The benefits of an ethical hacker

ethical hacker with keys to your dataI have a friend, who over the last couple of years has become an expert in the ethical hacking arena.   He is well thought of in the white hat communities and relatedly feared in the black areas.   He can put together malware, do a little social engineering and infect a business, in most cases easily, within a couple of hours.

That is what an ethical hacker does.   He test defences of Organisations with the same tools and attack vectors that the cybercriminal uses.   In most cases they have a better understanding of the criminal mind than most law enforcement.   They also have a better understanding of the technology than 99% of the supposed bad guys of the digital world.

They are legally allowed to say, if I want to steal data from you how I would do it, mainly because they have asked your permission to do it.   That is one of the keys to a successful ethical hacker.   They ask permission, and get paid, to attack you organisation.

These attacks can be aimed at your main data system, your web site, your ecommerce site or any other technology that is attached to the Internet.   That also includes your users and their devices.

Once a ethical hacker has completed his assessment he will come back with a report to the company on what was attacked, in most cases how they got in and the most important component, how you can stop a real hacker from attacking your business.

A complete tactical ethical hacker attack can cost a couple of thousand dollars.    A compromised business can lose that amount of money in minutes and can continue to lose it for hours, days or even weeks after a real attack.

To me, ethical hacking is a science, but it is something that even the smallest of Organisations needs to consider.

TLR Communications

Roger Smith is the CEO of R & I ICT Consulting Services, Amazon #1 selling author on Cybercrime, author of the Digital Security Toolbox and author of the SME Digital Security Framework.   He is a Speaker, Author, Teacher and educator on cybercrime and how to protect yourself from the digital world.

How to increase your business protection by educating your staff against cybercrime

bigstock-Infected-By-Virus-Cartoon-Ser-6361614Staff education seems to be one of the strategies that is missing in most businesses when it comes to digital protection.   Education can have one of the biggest impacts on the digital security of any business / organisation.

When it comes to protecting your organisation against cybercrime you will always need the basics.

  • A decent second generation firewall (not something supplied by your ISP or bought from a local retail shop),
  • a centrally managed AV
  • a secure off site backup service and
  • Numerous other management components for protecting the organisation

But one of your best defences against cybercrime is making your staff are more aware of the dangers.   Technology and management can only go so far, no matter how good or expensive they are.

There is always a chance that the newest threat makes it through all that new technology and then all you have is a human to protect your business.   That staff member is in a position to either question the attack or just follow the normal process and “click on the link” for instance.   By having an educated user in place increases your protection level substantially because they will be more readily able to question the attack.

Your business induction process is a great place to start.   Included in that induction process should your Organisations cybercrime and digital education process.   The process should look at the basics of digital protection and why cybercrime is a problem.

Those basics being:

  • Passwords – using complicated ones, what is a complicated password, how to create them and why they are so important as a first level of protection for your organisation
  • Basics about the Internet and email including SPAM, Phishing and social engineering
  • Social media and its role in the Organisations profile and what can be posted and to where
  • Understanding WiFi and VPN and working in the cloud
  • BYOD and the Organisations digital policy

Like all education processes, cyber security education, is an ongoing process.   You need to ensure that staff and users are not forgetting the lessons learned.   To do that you need to have refresher information, reminders, that will allow the lessons to be remembered at all times.   These can include additional education courses, competitions, posters and anything else that you can think of that will make security front of mind by all users.

Education is also one of the cheapest ways to protect your organisation.   A second generation firewall can set you back thousands of dollars whereas a basic digital education course can cost as little at $50 per user.

Remember, the bad guys attack you thousands of times but all it takes is one to get through and your digital system is no longer yours.   When that happens I hope you have an educated user at the other end to question the attack!

Taking Back the Digital Streets – Cybercrime now and the future

Woman looking through dirty broken glassIn the 70’s and 80’s, there was a fight in cities worldwide to take back the streets and make it safe for normal people to walk in their neighbourhoods without fear.   Those efforts paid off—murders, muggings and other urban crimes have dropped dramatically since then. The internet badly needs a similar intervention.

The internet may be the last bastion of free speech, but it’s also the most dangerous place on the planet.   You can lose everything—your money, information and identity—before you even realise that you have been attacked.   At least if you get mugged in a dark alley you have the bruises to prove that you have been robbed.   Have you ever tried to convince the bank that you did NOT purchase that top-of-the-line snow mobile, considering you live in the tropics?   It is not a fun conversation.

But the current level of crime isn’t inevitable. I have been reading some articles on how New York City citizens took back control of their streets.   Their efforts involved forming neighbourhood watches, cooperating with police. There were also a huge number of court cases there concerning a citizen’s right to free speech and free movement. All of these solutions started with citizens demanding a safer environment.

The “citizens” of the digital world should do the same. We, the people, are the ones using the internet for practically everything, and we have to take control.   With the help of law enforcement and politicians, we can do, it but it has to start with us.

Of course, there are huge problems to overcome. I like to call them challenges.   Here are a few.

Too Many Criminals

How do we reduce the number of cyber criminals?   Well, in most cases, the neighbourhood solutions that worked were not high-tech stuff.   And the answer wasn’t more arrests— in some cases it was less, but the arrests they did make were those that had the biggest impact.   By removing the people on the lower rungs of the ladder, they left the ones on the higher rungs without their support. The ones higher up had to come down, and they were also caught in the net.

Hacker programing in technology enviroment with cyber icons andThe internet has its own forms of small-time crime.   Web site graffiti, using an exploit kit, ripping movies and music, and creating a phishing email are all at the lowest level of the badness scale.   If the people who were doing this were the targets of law enforcement, starting with an escalating fine system, then these people would quickly drop out of the cybercrime arena.   It would no longer be a cool and easy thing to do; it could get you a criminal record.   Yes, these people can be caught—the problem is that they are so numerous that it will take a concerted effort at all levels.

Look at web site graffiti: It is either done on a dare, or it is done as a political attack.   Let’s look at as a dare: When the perpetrator is caught then he is fined; if he is underage then his parents are fined.

If it is political, then there is another problem.   I can hear the cry from here—what about free speech?   Well, you can still say what you like. You have the right to go down to the street corner and shout your views from a soapbox.   Or upgrade to the digital version—get a domain name and a web site, and you can say and do whatever you like.   But law enforcement has to make clear that the moment you graffiti a website, you are defacing someone else’s property. Just like spray-painting your tag on the front of someone’s office, you are crossing the proverbial line and will get fined or arrested.

Draconian? Maybe.   But the focus of this policy wouldn’t be to ruin lives forever. Instead, it would provide small-time hackers with an incentive to stop before they have the chance to hone their skills.

Broken Windows

The victims of petty crime can also play a role in keeping the internet safe. The owner of a web site that has been defaced has an obligation to remove the graffiti and tighten up security.   In a normal business situation— the front of a building, for instance—the clean-up is usually almost instantaneous.   But I have seen defaced websites that haven’t been fixed in months.

Why does it matter? The New York mayor of the late 90’s, Rudy Guilani, had the right idea.   He called it the “broken windows” theory. ( http://en.wikipedia.org/wiki/Broken_windows_theory) If there are broken windows in an area, that sends the message that no one values property and no one is in charge. Then more windows will get broken, more crime takes place, and the neighbourhood turns into a scary place. But the moment you start to replace them (or remove other signs of vandalism), everyone in the neighbourhood senses that the rules are being enforced. The whole community starts to get involved in maintaining their space, and normal people start to move back in.

Not Enough Cops

Another deterrent of crime is for law enforcement to have a presence in the area.   In New York today you cannot go two blocks without seeing a cop car or an officer on foot. That’s harder to achieve in the online world. How do we put digital cops on every corner?

Yes, police departments can hire specially trained cyber cops. But they can only see a small fraction of what takes place. To be effective, they will need to interact with normal users.

In south Los Angeles, in innovative inner-city police department devised an effective approach to gang violence: The Community Safety Partnership. (http://www.nytimes.com/2013/07/14/magazine/what-does-it-take-to-stop-crips-and-bloods-from-killing-each-other.html) The police had a need for streetwise people who understood the neighbourhood. These people are the honest, law-abiding citizens who have close ties to gang members and are a little savvier than the rest of the community.   They inform the police when a high-risk situation is developing—for instance, when the Crips or Bloods are plotting a revenge killing. This inside information helps cops prevent crime before it happens.

It works because streetwise citizens are the best source of information on crime. So let’s create more streetwise digital users.   Let’s increase the awareness of the innocent, the uneducated and the ill-informed so they can recognize cybercrime when they see it.   If users know when a crime or scam is taking place, they can report it to law enforcement, their antivirus software provider, or a criminal’s IP.   This is a win-win situation for everyone.

Stop Hunting for Scapegoats

We have a tendency to assign blame and search for scapegoats. The solution I’m proposing is the opposite of that. We need to shift our focus away from the big crimes that grab headlines.   It’s easy to be angry at Target for letting customer credit card information get leaked, but punishing one company won’t prevent the next attack.

Law enforcement, too, needs to change their mindset, from one of confrontation to one of prevention.   Too often, cops swoop in to bust a big cybercrime ring (like the underground drug marketplace Silk Road) after monitoring it secretly for months. To prevent crime, law enforcement has to be more visible.   Bank robberies would probably be a lot more common if there were no security guards or patrol cars for miles around.

If we get the small problems sorted out, we can then put in check and balances that will allow the digital world to flourish. As with any process, we have to walk before we can run.   We have to start with the small wins and build on them.   From Twitter stalkers to Facebook trolls, from 12-year-old script kiddies to targeted phishing attacks, from malicious insiders to the dedicated hackers, we have to send a message that crime has consequences.

I know that changing the digital world will take a little time.   It took 20 to 30 years to sort out the problems in New York and L.A., and they’re still not perfect. But we have to do something about the dangers of the digital world before it really does become a broken communication device.

Why we use Fortinet Products

Recommending products to clients is always a tricky proposition.  When most of us hear someone suggest we spend a lot of our own money, we tend to think, “that’s easy for you to say.”  That’s doubly true if there are cheaper alternatives out there.  In our line of work, we often have to recommend business security systems to our clients.  They’re usually not for profit organisations and small to medium businesses who have little excess money to spend, and we have to justify every recommendation.  Nevertheless, we try to persuade them to use Fortigage products—here’s why.

The managed services process starts with implementing some inexpensive recommendations.  This allows us to get the basics right.  Those basics include policies, procedures and processes: creating a disaster recovery, business continuity process and business resilience.  And in some cases, we need to change the culture through training and awareness programs. 

But none of these improvements can provide their full benefit without a state-of-the-art internet connection device.  That’s where clients sometimes balk at the cost.  It may seem like we’re pushing certain products, but we’re just looking out for the customer’s best interest.  Fortinet and the Fortigate products have the best return on investment of any security vendor on the market

Over six years of working with Fortinet, we have found that they have the best and most inexpensive enterprise-ready systems available for businesses.  There is a vast leap in technology from a modem/router that is purchased from a retail store to the modem/router made by a high-end security vendor like Cisco and Juniper but the fortigate products are as easy to set up and as good as the high end systems that are available. 

Why am I saying this?  Well, with a Fortigate router, we can do so much more with your business at the cyber protection level than we ever could before. 

Let’s take Facebook, for instance.  Most businesses and organisations use Facebook as a marketing tool, so certain people need access to it during working hours—but does everyone?  Using simple rules, you can restrict users who don’t work with social media.  Or maybe you want your staff marketing through Facebook, but not wasting time on Farmville.  With other settings you can also make that happen.  But you don’t want to seem like an ogre—you want to allow full access to Facebook over lunch.  Once again, a simple addition of a rule can do that.

A single Fortigate device can manage applications that precisely.  in addition to that, the standard Fortigate system using its UTM (Unified Threat Management) system comes with next-generation firewall capabilities, VPN Connection, web filtering, intrusion detection, malware protection, and a level of anti-SPAM.  It can also come with a high-end wireless system that is independent of the main network. 

Since all these functions are now combined in one connection device, you need to ensure that that your business will not suffer.  Fortigate supplies a four-hour replacement warranty, but in addition to that we also keep spares ready to go into a site at a moments notice.

Using Forticlient (a free AV product for PC, MAC, IPhone and Android) you can protect all of your devices, but when it’s combined with a Fortigate appliance you can use it to manage, monitor, and enforce your business policies on all connection devices in the system. 

You don’t have to believe Fortinet’s own hype; all of their systems hold their own when independently tested against others in their class.  In a number of cases—Forticlient AV, for instance—the product has proven better than most of the independent AV providers.

So the reason we use Fortinet products is threefold:

·         They have the best integrated product

·         Their support is top-quality

·         They have the best return on investment (ROI) of all other security vendors

I know—it’s easy for me to say.  But if you’re serious about security, you might want to consider Fortinet.

Communication is the key to Cyber Security

Communication inside a business is not a 140 character tweet, or a comment on Facebook.  Communication is what you do within your business to make it work better.

One thing I have noticed in my role to educate the public in business security and the framework needed to be secure, is the fact that ICT and business do not talk.   Not at the level that is needed to create a secure business.

Sounds like a broad statement but in most cases it is very true.   The more I look after my clients, as well as doing contract work with larger departments and organisations, the more this reality is noticeable.   There is a fine line between over commitment and generating a constant barrage of information and no information at all.   Most businesses are at the no information at all stage.

I have some thoughts on what both an IT manager, CIO, CEO and a managed services provider can do.

For a small or medium business and not for profit organisation employing an external source to manage their system is becoming the norm.   These suppliers can do so much for their clients as part of their business model.

I believe that communication is the best way to build the culture within a business and it always has to come from the top, whether it is management or owner.

Most businesses and organisations do not have regular meetings or a regular email / letter update within the business.   This is an opportunity lost.   Whether it is keeping the staff informed, talking to shareholders and stakeholders through external means or talking to prospects in general on the website there is so much that business can talk about.

I know one of the major problems is that people do not know or want to write things down.   It is very hard to put information into some form of written process, I have this problem with getting people to produce content for web sites so I can understand how difficult it can be.

Once started it is relatively easy to keep going, like most things you just have to have a will to START.  An internal email to your staff every Friday, praising an employee, setting internal goals, discussing problems and informing them of progress is a very good place to start.   The next question is where do you incorporate the security information.

As a start, look at your internal security policy, start a discussion on social media, teach people how to create complicated passwords.   Explaining how and why something is working is also of great business to your organisation.   You can even make it competitive, award prizes, look at increasing the knowledge within the business.

The good thing about security information is that it can be recycled.   Not too regularly but within reason, once every 10 or 15 comments interspace with new information is good.

You can also beg borrow and steal from the Internet, improve on others information, make it better to suit your industry or business.   All relatively easy to do but it will have a marked effect on your business.

So there you have it, communication, a way to keep your universe in touch.   In some cases you may even find it easy to do.   The interaction between communication and internal security cannot be over emphasised.   The important fact is that you are educating your staff which will make them mode secure but will carry through to your business making it more secure as well.

Build a ICT support package for your business

Business technical support, whether it is in house or outsourced, is a management headache.   Today’s business and tomorrow’s future business is all based on digital information.   That is not the problem, the problem lies in all of the systems that your business requires to do business.

From producing documents and spreadsheets to contact information for clients to sales information all the way through to management and protection, you have systems that have to be managed by someone.   That management and how you pay for it is going to be critical to your future and the future of the business.

I could throw a large amount of buzz words around here, cloud, virtualisation, BYOD, and the like but these are just the technology.   They are the media for you to do business.

The most important components of your ICT are resilience – the ability to react to change, culture – the get up and go of your business and finally management – how you get things done and why you do it that way.   The only way to protect this Intellectual Property is with a management and ICT system that is transparent to your business.

To make management decisions you need to see what is happening with the technology, your business has to be transparent to you.     You can do this in house with your own ICT support team and the inherent cost that come with it or you can out source it.   By outsourcing your ICT, two things happen, you get better trained IT technicians and you get a flat monthly management fee with no hidden or unforeseen costs.

You also reduce your ancillary costs within the business.   No more super, no more extra desks, seating and offices, no more replacing staff after you have trained them up because they have had better offers.   What you do get is trained ICT people, access to knowledge that your business needs to compete in your business environment and NO ADDITIONAL COSTS.

If you want some information, talk to a ICT outsource company, a Managed Services Provider and get the correct information concerning your business.    Their MSP plans should deliver Trouble Free Technology to your business.

Business continuity is not just backup and redundancy

Contingency Planning mind mapIn all SME’s there is always the fight over business continuity, disaster recovery and business resilience.   The usual arguments are based around cost and what you actually get for your money.

One of the areas that is seldom though about is historical data.   If something happens how can you roll back that database, get a copy of that old deleted email or a copy of a very important spread sheet from 6 weeks ago or more difficultly 6 months ago.

Some disaster recovery systems are only based on duplicating the data to an off site location, it is normally a regular process of writing over the old just so that the organisation has an up to date copy of the data.   Copying data to a USB drive or an external Hard drive is great if all you are interested in is the ability to recover if the building burns down.

This fails when someone has been using the test database to input real data, where the financial information has been compromised and you need to go back and dissect the information from old backups or you have been infected with a virus and do not know when it started.   When that happens, that off site DR copy is not going to help.

Not every SME does this but there is a high proportion that do not have a way to look at old information or have the capability to bring it back into the business.   Without this capability your business could suffer substantially.   A busy office, doing 200 transactions a day, rebuilding the accounting information could take days to resolve, not the type of problem that a business would like to face.

That is when you need a proper back up system, one that takes regular snap shots of your data and keeps that information in a different back up stream.

There are a number of product in the market that does this but all of them have a cost.   Just get one that suits your business,

Why you need to have all of your data encrypted!

Once again a US government department has been hacked and the data was not encrypted so the cyber criminals had full access to all of the information.   It has also been reported recently that Facebook had one million records stolen and were sold on a public board for $5.00 again no encryption, the data was in “plain text”.

So where do business, enterprises and government departments stand when it comes to keeping your information safe.   In the constant barrage of breaches, stolen information and political hactivism what rights do the normal everyday person have when it comes to having my information compromised.

Being in the business security business, I understand how these things happen, and like me, we do everything in our power to prevent them.   I also understand that the probability that all of my information has been compromised in some way is a very real possibility, but the bad guys just haven’t put it all together yet.

In the 1980’s the environment was all the rage ( not that it has changed but the way of protecting it has) with large multi national conglomerates destroying the environment just to make money, and not taking responsibility for their actions.   I remember hollywood trying to raise the political awareness of the world with movies like Erin Brockavich, with some success.   The thing that I do remember from the film is the correlation between the cost of getting caught  verses the cost of the fine and the cost of doing the cleanup.

At present cybersecurity is at that point.   The administrative cost and fines are less than the cost of making sure that your information is safe.   Until the cost of having lax security practices and systems is severely punished we will continue to here stories like the ones mentioned above.

If a radical thought like having a monetary payment based on a percentage of GDP would be a good place to start ( before the accountants and fiddle merchants get near it).   If a security breach is met with a 15% fine of GDP would it make everyone take notice.   Of course it would, the cost of getting caught with your cybersecurity pants down would have and should have a detrimental impact on the business, to such a level where it could put you out of business.

One of the best ways to make sure that all your critical information is protected it to encrypt it all at some level.   Maybe it slows down the process but it would ensure that if the information was compromised then the information cannot be read without considerable additional resources.

In all situations your cybersecurity focus is to get the bad guys to go somewhere else.   Making the process of attacking you hard, complicated or down right difficult is your one and only aim.   By removing the robotic and non target attacks, by restricting your accidental exposure and by being vigilant and paranoid then the only way that you can be attacked is directly.

To be directly attacked you need to have done one of the following – seriously pissed of someone, have a prototype or some type of intellectual property that is going to be the next billion dollar invention or you have to have access to some serious money.    If any of these are true then you already have made a serious investment in protecting it.

Essential SME business cybersecurity – the main points

To most small and medium business and not for profit organisations, cybersecurity is one of the last points of interest at the management level. This assumption is not only bad for business but it can seriously damage you reputation as well as severely compromise your cash flow.

Like anything else in business – everything is connected.   Want to take payments online then you have to implement tighter security processes to make it happen.   Some SME’s understand this correlation, many don’t!

As an SME these points are where you need to start on your cybersecurity journey.

 Everyone has something to loose

No matter who you are, what your business is and who your customers are, you are selling something to someone.   With that point comes a number of other points.   You have to protect your business.   You have to protect you business information.  You have to protect your customers and their information.   Finally you have to make sure that your staff are protected as well.

What you use to do that is a matter of personal choice, as well as how you have been sold by the best salesperson available.  Just remember one solution is not the be all and end all of cybersecurity.   Cybersecurity is a process, almost a holistic process.   All of the parts have to work together to make a secure business environment.

Before the Internet, there was such a comment as ” too small to be a target”.   This no longer applies to the Internet world.   Just by being connected to the Internet you are a target.   It is like taking you business and moving it into the worst neighbourhood in the city, putting a lock on the door and hoping that someone doesn’t steal your “stuff”.

On the Internet there are no police on the corner, there are no niceties of business.   You are a target and the only thing that you can do is arm yourself with the biggest “gun” you can find.   It would be nice if we could turn it around on the cyber criminals and go on the offensive, but we cannot.  So we have to put in place protections that will keep the cyber criminals on the outside as well as protecting those people coming to you to purchase your goods.

 Proactive and paranoia play a large part in you protection

If you are not already PARANOID, Then I suggest this is the time to do it. In the world of cybersecurity paranoid is good, because everyone is after you.  Truly after you.   They want to steal your money, your intellectual property, your business and in some cases you complete identity.

So in cricket terms, you have to get on the front foot.   You have to position your business in such a way that it is only the very clever cyber criminal who have a chance of breaching your protections.   There is no such thing as inpeneteratable, your cybersecurity objective is to make it so hard and difficult that the cyber criminal will go else where, preferably your opposition.

There are lots of things that you can use to do this but these three things are a start.    Use passwords, difficult and complicated on everything. (check this out)  Train and teach your people the art of being suspicious and questioning things that look out of place and use some level of data encryption when the information is out of your control.   Finally put a security framework around your business.

Growth and opportunities have to be tempered with protective solutions

Since SME’s have little understanding of cyber resilience and cybersecurity making the business grow without implementing some level of protection is fraught with danger.  Most SME’s understand that opportunities have to be grasped with both hands.   A cyber resilient business is not only protected now but it has the ability to react to changes in the industry that will deliver better business opportunities.

Most business that are more that ten years old have a different perspective and focus that what they had when they started.   They have seen opportunities is other markets, different markets and some in the same.   Most businesses are in areas where they did not think they would be when the wrote their business plan.

These opportunities have developed through social media, the Internet or cloud computing.   Getting your marketing and brand out there are critical to a business and it has never been easier to compete on the world stage than now.   just remember the moment you attach yourself to the Internet, you are target.

So apart from the bad and to quote a song “the future’s so bright we will have to wear shades”.    Just make sure that your cybersecurity complements you business requirements.

Can we help you and your business to a more stable and profitable business environment – A MSP can!

Most Businesses have an ICT investment of about 7% GDP  this can equate to a significant investment for any business.   Reducing that by just 1% can greatly increase your bottom line.   Most small and medium businesses and not for profit organisation need to find ways to increase profitability, reduce costs and use innovation to benefit the bottom line.  To do that the organisation needs to look at a number of available services and capabilities especially those supplied by external contractors.

The business drivers for reducing cost in all available areas of a business can be daunting so the use of a managed service provider could be beneficial to your business.

The managed services provider (MSP) should be able to do the following for a SME or not for profit organisation.

Reduce waste

By making sure that a business does not have duplicated systems, using virtualisation and increasing the capability and requirements of the in place infrastructure.   An MSP should bring considerable waste reduction to a enterprise with recommendation for better ICT infrastructure and the ability to change capital expenditure to operation expenses.

This alone will improve the organisations bottom line because the business is only paying for systems it is utilising to do business while not paying for large capital investments that put sever strain on the businesses cash flow.

[easy_contact_forms fid=3]

Increase productivity

Just like the old days where the just in time principle applied to mechanical spares, today’s business can leverage a similar capability.   The just in time principle relied on having spares in store when they were required and not eating money and storage on items that may not be used or may never be used.

When this principle is applied to today’s business it allows a enterprise to have the flexibility to add and remove storage, CPU cycles, RAM and business capability as required.   This comes from utilising cloud based systems, virtualisation of servers and desktops and the integration of BYOD into the business environment.

Increase business

Today’s business world needs to have the ability and agility to add and remove capability when required.   The ability can then be translated into your business requirements.   This allows your ICT infrastructure to be project based and deliver on those projects.   The creation and addition of required systems that can be shut down and removed on the completion of a project makes for a more flexible business environment.

It allows management and business to increase profits based on the business ideas.   No longer does a business have to expend capital to increase the capability of the business.   The use of a MSP allows for further savings for a business.   They will have the required expertise and capability on staff to allow the business to utilise them without have to increase the business spend on hardware, software, staff and training.

Enhance business agility

A good managed service provider will allow your business to be more agile in the work place.   This agility comes from the ability for the business to see opportunities and to leverage the ICT requirements to face and conquer that opportunity.

This allows the business to go off in tangents, creating better and more agile business processes and to work into newer and more versatile business environments.   An agile business can change its business direction, make profit, see further opportunities in the change and continue to change and morph to suit the business available.   This can be done with minimal changes to the ICT requirements.   Not having to put on more technical staff, more equipment or more resources makes the business more agile but by increasing your monthly cost makes for a better way to see the cost associated with your business requirements.

Enhance cyber resilience

The catch phrase of the new business world is to enforce security for all components of the business.   From the introduction of RFID to using SSL and TLS to secure information at rest as well as in transit.

Once again the MSP world can help you by knowing what your business requires to protect that critical business information.   From front facing firewalls to security access and business auditing the MSP can help secure your business data with a limited increase in the basic cost of doing business.

A Managed Security Service Provider (MSSP) can be an additional business resource with  a huge impact on the capability of the business with additional business processes and policies to enforce your business stability.

Its about the support

Most MSP’s are in the business of business support.   Yes, they are in the business to make money but most of them are looking to support small and medium business and not for profit organisations properly.   By  making sure that there is a flat fee for the technical support helps both the supported business as well as the supporting business.

The supported business knows exactly what they are going to get and how much it will cost per month.  The supporting company knows exactly how much they are going to receive and can budget and allocate resources based on their clients.   The supporting company can also allow its staff to meet stringent training and qualification requirements so that the support is always of the highest caliber.

Unlike the large support companies, IBM, Dell or IDS, most MSP’s are looking to make a profit but not at the detrimental of a really good business relationship based on mutual growth and respect.   This drives the requirements of both businesses.

To gain that respect they will often give more that they take.   From the technical support requirements to training staff in password etiquette, from disaster recovery to cloud computing advice a MSSP or MSP will make your business hum.

If you want someone to help make your business hum then contact us on this form.

[easy_contact_forms fid=3]