CFOs spend a good portion of their time reviewing and analyzing requests for capital expenditures and their financial impact. Understanding the long-term costs and depreciation of assets is essential to sound financial governance.

IT equipment can cost quite a bit of money. Servers and computing power, in particular, add up quickly. A quick Google search shows prices from as little as $100 to over $8,000. If we look at cost only that $100 server might be very attractive, but will it hold up to the ever-increasing demand? The $8,000 server may hold up to the demand, but do you want to spend $24,000 to have the Development, Production and emergency failover environments that a 24/7 demanding environment needs? Remember that the average server has a five-year life expectancy based on the hardware components and the routine changes in operating system requirements.

In addition to the acquisition costs of the equipment, you must include the soft costs of managing the equipment. You need to ensure 24/7 operations, routine administration of the server, patching, and security activities to ensure that not only is it available but it is running in an optimal and secure manner. 

The modern business expectation is to be able to access company applications on any device, at any time, at any place. This expectation raises the requirements for hardware support and stability to a new level.

An approach that many large businesses have used to address these requirements is by using cloud-based systems. For many small businesses, the large cloud providers of Infrastructure as A Service (IAAS), can be overwhelming to work with and their pricing schemes do not meet the needs of smaller organizations. Kotori Technologies

Kotori caters to Small and Medium Businesses in the Charleston, SC area. It provides a unique approach to serving its local customers by offering a cloud service tailored to the needs of businesses that are small and growing. Their cloud offering can host your company’s systems, provide secure remote access, system reliability, 24-hour monitoring and disaster recovery services. Their expertise in the industry allows them to help you make the right choices between that $100 server and the $8,000 device. They can provide the appropriate level of IAAS for your business to allow you to use capital that had been earmarked for IT on other projects to improve your manufacturing capacity or enhance your distribution operation to effectively optimize your productivity. For more information visit us today.

Change Management Helps Optimize Business Operations

 

There is an old saying, “The only thing constant is change.” This is particularly true in the world of information technology. Email has transitioned to instant messages. Smartphones are as powerful as mainframes were 30 years ago. Sneaker-net disappeared only to be replaced by “collaborative” technologies that allow BYOD (Bring Your Own Device) activities that exponentially spread company data throughout your workforce. Manufacturing systems where programming and setup were done on the individual machine tools are now handled by remote programming and program delivery to the equipment.

 

Changes in manufacturing processes are planned, tested, modified, retested and implemented. In regulated industries, the documentation of this process is generally done through a validation process. In information technology, this is done through the change control process and is essential to ensure smooth implementation of new systems, system upgrades, disaster recovery and regular maintenance of existing systems and equipment.

 

Strong IT organizations have Project Management Offices to create project plans including project charters, definitions, processes and metrics per project. Once these are laid out, and the project is initiated change control must be initiated and documented. When you have a large staff, with dedicated project managers, project participants, and technologists, this is not a complicated process. When you have a CFO, an IT manager and a desktop support person, it is tough.

 

Three principles of Change Management that will help are:

 

  • Document the “as is” state of your current system configuration before implementing any changes. This allows you to have a clear set of parameters if you need to roll back any of your changes.
  • Document the “future” state of your proposed system. This will ensure you know what you are trying to achieve and help keep you on pace.
  • Document what changes need to be made to move from your “as is” to your “future” state.

 

Once these are done, clone or backup your existing systems on separate equipment. Virtualization of computer systems makes this process easy and cost efficient. Make your changes in the Virtual environment to ensure they work properly and document the changes. Clone your live environment again just to be on the safe side. You are now ready to implement your changes in your live environment knowing that they will work and you will have a disaster recovery platform should it be required.

 

Again, if you have a small staff or a staff unfamiliar with documenting and managing change, this can be a daunting task. There is help for your team to guide you through planning, documenting, and implementing changes to your IT systems both hardware (infrastructure) and software (programs and applications). Contact Kotori Technologies to learn more about managing system changes.

Business Security and Paper Shredding

Posted by in Quick Tips Thursday, 19 October 2017 00:00

When you don't need your business papers anymore, the first thing that might come to your mind is tossing it in the trash. However, is this always the smartest decision? After all, criminals are always looking for sensitive info, even if it means digging through trash to get it. This is why it's important to shred your private documents. Why is this method important, and what are some useful shredding tips? Here are a few things to consider. 

First of all, shredding helps to ensure that no one will have access to your documents anymore. As obvious as this is, though, it's ironic that more businesses aren't using a paper shredder. I mean, you could tear up the papers yourself, but why go through all that trouble? Not to mention it's not as efficient as secure shredding, which rips your documents in a way that makes them unreadable to anyone. Most of all, though, shredding is an ethical business practice that shows you're willing to go the extra mile to secure your info. As for some useful tips when shredding your papers, depending on your business budget, don't invest in cheap paper shredders. Some of them don't get the job done all the way, which could make it easier for criminals to get hold of your sensitive info. Overall, secure shredding is an effective solution for business owners, employees, and customers alike. 

For more information about the importance of secure shredding in the workplace, as well as other ways to secure your business and network, feel free to contact us today at Kotori Technologies, LLC. We look forward to hearing from you, and assisting you in the best way possible. 

 

Although BYOD enables real-time mobile communications throughout the organization on nearly every level, it also introduces some very disconcerting security vulnerabilities grouped into two main areas.

Company Information on Private Mobile Devices

BYOD enables personnel to store company information on their own private mobile devices. This aspect of BYOD increases the risk of unauthorized information access and security breach through an increased number of attack vectors because the mobile devices travel with personnel both during work hours and on their personal time. Issues such as up to date security patch installation, Bluetooth services enabled and/or securely configured, WiFi services enabled and/or securely configured, device storage protected over workstation USB connections, and device storage protected from potentially malicious apps are just a few of the many security risks introduced with BYOD.

Company Communications on Private Mobile Devices

The main efficiency introduced by BYOD is anywhere, anytime electronic communications such as text messaging, email, instant messaging and even social media communications leveraging employee’s personal mobile devices. However, as with the storage of company information on personal mobile devices, allowing company communications through these same devices exposes the company to security risks such as the transport of company confidential information over insecure channels like email and instant messaging that both send data via clear text by default, enabling malicious attackers the opportunity for easy MITM (Man in the Middle) and other eavesdropping attacks through network connections.

Contact us to find out how the security controls discussed in the next post can enable your organization to securely and successfully leverage a BYOD program.  Join us tomorrow for part 3 of our 4 part BYOD series, Mobile App Management and Mobile Management Solutions.

Advancements in information technology introduced significant improvements to mobile communications which enable personnel within organizations to attend meetings, deliver information, and collaborate anytime and anywhere. In order to stay competitive and leverage this new technology, organizations have provided mobile device connectivity to personnel in the form of smart phones and tablet computers that do boost efficiency and effectiveness of communications, however also increase the organization's cyber-attack surface.

 

BYOD (Bring Your Own Device) programs, in which users connect their private mobile devices to the organization's networks, introduced in part as a response to the number of employees that prefer to carry a single mobile device rather than both a company and a private mobile device, and as a mobile communications cost savings to organizations. Although BYOD does reduce costs significantly, resolving one major issue with mobile communications in the enterprise, unfortunately BYOD also broadens IT security issues by enabling personnel to transport confidential company information and communications on their private mobile devices. Should the devices be lost or stolen, the organization could suffer damages in compromised company information and compromised customer and partner information protected by federal regulations such as HIPAA (Health Insurance Portability and Accountability Act).

Fortunately there are relatively cost-effective solutions to overcome mobile device vulnerabilities when supported by a BYOD program based on best practice. Controls and solutions such as Mobile App Management or MAM, leveraging centralized controls through Enterprise Mobile Management (EMM) or Mobile Device Management (MDM) techniques, that use either app containers or app wrapping technologies, coupled with a tightly managed BYOD security program and policies that control for human factors, can ensure that company data remains safe even when allowed to reside on authorized BYOD mobile devices.

Contact us to learn more about how your organization can reap the BYOD benefits while minimizing the risks.  Stay tuned for tomorrow's part 2 of our 4 part BYOD series as we uncover the primary BYOD risks to your organization.   

 

Firewalls are often perceived as being network appliances that protect entire networks from malicious traffic originating from the Internet. However, firewalls can also run as a service on computers, protecting the operating system from malicious attacks, blocking harmful traffic while allowing users to send and receive secure, acceptable traffic.

Modern host based firewalls (firewalls installed and configured on a workstation, server, or other network connected device) include a large array of features that vary depending upon the operating system and firewall in use. Most modern operating systems, such as the current Windows and Linux variants, include a host based firewall as part of the operating system. One benefit of using host based firewalls is their ability to block all ingress traffic, which of course including malicious traffic, from entering the operating system.

Host based firewalls that feature deep packet inspection can also identify malicious payloads, such as malware, contained within the packets being received by the operating system, stopping the payload before it can install and cause damage to the operating system.

Firewalls can also be configured to allow desirable traffic, usually based upon service port or source address, so that the computer can host services that enable connectivity with friendly network hosts while at the same time blocking traffic from unknown or malicious network hosts.

Since firewalls are generally designed and configured to deny all traffic except for traffic deemed acceptable by the administrator, if not configured correctly a host based firewall can block network traffic that the computer should receive, disrupting activities such as file sharing and email communications which are essential in most cases.

Firewall configuration also tends to increase administrative burden if not well-managed. If users within an organization have access to firewall controls, they can inadvertently (or purposely) block IT staff remote administrative access to the operating system, creating a situation requiring time-consuming in person IT staff visits. Similarly, incorrectly configured firewalls may block egress traffic the user needs in order to perform their work. This again creates a condition where work time is lost while a computer administrator determines and resolves the configuration problem.

Host based firewalls are essential to securing networks and systems. Contact us to optimize your host based firewalls for both security and performance.

Virtual Infrastructure Considerations

Posted by in IT Solutions Wednesday, 27 September 2017 00:00

More and more companies are realizing that the ideal way to store memory on company owned servers is through virtual infrastructure.  These software platforms allow companies to vastly increase the amount of memory and speed of a typical server, without changing the fundamental underlying hardware. That helps companies save time and a lot of money by reducing the need to buy additional servers.

VMWare is one of the leading virtual infrastructure providers. The company was the original promoter of the industry and is now owned by Dell.  It's virtual machines separate the real servers with a software called the hypervisor. Managers are then free to allocate memory resources more effectively to optimize speed and power.  VMWare has been credited with freeing up as much as 40% of server space with its groundbreaking technology.

Citrix is another virtual infrastructure provider.  They are known for bringing virtualization to mobile devices so that executives can access enhanced memory on the go.  In addition, the company focuses on creating a secure environment that protects business from malware.  They help some of the largest technology companies including IBM, Google, HP, Cisco, Amazon and others to enhance their server technology.

Storage Area Networks (SANs) are another important virtual technology.  The chief benefit of SANs is that they "fool" the server into making additional memory appear in the operating system as locally attached devices. That helps speed up data transfer by reducing friction points.

Kotori Technologies is a growing IT service provider serving the Charleston area.  The company's comprehensive IT services help their partners save time, money and solve their technical problems. For more information, please contact us.

Security Alert: Petya Ransomware Attack

Posted by in Security Wednesday, 28 June 2017 00:00

First of all, if you are on our maintenance plans, don’t worry, we’ve got you protected. Your systems are up to date with Windows and Sophos security that prevent this type of attack.

If you are not under a maintenance contract with us, please contact us today and we can make sure you get the protection you need.

A new strain of ransomware dubbed “Petya” is worming its way around the world with alarming speed. The malware is spreading using a vulnerability in Microsoft Windows that the software giant patched in March 2017 — the same bug that was exploited by the recent and prolific WannaCry ransomware strain.

Petya also attempts to spread internally by breaking admin passwords and infecting other PCs on the network using remote admin tools. It can also spread internally by infecting network shares on other computers.

Customers using Sophos Endpoint Protection are protected against all the recent variants of this ransomware. We first issued protection on June 27th at 13:50 UTC and have provided several updates since then to further protect against possible future variants.

In addition, customers using Sophos Intercept X were proactively protected with no data encrypted from the moment this new ransomware variant appeared.

Here’s what we urge you to do right now:

  • Ensure systems have the latest patches, including the one in Microsoft’s MS17-010 bulletin. (If under a maintenance contract with us, this has been completed.)
  • Consider blocking the Microsoft PsExec tool from running on users’ computers. A version of this tool is used as part of another technique used by Petya to spread automatically. You can block it using a product such as Sophos Endpoint Protection. (If under a maintenance contract with us, this has been completed.)
  • Back up regularly and keep a recent backup copy off-site. There are dozens of ways other than ransomware that files can suddenly vanish, such as fire, flood, theft, a dropped laptop or even an accidental delete. Encrypt your backup and you won’t have to worry about the backup device falling into the wrong hands.
  • Avoid opening attachments in emails from recipients you don’t know, even if you work in HR or accounts and you use attachments a lot in your job.
  • Download the free trial of Sophos Intercept X and, for home (non-business) users, register for the free Sophos Home Premium Beta, which prevents ransomware by blocking the unauthorized encryption of files and sectors on your hard disk.

For more information on this ransomware and ways to help prevent attacks, please see more information here:

https://nakedsecurity.sophos.com/2017/06/27/breaking-news-what-we-know-about-the-global-ransomware-outbreak/

Please forward this to others within your company to ensure they are aware of the risks. These type of attacks can also affect home computers, so we want to make sure they are protected as well. We do recommend making sure all Windows updates are installed on home PC’s and using Sophos Home (https://home.sophos.com/) for those PC’s. Please note that Sophos Home is NOT recommended for business PC’s.

 

If you have any questions on this, contact us at 843-553-8800 or This email address is being protected from spambots. You need JavaScript enabled to view it.

Purchasing, installing, and maintaining your own servers can be a stressful and complicated task for many businesses. When you bring a server in-house you incur costs for hardware, software, and support. Have you considered cloud services?

Cloud technologies are becoming more advanced and secure by the day, and can offer you the freedom you need to accomplish your tech goals, while also becoming a more agile business.

It makes sense that your employees want access to work related applications wherever and whenever they are, from whichever device they're on. Cloud based services make it possible for your work staff to engage in secure communications and collaborations via the cloud. All you need is access to the internet and the proper credentials, and you can access your working environment from anywhere, just as if you were in the office.

When you opt for cloud based services, you save money and resources, and gain peace of mind. Your tech support and maintenance is taken care of for you, as are big concerns like security, and data backup and recovery. If you are interested in maximizing your budget, and improving workflow, contact us to talk more about how the cloud can better enable your business.

The cloud may not be a good fit for everyone, but it is worthy of your attention. It appears that many small to mid-sized businesses will operate with a more modular and agile mentality in the future. We'd be happy to talk all about your current tech needs, whenever you'd like!

Cyber threats can catch people by surprise, necessitating a quick and thoughtful response, even before the full story with all its details emerge.

A recent example is Cloudbleed, a software bug in Cloudflare that led to alarming data leaks. Sensitive information, including log-in credentials and private messages, got exposed publicly and cached by search engines.

The coding error that led to this data breach has since been fixed and a cleanup undertaken to try to remove leaked data from public view. But the extent of the exposed data isn't yet clear. Cloudflare offers various web services, including website protection, to numerous companies, including Uber and OKCupid. We don't yet know how Cloudbleed will affect people.

Are you prepared to respond quickly?

When a new cyber security threat emerges, you need to immediately act. What are some of the steps you may need to take?

  • Changing login credentials. With Cloudbleed, for example, it would be important to quickly change passwords and other credentials for potentially affected sites and perhaps make inquiries to Cloudflare about the steps they're taking to resolve the problem.
  • Double-checking and strengthening your user authentication measures. How can you more reliably distinguish between authorized and unauthorized users?
  • Performing a software update. If a new version of a software gets released and contains a patch for a security vulnerability, you need to quickly perform the update.
  • Taking any other steps needed to correct the problem. Sometimes it's your own error or vulnerability that led to a data breach; other times, the problem stemmed from a vendor. You may need to do anything from rewriting your own code to discontinuing your relationship with a particular vendor.
  • Monitoring possible repercussions. Compromised data may wind up getting used against you, sometimes within hours of a data breach and other times within months or years. You need to remain aware of the potential repercussions and monitor the situation. (In general, 24/7 monitoring of your systems is an essential defense against cyber attacks.)
  • Alerting people to the situation. If your business website uses Cloudflare, for example, how would you let customers know about the situation and what you're doing to address it? Without alarming people needlessly, discuss the problem and highlight your commitment to fixing it.

 

Handling all of this on your own is daunting. However, if you work with a managed services provider (MSP), you'll benefit from experienced IT professionals assisting you round-the-clock. Your MSP will act quickly and thoughtfully on your behalf while keeping you informed about the situation and receiving your feedback and insights. Please contact us for more information about our managed services.

Page 1 of 23

Categories

Archive

Tags

3d tv 360 kinect Advanced IT adzzoo aeropeek airlines Amazon Cloud Player american flag antispam antivirus apple pie applie ipad apps ascii audit audit,business audits audit report automatic updates avg avg updates back to school backup beef and cabbage beethoven Block Malicious Traffic Breach bunny cake business continuity business email business IT costs business recovery Business Security BYOD cable Cell Phones CES change background change mnagement charleston regional business journal check boxes window 7 christmas scams cloud cloud computing Cloud Services Cloud Solutions company network computer and network spending computer back up computer backup computer care computer checkup computer cleaning computer clean up computer injuries Consulting conversation view CourageousKidz cupcake kabobs customize ribbons cyber bullying Cyber security Daniel Lightner data backup data back up data recovery data storage defrag defragment dektop virtualization Depog desktop desktop virtualization digital pack rat Disaster Recovery disaster recovery plan Discovery Training Center disk clean up disk defrag disk defragment display flag properly documentation double your windows droid incredible easter cake ebook electric eye email email cleanup email etiquette email policy email scams email schemes email solutions email to cell phone encryption excel Facebook Facebook app father's day gift guide FBI Warnings fcc femtocell firewall first jukebox flag day fourth of july future ghost cookies gmail Google Music googletv green computing Green IT groupme Hackers Hacking halloween halloween fun facts halloween recipes hardware cleaning HIPAA HITECH home user hosted exchange HP Touchpad Hugo hulu Human Resources Hurricane iCloud Impersonation improve cell phone signal inbox inbox organization Information Technology Integration Internet internet safety internet search internet shortcuts internet speed test iPad ipad2 iphone ipod touch Irene IT budget IT Consulting IT costs IT Custom Solutions IT Finance IT Logistics IT Myths IT Operations IT Provider it support iTunes itv junk email keyboard shortcuts kik, path kindle kinect Kotori Technologies KREG laptop lawn care tips learn to type length of cd's light bulbs MAC Managed Service managed services Manufacturing march recipes mascot memory storage microsoft xbox Mobile App Management Mobile Devices Mobile Management Monitoring mortratious mother's day mummies in a blanket music name game national broadband plan neadom tucker netbook net nanny network audit network monitoring Network Security Network Security Issues network support nintendo wii no cable or satellite NonProfit notebooks Nubio office 2010 online gaming online safety online shopping safety optix email optix mail security organize gift giving our it outlook organization outlook tips pandigital novel Paper Shredding passwords peanut butter eggs peer to peer Petya Phone Systems pin to taskbar pin up folders Playstation power breakfast Preparedness Presidential facts Presidents Day printers printer security Privacy problem steps recorder Productivity product reviews project management protect your data pumpkin stew quick steps Quick Tips rainbow cupcakes Ransomware recent documents recipes red white and blue jello pie remove programs Risks, riso noodle house safe data save information save money saving money scam scandisk schedule Security security, server cleaning shopkick shortcuts side by side skype outage slow computers Small Business small business success summit smart phones social networking social networks in outlook Sony sony ereader sony playstation move Sophos spider cookies spring cleaning sunbelt vipre symbols tablet task bar tips taskbar tips technology test the daily this week in tech tips turkey tetrazinni type faster typing typing characters uncle sam cupcakes uninstall programs updates vendor management virtual hosted exchange Virtual Infrastructure virus VoIP WannaCry web page shortcuts website website audit website help,website wifi in your car windows 7 windows 7 tips windows calculator windows update wireless wireless security Workforce Management xbox xbox live Yamodo zip file