Managed IT Services Blog

For most organizations, the shift to remote work is not a temporary fix to meet pandemic-related social distancing requirements. It’s now a permanent feature of modern workstyles — and that is creating IT challenges.

Phone calls represent just 5 percent of all business communications, according to some estimates. Organizations have a wide range of alternatives, including email, online chat, text messages and conferencing platforms. Voice communication may seem slower and more cumbersome than these newer technologies, but it still has tremendous value.

One of the biggest dilemmas organizations face is whether to manage IT in-house or to outsource to a managed services provider (MSP). In-house IT management often seems like a good idea. The organization maintains control over IT processes and can prioritize support according to business needs.

The inland marine sector is increasingly reliant on computing technology. Tugboat and towboat operators use an array of systems and applications to automate processes, track cargo and collect valuable data on the performance and maintenance of their vessels. While some of these systems are housed on board, others are hosted in shoreside data centers and the cloud.

Ransomware and other cyberattacks targeting the global maritime shipping industry have increased by 900 percent over the past three years, according to the World Economic Forum. The numbers reflect both the increasing value of maritime targets as well as the unique challenges of securing ship-borne IT systems.

Data breaches continue to skyrocket. According to the 2021 Mid Year Data Breach QuickView report from Risk Based Security, there were 1,767 data breaches in the first half of this year, exposing almost 19 billion records. The severity of breaches is also increasing, with two incidents exposing more than 1 billion records.

Cybersecurity is one of the most significant business challenges that organizations face today. The Center for Strategic and International Studies reports that global business losses from cybercrime reached nearly $1 trillion in 2020, almost double the previous year’s losses. Cybersecurity is a risk management issue that requires board-level oversight.

The IT environment is increasingly distributed thanks to remote work and the Internet of Things (IoT). Hundreds or even thousands of devices are now accessing the network from outside the corporate data center, making it difficult to ensure performance, reliability and security. These challenges have contributed to the rise of the edge computing model.

In its June 2021 “Patch Tuesday” release, Microsoft addressed a local privilege escalation weakness in the Windows Print Spooler service. However, researchers soon found a more serious vulnerability in the service — a remote code execution attack called PrintNightmare. Microsoft issued an out-of-band patch to fix this vulnerability, and urged administrators to apply it immediately.

Organizations of all sizes are accelerating their digital transformation (DX) initiatives in response to the upheaval caused by the COVID-19 pandemic. Business leaders recognize that agile, flexible and digitized businesses have the resilience to respond to disruptive events. This is driving efforts to automate business processes, implement advanced technologies and adopt cloud services.

Managing and maintaining an on-premises data center comes with costs and challenges that often divert resources from business-enabling initiatives. In light of that, many organizations are looking to get out of the data center business by moving IT infrastructure offsite. By utilizing the services of a co-location facility, organizations can reduce overhead and improve the reliability of their IT environment.

The FBI released a bulletin on May 21, 2021, warning of ransomware attacks targeting healthcare and first responder networks. The law enforcement agency said it had identified at least 16 incidents of Conti ransomware attacks that affected the networks of U.S. healthcare facilities and first responders, including 911 dispatchers, emergency medical services, law enforcement and municipalities.

For decades, computer security has focused almost exclusively on implementing processes and technologies to protect data from theft, loss or corruption. That may no longer represent the greatest threat, however. According to a recent Claroty survey, nearly three-quarters of IT security professionals say cyberattacks on critical infrastructure represent a far larger threat than data breaches.

Now that people have proven they can work productively from home, many organizations plan to maintain a hybrid work environment in which employees can split time between home and the office. Doing so will require a strong emphasis on security — not only by corporate entities, but by workers themselves.

In January, law enforcement agencies from seven nations combined to take down DarkMarket, one of the world’s largest dark web marketplaces. Authorities say the site facilitated about $160 million in sales of stolen logins, passwords, social media credentials and other personal information.

On May 7, 2021, the Colonial Pipeline was shut down due to a ransomware attack. It was the largest cyberattack on oil infrastructure in U.S. history, prompting an emergency declaration by the Federal Motor Carrier Safety Administration for 17 states and Washington, D.C.

Regulatory compliance requirements are increasing across a broad range of industries. Between new regulations and changes to existing regulations, organizations are struggling just to keep up with the scope and depth of compliance. What was once a yearly review and assessment has become a daily effort to ensure that all processes and strategies meet the latest regulatory requirements.

In a recent global survey, almost 80 percent of remote workers reported difficulties connecting to company IT resources. Many of these challenges are related to legacy WAN architectures that don’t support today’s connectivity requirements.

Many organizations have some sort of “shopping cart” feature on their websites that allows them to collect online payments from customers. In most cases, the shopping cart functionality is purchased from a third party, and simply plugged into the website. Why reinvent the wheel if the software is readily available?

Microsoft issued emergency security patches for multiple versions of Exchange Server on March 2, 2021. The updates addressed a series of zero-day exploits that compromised hundreds of thousands of on-premises Exchange Servers worldwide. Known collectively as ProxyLogon, the advanced persistent threats (APTs) allow an attacker to open a “backdoor” in Exchange Server that can be accessed from the Internet.

At least one positive thing has emerged from the COVID-19 pandemic: It has dispelled many longstanding doubts about the feasibility of remote work. In many cases, work-from-home models have increased productivity while reducing overhead costs and enhancing employee satisfaction. In a recent PwC survey, 83 percent of employers say the shift to remote work has been successful.

The traditional on-premises IT environment is typically built on a box-by-box basis, with devices added as needed, configured independently and managed manually. Years of continually adding servers, storage and networking gear to meet evolving business needs has resulted in large, complex IT infrastructures with exorbitant operational costs.

Cybersecurity may seem like a cat-and-mouse game, but the odds heavily favor the mouse. The cat must defend against all types of attack and quickly identify any potential security weaknesses. The mouse only has to find one vulnerability in order to elude the cat.

Managed services providers (MSPs) use a variety of tools to monitor their customers’ systems and networks and protect against cyberattacks. If the MSP doesn’t follow best practices, however, they can actually introduce threats into their customers’ environments.

A network vulnerability assessment is the initial phase of any cybersecurity strategy. In the National Institute of Standards and Technology (NIST) Cybersecurity Framework, vulnerability assessments fall under the “identify” phase. They are designed to help organizations identify any gaps in their security posture and prioritize the activities needed to close those gaps. Because cyber threats are continually evolving, organizations should regularly review their IT environment in order to understand their risk exposure.