We all value work and family balance. But during the holidays, that seesaw tends to teeter more toward family, even when end-of-year deadlines hang over our heads.

No one wants to be the office jerk who says NO to flexible working routines. However, if you say yes, you may open your business up to increased (cyber)security risks – unless you have clear Work From Home strategies.

A recent study by Tenable found that 67% of business-impacting cyber-attacks targeted remote employees.

Working remotely is like having your cake and eating it too. Still, it’s entirely appropriate to ask your employees (and yourself) to eat the cake at the dinner table.

What we mean is that to support your employees’ productivity and company security, make sure you’re implementing some Work From Anywhere (WFA) best practices.

Just as they can’t eat the cake off the floor, if your employees are going to work from home or Grandma’s basement, they need to check that their setup meets simple expectations.

Work From Home Best Practices

• A Decent Internet Connection: Most video calls require at least 5 Mbps, but 50 to 100 Mbps ensures that multiple people can stream at once without issues.
• Access Shared Company Resources: Make sure employees have tested their connection off your company’s network BEFORE they leave. Can they access the VPN? Are their login credentials stored safely in a password manager?
• A Place To Work: Preferably a room with a door (that closes…and locks). Nobody wants Grandma crashing a Teams meeting. Noise-canceling headphones are also an excellent idea.
• Agree On Core Working Hours: If your employees are working remotely (not taking vacation), make sure they’ve agreed to be available at certain times, including team meetings. Yes, this means they can’t watch their kids and should have childcare set up.
• Have A Project: Especially for short-term Work From Home situations, having a clearly outlined deliverable is an easily tracked productivity metric. They either got it done or they didn’t.

Have A Cyber Security Policy

According to Tenable’s survey, 98% of remote workers use a personal device for work every single day. A cyber security policy includes all aspects of your company, not just remote work. However, remote work is unique, and you may need to take extra steps to protect your business if remote work is happening at your company.

This includes installing security software on devices and enforcing multifactor authentication on their device, work applications, and when accessing the company’s network.

Train your team on at-home security, like how to spot phishing e-mails, create strong passwords and keep kids or other family members away from work devices.

Work From Home Strategies - Conclusion

Nobody wants to get tied up in a security snafu or lose productivity over remote work.

Make remote work policies a core pillar of your company so that whenever an employee requests time off, you have a policy in place to ensure they can do their best work and do it safely!

If you are not sure where to start with your Work From Home policies, give us a call at 732-926-0112 in New Jersey, or leave us a message here!

In the meantime, you can also check our previous post about How To Enable Remote Work Without Exposing Your Entire Business To Cybercriminals.

Businesses face a growing number of cybersecurity threats. Cybercriminals are constantly evolving their tactics, making it imperative to prioritize their organization's security. One crucial step in fortifying your business against potential breaches is conducting a comprehensive security risk assessment. Let’s look at the significance of security risk assessments and how they can shield your valuable data from falling into the hands of malicious actors on the dark web.

Understanding Security Risk Assessments

A security risk assessment is an in-depth evaluation of your organization's digital infrastructure, systems, and processes. It aims to identify vulnerabilities and potential threats that could compromise the confidentiality, integrity, and availability of your sensitive data. By analyzing your current security measures, a risk assessment helps you gauge your organization's resilience to cyber threats, enabling you to implement targeted mitigation strategies.

Why Security Risk Assessments Matter

1. Proactive Threat Identification: Hackers often exploit vulnerabilities that go unnoticed until it's too late. A security risk assessment enables you to proactively identify and address potential weak points in your network, applications, and data storage.
2. Compliance and Regulatory Requirements: Depending on your industry, you may be subject to various compliance regulations that mandate data protection measures.
   Conducting a security risk assessment ensures that your business aligns with these requirements, helping you avoid costly penalties and reputational damage.
3. Data Protection and Client Trust: Data breaches can have severe consequences, including financial loss, legal ramifications, and damage to your brand's reputation. By investing in security risk assessments, you demonstrate your commitment to protecting your clients' sensitive information, fostering trust and long-term relationships.
4. Dark Web Threat Mitigation: The dark web has become a thriving marketplace for stolen data, offering cybercriminals a platform to sell and exploit compromised information. By conducting regular security risk assessments, you can identify vulnerabilities that may expose your data. This knowledge empowers you to implement robust security measures, reducing the likelihood of your data being discovered and abused in illicit activities.

Securing your organization’s digital assets is of paramount importance. By conducting regular security risk assessments, you gain crucial insights into potential threats and vulnerabilities, which allows you to implement targeted security measures. Protect your data from ending up on the dark web with a proactive and comprehensive approach. Click here to learn more about how we can help!

In today’s fast-paced world, it can be challenging to stay focused and productive. With constant distractions from social media, e-mail notifications and other online temptations, it’s no surprise that many people struggle to get things done.

Fortunately, technology can also be an asset to help you stay on task and reach your goals, regardless of whether you’re trying to accomplish things in the workplace or in your personal life. By using the right tools and strategies, you can harness the power of technology to boost your productivity and stay focused on important tasks.

Use apps and software to help you stay productive

One of the most effective ways is to utilize the right apps and software.

Countless productivity tools are available, each with unique features and benefits.

Time-tracking apps like Toggl and RescueTime allow you to track how much time you spend on any given task. You’ll quickly identify where you’re wasting time and can make adjustments to reclaim it.

Productivity apps like Asana and Trello can help you create to-do lists and track progress toward accomplishing essential company tasks and projects.

Focus apps like Freedom and SelfControl are also worth looking into if you are continually tempted by distractions. These apps allow you to block access to certain websites for a specified amount of time, which will help you avoid social media platforms and news websites when you should be focused on your work.

Some apps and tools are free, while others require a subscription or a one-time fee.

To determine the best apps for your situation, you should consider various factors, including your work style, goals and your budget.

Organize your digital work environment

In addition to the many apps that are available, another key strategy involves cleaning up and managing your digital environment. If you use a computer for work, it’s not uncommon for it to become cluttered over time. Clear out applications and documents from your home screen that are no longer needed, and disable those pesky pop-up notifications. Doing so will often boost your computer’s processing power.

Organization is a crucial part of tidying up your digital workspace. If you’re not already using a cloud-based platform, like Google Drive or Microsoft OneDrive, to keep your files organized, now is the time to do so.

If you do use a cloud-based platform, when did you last go through it? Set some time aside every other month to go through your documents to ensure they’re organized in a way that makes it easy to access them. Create subfolders and date everything to truly maximize your efficiency.

These platforms will also allow you to share your documents with minimal effort. And if you’re well organized, you won’t get distracted while hunting for a specific document.

Leverage communication tools

If you work remotely and find that your productivity suffers when you need to contact an employee or a co-worker, communication programs like Zoom and Slack allow you to facilitate real-time collaboration and better connect with your team.

Be careful, though, since communication apps can be a double-edged sword. Yes, they can improve productivity, but they can also redirect your focus if you get pulled into conversations that aren’t work-related. If you find yourself constantly distracted by communication from other team members, set specific times to check your notifications.

Last tech productivity tip

As a final tip, if you need additional support when it comes to staying productive and focused, utilize a digital assistant like Amazon’s Alexa or Apple’s Siri. These assistants can be programmed to remind you about important tasks and deadlines before they get too close. They can schedule tasks, help you plan your day and even answer questions quickly.

We don’t have to think about technology only as a distraction. Once you find the right apps and technological tools that fit your work style, you’ll notice an immediate improvement in your productivity.

As a small or medium-sized business (SMB) owner, you may not have the same level of resources as large corporations. However, that doesn't mean you should overlook the importance of protecting your business from cyber threats.

Identifying the most critical aspects of your business that need protection and focusing your resources on those areas is a star.
There’s also another component that can protect the business as a whole: your team.

The "MVP" or Most Valuable Player mindset puts your employees at the forefront of defense.

We can help you to make your entire team a roster of MVPs.

We’ll perform a cyber security risk assessment to identify gaps on your current defenses or any potential risks.
This cyber security risk assessment will review the following in your business:

1. • Digital assets
2. • Customer data
3. • Financial information
4. • And intellectual property

We will identify which of these assets are critical to your business's success and could cause the most damage if they were compromised.

Next, we’ll implement measures to protect those critical assets.

These cybersecurity measures include:

1. • Using strong passwords
2. • Multi-factor authentication (MFA)
3. • And encryption to secure your data.

We will also implement our ongoing cybersecurity training program.
This will help your employees recognize and avoid potential threats like phishing emails or malware.

Then we’ll create a plan in place for responding to a cyber-attack.
This will include clear protocols for reporting and responding to security incidents, and make sure all employees are aware of the steps they should take in the event of an attack.

We’ll reinforce your business cyber-defenses by regularly review and update your cybersecurity measures as new threats emerge.

By taking a proactive approach to cybersecurity and focusing your resources on protecting your most valuable assets, you can help reduce the risk of a damaging cyber-attack on your SMB.
You will also contribute to reducing the costs of insurance and cyber insurance for your business.

If you don’t currently have any proactive cybersecurity plan ongoing or if you want to strengthen the one you currently have, we can help!
Give us a call to 732-926-0112 or leave us a message here, and one of our cyber security experts will get in touch with you.

Give Your Business An Advantage By Paying Attention To Important IT News And Trends

The year 2022 was a big one for IT, experiencing growth in all areas, especially for IT infrastructure in remote work due to the pandemic.

When businesses fail to have updated IT infrastructure in place, regardless of company size or location, their customers’ and employees’ sensitive information is at risk. By investing in proper IT infrastructure, businesses can improve productivity while saving money. It’s a win-win situation.

Keeping that in mind, business owners need to be aware of changes in the IT industry so they can best protect their businesses and customers.

The IT industry is continuing to grow, so you must make necessary updates.

Here, you’ll find the most important IT news and trends of 2022. Understanding these trends will help foster success into 2023 and beyond.

Increased Need For IT Services Due To Remote Employees

One of the biggest challenges for many industries was the need for reliable IT services for remote employees.

Businesses had to send their employees home, so they needed to find ways to ensure their information would stay protected.

"When businesses fail to have updated IT infrastructure in place, regardless of company size or location, their customers’ and employees’ sensitive information is at risk."

To fix this issue, many businesses started working with MSPs to help with their IT and cyber security needs.

MSPs can install, support and maintain all the users’ devices and PCs connected to the network. Since they manage devices remotely, they’re available to help employees with their concerns as soon as they arise.

MSPs are also incredibly beneficial when it comes to protecting information from hackers and other significant problems. They’ll be there to assist with issues such as lost devices, hardware failures, natural disasters and many other situations.

A Need For More Automation

Between rising costs due to inflation and staffing issues, many small-business owners are doing more of the repetitive but necessary tasks that don’t bring much value to the business. However, many things can be automated, including email marketing and data entry.

Business owners don’t have to do everything on their own, especially when they can automate many of these essential daily tasks. Implementing automation leaves business owners and employees less stressed while freeing up time for higher-valued tasks.

Cyber-Attacks Of 2022 To Be Aware Of

Cybercriminals are getting smarter and bolder. In 2022, we saw cyber-attacks against the Israeli and Polish governments; the school system in Albuquerque, New Mexico; and large businesses such as Uber and Crypto.com.

No business is exempt from cyber-attacks.

Many small businesses don’t prioritize cyber security, and cybercriminals know this. They will try to target and compromise businesses that they think are an easy target.

Proper cyber security training for employees, as well as hiring an MSP, can reduce the risk of hackers gaining access to critical information.

If your business didn’t pay much attention cybersecurity this year, some of your business information like employee credentials, network passwords or client’s personal information could be for sale on the dark web already. Take an assertive approach to protecting your business by starting with a dark web scan to find out if your business has been a victim of a data breach recently.

If you’re a small-business owner, it’s essential to include your business’s IT needs in your plans for 2023. Doing so will allow you to stay ahead of your competition while ensuring your employees and customers are well protected.

Compliance is incredibly important for any business. Failure to remain compliant can spell doom for any business, regardless of size.

Being compliant is the act of following certain established rules, regulations, laws and guidelines. But what many business owners don’t realize is that compliance and security go hand in hand.

Compliance is in place to prevent security breaches and give guidelines for what to do if a breach does occur. Your company won’t become compliant on its own, though. It often takes plenty of time, effort and money to ensure that your business stays compliant, especially given how rapidly technology advances.

Twenty-five years ago, you wouldn’t have had to worry about many of the issues that plague business owners these days because the Internet was nowhere near as developed as it is now.

95% of cyber security breaches stem from human error

Times have changed, and your business has to change with it or you will fall victim to cyber-attacks.

Before you spend time and money trying to figure out if your business is compliant or not, you should ask yourself some questions:

1. - Does my business have antivirus software and is my network protected by a firewall?
2. - What data is my business encrypting?
3. - Do I have a system in place to manage network-connected devices?
4. - Are there disaster recovery plans in place, and do I use backup solutions?
5. - Is there a business continuity strategy?
6. - Do I have employee training in regard to security?

After you’ve answered these questions, you’ll have a better idea of what needs to be done to ensure your business stays compliant.

You may be thinking you need to rush out and buy the necessary technology and equipment to fill any holes, but you should focus on your team more than anything else.

Employee training program

According to a study by IBM, 95% of cyber security breaches stem from human error.
We’ve talked at length about the importance of training your employees to be cyber-secure, but the reality is that employees who have not bought into a cyber-secure culture are putting your business at risk.

You must have some type of employee cyber security training in place so they can learn all they can about cyber security and keeping your business protected.
Without proper training, you cannot expect your employees to be inherently cyber-secure.

After you’ve fully trained your employees, you can put more focus into bringing in the proper technology and equipment to plug any lapses in your compliance plan.

Antivirus and firewalls

If you don’t have antivirus software or firewalls, you should invest in them before anything else.
Once those are in place, you can focus on a few specific pieces of technology to make your business more compliant.

E-mail spam filter

One of the best investments you can make is to put an e-mail spam filter in place. Though your employees will be trained and hopefully well-versed in cyber security, mistakes can still happen.

E-mail-based phishing attacks are one of the easiest ways for a cybercriminal to gain access to your company’s valuable information. All it takes is one click on the wrong link to compromise the entire network. With an e-mail spam filter, you won’t have to worry about your employees accidentally clicking on a sketchy e-mail because it will never make it to their mailbox in the first place.

Passwords best practices and Multifactor Authentication (MFA)

Additionally, you should also introduce strong security password practices as well as multifactor authentication (MFA).

Part of your training for your employees should include tips and strategies for creating strong passwords. Oftentimes, people will use the same passwords for every account, which can leave your business vulnerable if one of their other accounts is compromised.

Multifactor authentication takes this step to the next level since your employees will also receive a text message authorizing their login into their e-mail or other accounts.
It’s a simple way to ensure your bases are covered.

In conclusion

Staying compliant is an extremely important part of your business.
It helps protect you and everyone who works for or does business with your company.

It takes time to put these practices into place.

If you feel like you don’t have time to get your cyber security measures in place or if you simply need more information about managed services providers, give us a call.
We would be glad to help you with your cyber security or compliance needs.

You can also book yourself here for a free consultation and one of our compliance and cyber security experts will be happy to assist you.

As the new year kicks off, many business owners and entrepreneurs are making their New Year’s resolutions. Most of these business owners will be focused on increasing profits or expanding growth, but it would be wise to focus on some IT- or tech-related resolutions as well.

Making sure that you are up-to-date on the most recent tech and security measures can go a long way toward growing and protecting your business.

While many companies make goals or resolutions that they hope to achieve in the new year, plenty of businesses fail to meet these goals because they do not take the steps necessary to achieve them. It often takes time and determination to make these resolutions a reality, and business owners should not quit when the situations become stale or difficult.

"MSPs allow for predictable monthly costs and better security, but they truly have a plethora of benefits"

Here are our three best IT and tech resolutions for business owners to make for the new year, and how to make sure you achieve them. These resolutions will support business’ growth goals and will help business owners achieve them.

Employee Security Training And Creating A Security Safe Culture

If your employees have not had any security awareness training, you should make it your focus to ensure that everyone is informed about potential information security breaches.

Research suggests that human error is involved in over 90% of security breaches

By providing security awareness training to your employees, you will teach them how to avoid mistakes that could leave the business at risk. Not only will this help your employees be more aware of security, but it will make your customers feel more comfortable and confident when working with your company.

There are other benefits to holding security awareness training for your team, and one of the best is that you will be taking your first steps in creating a culture based around tech security. You will be introducing your team to the importance of information security, which they will effectively use to fortify your cyber-defenses.

When new employees are brought in, set aside some time for them to have security awareness training so they are enveloped in the culture from day one.

By putting together a plan where every employee is introduced to information security awareness, your company will be less at risk for breaches and threats made possible by human error.

We at QWERTY take care of security proactively by setting up a continuous training program for employees. It will teach them how to prevent falling victims to hackers with interactive videos and scoring so you can also keep track on their progress. For more information of our cyber security training program go to our Cybersecurity section

Utilize A Managed Services Provider

The MSP industry has seen immense growth over the past five years. The market was valued at over $152 billion in 2017 and is expected to rise to $257 billion by the end of 2022.

MSPs allow for predictable monthly costs and better security practices, but they truly have a plethora of benefits.

If your computer breaks or shuts down, MSPs have the ability to not only fix it but also go above and beyond the usual tech support. Some MSPs will work with your business to understand your goals and find better ways to achieve them.

MSPs are also raising their tech game. Yes, they can help with problems related to e-mail, web and file searching, but they are also available for more advanced needs, like cloud infrastructure management.

If you’re still working with a basic IT service, look into using an MSP instead. They will help with your usual tech problems while also providing you with the resources needed to achieve your goals.

For more information on how we, as an MSP, can help your business achieve its goals by supporting its technology needs, take a look at our services in the top menu of this webpage or go to our plans section.

Back Up Your Data

Data is an essential part of any business, and it’s imperative that every business owner makes an effort to back up their data. If important files are damaged or deleted or a disaster causes your business to lose important data, data backups can prevent business interruptions.

It becomes even more important when dealing with clients’ information.

Imagine that you’re a customer who has been making transactions with a business for years. They may have your address, phone number, e-mail address and sometimes even your Social Security number, but one day, you call and they no longer have your information on file. You probably wouldn’t feel too secure giving this company that information again if they already lost it the first time. This is how your clients will feel if they have to provide their information again after data loss that could have been prevented by backing up your data.

Your business should have a data backup and disaster recovery plan set up so your business avoid downtime and keep running. For more information on how to back up your data and set up a robust plan, visit our cloud backup and disaster recovery section.

As you plan out your goals and resolutions to incorporate in 2022, don’t forget to include IT and tech goals as well. Not only will they save you money in the long run, but they will also grant you peace of mind. Make a plan, overcome any obstacles and don’t lose hope if it looks like you need more than a year to accomplish your goals.

It’s hard to see how investing in your company’s IT services would be as incentivizing as other investments that might deliver a more tangible ROI.

However, ensuring that your IT department has a competent team that’s up-to-date on the latest cyber security knowledge and has access to the latest software to allow them to do their jobs well is a sounder investment than you might think.

Investing in your IT services is a little like buckling your seat belt before you drive to work in the morning.

You’re certainly not planning on getting in a crash that day, but you know that if you do, the seat belt will keep you safe, or at least mitigate the bodily damage the crash could cause.

We live in a world where it pays for companies to be on the forefront of cyber security. Even in just the past few years, ransomware and other cyber-attacks have become increasingly common, and they target antiquated IT systems that have yet to get with the times.

If hackers can infiltrate your company’s servers and hold that data hostage, it could financially cripple your company to try to get it back – or shut it down entirely.
It could also destroy your company’s reputation and hurt your clients and customers.

You need an IT team that you can depend on to keep your company safe, but that still leaves the problem of cost.

We get it: keeping your IT up-to-date is expensive, whether because you can’t afford to hire the right number of IT professionals or because you can’t afford the software necessary for keeping your company from getting hacked.

That’s why we believe co-managed IT is the best option for companies looking to protect their employees and their customers’ sensitive data.

Co-managed IT

Co-managed IT is a means by which growing companies can have access to all the tools and knowledge necessary to protect their data without paying the full cost.

It won’t replace your current IT team, and it’s more than just a one-off project-based relationship with an outside IT service – it’s a flexible partnership between your business and IT services that you can trust.

Say your existing IT team does a stellar job of putting out the little fires that inevitably happen throughout the workday, but they struggle to find time for building and updating company security systems and protocols that will keep your data safe in the event of a cyber-attack.

Another scenario could be that your company is going through a period of rapid expansion, and you can’t hire enough people for your IT department quickly enough to secure your ever-growing databases. Or perhaps your IT team does a stellar job of finding balance between the daily tasks and preventive maintenance, but they lack the software tools to do so efficiently.

Have you ever heard about co-managed IT solutions? and if you have, have you wondered if it's the right solution for your company or business?

In all these scenarios, co-managed IT can ensure that those gaps your IT team just can’t fill on their own get filled through a collaborative effort.

Co-managed IT can be a great solution for a burnt-out, potentially disgruntled IT team.

If you don’t know whether your IT team is getting burnt out or not, you can look for a few different signs:

• They’re constantly working late or on weekends
• They’re not getting projects done on time or correctly
• They aren’t creating any new security measures
• They’re showing signs of aggression or frustration at their job

Ideally, a burnt-out IT team would welcome help with their responsibilities and see the benefits of the collaborative effort between them and another group of experienced IT professionals (like us).

Even though you might think that keeping things the way they are won’t cost you a dime, with how common cyber-attacks are becoming, it could only be a matter of time before hackers hold your data for ransom and cost you everything.

With all this in mind, we strongly encourage you and your IT lead to come to a diagnostic consultation with us.

We will assess your technology and give you a diagnosis and a detailed plan on how to fill all the gaps. We’ll also help you understand what’s the best solution for your company whether is a full managed IT plan or a co-managed IT plan.

Together, we can protect your company from hackers, data disasters and burnouts, if you’re willing to invest in your IT health.

If you want to know more about our approach to managed IT and co-managed IT click here.

 

When it comes to IT solutions, most businesses rely on one of three options:

• They have a dedicated in-house IT employee or team
• An outsourced managed services provider (MSP)
• Or nothing at all.

There is, however, a fourth option: co-managed IT. This hybrid option gives you an on-site IT manager or a small team AND access to an off-site IT services firm.

For any business that takes IT seriously, this can prove to be an efficient and reliable option. It’s not as costly as a full on-site team, but it can be more comprehensive than relying on an MSP alone.

Simply put, the co-managed IT solution gives your business more options when it comes to getting IT and network stability and security right. It keeps you nimble when it comes to on-site issues. For instance, having an on-site IT manager means you have someone who knows the quirks of your business and its very specific needs.

But depending on the scope of your business and the size of those needs, the job has the potential to get complicated fast. This is where having access to an off-site expert IT staff can be useful.

An outsourced IT firm alleviates that pain point. Your IT manager has someone to call when they need to, and suddenly you have a full IT staff.

These are experts in IT who understand a range of issues, from system management to industry regulations – and just about everything in between. They might not be familiar with the quirks or intricacies of your specific business or industry, but you already have that taken care of in the co-managed model.

Co-Managed It Brings Everything Together.

You can have someone on-site who you can count on day to day, but when they need assistance, they have someone they can reliably call. They have access to an incredible knowledge and experience base.

But it gets better!

One of the benefits of this approach is employee retention. Co-managed IT can completely shift your company culture for the better.

Here’s why: small or single-person IT teams can get overwhelmed and overworked fast. This is common in IT. As a result, small-business IT departments often seem like a revolving door for those employees. It creates a broken culture.

If your on-site team lacks access to the proper tools or resources, it won’t take long for them to become overwhelmed and, eventually, burned out.

If there’s a crisis, like a ransomware attack or a storage failure, and your internal IT team isn’t given the support they need to succeed, it puts undue stress on them.

While they might succeed in the end, they’ll be unhappier for it and will likely start looking for a new job. With IT in such high demand, especially in 2021, it’s likely they’ll find another job, leaving you left to pick up the pieces. Co-managed IT helps you avoid this. There are many other ways businesses can benefit from this hybrid model.

Benefits of Co-Managed IT

• You Have Someone Who Can Address Issues Immediately. While you can generally rely on an MSP to deliver a quick response time, it might not always be as quick as you’d like or need.
  With this model, you have someone to get on the issue in seconds – and they can bring in the MSP as needed.
• Having An It Manager On-Site Puts Much Of The Responsibility On Their Shoulders. While you can still be hands-on when it comes to your company’s IT, they do what needs to be done, including coordinated with your MSP.
  This frees you up for everything and anything else.
• Regulatory Compliance Becomes A Breeze. Depending on your industry, you may have to deal with all kinds of compliance terms and regulations.
  Your coordinated IT team is versed in everything they need to know – and they stay on top of it as things change.
• You Have To Hire Fewer People. While you may have at least one person on staff, or maybe a small team, it’s unlikely to grow any larger – and it doesn’t need to.
  Not when your on-site team has access to all the tools, resources, and expertise they need to get any IT job done.
• You Have A Healthier Company Culture. This is a big one that often gets overlooked. When your on-site IT team has access to those outside resources, they’re a lot happier.
  Happier employees are more likely to stick around for a longer period of time, adding to the overall stability of your business (plus, less frequent hiring is another way to keep costs down).

If you haven’t yet considered co-managed IT, give it a look. You may find the IT solutions you’ve been looking for.
In a time when cyber security is more important than ever before – with more teams working remotely and cybercriminals working overtime – every business can use all the help they can get.

Over 120 managed service providers forgot to update a software plugin from 2017 and are now vulnerable to attacks.

Hackers used a two-year-old vulnerability in a remote management software to gain access to networks and deploy the GandCrab ransomware on customer workstations of managed service providers.

At least one company has been hit already, according to a report on Reddit, confirmed by cyber-security firm Huntress Labs.

The vulnerability used by the hackers is from the Kaseya plugin for the ConnectWise Manage software, a professional services automation (PSA) product used by many IT service providers.

The Kaseya VSA plugin integrates data from the Kaseya VSA, a remote monitoring and management solution with a ConnectWise dashboard.

Many small IT service providers and other types of managed service providers (MSPs) use the two applications to centralize data from their clients and manage customer workstations from a remote central location.

In November 2017, a security researcher named Alex Wilson, discovered an SQL injection vulnerability (CVE-2017-18362) in this plugin that could allow an attacker to create new administrator accounts on the main Kaseya app. He also published proof-of-concept code on GitHub that could automate the attack.

Kaseya released patches at the time, however it appears that many IT companies failed to install the updated Kaseya plugin on their ConnectWise dashboards, leaving their networks exposed.

Attacks exploiting this vulnerability started two weeks ago, towards the end of January 2019. One report posted on Reddit describes an incident at an MSP where hackers breached an MSP's network and then deployed GandCrab ransomware to 80 customer workstations.

A now-deleted tweet claimed that hackers used the same attack routine to infect other MSPs, locking more than 1,500 workstations.

ConnectWise has issued a security alert for their Manage product in response to the growing number of reports surrounding these ransomware attacks, advising users to update their ConnectWise Manage Kaseya plugin. The company said that only companies "who have the Plugin installed on their on-premises [Kaseya] VSA" are impacted.

In an interview with MSSP Alert, Kaseya executive VP of marketing and communications Taunia Kipp said they've identified 126 companies who failed to update the plugin and were still at risk.

"We posted a notification/support article to our support help desk and immediately started reaching out via phone/email to those identified who were at risk of impact with resolution," she said.

Huntress Lab researchers, who said they had "first-hand knowledge" of the incident involving 80 customer workstations that got infected with GandCrab.