According to Flipboard, hackers were able to tap directly into the databases where the app-company housed customer information. The information stolen, including customer names, user names, hashed passwords, emails, and digital tokens or API tokens for your favorite social media apps. Although Flipboard does not know how many accounts hackers infiltrated, nor have they fully-assessed the damage, one thing is for sure: It’s time for many companies to begin reading between the lines. While data that was stolen is serious, it’s the number of time hackers were able to go undetected that is cause for concern. Companies need to focus on Endpoint Protection. Read more
For many CIOs and COOs, the process of technology continues to be a top priority for many come 2019. As a major headache, businesses are increasing their cloud investments to move forward with digital transformation efforts were then faced with the massive undertaking of getting multiple resources connected for a seamless user experience.
Many of the local SMBs have found a lack of competency in many smaller providers, with stitching together applications and services to make up your current IT environments. It’s these environments that will increasingly become more-hybrid. With a large mix of on-premises equipment dispersed across various sites, public and private continue to muddy the waters.
As part of the many businesses moving towards a digital transformation, IoT (Internet of Things) has entered further cluttering device options and platforms that can begin to optimize your operations. As many begin with 2019 initiatives, that will further bring-on greater levels of complexity. As a result, many local business owners have identified this gap and began to address this in their technology plans.
As many CEOs begin cracking down according to the latest “State of the CIO 2018” report, IDGs. This continues to add pressure on the organization. As one of the most experienced MSPs in the SF Bay Area, we continued to rapidly innovate, enhance your speed-to-market and greater your customers experience with your business.
By assessing your existing investments in equipment and resources to better determine what new investments need to be made, when achieving technology goals. The digital transformation many businesses are undergoing isn’t exclusively about new technology, but instead, deciphering what makes sense to retain and what needs to be integrated for legacy applications and services, it’s more of a comprehensive assessment.
With all this in mind, we offer CIO’s and COO’s a range of services to further assist in the development of these transformative plans. In our experience, these three components continue to best assist companies in their digital future.
- Assessments & Planning – As you begin launching digital initiatives the need to measure twice, cut once an be a great undertaking for several businesses. Involving a review of current architecture, and bandwidth demands of these assets require greater discovery and review to determine a solution that’s right for your business.
- Execution – Once planning and alignment are finished, technology providers assist in multiple ways to execute this vision. It takes an IT Expert to match workloads to platforms with optimization in mind, followed by the task of creating a truly digital ecosystem where your business network can be secured and managed successfully by a business that’s done it for over 30 years.
- Follow Through – With experience gained through time, we continue to see clients with a lack of talent and expertise in these fields. To fully integrate technology, it requires businesses to either hire someone full-time or outsource to an MSP. As your business continues to propel further towards a more connected network, how does a business keep all of this secure, and up-to-date?
Many of our clients, rely on this tax incentive each year, to provide them with the ability to purchase or update the technology that runs their business. Utilized by many for licensing, software packages, servers, routers, and switches, many of our clients have leveraged Section 179 as an invaluable asset for the innovation and management of their network infrastructure
Below is an overview of the section 179 tax-incentive for 2018 include deduction limits, and bonus depreciation. Originally used by innovators and investors to further the(their) businesses technology goals, many of our clients rely on this credit for the larger items in their technology scope.
2018 Deduction Limit = $1,000,000 (one million dollars)
The initial deduction is good for purchasing new technology equipment or off-the-shelf software. To take the deduction successfully in 2018, the equipment must be purchased or financed and put into service between January 1, 2018, and December 31st, 2018.
2018 Spending Cap on equipment purchases = $2,500,000
The maximum amount that can be spent on equipment, before the small business tax incentive is affected, is $2.5 Million to $3.5 Million. Most businesses looking to qualify for the tax-incentive doing $2.5 Million in technology spending, don’t meet the needs of a small business.
Bonus Depreciation: 100% for 2018
An additional bonus to close-out the year-end budgeting for 2018, bonus depreciation is generally taken from the spending cap that a business reaches and is available for both new and used equipment.
What’s the Section 179 Deduction?
Most small to medium-sized businesses in the San Francisco Bay Area think the Section 179 Tax Deduction is some mysterious or complicated tax code that you’ll need an accounting or financial firm to clear. Essentially, Section 179 is the IRS tax-code allowing businesses to deduct the full purchasing price of qualifying equipment and/or software purchased or financed during the tax year. This incentive was created to encourage businesses to invest in themselves and update vulnerable technology.
Currently, Section 179 is one of the few incentives available to small and medium-sized businesses. Large businesses also benefit from Section 179 for Bonus Depreciation. Join the millions of SMBs that have begun taking action and get your team real benefits.
Here’s How Section 179 works:
In the past, businesses would purchase IT equipment, typically writing-off some through depreciation. While this writes off was better, it wouldn’t be until 2018 that the government would include the write-off of all qualified equipment purchases for the same year your IT equipment was purchased. Making a big splash so far, many of the companies looking to move to the cloud or replace an older exchange server would qualify to write-off on the 2018 Tax Return up to $1 million.
Limits of Section 179
- 2018 Cap to the total amount of write-offs is $1 Million
- Amount of technology equipment purchased $2.5 Million
- Dedication phases-out on a dollar-for-dollar basis after $2.5 Million is incurred and goes away at $3.5 Million.
Who Qualifies for Section 179?
Businesses looking to purchase, finance, or lease new or used business equipment during the 2018 tax-year qualify. Most of the tangible goods purchased through Section 179 and must be placed into service no later than December 31, 2018.
If your business is looking for ways to save on technology spending, look no further. With over 30 years of experience serving the San Francisco Bay Area, our seasoned staff knows just how to get you the technology you need. If you wish to price it out, visit the Section 179 Calculator.
Not sure what you might need? Sourcing-out gaining desktops or mail-servers are always at the top of an SMBs list. If you need assistance in discovering and identifying technologies that could benefit your business, contact us today to speak with one of our many experts.
Every week, I’m sure your inbox becomes bombarded by the daily news alerts regarding the dangers of hacking attack, phishing attempts, and data breaches. The rapidly-evolving landscape poses major challenges for companies today, by establishing or updating your security framework.
Information and technology managers are especially concerned about gaps created in security system controls, and processes. These will begin your ongoing shortages of resources and expertise needed to protect information or stick to compliance. Your industry and business will begin to dictate your approach to advancing your security posture. Given the scope of this problem, your security team is uncertain where to begin and how to proceed.
Begin taking a phased approach to your cybersecurity systems. Plug the most important security gaps first, following the later when timing and process are flushed-out. Typically, security gaps are created when assumptions are made surrounding your IT network, as these new threat vectors emerge as soon as updates are rolled out.
Security Is More of a Journey
Typically, companies push security initiatives through, with no real destination in sight, so it wouldn’t be likely, every gap can’t be solved at once. For this reason, it’s best to begin revisiting your security framework, and any pressing risks or vulnerabilities. This better aligns our comprehensive security platforms better, over time. Begin focusing efforts around securing the most important aspect of your business, for some companies that are patient safety, for others, it’s privacy or monetary funds. By creating what is important, IT companies like ourselves can assist better in the threats haunting your business. It Starts with a reference point, and if you don’t have any security framework, or are unsure, it can usually be found by asking your IT manager, or the resident computer guy.
Getting cybersecurity right requires extensive experience, with a multitude of business models. Hackers are always looking for ways to generate some form of social engineering, to take advantage of our emotions. I get robot-dialers calling my cell phone all the time, with fake stories about a prince, needing my help. By following this framework, business leaders can evaluate the current and future state of business cybersecurity.
There will always be social engineering, hackers and sneaky back-door entries to software. As a result, no matter the stance on cybersecurity, it’s essential to your business to begin training the members in your organization and contribute to stopping the spread of these threats. As people will always be the weakest link when scrutinizing your cybersecurity.
Sharing the knowledge, we’ve gleaned from over 30 years in IT support and consulting services the best way to defend against the constant threat of cyber attacks for our managed service clients, is with a phased approach, built from alignment and cohesion of your strategic plan, and our knowledge.
To further understand what your security framework could be, or to have any questions answered, contact us today to get started.
Remote Desktop Protocol (RDP)has been known to IT professionals for years, added into our arsenal since the original release with Windows NT 4.0. This provided the technical people the ability to treat any system or task as though it were local. Before we go further, it’s worth noting most Ransomware attacks occur through the open-ports in your network. These ports are what leadership sometimes use to remote into a work machine. You’re internal IT uses this to assist in taking control of your work PC to troubleshoot a problem.
Quickly, the productivity tool was adopted, widely seen by many as an initial attack vector. From a security standpoint, any software or program that takes remote control of your PC is worth of severe scrutiny. In the wrong hands, RDPs can assist cybercriminals in deactivating device’s in the organization’s network, concerning endpoint protection, and deliver nasty payloads of malware.
Using a publicly accessible Remote Desktop Protocol session to reach systems creates major concerns surrounding your network vulnerability. Public sessions are targets, with cybercriminals discovering new ways of conducting port and IP sweeps. According to Tyler Moffit, Webroot’s Senior Threat Analyst and partner “It’s a matter of when not if.
Recent reports suggest the state of banking security as half of all banks in the SF Bay Area have left remote access and control interfaces like Remote Desktop Protocol, openly accessible from the internet. Shocking finding for many in an industry built on securing customer information.
Turning Remote Desktop Protocol into an Attack Vector
Although most cyber attacks are from the results of lateral movement through your IT network, malicious payloads will spread between each system, fully compromising and stealing each PCs data. By adding pubic accessible Remote Desktop Protocol, you compromise those with weak credentials, using password breakers to easily accomplish these lateral movements, from user to user.
With four high-level options for securing your environment, and managing them with more security:
- Consider eliminating the Remote Desktop Protocol access by changing the default TCP ports and leveraging a virtualized network, or VLANs to critical systems. A more secure option would be to block all RDP connections through none whitelisted IPs. Additional solutions are available when it comes to logon monitoring and activity summaries with heightened visibility utilizing multi-factor authentication.
- Secure all systems and endpoints first, with solution designs to monitor and remedy any network anomalies. Similar to that of an RDP session from other workstations and notify your technical team or leadership.
- Utilize paid encryption Solutions for remoting into work systems. Some of the most popular remote solutions are TeamViewer, LogMeIn, and Screen connect all companies through encrypted connections to release communications as need.
Ready to Ditch the Remote Desktop Protocol?
With security threats and attack vectors mounting, remote desktop options are out there, and your Managed Service Provider or IT Consultant should be attending to the major attack vector. Companies must begin to recognize the security dangers across their network, and how to best leverage their current technology investments. Paired with our award-winning suite of solutions, better secure the access to RDP, the data, or black all remote sessions until further notice, per security posture.
To learn more about what Managed IT Support can do in terms of your networks RDP, contact us today to get started in discovering network vulnerabilities, the criminals will leverage.
Your data retention and customer information are the lifeblood of your business – there’s no denying data’s importance, especially in day-to-day operations. Today, organizations across all industries are tasked to protect this vital info, retain it, and provides access at all hours. Yet, all we’ve seen was a lack of the appropriate archiving and retention policies upon initial inspection.
Building Data Retention
As your MSP, it’s our job to be your strategic advisor and help them understand exactly what their retention requirements are for various business needs. By looking to clean up your IT environment and implement retention policies for more secure, and accessible data you can gain an edge on the pitfalls of errors and mistakes.
By establishing data retention policies, here are some key points you should consider. Keeping in mind, that not all data is created equal—the first step in establishing appropriate retention policies, which data needs to be archived, and for how long.
Step 1: Classifying
Strike a balance between what’s optimal for your business needs vs. cost-effectiveness, by asking some of these questions before classifying or deleting data.
– Is this info critical for the customers’ business operations?
– Would your data be classified as a permanent document of any kind?
– Is your data considered proprietary intellectual property?
– Does your data reflect the current, legitimate and useful information or needs?
Data that fits none of these criteria may be suitable for deletion – although most data is generally retained for at least a twelve-month period, with a very small percentage needing to be retained after that period for legal holds. Assess value and risk before deleting anything and consider cost and storage requirements when choosing to keep anything else. There should be no arbitrary or ambiguous data—everything must be accounted for.
Step 2: Compliance
There is a hierarchy to follow when determining which data must be stored. Ensure data retention policies align with any of the following compliance or regulatory restrictions:
Whether it’s HIPAA, FINRA, PCI, or other regulatory concerns, know your verticals, and know the law. What data must be kept (and for how long) can vary significantly from one industry to the next.
Retain all data that could be subject to legal discovery or would be needed in legal action should it arise.
Pro Tip: If you need a long-term storage solution for less time-critical data, you can leverage our series of cost-effective data retention and BDR solutions.
Step 3: Deletion
Once your identified data no longer serves any useful purpose, there’s more to do than simply emptying your desktops recycle bin. Set expiration dates for all data when establishing retention policies unless it’s designated to be retained in perpetuity. It should be noted, that when data has exceeded the retention limits, it should be deleted immediately.
Finally, data that is retained must be data that is accessible. Choose a fast and searchable archival method to access data and determine what frequently-used data (if any) should be kept “live” outside of archival applications.
For anyone unsure of their backup and disaster recovery technology, and its configuration, we can help. With over 30 years of experience, with information technology, our trained IT consultants can get you started down the right path.
Dreading your company’s technology review because you can’t show how your technology is performing? Have a provider suffering from a lack of ideas on how to truly accelerate technology? You’re not alone – these are common symptoms for Bay Area businesses having selected the wrong managed IT service solution.
I’m sure many of you have heard of the age-old adage, “If you fail to plan, you plan to fail.” No business owner should see this as a surprise. Yet, when we chat with new clients and their peers, it seems like they were winging information technology(IT) until now.
Many local businesses are surviving on a day-to-day basis. Some even feel they barely have time to plan for what is going on this afternoon. Tomorrow will begin to seem overwhelming, and the recipe for disaster is born.
Here Are the Three Important Reasons Why You Should Take the Time to Plan for Tomorrow:
1. Your Business Depends on It: How many of us have thought about businesses growing in a healthy, reliable fashion when executing your sales efforts consistently. It’s critical that you and your team understands the full capabilities and metrics tied to your business efforts. By planning for your technology future, employees will begin to thrive, finances become more predictable, and the stress levels around technology drop. Your internal staff members aren’t left with trial and error. By preparing your information technology today, you can battle the fires of tomorrow.
2. Putting-Out Fires Isn’t Productive: Many local business owners become regularly stuck fighting information technology fires. That’s unfortunate because, in the larger scope of things, it feels like work is being accomplished, but no situation has been remedied. Your information technology partner should be working within your business, not on your business. This path of neglect is also one leading to high stress and minimum growth.
3. Life Happens: Employees can get sick, or decide to leave the business unexpectedly, even with proper planning, there’s absolutely no margin for error at this point. Sometimes, businesses are faced with opportunities, that demand immediate action, again delaying the time to think about what advantages, and needs your business now has for technology.
How Can WE Fix This?
As IT people and not miracle-workers, we can create a fully-encompassing management solution for your technology. Putting out the fire, of one of the largest problem with local companies today, aging technology. As a trusted IT partner in the Bay Area, we understand that there are many substitutes that come close to the care, and customer satisfaction provided by our staff.
If your business has been having technical issues, you owe it to yourself, and your work, to give an expert a call. To begin a no-cost conversation regarding your information technology, feel free to reach out to any of our friendly staff for further assistance.