Migrating to the Cloud isn’t always a simple undertaking. There are many considerations any organization must address when it contemplates migrating data and applications from its on-premises solution into a Cloud environment.
Thrive not only has the experience and resources to guide you through the migration process, but also the managed service offerings to help you optimize and manage your applications once they get to the Cloud. Our Cloud analytics tools can determine optimal memory, CPU, and storage tier needs to ensure that your Cloud services are right-sized for predictable billing and performance.
DOWNLOAD Cloud Migration PDF
Guide to Cloud Migration
A goal for any government agency looking at the Cloud is fairly straightforward: cut waste, and enable employees to deliver services to the public faster and better. Choosing a reputable Cloud services provider is crucial for the government and law enforcement agencies migrating to the Cloud. To minimize risk and maintain the security of critical information, be sure that the Cloud provider you choose has a lead agency sponsor or that the Criminal Justice Agency (CJA) has completed a site security checklist.
The first thing a government agency may want to consider is finding a CJIS-compliant Cloud provider that can work within their budget. Many Cloud providers adhere to the consumption-based billing model, meaning that the amount an organization pays can vary wildly from month to month. For government agencies operating on a
strict budget, such fluctuations are not acceptable.
DOWNLOAD CJIS Compliance PDF
This checklist PDF outlines the 3 different paths to becoming CJIS Compliant in Florida (though many states utilize a similar process). Checklist 1 will walk you through becoming compliant internally. Checklist 2 will walk you through becoming compliant with a Cloud vendor that is not yet sponsored by a leading agency. Checklist 3 will walk you through how simple it is to become CJIS-compliant with a lead agency-sponsored vendor like Thrive.
Thrive is a leading provider of outsourced IT infrastructure. Thrive delivers comprehensive managed services and unmatched expertise to drive secure digital transformation. Thrive’s unique combination of industry experts, an automated technology platform, and the Thrive5 Methodology provides customers with a strategic advantage as they look to secure, scale, and succeed.
DOWNLOAD CJIS Checklist
Your firm’s IT goals need to result directly from your business goals – not the other way around. Think about it. When was the last time you actually considered how your business goals interrelate with your IT goals?
The right IT partner will be able to make the connection between your business needs and your technology needs. Be realistic about what your business goals are and communicate them clearly to your IT partner, who should be able to create a solid strategy tailored to your alternative investment business.
DOWNLOAD Our Buyer’s Guide Today!
The managed services market is growing, and shows no signs of stopping. The global MSP market size grew to $238.71B in 2021, and is expected to reach $274B by 2026, with expansion occurring at a compound annual growth rate (CAGR) of 13.4% from 2022 to 2030. Put more simply, demand for managed services is on an accelerated path as more businesses strive to boost operational efficiency, productivity and cater to remote work environments.
For customers, implementing and managing infrastructure technology will continue to become more complex and challenging as firms transition to the Cloud to stay competitive while also facing a constant stream of issues around cybersecurity and network management.
Here’s what else is going on:
- According to a commissioned IDC study, nearly 55% of companies are using managed services for value-added services and to reduce security risks, which have multiplied since the pandemic’s outbreak as employees work remotely and business partners and customers rely entirely on electronic communication
- One survey by CompTIA showed that 50% of companies who engaged an MSP saved 1-24% in annual IT costs, 33% saved 25-49%, while 13% reported savings of more than 50%
- It is expected that 36% of the ballooning managed cloud services growth will originate from North America between 2022-2026, with the U.S. being the key driver. According to a 2022 report by Technavio, this increasing cloud technology adoption among end-users such as SMBs and large enterprises for automating their business process, including data processing and outsourcing and Internet services, will fuel the growth
- According Statista, the U.S. has the highest average total cost of a data breach at $9.44 million. In 2020, 25 percent of respondents worldwide reported the average hourly downtime cost of their servers as being between $301,000 and $400,000 U.S. dollars
- A 2021 study found that only 54 percent of respondents at U.S. businesses employing 500 or more staff have a documented, company-wide disaster recovery plan in place.
- Globally, there was a 141% jump in the number of records stolen in 2020 – reaching a total of 37 billion, as cybercriminals target more diverse data sources to sell and to use for extortion.
Keeping pace with the rate of technological change is hard enough, it is even harder to rationalize managing IT, digital transformation, and the cyber threat landscape on your own.
Whether you’re managing your IT in-house and need a boost, or are looking for a partner to manage it all – Thrive can help. Speak with one of our experts today to see how our bundled managed services packages can help your organization meet its NextGen IT goals.
How to Enable Data Loss Prevention in Case of Natural DisastersData loss prevention is critical to ensure data and business continuity after a natural disaster. Recover your systems and data as quickly and fully as possible by mitigating risk with the right policies, processes, and infrastructure.
Here are the key questions you should be asking when creating a plan to protect and recover your data in the case of a natural disaster:
What does your current backup situation look like?
The first step toward improving your data protection practices is to consider your current IT infrastructure and systems. Do you have a disaster recovery plan in place? If not, why not?
The assumption that nothing bad will ever happen to your data exposes your business to major risks and devastating losses. It’s not a question of if your data will be destroyed or compromised; rather, it’s when.
Even the most cautious organization will run into situations like natural disasters, hacking attacks, or even user error, where their data is lost or compromised and needs to be recovered. A well-prepared business should always have a comprehensive backup and disaster recovery plan at the ready.
Have you talked to your employees?
By developing and instituting clear internal processes and best practice standards for data management, businesses can help to prevent data loss following natural disasters. Once employees are properly handling files and information day to day and know the correct steps to take during adverse events, your business is a critical step closer to ensuring data protection and successful business continuity.
How often do you test your backups?
Even if you have a backup system in place, how often do you test your procedures and backups to make sure that you can rely on them when you need them the most? It’s not unheard of for a business to lose everything in a fire, and when attempting a recovery, they find out that the entire backup is corrupted or doesn’t work properly. You shouldn’t hope that your backups are reliable, complete, and ready to go; you need to guarantee that they are.
Where do your backups live?
Many businesses rely on their servers for backup, either on-premise or off. In these cases, you should be sure to design a network of backups that offers sufficient redundancy and to have the appropriate resources and expertise to maintain and service them.
What backup approach works for you?
Many organizations that maintain their own data centers also use third party cloud-based solutions for a secondary backup. Having servers in diverse locations supports data loss prevention by minimizing risks due to natural disaster.
A hybrid approach that combines on-premise servers with third-party managed cloud infrastructure can provide geo-redundancy and additional managed services capabilities.
Take advantage of Disaster Recovery as a Service (DRaaS)
The most effective way to enable data loss prevention is to create a seamless disaster recovery plan that includes Disaster-Recovery-as-a-Service (DRaaS). DRaaS simplifies many of the backup and recovery processes, provides storage-related cost savings, and allows businesses to backup their data more frequently with less administrative complexity.
In the event of a natural disaster, a third-party DR service provider can typically help you recover much faster because of their significant and specialized training and resources. DRaaS providers also have the experience of handling multiple catastrophic events in a diverse range of scenarios and can contribute their expertise around handling real world failovers. Third party service providers can rapidly respond when disaster strikes to assist your business in successfully minimizing damage to your data, reputation, and business continuity.
Thrive Specializes in Data Loss Prevention
By following data protection best practices, your organization can weather natural disasters and reduce or eliminate disruption to your business.
Working with Thrive will allow you to avoid costly outages and data loss that could harm your operations, reputation, and profitability. Preparation means businesses gain a competitive advantage by keeping the lights on during the storm.
Stay Safe in the Cloud with Thrive
Is It Time to Take a Hard Look at Your Cybersecurity?Cybersecurity breaches and data privacy/transparency issues are on the rise. Notably, adapting to COVID-19 forced many companies to bypass certain cybersecurity controls,1 which contributed to a 141% jump in breached records globally in 2020 compared to 2019.2
The SEC thus identified this as one of its 2021 priorities and has proposed rule amendments to improve cybersecurity risk governance disclosures.3
Thrive’s cybersecurity solutions can help secure both your data and your assets. Employing both proactive and preventative measures, our cybersecurity consulting and solutions reach well beyond typical reactionary support. Early detection means we’re able to stay ahead of growing and ever-evolving cyber threats—and protect your business. Cybersecurity is a sound investment in your firm’s future.
Taking a good hard look at your current cybersecurity posture now can help secure a solid future in many ways, including:
- Building investor confidence
- Gaining a thorough security vulnerabilities assessment
- Going into Investor audits fully prepared
- Ensuring ongoing financial regulator compliance
Early detection means you’re able to stay ahead of growing and ever-evolving cyber threats—and protect your business. To learn how our team can build customized cybersecurity solutions for your firm, contact us today.
1. Source: EY, October 2021, “How cybersecurity risk disclosures and oversight are evolving in 2021”
2. Source: Risk Based Security report, January 2021. Based on roughly 3,900 publicly reported breaches globally in 2020.
3. Source: The National Law Review, September 2021
Cybersecurity risk management applies to business entities in every vertical. Whether you’re in finance, healthcare, education, or beyond, it is vitally important to regularly assess your information technology assets in order to know your organization’s security posture on an ongoing basis. Especially when signing up for a cybersecurity insurance policy, insurers need to know where an organization’s risk profile currently stands and the steps they’re taking to proactively mitigate cyber risk on an ongoing basis.
A Cybersecurity Risk Assessment involves:
- Taking a look under the hood to assess a company’s technology infrastructure
- Identifying potential vulnerabilities
- Verifying that controls are put in place to minimize organizational risk and maximize information security.
Download our Cybersecurity Risk Assessment Guide to understand how best to calculate your cybersecurity risk exposure.
DOWNLOAD our white paper today!
RPO Basics
A Recovery Point Objective (RPO) is a metric used to determine how often data backups should run, and to evaluate what services and solutions match your business needs. The RPO is determined by understanding how much data loss your business can tolerate.
Some businesses and organizations may have mandated RPOs due to data privacy and compliance requirements, such as the financial and legal industries.
Why is this important? Data is dynamic and constantly changing over time, while backups only capture data at a specific point in time. The length of time between each scheduled backup is known as the backup interval. The wider the interval, the higher the likelihood that your data will change during that time, and the more risk you take as that data remains without a backup until the next backup. In the event of a data disaster, a higher backup frequency enables more recovery points to restore from and shrinks the interval between backups so that data has a better chance of being captured. Your RPO defines the maximum allowable amount of lost data measured in time from a failure occurrence to the last valid backup.
Meeting Your RPO
For example, an e-commerce business may conduct around-the-clock online transactions. They evaluate their systems and business model and determine that losing more than 15 minutes worth of data would be extremely detrimental to their operations, customer service, revenue, and reputation. They decide that their RPO and backup interval should never exceed 15 minutes. They then choose a solution that is capable of running a backup schedule at 15 minute intervals, such as at every quarter hour on the hour (0:00, 0:15, 0:30, and 0:45).
If a failure occurs, with successful backups every 15 minutes, they would always be able to recover without major threat to their business continuity. Here are two examples on how it would play out:
- If they experienced a system failure at 0:03, they’d only lose 3 minutes worth of data.
- If failure occurred at 0:52, they’d lose 7 minutes of data.
- For both scenarios, since the time between the last backup before failure and the data disruption are well below the 15 minute RPO (3 and 7 minutes respectively), both losses are survivable for the business.
Failing to Meet Your RPO
Conversely, if a business can only withstand an hour’s worth of data loss, yet has backups running every two hours, that business is not meeting their RPO and is at risk of losing critical data. The risk escalates the further in time the failure occurs from the last backup.
For example, if they run their backups every odd hour on the hour (1:00; 3:00; 5:00, et cetera):
- A failure at 1:40 is less damaging than one that occurs at 4:55.
- The first incurs 40 minutes of data loss, which is acceptable according to their RPO of 1 hour.
- The second incident incurs 1 hour 55 minutes of data loss, which definitely does not meet their RPO and may seriously damage their business.
For this business, without the appropriate 1 hour backup interval, meeting their RPO of 1 hour is a game of chance and does not meet their business needs. If a data disaster occurs such as a ransomware attack, user error, or natural disaster, they stand to suffer damage and potentially opening themselves up to liability, loss of business, and compliance risk.
RPO Services and Solutions
There are a range of services and solutions that enable backup intervals that support different RPOs. The chosen RPO can affect the price, configuration, and IT resources required. Working with a flexible, customer-centric backup and disaster recovery service provider can help you to determine the most cost-effective and responsive solution for your business.
Backup as a Service (BaaS)
Backup as a Service (BaaS) offers fully configurable online backup and recovery processes, supported by Thrive. These services are scaled for your organization so that you get the control you need with the support that you want.
Backups can be performed automatically according to flexible backup schedules, allowing for businesses of all sizes and needs to meet their specific RPOs. Communication is initiated by your systems, and your information is encrypted using AES (Advanced Encryption Standard), before being pushed via a secure SSL/TLS connection to Thrive’s datacenters. All of the backups are also incremental and only move new or changed data.
Thrive proactively monitors the data centers, operations, and customer data transfers to ensure optimal backup and recovery.
Disaster Recovery as a Service (DRaaS)
Disaster Recovery as a Service (DRaaS) enables your company to replicate data and deploy a Disaster Recovery (DR) environment without needing to construct a second physical data center. DRaaS replication ensures that your production site and DR site are in sync, allowing you to meet demanding Recovery Point Objectives (RPOs).
What About Restoring Backups?
BaaS allows both local and cloud restores from your backups based on your RPOs and the stored backup snapshots. DRaaS extends recovery capabilities to allow for full recovery directly into cloud infrastructure in just minutes, giving your organization the Recovery Time Objective (RTO) that you need for true business continuity.
Thrive to the Rescue
Your Backup and Disaster Recovery Experts
Thrive is a trusted global provider of comprehensive cloud, data protection and security services.
Since 2001, Thrive has provided these robust and secure managed cloud and disaster recovery solutions from a scalable multi-tenant infrastructure, supported by our first-class in-house technical team. Thrive delivers highly flexible and responsive solutions with outstanding value and service, using state-of-the-art technology to offer ultimate protection and peace of mind.
We are driven to be your trusted partner and to ensure that we deliver a Thrive Experience that meets your business requirements with the reliability, scalability, and support that your business demands.
Contact us today to learn more about how Thrive can help you meet your operational demands while protecting and recovering your most valuable asset – your data.
Let’s be honest, nearly all of us have been victims of a friendly April Fool’s prank at some point. The day (and month!) is full of (mostly) harmless pranks and jokes by friends and family. But let’s not forget that getting targeted by hackers and cybercriminals is also very much a reality. Pranksters love to play jokes on businesses and unsuspecting individuals, but cybercriminals like to take advantage of this time to cause serious security incidents with unforeseen costs.
April Fools’ Day is not the only day these cybercriminals use to take advantage of people’s naivety and lack of awareness, the frequency of these cybercrimes has been growing for a while. With a reported 150% rise in ransomware attacks between April 2020 and July 2021, it is becoming increasingly essential for people, especially employees to learn more about how they can protect themselves as well as their organizations from hackers and different types of cyber criminals.
This April Fool’s Day, Thrive would like to raise awareness around cyber-attacks, share with you some common examples of the tactics used by cybercriminals, and discuss how you can identify scams and protect yourself, your businesses, your employees, and your customers.
Let’s get right into it. Here are some of the most famous internet and telephone scams that you must have heard of:
The CRA Scam:
This is a very common scam in Canada, especially during tax season. You might receive calls or emails that may seem to be from the Canada Revenue Agency (CRA). You might be told that you owe taxes or that you are in trouble with the tax department and that you must make payments or give out your credit card or banking information. Sometimes they might even send you links to fake websites that might look exactly like the real CRA website. It is best to just hang up on the call or delete these emails. The real CRA will never call, email, or text you asking for this kind of information.
The Prize / Lottery Scams:
In these types of scams, you might get a phone call or email saying that you have won a prize, such as cash, a car, an iPhone or a vacation. The scammer will tell you that you need to make a payment to collect your prize, and they might ask for your credit card or banking information. You obviously won’t receive the prize that you were promised but now the scammer can make charges on your credit card, or worse drain your bank account. Once you lose the money, you probably will not get it back.
The Nigerian Prince / Emergency / “Grandparent” Scams:
In these types of scams, the scammers pretend to be close friends or relatives in trouble. A very common one is when the scammer pretends to be a long-lost relative who is a Nigerian prince who needs your help to save his life or to move large sums of money internationally. This scam is so popular and successful at reeling in victims that it’s earned the name, ‘cat fishing.’ They might ask you to send money because of an accident, an injury, an arrest, or a robbery. And just like with all the other scams, this is likely just a way for scammers to get access to your bank account. They often target seniors but anyone of any age can be the victim of these kind of scams.
Other examples include phishing, social media account hacking, fake cryptocurrency, fake charities, fake lotteries, fake surveys, fake kidnapping, fake tech support, fake free stuff, identity theft, and the list goes on and on!
Now that we’ve talked about how hackers commonly target individuals and employees, let’s discuss what you could do to prevent yourself from falling for their tactics. Here are some ways you can ensure that you, your data, and your systems are protected:
1. Adopt a strong Password Management strategy:
It is always advised to use strong, unique, and difficult-to-guess passwords for all your accounts and devices to ensure your data is protected across all different systems. We understand that it can be hard to remember numerous unique alphanumeric combinations (which aren’t a combination of your dog’s name and your birth date) for different accounts and devices, that’s why we recommend using a reliable password manager service. A secure password manager can automate the process of creating, encrypting, and storing individual passwords so that you don’t have to remember dozens of them at all times. Also, don’t forget to keep updating these passwords now and then as another precautionary measure.
2. Utilize Multi-factor Authentication features:
Using a multi-step verification/ authentication process while logging into your accounts and devices adds another layer of security to your data protection strategy. Using a reliable authenticator app or using built-in application-based unique one-time-passwords (OTP) through email, text messages or calls are very helpful in this process. They are used to add another layer of protection to prevent access in case hackers somehow gain access to your passwords.
3. Do NOT click on links or attachments from unknown email addresses:
It only takes ONE wrong click to download viruses or give hackers access to your entire computer system. So, if you receive suspicious emails with links or attachments, don’t click on them unless you’re sure they are from reliable sources.
Thrive provides superior protection against ransomware, viruses, malware, spear phishing, email DDOS and undesirable emails. Our Fully Managed Anti-Virus and Anti-Spam Services are just what you need to strengthen your multi-platform threat prevention strategy.
4. Look for the ‘S’ in https:
Continuing with the above-listed point, another good indicator of a potential problem is if you receive a URL in an email without the ‘S’ after the http in the link. The ‘S’ literally stands for ‘secure’ and indicates that the website has an SSL (Secure Socket Layer) certificate. You should always hover your mouse over any link to see its true destination and if you can’t see the ‘S’, you definitely should NOT click on the URL.
5. Invest in Cybersecurity Awareness Training programs:
The National Security Agency reports that over 90% of cyber-attacks are preventable with basic Cybersecurity Awareness Training. So, by just taking a cybersecurity awareness course and keeping in mind all the points listed in this article, you might already be a few steps ahead of those cyber-criminals and save yourself from serious issues and huge losses!
No matter how large or small a business is, it’s a target for cybercriminals. That’s because it can only take a single unwitting click on a phishing link to grant criminals access to everything on a given network and, in some cases, beyond. It’s also why security awareness training and phishing simulations are essential for organizations who want to transform end users from the weakest link in the security chain, into a truly resilient first line of cyber defense.
Thrive’s Cybersecurity Awareness Training provides the continuous, relevant, and measurable testing and education that businesses need to minimize risky user behaviors and resulting security incidents.
6. Schedule regular Data Backups:
Thrive’s Backup as a Service (BaaS) solutions provide Complete Data Protection for VMware, Hyper-V and Physical Systems among other things.
World Backup Day falls on March 31st every year, the day before April Fools Day, which is perfect timing to make sure all your regular data backups are scheduled are running properly across all devices and platforms. The “I’ll do it tomorrow” approach on World Backup Day could land you in some serious trouble in case you get fooled the very next day on April Fools’ Day!
7. Have a Disaster Recovery Plan ready:
No matter the size, location, or industry, organizations need to take the time to put together a well-thought-out and practical strategy for implementing DR best practices and scheduled maintenance.
Organizations should have an easy-to-understand step-by-step guide on what to do in a data emergency so that employees, partners, and vendors understand their roles, responsibilities, and the resources available to them before, during and after crisis strikes.
We hope you can now better understand how common and dangerous cyber threats, hacking, viruses, malware, ransomware and other cyber attacks are. However, more than 90% of these incidents are preventable with the right kind of Cybersecurity Awareness Training.
If you spend some time learning more about how these cyber-attacks work, how hackers and scammers approach people, what kind of tactics they use, and how you can deal with them, you can prevent cyber attacks and protect yourself from becoming one of their victims.
The World Wide Web is an incredible source of information, innovation, and entertainment! Have fun with it, and keep learning new things, all while staying vigilant and safe on the internet!
Have any questions? Contact Us to learn more about all our services!
Happy April Fools’ Day! We promise we won’t fool you though!