Author Archives: Thrive

Chip Gibbons, cybersecurity expert, details elements he finds that organizations overlook in their security platform.

FDIC & OCC cite their top six controls for risk management. Does your firm have these in place?

The Federal Deposit Insurance Corporation (FDIC) and the Office of the Comptroller of the Currency (OCC) issued an interagency cyber threat warning, citing a “heightened risk” to financial institutions amid increased geopolitical tension. Financial firms should re-evaluate the adequacy of safeguards to protect against a cyber security risk and focus on risk management principles that can reduce the chance of a cyber-attack as well as minimize business disruptions.

No matter how sophisticated the security solution, it is unreasonable to expect it to reduce the risk of a cyber threat to zero. However, security solutions combined with proper cyber hygiene can greatly limit exposure. Additionally, firms must also focus on risk management controls including detection and response. It is not enough to just have an incident response plan, firms should perform full incident response simulation training and crisis management. This immersive simulation training will identify cracks in your cyber preparedness.

The FDIC & OCC joint statement stressed the importance of the following key controls for Risk Management.

1. Response, resilience and recovery capabilities by (i) maintaining comprehensive resilience plans in order to respond and recover successfully from destructive cyber-attacks and (ii) establishing comprehensive system and data backup strategies;
2. Identity and access management to prevent phishing attacks that could compromise login credentials;
3. Network configuration and system hardening that (i) only provides access to approved ports, protocols and other services and (ii) are continually monitored;
4. Employee training on recognizing cyber threats, phishing and suspicious links, in addition to measuring the success of the training programs;
5. Security tools and monitoring procedures, such as (i) hiring qualified cyber security staff, (ii) reviewing system and network audit logs and (iii) implementing a sufficient internal and external testing programs to assess the firm’s ability to detect cyber threats; and
6. Data protection systems to implement (i) a data classification program and (ii) encryption and tokenization of confidential data.

Thrive has the resources to ensure that your firm adheres to the FIDC & OCC guidelines. Secure your sensitive data by contacting Thrive’s expert team of cyber security engineers today.

Do you shut your car windows when you leave it? The answer is most likely “yes” since you do not want people getting into your car and taking things or vandalizing the interior in any way. Just like your car, you need to make sure you do the same with your laptop, desktop, or cell phone. Many of the security solutions we discuss and support for our clients include software that gets installed and managed by Thrive to help further protect the assets of the client.

When traveling for business I often observe things that can be discussed with new and existing Thrive clients to bolster their security posture. On a recent train ride, I was reminded that not all security comes in the form of a piece of software that Thrive needs to manage. I watched as a gentleman got up to take a phone call in private and left his email up on the screen and the laptop unlocked. He was an attorney and had left some confidential information on his screen. If he had a privacy filter installed on the laptop, I would not have known he had left the computer unlocked. After ten minutes he returned and luckily no one had done anything with the email or his computer in that time. This is not an uncommon occurrence. On almost every flight and train one can watch someone using a computer, tablet, or phone get up and walk away from it without locking the device.

If you are unaware of how to easily lock your computer here are a few tips to help:

Microsoft Windows:

1. Press the Windows key + L
2. Press Control-Alt-Delete and hit enter
3. Press Control-Alt-Delete and click on “Lock Computer”

Macs:

macOS Catalina

1. Go to the Apple menu and click Lock Screen
2. Press Command+Control+Q

Older versions of the operating system

1. Press Control+Shift+Power button
2. Press Control+Shift+Eject if your Mac has an optical drive

Thrive, a Top 100 Vertical Market MSP, has hired John Holland as chief revenue officer. He previously held key roles at TierPoint, Sungard Availability, Internap and Broadwing.

Every organization needs to have an actionable data backup and recovery plan in place to ensure that critical data and applications are protected when disaster strikes. Underestimating the likelihood that adverse events will occur and impact operations, reputation, and revenue is a massive lurking threat to profitability and business continuity for organizations across the globe.

Businesses that evaluate the risks to their data continuity, identify their critical data and applications and implement best practices and systems designed to mitigate the threats and ultimately safeguard their operations, customers, and profitability. A way to do this is to be ready with a data backup and recovery plan.

Risks to Critical Data Continuity

Natural Disasters and Power Outages
Hurricanes, fires, and floods are on the rise

Security and Compliance
Malware, ransomware, and internal data handling

Human Error
Deletion of data, theft, or sabotage

Hardware Failure
End-of-life equipment, gaps in infrastructure, and redundancy

Software Failure
Failed or corrupted application patches or upgrades

Corrupt Data
Damaged or otherwise compromised files and infrastructure

Identifying Critical Data and Applications

Backups of data and systems should be done at least nightly and depending on the criticality of the system and the amount of data generated, often more frequently. Modern backup systems will provide flexibility to do full backups periodically in combination with incremental backups to optimize backup windows and recovery speeds.

In addition to backups, archive requirements vary from business to business based on internal policies and retention requirements, but which promote long-term data protection. Your organization should also consider applicable local and global consumer and industry data regulations and compliance laws, the volume of data that your company generates, and best practices around retrieving and deleting information.

Critical and irreplaceable data can include:

• Email messages and attachments
• Address books, contacts
• Calendars
• Customer data
• Documentation
• Applications and settings
• Databases

Other considerations:

• What do you need to backup?
• How much disk space is needed to back up?
• Review of your Internet connection capacity (can it accommodate off-site file transfers?)
• How often should backups be performed (depends on how often your data changes)?
• How will you monitor your backup system(s)?
• Can you test your ability to restore data (restore a portion of your data on a scheduled basis)?

Systems and Best Practices – Thrive Can Help!

There is a wide range of options available to IT teams in choosing a backup strategy and system for their organization. At Thrive, we work to keep your environment protected and accessible. Our goal is to keep your organization open for business despite whatever adverse events come your way.

Thrive’s solutions and responsive support enable your in-house IT team to minimize disruptions and ensure smooth operations and business continuity, even in the face of disaster.

We make sure that your data and IT systems are available and ready to resume operations so that you can continue to provide uninterrupted service to your customers. Contact us to learn more.

Proven industry Sales and Marketing leader to support accelerated growth and additional geographic expansion

FOXBOROUGH, MA, January 14, 2020 – Thrive, a premier provider of NextGen Managed Services, proudly announced today that technology sales-leader, John Holland has been appointed as Thrive’s new Chief Revenue Officer.

John Holland is a veteran of the Cloud and managed services industry, spending the last 20 years leading sales organizations throughout North America. Before coming to Thrive, John served as the Senior Vice President of Sales at TierPoint, a nationwide Cloud and Managed Services Provider, for nine years. Prior to TierPoint, John led sales teams at Sungard Availability, Internap and Broadwing.

John brings his vast customer-focused experience in executive-level sales, business development and marketing management to lead Thrive’s customer success, sales and marketing teams. While John will be Massachusetts-based, he will frequently travel across all six of Thrive’s offices to focus on developing each region’s sales efforts, further enhancing relationships with Thrive’s near-1,000 customers and help Thrive continue to expand geographically.

“With Thrive’s continued expansion through the Northeast and Mid-Atlantic regions, we are fortunate to have someone with John’s advanced sales and business development capabilities to focus on organic growth of the company,” stated Rob Stephenson, Chief Executive Officer. “Under John’s leadership, Thrive’s sales and sales operations teams will be able to roadmap, streamline and manage businesses’ Cloud, cyber security, global network management and disaster recovery efforts with our portfolio of advanced NextGen Managed Services.”

“I am honored to join the Thrive team during this exciting period of growth for the company,” said Mr. Holland. “I look forward to leading Thrive’s sales divisions and implementing strategies that will bring the IT capabilities of our clients’ and prospects’ businesses to new heights.”

About Thrive

Thrive is a leading provider of NextGen managed services designed to drive business outcomes through application enablement and optimization. The company’s Thrive5 Methodology utilizes a unique combination of its Application Performance Platform and strategic services to ensure each business application takes advantage of technology that enables peak performance, scale, and the highest level of security. For more information, visit thrivenextgen.com

Follow Thrive: LinkedIn, Twitter, Facebook, YouTube and Instagram

MEDIA CONTACT:

Stephanie Farrell
Director of Corporate Marketing
774.276.1521 | sfarrell@thrivenextgen.com

One of the largest trends in IT seen over recent years has been public Cloud adoption. Gartner predicts that the market will reach $206.2 billion by the end of 2019. Reasons to cite for the shift from on-prem or private Cloud environments include lower cost, high flexibility, and scalability among others.

Understandably, financial institutions have taken a cautious approach to public Cloud adoption. Security and compliance are at the forefront of IT needs for financial service institutions. With regulations dictating how data is processed and stored, the idea of a multi-tenant environment can raise questions about security. Before heading to a public Cloud, consider using a partner that will create a customized roadmap to address your security concerns.

A reliable partner should be able to assess your current environment, evaluate your compliance needs, and create a secure migration path for your applications. One question to ask a managed service provider is, “who will oversee my environment?” To maximize your business’s security, employ 24x7x365 monitoring and management as resource to block sensitive data from being exposed to threats. Breaches often go undetected for months at a time. Ensure that your IT department or a trusted third party is routinely scanning your network for vulnerabilities to mitigate as soon as they arise. Cyber security is not a one-size-fits-all solution, so be sure that your requirements are being met before making the journey to the Cloud.

Compared to an on-prem solution, Cloud infrastructure’s redundancy is more reliable in the face of disaster. All public Cloud environments are backed up through multiple sources of electricity and generators. Not only does this provide ease when devising a business continuity plan, it can also fulfill any compliance requirements you may have regarding your data storage. Be sure to find out what compliance standards the data centers that host your environment contain. Does it comply with SEC or FINRA requirements? If your auditors require multiple copies of data, third party oversight of your security or incident response planning, a quality Cloud provider will be able to meet your exact expectations.

Many public Cloud environments also provide valuable communication tools that make it seamless for teams within your organization to collaborate effectively. With increased levels of file sharing, plan to implement email security measures such as detection and filtration software that will help spot malware, phishing attempts and illegitimate email. While this detection software is very helpful, one of the best methods to protect your data is end-user training. According to Verizon, email delivers 96% of social attacks. Transitioning to the public Cloud is an opportune time to implement training, testing and phishing simulations into your cyber security plan. Users can identify a bad actor in their inbox is a great line of defense for protecting the entire business.

Thrive is a trusted technology partner in the financial space. With nearly 20 years of dedicated support experience, we understand that each business has unique IT needs. If your institution is considering a transition to the public Cloud, our consulting services team can help create your customized roadmap. Contact Thrive today.

FOXBOROUGH, MA – January 7, 2020 – Thrive, a premier provider of NextGen Managed Services, is proud to announce the launch of its newly redesigned website at https://www.thrivenextgen.com/. The new site features a streamlined, modern design, updated content and improved functionality. Our primary goal during the redesign process was to create a more valuable and user-centric resource. We wanted to focus on making it easier for our visitors to learn and locate valuable information about our NextGen technology services for their particular application or industry.

“Thrive’s new website is indicative of our push towards continued growth and advancement as an organization. Our refreshed content contains the Thrive5 methodology which provides each customer with a unique strategy to optimize and protect their business data and applications. This methodology ensures access to the latest Cloud and on-premise technologies, advanced cyber security best practices, advanced networking solutions and compliance & governance assistance,” stated Rob Stephenson, CEO. “We look forward to our visitors interacting with our new website and the resources we offer.”

Thrivenextgen.com will continue to incorporate features of the legacy thrivenetworks.com. Clients will be able to reach online support through the client portal as well as additional support options anchored in the navigation. As always, the website will continue to be updated with the latest blogs and video content from Thrive’s expert engineers and executives.

About Thrive

Thrive is a leading provider of NextGen managed services designed to drive business outcomes through application enablement and optimization. The company’s Thrive5 Methodology utilizes a unique combination of its Application Performance Platform and strategic services to ensure each business application takes advantage of technology that enables peak performance, scale, and the highest level of security. For more information, visit https://www.thrivenextgen.com

Follow Thrive: LinkedIn, Twitter, Facebook, YouTube and Instagram

MEDIA CONTACT:

Stephanie Farrell – Director, Corporate Marketing | 774.276.1521 | sfarrell@thrivenextgen.com

Challenge

Password security and Multi-Factor Authentication are two of the best lines of defense for users to protect themselves against bad actors. After a weak default password without Multi-Factor Authentication allowed a hacker to gain access to the company’s network, a large healthcare provider’s data was encrypted and inaccessible; which halted their operations for nearly twenty-four hours across multiple locations. Ransomware was discovered by the Thrive team on upwards of twenty of the company’s servers.

Solution

Thrive’s Cybersecurity Forensic Analysts took quick action to source the bad actor and work towards remediation. Utilizing best-of-breed tools, they were able to identify the IP addresses in which the attack was originating from and effectively block them from the network. Simultaneously, the Thrive team was able to configure restoration on the servers and perform back up measures. Within twenty-four hours of the original incident the first server was restored, and the remaining were all operational within four days.

Result

The immediate results of the remediation of the servers were that the healthcare provider became operational once again and able to serve their patients. After the event was resolved the organization enlisted Thrive to perform a Security Health Assessment across their environment. Thrive’s cybersecurity team was able to identify vulnerable target areas in the company’s infrastructure and architect customized solutions. All of these being actionable items, the organization has been able to further leverage Thrive’s services to strengthen their security framework to prevent future incidents.

How can Thrive help your business?

Thrive is a leading provider of outsourced IT Infrastructure designed to drive successful business outcomes with our talented engineering teams and suite of Cloud-First, NextGen Managed Services.

To learn more about our services, CONTACT US