MSPNetworks Blog

How confident are you that your business could survive a data disaster of any size and scale, from a single misplaced file to a complete loss of your entire onsite infrastructure? Being prepared to recover from any version of events is key to your business’ success. Let’s discuss this concept, which is widely known as IT resilience.

What is IT Resilience?

Resilience is a kind of umbrella term, covering three more specific business IT concerns and consolidating them into a single concept. These three concerns are:

1. High availability of your business’ crucial hardware and software, covering how well it can rebound from issues like minor failures, user errors, and attacks. This means that your resources need some level of redundancy.
2. Cybersecurity measures, so your IT resources are protected against threats and any security issues that do arise can be rapidly identified and mitigated.
3. Disaster recovery solutions that can minimize your downtime should some event impact your business processes, so that you can quickly return to productive operations.

These three concerns each must be attended to for your company and its IT to be truly resilient… where these issues can be experienced and overcome, and your business can fully recover and resume operations as usual. Ideally, your resilience will be high enough that your customers could conceivably go without even noticing that an issue took place before you had already resolved it.

Ensuring Resilience

To best understand the process of making sure that your IT infrastructure is sufficiently resilient, let’s look at a different example.

How often do you cross a bridge? For that bridge, resilience is extremely important, as it will need to hold up against a lot of pressure to successfully do its job. This means that a lot of consideration and care need to go into its design and construction. Supports need to be able to handle the amount of traffic with precautions put in place, safety concerns need to be addressed for the bridge to continue functioning, and so many other concerns need to be seen to. The same can be said of your business’ hardware and software.

How well can the bridge resist intentional sabotage as well? If it’s easy for someone to make it more vulnerable to issues, “resilient” is hardly the right word. Tying this back to your infrastructure, how much cybersecurity is in place to protect it?

Finally, what’s the plan for the worst-case scenario, like if the bridge were to fail? What strategies have you prepared to deal with the immediate effects and the ramifications moving forward? Are you prepared to divert traffic to maintain operations? How well, and how quickly, can the bridge be repaired for traffic to continue? This kind of disaster recovery preparation is something that you need to have completed for your business.

Planning for Resilience

Each step of your processes and procedures needs to be examined to ensure that your strategies are sufficiently prepared for the potential events that could impact them. For instance, in terms of your disaster recovery strategy, where are your data backups stored? Keeping them in the same place as your original data is not resilient at all, as it could just take one disaster to lose it all.

Plus, even though there needs to be some ranking in terms of importance, you need to make sure that all your business’ IT is protected. All your data and its storage infrastructure, your business location, and yes, your employees, all need to be considered as you reinforce against disaster. Will it be cheap? No—but experiencing a disaster will be far worse.

Who Can Help?

True business resilience requires a very in-depth process, and as such, it requires the skill of an experienced IT professional. This is a hurdle for many businesses, with many currently relying on the skill of one or two of their employees to handle their IT needs and provide the support necessary—or seeking out external assistance from an outside provider.

The fact that resilience also isn’t one-size-fits-all, but more individualized to each business’ solution, is another complication. Neither an internal team nor a call-in, one-off provider can usually manage this challenge. However, for a managed service provider like MSPNetworks, this all is firmly in our wheelhouse.

What We Can Provide

Instead of offering all our clients the same solutions and assuming they’ll work, our team approaches things from a more personalized angle. After a comprehensive audit and review of your situation, we’ll work with you to design and implement an infrastructure and strategy that mitigates your weakness and leverages your strengths.

We can supplement your existing IT or step in as an outsourced department, whatever you need to keep your technology secure and available to your business regardless of the situation. To learn more about our services at MSPNetworks, and how they can boost your IT’s resilience, reach out to our team by calling (516) 403-9001.

Your data is vital for your organization’s continuity. Your data consists of everything from your company documents, accounting records, client contact information, prospects and leads, procedures, and everything else needed for you to keep operations running smoothly. That’s why all businesses need a solid backup solution that is monitored and tested regularly.

Why Should I Test My Backup?

As with anything, your backup solution isn’t infallible. A lot can go wrong when your backup is running, for example:

• Hardware/media failure
• Software failure
• Compatibility issues
• Network connectivity issues
• User error
• Task scheduling issues
• Files-in-use issues (especially for older backup solutions)

...and more!

Many backup solutions have a verification process to attempt to verify that a backup was taken properly and spit back any errors in the backup software if anything was found. Even the old, slow tape backup systems from a decade ago often had features like this. The problem is that sometimes with tape, the tape could be degraded to the point that it passes the verification test but ends up being partially or fully unreadable when it comes time to pull the data.

If you can’t tell, we don't prefer tape backup. It’s slow, arduous, and not very reliable, and the restoration process takes an incredibly long time compared to more modern methods.

Hard drive-based backup, including NAS (Network Attached Storage) and BDR (Backup and Disaster Recovery) solutions are much more reliable from a technical standpoint, but could still suffer issues if not configured properly or if they run into roadblocks like network connectivity issues.

Testing your backup could also reveal files, applications, or databases that aren’t getting backed up properly. It’s easy to configure your backup, and then install some new software later down the road and forget to make sure the data is getting backed up.

You want your data to be backed up and complete so in the event you need it, you can restore everything and be up and running quickly.

How to Test Your Backup

Essentially, you’ll want to deploy your backup in a virtual environment and run off of it. This simulates a catastrophic data loss event and lets you and your staff see if they can get by based on the data stored in the backup.

Not all backup solutions allow you to do this. Tape backups, for example, can’t be run or accessed off of the tape, so you would actually need to extract the archived data from the tape and redeploy it on a secondary or virtualized server. This could take several hours or even days to do, and by then the backup won’t be up-to-date.

Our BDR solution, however, allows us to virtualize your server and spin everything up. The process looks something like this:

1. Temporarily disable/disconnect your server from the network, simulating a hardware failure.
2. Spin up the backed up virtual copy of your server on the BDR.
3. Have the BDR take over all of the roles and responsibilities of your server.
4. Your network should be back up and running at this point, and all data should be fully accessible by your staff.

If it were a real hardware disaster, your BDR could serve as kind of a spare tire for your network, taking over for the server that had the issue. Things might be a little slower until the downed server is repaired or replaced, but at least operations can still run.

If you’ve been backing up your data (and you absolutely, definitely, positively, without-a-doubt NEED to), you should also be testing the consistency of your backup. Let’s take a look at your backup and run a test to see if everything is actually getting backed up so you aren’t surprised when you actually need it.

Give us a call at (516) 403-9001 to get started.

World events have always had a big impact on the banks that one finds on Wall Street, but in many ways, the one that coronavirus (COVID-19) has demonstrated has been unprecedented. As such, it almost provides a case study of the importance that disaster recovery planning has for any business… Wall Street institutions included.

As the virus has spread across the world, markets everywhere have felt its impact. Distribution patterns have been disrupted due to assorted blocks on travel. Additionally, the meetings and conferences that this industry typically sees have been cut off. Naturally, this has led to these banks rolling out their backup strategies, the pits that are typically filled with traders abandoned… but more on that in a moment.

How Has Coronavirus Encouraged Disaster Recovery Awareness?

Getting right down to brass tacks, it is clear that COVID-19 is a disaster, albeit one that you may not have considered a “business disaster” at first. However, anything that interrupts a business’ processes is considered a disaster… and it is safe to say that COVID-19 has done just that. So how do you prepare a business for a pandemic?

Actually, it isn’t all that different than what your routine business continuity processes should consist of, specifically, the fact that--in case of a disaster--you need to be sure that your business has the mobility it will need to survive.

Coronavirus’ hallmark is the social distance that is recommended to be kept between people to prevent the spread. Therefore, it makes sense that people would want to keep as far of a distance from each other as possible.

The solutions for remote work, software-as-a-service delivery, and cloud-based disaster recovery prove very valuable both when you want to give your users the capability to work from their home, as well as when your office is the location of a disaster event.

So, in order to protect your employees from the spread of coronavirus, you only need to be protecting your business from other disasters as well. Sounds like a win-win.

For assistance in implementing the technology needed to maintain your operations through any disaster, reach out to the professionals at MSPNetworks by calling (516) 403-9001.

COVID-19, or coronavirus, has been a major global health concern over the past couple of months. At this point, it is clear that this disease could have serious impacts on the workplace. We wanted to provide a brief rundown of good workplace and network health practices, as well as a few pointers on how you can handle health-based employee absences.

How to Minimize General Exposure in the Office

Based on what is currently known about the coronavirus, the Centers for Disease Control and Prevention have some recommendations as to how to keep the potential impact of coronavirus to a minimum:

• Encourage employees who are ill to stay home. This will help to minimize the spread of infection within your business. Make sure that your employees are aware of this policy by reiterating it verbally, and by posting notices around the office encouraging them to stay home if under the weather.
  
  Emphasize hygiene and etiquette. Properly stifling coughs and sneezes and keeping hands clean are surprisingly effective ways to keep your workplace healthier. Rather than using their hands to catch a cough or sneeze, your employees should use a tissue or--if unable to do so--use the upper part of their sleeve.
  
  The CDC recommends that tissues and alcohol-based hand sanitizer should be made readily available. Make sure your employees are washing their hands with soap and water for the recommended 20 seconds.
  
  

• Engage in keeping the workplace clean. There is a chance that coronavirus (and other illnesses) could be spread via infected surfaces. Make sure that all surfaces that are touched frequently, like desks, workstations, and doorknobs, are kept sanitized. Provide your employees with disposable wipes so they can proactively disinfect these surfaces before use.

If you find that one of your employees is confirmed to have been infected with coronavirus, make sure that you inform their coworkers of their possible exposure while still maintaining the confidentiality that the Americans with Disabilities Act requires. These employees and those who are living with a sick family member should assess their risk of exposure using the CDC’s guidelines.

Coronavirus as a Cyberthreat

Unfortunately, coronavirus will also require you to also keep an eye on your network security, particularly if you operate within the healthcare industry. Hackers and cybercriminals have taken advantage of the widespread concern that the disease has caused. For example:

• Scammers have phished healthcare providers with updates that appear to have come from the World Health Organization or hospitals local to their area, but actually introduce keyloggers into their systems.
• Those involved in the medical supply chain have been targeted with emails referencing the coronavirus that install malware to steal information.
• Ransomware has been introduced into consumer systems by promising recipients of an email information about COVID-19’s spread.

While the current climate may not make it easy, these emails and other threat vectors can be overcome through the same best practices that foil other cyberthreats. In addition to comprehensive digital protections, training your employees to spot these threats will be crucial.

Of course, you should also maintain a comprehensive backup in case you need to recover from a successful attack.

How to Maintain Productivity with Your Team at Home

With today’s technology, sending an employee home sick doesn’t necessarily mean that you will be sacrificing that employee’s productivity. We now have many ways that your team can work effectively from home, still contributing to your organizational agenda without exposing their coworkers to their illness.

Equipping Your Employees

Remote access solutions, paired with virtual private networking technology, can allow your employees to securely continue their work from home, safely accessing the applications and data their tasks require through an encrypted connection. As collaboration will certainly be necessary, you will want to be sure that your employees are also equipped with the communication tools that facilitate this collaboration as well.

Network Protections

You will also want to thoroughly secure your network infrastructure to help prevent threats like phishing attacks and other methods from being successful… as well as preparing for a potential breach or emergency with data backups and disaster recovery policies and procedures (including contact information for your employees) to help mitigate a worst-case scenario.

Employee Awareness

Finally, make sure your employees are on the lookout for any suspicious activity that could be a cybercriminal’s attempt at using the coronavirus as a means to an end. Not only should your employees know how to spot these attempts; they should also know the proper procedures for reporting and handling them.

Is the coronavirus scary? At this point, it is safe to say that it is, but does it have to interrupt your business operations entirely? Not if you are properly prepared.

For more assistance in preparing your business for any kind of disaster, reach out to the professionals at MSPNetworks by calling (516) 403-9001.

What is COVID-19?

COVID-19, better known as coronavirus, is a respiratory illness that first appeared in Wuhan, China, and was reported in the United States on January 21st, 2020.

As of March 3rd, 12 states have reported 60 total cases of coronavirus and six confirmed deaths, with no vaccines or specific antiviral treatments for the illness. Symptoms of the virus include fever, shortness of breath, and a cough, while those with complications from the virus can experience pneumonia in both lungs, failure of multiple organs, and death. 

Let me ask you a question… let’s say that you’re about one year from your projected retirement, when a ransomware attack encrypts all of your files. What do you do? Pack it in and retire early? This is precisely the situation that the practitioners of Brookside ENT & Hearing Services of Battle Creek, Michigan, have found themselves in - and it may not be over yet.

What Happened to Brookside ENT?

Typical of a ransomware attack, the malware began by deleting and overwriting all of the practice’s data - every medical record, bill, and upcoming appointment. A duplicate of each file was left behind, locked behind a password that the person or persons responsible promised to provide in exchange for a $6,500 wire transfer.

Under the advisement of an “IT guy,” Dr. William Scalf and Michigan state senator Dr. John Bizon didn’t pay the ransom, as they couldn’t be sure that the password would even work, or that the ransomware wouldn’t return in the near future. As their IT resource determined that the attacker hadn’t actually viewed any of the records, this event technically didn’t need to be reported as a breach under the Health Insurance Portability and Accountability Act (HIPAA). Nevertheless, without access to this data, the physicians saw little choice than to retire early.

Well, kind of. As they had no means of knowing who had an appointment scheduled, the physicians had little choice than to wait around the office for a few weeks and see whomever showed up.

Why Throwing in the Towel May Not Be Enough

From a purely academic point of view, it only makes sense that the medical industry would be one targeted by ransomware. Not only do its establishments rely greatly on the data they have stored, there is an urgency to this reliance that cannot be denied. Think about the possible ramifications if a medical practitioner was unable to properly diagnose a patient and recommend treatment because of some unavailable data.

Of course, the strategy that Brookside ENT has adopted to close up shop doesn’t leave its owners off the hook, either. They could still find themselves in plenty of regulatory hot water.

For instance, a ransomware attack (paid or not) could be considered a reportable incident under HIPAA, or even an instigation of a negligence-based legal action. Any patient could invoke HIPAA rules if their data was in digital form and have an investigation started by the Department of Health and Human Services’ Office of Civil Rights, simply by leaving a complaint.

How You Can Protect Your Business from Ransomware

While the best way to keep your business safe is to be able to spot ransomware infection attempts before they successfully fool you into allowing them on your system, statistically, you aren’t going to be able to spot all of them… so what can you do?

One great resource you have available to you is your team. Each uneducated user offers ransomware another way in, but each educated user is another shield to help protect your business.

You should also develop and maintain a comprehensive backup plan to help protect your data from ransomware attacks and other attempts against it. While it would be ideal to not need to use this backup, it would be far less ideal to need one and not have it. Make sure that you keep your backup isolated from the rest of your network as well, so that your backup isn’t also encrypted by a ransomware attack.

At MSPNetworks, we have plenty of experience in mitigating the damage that ransomware can cause, as well as in solving various other IT issues. For assistance with any of your business’ IT needs, reach out to us at (516) 403-9001.

With data looked on as more of an asset than ever organizations are finding that their data backup and recovery system needs to be comprehensive. By knowing more about backup and recovery, you stand to be able to plan the solution to meet your company’s needs. Today, we will look at the different types of data backup and introduce you to four terms you need to understand.

The Types of Backup
There are various types of backup that anyone looking to come up with a backup strategy should know. They include:

• Full backup - A method of backup where all selected files are backed up in their entirety. Typically, the first backup taken for any backup solution. Since it is a comprehensive backup of all selected files, it will take more time than other types of backup. If a full backup is the method of backup your organization chooses, backups will typically be done after business hours as long wait times will likely cause downtime.
• Differential backup - A method of backup that just backs up the changes made to data. While this allows for significantly faster backups, it makes for slower restores.
• Incremental backup - A method of backup that is much like the differential backup. The main difference is that the incremental backup backs up data regardless if the previous backup was a full backup or an incremental backup.
• Mirror backup - A method of backup that is a real-time duplicate of the source being backed up. In essence, total redundancy. One problem with a mirror backup is that if material is deleted by mistake, it will be deleted on the mirror backup as well. For this reason, many professional IT technicians do not consider the mirror backup to be a viable backup solution at all.

Now that you understand the types of backup, here are some other backup-related terms that you should know:

• Business continuity - As the name suggests, it is a plan that is put together by a business that will allow them to continue effective operations if hit with any number of unfortunate situations. Normally focusing on a business’ critical business functions, business continuity should be a strategy that every business prioritizes.
• Disaster recovery - As with any other security process, disaster recovery is a dedicated plan to protect your business in case of some significant data-based disaster. Anything from cyberattacks, to sabotage, to mistakes can cause major problems for your business.
• Recovery Point Objective (RPO) - As a part of a dedicated disaster recovery system, RPO is a benchmark indicating which data must be recovered for your business to resume normal business operations.
• Recovery Time Objective (RTO) - Also as a part of a disaster recovery system, RTO is the time your business needs to have its data back before the business becomes untenable. The lower the number, the faster you will need a full restore.

At MSPNetworks, we offer a comprehensive backup and disaster recovery that can keep you in the game even after the most devastating data loss incident. For more information about disaster recovery, business continuity, and data backup call our professional technicians at (516) 403-9001.