The principle of least privilege (or PoLP) is, in layman’s terms, the idea that a user or technological process should have the minimum IT access necessary to efficiently complete their job or tasks. In other words, does Joe from Marketing need access to records from HR to perform his duty? If not, he should not be able to access them. Does Margaret from Accounting need access to the Finance records? Likely ...
Continue Reading →
How can a Managed Services Provider save YOUR BUSINESS money RIGHT NOW?
Let’s pretend for a moment you’re a small business owner. Here we are, coming out of a crisis with a lot of economic recovery ahead. A lot of places are tightening their belts and not sure exactly where this is going. They may not be thinking about whether (or not) their IT is properly supporting them. In fact, it may be ...
Continue Reading →
We often get asked about NIST. What is it? How does it affect our business? Let’s take a brief view of NIST and explore some further reading.
NIST stands for National Institute of Standards and Technology, which is a non-regulatory agency of the US Federal Government founded in 1901. However, in the IT world, NIST is generally shorthand for compliance standards relating to cybersecurity frameworks. This is very often, specifically NIST 800-53.
With many of us working remotely, much of the normal interaction between a Managed Service Provider (or any active business – your business) and customer must still take place. Of course, telephone communications are basically unchanged (at least via a VoIP solution like 3CX which allows quick transition) and some essential activities are still going to occur in-person. But what about the other times, when a meeting or other face-to-face interaction is simply a better option? (Medical ...
Continue Reading →It’s World Password Day!
Every year I am still amazed no one is taking heed even when hearing daily reports of security breaches and concerns over personal data being stolen.
Webroot released their 2020’s Most (and Least) Cyber-Secure States report last month and among other shocking details determined that almost half (49%) of Americans admit to using the same ...
Continue Reading →
Making it harder for the bad guys
For many years, client apps have used Basic Authentication to connect to servers, services and endpoints. It is enabled by default on most servers and services and it’s super simple to set up. Basic Authentication simply means the application sends a username and password with every request (often stored or saved on the device).
Basic Authentication makes it easier for attackers—armed with today’s tools and methods—to capture ...
Continue Reading →
As COVID-19 has forced much of the country into staying in our homes as much as possible, the healthcare business has undergone some significant changes. Part of this schema change is utilization of telehealth which, at its core, is meeting patients remotely. This, of course, allows communication between healthcare provider and client while keeping exposure (and danger for coronavirus transmission) at zero.
The transition to telehealth has introduced a new set of challenges ...
Continue Reading →Lately we’ve been getting a lot of clients complaining that Zoom is too expensive and too insecure. While I trust they will continue to address any security concerns quickly, I have started asking – “Why not use Microsoft Teams?”
Really, the answer is simple – no one really knows that Teams is just as effective, is covered under the Microsoft Business Associate Agreement, and is included in almost every Office 365 and Microsoft 365 plan.
I am working on some detailed posts ...
Continue Reading →
Quickly evolving travel and social requirements in response to COVID-19 mean that, like it or not, organizations are asking traditional office-based employees to work from home.
Today’s technology allows that to happen in many cases with relative ease; however, are your employees prepared with the necessary knowledge to keep themselves and the network safe under these circumstances?
Being ...
Continue Reading →