Author Archives: Maria Koblish

Business owners are certainly getting wiser when it comes to securing their networks and data.

Cyber crime is at an all-time high, and unfortunately, it only seems to be getting worse.

The Thrive team has battled this menace, protecting our customers from attack. Here are three things business owners should ask themselves when they’re deciding what to focus on next in their security overhaul.

1. Are you testing your backups?

Have backups? Good.

However, it’s not enough just to have backups these days. Backups need to be tested on a regular basis to ensure they will actually work in the case of disaster.

Thrives offers a mature business continuity and disaster recovery service. Your data and backups are tested and reviewed daily by a dedicated team to ensure you’re good to go in case of catastrophe.

2. Are you relying solely on antivirus to block ransomware and cyber threats?

While anti-virus can be an important part of your overall security, don’t rely on it alone to block all threats. Cyber criminals keep getting more clever, and their attacks are increasingly more sophisticated. Signature-based security, like traditional anti-virus, can be circumvented by many attacks.

A potent defense like Thrive’s, which blocks threats at the DNS level, can be the perfect complement to your security measures.

3. Are you educating partners and staff?

No matter how strong your overall network security is, a user clicking on the wrong link can lead to your worst nightmare.

People can definitely be the weak link in your cybersecurity.

Social engineering, within the context of cybersecurity, is the method of using trickery and fake emails to get a victim to reveal sensitive data, make a payment to a criminal’s account, or have them do any number of deeds that endanger their safety and data.

Social engineering is continually improving. Messages are getting more persuasive, and replicas of branding, logos, and imagery are looking more and more like the real thing.

Security forevermore

Will the ransomware and security threats of today be gone tomorrow?

“The need for strong cybersecurity won’t go away anytime soon,” warned Brian Walker. “Cybercriminals have gotten away with too much over the past years. This is literally a business to them now.”

“Security must be a top priority for all business owners,” stressed Aaron Allen. “Again, security must not only be done, but it must be done properly.

“Get a free cybersecurity consultation. We can help you see what you’re doing well, and bring to light areas that can be strengthened. Contact us to get started.”

When it comes to IT managed services, there’s no such thing as ‘one size fits all’. Your internal IT resource, knowledge and capabilities are all unique to your organisation. They’re what shape your requirements and, in turn, dictate what you demand from your Managed Service Provider.

‘Out of the box’ and ‘off the shelf’ are both terms we’re all familiar with. The idea of standardisation, the creation of something which will cost-effectively meet the needs of most organisations, has a definite appeal. However, for many organisations, service or proposition standardisation often means compromise.

When it comes to IT managed services, the needs of one organisation rarely match those of another. The size of your in-house IT team, their skillset, your choice (and use) of technology and your future objectives will all contribute to a unique environment.

No matter the size or shape of your organisation, you will need to engage with service providers to facilitate some of your infrastructure; be this storage and compute, WAN and LAN management, telecoms and connectivity or the many other services you rely on to keep your organisation operational and its staff productive.

This presents you with an opportunity to work with a Managed Service Provider (MSP) that complements your internal resource; filling the gaps in technology, knowledge and skills while allowing your team to focus on delivering projects and driving digital transformation.

What does ‘managed service’ mean to you?

An IT managed service means different things to different people. For larger organisations, those with a greater in-house resource, managed services could be one-time, project-based engagements. Most will have teams large enough to take on the day-to-day infrastructure management, only relying on service providers for technology-specific implementations or external validation of systems compliance or performance.

At the other end of the spectrum, smaller organisations (or highly specialised service providers) may not have the capacity to retain any technical resource in-house. If this is the case, they will need to rely heavily on their MSP to provide an end-to-end managed service that includes systems design, implementation, integration, management and review.

For most organisations, the split between in-house and service provider resource will be somewhere in between. Elements of implementation and administration will vary from business to business. Moreover, with digital transformation driving services that have traditionally been on-premises into the cloud, organisations must simultaneously facilitate change whist developing the ‘know how’ to manage it. This is where your MSP can add value.

Finger on the pulse: The 2020 IT landscape

Both IT managers and service providers must keep an eye on the technology trends that will shape the IT landscape. According to Spicework’s recently published 2020 State of IT report, 88% of businesses expect IT budgets to either grow or remain stable in 2020. Like the 2019 report, this is predominantly driven by the need to upgrade outdated infrastructure.

Budget allocation to hosted/cloud-based services and managed services has increased slightly to 37% (35% in the 2019 report), showing the continued emphasis organisations are placing on such services.

Productivity solutions, online back-up/recovery and email hosting are areas of investment in the cloud marketplace, while managed hosting, managed hardware support and managed storage/back-up are driving managed service investment.

Is SD-WAN the answer?

It has become an accepted “new normal” that the breadth of IT solutions deployed in an organisation (and the expectation of a quicker rate of adoption) is here to stay and will continue to put a strain on finite and thinly spread IT resources.

SD-WAN solutions have become a particular interest to organisations because of their ability to simplify network and infrastructure management. According to IDC, the SD-WAN infrastructure marketplace will grow at a 30.8% compound annual rate between 2018 and 2023, by which time its poised to reach $5.25 billion in value.

While this is a relative ‘drop in the ocean’ in the context of global ICT spending, which is set to hit $4.8 trillion in 2023, its rapid growth does signal the technology’s importance as more organisations turn to it to manage their ever-growing WAN (global ICT’s compound annual growth rate is 3.8% in the same period).

As an emerging technology, internal IT departments are faced with a familiar challenge. Recognising the benefits of SD-WAN, they must decide between leveraging external expertise or increasing internal headcount and overhead to provide the service. Many will be turning to service providers to fulfil this requirement.

A tailored approach is key

In the face of a rapidly evolving landscape, where users’ demands on technology are greater than ever, IT teams are finding a new balance between what they handle in-house and what they outsource.

When choosing your provider, you should look beyond their SLAs. Make sure that you are satisfied they have devoted enough time and care to thoroughly understand your resource needs. They should also have the ability to collaborate with you on your roadmap, so you can accurately plan budgetary and resource requirements.

Your prospective partner should also be knowledgeable of both legacy and emerging technologies. This allows you to pick the right tech at the right time as you move towards a hybrid infrastructure, or adopt a cloud-first approach whilst being insulated from the risks of early adoption.

Before committing to any MSP, ensure they demonstrate their ability to become a positive extension of your IT team, with a documented understanding of the unique skills and resource gaps that you require them to fulfil.

When implemented correctly, such a tailored approach by an MSP will help you accelerate adoption of new technologies, drive greater efficiency across the IT function and keep pace with your changing needs. Thrive is here to help.

DCH Health System, a three-hospital network in Alabama, has reopened its doors to new patients a couple weeks after ransomware hobbled its computer systems.

According to DCH Health System, critical systems for patient care have been restored, while some nonessential functions are still being repaired.

In an article from Tuscaloosa News, it was stated DCH Health System paid the ransom demanded by the hackers. The hackers provided the keys to decrypt the data.

The high cost of ransomware

Even if you decide to pay the ransom, hackers aren’t always trustworthy. Some companies have been left hanging with no decryption keys after paying the demanded sum.

Also, the actual ransom is not the only cost associated with ransomware attacks.

Can your practice afford to have its computers down for days, weeks, or even months?

When it comes to the aftermath of the attack, you’ll likely pay overtime to internal staff, as well as hire contractors to pick up the slack if there is any deficiency in expertise. This is where the costs can really start piling up.

The costs to restore/repair an entire network and ensure all data and systems are working as before typically far overshadow the actual ransom.

Now, think about the damage to your practice’s reputation. Will people fully trust you? Will they feel comfortable with their personal data in your systems after it has been successfully attacked before?

And don’t forget any fines you may have to pay as a result of the attack.

It’s time to take a stand against ransomware

Is your cybersecurity up to par? Is your staff educated about the latest cyber threats?

What would happen to your business if you got hit with ransomware today? Would you be out of business in the near future if you couldn’t get your systems back up and running?

If you’re worried about ransomware, schedule your free cybersecurity consultation. Get your cybersecurity questions answered!

Stand up against ransomware with powerful security from Thrive. Contact us today.

BlueKeep: Another Windows vulnerability

If you’ve been tuned into our channels, you may have noticed our urgent calls for addressing any computers still using older Windows operating systems like Windows XP and Windows 7.

Well, here we go again.

Just recently, Microsoft urged users to update Windows to patch a security vulnerability.

Dubbed BlueKeep, this vulnerability is being compared to the dreaded WannaCry, a ransomware variant that wreaked globe-spanning havoc a few years ago and thrust the word “ransomware” into the collective lexicon.

Older operating systems, especially those that have already experienced end of life, can be especially susceptible.

Remote Desktop continues to be a choice vector of attack for hackers. BlueKeep is yet another Remote Desktop Protocol (RDP) vulnerability. As with WannaCry, BlueKeep has worm-like features.

What does this mean? Once it gains a foothold in your systems, it has the potential to spread at terrifying speeds across the network without any user interaction.

Another malware red alert

Microsoft just announced it has issued fixes for two more critical vulnerabilities that are on par with BlueKeep.

Again, these are wormable issues, making the slightest breach a dangerous scenario.

Unlike BlueKeep, these new vulnerabilities are only found in Windows 10. This underscores that fact that all operating systems and software, not just outdated ones, need to be maintained.

Security forevermore

Software end of life, security fixes, and constant vigilance are just facts of life in the modern technological landscape.

“Keeping your software updated is just something that needs to be done,” said Brian Walker. “Cybercriminals are constantly looking for holes in these, so if a vendor like Microsoft issues a security fix, you best pay attention and get things patched up.

“Now, we understand this can be easier said than done, especially in more complex network environments. That’s why we’re here, to make life easier for our clients.”

“With our managed services, we can take care of things like software updates, patching, and security,” explained Aaron Allen. “Our team of IT experts can keep your systems up to date and secure while you focus on your core mission. We’ve been a longtime Microsoft partner and can assist with all things Windows.”

“With Thrive, we can manage all of your IT for one monthly fee,” continued Walker. “This allows you to remain laser-focused on your clients without having to worry about keeping up with the latest ransomware threats, social engineering tactics, and Windows vulnerabilities.

“Contact us today for a free consultation. We look forward to assisting you with your IT needs.”

The switch economy has had a profound effect on how we engage with service providers as individuals. Insurance and utilities companies need to go the extra mile and maintain a five-star service if they are to command customer loyalty. How would it affect your business if it was easier to switch Managed Service Providers?

As consumers, we have forgone the restrictive nature of service contracts in favour of greater flexibility. An entire market sector has grown out of the desire to switch; comparison sites make it easier than ever to see exactly what you get for your money and review sites allow customers to rate their experience. This has led to a significant change in the way service providers operate; placing an emphasis on flexibility, transparency and quality of service.

In a business to business environment this isn’t the case. Indeed, you could say that the industry is severely lagging behind. While it’s true that where B2C leads, B2B often follows, the industry doesn’t show too many signs of doing this. While G2 and Gartner offer some insight, they can’t be compared against the likes of uSwitch.

IT is spending more on infrastructure

Spicework’s 2019 State of IT report states that 89% of companies expect their IT budgets to either grow or stay the same in 2019. According to the report, this is being driven by a pressing need to upgrade outdated IT infrastructure.

Moreover, 35% of IT budgets in 2019 have been allocated to hosted/cloud-based services and managed services, meaning that IT and network managers will be engaging with both existing and prospective Managed Service Providers to evaluate their offering and see if they’re the right partner for this next stage of development.

How do you compare Managed Service Providers?

With access to a limited range of resources, assessing current (and evaluating prospective) Managed Service Providers can be a time-consuming process. However, the investment in time is well worth it. Whilst every organisation faces similar challenges, the exact combination of challenges, services and requirements will be unique to your business. Engaging with service providers on a personal level provides clarity and transparency.

Simply going to market to ‘see what’s out there’ will likely result in a lot of wasted time and effort. Before you start comparing service providers, make sure you have your assessment criteria locked down. If you have a current service provider, start there. An honest evaluation of your current service will identify if it’s fit for purpose and may identify areas where there is room for improvement.

Any criteria you set should be in line with your overall business objectives and not just consider your current infrastructure, but the desired future state of your technology. Think about your journey to the cloud, any legacy equipment you might want to wring the last few drops of ROI out of, or any major digital transformation projects in the future.

You also need to think about how the skills of your MSP complement those you have in-house. Rather than acting independently, your service provider should act as an extension of your IT team by filling skills and knowledge gaps, or having the capacity to take on the activities you don’t wish to focus on – be they every-day or business critical. In short, they should enable you to get the best out of your staff and your infrastructure.

Choosing the best MSP

Once you’ve defined what you want to achieve, you need to engage with service providers who understand the challenges you face and can demonstrate proven ways of solving them. You can then weigh up their solutions against three key criteria to see if they really do offer a five-star service:

Availability: 99.99% uptime still means you’re without service for 52min 35s every year. When dealing with business-critical applications, we don’t think you should compromise on availability. If you pay 100% of your fees, you should get 100% availability.

Flexibility: The future of your IT lies in hybrid infrastructure; combining public cloud, private cloud and on-premises services. A provider with an agnostic approach will help you locate your services and apps where you need them, when you need them.

Affordability: Complex pricing structures, hidden costs and poor life-cycle management all add unnecessary cost to your solution. An MSP with predictable, transparent costs makes budgeting more accurate.

So how do you find the right MSP for you? Reach out to us today. 

It has been confirmed this attack was carried out with ransomware.

Ransomware is a particularly nasty malware that encrypts a victim’s system and data. These are held for ransom, hence the moniker. The cyber attacker typically requests payment in bitcoin, an untraceable currency that’s all the rage with hackers.

If victims don’t comply with the ransom demands, they risk losing their data. For many companies and organizations, such as those in the legal, medical, and financial industries, this loss could equate to their death knell. At the very least, they risk tarnished reputations and considerable financial and productivity loss due to downtime.

The scourge of ransomware

Ransomware was brought into the global IT conversation in 2017, when WannaCry, a ransomware variant, wreaked havoc on computers and networks across the globe. In a flash, network administrators, business owners, and the public learned about – and experienced – the devastating potential of ransomware unleashed.

Now, more and more businesses are adopting a more aggressive stance against cyberthreats. But, attacks are increasing. The malware and ransomware variants are getting more complex, able to break through stout defenses. And social engineering allows attackers to “smooth talk” their way into systems.

Layered security is the best policy

“No one piece of hardware or software can protect you from ransomware,” cautioned Brian Walker. “There is no silver bullet, unfortunately.”

“A layered approach to cybersecurity is the best policy,” said Aaron Allen, Director of Technical Services. “Each additional layer you implement makes it that much harder for hackers to get through.

“Additionally, user awareness is a definite must. Your employees should be informed on the latest threats. They need to be aware of the devious tactics employed by attackers. One wrong click in a malicious email and you can very well be infected.”

“Worried about ransomware? Looking to improve your network security? Contact us to schedule your free security consultation.”

With end of life quickly approaching for Windows 7 (and Server 2008), many companies that are still using those operating systems are scrambling to get things pointed toward a modern and secure OS.

One stumbling block can be legacy applications that may or may not run on the latest platforms.

You may not have the time – or expertise – to determine what is compatible and what needs to be upgraded … or replaced altogether.

The IT experts at Thrive can handle the whole upgrade process, from examining your network to upgrading all your software – and making sure your systems, data, and people are taken care of and supported throughout.

Contact Thrive today to set up your free upgrade consultation.

As a small business owner, your time is supremely valuable.

There’s a lot to do, a lot to manage. You’re likely wearing a multitude of hats – perhaps a few too many?

For time-strapped leaders like yourself, dealing with computer issues is the last thing you need added to your daily itinerary. Don’t even mention the need to keep up with the latest cybersecurity trends and social engineering tactics, along with the requisite counter strategies.

There’s a reason why more and more small businesses are turning to managed service providers (MSPs) to ease their IT burdens. Actually, there are many. Here are three of the top reasons to choose managed services for your small business.

1. Level the playing field

Small business owners may feel they’re at a technological disadvantage when compared to larger competitors who oftentimes have bigger budgets, more advanced tech, and skilled IT staff to manage that tech. When these small business owners call upon the services of an experienced MSP like Thrive, they can immediately tap into a seasoned team of technicians. Thrive has over 50 techs that specialize in different areas, covering the complete IT services spectrum.

2. Power up with Hardware as a Service 

Worried about having to build your IT infrastructure from the ground up? Researching hardware, finding a spacious and secure area for this hardware, and tying it all together with your business systems can seem like an insurmountable task for mere mortals. With a managed service provider, you can plug into HaaS, or Hardware as a Service. An MSP like Thrive has all the infrastructure in place. Due to economy of scale, you can get get access to power and efficiency you’d be unable to achieve easily via the DIY route. Also, you’ll have trained techs managing all of this for you.

3. Get instant cybersecurity expertise

Cybersecurity professionals spend years learning about the trends and nuances of cyber crime. As a small business owner or leader immersed in your industry, do you have the time and energy to pursue a topic as immense as cybersecurity? Engaging an MSP that specializes in cybersecurity will give you the, well, security you need to help keep your data and systems safe from such threats as phishing and ransomware. Using managed services can certainly be a smart choice when it comes to cybersecurity.

Power up your IT … Choose managed services

So, you may be wondering: what’s the catch?

There is none.

“The team at Thrive has many former small business owners,” explained Brian Walker. “We know what it’s like to manage both a company’s business needs as well as its IT requirements. We want to ease the burden and possible frustrations you may have with IT so you can fully focus on your mission.

“One of the great benefits of using managed services is it typically costs less than if you did it all yourself!

“Contact Thrive today for a free IT managed services consultation.”

Windows 7 and Server 2008 End-of-Life is approaching

Don’t leave your network exposed to cyber attack!

In January 2020, Windows will stop supporting Windows 7 and Server 2008. That means they will no longer provide patches and fixes for any security holes discovered.

And that is an open invitation for hackers to find and attack vulnerabilities in your system.

The time to upgrade to Windows 10 is here. But what if you don’t have the expertise – or time – to upgrade your whole network?

That’s where Thrive comes into play. We can upgrade your systems – and keep them updated – while you focus on what you do best: your own businesses.

In fact Thrive can handle ALL your IT.

Contact Thrive for a free upgrade consultation.

U.S. Cyber Command recently issued a tweet concerning an Outlook vulnerability being exploited by cybercriminals.

CVE-2017-11774, or The Microsoft Outlook Security Feature Bypass Vulnerability, was addressed by Microsoft in October 2017, when their security update corrected how the software handles objects in memory.

It appears hackers are still abusing the Outlook bug, breaking free from the Outlook sandbox and unleashing malicious code.

Many business owners don’t have the time or manpower to research the latest cyber threats, update and patch all their software and hardware, and ensure their data is safe.

That’s why more and more businesses are entrusting the care of their IT and data to managed IT service providers.

With an MSP like Thrive in charge of your systems, there’s no need to keep up with the latest threats and tactics utilized by cybercriminals. With Thrive’s Managed IT Solutions, we’ll take care of all patching, monitoring, and disaster recovery and business continuity in worst case scenarios where there’s a data breach or infection.

Contact Thrive today for a consultation.

See the original Outlook vulnerability tweet.