Posts Tagged ‘data security’

Security Mistakes Businesses Make

Posted on: September 27th, 2016 by jiml | No Comments

Many of our blog postings have something to do with data security in one form or another. The reason is because today’s world is different than the world was five years ago. If you have not changed the way you are securing your critical data and systems over that time, your measures are likely no longer sufficient. Threats like ransomware present significant risks to businesses today. Did you know your business could get fined by the FTC if your business becomes the victim of ransomware? Here are some of the top mistakes we see being made in regards to security:

  • Using the same passwords for different uses
    We are still seeing the repercussions from the LinkedIn hack a few years ago. If you were notified about the hack and just changed your LinkedIn password, you may not have done enough. The hackers had a list of emails and passwords from the hack and then tried those same credentials at different sites. “Let’s see if those credentials work on Facebook…..or Chase bank perhaps.” If you are using the same password for multiple applications you are at risk if one of those sites is compromised.
  •  Not keeping employees up-to-date on security threats
    As we mentioned in the introduction, the world is changing and new security threats are out there such as ransomware, scareware and social engineering scams. Are your employees or coworkers up to speed on the threats they might face? Do they know how to react if they encounter one? Awareness training is a key component to a comprehensive security plan.
  • Not using web browsing controls
    Web browsing controls, sometimes called content filtering, used to be considered an optional item for businesses. In today’s environment, we consider it a necessity. A good content filter will block known bad sites to prevent users from accidentally (or purposefully) going to site that can infect their business computer. There are many forms of malware that attack through web browsers. You should have the mindset that when you are using a web browser, you are in the danger zone. Web browsing involves connecting to other computers that your organization does not control and must trust.
  • Failing to review security policy and protective measures regularly
    This is how businesses fall behind the curve with security. Systems are put in place and the security of those systems are never regularly reviewed to see if they are keeping up with the evolving security threats they might face. Who is responsible for this in your organization?

These are just a few of the mistakes we see businesses making. The result is that your business is put at risk. Are you making any of these mistakes? Contact us at Colden Company and see how we can help remediate these issues for you and protect your critical data and systems. Call us at 888-600-4560, email us, or visit us on Facebook or Twitter.

What Do Businesses Want From Their IT Company?

Posted on: July 29th, 2016 by jiml | No Comments

The question “What do businesses want from their IT company?” is a question we have been asking both formally and informally for many years here at Colden Company in an effort to make sure we are providing our customers with the best possible service. At a recent conference we attended, the same question was posed to businesses around the country by CompTIA for their annual study of the MSP market. As much as I would like to believe we have been selected by our clients for our technical expertise and the numerous technical certifications we hold as a result in our investment in continuing education, it is not the top factor in choosing an IT company. (It is a factor in retaining customers and customer satisfaction) Being able to resolve the technical problems is expected and while this is an underlying reason why many business choose to switch IT companies, it is not on the top item businesses look for when asked. What is the top quality businesses are looking for when choosing an IT vendor? Responsiveness.

Colden Company is very proud of our responsiveness and this is most often listed on our satisfaction surveys as a reason our customers have given us a 98% rating. According to a study done by SAManage, the average helpdesk response time to a high priority issue is eighteen (18) hours. Low priority issues take even longer on average to get a response. Here at Colden Company, we conducted a six month study of our response times in 2015 and found that we handled over 90% of customer calls immediately by answering the phone with a qualified technician and our response to emailed support requests was an astonishing 10 minutes.

If responsiveness is the top quality when searching for an IT vendor, what is the top concern that businesses want their IT company to address? According to the 2015 CompTIA MSP survey, a new item is at the top of the list: security. It is understandable, in these times, why security would have moved to the top of the list. Did you know that Colden Company has a Security Service offering? We perform a basic audit of your systems, looking at password requirements, conduct an active directory review, vulnerability scanning and much more. The protections that kept your business safe five years ago, or even a year ago, may not be enough in today’s environment. Security threats are on the rise both in terms of the number and severity. That is why we, at Colden Company, have pursued additional expertise in this area and are Security + certified as well as Disaster Recovery certified. We understand the threats that are out there that can harm your business. Let us help you protect your business and your critical data. As recent news stories show us, most companies are not aware of their security vulnerabilities. Call us to discuss a review of your network and data security. Better to spend time preventing a breach than recovering from one.

To get the process started, contact Colden Company at 888-600-4560, email us, or see us on Facebook or Twitter.

Who is driving the communication tools at your business?

Posted on: June 28th, 2016 by jiml | No Comments

As the summer season is here and employees are taking vacation time, there are unique business communication challenges that crop up. Today’s vacations are rarely fully unplugged vacations where an employee disappears for two weeks and returns fresh and completely unaware of what transpired over that time frame. In today’s connected world, even vacationers are checking email and staying connected to their job in a variety of ways.

That variety of ways to stay connected with information remotely is an important topic for us to consider. Are the methods your employees are using to communicate secure and driven by the company or are they using solutions that employees have implemented themselves to bypass a particular set of problems? For example, we have seen countless times where employees setup up personal Dropbox accounts and store company information on those accounts. This allows the employee to access that information from home or from vacation. As a business is this what you want? Once company data is taken from the secured company environment and placed outside of that, you as a business lose control over the security of that data. Do you really want your sales people having the capability of dumping customer lists onto their Dropbox accounts?

As a business, you want to drive the tools your company uses. Taking our example above, there are secure cloud synchronization tools that can be deployed. The business sets up the access and permission levels while still allowing cloud access through a browser or mobile device for those users out in the field or on that summer vacation. If that salesman were to leave the company, instead of being in a situation where you do not know what information he or she has taken off with, you can remove access as part of your exiting employee checklist.

This is, of course, just a single example of the many tools available for collaboration. Slack channels are becoming popular as a communication tool, replacing other instant messenger type applications. The issue is again, who is driving the use of those tools? Is that communication recorded in case of a legal requirement? Are these tools taking away the effectiveness of the company tools your business has already laid out? These are questions that require asking and perhaps the most important question is “Is your business reacting to the communication trends on the market or do you have a strategy to implement secure and productivity enhancing tools for your employees?”.

At Colden Company, we have experience guiding businesses toward manageable and secure solutions that increase productivity. Whether it be implementing MDM (Mobile Device Management) solutions to control what company data and applications are pushed to mobile devices, or implementing collaboration tools like Skype for Business or Slack, we can provide your business with those productivity gains while reducing the risk exposure. As we like to say at Colden Company, “If you are running your business the same way you were three or four years ago, you are not staying the same, you are falling behind”. Your competition isn’t staying still and neither should you.

To get the process started, contact Colden Company at 888-600-4560, email us, or see us on Facebook or Twitter.

It’s a New Year!

Posted on: January 1st, 2014 by jiml | No Comments

Happy New Year to everyone from the team at Colden Company! We wish you all a healthy and prosperous 2014. Last year at this time, we wrote a blog posting about how 2013 could be the year of the cloud for many of our customers.  Certainly we saw activity in that direction and we see continued movement toward cloud-based applications.  One of the unanticipated stories of the year was the NSA spying scandal and how our very own government has been spying on us and most of our largest cloud vendors like Google, Microsoft and many more.

Computerworld – U.S. cloud firms face backlash from NSA spy programs

These revelations made many who were considering the cloud to ask the question “How secure is my data in the cloud?”  The answer to that is not as simple as we once thought. It is now clear that our government has the ability to hack very high levels of encryption.

NY Times – N.S.A. Able to Foil Basic Safeguards of Privacy on Web

Many cloud solutions can offer higher levels of security than businesses can afford to provide themselves.  On the flip side of that coin, large hosting providers are more likely to be targeted by hackers or governments.  Hence they are bound to be targeted by more sophisticated attacks by the law of averages.  Does that make your data safer or less safe in the cloud?

The answer is, of course, it depends on what you are comparing it to. How secure is your internal infrastructure should you choose an on-premise solution? What are the costs of bringing the internal security up to a sufficient level to be comparable?  The answer to these questions can push a business in one direction or another.  Of course, there are other considerations besides security to base a decision on.  Usability, manageability, disaster recovery, feature sets, and application integration are all notable factors that can greatly impact the final decision to use the cloud or not. All are topics we could spend time discussing, but will defer to another date in favor of a discussion on cloud security.

There are new security questions to ask when considering the cloud as a place to store our important data.  “Who do we want to protect our data from?” is now a legitimate question to ask. The thought that we have to protect our data from our own government’s spying is a terrible affront to our rights but a topic for another forum.  From a technology perspective, we want to protect our data from our competition, hackers, and in general anyone who should not have access to it.  As we mentioned previously, cloud solutions are a double-edged sword and proper vetting of your cloud vendors is a must. Not all vendor solutions are equal in terms of functionality let alone security.  The next logical question is “What data are we protecting?”  Are we protecting sensitive data like credit card numbers, social security numbers, financial or health information?  Those protecting what we would term as “sensitive information” need to take extra precautions with that data.  The type of data is a factor in determining the required levels of data security. Also consider that there is a big difference between protecting data “in-transit” versus protecting stored data. Data in-transit is more susceptible to wiretapping such as that used by the NSA as opposed to stored data, exposure of which would require a direct attack on the data centers of hosting or service providers.

Colden Company is still a proponent of certain cloud solutions and the NSA scandal has not changed our view. The cloud is not going away, nor is it for everyone.  Each business brings a unique set of circumstances, and while security of your data is a discussion to have, it is far from the only discussion. The important thing is to have the discussion. The best decisions are informed ones. If 2013 was the year of the cloud, let’s make 2014 the year of security!

Need help getting the conversation to the secure cloud started or finding a solution to secure your data – no matter where it resides?  Call on us at Colden Company today.  We can be reached at (888) 600-4560 or at   Like us on Facebook and follow us on Twitter (@coldenco) as well!  Happy New Year All!