Managed Services- Explained

You may have heard the term or asked the question, "what is a Managed Service Provider?". Well, I am here to hopefully answer any question of what an MSP is, when they began, how they have transformed, how All Mountain Technologies serves as our partner's Managed Service Provider, and why our service is of great value.

To begin, Managed Services are a way of outsourcing management for all IT systems of a company, taking over responsibilities and resources on behalf of the client in order to strategically improve their IT operations. Ultimately this cuts expenses, downtime, and allows the client to focus on their business. Managed Services are a direct alternative to the break/fix model that directly affects a business' ability to operate efficiently. The break/fix model was often extremely costly because it caused businesses to have excessive downtime, lost files, and the extra high expense of hiring IT help to bring the business back to an efficient working place. Managed Services is a subscription or partnership model where the client or company pays monthly for delivered managed services that provide on-going support of technological systems. Some of the systems that All Mountain Technologies supports as a Managed Service Provider are firewalls, the cloud, servers, Office365, domains & SSL's, file share, and VoIP.

The break/fix model was the first to rise as a service to IT systems in the early 1990's as businesses both small and large began to adopt more complicated computer and phone systems. By the late 90's to early 2000's, managed services began as a new model of service for business that gave rise to increased productivity and less downtime in the workplace.

Today, it is more important than ever to protect businesses with a team of IT professionals. As technology moves forward at an increasingly rapid rate, it is even more difficult to keep up without a team of experts providing support for a company's IT systems. Viruses, malware, and ransomware attacks increase in rate as technology moves forward making it imperative that environments are made secure. Reactive IT is much more painful and costly than remaining proactive in approach. 

Modern companies understand what it takes to keep their businesses running efficiently and it is becoming increasingly common and resourceful for even small companies to partner with Managed Service Providers. In fact, according to Garter, IT outsourcing is among the fastest growing security sectors. Companies are becoming unable to manage their IT systems in a cost-efficient and secure manner on their own. It is estimated that by 2020, that over 60% of organizations will have invested in managed services that focus on security such as data-loss prevention and encryption (Garter 2017). Currently, around 35% of companies are utilizing these tools to protect their environments. 

All Mountain Technologies is dedicated to empowering our partners to think differently about how they approach technology. This is a primary reason why we pride ourselves as a Managed Service Provider that partners with our client's companies to provide an optimized and secure IT environment. 

 

When it Comes to Cybersecurity, Your End-Users are the First Line of Defense

Phishing is one of the main cybersecurity risks that an organization can face. Regardless of size or location, every business is at risk because hackers do not have a specific target. Phishing is the fraudulent practice of sending emails pretending to be from reputable companies to trick individuals to reveal personal information, such as passwords and credit card numbers. Although there have been widely publicized stories about company info being compromised, many businesses still don’t have a cybersecurity plan in place.  

Cybersecurity starts with educating your end users. Do your employees know not to click on links that people send to them unless they’re sure the links are coming from trusted sources? To help with the end-user education, Office 365 comes with a cool feature that allows you to send fake phishing emails to your employees/end-users to test whether they’d click on a malicious link or engage in other unsafe behavior. These emails can be fully customized. You can send a customized, fake phishing email and get a report on the end-users that failed the test.

1200px-Cybersecurity.png

 

Here are steps you can take to make cybersecurity a top priority:

Implement a cybersecurity policy and procedure document.
It doesn’t matter if you’re a one-person organization or a 100,000 – you need to detail your action items long before a threat is identified. This document should contain a section that details action items, in case your end-users encounter perceived or real compromises.

Build your cybersecurity strategy around educating your end-users.
It is rare we see hackers jumping past a company's firewalls to compromise their network because it is too time consuming and expensive. In a hacker's mind, it is far easier to send a phishing email to employees and let them do all the hard work (like clicking on a malicious link). It's likely every one of your employees has an email address, access to the internet, and the ability to fall victim to a hack. Educating your employees is the easiest and cheapest way to prevent attacks. 

Have tools in place to help prevent the potential for compromise.
Cybersecurity protection doesn’t just come from making sure your end-users don’t click on the link or visit a site they shouldn’t. We’re human after all, and as humans, we make mistakes. In addition to preventive education, make sure you have additional tools in place such as Advanced Threat Protection. In the event your employees slip up, this keeps you protected. 

Use a tool that creates a fake phishing email and see how many of your end-users open it.
One tool we suggest is the Office 365 testing tool. This can really help in determining which end-users in your organization could fall victim to phishing attacks and other malicious activities. This type of reporting becomes critical to understanding how effective your cybersecurity program is. If you see a lot of your end-users failing the test, perhaps you need to put more into their training.

Long term, some businesses deploy a cybersecurity awareness certification program as a part of their continuing education process. Look at your business and employees, assess the cybersecurity needs, create an action plan, and continue to educate your staff. 

If you have any questions regarding cybersecurity or education tools, contact your AMT System Administrator today. Stay safe out there! 

 

 

 

 

Be Prepared. Be Aware. The "Krack" Edition.

KRACK IT all mountain tech technology technologies WPA2 vail Managed service provider

When approaching the issue of the latest news of the new found vulnerability in the industry's WPA2 standard, I knew we'd need to interview one of amt's experts, a Technical Account Manager (TAM). Jon Van Cleve was more than willing to clarify the issue in the most straight forward and to-the-point manner. Below is a quick review of what to know, do, and prepare for when approaching the possible vulnerabilities within your network.

What is “KRACK”? – KRACK stands for Key Replacement AttaCK and is a flaw in the WPA2 wireless security standard. WPA2 has been the main method of securing wireless networks since 2005 or so, and is very common.

How can it affect my network? - It can allow someone who is connected to your network to see all non-https traffic on your network. This includes sites visited, passwords typed in, and any other information between you and the non-https site.

What can I do to protect myself and my work environment? - You can update all your devices, phones, laptops, PCs. Unfortunately, many devices won't see updates such as older devices and hardware. Apple and Windows automatically updated IF you are in-line with current updates and newer systems. Double check all carriers and devices to be sure they are covered and updated.

How is the WPA2 standard vulnerable and what is the "4-way handshake"?  – Part of WPA2 is built-in encryption, which is supposed to keep your data private. However due to a flaw in WPA2, someone already connected to the wireless network can get the encryption key during authentication, more specifically in phase 3 of the 4-way handshake. Once they have this key, all internet data is potentially vulnerable across all devices on the network.

What does it mean to be patched and how can I make this process happen? - The best process would be to research your device model and KRACK attack procedures. To be patched means having the latest updates of your manufacturing device/network and maintaining suggested standards of security. Microsoft, Apple, and others have release patches.

For more information you can check out this Wired article that does a good job at approaching the issue. If you're one of our clients, please contact us if you have further questions and concerns. 


Jon Van Cleve, Technical Account Manager & Kendra Smith, Marketing and Sales 

 

America Recycles Day with the Town of Vail

mountains lake aspen america recycles day all mountain tech technologies technology IT.jpg

All Mountain Tech is joining the Town of Vail on November 15th to celebrate America Recycles Day, "one day to celebrate an entire year to act". This event will be free to the town of Vail residents, property owners, and employees. The day will be dedicated to collecting e-waste items such as old computers, phones, TV's, and stereos as well as educating the public on how to properly dispose of electronics in the future. If you have excessive quantities of electronics charges may apply. 

As of 2013, the state of Colorado prohibits the disposal of electronics to Colorado landfills. If you are living in Eagle Country you can take your e-waste to the Eagle County Household Hazardous Waste Facility that is located near the landfill. The cost to recycle these materials is .20 cents a pound.

Why should we properly recycle electronics you ask? Well, there is a long list of reasons, but I'll give you the short answer. 

Electronics contain numerous harmful substances including mercury, lead, and lithium. When these items are thrown into local landfills their harmful toxins can seep into the ground and eventually into our ground water. Besides already being toxic to our natural environment, e-waste is very harmful to the human body when found in local water. This is why it is important to properly dispose of our household and business e-waste.

Whether you are local or remote, we look forward to you participating in America Recycles Day!