essentially, MSPs want to do a good job but they aren’t always engaged by their client in a way that allows for that.  Only when an MSP has that level of information and engagement and everyone works together optimally; enhancing the likelihood your business goals are achieved.

Trust. Your MSP should have a lot of experience in dealing with a range of vendors and products, so they are in the best position to provide you with a solution tailored to your needs.  Communicate your needs, and then let them do what they do best – manage IT.  Entrusting your IT to an MSP requires some effort, but it may very well be one of the best business decisions you’ll ever make.

By considering these elements, organizations like yours will have the foundation for a genuine partnership that, with the right access, ongoing conversations, and collaboration, can make a positive difference to the success of your organization.

Why Outsource to an MSP?

  • The Need for Reliable IT Experts. The world of technology is always changing. If you don’t currently have the proper IT resources available, the symptoms of an IT problem may be bandaged but never addressed at the root. This leaves your technology in a break-fix cycle that is never ending. Having an outsourced IT provider will give you peace of mind and expert guidance.
  • Cost Management. Keeping an office running efficiently and safely with just one full-time computer expert on your staff is nearly impossible. The average help desk or systems admin personnel expenses can quickly add up to big dollars especially when you have to keep certifications current and training up-to-date. The main reason to outsource IT is to lower your costs by only paying for what you need, when you need it.
  • Offload Security Worries. There are many areas of IT security that challenge business owners. There is spam filtering, virus scanning, firewall management, data backup, and more. These tasks can be overwhelming and deciding what to do first can be confusing. By putting all of this in the hands of a managed IT/Cloud service provider, they will have the time, talent, and resources to handle it. They will have the familiarity with the best tools available, and the experience to prioritize the tasks for you.

How do we “show the love” to our clients?

  • We consistently maintain a high level of commitment to your organization.
  • We understand our clients’ business and offer solutions that work.
  • We respond to our clients in a timely manner.
  • We offer the most current technology.
  • We offer rock-solid support, talent, and a company that you can rely on.

Need an MSP that you can trust?  Call Bryley Systems.

Bryley Systems has over 30 years of experience taking the worry off of our clients’ shoulders and effectively managing IT environments at a predictable cost.

For more information about Bryley’s full array of Managed IT Services, please contact us at 978.562.6077 or by email at ITExperts@Bryley.com. We are here for you.

Learn on how Managed IT Services can help your business.
Discover the best IT Company suited for your business.

Safer Internet Day

Tuesday, February 6th is Safer Internet Day.  Being observed on the first Tuesday in February, what started out as a campaign to raise awareness about Internet safety is now celebrated in over 100 countries worldwide.

With Valentine’s Day just around the corner, many of us will go online for gifts such as flowers, candy, cute stuffed animals, a book, perhaps a gift card to a store or restaurant – whatever the choice may be, will you be shopping securely?  Online shopping is very convenient.

You can click here and there and order whatever product you desire and have it delivered to your front door.  You can compare pricing, look for deals, compare products, and it all can be done quickly and in the convenience of your own home, any time, night or day.  The downfall?  Wherever there is money and users to be found, there are malicious hackers roaming around.

Use familiar web sites.  You need to be aware of the safer online shops, like Amazon.  One tactic favored by malicious hackers is to set up their own fake shopping websites. Fake websites can either infect you the moment you arrive on them by way of malicious code. However, the most dangerous aspect you should be concerned about is the checkout process. Completing a checkout process will give cybercriminals your most important information: credit card data (including security number), name, and address. This opens you up to credit card fraud or social engineering attacks.

What are some key things to be aware of as you’re shopping?  Sticking with popular brands is as good as any advice when shopping online. Not only do you know what you’re getting by way of quality and price, but you also feel more confident that these well-established names have in place robust security measures. Their efforts can be quite remarkable, as researchers at Google and the University of San Diego found last year.1

 A few things to be aware of: 

  • Leery URL’s such as “coach-at-awesome-price.com” or “the-bestonlineshoppingintheworld.com”
  • A strange selection of brands – as an example, the website claims to be specialized in clothes but also sells car parts or construction materials
  • Strange contact information. If the email for customer service is “amazonsupport@gmail.com” instead of “support@amazon.com” then you should be suspicious that online shop is fake
  • Are prices ridiculously low?  An online shop that has an iPhone 7 at $75 is most likely trying to scam you

The old adage “if it seems too good to be true, it probably is,” rings true in this case, and it’s best to steer clear of these sites.

Use Secure Connections.  Wi-Fi has some serious limitations in terms of security. Unsecured connections allow hackers to intercept your traffic and see everything you are doing on an online shop.  This includes checkout information, passwords, emails, addresses, etc.

Before You Buy Online…

  • If the connection is open and doesn’t have a password, don’t use it.
  • If the router is in an exposed location, allowing people to tamper with it, it can be hacked by a cybercriminal. Stay away.
  • If you are in a densely-crowded bar with dozens of devices connected to the same Wi-Fi hotspot, this can be a prime target for an enterprising cybercriminal who wants to blend in and go unnoticed. Continue to socialize, don’t shop.

Access secure shopping sites that protect your information. If you want to purchase from a website, make sure it has SSL (secure sockets layer) encryption installed. The site should start with https:// and you should notice the lock symbol is in the address bar at the top.

Update your browser, antivirus and operating system.  One of the more frequent causes of malware is unpatched software.  Online shoppers are most at risk due to the sensitive information involved. At a minimum, make sure you have an updated browser when you are purchasing online. This will help secure your cookies and cache, while preventing a data leakage.  You’ll probably fuss over having to constantly update your software because it can be a time consuming operation, but remember the benefits.

Always be aware of your bank statement.  Malicious hackers are typically looking for credit card data, and online shops are the best place for them to get their hands on such information.  Often times, companies get hacked and their information falls into the hands of cybercriminals.

For this reason, it’s a good habit to review your bank account and check up on any suspicious activity.

“Don’t wait for your bill to come at the end of the month. Go online regularly and look at electronic statements for your credit card, debit card, and checking accounts. Make sure you don’t see any fraudulent charges, even originating from sites like PayPal. If you do see something wrong, pick up the phone to address the matter quickly. In the case of credit cards, pay the bill only once you know all your charges are accurate. You have 30 days to notify the bank or card issuer of problems.”2

Using a credit card vs. a debit card is safer.  Credit cards have additional legal defenses built in that make them safer to purchase online compared to debit cards.  With credit cards, you aren’t liable if you are a victim of a fraudulent transaction, so long as you report the fraud in a timely manner. Secondly, credit cards give you leverage when it comes to disputing transactions with a seller. If you pay with a debit card, you can’t get your money back unless the seller agrees to it. With credit cards, the money you paid for a product isn’t counted against you until due process is complete, debit card holders however can only get their money back after this step.  Ultimately, banks are much more protective of credit cards since it’s their money on the line, not yours.

Additional tips for safety:

  • Never let someone see your credit card number – it may seem obvious, but never keep your PIN number in the same spot as your credit card
  • Destroy and delete any statements you have read
  • Notify your credit card issuer of any address change. Doing so will prevent them from sending sensitive files to the previous address
  • Keep confirmation numbers and emails for any online purchases you may have done
  • Immediately call your credit card company and close your account if you have lost or misplaced a credit card

Use antivirus protection.  The most frequent tip on how to be safe online is to use a good antivirus tool. It will keep you safe against known malware.  ”Before you begin shopping, outfit your phone or tablet with mobile security software. Look for a product that scans apps for viruses and spyware, blocks shady websites, provides lost-device protection and offers automatic updates.”3

Do not purchase from spam or phishing emails.  A phishing email with a fake offer for a desirable product is a hard thing to resist for many shoppers, so they make an impulsive decision and click on the “Order Product” or “Buy Now”, and that’s when the malware attack starts.  A phishing email is not like a standard email. The cybercriminal simply wants your click, and nothing else. The Unsubscribe button won’t stop the email spam.  The best solution in these cases is for you to simply mark the email as spam, this will remove the mail from your inbox and block the sender from sending more spam.

Keep a record of your transactions.  If you are a frequent online shopper, it may be difficult to remember from which site you bought a certain product.  So, write it down: what you bought, when and from what website.  Compare your spending details with the banking records from your online banking account, keep track of which websites you use for shopping and buying stuff online.

Hold on to your receipts and destroy them when you no longer need them.  Keep the receipt for your purchase, just in case you need to confirm it again, as well as for warranty and return issues.  If you want to get rid of receipt, make sure to destroy it completely, so that any possible identity thief won’t be able to find any information about you.

Don’t give out more private information than you need to.  ”In order to shop online you need to provide two types of information: payment information, such as credit card data, and shipping location, which is usually your home or work address. Be suspicious of online shops that ask for information such as: date of birth, social security number or any other similar information. They don’t need it in order to sell you things.”4

Don’t keep too much information on your smartphone.  These days, everybody stores a lot of important personal information on their phone, and most of us rarely take the time to secure them.  These devices are now much less about calling people, and more about photos, social media, etc.  Increasingly, people shop online using their smartphone, but this carries its own risks. Fake online shops can infect your smartphone with malware, and then have access to information such as phone numbers, notes, photos, and even app contents.  Be careful what information you store on your smartphone.

“Safer Internet Day is a great reminder that Internet security is something that needs constant vigilance. It’s also a great reminder that a lot of bad things can happen on the Internet if you don’t properly take precautions against them. With that in mind, be sure to have a safe and happy Safer Internet Day.”5

References:

1 https://www.welivesecurity.com – ESET Security Forum
2 https://www.pcmag.com
3 http://www.trendmicro.co.uk/home/internet-safety-for-kids/smart-mobile-tips-for-online-shopping/ – TrendMicro
4
https://bettermoneyhabits.bankofamerica.com/
5 http://www.holidayscalendar.com/event/safer-internet-day/

https://staysafeonline.org – Powered by National Cyber Security Alliance
https://www.americanbar.org – American Bar Association
https://www.foxnews.com
https://www.usatoday.com

 

 

How CPA Firms Can Benefit from Managed IT Services

Let security and confidentiality be your watchwords!

When it comes to safeguarding your CPA firm’s confidential data, there is zero tolerance for risk. CPAs rely upon various forms of technology to gather data – whether it is a tax return or an independent audit.

CPA firms have made great strides by implementing such technology as electronic data management systems, client portals, and cloud-computing systems. However, records maintained by CPA firms must remain confidential because of professional standards, statutes, and regulations governing record retention. Data breaches can happen in numerous ways, including the following: fraud, hacking, improper disposal of data, or even a lost or stolen device.

A CPA firm will need their IT department (or an outsourced Managed IT Services vendor) to implement and maintain a comprehensive list of data and network security controls. It is helpful to understand the basics:

Perimeter security. This first line of defense includes firewall and intrusion detection systems, in addition to intrusion prevention systems. These should be configured with appropriate restrictions to block and filter both incoming and outgoing Internet traffic.

Endpoint security. Endpoint security requires each computing device on a corporate network to comply with established standards before network access is granted. These measures protect the servers and workstations and include safeguards such as administrative access limitations and anti-virus protection.

Network monitoring. Part of the control environment should include a frequent and ongoing monitoring program for all IT systems.

What We Do

circles

Comprehensive Support Program™ (CSP) — Bryley provides ongoing, proactive maintenance and remediation support to ensure a stable, highly-available computer network. Our most-popular Comprehensive Support Program (CSP) consolidates all end-user devices (mobile and desktop), servers, and computer-network equipment issues into one, Bryley-managed, fixed-fee program. Among the many services delivered under the Managed IT umbrella, Bryley installs and manages all software updates and patches.

Secure Network™ (SN) – An ongoing, managed-IT service that prevents intrusion, malware, and spam from entering the computer network through its Internet gateway and can restrict web-site surfing to inappropriate sites.

Multi-Point Security Hardening Service™ (MPSHS) – A periodic review to harden your computer-network security by reviewing/updating policies and configurations and testing. With this program, Bryley Systems can help your organization comply with the technical aspects of Massachusetts 201 CMR 17.00.

If you are looking for a business partner to help you navigate the ever-changing technology and cybersecurity landscape, we’re here for you. For more information about Bryley’s full array of Managed IT Services, Managed Cloud Services, and Cybersecurity Services please contact us at 978.562.6077 or by email at ITExperts@Bryley.com.

Bryley Basics: When to filter email by domain, rather than by a single address

Have you ever had trouble receiving email from someone, even after you have added their address to your email filter’s allow list or whitelist?  In some instances you may be able to solve this problem simply by adding the domain from the contact’s email address to your allow list, rather than adding their entire address.  If you aren’t entirely sure how to identify the domain in an email address, don’t worry, we will cover first.  Then we will take a look at when and why this might work.

Every email address is composed of two major components, the User Identifier and the domain.  If we take the address Support@Bryley.com for example, we have the User Identifier “Support,” and the domain “Bryley.com.”  Essentially, everything that comes before the @ symbol is part of the User Identifier, and everything that follows the @ symbol is part of the domain.

What’s wrong with including the User Identifier?

The problem is that some email systems generate a unique User Identifier every time a user sends an email.  As a result, instead of the address Support@Bryley.com, you might see Support+id245789@Bryley.com, where “245789” is a computer generated set of numbers added to the User Identifier every time a user sends a new email.  The domain, on the other hand,  will remain the same, making it a more reliable means of identifying email coming from a particular source.

Why do User Identifiers change?

There are two major reasons why email systems might create unique User Identifiers.  The first is to allow a large number of users to send email through a single system without each user having to have their own dedicated email address.  For instance, this is extremely common within help desks at large companies as it remove the need for each staff member to have a separate email address dedicated for that purpose.  Instead, unique addresses are created on the fly as needed, and expire once they are no longer necessary.

The second is that it allows an end user to communicate with someone they don’t know without having to expose their actual email address. This effectively creates a buffer between the users email address and various sources of unwanted email.

For instance, when signing up for an online mailing a user can create what is effectively a one-off email address, unique for that purpose.  That way, if they no longer wish to receive that mailing at some point, the user can simply delete that unique address, rather than relying on the unsubscribe system of that service.

In addition, if an organization were to abuse a unique address given to them by a user, it would become obvious who the offending party was, as no one else would have that unique address.  As a result, the ability to create unique email address is catching on within email security solutions.  For instances, this is an option available within Sophos Reflexion, the email security solution deployed by Bryley Systems.

In general, however, these systems will not modify the domain a user is sending from.  As a result, if you trust the contact’s organization, adding only their domain to your email filter’s allow list should allow you to receive email from them, even if their User Identifier changes regularly.