The Software-Defined Era is transforming IT infrastructure. No longer is it about the component parts, but how these dynamically work with each other to deliver the end-to-end service to users, from the cloud to network edge. How this environment is configured, interoperates and self-optimises is changing the way we think about Managed Services.
Traditional IT Support, Maintenance and Managed Services no longer cut-it as we look for ways to augment skills sets, redefine lifecycle management and match infrastructure agility with commercial flexibility. At Thrive these are key areas we look to address with our managed services – let us explain.
IT’S NOT MAINTENANCE, BUT LIFECYCLE MANAGEMENT
As the software-defined era accelerates the separation of the hardware and software layers of our IT infrastructure, it no longer just about maintaining the individual components but managing the lifecycle of the holistic infrastructure to ensure compatibility, license utilisation and avoid end-of-life scenarios.
A key element of support and managed services is adding value to this lifecycle management; to create and maintain accurate asset registers of both hardware and software, consolidate and align contracts and proactively manage refresh cycles to not only deliver commercial value, but reduce business risk.
At Thrive we call this Double Red. We help you to manage your IT infrastructure by focusing on two factors: first, the lifecycle stage of each component; is it within contract, is it nearing end-of-life, etc. The second factor is prioritising its business criticality. Both of these key insights enable you to make more informed decisions when managing the end-to-end lifecycle of your environment.
IT’S NOT OUTSOURCING A PROBLEM, BUT AUGMENTING YOUR CAPABILITY
It may be an overused cliché, but at Thrive we focus on becoming the trusted partner of our customers and not just their outsourced provider. There are far too many outsourced support companies out there; we don’t want to add to this. We want to make sure that for every customer we are able to add true value and by doing this, we benefit from enviable customer loyalty.
To us, adding value is not offering a set of rigid support services, but tailoring our proven managed services around the needs of our customers. We don’t want you to outsource your problem but to leverage the breadth and depth of expertise we have at Thrive to augment your own capability – to inject accredited skills in the areas you have gaps, to take the pressure off your IT team to enable them to focus on moving your IT services to the next level, and being the trusted advisor along every step of your journey.
IT’S NOT JUST ABOUT PRICE, BUT COMMERCIAL FLEXIBILITY
All of the above falls down if the support and managed services being offered do not make commercial sense. This is where both the scale and financial stability of your managed service partner is critical.
At Thrive we believe we have both of these factors just right. We are of the size to be important to key vendors such as Cisco and we have that all important access directly to the vendor specialists to back-up our team while also having the economies of scale to deliver this level of service in a cost- effective manner.
Our longevity as a business and financial stability enables us to be both flexible in tailoring services to the specific requirements of our customers and in creating commercial terms that meets the needs of their business.
At Thrive we are very proud of our capability to not only support our customers but to deliver the value-adding, proactive managed services that they truly need. We would love to talk to you about your specific challenges and explore ways that Thrive can augment your team in delivering an exceptional IT experience to your business and your end-users. Learn more about Digital Transformation today.
Why IT Support Is No Longer About Keeping The Lights OnGone are the days when we think of IT support as merely break/fix. The IT landscape has changed; we operate hybrid-environments that leverages on-premises equipment, cloud services and a plethora of end-user devices.
The software-defined era has made it less about the hardware and more about the applications that inject the intelligence into our infrastructure, and the boundaries that used to exist between infrastructure, communications and security have well and truly been blurred.
This means that basic vendor maintenance fails to deliver what IT teams need and traditional support services only scratch the surface of what is required. This is why at Thrive we don’t focus on just keeping the lights on, but making them shine brighter through expertise in and partnerships with leading vendors such as BT, Cisco, Microsoft, NetApp, VMware, and Veeam to name but a few.
IT’S NOT ABOUT THE HARDWARE BUT THE END-TO-END SERVICE
Whereas individual hardware components are still critical, what determines business continuity is how all of these components and software combine to deliver the end-to-end service delivery. Identifying the root cause of issues across today’s IT infrastructure can be complex; it is as much about having the expertise in how the elements of compute, storage, networking, connectivity and security work together as it is about the individual components.
This is why at Thrive we have built expertise across the complete IT landscape; we are not just the collaboration guys or the security specialists, we are experts in end-to-end service delivery. We understand each of the technologies, but more importantly, bring a wealth of experience of how these components work together and are interdependent on each other.
IT’S NOT ABOUT KEEPING LIGHTS ON, BUT MAKING THEM SHINE BRIGHT
In the past, IT performance was based on the simple metric of availability; a component was either up or down, and unplanned downtime was a bad thing. Today, we are not judged on whether the lights are on, but whether they are shining brightly. Is our IT infrastructure delivering the experience that our end-users expect and require?
At Thrive we believe that proactively monitoring the complete IT infrastructure is key to delivering an assured end-to-end service to end-users. By combining the best practice we have evolved over 29 years of doing this with industry-leading toolsets we are able to meticulously monitor your environment around the clock, continually optimising performance and addressing anomalies before they become business-affecting.
At Thrive we are very proud of our capability to not only support our customers but to deliver the value-adding, proactive managed services that they truly need. We would love to talk to you about your specific challenges and explore ways that Thrive can augment your team in delivering an exceptional IT experience to your business and your end-users. Learn more about our Managed IT Services.
Understanding CJIS Compliance and Data EncryptionCriminal Justice agencies, ranging from local police departments to the FBI, document various aspects of criminal justice information (CJI). This may include fingerprints, body-worn camera footage, or a facial recognition gallery made up of mugshots and related criminal history. It’s obviously crucial that this kind of information remain safeguarded and only accessible to those who truly need such information to perform their job. Each criminal justice agency must be on the same page about protecting this data; this is where CJIS compliance and data encryption come into play.
Learn more about the relationship between data encryption and CJIS compliance, and why the right data encryption methods are essential for maintaining the confidentiality required of criminal justice information.
What is CJIS Compliance?
Every day, criminal justice and law enforcement agencies on the local, state, and federal levels access the Criminal Justice Information Services (CJIS) databases for information necessary to perform background checks and track criminal activity. It’s important that this data not fall into the wrong hands — the security of CJIS data could mean the difference between civil liberties being secured or violated.
CJIS compliance keeps networks on the same page when it comes to data security and encryption, and ensures that sensitive criminal justice intel is locked down. However, there is no nationwide, uniform certification system for CJIS compliance; instead, each state government manages CJIS compliance semi-independently through a state-appointed CJIS Systems Officer (CSO) who administers policy for computers, networks, and other parts of the CJIS infrastructure. The CSO is also tasked with ensuring that organizations are obeying regulations, documenting compliance, and reporting back to the FBI.
What Is Data Encryption?
In cryptography, or the art of writing or breaking codes, encryption is the process of encoding information. This process converts the original representation of the information, known as plaintext, into an alternative form known as ciphertext. Ideally, only authorized parties can decipher a ciphertext back to plaintext and access the original information.
Like multi-factor authentication, data encryption adds an extra layer of security to your data — if a criminal gains access to an encrypted file or communication, that information is useless without the key to decrypt it.
The purpose of data encryption is to protect digital data as it is stored on computer systems and transmitted using the internet or other computer networks. These encryption algorithms provide confidentiality and drive key security initiatives including authentication, integrity, and non-repudiation – or the inability to refute responsibility.
Understanding How Data Encryption is an Essential Part of CJIS Compliance
Despite not having a national standard for how its information is secure, CJIS itself has established requirements for the use of data encryption when storing and using sensitive data, as well as including CJI in communications. Such regulations stipulate a minimum of 128 bit encryption be required, and keys used to decrypt data must be adequately complex – at least 10 characters long, a mix of upper and lowercase letters, numbers, and special characters – and changed as soon as authorized personnel no longer need access.
Common Data Encryption Methods
There are two types of common data encryption methods:
- Symmetric Encryption: Symmetric encryption uses a single key to encrypt as well as decrypt data; the key needs to be shared with all authorized people.
- Asymmetric Encryption: Also called public key cryptography, asymmetric encryption uses two separate keys: one that is public, or shared with everyone, and one that is private, known only to the key’s generator. The public key is used to encrypt the data and the private key helps to decrypt it.
Then there are a variety of ways to implement data encryption, such as:
Advanced Encryption Standard (AES)
Advanced Encryption Standard is a symmetric encryption algorithm that encrypts fixed blocks of data (of 128 bits) at a time. The keys used to decipher the text can be 128-, 192-, or 256-bit long. The 256-bit key encrypts the data in 14 rounds, the 192-bit key in 12 rounds, and the 128-bit key in 10 rounds. Each round consists of several steps of substitution, transposition, mixing of plaintext, and more. AES encryption standards are the most commonly used encryption methods today, both for data at rest and data in transit.
Rivest-Shamir-Adleman (RSA)
Rivest-Shamir-Adleman is an asymmetric encryption algorithm that is based on the factorization of the product of two large prime numbers. Only someone with the knowledge of these numbers will be able to decode the message successfully. RSA is often used in digital signatures but works slower when large volumes of data need to be encrypted.
Triple Data Encryption Standard (TripleDES)
Triple Data Encryption Standard is a symmetric encryption and an advanced form of the DES method that encrypts blocks of data using a 56-bit key. TripleDES applies the DES cipher algorithm three times to each data block. TripleDES is commonly used to encrypt ATM PINs and UNIX passwords.
ECC Asymmetric Encryption Algorithm
In 1985, two mathematicians named Neal Koblitz and Victor S. Miller proposed the use of elliptic curves in cryptography. After almost two decades, their idea was turned into a reality when the ECC (Elliptic Curve Cryptography) algorithm entered into use in 2004-05.
In the ECC encryption process, an elliptic curve represents the set of points that satisfy a mathematical equation (y2 = x3 + ax + b).
Like RSA, ECC also works on the principle of irreversibility. In simpler words, it’s easy to compute it in one direction but painfully difficult to reverse it and come to the original point. In ECC, a number symbolizing a point on the curve is multiplied by another number and gives another point on the curve. Now, to crack this puzzle, you must figure out the new point on the curve. The mathematics of ECC is built in such a way that it’s virtually impossible to find out the new point, even if you know the original point.
Gain Peace of Mind in Your Data Protection With Thrive!
By relying on Thrive’s unique CJIS-compliant bundled cloud solutions to provide the safest and most cost-effective cloud migration, you can eliminate uncertainty, shorten implementation time, and stay focused on achieving your organizational goals!
Our bundled cloud services package provides a single, easy-to-consume solution that combines Thrive’s local CJIS private cloud and Microsoft Azure’s CJIS cloud. This enables you to receive a maximum ROI while minimizing the financial risks and up-front investments often associated with cloud migration. Learn more and contact one of our IT experts today for a free consultation.
Microsoft Office 365 – More Affordable Than You Think?
Think getting access to powerful Microsoft Office applications like Teams, Excel, Word, and PowerPoint – along with cloud storage, email, and many other features – is out of your budget?
Think again.
There may have been a time when you were paying so much in licensing that you questioned its value. But these days, getting Microsoft Office 365 for your associates is probably more affordable – and more flexible – than you imagine.
Read on to learn how Microsoft Office 365 can be the perfect fit for your team – and your budget.
Powerful. Scalable. Affordable
Microsoft Office 365 is a subscription-based service. Pay per employee, per month.
Essential business productivity apps – email, spreadsheets, word processors, slideshows, and more – are included in the suite. And Microsoft Teams is a game-changer, especially with distributed workforces.
In many ways, Office 365 is a better version – and better value – than the traditional licensed Office counterpart, like Office 2019.
Check out some of the top Office 365 features:
- Scalability
Scalability is key for growing and changing businesses. Have a new employee who needs Office 365? Get a license, and they will have access to the suite. Need to remove a license? You can do that, ensuring there are no wasted licenses. - Synced files
With 1TB of storage and file syncing across devices, you’ll be sure to keep up with the latest files – from you and the team. - Mobile and Web Apps
Whereas the traditional Office license allowed for installation on a single computer, Office 365 lets you install on several devices – desktop or mobile. Work the way the suits you. Start on one device and pick back up on another later. - Microsoft Teams
Many are still working remotely. And some companies have found that remote employees can still be extremely productive, and thus have placed a priority on getting tools in place to facilitate remote work and collaboration. Hence the rise of the Teams app. With Office 365 with Teams, you can use desktop or mobile devices to start an important one-on-one meeting, chat with your associates, or jump in on a team-wide conference. Easily and securely. - Always up-to-date
With its cloud-based nature, Microsoft Office 365 stays up-to-date. Keep up with the latest features, stay patched and secure, and ensure your apps remain compatible – without having to lift a finger! - 24/7 support
As with all services Thrive provides, we offer 24/7 local support.
“So, where do we go from here?”
Thinking about tapping into the power of Microsoft Office 365?
“Getting Office 365 for just yourself or your family is typically a simple process,” said Brian Walker. “But for a whole office full of associates, it can be trickier. Email migration presents an especially daunting challenge, and there’s unfortunately not a lot of support during this process.”
“As a longtime Microsoft Partner, we have a lot of experience with products such as Office 365,” explained Aaron Allen. “Our team knows Microsoft Office 365, and we can help your company in all phases, from initial consultation, mail migration, install and configuration, as well as continuing support.”
Get a free Microsoft Office 365 consultation
Ready to learn more about Office 365 and how it can benefit your business? We’d love to help! Contact us today for a free consultation.
Password complexity – why all the hoopla?
Since data is king, your passwords can be one of the main barriers between hackers and your assets, your reputation, and your personally identifiable information.
So, if you’re still using simple passwords just so you’ll be able to remember them, well, you’re doing yourself a huge disservice.
Dictionary and brute force attacks
Besides using phishing and other deceptive tactics to obtain credentials, hackers can use brute force attacks, which attempt to defeat an authentication mechanism with a barrage of possible passwords. Dictionary attacks, a form of brute force, use password possibilities that can be more likely to succeed; these are based off such things as dictionary words and previously used passwords.
So, depending on the complexity of the password, just how long would it take a hacker to break into your account? Below are some sample password complexities with an estimated time it would take to brute force them.
It’s important to remember this is just a guide. For instance, although the following password is technically complex, it won’t keep the hackers out for very long:
PassWord123456!
So, creating a fundamentally simple password that barely satisfies the complexity requirements is not a smart thing to do – and it’s vital to be smart with your passwords!
Fortunately, many apps and sites can gauge the strength of your passwords during account creation, providing useful guidance and comfort.
But as we all know, having too many accounts and associated complex passwords can be hard to manage. Some will start recycling these complex passwords or even share with co-workers. A password manager may help.
Thinking of using a password manager?
Have too many password to keep up with? A password manager may be a useful tool to help you keep up with all the complex passwords you’ve concocted.
But, you know what they say: Beware of putting all your eggs in one basket.
Learn the benefits and possible drawbacks of using password managers in this article from Thrive. Although the article is written for medical practices, the general tips and information in it are applicable to a wide variety of industries.
Connect with us on social media to stay informed of the latest threats and top tips, and be sure to regularly check the Thrive blog for new articles on cybersecurity and IT.
Password Managers – 4 Reasons You Should Use One for Your Medical Practice
Are you considering using a password manager?
When you think about it, a password can be the barrier that stands between a hacker and your important data, patient information, or even unwanted entry into your medical practice’s network.
Sure, there are several things you can employ to make it harder for cybercriminals, including multi-factor authentication. But the password is the primary obstacle.
Too many passwords to remember
Many people are aware they need to be creating and using complex passwords – but in reality, many aren’t doing this. Why?
Most business workers have to juggle numerous passwords just to maintain their job functions. Add to that all the other passwords they have to keep in mind from outside of work, and that typically equates to a large number of credentials to memorize.
Practice managers and physicians have a high responsibility to ensure they have hard-to-penetrate accounts and computers. Their systems have all manner of sensitive data, such as patient histories, medical billing information, personally identifiable information (PII), and more. You don’t want any of these getting into the wrong hands.
It’s no wonder password managers are gaining popularity. A password manager is an application that securely stores your passwords.
Here are 4 reasons why you might consider using a password manager for your medical office.
1. Password managers enable you and your staff to effortless wield complex passwords
When you have to memorize a password, many people will use strings of words or things they can remember – passwords a hacker may be able overcome with time or ingenuity.
With a password manager, you can use a computer-generated string of unrelated characters that can be nigh impossible to beat.
Medical practices can be big targets for cyber criminals. Stronger passwords across the board can help harden your overall cybersecurity.
2. Password managers can help cut down on password sharing
Does your staff members share passwords? This study regarding sharing credentials in electronic medical records seems to indicate that it may very well be an issue. Over 70% of respondents in that survey indicated they used a password from a fellow medical staff member.
With proper use of a password manager, your staff can be more confident in using their own credentials for EMR and other medical areas and functions.
3. Password managers help users maintain unique passwords for each of their accounts
As you get your staff (and yourself) to start using more complex passwords, you may start to reuse these complex passwords across more than one account because it’s just so hard to remember these longer passwords. This, of course, is not recommended.
If a cyber criminal gets a hold of one of these passwords on the dark web or some other means, they would be able to access your other accounts where you recycled the password.
By using a password manager, you can keep a completely unique set of passwords.
4. Less fumbling for passwords and password resets
It’s inevitable. You forget a password. At the most inopportune moment.
You try several incorrect passwords. Perhaps you lock yourself out of the account.
A password manager can simplify the process and allow you to remember just one set of credentials for all your work. As you go through your day and need to access multiple systems and applications, you can do so more confidently and securely, with less hiccups.
With great convenience comes some risk
Thinking about using password managers for your medical practice?
A password manager can certainly be a boon to your practice. But, as they say, be careful when you put all your eggs in one basket.
Be sure to have a very secure password for your password manager account. And, of course, make sure you can remember this master password and associated security keys.
If you do lose access, there should be a password reset feature, but it can be a bit of a headache.
Ready to use a password manager?
There are multiple password manager applications to choose from, and browsers can have their own. These can certainly make it easier to navigate through your day-to-day at the your practice, but be sure to weigh the risks and keep the drawbacks in mind as you evaluate whether to use password managers.
Whichever way you go, just remember that good passwords are paramount to the health of your practice’s network.
Business Email Compromise Schemes: 5 Ways to Stay Safe From ThemBusiness email compromise schemes sound like something you’d never fall for. But it happens. A lot.
Business email compromise (or BEC) occurs when a scammer targets a business or individual In order to fraudulently transfer funds. The scammer grooms the victim via email, sophisticated social engineering, and pressure. This grooming process can continue over a couple of days or even weeks. The scammer eventually attempts to fool the victim into transferring funds into the wrong hands.
It’s happening to businesses, large and small. And there are no signs of it slowing down.
First, what is social engineering?
Social engineering is one of the keys to the success of these BEC schemes.
In order for many types of fraud to work, a type of deception known as social engineering is employed. The criminals have done their homework, and they know the ins and outs of your industry and even your particular business.
The BEC emails can look like they’re coming from a trusted business partner, a co-worker, or even the CEO of your company!
These BEC emails can have language that jives with your industry and work function. The images, names, and even email addresses may look genuine. Thus, if you’re in a hurry, multi-tasking, or otherwise preoccupied, you may be susceptible to a BEC scheme if it hits your inbox.
It can take a keen eye, patience, and a healthy dose of skepticism to stop BEC dead in its tracks.
Increased use of cryptocurrency in Business Email Compromise schemes
The FBI released a public service announcement on their Internet Crime Complaint Center website regarding their observance of increased complaints involving business email compromise schemes and cryptocurrency.
What is cryptocurrency? According to the FBI’s public service announcement:
Cryptocurrency is a form of virtual asset that uses cryptography (the use of coded messages to secure communications) to secure financial transactions and is popular among illicit actors due to the high degree of anonymity associated with it and the speed at which transactions occur.
In the article, the FBI mentions cryptocurrency first started to be identified with BEC schemes in 2018 – this involvement continued to rise through 2019, eventually reaching record highs for reported numbers in 2020.
At the end of the public service announcement, there are multiple suggestions for protecting against these business email compromise scams, all of which are applicable to just about any type of financially motivated cybersecurity scam.
Below are some key takeaways from that list.
Business Email Compromise (BEC): 5 ways to protect yourself against this menace
1. Check that URL
If there’s a link in a questionable email, make sure the URL is genuine and associated with the business. Sometimes it’s easy to tell if the email or URL are fake – it may contain unrelated words or even gobbledygook. If the URL seems genuine but you’re not sure, don’t click on the link and try to go to the site directly. You can also consult with your IT department or Managed Service Provider before taking further action.
2. Avoid providing sensitive information via email
Emails that request login information are typically fraudulent – even if they look like legitimate communication. Remember, social engineering can mask fraud attempts, making them appear to be something from your line of business or directly from your co-worker, industry partner, vendor, or boss. Email spoofing can certainly make it difficult to discern what is legitimate, as an email can very well appear to be really coming from your partner or co-worker.
3. Take advantage of two-factor authentication
Utilize two-factor or multi-factor authentication as an additional verification method for account changes. These measures are certainly becoming more prevalent as an extra layer of cybersecurity to combat increasing fraud. Remember, although there’s no single piece of hardware or software that can defend against all threats, using multiple layers of security can help thwart even the most focused cyberattacks.
4. Regularly review your financial accounts
Not monitoring your accounts? It’s a good a idea to do so. Check for anomalies – like missing deposits – to ensure nothing fraudulent is going on. As soon as you see something odd, follow up with it immediately. Don’t put off something like this.
5. Be aware!
Awareness of potential attacks like business email compromise – and other tactics and threats, like ransomware, phishing, malware, email spoofing, and more – can go a long way toward protecting your business from fraud. Ensure you and your staff stay up to date on the latest types of attacks. And always think before clicking.
Read the FBI public service announcement to learn more about business email compromise schemes, the involvement of cryptocurrency with BEC, additional tips for protecting yourself against scams like this, and some suggestions if you fall victim to a scam.
What Data Availability Means and How Your Business Can Achieve ItMaintaining data availability is essential for most modern organizations today. Luckily, by following data availability best practices, your modern business can take advantage of all the benefits sufficient data availability delivers. Learn more here about what data availability is, why it’s important, and how modern businesses can achieve it to align with consumer demands and stay secure.
What is Data Availability?
Data availability is the process of ensuring that data is available to end-users and applications, when and where they need it. Availability has to do with the accessibility and continuity of information, thus accessibility is a key component. It defines the degree or extent to which data is readily usable along with the necessary IT and management procedures, tools, and technologies required to enable, manage and continue to make data available.
Why is Data Availability Important?
Data availability is critical to your business and its reputation with customers. If consumers can’t access your online presence due to a deficit of data availability, they’ll likely go to a competitor’s site.
Ensuring sufficient data availability is also a smart financial move. Every moment that you’re down, not only are the obvious costs to your business there (customer loss, reputation damage, etc..) but it also costs your employees time since they can’t get their work done. In fact, studies point to the cost of data center outages being as much as almost $8,000 per minute!
Data Availability in Cloud Computing
It might seem odd to think critically about availability in a cloud scenario as we might presume the cloud has endless capacity. After all, isn’t cloud computing a solution to availability problems?
Yes and no. Virtually all cloud providers use effective data backup and restore solutions, but backing up and restoring data is only part of what you really need. Availability is a different area of focus, as this is needed before storage can happen.
When you’re selecting a cloud provider and service package, you must first define the value of service availability to your business. Here are some questions to consider:
- Is it better to lose the data permanently or have it fall into the wrong hands? This is a balance between availability and confidentiality.
- Is keeping the data tamper-free more important than unplanned data loss? The answer helps you decide whether to focus on integrity or availability, or to balance between them.
- Are all of these decisions unacceptable, and I need absolute confidentiality, integrity, and availability? If so, plan on spending time and money to make that happen. Such comprehensive no-compromise solutions are rarely cost-effective, even in a cloud scenario.
- How long can my company operate without access to cloud data and services? This question gets right to the point. If the cloud is down, does that result in a minor inconvenience or a profit-shaking catastrophe? Would you gladly risk your data going public in order to get access restored?
Top Tips for Achieving Data Availability in Your Business
To help achieve sufficient data availability in your business, follow these best practices below:
Have a Plan
Maintaining data availability should be a central element in your company’s disaster recovery and business continuity plan. This should include RPO (recovery point objective) and RTO (recovery time objective) targets that define, respectively, exactly which data must be restored, and when it must be accessible, for operations to resume after a disruption.
Utilize Redundancy
Having backup copies of your data ensures that the failure of a storage component, or the deterioration of stored data over time, won’t result in permanent loss of the information.
Eliminate Single Points of Failure
You should not only have multiple copies of your data, but also multiple access routes to it so that the failure of any one network component, storage device, or even server won’t make the data wholly inaccessible.
Institute Automatic Failover
When an operational disruption occurs, automatic failover can ensure continuous data availability by instantly swapping in a backup to replace the affected component.
Take Advantage of Virtualization
Since storage system functionality is accessed through software and is independent of the underlying hardware, you are less vulnerable to component failures or operational disruptions in a local facility.
Use the Right Tools
Rather than attempting to increase data availability in your IT infrastructure through home-grown initiatives, employ tools specifically designed for that purpose.
Data Availability Metrics You Should Be Monitoring
There are a few essential metrics to monitor when evaluating the data availability of your operations:
1. Security Alerts
Availability isn’t just about application monitoring and recovery – it’s also about ensuring your information is protected. If you aren’t monitoring security alerts and warnings, your applications may be running perfectly while your intellectual property is being stolen.
2. Idle Connections
Idle connections suck up resources and threaten to fill database pools, congest networks, and stymie performance. Furthermore, idle connections can indicate a problem in the application layer or database configuration.
3. Long-running Queries, Commands, or Jobs
This applies not just to database queries or jobs, but also to commands and backups. These types of digital actions can be an indicator of poor system health, slow disk speeds, CPU or other resource contention, or even deeper systematic problems.
4. Disk Input/Output
Disk IO typically refers to the input/output operations of the system related to disk activity. Tracking disk I/O can help identify bottlenecks, poor hardware configurations, improperly sized disk or poorly tuned disk layouts for a given workload.
5. Memory
Memory monitoring goes beyond measuring and looking at space that’s either free or used. Monitoring memory helps you look into traffic jams or leaks, identify improperly sized systems, understand loads, and spikes. In addition, knowing about memory-intensive patterns can help you anticipate availability demands.
6. Disk Space
Disk space monitoring is available in many forms, and utilizing it as a metric can prevent unnecessary problems and costly last-minute scrambles to add more space.
7. Errors and Alerts
Errors, alerts, and recovery messages in the logs are another good metric to consider. Adding log monitoring for FATAL, PANIC, and key ERROR messages can help you identify issues that your availability solution is frequently recovering from, such as database crashes, application panics or core dumps, or fatal errors requiring a cold restart.
8. Recovery Numbers
Similar to monitoring errors and alerts, the recovery numbers can tell you a lot about the quality and status of your system’s availability. If you are averaging more than one application recovery per week, you’re likely experiencing something more than your normal availability protection. And while the recovery was successful in restarting your application or system, too many of these false or even real recoveries aren’t normal and should be investigated.
Ensure Data Availability With Help From Thrive!
Ample data availability can have a direct impact on your business’s bottom line. To ensure your data is consistently available at the required level of performance, during the typical business day or a disaster, you need a cloud solution that’s a perfect fit for your unique organization.
For all your data availability needs, turn to the experts at Thrive! Whether you need a safe and affordable journey to the cloud, or looking to migrate your data to a CJIS-compliant data center, look no further than Thrive. Contact us today!
Data Backups: 4 Reasons Why They Are Essential for Your BusinessData backups are important these days.
But before we talk about data backups, let’s answer this question: what is data? It can be your customer and patient information, QuickBooks numbers, sales analyses, product photos, videos – all the various files and bits and pieces that essentially comprise the lifeblood of your business.
Losing it can be detrimental in a number of ways , from relatively minor annoyances (accidentally deleting important work and having to backtrack) to potentially business-ending catastrophes (data breaches and theft of customer data and information).
And then there’s Mother Nature and the mortality of hardware. An unexpected flooding, natural disaster, or even sprinklers ruining your equipment could be back-breaking without any backups to restore.
Read on to see why data backups are so important in this digital age.
1. Cybersecurity risks
You hear about it in the news all the time: cyber attacks causing havoc on businesses of all sizes the world over.
Whether it’s through social engineering, phishing emails, business email compromise, ransomware, brute force attempts, or any number of attacks, hackers are after your data, plain and simple.
Cleanup after a successful attack can certainly be costly. But there are other costs, both monetary and otherwise, that business owners may not be thinking about. These include compliance violations, losses due to downtime, and a hit to one’s reputation.
The sheer number of ways your network can be attacked makes it difficult to anticipate what can come. But awareness of the threats and trends, good digital hygiene, and layered cybersecurity can all help minimize the risks.
And having good backups can be one of the best ways to deal with cybersecurity threats. After a successful attack, you will have the option to essentially go back in time and restore a stable version of your data – and get back to business!
2. Natural disaster
Human adversaries may pale in comparison to the sheer destructive capabilities of Mother Nature.
A tornado, earthquake, or other calamities may befall your facilities, and your computers may be completely destroyed. This possibility underscores the need to have not just backups, but also off-site replication. If your backups are in the same location as your data, that data can be destroyed at the same time.
In the unfortunate event of total disaster, if you have backups off-site, you’ll be able to restore your data and systems to new hardware.
3. Hardware failure
Don’t overestimate your computers and hard drives.
They aren’t invincible.
Business-critical functions, customer data, and your staff’s work can be lost if a key piece of hardware decides to finally fail.
Having your data backed up can be the perfect “insurance policy” for your computers and hardware.
4. Human error
We’ve all done it.
Accidentally deleted files. Botched an update (or neglected to do one). Caused irreparable damage to an actual piece of hardware.
Humans aren’t perfect. Backing up your important data can be the perfect failsafe for potential blunders. And blunders will happen.
Ready to get on the path to good data backups?
With so many ways for data to get damaged, deleted, or outright destroyed, it’s important for businesses of all sizes to consider data backups.
Getting on the path of data backups is just the first step. You’ll also need to ensure you use the correct type of backups.
As mentioned above, off-site replication is critical to ensuring your data doesn’t get wiped out in one fell swoop. And backup verification is crucial. You must be sure all that data you’re backing up is error-free and ready to go should you need it.
You’ll want to develop an action plan for data recovery for your business, outlining a list of possible threats, your IT assets, policies, contingency plans – basically, what you need to take care of when disaster strikes.
Because there are numerous variables to contend with and options to consider – and careful, comprehensive planning to make – many business owners are choosing managed data backups from a good managed service provider.
Get help from the data backup experts at Thrive
Thrive is an experienced MSP. We’re nationally recognized and have many years of focusing on data backups for small and medium businesses. By honing our skills in SMB and within select industries such as healthcare, manufacturing, legal, and finance, we know the ins and outs of not just data backups, but also compliance and other related, significant matters.
Ready to learn more about managed data backups? We’d love to help! Contact us today for a free backup consultation.
How Government Agencies Can Benefit from DPaaSWith growing concerns regarding data loss, an increase in the need for data backups, and complex compliance requirements for government agencies, the global data protection as a service (DPaaS) market is expanding.
While the popularity of DPaaS continues to grow among managed service providers, government agencies are also realizing that DPaaS offers numerous advantages when providing secure IT services for internal organizations. To fully take advantage of this service, learn more about what exactly DPaaS is, why the market is rapidly expanding, and how government organizations can harness its value for the best results, continue reading below.
Why is Data Protection Essential for Government Agencies?
The current IT landscape is constantly evolving, with malicious attackers continually devising new ways to attack. Data protection safeguards data from compromise, loss, or corruption, which could include virus and malware attacks, identity theft, scams, and more. Since government organizations may contain sensitive information that is not intended for the public, a security breach could put the privacy of officials, clients, and sensitive data at risk.
With ever-expanding advancements in data protection technology, malicious attackers are also developing new ways to compromise information. In the first six months of 2019 alone, data breaches exposed 4.1 billion records. Since then, the need for data protection has only grown more apparent. With the COVID-19 pandemic further accelerating cyberattacks and data breaches, government organizations need the best protection to prevent a potentially devastating attack. A recent survey found that almost half (46%) of global businesses have experienced at least one cybersecurity incident since moving to a remote workforce due to COVID-19 lockdowns, while the FBI has reported that the number of attack complaints in their Cyber Division has reached as many as 4,000 a day – a 400% increase from pre-COVID-19 months. With malicious software continuing to grow as a threat, government agencies need continuously comprehensive data protection to prevent the risk of data being compromised.
What is DPaaS?
Data protection as a service (DPaaS) is what it sounds like, a cloud-based service for protecting organizational data. With DPaaS, organizations can secure archival data for long-term retention requirements and enable quick data recovery in the event of a disruption to avoid business interruption. The service also provides enhanced security and stability for when your data is most vulnerable.
When compared to buying storage hardware and paying to keep it operational, DPaaS is an affordable option. Organizations pay a monthly subscription for the peace of mind that they have everything they need to recover their data.
How Does DPaaS Work?
DPaaS can secure sensitive information by creating copies of the data and storing it in a separate location. This can include online in the cloud, or through an external device. Providers offering DPaaS may also include additional options to enhance data protection, including VPNs, firewalls, system health monitoring, incident response, and audits.
DPaaS is ideal for organizations facing the following challenges:
- Backups often fail
- Backup windows often run into the next day
- Multiple backup solutions need to be managed
- Backup space constantly needs to be freed up
Under the umbrella of data-related as-a-service offerings includes disaster recovery as a service (DRaaS), backup as a service (BaaS), and storage as a service (STaaS). These services offer government organizations the protection they need in an increasingly unpredictable world.
Top Drivers Growing the DPaaS Market
The DPaaS market is predicted to have accelerated growth as more organizations accept the cloud and services-based storage options, as well as the continued operational challenges due to malicious attackers. The service is predicted to reach nearly $29 million by 2022, with a CAGR of 31.5% from 2016 to 2022. Several drivers of the growing global data protection services market include growing concerns of data loss, the increasing need for data backups, and the integration of recovery and backup services.
Data loss due to disruption can be devastating for government organizations in terms of costs, and the consequences from lost sensitive data. DPaaS offers tools that can prevent loss and mitigate disruptions if they indeed occur and makes retrieving earlier versions of files much more efficient when compared to traditional backup methods.
These advantages have led to the increasingly rapid adoption of cloud computing and the soaring of the DPaaS market to be a $46 billion industry by 2024. As more organizations desire management and high scalability for their services, the DPaaS market will only grow.
DPaaS Benefits for Government Agencies
Government agencies, in particular, have much to take advantage of from DPaaS services. Here are some of the benefits of choosing DPaaS for government solutions. By encompassing backup and disaster recovery, data protection, and storage, DPaaS allows for a resilient data protection approach that can be scaled as your demands evolve.
Faster Backup & Recovery Process
Whether it’s due to a natural disaster, or a malicious human actor, disruptions are inevitable. When they do happen, government agencies need to be back up and running in no time! One of the most valuable benefits DPaaS delivers is a quick and resilient backup and recovery process to avoid extended downtime. Hosted cloud backups run continuously, enabling an accurate and quick backup when needed.
Reduced Overall Costs
When budgets are tight and you need to optimize what funds you have available for IT, you want to prioritize the areas that need it most. Choosing DPaaS as a cloud-based solution from a trusted advisor is an efficient and budget-friendly option. Instead of having to allocate large portions of funds to keep off-site facilities operational, DPaaS only requires a monthly service fee charged by a provider who manages the operation – freeing up your own internal team.
Enhanced Data Protection
Choosing DPaas services from a trusted provider allows your government organization to take advantage of resilient and agile data protection. In today’s current IT climate, managing data protection is essential, but many internal teams can be overwhelmed when balancing data protection and the organization’s own strategic initiatives. Being overworked or understaffed in IT makes your entire agency vulnerable.
Depending on what your unique needs are, your DPaaS strategy can include everything from:
- Both local and remote storage hardware
- IT support
- Licensing
- Regularly scheduled test restores
- System health monitoring
- Incident response (failed jobs)
- Request response (restores)
- Software and hardware upgrades
- Co-management
- Immutable copies to prevent data loss
- Reporting
- Audits to ensure all data is protected
Additionally, choosing a DPaaS provider not only allows your government organization to enjoy secure data protection, but also receive the expertise and vigilance of IT professionals who can help with compliance concerns and expert advice regarding your data.
Leverage DPaaS Powered by Thrive in Your Government Agency!
Thrive has been supporting government agency IT needs for years. Thrive’s Data Protection as a Service offering provides backup and restore capabilities of your data that are integral to your organization, including physical, virtual, NAS, office 365, etc. Wherever you store your data – on-site, off-site, in the private or public cloud, or even in hybrid environments – Thrive can deliver the protection you need. For systems of all sizes, Thrive ensures ready, reliable access to your sensitive information.
For more information on how Thrive can provide your government organization with the data protection you need for today’s ever-evolving IT environment contact our team of experts today.