SMB Nation Blog

SMB Nation has been serving the Bainbridge Island area since 2001, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

Data Protection Best Practices for SMBs

Data protection comprises of a mix of services, all poised to ensure that IT environments do not experience data loss, data leakage and downtime. Data protection technologies hold a special place for Small to Medium sized Businesses (SMBs).

Importance of Data Protection for SMBs

As businesses grow they rely on digitalization and the data generated, as a result. Data can be classified into different types Data Protectionsuch as mission critical data, frequently accessed data, infrequently accessed data and archival data. Each type presents its own unique storage requirements and challenges. The most important type of data among this chunk is mission critical data. This is the type of data that fuels all of the processes of the IT environments of a business. If this data is lost or compromised, the business experiences an outage or downtime.

Outage or downtime tends to be very costly for businesses; they incur financial repercussions and reputation damage. If an SMB does not have adequate data protection technology and techniques, then they are more susceptible to data loss or downtime and in turn financial costs and reputation damage. In the worst case scenario, an SMB may not even recover from it.

That’s why data protection technology is very important for businesses and especially SMBs.

Now the question is “What are Data Protection Technologies?”

What are Data Protection Technologies?

The major part of data protection technologies can be severed into two: Backup and disaster recovery. Backup and disaster recovery technologies are sometimes confused with one another; however, the two are very different.

The comparison between the two is an explanation for another time but the concise difference is that backup is meant to prevent data loss in all its entirety; while disaster recovery services reduce downtime by prioritizing the restoration of mission critical data.

Data Backup Options for SMBs

Data backup options for SMBs can all be summed up in two major types: Cloud backups and On-premises backups.

On-premises backups require SMBs to acquire an infrastructure, set it up and then endure the dynamic costs of maintenance, power, cooling costs and an IT professional or a team that manages the infrastructure for them. The plus side to on-premises backup appliances is that they deliver reduced latency; if an IT environment is focused on faster data flow, then backup appliances are probably the better fit.

Cloud backups enable SMBs to acquire backup services without the acquisition of infrastructure and without initial costs. Cloud backup service providers deliver pay-as-you-go payment models. Instead of commissioning a backup infrastructure that has storage resources which sit idly until they’re used; SMBs can acquire the storage space that they need with cloud technology and then scale up later to add more space.

The most well sought after attributes of cloud technology are scalability and cost effectiveness.

The downside of cloud backups is that each time a backup file is retrieved, the process incurs charges. This requires detailed management of the backup and restore processes; otherwise, cost efficiency is compromised.

Disaster Recovery as a Service (DRaaS) Options for SMBs

Similar to backup solutions, disaster recovery solutions also come in two major forms: on-premises disaster recovery and cloud disaster recovery.

On-premises disaster recovery solutions comprise of an infrastructure that replicates data using combinations of technologies like data replication technology and snapshot technology. Disaster recovery solutions tend to be quite expensive because they need optimized technology to reduce RTOs (Recovery Time Objectives) and RPOs (Recovery Point Objectives) as much as they can.

Cloud disaster recovery solutions are less taxing and less expensive than on-premises disaster recovery solutions. However, as with all cloud based services, latency remains an issue. For IT environments that cannot tolerate latency, on-premises disaster recovery technology is the better option.

Till this point, we are now familiar with backup and disaster recovery technology and we know why data protection is important for SMBs.

Let’s explore some data protection best practices for SMBs.

Best Practices – What SMBs should do to efficiently protect their data

Before indulging in the best practices, I’d like to mention here that each business has their customized data requirements. This implies that what’s best for one IT environment may not be for another; one shoe does not fit all. It’s better to scrutinize your data requirements before setting up data protection solutions.

With that in mind, here’s a general set of recommendations pertaining to data protection for SMBs.

Setup a Hybrid Solution – Cloud and On-premises

Instead of setting up a single on-premises or cloud based solution, I recommend setting up a hybrid data protection solution that uses both of them.

Initially, acquire a backup appliance for all your backup purposes and setup cloud disaster recovery services with it. As the data grows, you can either scale-out the appliance or you can set it up with a cloud based service. The compatibility depends on the appliance and the vendor. It is important to make sure that the desired services are being offered before the acquisition of the solution.

The initial setup will accommodate all the SMB’s data requirements and as the requirements increase, the SMB can use cloud connect services or cloud gateway appliances to tap into the cloud and utilize the different storage tiers offered by major cloud service providers.

With this setup, SMBs can have a scalable solution that’s optimized to address all their data requirements and is cost efficient. This sort of a setup is basically future proof; SMBs don’t have to worry about future expansion.

The cloud disaster recovery service will ensure that downtime is reduced while keeping the cost implications in check.

That sums up my insight about the subject. What’s your take on it? Comment below and remember to share with other professionals.

Continue reading

How to Collaborate Effectively If Your Team Is Remote

by Erica Dhawan and Tomas Chamorro-Premuzic

February 27, 2018

 

Remote Team

Remote communication isn’t always easy. Do you recognize yourself in any of these examples?

At 10 p.m., a corporate lawyer gets a text from a colleague and wonders (not for the first time) if there’s a protocol about work-related texts after a certain hour.

After a long and liquid client dinner, an advertising executive opens an email from his boss reminding him to submit his expenses on time. Annoyed by this micromanagement, he immediately responds with his uncensored thoughts.

On the weekly team conference call, a remote team member is confused about whether her colleague is really on mute when she delays a response to a question or if shes just not paying attention and is using this as an excuse.

When it’s possible to be set off by a phone’s mute button, it’s safe to say that we’re living in challenging times. The digital era has ushered in a revolution in communication that’s equivalent to the one surrounding the invention of the printing press. It’s changing how we speak — often in bullet points. And it’s affecting what we hear, as the jumble of information coming at us can lead to frequent misunderstandings and confusion.

People who work on remote teams face these challenges consistently. According to recent estimates from Gallup and the Bureau of Labor Statistics, 22% of Americans work from home, while nearly 50% are involved with remote or virtual team work. This continuing shift calls for a new range of behaviors and skills.

Read More

Continue reading

Top Takeaways - Ingram Cloud Summit

Talk about a working vacation, I have returned well-rested and intellectually nourished from the just completed Ingram Cloud Summit held at an iconic, old-school Florida hotel (Boca Resort). In my earlier blog, I spoke toward CloudBlue, a new platform announced by Ingram Micro and Microsoft. 
But there were other nuggets at this event.

Here is my take.
1. SkyKick $40m Raise. Wow – that was a surprise. As I was monitoring Seattle-based GeekWire, a story broke that migration and backup ISV SkyKick closed on a $40-million investor round. It brings its

Skykick

Lauren Wood (SkyKick) with a partner.

2. Women in Technology. I attended a pre-conference afternoon panel about Women in Technology. As I like to do, I asked one question. While most of the women leaders on stage were from the corporate world, there was one like-minded SMB entrepreneur (Dao Jensen, Kaizen Tech Partners) who spoke towards feeling challenged as a woman geek in high school. I asked her about the findings in a popular book “The Confidence Code: The Science and Art of Self-Assurance---What Women Should Know” (Shipman and Kay) wherein as young people transition from tweens to teens, men become overconfident and women have a drop in confidence. Dao and the other panelists affirmed that inflection point in life and offered sage advice, experience, etc. Bottom line. A recognition that we all need to work on inspiring confidence in women.

 

womenintechnology

 

3. IAMCP Expanding. I’m a fan of the International Association of Microsoft Channel Partners (IAMCP) monthly lunch meeting in Seattle that I attend regularly plus its annual presence at the Microsoft Inspire partner conference. I wasn’t used to seeing IAMCP at a conference like Ingram Cloud Summit. It appeared to be happy hunting to recruit new IAMCP members as the Ingram Cloud Summit catered to larger partners.

4. Microsoft IoT. The coolest thing on the tradeshow floor was the Microsoft IoT SUV. IoT was the overarching theme for the Ingram Cloud Summit (hey – every conference has to have a theme). The IoT SUV was here, now and pragmatic. I felt a lot of the IoT conversations were still too far off in the future to impact today’s cash flow. But we’re getting closer. 

iotSUV

 

 

The IoT SUV was very popular! 

5. Hallway 101. Long-time readers know that I prefer to work the hallways all-day every day at conferences versus attending lectures to meet people (I wasn’t a well-behaved student due to ADHD). The good news is that there are folks just like me walking ‘da halls and open to networking. Shout outs to Jeff Ponts (DataTel) and George Mellor (KloudReadiness) for sincere business development conversations.

jeffponts
 Jeff Ponts from DataTel

george

George Mellor from KloudReadiness

Really enjoyed this event and I will repeat. Join me.

 

Tags:
Continue reading

Why Microsoft gave Windows 10 (version 1803) a different name

Rather than recycling 'seasonal' names for OS upgrades, the company changed things up this time around.

 

Microsoft Windows 10

 

Microsoft will start distributing the next Windows 10 feature upgrade, "Windows 10 April 2018 Update," today - a few weeks later then it had been expected to arrive.

The release date barely squeaked under the wire Microsoft set for itself with its labeling of the upgrade, although the company has never expressed concern when actual release dates have conflicted with each update's alternate - and numeric - title, the one formatted as yymm. That conflict continued with the April 2018 upgrade. Its 1803 moniker envisioned a March, not a last-day-of-April, debut.

 

Microsoft will start distributing the next Windows 10 feature upgrade, "Windows 10 April 2018 Update," today - a few weeks later then it had been expected to arrive.

The release date barely squeaked under the wire Microsoft set for itself with its labeling of the upgrade, although the company has never expressed concern when actual release dates have conflicted with each update's alternate - and numeric - title, the one formatted as yymm. That conflict continued with the April 2018 upgrade. Its 1803 moniker envisioned a March, not a last-day-of-April, debut.

But the new name puts a spotlight on more than just that long-standing contradiction. Here are the most likely reasons Microsoft changed Windows 10's nicknaming.

Microsoft would have exhausted seasonal names

After last year's "Fall Creators Update," for the October feature upgrade, Microsoft would have run out of seasons this month unless it was willing to upend, if not its twice-annual cadence, then the times during the year when it would issue a refresh. (There was a time when virtually everyone, including Computerworld, assumed the latest would be branded as "Spring Creators Update," a single-word upgrade on April 2017's "Creators Update.")

The protesting howls would have matched stadium concert levels.

As some noted, the naming is also northern hemisphere-centric, because south of the equator, "spring" comes in September and "fall" in March.

So, absent a decision to add Roman numerals to the nameplates - "Spring Creators Update II" or "Fall Creators Update IV" - and risk mimicking Hollywood's creative bankruptcy, Microsoft faced a forced name change.

Read More

Tags:
Continue reading

Leveraging the Power of AI to Stop Email Scammers

Staff members are on the frontline when it comes to cyberattacks against their employers. They’re increasingly seen by hackers as a weak link in the cybersecurity chain. That’s why most threats today come via email, aimed squarely at tricking the recipient into downloading malware, divulging log-ins or making wire transfers to the attacker. Trend Micro predicts cumulative losses from Business Email Compromise (BEC) attacks alone will hit $9 billion this year.

As attacks get smarter, so must we. That’s why Trend Micro is SMB Nation WhatsYourX Banners 220x150introducing two innovative new offerings to help in the fight against email scammers. One is a new AI-powered feature designed to improve BEC detection while the other will help IT teams train their employees to spot phishing attacks. It’s one more step towards taking the fight to the bad guys.

The email threat

There’s no doubt that email is the primary threat vector for attackers targeting organizations today. The Trend Micro™ Smart Protection Network™ blocked more than 66 billion threats in 2017, over 85 percent of which were emails containing malicious content.

BEC is an increasingly favored tactic as the rewards can be huge. It’s hard for many organizations to spot because attacks typically don’t contain any malware; they rely mainly on social engineering of the carefully selected recipient. That recipient, usually in the finance department, is sent an email impersonating the CEO, CFO, or other executive requesting that they urgently make a wire transfer or reply with sensitive data. With average losses topping $130,000 per incident, it’s no surprise that we saw an increase in attempted BEC attacks on our customers of 106 percent between 1H and 2H 2017.

This is not to underplay the impact phishing continues to have on organizations around the globe. By targeting employees, attackers can spread malware and covertly infiltrate networks to steal sensitive data and IP. Results from the Black Hat Attendee Survey last year illustrate the impact this trend is having on organizations.

  • IT Leaders cited phishing as their #1 security concern
  • Phishing was identified as the most time-consuming threat
  • The weakest link in IT security was cited as end users being tricked by phishing attacks
  • 19 percent rated phishing as the most serious cyber threat to emerge within the past year, second only to ransomware

Taking action

The potential financial and reputational damage of such attacks is obvious. In the face of these rising threat levels we must hit back — and we have, with two new free tools.

Writing Style DNA includes new AI-powered technology that learns how executives write so that it can spot impersonation attempts, and sends a warning to the implied sender, recipient and the IT department. It sounds straightforward but requires serious computing power and smart AI algorithms to achieve. For each user, a personal model is created using 7,000 features of writing characteristics to train the system — things like punctuation and sentence length. We convert emails to meta data before analyzing, to protect customer’s privacy and meet compliance requirements.

Focusing on the writing style in the body of the email complements existing techniques that analyze behavior and intention. Some of these current techniques can fail if, for example, the attacker uses compromised accounts at legitimate domains to hide the true origin of the email. It’s one more tool to help IT teams push back the rising tide of email threats, and it will be made available at no extra cost as part of Cloud App Security (CAS) for Office 365 and ScanMail for Microsoft Exchange (SMEX),

First line of defense

Technology is a vital layer of defense to keep email threats at bay. But what about your employees, who are often thought of as the ‘weakest link?’

We can help here, too. A new free SaaS-based phishing simulation service can help IT teams train employees to spot attempted attacks before they have a chance to impact the organization. Phish Insight is all about enhancing awareness of your staff. All it takes is one administrator, four steps and five minutes to run a real-world exercise designed to mimic what employees might see at their desks.

With the detailed reporting results, displayed in a handy graphical interface, IT teams can then tailor their education programs to make lasting behavioral changes.

Phish Insight is now available free of charge to all organizations of all sizes around the world. The service has been available for a year in Asia and has generated huge interest as organizations leverage it to turn their weakest link into a formidable first line of defense. As email threats continue to rise, we’d encourage you to take a look.

To stop phishing and social engineering attacks it is critical to make both your people and your technology smarter. Phish Insight trains your people to better spot phishing attacks and Writing Style DNA confirms the authorship of an email to prevent CEO fraud and other types of BEC attacks.

Tags:
Continue reading