Users never think about routers — unless they break. Small businesses often have the same attitude: If packets are flowing, the router is fine. But there are three reasons why you should examine, and perhaps update, your router: security, performance and redundancy.

A router links an internal network to the Internet. The Internet teems with hackers, thieves and other malevolent forces bent on destroying you, or maybe just stealing the passwords to your bank accounts. If you’re a history buff, think of a router as the moat separating your castle from invaders. Moat equals firewall. And the drawbridge over the moat is the set of security rules inside the router that lets only friendlies in and out of your castle.

Lower-cost routers ($50–$200) have basic firewalls, intrusion detection and other security goodies. But the software can’t be configured easily (the defaults are pretty good but may not be enough), and it can’t be updated easily. These routers do a decent job fighting the security threats they know about for six months to a year, but then their protection gets stale. That means trouble.

Advanced routers, on the other hand, include configurable security software modules that can be updated and enhanced regularly. Modules can even be added as needed. What if you want to add a spam filter to block, or at least diminish, the flood of fraud ads before your mail server has to spend CPU cycles bouncing them? No problem: drawbridge up.

Such routers offer subscription services to keep software current. Prices range from several hundred dollars to several thousand dollars, depending on the number of security options and other factors, such as performance.

Secure remote communications are important to growing companies as well. If everyone is in one location, remote access may not be an issue. But after a business expands, connecting remote offices to centralized resources, such as databases, becomes a productivity booster when done well, or a productivity killer when done poorly. Advanced routers can become the hub of a remote network and make remote users feel like one of the insiders.

Speaking of performance, no matter how fast your web access, users want it faster. Low-end routers pass through basic home and small business Internet access speeds well enough, but they don’t have the bandwidth to handle upgraded Internet bandwidth. The trick to moving more packets through the router is CPU horsepower and memory, both of which cost more in routers, just like in computers. And putting Gigabit Ethernet chips on a router won’t make the Internet access faster, but it will move packets between network segments at “line speed,” or the same speed as a local area network (LAN).

Finally, redundancy means several things in routers: Low-end routers have one Internet connection and just a few ports for internal LAN segments. Higher-end routers have multiple internal connections, so servers, for example, can be on segments by themselves for better performance. Eight internal Gigabit Ethernet plugs are better than four 100Mbps ports.

On the Internet side, multiple incoming Internet access ports mean you can connect to multiple Internet service providers. When one goes down (or starts limping because of a traffic overload), the other can take up the slack. Some routers can pool the two Net-access ports together to increase your bandwidth, or you may prefer a model that immediately fails over from one provider to another after a failure or drastic reduction in access speed. Either way, network access is no longer dependent on a single Internet access provider.

“Out of sight, out of mind” is not a good slogan for your Internet router. “Certified A-OK” means your network is reliable and secure.

The post Is It Time to Upgrade Your Router? appeared first on Ocala IT Support - Small Business IT Support Services.

Since everyone hates the term “backup,” I refer to it instead as the “pre-restore process” when speaking with my clients. And when I explain the pre-restore process, people treat it very seriously.

This sets the stage for a discussion about storing the results of your pre-restore process. Locally stored pre-restore files are great, because they restore fast. This is always the best line of defense when it comes to data safety. Recovering a file is just a matter of running the restore software, clicking the mouse a few times, and you’re back to work.

But sometimes bad things happen to hardware that could clobber your data as well. Let’s say someone steals your server. Those cretins will likely steal your backup server too. Or say a water pipe breaks and everything gets wet — including your pre-restore file repository. Weather emergencies? Everything suffers.

Replicating your pre-restore files offsite not only adds a layer of protection, it also satisfies auditing requirements and moves you into the realm of disaster recovery. There are hundreds of providers that offer cloud-based backup services — I mean, pre-restore services — but you can also do it yourself.

Since every business has at least two locations (the office and the owner’s home), disk images — what I call pre-restore file sets — can be copied from Location A to Location B, and vice versa, to protect each location’s data. Say you have two dry cleaning businesses on different sides of town. Copy files from one to the other, and you’re covered for most disasters.

For small pre-restore file sets, you may not need any extra equipment. Just write a script that copies files from one site to another, and your latest files will be safe. Most of the newer network-attached storage (NAS) appliances will do this for you with a few minutes of configuration, transferring file sets over the WAN to the NAS in the other location.

If you have large file sets, you may need to upgrade your routers on both ends (and also your Internet connections) to transfer files in a timely manner. Very large file sets? Deduplicate your file sets before transfer, and you’ll save a boatload of time and bandwidth.

What About the Cloud?

Does this do-it-yourself method protect your data adequately? It depends. In case of fire, yes. Theft, yes. Hurricane or earthquake? For that, you will need to go a bit further.

That means the cloud, and there are many options when it comes to cloud data storage. You probably need cloud storage simply because you’ll never carry that external drive offsite, no matter how many Post-It Notes you put on it.

The half-cloud model, where vendors provide hardware for on-premises backup that replicates to the cloud for a second layer of protection, is a hot trend. A few service providers offer software for your server, but more offer hardware as part of the service.

The half-cloud model may offer the best of both worlds. You have your pre-restore process file sets hosted locally, for the fastest possible restore. But the service replicates your files offsite as well, automatically, for added safety.

If you already have a local file set repository, you’re halfway to the hybrid model. Just contract with one of the hundreds of available cloud-based storage services for offsite storage.

Consumers know Carbonite and Mozy because they advertise so much. Both of those services have business-class options too, but once you get past a few dozen users, you’ll want a real business solution. There are many to choose from, and prices have dropped because storage costs have dropped. You can now protect a wealth of data for pennies on the gigabyte.

The post Don’t Underestimate the Importance of Off-site Backup appeared first on Ocala IT Support - Small Business IT Support Services.

“The cloud” buzzword dominates ­discussions these days, with talk about public clouds, private clouds, leveraging the cloud and moving applications into the cloud.

While cloud solutions offer financial and operational benefits, they also bring with them a host of security concerns that organizations must effectively address.

When evaluating the move of data, applications or infrastructure to cloud-based services, business and IT leaders must consider the following security issues.

1. Storage of Sensitive Information

One of the first issues raised by security professionals and functional managers alike when they consider cloud services is a fear that sensitive information placed in the cloud may be inadvertently disclosed to unauthorized individuals. This is a reasonable fear because some cloud services are inappropriate for sensitive information. Any plans to move this type of data offsite should be carefully thought out.

Organizations seeking a solution for sensitive information should evaluate the risk the same way they would evaluate services hosted in their own data centers.

Does the cloud service provide the same level of security control around systems that a business would have if it hosted the service itself? Does it meet a company’s standards for system configuration, ­network security, firewall management, malware management and other security issues? If not, consider taking that service off the table, at least as far as sensitive information is concerned.

Also be careful to make a distinction between public and private cloud serv­ices. Most security professionals would hesitate to place their most sensitive data assets in a public cloud environment where isolation controls may not be adequate to sufficiently segregate company data from that of other customers. Private cloud services, on the other hand, may have security controls in place that rival (or exceed) those in a business ­environment.

2. Compliance in the Cloud

After making substantial investments in IT compliance over the past decade, many businesses are hesitant to consider outsourcing services that involve the storage, processing or transmission of regulated data. That’s understandable. However, the use of carefully vetted cloud vendors can actually reduce the burden of compliance for many organizations by spreading the costs and maintenance of many expensive security controls across multiple clients.

When considering deploying a cloud service in a regulated environment, make sure the legal ducks are in a row. For example, organizations subject to the ­Payment Card Industry Data Security Standard that are considering outsourcing any aspect of payment card operations must ensure that the cloud service provider appears on Visa’s Global Registry of Service Providers.

Organizations subject to the Health Insurance Portability and Accountability Act, on the other hand, must undertake their own investigation of the service provider’s security controls. In many cases, they must enter into a formal business associate agreement with the serv­ice provider.

3. Security Monitoring

Many organizations have built robust security monitoring processes that consume, correlate and analyze security log information created by a variety of de­vices and applications. These processes often leverage centralized security incident and event management systems and rely upon specialized security devices such as intrusion detection systems, file integrity monitoring systems, firewalls and content filters. In many cases, dedicated staff watch these systems on a regular basis to identify potentially malicious activity as early as possible.

It’s essential to carefully delineate the monitoring responsibilities of the cloud provider and those of the business’s IT staff. Perhaps the cloud vendor can provide intrusion detection and prevention serv­ices while the company’s IT staff moni­tors application security using centralized monitoring tools. Put these arrangements in writing and verify them periodically to avoid misunderstandings.

4. Incident Response Duties

Security incidents are among the most stressful events facing an IT organization. Tempers flare, tension rises and everyone is under the gun to resolve the incident as quickly as possible. In such cases, the last thing a company needs is a cloud service provider that hinders its ability to gather information or take necessary actions to eliminate a security threat.

The solution here is similar to that for security monitoring: Be explicit about incident response duties in the agreement with the cloud vendor. Ensure that the vendor commits to providing timely, detailed notifications of any suspected security incidents. Finally, test incident response ­procedures on a regular basis, preferably including the vendor’s staff in the test.

5. Availability of Services

Many businesses turn to cloud technology because the cloud service provider’s scalability and redundancy offers higher availability than the organization could achieve on its own.

To hold a vendor accountable to high-availability promises, outline company expectations in a service-level agreement and include significant financial penalties for the vendor if it fails to live up to the terms of the SLA. Always perform independent availability monitoring to evaluate the vendor’s success.

6. Vendor Viability

The ultimate risk in a cloud environment is that the provider will suddenly close its doors. This is the nightmare scenario that many IT managers sweat over at night — nobody wants to be the one who chose a vendor that later goes out of business. Investigate the vendor before signing a cloud contract.

If the vendor seems shaky, consider bringing in financial experts to evaluate the vendor’s books and assess its viability. Revisit the assessment on a periodic basis to pick up on early warning signs that a vendor might be failing. At the same time, back up company data either on premises or on a platform managed by a third party. Just keep in mind that many cloud vendors use services provided by other cloud providers, so make sure that all claims of redundancy are real.

Overall, avoid making sweeping conclusions about the security of cloud serv­ices. Instead, carefully assess the risks of every cloud service under consideration and determine whether the vendor will be able to meet or exceed the security stand­ards used for in-house systems.

The post What Businesses Should Know Before Heading to the Cloud appeared first on Ocala IT Support - Small Business IT Support Services.

In many IT departments, a personal touch is often absent from the day-to-day operations of staff. In the race to keep existing systems running and new systems deployed, there is often a noticeable dearth of compassion when it comes to resolving user issues.

It’s evident in the dry, detached tone users hear when they call on their IT department for help, only to get “Did you reboot the computer?” as a reflexive response.

Yes, user error is often at the root of many user complaints, but it is no longer an option for technology professionals to fall back on this stolid persona.

Taking the time to be human, relatable, communicative and understanding can be a real differentiator, not just for your career or your department, but for your entire organization.

How can you apply these principles to your IT work?

• Get your IT house in order.If you’re always chasing down issues and putting out fires, it’s much harder to focus on users. When I first came to my position, I made sure to put excellent monitoring and reporting in place. You should know when a server is out of disk space or a process is spiking before the phone starts ringing.
• Have regular meetings with your staff.I meet with my staff individually on a weekly basis in addition to our weekly team meetings. Consistent communication with staff is crucial.
• Keep your help desk ticket count low.The change in attitude from coworkers when there are fewer tickets in the queue will be very noticeable.
• Perform root cause analysis to prevent repeat problems.This process will help resolve issues and give you the bandwidth you need to provide great customer service.

IT Work Is About More Than Fixing Technology

The CIO who is only worried about “keeping the lights on” isn’t providing full value to the company. Cutting costs, improving efficiencies and working with other business units are essential aspects of today’s IT management.

CIOs don’t have to go it alone either. The best ideas often come from the front lines, so be sure to foster a start-up mentality in your department. Encourage cross-training among workers to build skill sets. The IT generalist is making a comeback, and the soft skills needed to deal with people are part of that.

If you can see beyond the fairly mundane duties and work toward improving user satisfaction, you can make a real difference in your organization.

The post IT Workers Should Provide Service with a Big Smile appeared first on Ocala IT Support - Small Business IT Support Services.

For years, businesses have been outsourcing specific functions related to accounting, law, and human resources. Outsourcing is a popular business model because it allows a company to remain focused on its core competencies, while the experts handle theirs. And it appears once a company tries it, they can’t get enough. According to the Outsourcing Institute, more than 30 percent of the companies presently outsourcing various business functions are actively searching for additional outsourcing opportunities in other functional and more business-process oriented areas. One of these areas is information technology (IT).

IT outsourcing has grown tremendously in the past ten years, first among large companies and now small to mid-size companies are jumping on board. Some companies have a full-time IT department and use outsourcing to handle specific projects. Others outsource their entire IT functions, including day-to-day issues and large projects. Whatever the case, the chances are good that your company will call upon an IT partner to execute a project at one time or another during the life of your business.

So how do you make the right decisions in regards to IT support for your office? What are some ways you can guarantee a successful outcome? How do you oversee the outsourcing relationship? The information provided, while geared specifically toward the outsourcing of IT support, can be applied to other outsourcing relationships as well.

Anytime you are enlisting the help of experts, it is easy to make certain assumptions and mistakes, so we’ll address what these are and how to avoid them.

4 Common Mistakes Businesses Make When Outsourcing IT Support

Mistake #1: After choosing an IT support provider, you no longer need to be involved in the management of them.

As with any department you manage, your IT support provider will need oversight as well as clear and consistent communication. When you stop being involved with your IT support provider, expectations are not clearly communicated and problems are more apt to arise. Additionally, without communication, your strategic, long-term plans may not be included in preparation for future technology spending.

Communication is a two-way street. If you are not involved in setting expectations or communicating questions as they arise, communication and, ultimately, the business relationship suffers. Clear communication is even more important when you have multiple technology vendors including specialized software, email hosting, network administration etc.

Solution: Have a good flow of communication between your company and theirs and plan to stay in the loop.

Here are some practical things you can do to ensure good communication and proper management before you begin a support provider relationship.

1. Designate one point of contact from your company to be the liaison between your IT support provider and employees.
2. Request a short term and long term technology plan for your office. This will help ensure that you are on the same page from day one.
3. Have your employees get their questions and/or needs to you prior to your IT support provider’s visit. Better yet, ensure the outsourced IT provider has a system for dealing with these requests in a centralized and systematic helpdesk that can be pre-prioritized by you or your company’s contact person.
4. Expect that there will be mistakes and misunderstandings on both sides, and then be willing and ready to apply the appropriate remedies constructively.
5. Finally, request documentation from your IT support provider after every single visit and then review it. This helps you measure whether they are accomplishing what you expect of them. If documentation is not offered, ask for it. If they won’t provide it, find another company who will.

Mistake #2: Assume that there will not be anymore challenges or issues with your computers once you hire an IT support provider.

Many companies have hired IT support providers only to be disappointed that there are still things that seem to pop up on a regular basis. However, just because you have outsourced your IT support to a company with a good reputation and track record does not mean you won’t have any more challenges or issues ahead of you. It just isn’t realistic.

Computers are machines. User errors, hardware failure, software corruption and regular maintenance issues are the norm, not the exception, even for the best of networks and IT support providers. That is why large companies have whole IT departments. In fact you may even have more issues to address initially because someone is now actually paying attention to your needs and making you aware of them.

Solution: Prepare for challenges and routine issues then formulate a plan with your IT support provider to address these issues.

Get a clear understanding from your IT support provider about the issues he or she will need to address first, and find out what is required to address them. Also having a long term view of your network will alleviate many of the “disappointments” you may have with the reality of needing an ongoing network maintenance program.

Pam Butler, CEO of Aegis Computer Services in Tallahassee, Fla. contends that managers of small businesses must be ready to make fundamental changes when they are working with an IT support provider. “Don’t apply a tech Band-Aid to a flawed process,” she says. “It might solve a problem temporarily, but a more cost-effective approach may be to replace the process entirely.”

Just remember that your IT support provider is there to assist you. Don’t shoot the messenger just because they are the bearer of “bad” news, because it probably is a realistic assessment of your situation.

Mistake #3: Assume the IT support provider with the lowest price per hour is the best choice.

When choosing an IT support provider, you will have various options. As a small business, keeping costs down is important, so you may be tempted to settle for the lowest bidder. Just remember: You get what you pay for. If a company provides you a quote that is substantially lower than the others, ask why. Perhaps their employee(s) lack necessary certifications or training, they don’t have a staff or tools in place to ensure your needs are taken care of in a timely manner and that things don’t fall through the cracks. If this is the case, you may end up spending more in the short and long run by going with the lowest price per hour.

Solution: Let best practices and value determine your decision, not price.

Look for an IT support provider that uses best practices (agreed industry standards), has industry certifications that are relevant to your needs, and a support team with the infrastructure to handle a variety of issues day and night.

Remember, a lone ranger is ultimately just that, a lone ranger. He or she may cost less initially, but will this one person be available for problems you may encounter? Will he or she have the knowledge to deal with the technology issues your company faces? Will he or she have the time to help you plan strategically for the future? “Known by some in the industry as ‘trunk slammers’, since their cars are often their offices, individual consultants can be more than capable of dealing with a basic problem, but then fail to provide consistent support,” explains Janet Shaver, founder and co-owner of San Francisco-based Synergy Business Solutions. By choosing an IT support provider with several employees including a support staff, you have a better chance at your needs being taken care of in a timely fashion.

Because not all IT support providers are the same, you need to look at the whole package before making a decision on price, especially if the company with more personnel, certifications, training, accountability, infrastructure and systems is only $10 – $30 more per hour. Making the wrong decision can be a costly and time consuming distraction to running your business, one that will end with having to make another IT support provider decision.

Mistake #4: Assume technical skill or “geekiness” is all you need.

How many times have your eyes glazed over as someone explains why you are experiencing various technical problems with your network. IT support providers who lack the ability to communicate in a non-technical manner and that don’t have a long term strategic view of your company’s business goals will cost you time and money while frustrating you and your employees.

Solution: Hire a company of professional IT consultants and not just a “fix it guy.”

Believe it or not, there are IT support providers who not only understand technology, but can explain it to you in terms you understand. Be sure to find a company that will provide this balance. “At our company,” says Bradley den Dulk, Director of Marketing at Corporate Computer Services “we make it a goal that our IT Professionals are more than just technical experts. It’s important that they are experts in communication to business owners, managers and employees as well as consultants that care about the goals and success of that company.”

It is crucial that you are comfortable with your IT support provider because he or she will spend significant time with you and your employees. Additionally, this person will help you make strategic decisions for future technology investments, so you need to be able to communicate well together.

Conclusion:

Whether you are looking for an IT support provider for the first time or are looking for a new one there are some things you can do now to avoid the mistakes many small companies make. If you can begin to view your IT support provider as an extension of your own company, you will be in good stead to avoid these common mistakes.

Like many other professional services that assist companies, the bottom line in looking for an IT support provider is finding a company with the right qualifications as well as the dedication to making sure you are taken care of to your satisfaction.

The post 4 Common Mistakes Businesses Make When Outsourcing IT Support appeared first on Ocala IT Support - Small Business IT Support Services.

In 2008 I launched a lecture series on cloud computing at Beijing’s Tsinghua University. Amazon was kind enough to donate $3,000 worth of compute time to my students. On the first day of class, I told them $3,000 could buy a server in Ireland, Virginia or California for 3.5 years. They yawned. Then I told them that same $3,000 could buy 10,000 servers for 30 minutes. They stopped yawning. No one has ever been able to do that before. Of course, what would one do with that many servers? Well, people are already using thousands of servers to do tumor diagnostics, risk analysis and load testing. Perhaps one day this massive capacity will be used to deliver more down-to-earth services, delivering relevant information whether I’m a healthcare, retail or home-improvement customer.

What else lies ahead? On the application front, there are plenty yet to be built. Some may emerge from your organization, just as Sabre came out of American Airlines. As for compute and storage, there’s every reason to believe there will be cloud services specialized by location, security or performance characteristics. Today there are a handful of compute and storage offerings, but look at any hardware vendor’s catalog and you will see hundreds of different kinds of servers and storage. Why wouldn’t this be the case in the cloud? Today’s compute and storage cloud services are located in a small number of countries. But Canada, Mexico, Brazil, India and China will get in the game too. And while every cloud provider is extending its security capabilities, expect enhanced services, such as two-factor authentication, for some special ones.

Given all this change, what should a CIO do?

Get smart, get specialized.

Create an office of cloud computing. Dedicate specialists to data center, compute and storage, platform and application cloud services. Have your application cloud service specialist inventory all your enterprise apps and ask the vendor to manage them.

Get smart about services provided by both public and private companies and use these in any new deployments. And not just business applications, but also the platforms that cloud services use to manage the security, availability and performance of your portfolio. Does it make sense to run spam-filtering software when you can purchase it as a service?

For your data center cloud service specialists, have them get smart on the cost of power, both in dollars and carbon. Have your compute and storage cloud specialists get smart on the existing services and business models. Get them to explain spot pricing to you and why you should do it. If it makes sense, consider building your own cloud service. Price it at X cents per hour and sell it to others in your industry or geography. Finally, get smart about search. I know you have SQL gurus, but who is your search guru?

For those of you who lived through the shift from mainframe to client/server, use the lessons you learned then to guide your thinking now. That’s right. We’re getting ready to do it all over again.

The post Cloud Computing Is Not Just a Name for Outsourcing appeared first on Ocala IT Support - Small Business IT Support Services.

But is there more to outsourcing than the bottom line? What are the other reasons companies choose this route? What about ramifications for aspects of your business that are not so easily quantified?

In this article, we’ll discuss the 3 R’s of outsourcing: Reasons, Risks and Rewards, specifically as they relate to information technology (IT). And, as a bonus, we’ll provide some tips to help you manage successful relationships with your IT service providers (whether they are full-time staff, or outsourced).

The Reasons

According to the Outsourcing Institute’s Outsourcing Index 2000, there are many reasons why companies outsource. Here are some of the top reasons:

1. Reduce and control operating costs – When you outsource, you eliminate the costs associated with hiring an employee, such as management oversight, training, health insurance, employment taxes, retirement plans etc.
2. Improve company focus – It is neither practical, nor possible to be a jack of all trades. Outsourcing lets you focus on your core competencies while another company focuses on theirs.
3. Gain access to exceptional capabilities – Your return on investment is so much greater when you outsource information technology to a firm that specializes in the areas you need. Instead of just the knowledge of one person, you benefit from the collective experience of a team of IT professionals. Outsourced IT companies usually require their IT staff to have proper industry training and certifications as well.
4. Free internal resources for other purposes – You may have someone in your office that is pretty good with computers or accounting, but most likely these were not the jobs he or she was hired to do. If they are spending time taking care of these things, who is doing what they were hired to do? Outsourcing allows you to retain employees for their highest and best use, rather than wasting their time on things that may take them longer than someone who is trained in these specific areas.
5. Function difficult to manage or out of control – This is definitely a scenario when outsourcing to experts can make a big difference. But don’t make the mistake of thinking you can forget about the problem now that it’s being “handled.” You still need to be involved even after control is regained.
6. Maximize restructuring benefits – When you are restructuring your company to improve costs, quality, service, or speed, your non-core business functions may get pushed aside. They still need to be handled, however, and outsourcing is an optimal way to do this. Don’t sabotage your restructuring efforts by failing to keep up with non-core needs.
7. Resources are not available internally – On the flip side, maybe you don’t have anyone in your company who can manage your IT needs, and hiring a new employee is not in the budget. Outsourcing can be a feasible alternative, both for the interim and for the long-term.
8. Make capital funds available – By outsourcing non-core business functions, you can spend your capital funds on items that are directly related to your product or your customers.
9. Reduce Risk – Keeping up with technology required to run your business is expensive and time consuming. Because professional outsourced IT providers work with multiple clients and need to keep up on industry best practices, they typically know what is right and what is not. This kind of knowledge and experience dramatically reduces your risk of implementing a costly wrong decision.

The Risks

Anytime you give someone else responsibility for an aspect of your business, whether a full-time new hire or an outside vendor, there is risk involved. Did I hire the right person/company to do the job? Will they do what they are supposed to do? How will they “fit” with existing employees or departments? These are the questions that nag owners of small businesses when handing over the reigns to a new employee or vendor.

According to Yvonne Lederer Anotucci in her article “The Pros and Cons of IT Outsourcing,” business owners who consider outsourcing IT functions need to be aware of the following risks:

1. Some IT functions are not easily outsourced – IT affects an entire organization; from the simple tasks employees do everyday to the complex automated aspects. Be sure the outside vendor are qualified to take care of your greatest needs.
2. Control may be lost – Critics argue that an outside vendor will never be as effective as a full-time employee who is under the same management as other employees. Other concerns include confidentiality of data and disaster recovery. However, a supervisor that is knowledgeable in managing an IT staff member will usually be required.
3. Employee morale may be affected – This is particularly true if you will be laying off employees to replace their job functions with an outsourced firm. Other employees may wonder if their job is at risk, too.
4. You may get “locked in” – If the vendor does not document their work on your network and system, or if you’ve had to purchase their proprietary software, you may feel like you can’t go anywhere else or take back your network. Many outsourced companies require you to sign a year to year contract which limits flexibility.

Most of these risks can be avoided altogether if you know what to look for in a vendor and ask the right questions.

The Rewards

Still not sure whether to outsource or not? According to Anotucci, who provided the list of risks outlined above, there are many rewards you can expect when you outsource your company’s IT functions as well:

1. Access to the latest and greatest in technology – You may have noticed how rapidly software and hardware becomes obsolete in this industry. How is one staff person going to keep up-to-date with everything? Outsourcing gives you the benefit of having more than just one IT professional. And since it’s the core competency of the company, they can give you sound advice to put your IT dollars to work for you.
2. Cost savings – Outsourcing your IT services provides financial benefits such as leaner overhead, bulk purchasing and leasing options for hardware and software, and software licenses, as well as potential compliance with government regulations.
3. High quality of staff – Since it’s their core competency, outsourced IT vendors look to hire staff with specific qualifications and certifications. You may not know what to look for if you’re hiring someone to be on staff full-time, so you may hire the wrong person for the job.
4. Flexibility – Vendors have multiple resources available to them, while internal staff may have limited resources and capabilities.
5. Job security and burnout reduction for regular employees – Using an outsourced IT company removes the burden from your staff who has taken on more than he or she was hired for because “someone needs to do it.” You will establish a better relationship with your employees when you let them do what they do best and what they were hired to do.

Conclusion:

Now that you have seen the risks and rewards associated with outsourcing the IT function of your business, there is a lot to think about. Whether you choose to outsource or hire internally, one thing is certain, you must know how to manage successful working relationships with your IT service providers. Let’s face it, they’re not always the easiest people in the world to understand and deal with, right? Here are some tips:

• Clearly form and communicate the goals and objectives of your project or business relationship.
• Have a strategic vision and plan for your project or relationship.
• Select the right vendor or new hire through research and references.
• Insist on a contract or plan that includes all the expectations of the relationship, especially the financial aspect.
• Keep open communication with all affected individuals/groups.
• Rally support and involvement from decision makers involved.

The post IT Outsourcing: The Reasons, Risks and Rewards appeared first on Ocala IT Support - Small Business IT Support Services.

Even a seemingly healthy IT outsourcing arrangement can benefit from an annual check-up to ensure that metrics are providing meaningful insight into performance, get an updated understanding of outsourced operations and how well they’re running, and ensure that you’re getting what you’ve paid for per the contract. If things aren’t going smoothly, such a review can provide a platform for productive discussions with the outsourcer about why the relationship is faltering. And, in the worst case scenario, it can minimize the risks of transition for buyers thinking about walking away from a deal.

“Ideally, the relationship owners have a solid understanding of the contract, but this is often a lofty expectation,” says Tanowitz. “The resources who negotiated the agreement are not the same people who ‘operationalize’ it.”

Tanowitz estimates that a thorough contract review can take just four hours or less. So book a conference room, gather the outsourcing relationship managers, business partners impacted by the deal, and-if possible-those who negotiated the original deal, and go back to the beginning with the following eighteen-point review.

1. Resource Commitments

Many IT outsourcing contracts specify the number of service provider resources for each year of the engagement. In many cases the number of resources is linked to productivity or volume commitments. Buyers should ensure that the number of outsourcing employees and related volume or productivity attributes are correct for the current year.

2. Productivity Commitments

The outsourcer may be contractually required to provide specific levels of services (e.g., a certain number of help desk calls per employee). Ensure that productivity commitments are being met through decreased cost or increased transactions.

3. Pricing and Fees

Everything from service volume to resource allocation to annual adjustment provisions can increase prices. Review recent invoices-or better yet, quarterly invoice audits-to determine whether costs per unit are accurate. Go over any price escalators baked into the deal (e.g., cost of living or currency-related adjustments) and pricing algorithms or indices so you can anticipate and verify price increases.

4. Pass-Through Expenses

These fees are usually charged as they are incurred, but they may be subject to restrictions (advance approval, for example). Review these charges to determine the best approach to minimize them before they add up.

5. Continuous Improvement Plans

If your service provider is required to document proposals for increased efficiency, make sure you’ve received and reviewed them.

6. Benchmarking

It takes time and money, but if you have a benchmarking clause in your IT outsourcing contract, it’s in your best interest to use it, particularly if you have limited productivity commitments in your contract. If service or prices seem out of sync with the market, consider an external assessment.

7. SLAs and Reporting

Services and needs evolve over time. SLAs and reporting requirements should be reevaluated periodically. Consider exercising audit provisions to ensure the service provider is measuring agreed upon metrics correctly, and verify that any performance credits due have been provided. If the contract does not provide for SLA modification and improvement, revisit this issue with the outsourcer.

8. Processes and Procedures Documentation

Service providers are usually required to maintain up-to-date documentation for all processes and procedures in order to train new workers, provide specifications for requirements, and ensure standardization. Verify that documentation is up to date and accessible.

9. Audits

Company policy, regulatory agencies, standards bodies, or just good business practice may necessitate periodic compliance or operations audits. Determine when audits are contractually allowed or due and plan accordingly.

10. Technology Configuration

Technical specifications are established when you sign on the dotted line, but may change over time. That can impact performance. Some IT outsourcing contracts contain technology refresh provisions to address this. Check your contract and make certain that the vendor is operating with the appropriate hardware and software.

11. Resource Certification

In cases where certifications are required to make sure external resources are aware of contractual obligations (e.g., confidentiality agreements, security clearances for defense work, compliance training in healthcare), buyers should verify the provider’s employees have met all minimum qualifications.

12. Document and Data Storage

Most IT outsourcing contracts provide for data retention based on company policy or legal requirements, which can change over time. Be certain practices meet present-day requirements.

13. Business Continuity and Disaster Recovery

Your provider should be required keep all business continuity and disaster recovery plans current to minimize operational interruptions, but these plans can quickly become stale. Find out if the plan is current and recently tested.

14. User Access

Attrition rates in the IT outsourcing industry can be high-particularly offshore. Make sure your vendor has a robust user management process so that only authorized users have access to your systems and licensing and that licensing costs are kept in check.

15. Key Personnel

Key personnel and personnel restrictions are often specified in outsourcing agreements (e.g., certain service provider employees may not be swapped out for a minimum time period, the buyer may have a right to remove resources). Make sure this list is current and enforced.

16. Competitors

Your contract may specify a list of buyer and service provider competitors. Update this list to limit the risk of a competitor benefitting from your decisions or best practices.

17. Governance Cadence

Both executive-level and operation governance meetings ought to take place on a regular basis (e.g., quarterly) to address business and technical issues. Evaluate whether the governance schedule has been optimal. Schedule the next year’s meetings in advance and set agendas to maximize the likelihood that necessary attendees actively participate.

18. Anticipated Business Changes

Do you anticipate any big business changes in the next year? Acquisition? Divestiture? New line of business? Develop a strategy to inform and engage your partners so they are prepared.

The post IT Outsourcing: Why It Pays to Appraise Your Contract appeared first on Ocala IT Support - Small Business IT Support Services.

There’s rarely one party to blame for struggles between users and help desk staff — during help desk calls, users are under stress because they’re unable to get their jobs done, and IT employees face the difficulty of dealing with people who often aren’t knowledgeable when it comes to technology.

Things are even more difficult now when both users and help desk employees are busier, and there’s a greater need for remote IT support.

Improving the IT support process can have a big impact on how IT is perceived throughout the company — the happier users are with the help desk, the more favorably the IT department will be viewed overall.

While some problems such as rude, impatient users aren’t likely to go away any time soon, there are some steps IT managers and support staff can take to get better at dealing with those and other issues.

Here are 10 steps providing better, more efficient IT support:

1. Help users help themselves

One common complaint many IT support employees have is that they spend a lot of time helping clueless users fix obvious problems. That takes time away from more pressing issues, and adds a good deal of stress to a busy help desk environment.

One way to limit the number calls: Give every user a cheat sheet outlining simple fixes to the most common tech problems. Ask support staff what issues they run into most often, and if they’re things that users could fix themselves, add them to the list.

2. Make it easy to report problems

Sometimes, a bad relationship with the help desk may cause users to avoid reporting minor IT problems — and that means those issues can stagnate and become big issues.

That’s why departments should make it as easy as possible for users to send IT support requests to the help desk. Different groups will prefer different communication methods. Find out what users in your company prefer, whether it’s the phone, email, instant messaging, or something else.

3. Always respond quickly

Recent research shows that the younger employees entering the workplace are becoming more impatient with IT support staff and expect their requests to be answered almost immediately.

Of course, some problems will take time to fix, but often a quick response like “Thanks for bringing this to our attention, we’re working on it now” is enough to soothe an impatient user.

4. Protect your employees’ time

IT support employees are often bombarded with unnecessary requests, such as questions about home computers or personal gadgets.

Your employees may be happy to help, but if it becomes a problem on busy days, it may be up to the IT manager to step in and say no for them.

5. Work on supporting mobile users

Remote IT support is becoming more of a challenge for organizations as more employees begin working from home or other locations outside the office. In businesses with a lot of remote employees, IT should start looking into remote help desk software and other tools to help.

Also, support staff should be trained in the soft skills — especially communication — necessary for remote IT support. It may be helpful to appoint particular IT employees to handle remote support based on those skills.

6. Prioritize

Many help desks operate on a first-come-first-serve basis — however, that often allows more important requests to be delayed in favor of minor issues.

Instead, IT support staff should be able to prioritize their work according to established protocols. For example, issues that prevent users from getting work done should be placed ahead of those that don’t.

7. Don’t take any knowledge for granted

IT pros are often surprised at what users don’t know when it comes to technology. For example, Google’s Dan Russell recently reported on the shocking (to IT folks) finding that 90% of people don’t know CTRL+F can be used to search for text.

The lesson for your IT support employees: Never assume a user knows something. Don’t talk down to people, but always verify that they understand what you’re telling them. Also, never refrain from passing on a tip that may help them work more efficiently.

8. Explain what techs are doing and why

Users often complain that IT employees mess around on their computers without explaining what they’re doing. Often it’s something simple like installing an update, but if users don’t know, they might assume they’ve done something wrong when a support employee stops by to use their machine.

To avoid that confusion, IT employees should take the time to quickly explain what they need to do — and why it needs to be done.

9. Offer reassurance to users

Users can often get stressed out when they run into what they believe is a huge technical problem — and it might be even worse if they think it was their fault. Support staff should assure users their problems can be fixed, and be sure to never scold a user for doing something wrong.

Instead, IT staff can look for opportunities to pat users on the back when they’ve done something right.

10. Stick up for your employees AND listen to user complaints

An IT manager often must serve as a mediator between the IT staff and the rest of the company. When a user has a complaint about someone in your department, it’s your job to investigate and determine if there’s a legitimate gripe.

Likewise, when IT employees complain about how a user treats them, it’s up to you to take complaint to the user’s manager.

The post Overworked Help Desk? 10 Ways to Cut the Stress appeared first on Ocala IT Support - Small Business IT Support Services.

Employee negligence or maliciousness was the cause of at least one data breach at 78% of companies within the past two years, according to a recent Ponemon Institute study.

When asked about the root causes of all breaches during that time, the top answers included:

1. An employee’s loss of a mobile device (cited by 35% of IT pros)
2. Mistakes made by a third-party organizations (32%)
3. Employees’ mishandling of data (27%)
4. Malicious employees or other insiders (22%)

In contrast, just 8% listed external cyberattacks as a primary cause, according to the survey of 709 IT pros.

Users are responsible for more data breaches now, Ponemon says, because mobile technologies and social networking have given employees more chances to expose data, either accidentally or intentionally. Also, as more data is put in the hands of cloud providers and other third-party businesses partners, insiders at those organizations have more chances to expose sensitive data.

Making matters worse, even though many breaches are caused by user activities, those users fail to report incidents, making it difficult for IT to detect and deal with breaches. Just 19% of survey respondents said employees self-reported breaches. Most of the incidents (56%) were discovered accidentally.

The number of data breaches caused by users isn’t likely to get lower any time soon, as the survey shows company employees continue to engage in a number of risky behaviors, despite IT’s best efforts.

According to the IT pros surveyed, these are the most common user behaviors that put their organization’s data at risk:

1. Losing USB drives and not notifying anyone in the company (cited by 87% of IT pros)
2. Failing to change passwords regularly (76%)
3. Reusing the same password for multiple accounts (74%)
4. Carrying unnecessary sensitive information while traveling (70%)
5. Failing to shred paper documents containing sensitive information (68%)
6. Connecting to the company network with a personal device (66%)
7. Leaving a work computer unattended while outside the office (65%)
8. Sharing passwords with other employees (63%)
9. Carrying sensitive data on unencrypted, unsecured USB drives (62%)
10. Using work computers to connect to unsecured wireless networks (59%)

What can IT do to put a stop to those risky behaviors? Ponemon recommends organizations take another look at their security policies and make sure they’re updated to reflect new technology trends. For example, many businesses may need to add a rule requiring users to notify IT immediately if a mobile device or storage drive is lost or stolen.

It’s also a good idea to regularly examine user privileges to make sure no one has access to more data than they need for their jobs.

And of course, IT policies should also come with training and education to teach users why they need to follow the rules.

The post 10 Dangerous Mistakes Most Users Make appeared first on Ocala IT Support - Small Business IT Support Services.

For all the talk about sophisticated methods hackers are beginning to use, most cyberattacks succeed using basic methods that take advantage of IT mistakes and human errors made by organizations, according to a study of data breaches from 2011 recently released by Verizon.

Hackers used relatively simple methods for 97% of the 855 data breaches examined in the study, Verizon says. The most common methods of attack included:

1. Using passwords that were stolen, guessed or obtained through dictionary or brute force attacks
2. Using malware to open network back-doors or transmit sensitive data
3. Installing spyware or key-loggers on user machines to steal credentials

Also, in 80% of the incidents, hackers attacked “victims of opportunity” — meaning poorly defended sites that caught attackers’ eyes, rather than targets they specifically sought out.

That may go against the thinking of many in management that their organizations won’t be targeted because they’re too small. But the study shows that while organizations such as large financial institutions are often specifically targeted, the majority of data breaches occur because attackers happened to find vulnerabilities that were easy to exploit.

What are most companies doing that leaves their data vulnerable to hackers? Many of the organizations studied in Verizon’s breach report failed to take some basic security precautions. The most common mistakes included:

1. Protecting systems with default or easily guessable passwords – The majority (58%) of breached companies said they never changed vendor-supplied defaults for passwords and other security parameters for some of their systems. Also, other studies have shown that many user machines and IT systems are protected by simple, common passwords.
2. Giving users access to data they don’t need – Just 36% of the organizations in the study said they restrict access to data on a need-to-know basis. As more users have access to sensitive data, the chance of a data breach caused by an insider threat increases, and outside hackers have more opportunities to steal or guess passwords.
3. Failing to install and maintain firewalls – While the majority of large organizations (those with 1,000 or more employees) in the study had installed firewalls, the same can’t be said for other firms. Overall, just 29% of data breach victims used firewalls to protect data. Organizations have many devices that face the Internet, including servers and user machines, and all should be equipped with firewalls.
4. Using out-dated procedures and security software – Only 23% of the companies in the study said they regularly update their anti-virus software. Most data breach victims also failed to regularly test their security systems and processes.
5. Failing to monitor and detect suspicious network traffic – Many of the breaches in the study were carried out by hackers who used malware to open backdoors on networks or leak sensitive data from the organization’s network. Often, those breaches were able to continue because the company failed to notice data leaving the network. Verizon recommends organizations increase their monitoring and use techniques such as egress filtering to block suspicious outgoing traffic.

The post 5 Typical IT Mistakes Behind 97% of Data Breaches appeared first on Ocala IT Support - Small Business IT Support Services.

On July 11, a group of hackers gained access to a file containing the email addresses and passwords of roughly 453,00 Yahoo accounts and posted them online.

The breach affected users of Yahoo Voices, formerly known as Associated Content, a service that allows people to upload their own blog posts, videos and other content. The hackers exploited a SQL injection vulnerability to access a text file that listed the account information. The file, however, was old and only contained information from users who joined Associated Content prior to May 2010, when the service was acquired by Yahoo.

The group behind the Yahoo hack, known as “the D33Ds Company,” said it posted details about the data it stole not as a threat, but to provide a “wake-up” call to Yahoo about lax security practices, Forbes reports.

Yahoo apologized to affected users, encouraging them to change their passwords regularly, and announced it had fixed the vulnerability that led to the incident.

What IT can learn from the Yahoo hack

What led to the data breach — and what can other organizations learn from it?

Security experts have pointed out that the breach could have been prevented with a few basic security practices that the company should have been following, such as:

1. Encrypting data

The first thing that jumps out about the Yahoo hack is that the passwords were stored in a clear, unencrypted text file. IT professionals often put a lot of energy into convincing users to choose secure passwords — however, it doesn’t matter what character combinations people come up with if those passwords aren’t encrypted and hashed by the organizations that hold them.

2. Verifying third-party security

Given the age of the data compromised, it appears the breach was carried out by exploiting a vulnerability left over from a separate company, Associated Content, that was acquired by Yahoo. However, that doesn’t mean Yahoo is off the hook — businesses should always make sure they verify the security of the third-party organizations they partner with.

3. Monitoring network traffic

The group was able to copy a lot of information during the Yahoo hack, and that means large amounts of data were moving from the company’s servers to an outside network for a period of time. According to some security experts, Yahoo should have been able to monitor that traffic to detect suspicious network activity and close the door before too much data was taken.

The post Don’t Get Hacked Like Yahoo: 3 Lessons to Learn appeared first on Ocala IT Support - Small Business IT Support Services.

Overall, virtualization is a good thing, said Dave Asprey, VP of Cloud Security at Trend Micro.

But the problem is that, like driving — or dating — in high school, Asprey said, everyone’s doing virtualization now, but most aren’t doing it very well.

One key to using virtualization properly is knowing when it makes sense to virtualize servers. Here are seven situations in which Asprey said virtualization won’t benefit organizations:

1. When you already have predictability and stability

When deciding what to virtualize, Asprey recommends following the old rule, “If it ain’t broke, don’t fix it.” If something is already working well, adding virtualization to the mix will only add complexity and increase the possibility of downtime.

The exception, of course, is when you have to use an old operating system that’s no longer supported — in those cases, you’ll have to virtualize whether you want to or not.

2. When servers are already running at high capacity

Likewise, if a server is already running at high capacity, virtualizing won’t provide much benefit.

One of the biggest benefits of virtualization is that it allows companies to consolidate servers and get more out of the hardware they already have. But if a physical machine is already running at close to its full capacity, virtualizing will just add another component that draws CPU power and other resources.

3. When software licensing is tricky

As virtualization becomes more common, things are improving, but many software vendors still don’t have a virtualization model, Asprey says. That’s especially the case with highly specialized software from small vendors.

Your best bet in those situations: Hold off on virtualizing for now, and talk to the vendor and try to use your clout to negotiate a virtualization-friendly license.

4. When virtual machines just won’t work well

Some machines simply run better without virtualization, Asprey says. Those include machines with:

• High I/O apps like databases
• Disk-intensive workloads
• Graphics-intensive apps
• Hardware cards without virtualization drivers

5. When applications are highly time-sensitive

Virtual machines use their own clocks, which are different from the clocks used by the host machine. Over time, tiny differences can lead the two clocks to drift apart, Asprey warns.

For that reason, companies may want to avoid using virtualization for highly time-sensitive applications, such as financial trading systems or some industrial control systems.

6. When you have no safe way to manage encryption keys

With physical servers, IT departments can keep USB drives with encryption keys locked and then plug them directly into servers when they’re needed. But with virtual servers that doesn’t always work, because virtual machines move and it can be tough to find which USB ports correspond to which machine.

Therefore, virtualization may not make sense for machines with high security needs, unless the company has a way to manage those keys. Asprey recommends policy-based encryption key management.

7. When you can’t pay for it

When used in the right situations, virtualization should help companies save money — but only if IT has the initial budget to implement it properly and make sure everything works, Asprey says. Even with low-cost or free open source tools, companies still need to pay for expertise and staff time to virtualize.

Doing a bad job will only require the company to spend a lot of money to fix problems down the road. Best bet: Don’t start virtualizing until you can convince the CFO to fully fund the project.

The post 7 Cases Where Virtualization Does More Harm Than Good appeared first on Ocala IT Support - Small Business IT Support Services.

According to data released by the Bureau of Labor Statistics in May, there were 4,009,900 active IT jobs in the U.S. That was the highest number since November of 2008 and came after 16 straight months of increases.

And in a recent survey conducted by IT job board Dice.com, 65% of companies said they planned to do more hiring in the second half of this year than in the first half, with 47% saying increased competition for IT talent has raised starting salaries for those positions.

Now it’s up to IT managers and their companies to hang on to their best staffers as they get more opportunities to change employers.

One of the first steps to keeping potential retention problems at bay should be to look at salaries and other compensation to make sure they still compare favorably to what your competitors for talent offer.

The trouble, of course, is that many companies may not be able to afford significant salary increases for all of their current employees.

So here are some other steps IT managers should take to hang on to their best staffers:

1. Prioritize – A managers’ goal shouldn’t just be to make sure no one leaves the company — it should be to make sure the right people stay. That means prioritizing retention efforts to focus on the IT department’s best employees, people with particular skills the company needs and folks that will be most likely to get offers from other employers. That latter group includes IT workers knowledgeable in Java, web development, cloud computing and general business strategy, which studies show are the most in-demand skills for IT employees now.
2. Offer benefits besides money – In many cases, being creative with perks pays off for companies. For example, in a recent survey, 35% of IT employees said they would give up 10% of their salary for an opportunity to work from home full-time. To hang on to your best workers without the budget for raises, find out what non-monetary benefits they want.
3. Shake things up – The best IT employees are hardworking and don’t mind putting time into their jobs — as long as it’s work they’re interested in. But even the most committed employees can start to get worn out after doing the same type of work day in and day out. To avoid that, give your best employees a chance to work on different projects. That will also help increase the skill sets of your best people, which is a win for the department and the company.
4. Show them their work matters – All employees want to see that what they’re doing is making an impact — but that can be especially tough for workers in IT, which is often seen by some areas of the company as not much of a strategic partner. But recognition from the manager will boost staffers’ motivation and loyalty — and the effect could be even greater if you get managers and execs from other parts of the company to personally recognize your team’s efforts, too.
5. Help employees reduce stress – One of the biggest reasons IT workers are looking for other jobs is that a long stretch spent working through a rough economy has made them stressed out in their current jobs. There are many ways managers can help their employees reduce stress, from encouraging people to take time off to offering tips on how to better manage workloads.

Another challenge IT departments have begun facing is finding new employees. One tactic experts recommend is building up relationships with colleges and universities by offering internships and training programs, giving the company access to a new pool of potential candidates early on.

The post How to Keep Top IT Talent when Competitors Offer More appeared first on Ocala IT Support - Small Business IT Support Services.

Some areas of the IT budget — such as security — require constant increases in order to remain effective. The key is finding those areas where costs can be lowered.

Tech research organization Gartner says businesses should focus on their IT infrastructure and operations (I&O) spending, which makes up about 60% of all IT budgets worldwide.

Following these 10 steps, Gartner says, can help businesses reduce I&O costs by 10% over the next 12 months, and 25% over the next year:

1. Defer non-critical initiatives – When deciding whether to spend money on a project, IT leaders need to ask three questions: Does it support a high-priority business initiative? Will it help lower costs? Does it reduce the risk of security problems and outages?

2. Take another look at telecom costs – A big chunk of companies’ I&O spending goes to telecom service providers. It’s worth taking a regular look at how much the company is spending on those services, comparing them to current market rates, and trying to renegotiate contracts, if necessary.

3. Consolidate data centers – Many organizations are saving money by shutting down smaller sites and consolidating operations into larger data centers.

4. Virtualize – Virtualization can help businesses squeeze more life out of existing equipment. Many businesses are starting to use server virtualization, but it can also be applied to desktops, storage, networking and other areas.

5. Reduce power and cooling costs – The energy bill makes up a huge portion of IT’s operation costs. Read some advice on how to reduce power and cooling costs in data centers.

6. Control data growth – Gartner estimates that by 2016, businesses will be holding 850% more data then they are now — and it’s going to cost a lot to store all that information. IT must find ways to control the amount of data the business holds – including the use of storage virtualization, automated tiering and storage resource management (SRM) tools.

7. Use the lowest possible support tier – Many organizations have multiple tiers of IT support, with different cost points for each. To increase efficiency, businesses must make sure users are always directed to the lowest possible tier that can solve their problems.

8. Streamline process – There are several ways IT can streamline and automate day-to-day operations, thereby reducing headcount. Gartner recommends the ITIL approach.

9. Improve IT asset management – By keeping a closer eye on their assets, IT departments can find ways to cut costs, such as eliminating unneeded software licenses, deferring upgrades, and replacing unnecessary maintenance contracts.

10. Use smart outsourcing – The decision is a lot more complex than just figuring out whether to outsource all or none of IT’s I&O operations. Companies must look at their own situations and decide which areas are cheaper in-house and which should be outsourced.

The post 10 Ways to Cut Your IT Budget appeared first on Ocala IT Support - Small Business IT Support Services.

One group of benefactors will be IT security professionals, according to the latest salary guide from staffing firm Robert Half International.

While IT salaries in general are expected to rise by 3% in 2012, wages for security pros — including data security analysts, network security admins, systems security admins, IS security managers, CSOs and network security engineers — will outpace that figure with a 4.5% increase.

The reasons: an increasingly hostile threat landscape and a move into new areas with significant security concerns, such as cloud computing, Robert Half says.

Moves into new technology areas will also drive up salaries for other IT specialists — including mobile application developers, who will get the biggest pay boost at 9.1%.

The other job titles that will earn their holders the biggest raises in 2012:

1. Senior web developer — 6.9%
2. Database developer — 6.9%
3. Data warehouse analyst — 6.7%
4. Software engineer — 6.6%
5. Software developer — 6.5%
6. Business intelligence analyst — 6.3%
7. Data architect — 6.2%
8. Network architect — 6%
9. Data security analyst — 6%
10. Web designer — 6%

And as for what skills companies need the most in their IT departments, IT managers surveyed by Robert Half said they’re looking for people with education and experience in:

1. Network administration (64%)
2. Database management (51%)
3. Desktop support (46%)
4. Windows administration (42%)
5. Wireless network management (38%)
6. Web development and design (35%)
7. Telecommunications support (28%)
8. Virtualization (25%)
9. Business intelligence (22%)
10. ERP implementation (15%)

While those figures are good news for the people working those jobs, things will be more difficult for the IT managers in charge of keeping current employees from jumping ship or trying to fill vacant positions in the IT department.

In fact, just 25% of IT managers surveyed by Robert Half said finding skilled IT professionals wasn’t a challenge for them right now.

What’s the best way to attract and keep qualified IT employees? A competitive salary is important, but it’s not the number one factor. In another survey, IT professionals listed the things that give their job satisfaction the biggest boost:

1. A boss who gives them autonomy and lets them manage their own projects (70%)
2. Good salary and benefits (62%)
3. Opportunities to be trained in new technical skills (61%)
4. Flexible schedules (61%)

The post IT Pay Rising: Who’ll Get the Biggest Raise? appeared first on Ocala IT Support - Small Business IT Support Services.

It’s often said that employees don’t quit companies, they quit because of a bad manager. Of course, factors such as salary and benefits are very important in determining whether people stay or leave, but an employee’s relationships with a manager also has a huge impact.

And IT pros are no exception, according to a recent survey from IT job board Dice.com. When asked if the relationship they have with their boss was an important factor in their decision to keep their current job or move on, nearly all (88%) IT professionals said it was.

Unfortunately, even good managers make mistakes sometimes, and that leads to many employees holding negative views of their managers. In fact, more than a third of employees feel their manager is largely ineffective.

As many IT jobs are becoming available and competition for tech talent is increasing, it’s critical for IT managers to take a fresh look at how they’re doing and see what they can do to improve.

For a good place to start, here are three common management mistakes to avoid, according to DDI’s study:

1. Making it personal

Many managers fret that employees will overreact when they receive criticism. But it turns out that may prevent many managers from treating those conversations completely professionally.

Three quarters of employees say their managers fail to remain calm or provide constructive criticism when a performance issue arises. To keep those conversations professional and productive, managers should focus on results rather than personality issues, and offer specific examples of the problem.

2. Ignoring feedback from employees

Just as constructive criticism can help employees improve their performance, the same goes for managers. However, half of employees say their bosses don’t seek out feedback that could help them do their jobs better.

IT managers should seek opportunities to ask staffers how they’re doing and what changes employees would like to see. One good way is to ask those questions at the end of every employee performance review.

3. Playing favorites

Many employees also complained that their manager caters to a few marquee players and ignores everyone else. Of course, top IT employees should get some extra attention, because it’s critical to retain those people right now.

But IT managers must also look for ways to help their other staff members improve their performance. A manager’s job is to help all their employees reach the next level — that includes getting the most out of the stars, and helping others become top performers.

The post 3 Mistakes that Make IT Managers Look Bad appeared first on Ocala IT Support - Small Business IT Support Services.

The option to telecommute.

While many IT departments have been asked to support remote workers in other areas of the business, IT pros often find themselves without the option to work off-site themselves. There are several reasons for that, including the fact that for many IT tasks, it’s necessary to be physically present in the office.

But allowing telecommuting for some jobs some of the time, or instituting a rotating system in which IT staffers take turns working in telecommuting-friendly roles, can be a valuable benefit that helps retain current employees and attract new talent.

In fact, the ability to work remotely is the job perk IT pros want the most, according to a recent survey from recruiting firm ProTech. Among the 1,083 IT pros surveyed, 28% listed flextime and the opportunity to telecommute as the best benefit they’ve been offered by a current or previous employer. That was the top answer by a wide margin, beating out other options such as annual and signing bonuses (17%), additional vacation time (8%), equity (8%), travel opportunities (7%), and tuition reimbursement (7%).

Help IT staff telecommute

With more companies looking to hire IT pros, it’s important to offer benefits tech employees want to avoid losing current staffers or prospective hires to the competition. Here are some keys to keep in mind when offering telecommuting options in the IT department:

• Rotate jobs when possible – Some tasks require the employee to be in the office, but try to rotate duties so that all eligible employees have the same opportunities to work remotely.
• Revoke the benefit when necessary – Not everyone is cut out to work away from supervision, and managers shouldn’t be afraid to keep those people in the office.
• Don’t punish telecommuters – The point of flexible work arrangements is to reward employees who’ve earned it, not to punish people for working at home. But often, people who telecommute don’t get the same rewards as others – for example, one recent survey found that telecommuters are less likely to get positive performance reviews and promotions.

The post The Number 1 Benefit IT Pros Want appeared first on Ocala IT Support - Small Business IT Support Services.

IT salaries are expected to increase 5.3% on average in 2013, according to new research by staffing firm Robert Half International.

In fact, starting IT salaries will grow more than any other field next year, says Robert Half.

Which positions will see the biggest bump? Mobile applications developers (9.0%), wireless network engineers (7.9%) and web developers (7.3%) to name a few.

Fierce competition for skilled IT people with expertise in emerging technologies like mobile, big data, cloud computing and virtualization is helping drive salaries skyward.

But that doesn’t mean the guys and gals in the trenches won’t see higher starting salaries as well; Robert Half says IT pros working in technical services/help desk/technical support will get offers that are 4.52% higher on average than their current salaries.

Salary may be the deciding factor for candidates

According to Robert Half, the results of its research underscore the need for hiring managers to stay on top of IT salaries in their geographical area. Without this information, says the company, hiring skilled IT workers will be difficult for a number of reasons:

• The pool of qualified candidates is shrinking at the same time demand is climbing.
• You’re not just competing for talent within your own industry, but against businesses of all types across all industries.
• It’s likely candidates will receive multiple job offers, which means they can be picky when deciding which one to accept.

To avoid a staffing crisis, Robert Half recommends businesses:

• Avoid overburdening existing employees with more work than they can handle, which may lead to increased turnover (especially when tech jobs are plentiful.)
• Consider hiring consultants or temps to get by in the interim.
• Put together the best package possible: competitive pay, great benefits and professional development opportunities, such as mentoring programs and e-learning courses, for example.

The post IT Salaries Pushing Skyward appeared first on Ocala IT Support - Small Business IT Support Services.

In a survey, CIOs were asked about the effect of mobile electronic gadgets — cell phones, smartphones, handheld devices and laptops – on workplace etiquette in the past three years. They said etiquette breaches have:

• Increased significantly 22%
• Increased somewhat 29%
• Remained the same 42%
• Decreased somewhat 4%
• Decreased significantly 2%
• Don’t know/no answer 1%

The folks at Robert Half identified five major types of offenders:

1. The Misguided Multitasker — This person thinks that e-mailing or texting during a meeting or conversation demonstrates efficiency. But usually, it just annoys people. Suggestion: Ask this person to use their handheld device only in an urgent situation and step out of the room to reply.
2. The E-mail Addict — This individual thinks checking e-mail constantly will save time. It usually doesn’t. Suggestion: Get the e-mail addict’s manager to offer a reminder that a phone call or in-person chat can resolve issues more quickly.
3. The Broadcaster — This person uses a cell phone anytime, anywhere – open office halls, the public restroom – to discuss anything. Suggestion: Advise employees to keep private conversations in private places.
4. The Cyborg — Keeping a wireless earpiece or headphones constantly plugged in signals to others that your attention is not available. Suggestion: Advise discretion and consideration.
5. The Distractor — This person sets a cellphone to vibrate, but its buzzing is just as distracting. Suggestion: Ask workers to set phones to silent or keep them in a pocket when in the office.

The post How to Control Rude Tech Users appeared first on Ocala IT Support - Small Business IT Support Services.

Here are some of the worst password mistakes users make, to give you a better understanding of smart security passwords:

• Keeping it simple – A recent analysis of stolen passwords revealed that too many users come up with passwords with fewer than six characters, only use lower-case letters, or choose a name, dictionary word or consecutive numbers (like ’12345?).
• Using the same password over and over again – For many users, if one of their passwords is stolen, not only is all of their personal data at risk, but so is any company protected by the same password.
• Not using the full keyboard – Using numbers as well as letters can make a password a lot stronger. But few users take the next step and incorporate special characters such as !@#$%.
• Writing the password down – As we wrote about recently, an alleged Russian spy recently learned that a strong password does no good when it’s written down and attached to the user’s computer.
• Staying logged in – Users may have strong passwords committed to memory and not written down anywhere — but then give prying eyes easy access to sensitive data by staying logged in to databases and applications when they get up from their desks. As companies that have been hit by inside hackers know, you can’t always trust everyone you work with.

Companies often try to use password policies to keep those mistakes from hampering security. But policies must be done right in order to have an effect. Here are some common password policy mistakes IT departments make:

• Going overboard – Requiring users to have a new and extremely complex password every 30 days may only encourage folks to ignore the rules or keep passwords written down.
• Getting lax – Some companies require strong passwords for users for their initial log-ins, but then get lax on other levels of security. That gives potential hackers only one tough password to crack, rather than several.
• Not staying updated – Password policies don’t always get looked at and revised very often. So even companies with good password policies might not be including all necessary systems.

Best bet: Instead of forcing users to follow strict password rules, some experts recommend training folks and offering tips on creating strong passwords that are easy to remember. Also, the use of a secure password manager can help users who need to keep a lot of different passwords.

How does your company keep passwords manageable while also making sure all sensitive data is sufficiently protected?

The post Passwords Easier to Steal Than Ever: 8 Mistakes to Avoid appeared first on Ocala IT Support - Small Business IT Support Services.

These are 10 of the most common causes of slow machines, according to the folks at TechRepublic:

1. Malware and spyware – Machines should be scanned regularly, but after a user complaint is a good time to look for malicious programs.
2. Registry errors – There are many tools that can check for registry problems that slow down PCs. Note: Make sure the system is backed up before cleaning the registry.
3. Disk clutter – In addition to deleting temporary files, emptying the recycling bin and defragmenting the disk, ask users if they have any unused programs still installed, or big files like videos and images they no longer need.
4. Unnecessary services – Many Windows services are enabled by default — but they don’t all need to be on for the machine to work properly. Research what each one does, and decide if it needs to be on. Note: Some services (the ones that are considered essential) are not able to be turned off.
5. Wrong BIOS settings – Different motherboards have different settings for the optimal machine configuration — and those aren’t necessarily the same as the factory default BIOS settings. Search online to find the best configurations for specific motherboards.
6. Background applications – Some users don’t understand that programs can still be running even if they aren’t visible. Plus, there may be unnecessary applications opening at start-up. Checking for unused running programs is a good place to start when a user says a machine is slow.
7. Wrong drive type – Users may be storing applications or often-used files on slow external drives, which can cause performance problems.
8. Bad cooling – An overheated processor can cause a machine to run slowly or erratically, or periodically shut itself down. Listen to the computer’s fan to see if it’s running smoothly. If it isn’t, clean it with compressed air or replace it with a new one. Also, check the processor’s clock rate, and train laptop users on how to carry and store their machines to prevent overheating.
9. Failing hard drives – Bad disks can create problems such as slow read and write processes, or intermittent boot failures. Run scandisk or chkdsk and keep an eye out for bad sectors where good sectors used to exist — that can be a sign the disk will fail soon. Back up the disk and get ready to replace it.
10. Bad RAM – Adding RAM is a common way to speed up a slow computer. Sometimes, though, a machine has enough memory, but the RAM chips are damaged, get too hot or are the wrong speed for the computer’s motherboard.

The post Slow Computer? 10 Problems to Look for First appeared first on Ocala IT Support - Small Business IT Support Services.

Here are some tips to pass along to users that will prevent some headaches for them and IT:

1. Reboot before calling for help – By now, most users have probably heard this fundamental law of PC troubleshooting. But enough aren’t aware, or often let it slip their mind, that it’s worth reminding people to restart their machines before they call IT.
2. Craft secure, yet memorable passwords – A common task tech staffers waste a lot of time on: resetting passwords for users who’ve forgotten them. Password creation requires a fine balance — you don’t want users protecting sensitive information with something as easy to crack as “12345,” but tech staffers also don’t want to be bother constantly with password reset requests. One tip for users: Think of a phrase that means something to you, and replace certain letters with similar looking numbers or symbols (for example, @ for a, 3 for E, etc.).
3. Keep your work backed up – IT also spends a lot time recovering work that’s been lost, often due to preventable issues. Teach users to save their work often, show them what server folders are regularly backed up, and offer other tips on how to prevent lost work and other data.
4. Don’t install unauthorized programs – Some users with company-owned laptops see no problem with installing software while they’re home, as long as they removed before they get back to the office. However, that practice greatly increases the odds of installing viruses or spyware, or cause conflicts that hurt a machine’s performance.
5. Don’t keep your disk too full — Some people never throw anything away. That includes stuff on their computers — many users will never delete anything until they get a message that their machine is out of space.
6. Report problems the right way – Users often have their own idea of how to best get help from the IT department, whether it’s by going directly to the staffer they know the best or some other method. However, it’s important to stress that following your normal reporting procedures will help you resolve their problems sooner. Also, tell users what information they should include when they report their problems.
7. Policies are there for a reason – It’s not enough to just educate users about what your policies are. It also helps to explain the reasons the rules are in place. Not knowing the point is once reasons a lot of users ignore IT policies. One point it helps to make: Following the rules makes your computer less likely to malfunction.

Many IT managers find they save their departments a lot of time by compiling quick reference guides, so all users have something to look through before they ask for technical help.

The post 7 Very Important Things Your Users Need to Know appeared first on Ocala IT Support - Small Business IT Support Services.

That’s the message in a recent report commissioned by remote support application vendor Bomgar. In the survey of 400 office workers age 20 – 29, 61% said when they have a technology problem, they try to fix it themselves before turning to their company’s IT department.

Even if they don’t know of a solution themselves, those users said they typically check online for information or ask a friend or colleague for help.

Why is that? One reason may be their impatience — 60% of respondents said that when they do contact IT, they think a reasonable response time is 10 minutes or less. As anyone who works in IT knows, that’s often not possible, and apparently, younger users feel comfortable enough with technology that they’d rather take a crack at an issue themselves rather than wait longer.

Of course, allowing users to attempt fixes on their own can be problematic — for example, a solution found through Google may cause even bigger issues than it solves.

However, experts point out that users’ willingness to provide some of their own support can benefit IT to an extent. If a user has some tech skills, a help desk staffer could get the job done quicker with the user’s assistance.

Here are some ways IT departments can get the most out of younger workers’ approach to tech support:

1. Help them help themselves – IT departments can take advantage of users’ desire for self-sufficiency and take some burden off the help desk by handing out self-help documents that walk people through IT-approved solutions to common problems. Also, after a problem is fixed, support staff can explain to the user what to do next time something similar happens.
2. Have a policy – While in the past, it may have been unlikely for users to attempt complex tech fixes on their own, it may now be helpful to have written policies in place or send email reminders asking people to first contact the help desk about their issues.
3. Communicate their way – Younger users aren’t just impatient while waiting for tech problems to be solved — in line with the speed of communication in other areas today, they also want their requests to be responded to as soon as possible. Also, the phone is becoming an obsolete method of communication — email or instant messaging may be the preferred way for younger users to contact IT.

The post What to Do About Young IT Haters’ appeared first on Ocala IT Support - Small Business IT Support Services.

Identity protection/fraud detection company CSID surveyed 1,200 Internet users with the help of data collection firm Research Now. The results of the survey uncovered a disconnect between what consumers think and feel about online security versus what they actually do when creating accounts online.

For instance, 73% said they think about strength and security when coming up with new passwords and 89% said they feel secure with their current password creation and management habits, yet:

• 61% said they reuse the same passwords across multiple sites
• 54% said they have five passwords or fewer
• 44% said they change their passwords once a year or less

If these results are any indication, it’s time for IT to drive home the point that if users want to be truly safe and secure while using the Internet, they’ve got to do more than create one or two strong passwords for all their accounts. Not only that, users must be made aware of how poor password management puts themselves and their company at risk.

Strategies for better passwords

As an IT manager, you’re well aware of the various ways to enforce password security on your network, but CSID suggests some points you’ll want to bring up with users on a regular basis:

• Whenever possible, use strong passwords that contain more than 10 characters and include a mix of upper- and lowercase letters, symbols and numbers.
• Create a unique password for each of your online accounts and vary the email addresses you tie to these accounts.
• Do not store usernames and passwords in an unsecured (unencrypted) file on your computer or the network (or online).
• Do not share your password with anyone, not even friends and family. (Remind them that even if a person is trustworthy, there’s always a chance their computer is infected with malware that steals passwords, such as a keylogger, for example.)

Another suggestion: password management software. You could encourage users to find one they like or you could evaluate some on your own and choose one for everyone in the company to use.

The post 4 Ways to Improve Poor Passwords appeared first on Ocala IT Support - Small Business IT Support Services.

The most common threats to your systems:

• Malicious programs like viruses, worms, Trojan horses, spyware, malware, adware and botnets
• Zero-day and zero-hour attacks
• Hacker attacks
• Denial of Service (DoS) and Distributed Denial of Service Attacks (DDoS)
• Data theft

These threats look to exploit:

• Unsecured wireless networks
• Unpatched software and hardware
• Unsecured websites
• Potentially unwanted applications (PUAs)
• Weak passwords
• Lost devices
• Unwitting users or users with malicious intent

Top 5 fundamentals of network security

These network security fundamentals are vital to downtime prevention, government regulation compliance, reduced liability and reputation protection:

1. Keep patches and updates current

Cyber criminals exploit vulnerabilities in operating systems, software applications, web browsers and browser plug-ins when administrators are lax about applying patches and updates.

In particular, verify that office computers are running current versions of these much used programs:

1. Adobe Acrobat and Reader
2. Adobe Flash
3. Oracle Java
4. Microsoft Internet Explorer
5. Microsoft Office Suite

Keep an inventory to make sure each device is updated regularly, including mobile devices and network hardware. And make sure Windows and Apple computers have automatic updating enabled.

2. Use strong passwords

By now, most users know not to write their passwords on Post-It Notes that are plastered to their monitors. But there’s more to keeping passwords secure than keeping them out of plain sight.

The definition of a strong password is one that’s difficult to detect by humans and computers, is at least 6 characters, preferably more, and uses a combination of upper- and lower-case letters, numbers and symbols.

Symantec gives additional suggestions:

• Don’t use any words from the dictionary. Also avoid proper nouns or foreign words.
• Don’t use anything remotely related to your name, nickname, family members or pets.
• Don’t use any numbers someone could guess by looking at your mail like phone numbers and street numbers.
• Choose a phrase that means something to you, take the first letters of each word and convert some into characters.

The SANS Institute recommends passwords be changed at least every 90 days, and that users not be allowed to reuse their last 15 passwords. They also suggest that users be locked out of their accounts for an hour and a half after eight failed log-on attempts within a 45-minute period.

Train users to recognize social engineering techniques used to trick them into divulging their passwords. Hackers are known to impersonate tech support to get people to give out their passwords or simply look over users’ shoulders while they type in their passwords.

3. Secure your VPN

Data encryption and identity authentication are especially important to securing a VPN. Any open network connection is a vulnerability hackers can exploit to sneak onto your network. Moreover, data is particularly vulnerable while it is traveling over the Internet. Review the documentation for your server and VPN software to make sure that the strongest possible protocols for encryption and authentication are in use.

Multi-factor authentication is the most secure identity authentication method. The more steps your users must take to prove their identity, the better. For example, in addition to a password, users could be required to enter a PIN. Or, a random numerical code generated by a key-fob authenticator every 60 seconds could be used in conjunction with a PIN or password.

It is also a good idea to use a firewall to separate the VPN network from the rest of the network. Other tips include:

• Use cloud-based email and file sharing instead of a VPN.
• Create and enforce user-access policies. Be stingy when granting access to employees, contractors and business partners.
• Make sure employees know how to secure their home wireless networks. Malicious software that infects their devices at home can infect the company network via an open VPN connection.
• Before granting mobile devices full access to the network, check them for up-to-date anti-virus software, firewalls and spam filters.

4. Actively manage user access privileges

Inappropriate user-access privileges pose a significant security threat. Managing employee access to critical data on an ongoing basis should not be overlooked. More than half of 5,500 companies recently surveyed by HP and the Ponemon Institute said that their employees had access to “sensitive, confidential data outside the scope of their job requirements.” In reporting on the study’s findings, eWeek.com said “general business data such as documents, spreadsheets, emails and other sources of unstructured data were most at risk for snooping, followed by customer data.” When an employee’s job changes, make sure the IT department is notified so their access privileges can be modified to fit the duties of the new position.

5. Clean up inactive accounts

Hackers use inactive accounts once assigned to contractors and former employees to gain access and disguise their activity. The HP/Ponemon Institute report did find that the companies in the survey were doing a good job deleting accounts once an employee quit or was laid off. Software is available for cleaning up inactive accounts on large networks with many users.

The post Top 5 Network Security Fundamentals appeared first on Ocala IT Support - Small Business IT Support Services.

1. Turn letters into numbers or other characters

One common strategy is for users to pick a word or phrase that means something to them, but then tweak it so it’s almost unrecognizable. That can be done by using phonetic spellings and replacing some letters with vaguely similar-looking numbers or punctuation marks — such as replacing “a” with “4?, “l” with “!”, and “c” with “<”.

So, for example, a user whose favorite cereal growing up was Applejacks, could use “aPP!3j4x” as a password.

2. Diceware

One strategy comes from a site called Diceware that offers users a way to come up with randomized, complex passwords that are still relatively easy to memorize. How it works:

The user rolls a common six-sided die five times to come up with a five-digit number. That number is matched to Diceware’s word list, which pairs every possible number string with a word. The process is repeated a few times until the user has a random string of words to use as a passphrase.

The site also recommends users replace one or more letters in the phrase with a number or special character.

3. Use an adaptable base password

One common password mistake is for users to use the same password every time they need one. One way they can avoid doing that — without making all their different passwords impossible to memorize — is to come up with a base password that can be added to depending on what the password is for.

One common password mistake is for users to use the same password every time they need one. One way they can avoid doing that — without making all their different passwords impossible to memorize — is to come up with a base password that can be added to depending on what the password is for.

The post 3 Easy Tips for Secure and Memorable Passwords appeared first on Ocala IT Support - Small Business IT Support Services.

1. Downloading privacy-invading apps

The good news: A slight majority (57%) of people have avoided downloading a mobile app or deleted an app they’d installed because it collected too much personal information. Of course, that still leaves 43% of smartphone users that allow their apps to collect personal information and store it on a company’s servers.

2. Losing phones

In addition to data being leaked, there’s also a significant risk of a smartphone itself falling into the wrong hands, as 35% of U.S. adults have had a mobile device lost or stolen, according to Symantec’s recent Cybercrime Report. But despite those risks, two-thirds of people don’t use mobile security applications that could help them protect data when someone else has the device.

3. Failing to back up data

In addition, despite the chances of a phone being lost or stolen, just 18% of smartphone users in Pew’s survey frequently back up the data and contact information on their phones. Another 41% perform backups every now and then, while 39% never back up the data on their smartphones.

4. Letting others use the phone

Aside from losing a phone or having it stolen, people may also run into mobile security problems when they knowingly let someone else use the device. In fact, 12% of people have had another person access their smartphone in a way that made them feel their privacy was invaded.

5. Connecting to unsecure Wi-Fi networks

In order to save money on their data plans, many smartphone users will connect their devices to Wi-Fi networks whenever they can — and often that means connecting to unsecure free networks in public places. In fact, two-thirds of the respondents in Symantec’s survey say they use public Wi-Fi networks — even though 53% of those people are concerned about the security of those connections.

Promote and enforce mobile security

Whether the company issues smartphones to users or has a BYOD program, IT must help people avoid making those mobile security mistakes while using devices that contain sensitive corporate data. There are two basic ways IT should do that, which can be used in combination:

The first is by using mobile device management (MDM) software to enforce security policies and practices. For example, MDM tools can be used to set configurations, remotely wipe a lost or stolen device, and push software updates. When users bring their own devices, IT can require the MDM application to be installed before the device connects to the network.

The second approach: training users on mobile security. With more than half of users making app decisions based on information privacy, Pew’s survey shows that users do care about mobile security, at least when it comes to their own personal information.

IT can use that to its advantage and include tips about keeping personal data safe when using smartphones. Explaining the threats they face and what they can do about it will help keep mobile security at the top of users’ minds.

The post Top 5 Mobile Security Mistakes appeared first on Ocala IT Support - Small Business IT Support Services.

Could you imagine a world without the Internet? It might be a big leap, but use your imagination to erase it from history for a moment. How would that change the way you do business? Would your organization even be around if the Internet didn’t exist?

Despite the considerable changes that the Internet has brought to business, many companies still insist on gambling with their web security. There are many perils lurking out there in the form of hackers, malware and viruses and these can have a hugely detrimental effect on your business. In today’s business world, web security has become just as important as the web itself.

So how can you enjoy the benefits the Internet brings, without falling prey to the pitfalls?

Get proactive about web security

Every single time an employee downloads a file to your network they put your system at risk. The file might be infected by malware or a virus, which may then require system downtime in order to clean out the infection. That is a very costly exercise.

Good web security software can control what types of files your users may download, and then scans them with multiple antivirus engines. This ensures you always have excellent protection against possible infection.

Block phishing attacks

Sometimes your users are tricked into infecting your network, or lured into disclosing confidential information, such as passwords or banking data. Social engineering has become a major attack vector for those that want to get their hands on your data. This method is often effective because it camouflages itself under a layer of legitimacy.

In addition to training users to avoid social networking attacks, one defense against this is to use a web security solution that can monitor HTTPS traffic to catch malware and websites that are masquerading as trusted sources. In addition, a good solution should also provide you with access to a database of known malicious sites, automatically blocking access to them.

Keep productivity up

Employee Internet access privileges are just that: a privilege. However, some forget this and waste time on personal browsing and chat. While you may want to allow some personal browsing, bear in mind that some websites, such as streaming media sites like YouTube, can be bandwidth hogs. If employees are continually accessing sites like these, the performance of your network can be severely degraded and productivity will suffer across your organization.

Some web security tools let IT monitor bandwidth usage and set user thresholds to enforce a fair use policy. Specific sites, or even categories of websites, can be blocked. A good web security solution also provides granular Internet access control, allowing you to control web privileges by employee.

In addition, the best Web security solutions can also rate websites based on their reputation, predicting the security risk involved in accessing such a site. If the site exceeds a threshold, access is denied. This database should be continually updated by the software provider to take into account websites that may have been temporarily infected, so they do not remain permanently blocked.

You may find it hard to imagine operating without the Internet, but given the potential dangers that exist and the possible losses your company may incur, you should also find it impossible to imagine operating without effective Web security. Anything less than that is just gambling.

The post Are You Gambling On Your Web Security? appeared first on Ocala IT Support - Small Business IT Support Services.

Implementing these four techniques will help the team plan, organize, communicate and track your work week.

Monday and Thursday Meetings

Keep these meetings short and focused – no more than 30 minutes. Use the Monday morning meeting to discuss which projects need to be completed and who will do it. Keep a written record of this. Use the Thursday meeting to discuss what needs to be completed before the end of day Friday. Make any schedule changes necessary to make this happen.

Record in a Communal Place

Keep the project schedule somewhere the team can easily reference it. A whiteboard or shared document are two of the best choices. Make the schedule as aesthetic as possible. Color code projects or days of the week. This makes the record both easier on the eyes and easier to reference.

Additionally, use it has a reference for when the team is feeling overworked or stressed. Note what the team has accomplished.

Schedule Time for Emergencies

Plan some projects into the schedule that aren’t time-sensitive. Use these projects as a “cushion” for emergencies that pop up during the middle of the week. When an emergency comes up, take a non-time sensitive activity off the table and replace it with the emergency. This will keep you from having to stop everything to call an emergency meeting. If an emergency doesn’t come up, just spend that time focusing on the originally planned activity.

Future Projects List

Keep a one-page clipboard or legal pad of future projects. This serves two purposes. First, it will help you judge the importance of a project compared to the next few weeks instead of just the immediate week. For example, a project may appear unimportant enough to be pushed back a week, but if you have two or three big project deadlines the next week it might become important to finish the “unimportant” project this week.

Second, it will keep you from forgetting any projects when planning during your Monday and Thursday meetings. If you don’t keep this list, you may need to call an impromptu Wednesday meeting to make time for a project that you forget to put in the schedule.

The post 4 Tips to Organize and Focus Your IT Team appeared first on Ocala IT Support - Small Business IT Support Services.

Passwords have become a ubiquitous part of modern life. According to a study of Web users by Microsoft Research in 2007, the average user manages 6.5 passwords across 25 separate accounts and types an average of 8 passwords per day.

With all those passwords rolling around in our heads, it’s not surprising that problems arise. Here are four reasons why passwords don’t work.

They’re hard to remember.

It’s easy to see why a password like “I6apf!Ttg,I97t.%” is better than “123456?. Good passwords are complex. So naturally they’re hard to remember. Unfortunately, this simple truth is the root of why even good passwords sometimes fail.

They get reused.

It seems like every service these days requires a password. Not surprisingly, users tend to reuse passwords to simplify the process. But when you start using the same password for sensitive accounts like online banking, your setting yourself up for trouble.

They’re easily set to “autofill.”

Every major internet browser and many websites offer some sort of “autofill” feature for passwords. While this may make the user’s experience more enjoyable, it can make their computer vulnerable to attack.

They get written down.

With all these passwords to remember, finding a secure way to store them can be a real challenge, so many users simply write them down. But, by writing them down, you’re risking having them turn up in the wrong person’s hands.

So, if you can’t write them down, reuse them, or click “autofill,” what are you to do? How can you store your most sensitive passwords without leaving them vulnerable to attack?

The best way that we know of to create a secure password without having to write it down is easier than you might think. All you have to do is use it in a sentence. Confused? Check out our blog post on creating a secure password (that you can remember!).

The post 4 Reasons Why Passwords Don’t Work appeared first on Ocala IT Support - Small Business IT Support Services.

Passwords have become an unavoidable part of life. We use them at work, at home, to check our email, to sign on to social networks, to check our bank statements. Passwords are ubiquitous in modern life.

How are we supposed to keep track of all these combinations?

Luckily, there are methods for creating secure passwords that are easy to remember, and today we’d like to share one of those methods with you.

The “Make Up a Sentence” Method

We’ll call this method the “Make Up a Sentence” method. This is one of the best methods we have found for creating secure passwords that are easy to remember. All you’ll need to do is make up a sentence that you can easily remember.

Some examples:

• I eat two things: cheeseburgers and fries.
• My dog’s name is scooter.
• Stay off of my computer, John!

Now take the first letter of every word in the sentence as well as the punctuation to create your new password. Don’t forget to capitalize the appropriate letters. You can also change numbers into digits for variety.

Using the examples from above, we get:

• Md’nis.
• Soomc,j!
• Ie2t:caf.

As you can see from these examples, this method can generate some pretty secure passwords, as long as you don’t choose a sentence that’s too obvious. Please don’t use any of the above sentences to create your password!

The post A Handy Method for Creating a Secure Password (that you can remember!) appeared first on Ocala IT Support - Small Business IT Support Services.

In fact, 20% of IT pros admit to accessing data they know they shouldn’t see, according to a recent survey. That includes confidential information about the company’s executives and the CEO’s private documents.

In most cases, that snooping was likely done more out of curiosity than malicious intent, but it still means highly confidential information is being seen by people without authorization, which increases the chances it will fall into the wrong hands.

And it’s possible that a curious IT staffer could turn into a serious insider threat in certain circumstances – for example, 11% of the survey respondents said if they were laid off tomorrow, they would be able to bring sensitive data out the door with them. And nearly a third said management wouldn’t know how to stop them.

IT has biggest insider threat risk

One big factor behind the risk of an insider threat in the IT department: Many companies aren’t doing enough to restrict tech employees’ access to sensitive info. IT employees often have the highest level of access to sensitive data – among the 450 IT pros surveyed, 68% said they could access more sensitive data than their company’s HR manager, finance employees and even executive team.

One big factor behind the risk of an insider threat in the IT department: Many companies aren’t doing enough to restrict tech employees’ access to sensitive info. IT employees often have the highest level of access to sensitive data – among the 450 IT pros surveyed, 68% said they could access more sensitive data than their company’s HR manager, finance employees and even executive team.

What can IT managers do to reduce the risk of an insider threat in their department? Lieberman Software offers some advice:

• Keep an updated list of all the privileged accounts that exist on the company’s network so you can easily audit who has access to what
• Enforce a policy of providing the least amount of access that employees need to get their jobs done — that includes staying up-to-date and removing access rights as roles change
• Monitor the use of log-in accounts to look for any suspicious use of access privileges

The post 20% of IT Pros Snoop on the CEO’s Private Data appeared first on Ocala IT Support - Small Business IT Support Services.

A common point of contention between IT and the rest of the business is that IT speaks in terms and lingo that non-techies don’t understand. And that’s especially a problem with new technology trends such as cloud computing.

While it may be hard for IT pros to believe, many people who work outside of IT have very little idea of what cloud computing actually is. In fact, the largest group of non-IT folks believe that “the Cloud” refers to something weather-related, and many use cloud computing regularly without realizing it, according to a recent survey from Wakefield Research and Citrix.

When asked what “the Cloud” is, just 16% of 1,000 U.S. adults surveyed gave an IT-approved definition of cloud computing as a method of storing and remotely accessing data, applications and other IT services. The largest number (29%) said “the Cloud” referred to an actual cloud or something to do with the weather. In addition, 51% believe that stormy weather affects cloud computing.

Educate execs and users on cloud computing

The Cloud is becoming more important to businesses, and CFOs and other top decision makers are starting to recognize the benefits of cloud computing. However, before embarking on a cloud computing initiative, IT must make sure everyone involved understands exactly what the Cloud is.

That may be difficult to ensure, as 22% of respondents admitted that they’ve pretended to know what cloud computing is — often while at work or in a job interview (and oddly enough, during dates). In addition, 56% believe they’ve heard people discuss the Cloud without knowing what they’re actually talking about.

The good news: Many people already know more about the Cloud than they think they do. In fact, 95% of respondents regularly make use of cloud computing, through online banking, online shopping, file storage and other services (even though though more than half think they never use the Cloud). Also, 59% believe the Cloud represents the “workplace of the future,” and 68% recognize the financial benefits of cloud computing.

The post What is Cloud Computing? Average Person has No Idea appeared first on Ocala IT Support - Small Business IT Support Services.

The popularity of cloud computing is rising, according to recent research from industry association CompTIA. The number of organizations using cloud services has gone up for the third straight year, and among the 500 IT and business leaders surveyed, 85% said they feel more positive about the Cloud than they did a year ago.

The rise in cloud computing is changing the way IT departments operate, CompTIA says. Instead of hiring IT staff to manage in-house systems, many tech positions are becoming cloud jobs, which require IT pros that know how to manage services in the Cloud.

Overall, how is the move toward cloud computing affecting IT staffing levels? While some industry observers have been warning that greater use of cloud services means companies will need fewer IT employees, that hasn’t been the case at most organizations — just 23% of businesses have reduced IT headcount following a transition to the Cloud, according to CompTIA’s survey.

The Cloud has forced some changes to IT departments, as 32% of respondents said their organizations restructured their IT staff in response to cloud deployments. Among those, 46% created brand new roles related to cloud computing. Often, that actually led to increased IT headcounts, as 28% said they hired new staff to fill those cloud jobs.

That means IT pros with skills and experience in cloud computing are in high demand now, and should continue to be in the future. What kinds of cloud jobs are businesses looking to fill? The top roles companies have added to their IT departments, according to CompTIA’s survey, are:

• Staff that knows how to build private clouds (69%)
• Liaisons between different departments (64%)
• Integration specialists (63%)
• Cloud architects (61%)
• Compliance specialists (44%)

In addition to hiring new staff, two-thirds of those companies said their IT staff has received new training to boost their cloud computing skills.

The post Businesses Need IT Pros with Cloud Computing Skills appeared first on Ocala IT Support - Small Business IT Support Services.

Most companies say their IT departments lack some of the skills they need to adequately support the business, according to a recent survey from the Computer Technology Industry Association.

Of the 500 IT and business managers surveyed, 93% said there was some gap between the technical skills of their company’s IT staff and the skills the organization needs. That included 83% who said the gap was small or moderate, and 9% who believe their IT staff’s skills are far from where they need to be.

Those skills gaps are impacting how well businesses are operating, as 80% of respondents said it affects at least one key business area. The areas suffering the most due to a lack of IT skills, according to the organizations polled:

1. Employee productivity
2. Customer service and customer engagement
3. IT security
4. Innovation and new product development
5. Speed to market of products and services
6. Profitability

What skills are companies missing the most? Those given the highest priority by the managers in the survey were:

1. Networking and IT infrastructure
2. Server and data center management
3. Storage and back-up
4. IT security
5. Database and information management
6. Help desk and IT support
7. Telecommunications
8. Printer, copier and fax management
9. Data analytics and business intelligence
10. Web design and development
11. Customer relationship management (CRM) applications

What’s causing these skills gaps? The most common factor blamed was the fast pace at which technology changes, making it difficult for companies to train IT staff in new areas. Respondents also cited a lack of room in the training budget and failure on the part of business leaders to see the value in training for IT staff.

However, IT managers may have better luck asking for a boost in the training budget by focusing on the benefits that closing key IT skills gaps will have on the company as a whole.

Also, half of the respondents said their companies are turning to online self-study programs for IT employees, which are often the most cost-effective way to provide training. They can also allow staff to learn new skills without getting too much in the way of their current workloads.

The post 93% of Companies Say Their IT Staff Lacks Key Skills appeared first on Ocala IT Support - Small Business IT Support Services.

In a survey conducted earlier this year by IT industry association CompTIA, 93% of organizations said there was a gap between the skills of the company’s IT staffs and the skills that the organization needs. That skills gap was blamed for problems in several areas, including productivity, data security and overall profitability.

The skills desired most included areas of technical acumen, such as networking, IT infrastructure, IT security, help desk and database management.

However, most respondents agreed that soft skills are just as important for their organization’s IT department as those technical skills. Just 34% of companies are focused only on closing a technical skills gap, while 48% are equally concerned about hard and soft skills, and 19% are focused only on soft skills.

Soft skills for IT success

What soft skills are the most important for IT pros to succeed in their jobs? These are what the respondents to CompTIA’s survey ranked as the most important:

1. Strong work ethic (listed as “very important” by 71% of respondents) — That’s necessary to succeed in any job, and IT is no exception.
2. Motivation and initiative (67%) — Likewise, successful IT pros also must be motivated and engaged in their work.
3. Customer service (65%) — The primary role of the IT department is to support the rest of the business, and that should factor in to the regular interactions between IT staff and those internal customers.
4. Flexibility and adaptability (64%) — More so than many other lines of work, technology is fast-changing and IT pros must be able to stay up to date.
5. Innovation and problem solving (63%) — Also, IT jobs create many new and unexpected challenges that must be handled quickly.
6. Analytical skills (61%) — Most IT departments operate under tight budgets, so employees need to be able to find the best and most cost-effective solutions to problems.
7. Teamwork (60%) — Like any other department, IT must work work effectively as a team.
8. Communication (59%) — Strong communication skills are essential for both IT managers and staff members, especially when it comes to explaining technology to non-technical people.
9. Project management (47%) — As budgets become tighter and more scrutinized, it’s important for everyone in IT to be able to manage and be held accountable for their projects.

The post 9 Soft Skills IT Pros Need appeared first on Ocala IT Support - Small Business IT Support Services.

Two recent reports published by Verizon and Symantec have pointed to a rise in the percentage of security attacks on small businesses with vulnerable networks.

According to Verizon’s recently published Data Breach Investigation Report, nearly three-quarters of data breaches analyzed in 2011 involved small businesses.

The report examined 855 data breaches from around the world and found that 97% of the crimes against small businesses could have been avoided through simple or intermediate security controls.

Another report published by Symantec found that more than a third of data breaches analyzed in the first six months of 2012 involved targeted attacks on small businesses with fewer than 250 employees.

That’s double the percentage of targeted attacks on small businesses Symantec found in the end of 2011.

While large companies with more than 250,000 employees are still their top targets, hackers are increasingly turning to small businesses because they see them as weak links in a chain leading toward their larger business partners.

“They [small businesses] are not as prepared, because they don’t think they have to be, and that’s left them vulnerable,” Kevin Haley, director of Symantec’s Security Response unit, recently said.

For businesses that handle sensitive information like patient records or financial data, it’s especially important to take measures to fend off cyber attacks.

Many of the small business data breaches in 2011 could have been avoided simply by following basic best practices.

The post Small Business Data Breaches are On the Rise appeared first on Ocala IT Support - Small Business IT Support Services.

Over the last several years, network security for small businesses has become increasingly complex as new internet threats emerge. Small business networks face constant threats from a number of malicious tactics that aim at slowing productivity, stealing valuable information, and crashing whole networks.

Below, we’ve outlined 5 of the most common network security threats for small businesses today. If you have further questions, don’t hesitate to contact CettaTech for more information and suggestions for improvements to your network security.

1. Viruses

Although the term is often used generically, a virus is by definition malware that inserts malicious code through user interaction into programs and documents and then spreads to affect an entire network. A virus will usually infiltrate a network through email attachments, so a good way to avoid viruses is to train your staff to never open an email attachment they weren’t expecting.

2. Trojan Horse

A trojan horse is a malware attack that is disguised as something innocent like a computer game, free software, or an email link to a video. Once the malware is downloaded to a computer, it can be used to steal valuable information and record keystrokes to gather account numbers and passwords.

3. Spam

Spam is not only a nuisance. It also accounts for billions of dollars of lost productivity. In some cases, it can even be used to take up so much bandwidth that a network crashes. You can best defend your network from this threat with a Spam Guard product.

4. Phishing

Phishing is a malicious email tactic used to trick unsuspecting victims into handing over sensitive information like account numbers and passwords. A phishing email supplies the user with a link to an unsecured website that looks very similar to a trusted business like PayPal or Bank of America and asks him or her to reenter account details, passwords, card numbers, etc.

5. Lost/Stolen Laptop or Mobile Device

Lost or stolen laptops or mobile devices are not what we usually think of as network security threats, but they pose a big threat to networks. The information on a lost or stolen piece of hardware may be used to gain access to the network and compromise security.

The post Top 5 Network Security Threats for Small Businesses appeared first on Ocala IT Support - Small Business IT Support Services.

Nearly half (48%) of the directors surveyed said IT security was a high priority, the highest of any concern listed. The emphasis placed on protecting data has doubled in the past four years, with just 23% of directors having listed it as a high area of concern in a 2008 survey. Likewise, 55% of general counsel listed data security as a top priority in this year’s survey, compared to 25% in 2008.

Why the big jump? According to the report’s authors, as more business takes place in the digital world and the costs of cybersecurity incidents increase, boards have no choice but to pay attention to IT security.

Despite the increasing importance, many board directors and general counsel are not confident that their organizations are properly managing IT security risks. Among the general counsels surveyed, 33% believe the board isn’t managing cyber risk.

In addition, less than half (42%) of directors say their organization has a formal response plan for IT security incidents. Another 31% were uncertain if such a plan existed, and 27% said there is no plan. These results suggest that many company leaders understand the importance of IT security, but may not understand what their organizations need to do to protect themselves.

That’s where the IT department comes in. IT managers can use execs’ increasing security concerns as they pitch new projects and investments in security tools and programs. When doing so, it’s important to focus on how security spending is an investment that protects the company’s bottom line.

The post IT Security Now the Top Priority in Boardrooms appeared first on Ocala IT Support - Small Business IT Support Services.

1. Many organizations fail to change the default passwords for their printers’ control panels, allowing criminals easy access to recently printed documents.
2. Many printers allow administrative access through a webpage, which may contain coding flaws that allow criminals to hack them easily.
3. Another attack can allow hackers outside the company to give themselves legitimate user accounts to access the organization’s printers.

Printer security has become more important as printers and multifunctionals have become more sophisticated. Those machines now often contain hard drives that save copies of recently scanned and printed documents, as well as on-board operating systems and applications that can have vulnerabilities just like the software on a PC.

While many of the vulnerabilities must be fixed by printer manufacturers, there are steps IT can take to prevent network security threats resulting from unsecured printers, such as:

1. Require authentication on the machine: In departments that regularly print confidential documents, consider getting a printer that requires a user to enter their password into the machine — some printers also use swipe cards, or even biometric fingerprint readers.
2. Overwrite data: Most multifunction printers have hard drives that store printed and scanned documents — but in many situations, that’s unnecessary. In those cases, you can set the machine to erase the disk after every job.
3. Check the OS: Some printers use a proprietary operating system, making them relatively safe from virus attacks. But others use a common OS and are therefore vulnerable. Find out what’s on your devices and plan accordingly.

Companies also need to be careful with their office copy machines — those devices also store data on hard disks, which often aren’t erased when the machine is returned to the leasing agent or resold.

The post Overlooked Network Security Threat: The Office Printer appeared first on Ocala IT Support - Small Business IT Support Services.

Over the next 12-18 months, 32% of organizations plan to increase their spending on IT outsourcing, according to a recent survey of 200 IT decision makers from consulting and IT service firm Bluewolf. In addition, 48% are looking to hire IT contractors instead of full-time staff.

While many businesses are doing so to trim their tech budgets, that isn’t the only benefit. The top reasons organizations are turning to IT outsourcing, according to the survey:

• Productivity and profitability
• Flexibility
• Access to hard-to-find IT skills and talent.

While IT outsourcing can offer those benefits, organizations must first come up with a thoroughly planned outsourcing strategy — that means not only deciding what to outsource, but also how they should outsource.

Bluewolf outlines some of the most common IT outsourcing models. including:

• Staff augmentation, in which companies bring in IT contractors temporarily during spikes in staffing needs
• Consulting, in which the company turns over an entire project to an outside firm
• Managed services, in which the company hires an outside firm to handle entire pieces of the IT infrastructure
• Cloud computing, in which companies pay a subscription fee to use applications, hardware or other items that are housed by the service provider
• Offshoring, in which IT services are outsourced to teams in foreign countries
• Partial outsourcing, in which an IT function is kept mostly in-house, but certain aspects are outsourced

Which IT outsourcing models are best will depend on an organization’s own situation, including factors such as what skills exist in-house and what IT projects the business plans to take on in the future.

As for what functions organizations plan to outsource, the most popular services among the Bluewolf survey respondents were:

1. Application development (outsourced by 46% of respondents)
2. Web development (39%)
3. Application hosting (28%)
4. Application maintenance (26%)
5. Data center operations (23%)
6. Disaster recovery (17%)
7. Database administration (17%)
8. Network operations (16%)
9. IT security (15%)
10. Help desk (12%)

The post Top 10 IT Functions to Outsource appeared first on Ocala IT Support - Small Business IT Support Services.

Here are the 5 common security errors companies still make, based on recent surveys and news about data breaches:

1. Giving users access to more data than they need

In addition to outside hackers, IT also needs to protect against insider threats, including users who steal data to sell to criminals or cause damage because they’re disgruntled. One way to minimize those risks is to make sure users can access only what they need to do their jobs. However, just 36% of organizations said they restrict access to data on a need-to-know basis, according to a recent study, and many others fail to review those access privileges regularly.

2. Failing to remove access for ex-employees

Another common insider threat is a disgruntled former employee who takes revenge by sabotaging the company’s IT systems. However, one of the security errors many companies make is failing to remove access privileges as soon as an employee leaves.

3. Forgetting physical security

Naturally, IT pros focus mostly on securing data from network intrusion and other cyberattacks. But a lot of sensitive data can be stolen by taking the physical equipment that it’s held on. IT departments should invest in door locks, cameras, cable locks for laptops and other physical security controls, and train users to keep mobile devices secure.

4. Assuming policies will be followed

Security policies are great, but technical controls are also necessary. IT departments have a hard time making many groups follow those rules — for example, 70% of users under 30 flat-out ignore IT security policies, and more than half of IT pros say executives believe security rules don’t apply to them.

5. Trusting security software

Likewise, companies can’t put all their faith in technical controls, either. While they provide some level of protection, no security tools are completely fool-proof. For example, antivirus applications, on average, detect just 19% of malware on the first day it’s discovered — and even after 30 days the number rises just to 61%, according to one study. That’s why experts recommend a combination of user awareness and security tools.

The post 5 Simple IT Security Mistakes Companies Make appeared first on Ocala IT Support - Small Business IT Support Services.

Here are the 5 common security errors companies still make, based on recent surveys and news about data breaches:

1. Trusting vendors’ security

With companies increasing their investments in cloud computing and IT outsourcing, more sensitive data is being handled by third-party vendors. Yet even now, less than half of small businesses verify cloud computing vendors’ security, and 63% of all organizations admit they don’t know what cloud vendors do to protect customers’ data.

2. Keeping default passwords

While IT pros often complain about users’ bad security practices, IT departments aren’t immune from making password mistakes, either. One of the most common security errors is keeping the default password for applications, servers and other IT equipment.

3. Leaving old vulnerabilities unpatched

IT spends a lot of time figuring out how to defend against hackers’ new and cutting edge techniques, but criminals also have a lot of success with attacks that have been around for years. One example is the Conficker worm, which Microsoft issued a patch for in 2008 but still finds a way onto corporate networks and attacked an estimated 1.7 million computers in the fourth quarter of 2011 alone.

4. Forgetting to patch all devices

When companies do apply patches, they often focus on applications and operating systems running on servers and desktop PCs. But there are plenty of other devices that have software that must be patched, including printers and copiers, routers, and anything else that connects to the network. Forgetting those patches is one of the most common security errors and could allow hackers to find a backdoor to access sensitive data.

5. Letting users leave with unencrypted data

Several data breaches have occurred because computers, mobile gadgets or storage devices holding unencrypted data were stolen when an employee took them out of the office. While preventing users from taking sensitive data with them is becoming more difficult, IT at least needs to give them secure methods for doing so.

The post 5 Basic IT Security Mistakes Companies Still Make appeared first on Ocala IT Support - Small Business IT Support Services.

As your business grows and time passes along, your server will undoubtably start to show signs of age. Just as humans sprout grey hairs and lose that spring in their step over the years, your server will eventually lose its vitality as well.

The difference is, a server loses its pep a lot quicker than most humans. As a general rule, your server has about three years of life in it before it may need an upgrade.

But it’s up to you to decide when the signs of an aging server are becoming detrimental to your business’s success, and it’s critical you do something about it before it’s too late.

Be on the lookout for these six signs it may be time to upgrade your server.

It’s getting really slow.

When your server starts crawling, it’s probably time for an upgrade. Usually, if your Disc and Central Processing Unit (CPU) usage is at 80% or above, then you need an upgrade. A slow server equals less productivity. How much can you afford to lose?

It’s making a lot of racket.

As a server gets on in age, one telltale sign it needs upgrading is how much noise it’s producing. We’ll steer clear of any human analogies on this one. Just know that your fan drives and hard drives will start making a lot of noise as they get older which could indicate the server is nearing failure.

It’s no longer supported.

The warranty on a server will likely expire once it hits three years or older, which means the manufacturer no longer supports the hardware and software. This means you’ll have little support if something goes wrong, and the cost of hardware or software repairs will have to come out of your pocket.

It’s not big enough.

When your software requirements exceed the server’s specifications, you’ll definitely want to consider upgrading sooner rather than later. The success of your business is largely dependent on planning for future needs. If your server can’t handle the load now, will it be able to handle an even bigger load as your business grows?

It’s seizing up often.

When your system starts freezing on a regular basis this is another sign your server is reaching its limits. You’ll want to upgrade to a server with more capacity to support your growing business.

It’s stealing your time.

Finally, if your spending an inordinate amount of time dealing with server issues rather than focusing on your business’s core services or products, it may be time to upgrade. How much time are you willing to devote to an aging server when you could be improving your offerings?

These are just a few signs that it may be time to upgrade your server, but it may not always be so obvious. You may not notice any warning signs before it’s too late.

Ultimately, it’s better to hire an IT professional that will continually monitor and maintain the health of your server and let you know when an upgrade is essential.

The post 6 Signs It May Be Time to Upgrade Your Server appeared first on Ocala IT Support - Small Business IT Support Services.

Here are ten reasons why small business IT outsourcing is becoming increasingly popular.

1. To have more time to focus on the core business functions

People are happier doing what they do best, and distractions that have nothing to do with their key job functions can be very frustrating. The time businesses spend figuring out their IT functions have a very real opportunity cost. In addition, researching, implementing and fixing new technologies can really frustrate non IT professionals. Thus, outsourcing this business function can free your staff to spend their time focusing on how to grow the business.

2. Cheaper IT solutions to your business

Network support providers achieve greater efficiency and economies of scale because they are focused solely on IT services. This enables them to consolidate their purchasing power and access a deeper and broader knowledge base. As a result, you can expect them to deliver faster, better and cheaper IT solutions to your business. This translates into cost saving to your business both in money and in time.

3. Reducing cost while controlling operating expenses

Outsourcing your IT department to a network support company goes beyond cost reduction and the need to save your hard earned dollars. In most cases, businesses spend nearly 25% to 50% less by outsourcing their IT department over the cost of even retaining a single IT staff. In addition, expenses related to recruiting, training, vacation and management issues are taken out of the equation through outsourcing.

4. Access highly specialized talent

You are better off leaving the highly complicated and ever changing field of information technology to experts. Outsourcing your business’ IT needs allows you to tap in to expertise that would otherwise be too costly to develop and maintain in-house.

5. Obtain on-demand resources

At some point, every business finds itself grappling with the challenge of growth versus the burden of scaling back. Both instances present genuine HR dilemma when the business relies on its in-house IT resources, more so when these events are unplanned. By contracting a professional IT service provider, your business can easily respond to these challenges without affecting the livelihood or morale of the workforce.

6. Improve productivity

Technology improves the overall business productivity and performance by enabling communication, knowledge sharing and employee innovation. However, this productivity can only be realized through proper planning, implementation and monitoring of technological solutions. The best practices, planning, implementation and maintenance experience allows IT network support providers to successfully deliver these productivity improvements to your business.

7. Reduce downtimes

Even a few minutes of system downtime can have severe ramifications to the business. Thus, maximizing uptime should be your business’ top priority. Network support companies offer planned approaches to proactive system maintenance, security, backup and disaster recovery. Couple these with their remote systems monitoring and round the clock response capabilities and you will never experience extended periods of system downtimes in your business.

8. Realize a competitive edge

Outsourcing your business’ IT needs enables you to utilize the latest technologies that level the playing field in your business’ favor. This is because these companies keep up with the latest technologies through continuous training and real world experience. Their ability to affect rapid moves can give your business a competitive advantage and increase its ability to respond to competitive threats.

9. Attract and retain employees

Your employees want to work in an environment where computers are in excellent working condition, with minimal down times and excellent networks. Outsourcing your IT department allows your business to realize these expectations while attracting and retaining top talents in the industry.

10. Access to otherwise rare vendor support

Most technology vendors barely provide direct end-user support. This can be very frustrating to a small business that makes several calls to customer support without receiving any help. However, by establishing a relationship with a reputable IT service provider, your business can enjoy the privilege of accessing thousands of technology vendors.

In today’s competitive business environment, companies that want success must offer unique products. Outsourcing IT support for business presents your small business with the opportunity to take advantage of highly skilled and experienced service providers without spending much money. With these ten reasons, there is no doubt that outsourcing the IT department is the key to profitability.

The post 10 Reasons Why Small Business IT Outsourcing Is Becoming More Popular appeared first on Ocala IT Support - Small Business IT Support Services.

Almost everything a manager does requires strong communication skills if it’s going to be done effectively. Good communication can motivate and inspire employees, and help develop people into top performers.

And even if an IT manager comes up with a top-notch plan or initiative, it still needs to be well communicated to the staff in order for it to have a positive impact.

Like any skill set, communication can be improved with practice. Here are five essential communication skills IT managers can work to improve to become more effective leaders:

1. Listen more than you talk – Strong communication skills don’t mean people are good at talking — they mean they’re good at listening. Managers should seek out feedback, and during conversations, make sure that they’re focused on what the other person is saying.
2. Set an example – For managers to be good communicators, they must make sure employees believe what they’re saying. And one way to eliminate that trust is to behave in a way that contradicts what is said. For example, if an IT manager stresses the important of being courteous to users who call the help desk, the manager must follow those rules, too.
3. Be honest – Likewise, managers quickly lose their employees’ trust if they do too much to sugar coat difficult messages. All that does is add confusion and leave things open to an incorrect interpretation.
4. Be specific – One tough part of manager’s job is to have difficult conversations with employees about performance or other issues, and it takes strong communication skills to make it through that. One key: Focus on results and point to specific examples of the problem. And when giving advice, offer specific tips, too.
5. Make it personal – Good communication from a manager involves both talking to a group of employees as well as talking to people individually. Make it a point to regularly meet with all staff members one-on-one. Even just showing an interest in employees’ individual success can be a huge motivator.

The post 5 Communication Skills IT Managers Need appeared first on Ocala IT Support - Small Business IT Support Services.

Microsoft recently announced that it’s finished developing and testing Windows 8 and has sent the operating system to hardware manufacturers. Those manufacturers will sell computers and tablets running the OS at the end of October, at the same time Windows 8 upgrades become available for purchase.

Windows 8 represents a significant update over the previous versions of Windows that IT pros and users are familiar with. The OS is designed to run on both PCs and tablets, and therefore incorporates significant changes to its user interface. Even the ubiquitous Start button users have been used to seeing for years is removed from the OS.

Those changes have resulted in a lot of criticism aimed at Windows 8 from observers who say the interface is clunky and will take a lot of time and training before users are comfortable with it.

IT will avoid Windows 8 upgrades

Aside from the new UI, there are other challenges that will keep many companies from moving to Windows 8, according to a recent Tech Republic survey. Among the 1,888 IT pros survey, the majority (884) said they do not intend to upgrade. Another 655 are undecided, while only 349 plan to upgrade to Windows 8.

Their biggest concerns are that users will require massive training to begin working with the new interface. Beyond that, the biggest cons IT pros see with Windows 8 are:

• Fragmentation — Windows 8 will be released for both Intel and ARM-based devices. However, ARM devices (which include many tablets) won’t be able to join Active Directory domains, which could take away a significant advantage of deploying Windows tablets instead of other devices.
• Desktop abandonment — Many IT pros believe that Microsoft focused too much on creating an OS to run on tablets, which has resulted in a poor experience when running the OS on a corporate desktop.
• Hardware issues — Likewise, Microsoft has touted Windows 8?s ease of use on touch-based devices, but companies will have to make significant hardware upgrades if they want to take advantage of that.

Benefits of Windows 8

Despite the reluctance to upgrade, the IT pros surveyed did acknowledge some benefits Windows 8 could have for businesses, including:

• Common experience across devices — While many people dislike how Windows 8 works on desktops, some respondents appreciate the fact that the same OS can be run on PCs and tablets.
• Windows to Go — A new feature in Windows 8, Windows to Go, will allow users to run a copy of Windows 8 from a USB drive on any computer that has any version of Windows installed.
• Push button Reset and Refresh – Windows 8 will simplify the process for returning a machine to its default install (Reset) and restore factory settings but keep data and applications (Refresh). IT will also be able to control which of those options users can access.

The post Upgrading to Windows 8? Most IT Pros Say No appeared first on Ocala IT Support - Small Business IT Support Services.

Just spotted in the wild, it’s being called either Disttrack (McAfee’s name) or the Shamoon attacks (Symantec’s), and researchers say it’s notable because it’s been a long while since they’ve noticed malware going to such lengths to truly make someone’s life miserable in this way by deleting personal files.

“Ten years ago we used to see purely malicious threats like this,” muses Symantec researcher Liam O Murchu. He said there’s some uncertainty at this point about exactly how the malware spreads — it’s an executable so it could likely arrive as an email attachment that when opened infects a vulnerable computer — but one thing is certain: If your computer gets hit and you can’t reboot, you have a real problem. So far, there’s some indication that Shamoon may be part of a targeted attack against the energy sector companies.

“It can be difficult getting anything working again,” O Murchu says about what happens when a Shamoon attack hits a computer. The likely scenario for the victim would be an experience in which the computer is booting up, but all the files get erased, and the computer collapses into a non-bootable state. In that event, it would probably require the help of IT professionals with experience in recovery services to get things going again, perhaps by replacing the master boot record, or connecting the hard drive to another computer to use it to access the damaged one, he adds.

So far, though, Shamoon — Symantec calls it that because of strings found in the malware folders saying that, as well as “Arabian Gulf” — doesn’t appear to be something that’s being blasted out to a very wide audience. In fact, Shamoon malware seems to be aimed at very specific targets.

“It may be targeted at particular companies,” says O Murchu. At this point, Symantec thinks it’s possible that oil companies in the energy sector could be intended targets of Shamoon. So if your computer is not rebooting you could be a victim of Shamoon Malware!

The post The Deadly Attack of the Shamoon Virus appeared first on Ocala IT Support - Small Business IT Support Services.

1. Segment the network.

Firewalls are not the bandwidth-blocking, budget-busting products of yesteryear. Today’s firewalls are cost-effective devices that can safely segment organizational networks without causing performance problems. Using firewalls to segment networks provides both control and visibility that can block internal users from browsing parts of the network that should be off-limits.

Most attackers try to leverage weak points in organizational networks, using tools such as phishing attacks. Blocking compromised PCs — or hostile internal users — from wandering around the network looking for poorly protected data is easy when the network is segmented using internal firewalls.

An easy way to identify potential locations for network barriers is by looking at an organizational chart. Networks should be segmented much the same as organizations are segmented, under different executives or departments. Finance and administration shouldn’t mix unimpeded with marketing or e-commerce applications. Research and development or engineering tasks should be separated from education and applications.

2. Worry about web applications.

Poorly written and inadequately secured web applications are the path of least resistance for anyone looking to crack into organizational networks from the outside. Application programmers and application managers, whether in-house, outsourced or from a third-party software house, are the weakest security link in most organizations. Tools such as intrusion prevention systems and web application firewalls aren’t magic bullets that can solve the accumulated problems of decades of bad design, but they help reduce risk.

Heavy-duty intrusion prevention systems require a significant continuing investment, keeping devices tuned and managing alerts. Organizations with high breach potential should already have IPS technology in place. For areas of the network with less sensitive data, simply turning on the built-in IPS that comes with all unified threat management firewalls is a cost-effective and risk-reducing alternative.

The post 2 Steps to Preventing a Data Exposure appeared first on Ocala IT Support - Small Business IT Support Services.

1. Re-evaluate outbound network firewall policies.

Firewalls shouldn’t have an “outgoing allow any” policy, but that’s how many of them end up being configured, especially after years of adjusting, tweaking and dealing with web applications running on nonstandard ports. Services such as Simple Message Transfer Protocol and Domain Name System, for example, should be blocked outbound from sensitive networks or redirected to official organizational SMTP and DNS servers. There’s no reason for any device to talk directly to the Internet using those protocols, other than specific systems with the roles of mail server and DNS server. Networks that have proxy servers should certainly block outbound HTTP and HTTPS, except from the proxy servers.

2. Trigger alerts for some types of prohibited network behavior.

Alerting IT staff on every firewall rule violation could cripple a help desk, but a few especially significant misbehaviors can be early warning signs of a breach. Let’s say that outbound SMTP traffic from users is blocked, but now a PC on the network is trying to send SMTP directly to the Internet. Wouldn’t you want to know about it? Users trying to do SMTP, Secure Shell and File Transfer Protocol (outbound) are good choices to monitor.

When it comes to URL filtering, an alert for every blocked site would be a waste of time, but investigating blocked malware and known hacking destinations is often fruitful.

The post 2 Steps to Preventing a Data Breach appeared first on Ocala IT Support - Small Business IT Support Services.

So sure, those are some ways the computer makes life easier… but despite the efficiency of such intense technology, the real question is “is this good?”

Just think about how accessible all this is to an average person. Imagine how accessible it is to the government or the people who create this stuff. Imagine how accessible all the information about ourselves and our lives that we put out there to share is to those people. Scary.

The post How Computers Make Life Easier appeared first on Ocala IT Support - Small Business IT Support Services.

You absolutely need to have good IT support for your company! They should be able to keep you up to date on all of the new technologies on the market and all of the newest security procedures to keep your network safe and secure. The major downside of having outdated equipment, computers, technology, etc. is that you don’t get to take advantage of the newest innovations that technology has to offer. There could be new features and programs that are designed to increase productivity in the work place or simply make your daily tasks on your computers a lot easier, over all giving you a clean and smooth working environment for yourself and your employs. If you have been working on old systems it might be time for you to upgrade your network environment. That’s what CettaTech recommends to every company that we work with and consult for. It’s one of the first steps to increase productivity and keeping your network safe and secure. I hope this Blog by CettaTech was helpful to you, thank you for reading.

The post Keep Your Network Up-to-date appeared first on Ocala IT Support - Small Business IT Support Services.

When evaluating the need for strong ant-virus software protection, it’s important to know that not all viruses and other malicious software is written by hackers and teenage whiz kids. Today’s viruses and Trojans are as likely to be written by organized criminal gangs, whose purpose is to steal vital personal information like passwords, account numbers and ever Social Security numbers. Many criminal gangs have turned computer crime into a high profit, low risk enterprise, and anti-virus companies have to constantly stay ahead of their activities.

We recommend looking into some anti-virus software for your home or business before you get out to the internet. We have helped many companies pick and apply anti-virus software for their organization. A good anti-virus is a key component to keeping your network and valuable information safe.

The post Why a Good Anti-Virus Software appeared first on Ocala IT Support - Small Business IT Support Services.

Replacement of a machine can prove to be problematic if there is any data stored locally on the machine. However, in most companies this shouldn’t be the case, as all data should be stored on a server. If there is a data issue with a computer that needs repairing or replacing, then hired professionals are likely to be able to point you in the right direction for data recovery. If you plan on upgrading your computers or storing your data on a server instead of storing it locally, then you should have a professional IT company come in and assist you. If something goes wrong while you’re doing it, you could potentially lose all your data. So we recommend contacting an outside source and getting professional help. Thank you for reading this post I hope it has helped you.

The post The Importance of Having Good Computers appeared first on Ocala IT Support - Small Business IT Support Services.

For smaller companies, that require the services of computer maintenance and repair from an outside service provider, business computer repair services can be a key option. Such companies do not require the assistance of in house technicians, and will therefore invariably spend less on computer repair costs. So as long as the computer systems within the business are fairly reliable, there will be no need to overspend on staffing.

The advantage of outsourcing business computer repair is that it generally cost less than having dedicated IT staff, for small to medium sized companies. Our experienced, skilled, and highly trained technical support staff has a long standing reputation for providing quality service with a major emphasis on providing unbeatable customer service.

With the companies we are working with we make sure that we provide the best solutions for their networks and computers. We understand the value of having a smooth and safe technical environment for their employees to work in. So if you don’t have good technical support for your business we recommend that it’s time to get some. CettaTech hopes that this was helpful to you.

The post The Advantage of Having Outsourced IT Support appeared first on Ocala IT Support - Small Business IT Support Services.

The post Direct Contacting is a Better Way of Getting Sales appeared first on Ocala IT Support - Small Business IT Support Services.

The post Why Direct Contacting? appeared first on Ocala IT Support - Small Business IT Support Services.

The post Why you should use Direct Contacting appeared first on Ocala IT Support - Small Business IT Support Services.