Enabling Remote Workforce and Business Operations to be Scalable During COVID-19 and Beyond.

As businesses and organizations around the world were forced to move their employees to work remotely, many were not truly prepared for what is required to make that transition while maintaining seamless operations.

As a result, businesses found themselves scrambling to get corporate laptops into the hands of key personnel, while others encountered supply chain issues that reduced stock at both large suppliers and local electronic chains. Each company, no matter what their size was faced with managing internal software and access requirements. But, how do you translate this at scale? How do you ensure that your employees can work anywhere, anytime, and on any platform available? The answer is simple, and it lies in a technology that has been around since the early 90’s and continues to evolve today. While there are many variations it is all fundamentally offshoots of remote desktop. Citrix, VDI, RDS, DaaS, are some of the current names with each product designed for different use cases and business needs.

Years ago, remote access was traditionally a very easy solve. Working from home was not a popular use case as it is today due to available consumer bandwidth options. Most commonly, users were granted access to corporate resources such as files and email via VPN (virtual private networking). More security-focused organizations provided employees with a corporate machine to access the VPN. However, this solution always had a fundamental flaw, those endpoints albeit secured with your corporate AV, were still living outside the perimeter of the network, and would then connect with full access to the network.

As the security landscape evolved to combat emerging threats from all angles, which specifically included remote workers; Solutions were born that allowed remote access to the corporate network without network level access. This meant that users could access all corporate resources but never actually be physically connected to the network. Additional controls put in place by an organization could further lock down and secure that access. While the organizations that still relied only on VPN access to the office, at the start of the quarantine were struggling to get laptops, configure VPN access points and buy additional licensing. Those that had already put in place a robust solution like Citrix, RDS, VDI or DaaS simply ensured that their end users knew how to access it. What makes this so much easier you ask? Well, it is because technologies like Citrix and RDS use the concept of shared application access. Take for example your accounting department who needs to run Great Plains while working remotely. Instead of loading Great Plains on each of those end users’ laptops, you would install it on the Citrix or RDS server and once any member of that accounting team logs in they would be able to access Great Plains as if they were sitting in their seats at the office. This also means that when it is time to upgrade the software, as the admin you simply perform the update once on the server, instead of multiple times for each remote employee. In the last 5-10 years this technology has evolved even more with the mainstream introduction of VDI (virtual desktop infrastructure). This concept took the idea of a windows machine and made it available as a virtual machine. This allowed admins the flexibility to deploy and scale machines on demand based on end user need. It allowed for controlled updates to the machines and operating system. Users can either use a pool of dedicated virtual desktops. If situations required it, they had the option of giving users their own dedicated desktops. Now imagine your users who already work in their VDI’s in the office are now asked to go into full remote work mode. Those same users simply go home and log into their VDI and it is like they were sitting at the office. In all these solutions there is a front-end server or appliance that handles load balancing of your connections as well as user authentication. Behind that is either your server farm that hosts the applications or a pool of desktops, making the solution highly resilient and redundant.

Solving the challenges of remote work environments are proving beneficial in other business operations. If added to your BCP/DR plan they ensure business continuity by allowing your operations to continue regardless of what happens in the office. Many of the VPN-only organizations currently allow their end users to VPN into the office and then use Microsoft RDP to access their office computers. In a perfect world this works, but it does not account for loss of power or catastrophic events that affect the office. It also does not account for simple things like computers that are simply powered off and cannot be accessed.

If you are an organization that is serious about proving the best level of remote access while securing the enterprise, Thrive is here to help. CONTACT US TODAY!

Cloud First with COVID-19 – The right business strategy

Like many of you, I have had some time in recent weeks to reflect on my role and how we as a NextGen managed services and security provider are helping during this pandemic. Much of my daily life before COVID-19 was convincing businesses that a cloud first strategy was the right choice, not only from a security and cost perspective, but primarily due to how the workforce has changed.

Before the pandemic, most of us relied on a platform that allowed us to work from any place at any time with flexibility during our busy lives on the go. Even with all the convenience provided by the cloud, most businesses that we spoke to still had a negative impression of moving “everything” to the cloud.

Here’s what they had to say:

  • The cloud is too expensive.
  • I have better security at my office.
  • I cannot run 100 % of my applications.
  • I don’t trust the cloud.
  • I can get another few years out of my server that lives in the closet down the hall.

In August of 2019, we convinced a client of ours to move the cloud. We advised them to take a leap and move everything to a modern cloud platform that would support their goals of a cloud first strategy and a true mobile workforce. A few benefits that they were looking to gain were:

  • Better and more turnkey remote access, no clunky VPN’s
  • Higher security
  • Operate more efficiently
  • The ability to scale quickly
  • Access to 100 % of the firm’s data. (files, folders, network drives, and all applications)

They decided to move their entire organization to the cloud and by November of 2019 this firm was up and running.  I spoke with our client last week (April 2020) and he mentioned something to me that I had to share.

“Thrive and the NextGen cloud platform might be one of the single best decisions that we ever made as a firm!  100 % of our firm is now able to work in the cloud from anywhere. Had it not been for this move during this COVID-19 pandemic, we simply would not have been able to work in this manner. Our firm would be in a much different place.” ~ Michael Cohen, Managing Director – Glass Jacobson

Stories like these not only point out how a good cloud first strategy helps our client’s business during normal times, but really shines during times like these.  As a NextGen MSP and MSSP, I know that we have armed our clients with a robust cloud computing platform that is helping their business every day and enabling them to keep their virtual doors open and employees productive from anywhere.

For more information on Thrive’s Cloud Solutions, CONTACT US TODAY!

SEC Sweep Exam Priorities – Business Continuity

Watch the Full Webinar Presentation!

 

Marc Capobianco, EVP of FinTech at Thrive, John Stiles, Founder & CEO of C/Bridge Strategic Advisors and Michael Dale, CFO at Eastward Capital Partners discuss how financial firms need to review and update their business continuity plans to comply with regulators expectations.

Discussion Topics:  

  • Does the firm have policies, procedures, guidance or other information tailored to address the continuity of business operations during a pandemic?
  • Has your firm activated its BCP in response to COVID-19?
  • Does your firm’s BCP address the resiliency practices of third-party vendors, service providers and partners?
  • How has your firm addressed cyber security policies and procedures regarding employee remote access?
  • Does your firm have any specific limitations in its ability to operate critical systems and operations during the pandemic?

Fill out the form to get instant access to our on-demand webinar.

Trusted Advisors – Beyond Service Understanding and into Deal Positioning

As 2019 ended and 2020 began, the nationwide Channel continued its tremendous growth. Partners are more established than ever in their roles as trusted advisors and are increasingly adept at uncovering cyber security, Cloud, and a variety of other Managed IT opportunities.  A greater overall focus on partner education has been a key contributor to this success with Master Agencies at the forefront — coming up with increasingly engaging and effective ways to prepare partners to win deals. However, as a supplier, it is important to note that the education cannot end there.

While partners receive enhanced educational benefits from an industry and general service perspective, one thing I have noticed is the push for suppliers to not only educate partners on their assorted services and products, but to go a step beyond. Yes, understanding the product suite is vital, but the true value is in understanding HOW to sell these services to your existing account base once you learn them. This is not a one size fits all approach and must be addressed uniquely. Thrive is making a push to provide more education to our partners beyond what we offer and how we differentiate in the marketplace. We aim to dive deeper into how to take this knowledge and position it through the right line of conversation with the goal being to find direct opportunity alignment.

A big piece of this additional education is helping our partners identify key market trends and build business cases around them, specifically as they relate to Thrive and our strengths. For example, organizations with a new IT Director or C-Level executive have proven to be the perfect candidates for a Network Health Assessment; a commissionable engagement run by our consulting team that helps businesses drive value by understanding where they need to invest from an IT perspective. In a broader example, we have seen more and more first time SIEM adopters. With our partners asking the right questions, a need was identified for smaller SIEM/SOC deals with under 100 devices that had previously not been a focus of ours. Partners now know to leverage Thrive on these opportunities as we have a strong SIEM offering.

While this is already about a paragraph too long, I think it’s important to emphasize the main takeaway here. Partners are becoming more educated and bringing better opportunities to the table. There needs to be a push to go beyond the ABCs of our services as suppliers and continue to build the deal positioning aspect.  This requires a tailored approach that focuses directly on what we do best and helping partners leverage that.

We don’t expect to be picked for every given opportunity, but want to make sure that when we are, everyone wins.

For more information on Thrive’s Channel Program, CONTACT US TODAY!

Thrive Partner Testimonial – Blue Front Technology Group

This video features Thrive’s Channel Partner — Dan Passacantilli, Founder of Blue Front Technology Group. Blue Front Technology Group has been a channel partner of Thrive’s for 15 years.

Agents and Technology Consultants partner with Thrive to leverage our technical expertise coupled with our NextGen managed services. Thrive is considered a trusted advisor that partners rely on to offer their clients NextGen Technology Services.

For more information on how to partner with Thrive, CONTACT US today.

The Single Cause Behind Most Vulnerabilities and How to Solve It

Having been involved in hundreds of vulnerability assessments I can confidently say that most issues have a single underlying source.  The discovered vulnerability could be an increased risk of ransomware exposure, buffer overflows, elevation of privileges, denial of service, weak encryption, etc.  Regardless of the diversity of the vulnerabilities, there is commonly a single deficiency within the organization that led to the risk.  It is a crucial component of any solid cyber security framework, yet it remains one of the least appreciated and maintained areas of Information Technology.  By now, you may have guessed, that I’m referring to patch management.

Inevitably, a vulnerability assessment will overturn workstations, servers, switches, firewalls, routers, wireless access points, hypervisors and countless other devices which all need to be patched. Consequently, the IT department is consumed with months of maintenance windows to get everything updated.  After many late nights, every piece of infrastructure is finally fully patched.  The IT department can finally get a good night’s sleep!  Unfortunately, it won’t last long because while all of those patches were getting installed more vulnerabilities were discovered which will require more patching.  This is the never-ending struggle of patch management.

It’s true that most IT departments have a pretty good handle on patching workstations and servers by leveraging automated patching solutions.  However, that addresses only a small piece of the typical IT infrastructure.  What’s a sleep deprived IT department to do to keep up with the tidal wave of patches? It’s simple, embrace Thrive’s NextGen services.

  • Offload all server and hypervisor patching responsibility by transferring workloads to one of Thrive’s many cloud solutions.
  • Deploy ThriveCloud managed firewalls, switches and wireless access points to allow for automated patch and firmware deployments during scheduled maintenance windows.
  • Leverage Thrive’s 3rd party patching solution to update often overlooked and highly vulnerable software like Java, Acrobat and Zoom.

For more information on Thrive’s NextGen managed services, CONTACT US TODAY!

Remote IT & Security. Is your business and corporate data at risk?

Overnight, the COVID-19 pandemic has permanently changed our approach to remote IT and security. We went from offices full of collaboration and activity to at home offices now exposing businesses and corporate data to increased risk.  At Thrive, we hold a daily management meeting to review and discuss the implications of a remote workforce during this experience. Many organizations are following a similar protocol as well, and although it has taken some getting used to, it has shined a light on how well we are able to collaborate remotely.

Our president, Marc Pantoni, mentioned the other day on one of these calls that the focus at the beginning of the Work From Home period was stability but as it matures, many organizations will start to focus on risk management as they were during prior to this unplanned event.

Over the years, we’ve seen disaster recovery tests become quite commonplace but now we’ll start to see pandemic tests or WFH tests become much more prevalent.  This isn’t fear mongering, it’s prudent risk management.  I surmise that like many of you, my work from home plan was my laptop sitting on a home office desk or perhaps a kitchen table.  My home office did not have all the trappings of my branch office. Over the last couple of weeks, I’ve gotten quite efficient at WFH and for many end users that environment is here to stay even once we all return to the office semi-full time.

Securing that location will now become a higher priority.  For many senior leaders and high-tech workers, we will look to high value yet low effort solutions to protect the household.  For years network security companies have added a feature to their devices that is not very widely used that can provide “clean” network connections.  This function, usually called transparent mode, introduces unified threat management appliances into home networks without changing the overall topology of the environment.  This means that we can add intrusion prevention and malware protection at the network level without the needing to swap out the consumer wifi solutions, which are very popular.  Fact is, having malware on a home network is as big of a problem as it is on an office network regardless of where it resides.

To understand this concept a little easier, here’s a simple network diagram:

Home Network

These solutions are extremely straightforward to setup and maintain as opposed to creating a branch office inside a home office.  It allows for added protection of all devices on the network without the headache of redesigning the entire home network.

If you have questions or concerns about remote IT and security, Thrive is here to help. CONTACT US TODAY!

How the Cloud is Changing Disaster Recovery

There is nothing any business fears more than a complete collapse of its IT systems. The financial cost of such an outage can be great, and additionally retrieving the data and rebuilding the system into its former state is often an extremely time consuming and logistically complex proposition. Businesses have literally gone under due to such IT issues, and although this is something that many companies dread, often SMEs don’t have sufficient provisions in place to provide effective disaster recovery.

It is a basic facet of human psychology that we often assume that the best case scenario will occur, and nothing fundamentally will go wrong. This tendency is amplified in the case of disaster recovery, where providing satisfactory backup for a business can involve a certain financial outlay.

(more…)

What Is a Hybrid Data Backup Solution?

In the current economy, many businesses across the globe are seeking alternatives to costly data backup methods. A popular solution to costly backup methods is cloud backup, which works well as a strategy for business continuity planning and disaster recovery. Data backup and storage in the cloud means that the cloud service provider takes responsibility for costly backup hardware and redundancy methods. The company seeking cloud storage pays a monthly subscription fee, which is based on the amount of backup and storage which is required.

In order to successfully backup and store data in the cloud, you must choose a reliable provider that has a track record for using multiple backup servers, advanced security, and immediate access and recovery in the event of a disaster. A lot of companies prefer to pursue the best of both worlds by combining the speed of local backup with the security of cloud backup. This concept is known as hybrid backup and is more cost effective than tape methods and other offsite storage methods.

(more…)

How to Choose the Best Data Protection Solutions

Every company is aware that the proper data protection measures are of utmost importance. Yet many businesses still utilize older methods of data backup such as tape systems, costly onsite backup methods, and offsite systems that may mean several days until recovery takes place.  These methods consume resources and pose more risks of failure in addition to being complex, costly, and labor intensive.

New data backup and recovery technologies eliminate (more…)