Managed IT Services Blog

The FBI released a bulletin on May 21, 2021, warning of ransomware attacks targeting healthcare and first responder networks. The law enforcement agency said it had identified at least 16 incidents of Conti ransomware attacks that affected the networks of U.S. healthcare facilities and first responders, including 911 dispatchers, emergency medical services, law enforcement and municipalities.

For decades, computer security has focused almost exclusively on implementing processes and technologies to protect data from theft, loss or corruption. That may no longer represent the greatest threat, however. According to a recent Claroty survey, nearly three-quarters of IT security professionals say cyberattacks on critical infrastructure represent a far larger threat than data breaches.

Now that people have proven they can work productively from home, many organizations plan to maintain a hybrid work environment in which employees can split time between home and the office. Doing so will require a strong emphasis on security — not only by corporate entities, but by workers themselves.

In January, law enforcement agencies from seven nations combined to take down DarkMarket, one of the world’s largest dark web marketplaces. Authorities say the site facilitated about $160 million in sales of stolen logins, passwords, social media credentials and other personal information.

On May 7, 2021, the Colonial Pipeline was shut down due to a ransomware attack. It was the largest cyberattack on oil infrastructure in U.S. history, prompting an emergency declaration by the Federal Motor Carrier Safety Administration for 17 states and Washington, D.C.

Regulatory compliance requirements are increasing across a broad range of industries. Between new regulations and changes to existing regulations, organizations are struggling just to keep up with the scope and depth of compliance. What was once a yearly review and assessment has become a daily effort to ensure that all processes and strategies meet the latest regulatory requirements.

In a recent global survey, almost 80 percent of remote workers reported difficulties connecting to company IT resources. Many of these challenges are related to legacy WAN architectures that don’t support today’s connectivity requirements.

Many organizations have some sort of “shopping cart” feature on their websites that allows them to collect online payments from customers. In most cases, the shopping cart functionality is purchased from a third party, and simply plugged into the website. Why reinvent the wheel if the software is readily available?

Microsoft issued emergency security patches for multiple versions of Exchange Server on March 2, 2021. The updates addressed a series of zero-day exploits that compromised hundreds of thousands of on-premises Exchange Servers worldwide. Known collectively as ProxyLogon, the advanced persistent threats (APTs) allow an attacker to open a “backdoor” in Exchange Server that can be accessed from the Internet.

At least one positive thing has emerged from the COVID-19 pandemic: It has dispelled many longstanding doubts about the feasibility of remote work. In many cases, work-from-home models have increased productivity while reducing overhead costs and enhancing employee satisfaction. In a recent PwC survey, 83 percent of employers say the shift to remote work has been successful.

The traditional on-premises IT environment is typically built on a box-by-box basis, with devices added as needed, configured independently and managed manually. Years of continually adding servers, storage and networking gear to meet evolving business needs has resulted in large, complex IT infrastructures with exorbitant operational costs.

Cybersecurity may seem like a cat-and-mouse game, but the odds heavily favor the mouse. The cat must defend against all types of attack and quickly identify any potential security weaknesses. The mouse only has to find one vulnerability in order to elude the cat.

Managed services providers (MSPs) use a variety of tools to monitor their customers’ systems and networks and protect against cyberattacks. If the MSP doesn’t follow best practices, however, they can actually introduce threats into their customers’ environments.

A network vulnerability assessment is the initial phase of any cybersecurity strategy. In the National Institute of Standards and Technology (NIST) Cybersecurity Framework, vulnerability assessments fall under the “identify” phase. They are designed to help organizations identify any gaps in their security posture and prioritize the activities needed to close those gaps. Because cyber threats are continually evolving, organizations should regularly review their IT environment in order to understand their risk exposure.

The maritime industry is increasingly reliant on IT systems for day-to-day operations. While IT helps optimize costs, increase efficiency, enhance safety and more, it also comes with a greater risk of cyberattacks. The rapid evolution of the IT environment and connectivity between IT and operational technology (OT) systems only adds to the potential vulnerabilities and threats in the maritime sector.

People have been talking about “digital transformation” for several years but not doing a lot about it. That is until the COVID-19 pandemic hit, and businesses were forced to retool their business models virtually overnight. In a recent study by Software AG, 97 percent of IT professionals said they went through some kind of digital transformation (DX) project in 2020.

The near-overnight shift to remote work models created a perfect storm of security challenges. Employees were suddenly working outside the secure perimeter, and IT teams were focused on providing connectivity to corporate applications and data. Even organizations that already had a distributed workforce had to quickly scale up their remote access infrastructure.

Organizations are increasingly reliant on WAN connectivity for branch locations and remote sites. Employees need a reliable and secure network to access corporate IT resources and cloud services. Bandwidth demands are growing due to the rise of latency-sensitive applications such as video conferencing.

Risk management is vital to any organization but especially important in healthcare. Business and clinical leaders must continually identify and evaluate risks to minimize the chance of injury to patients, staff and visitors. Healthcare organizations must also consider financial and reputational risks and establish processes for responding to incidents and controlling damage.

Software-defined WAN (SD-WAN) adoption has been driven by a need for greater agility, reliability and performance. Legacy WAN architectures are complex, expensive, and difficult to provision, maintain and support. SD-WAN creates a more intelligent network that reduces telecom costs and simplifies remote connectivity.

Inland marine services are just as vital to the energy sector as offshore operations. In fact, much of the nation’s crude oil, refined fuels and other energy products are transported by barges. These in turn rely on tugboats and towboats for propulsion and maneuvering.

Communication and collaboration tools have been a lifeline for employees working from home. Voice and video conferencing, chat and instant messaging, presence, and document sharing have enabled remote workers to stay in contact with colleagues and streamline workflows.

The rapid shift to work-from-home models has largely been successful, enabling public- and private-sector organizations to keep functioning and meet social distancing requirements. The benefits have been so great that many organizations plan to offer remote work options after the pandemic has abated. A Cisco survey conducted between June and September 2020 found that 37 percent of organizations expect to continue work-from-home arrangements long-term.

The term “managed IT services” is commonly used in the IT industry and widely misunderstood. What IT services are managed? Who is managing them and why?

Email remains a primary vector for cybersecurity threats. According to the Verizon Data Breach Incident Report, 94 percent of malware is spread via email, and phishing accounts for 80 percent of social engineering attacks. Losses associated with phishing attacks averaged $17,700 per minute in 2019, according to data from RiskIQ.