Perpetual Motion

If Not Now, When?

“Cybersecurity and Infrastructure Security Agency Director Jen Easterly told industry leaders in a phone briefing Monday that a vulnerability in a widely-used logging library ‘is one of the most serious I’ve seen in my entire career, if not the most serious.’

“‘We expect the vulnerability to be widely exploited by sophisticated actors and we have limited time to take necessary steps in order to reduce the likelihood of damage,’ she said of the Apache Log4j flaw. The issue is an unauthenticated remote execution vulnerability that could allow an intruder to take over an affected device.

“Hundreds of millions of devices are likely to be affected, said Jay Gazlay of CISA’s vulnerability management office in the [same] call” –as reported by Tim Starks, cyberscoop.com, Dec. 13, 2021

Because of how widespread this vulnerability is, affecting everyone from Microsoft to Apple to Amazon to Google (in fact it affects millions of pieces of software, it is time to make sure your business is as protected as possible. You may not hear bullets, but that doesn’t mean we not are in a war … [5 min. read]

2FA!@$%

Thunder and Botheration!

“If there’s 2FA, enable it,” said Bryley’s Garin Livingstone when asked for his baseline recommendation for everybody for computer security.

2FA or MFA (two- or multi-factor authentication) is adding a second (or more) proof of your identity before being granted access to a machine or software.

2FA may also rank among the biggest pains in the neck … [4 min. read]

technology patches

Crunching the Patching Numbers

There were 16,516 Common Vulnerabilities and Exposures (CVEs)1 published in 2018. The time needed to analyze the relative importance of these to your organization would be something like 16,516 alerts times fifteen minutes to read and assess each one, which works out to about 500 days of work. If you decide that your organization is affected by twenty percent of these, that’s 3,304 vulnerabilities times an average of about an hour to patch each one — that will take about 40 days. And how many devices do you have that need this patch deployment? 2

The Importance of Server Maintenance

Let’s face it, servers, like any piece of hardware, will eventually need to be replaced, but in the meantime, keep it running until it’s time to replace it. Developing a checklist of the tasks that need to be done regularly can go a long way in ensuring your servers consistently perform at their best. Because servers take care of all your data, it is important to watch and properly care for them. Such maintenance involves constant monitoring and continuously analyzing how the server is functioning. Preemptive maintenance not only reduces server issues, but also may increase the longevity of your server.

Infographic: The Strategic CFOs Guide to Cloud Technology

The world in which many Chief Financial Officers (CFOs) operate is changing. Increasingly modern organizations are turning to their CFO for strategic leadership and insight on how best to position themselves on a competitive footing. Accordingly, the CFO of today needs a tool-set capable of supporting them in this new role.

Cloud technology offers a fantastic platform for any strategist looking for an agile and robust set of tools capable of driving their company forward into the future.

Below is an infographic which will help you start to approach the cloud from a leadership position, and begin to leverage IT as the strategic asset it can be.

When To Replace a Server

Every IT professional would agree that servers are the lifeblood of your organization. No matter what daily task you perform, whether it is responding to email, preparing for a presentation, or completing other workday tasks, it’s important to have a server in your office that runs smoothly. No organization, no matter what the size, wants to face the IT issues associated with a slow or non-responsive server. While there is no way to accurately predict when a server will need to be replaced, there are some general guidelines you should observe to ensure that this critical piece of equipment is running properly.

How Bryley Helps CPA Firms

How CPA Firms Can Benefit from Managed IT Services

Let security and confidentiality be your watchwords!

When it comes to safeguarding your CPA firm’s confidential data, there is zero tolerance for risk. CPAs rely upon various forms of technology to gather data – whether it is a tax return or an independent audit.

CPA firms have made great strides by implementing such technology as electronic data management systems, client portals, and cloud-computing systems. However, records maintained by CPA firms must remain confidential because of professional standards, statutes, and regulations governing record retention. Data breaches can happen in numerous ways, including the following: fraud, hacking, improper disposal of data, or even a lost or stolen device.

A CPA firm will need their IT department (or an outsourced Managed IT Services vendor) to implement and maintain a comprehensive list of data and network security controls. It is helpful to understand the basics:

Perimeter security. This first line of defense includes firewall and intrusion detection systems, in addition to intrusion prevention systems. These should be configured with appropriate restrictions to block and filter both incoming and outgoing Internet traffic.

Endpoint security. Endpoint security requires each computing device on a corporate network to comply with established standards before network access is granted. These measures protect the servers and workstations and include safeguards such as administrative access limitations and anti-virus protection.

Network monitoring. Part of the control environment should include a frequent and ongoing monitoring program for all IT systems.

What We Do

circles

Comprehensive Support Program™ (CSP) — Bryley provides ongoing, proactive maintenance and remediation support to ensure a stable, highly-available computer network. Our most-popular Comprehensive Support Program (CSP) consolidates all end-user devices (mobile and desktop), servers, and computer-network equipment issues into one, Bryley-managed, fixed-fee program. Among the many services delivered under the Managed IT umbrella, Bryley installs and manages all software updates and patches.

Secure Network™ (SN) – An ongoing, managed-IT service that prevents intrusion, malware, and spam from entering the computer network through its Internet gateway and can restrict web-site surfing to inappropriate sites.

Multi-Point Security Hardening Service™ (MPSHS) – A periodic review to harden your computer-network security by reviewing/updating policies and configurations and testing. With this program, Bryley Systems can help your organization comply with the technical aspects of Massachusetts 201 CMR 17.00.

If you are looking for a business partner to help you navigate the ever-changing technology and cybersecurity landscape, we’re here for you. For more information about Bryley’s full array of Managed IT Services, Managed Cloud Services, and Cybersecurity Services please contact us at 978.562.6077 or by email at ITExperts@Bryley.com.

Time for a Server Refresh?

There is no crystal ball for an IT manager to look at to accurately predict when a server will need to be replaced, but there are some general guidelines you should observe to ensure that this critical piece of equipment is running properly.

A server refresh cycle is the length of time that typically passes between installations of new servers.  Generally, the refresh cycle averages 3 to 5 years. Replacing your server will allow your organization to deploy updated equipment intended to improve reliability, enable new capabilities and save money in the long term.

Here are a few things to keep in mind:

Is your equipment more than 3+ years old?  If your server is three years old (or more), you should seriously consider replacing it.  Your reaction may be “I just bought it”.  You may be tempted to try to squeeze a little more life out of it.  You definitely could do that – perhaps you already have, but the reason you want to replace a server after three years isn’t just to avoid a potential server outage.

According to IDC, “the moment your server hits its fourth birthday, support costs raise by approximately 40%. Your users often won’t report the troubles they’re having with your slow server – employees are notorious for working around these issues.” 1

If a process takes much longer than it is supposed to, lost productivity costs your organization money and that lost time adds up.

Warranty.  Your server should never outlast the warranty it came with.  The reason you will want to replace your server after the warranty runs out is that if it crashes, you will be able to get it fixed or replaced. At the point in which the manufacturer is not going to do this, you should take this as a sign that your server may have reached its use-by date. If your server has a very high workload, it may limit its lifespan.

When you’re choosing your new server warranty, they often come with different support levels to fit your needs. Typically, it covers replacement parts and an on-site tech to replace those parts.

Hardware Support.  When you’re considering replacing your server, you should check to see if it is still being manufactured.  If your server is still in production, that’s the first piece of good news.  If something breaks, it won’t be that hard to find replacement parts.

If it’s no longer being built, hardware issues may be difficult to fix. The parts you may get are going to be more expensive, possibly second-hand, and may take a while to get to you.  That’s why if your server is out of production, it’s good to make sure you shelve it as well. That way you won’t be hit as hard by hardware failure.  Much like with a warranty, if your manufacturer has decided to shelve the server, it’s likely you should too.

Your Server Has Issues.  Oftentimes people try ignoring a temperamental server instead of just replacing it.  The longer you ignore it, the worse it will get, and you put your organization at risk if it completely shuts down.  There are some things that can’t be fixed no matter how many parts you replace.

You Need More from Your Server.  Growing organizations place higher demands on their servers. When use of your server reaches 70% of maximum, or drive space is running low, you’re going to see a drop in server performance.  This is where virtualization can come in handy. If you have two or more servers – or you suddenly have the need for them, you can purchase one really good server and run virtual machines off it.  Since you can scale virtual machines to your needs, this means you can change your infrastructure to fit your growing business needs.  If your organization is expanding with new locations, it’s time to consider upgrading your server.

Your organization’s server hardware is there to support your operating system and applications that you’re running off it.  If you are barely running Windows Server 2008 properly, then it won’t handle moving to 2012 or 2016.  When you’re upgrading your operating system, it is the perfect time to upgrade your server as well.  This effort will take some planning and additional work, but doing it in a phased-approach is much easier.

Before deciding whether or not to upgrade your datacenter servers or virtualize your environment, talk to Bryley Systems.  Our team of experts will help you navigate through this process and the important decisions including determining how to size your physical or virtual server hardware for the workloads that you are planning to put on it. Contact us at 978-562-6077, or by email at ITExperts@Bryley.com to learn more. We are here to help.

References:

1 –  IDC

Tech Target

Business Technology News

 

 

 

3 Recommended Practices to Keep Your Servers Running All Winter

Based in Central Massachusetts, wild New England weather is nothing new to us.  While simply making it in to work during a storm can be a significant challenge in itself, in a modern business environment, keeping essential technology systems operational 24/7 can prove even more critical.  That is why we have put together this list of three best practices we recommend you follow to keep your technology working, even when you are stuck at home shoveling out your driveway.

1. Deploy Uninterruptible Power Source (UPS) Devices – And Check Them Regularly

Deploying UPS devices for critical network equipment, as well as high priority PCs and workstations, is an excellent way to protect your most essential devices in the event of a power failure.  This is even more critical if you have on-premise servers.  It is important to ensure that any servers are able to communicate with their UPS(s) so the server can detect that it is running on stand-by power, giving it a chance to shut itself down properly.

2. Add an In-Line Generator

If you have devices that must continue running in the event of a power failure, adding an in-line generator is your best bet.  When the power goes out the generator takes over, powering equipment and feeding UPS devices.  At Bryley Systems we utilize an in-line generator to ensure that our local data center is always operational, no matter what.

3. Establish a Fail-Over Site

It is a good idea to develop a disaster-recovery plan that includes the ability to migrate to a fail-over site in the event that your primary data center becomes unavailable.  This will ensure that your data is always accessible, even under the worst of conditions.

You can learn more about how Bryley Systems is able to ensure business continuity through the use of our own fail-over site on our Back Up/Data Recovery page.

Stay safe this winter!