In the midst of political tensions between the United States and Iran, the threat of cyber attacks on businesses and government agencies remain strong. Homeland Security has warned U.S. companies to “consider and assess” the possibilities and potential impact of cyberattack on their businesses.

Ransomware Incidents in 2019

Cyberattacks can have devastating impact on both government agencies and businesses. Right before the 2019 holidays, an Arkansas-based telemarketing firm suspended their operations and left 300 employees jobless due to a ransomware attack. Their servers were attacked by malicious software and kept their information systems locked from them for ransom. They lost hundreds of thousands of dollars due to the incident.

Additionally, the state of Louisiana declared a state of emergency in November 2019 following a cyberattack on state government servers. A new ransomware called Ryuk struck a facility belonging to the U.S. Coast Guard, affecting facility’s access to critical files.

An Alabama hospital system called DCH Health Systems quit accepting new patients after a ransomware attack on its computer systems. They paid an undisclosed sum to the attackers. After the attack was resolved, patients of the DCH Health System filed federal class-action lawsuits accusing the three hospitals of negligence, invasion of privacy, breach of contract, and breach of fiduciary duty.

Cybersecurity Best Practices

Preventing a cyber breach requires more than just the IT Department; it is an organization wide endeavor. Here are some best practices for cyber-security

1. Multi-Factor Authentication
   
   Strong passwords with keys, numbers, and avoiding obvious information like birthdays or names; are still a recommended route for security measures. However, this may not always be reliably implemented. Whether employees are using strong passwords or not, multi-factor authentication can provide an added layer of security in the scenario of stolen passwords. This added layer can be the user’s fingerprint or a text message to their phone.
   
   
2. Update your software and computer systems
   
   All software applications and computer systems periodically require updates. Software and system updates can seem like a time-consuming hassle but can be a life-saver. Updates not only improve the overall function of the software/system; but oftentimes there are new bugs, and types of viruses that emerge. Updates on general software, computer systems and virus detection software can add a layer of protection against emerging cyber-threats.
   
   
3. Back Up Your Files
   
   Cyberthreats often take aim at your data. That’s why it is best to secure and back up files in case a data breach or a malware attack takes place. Data can be backed up offline, external hard drive, or in the cloud. In the scenario of an attack, you will not lose your information.
   
   
4. Avoid strange links and emails
   
   Phishing has been a large culprit in ransomware attacks in recent years. Phishers try to trick you into clicking on a link that may result in a security breach. Phishing comes in the form of malicious links that have viruses and malware embedded in them or in email attachments. Be cautious of links and attachments in emails from senders you don’t recognize. In the blink of an eye, your attachment download can enable an infiltration into your organization’s computer network that can prove to be devastating.
   
   
5. Invest in security systems
   
   The cost of a security solution may seem intimidating to smaller businesses. A security system solution can include antivirus, malware detection, network firewall, and other products. While security solutions come at a cost, they are cost-effective in the long term because they are a preventive measure against the financial/legal costs of a cyber-breach.
   
   
6. Secure your print environment
   
   All endpoint devices of the IT environment are an opening for attack, and this includes the print environment as well. Printers are connected to the network, meaning that if a printer is infected with ransomware, the entire network can be at risk of a cyber breach. When evaluating your security environment, do not forget to include print security in your security strategy.
   
   
7. Staff Training
   
   Cyber-security does not end with the purchase of a strong security solution. Even with a strong security solution, bad cybersecurity practices such as opening a phishing email can leave a company vulnerable. In the aforementioned incident of the United States Coast Guard, an employee opened a phishing email which led way to a facility belonging to the Untied States military to be infected with ransomware. It is important to give your staff training, or if you are an employee; to ask for training.
   

The political conflicts between United States and Iran are not the only ones of the 21st century; there are and will continue to be more similar political situations. With 21st century conflicts comes cyber attacks as a weaponized tactic. Regardless of what your political views and leanings are, it is crucial that you keep in mind cyber-security best practices and solutions for your team.

When it comes to IT, every organization has to maintain a budget.  Small businesses, enterprises, government agencies, educational institutions, all have to find effective ways of making the most bang for their buck in their investments.  Regarding the IT Spend, this means equipment that successfully enhances productivity, facilitates communication, maintains data storage, network connectivity, and an overall secure network.

When you have to buy laptops, printers, software licensing, cloud/on-premise storage, cybersecurity, network connectivity equipment and other aspects of an organization’s IT, the costs can be quite high and you have to stay within a budget.  So the question remains: how does one stay within budget while having a secure, reliable, IT ecosystem for their team?

“Convenience” Advancements

It is no secret that technology is constantly evolving and expanding.  One notable observation however, is that technology advances to increase convenience.  This pertains to not only smartphones but to IT equipment as well.  Convenience of usage should be one characteristic today we can centralize network data into one dashboard and manage the entire IT ecosystem from one pane of glass.  For example, network security breaches, connectivity issues, and browsing of individual end-user devices can all be managed from one dashboard.

Convenience can also include automation. There are regular tasks that can be automated via automation software and/or artificial intelligence. Earlier this year we published an article about the urgent need to adopt cloud based workflow automation. Workflow automation can benefit various roles in a company: marketing, accounting, software development, Sales, Human resources, Administrative Work/Data entry and more!

Additionally, if multiple functions are centralized into fewer solutions, costs reduce and productivity enhances.

Security, Security, Security

It is a no brainer: Security is an essential cost.  It is smart to invest in an effective cybersecurity solution for your team.  A network breach can cause tremendous costs such as theft of data, delays in operations, etc. We have published an article about the costs of cybersecurity for a businesses.

Cybersecurity does not only mean an Anti-virus for an endpoint device. Endpoint devices (computers, tablets, mobile devices) are all connected to the network of the organization. Cybersecurity includes protecting the network from external threats. Threats can enter through different parts of the network including but not limited to the router.

An aspect of cyber-security that is often overlooked is print security. In an IT environment, printers are also connected to the network. An insecure printer environment leaves room for infiltration into the network via the printer.

A cyber-security solution may be costly but it is crucial to be preventative to cyber threats rather than reactive. Reacting to a crisis is far more costly and unpredictable than preventing a crisis.

High Quality Hardware

In addition to having a secure network environment. having high-quality hardware is also important. Earlier this year the Compulink team has done a Collablink campaign where we discussed different products from multiple product categories and manufacturers.

That being said, it is important to have high, sustainable quality when it comes to IT hardware. If you have sustainable hardware versus cheap hardware it can last your organization a long time, saving you from spending a lot more in the long term.

The Cloud

The cloud has become quite the norm in the IT space. And there are a few doubts about whether to invest in the cloud or not. It is important to have a hybrid cloud solution for your business.

Here’s why:

The cloud can be a cost-effective way to save space. The costs are based on a monthly fee. The thing about the cloud is that when your organization enter

Regular IT Refresh

Information Technology products and services are always advancing, and it is crucial we all strive to keep up. The common rebuttal a business owner may provide is “if a product from 2001 has always worked for me, why should I still change?” There are a few reasons why:

• IT Hardware becomes old and incompatible with new products, if they are not refreshed. Additionally, the aging process of hardware can cause inefficiencies in its functionality.
• Similar to hardware, IT Software also gets old. New bugs emerge as IT software

Quocirca’s Global Print Security Landscape Report 2019 reveals that organizations of different sizes continue to be concerned about print security.

Organizations are continuing to suffer print-related data loss incidents, and most are still not confident their print environment is fully protected. These point to a critical need to educate C-level executives on the strategic value of effective print security as part of a broader information security strategy.

Here are statistical trends on growing concerns in print security:

• 72% of organizations are concerned about print-related security breaches
• 24% are confident that their print infrastructure is fully protected
• 77% are increasing spend on print security
• 59% have suffered at least one print-related data loss
• 32% of print security incidents are caused by internal users
• The average cost of a print-related data cost is $394k
• 76% of organizations using a Managed Print Service are considered print security leaders.
• 39% of organizations have carried out print security assessments
• 40% are using pull printing to mitigate risk

These are some of the growing concerns about print security. Print environments have often been an overlooked weakness in network environments of organizations. However, as the data previously has shown, more organizations are taking notice of the importance of print security.

The great question lies in what comes next to recognize as a security necessity in IT environments.

Last week the Compulink Team attended the New York Government Technology Forum hosted by eRepublic. We were an exhibitor with our own booth. In this two-day event, we met many of the government agencies we are working closely with in IT Procurement in addition to our manufacturer partners.

• 

With the government agencies, we were sharing some of our new updates, and discussing any procurement projects we are currently working on with them. We were also discussing our e-Procurement solution that can fast-track their procurement process (Click here to visit). We also discussed how the New York State Government is increasing the discretionary spending threshold on procurement with MWBE to $500,000.

When we were in conversation with our manufacturer partners, we were discussing new IT trends and products that can benefit the government sector. From cybersecurity; cloud enablement; network management; to new hardware products, the Compulink Team and our partners were able to brainstorm most effective ways to better enable government agencies to serve our public.

• 

Overall NYC GovTech 2019 was an opportunity for collaboration for our team and the other organizations that were in attendance. The Compulink Team is always evolving and enthusiastic to find ways to improve the IT infrastructure of the government vertical.

In October 28-29, Compulink Technologies Inc. will be an exhibitor at New York Government Technology Forum hosted by eRepublic!  We are greatly looking forward to meeting our contacts in the New York City and State Government space!  After years of engaging with the Government’s IT life-cycle, we highly recommend all public and private institutions to attend these forums.  Here is why:

Cybersecurity

When it comes to IT in the government vertical, endpoint and network security is always a large concern.  Being the government, there is no shortage of malicious hackers attempting to steal highly classified government data.  Additionally, the cybersecurity solutions an agency procures years ago does not always stand the test of time.  Cyber-attacks are constantly advancing as does cybersecurity.  When the agencies attend a forum, they are able to stay up to date with cybersecurity.

Cloud Solutions

Cloud infrastructure has become an increasingly common application in the business sector.  This rapid trend helps digitize much of your work while cutting costs on infrastructure.  While the cloud has become a rapidly growing trend in the business sector, there are concerns about adopting cloud solutions in the government vertical.  Going to an IT Forum for Government Agencies can help you understand how to securely adopt a cloud solution for your agency and best practices for deployment.

Tech for Public Services

Seeing that all government agencies are public institutions helping public infrastructures function, there are numerous ways IT advancements can help agencies perform their public functions better and operate more efficiently.  These forums can help inform government agencies about new technologies and the collaborative networking space can foster dialogue on ways IT can help our public infrastructure.

AI and Government

Artificial Intelligence has become a trendy subject to discuss in the recent years both inside and outside of government. Automation, chatbots, predictive analytics, are all different examples of how government agencies all around the world adopt Artificial intelligence. When attending seminars related to AI for government agencies; procurement officials and IT department managers can know where AI can meet the needs of their agency and find the necessary compatibility for AI adoption.

Inclusive Procurement

Agencies are trying to increase their utilization of MWBE vendors in the successful deployments of their projects.  In NY GovTech 2019, procurement officials and IT managers of government agencies can network with MWBE-Certified IT Solutions Providers.  (Compulink is an MWBE-Certified IT Solutions Provider!)

By going to New York Government Technology Forum, there are a lot of ways government agencies can benefit from the tech updates. For starters, procurement and IT officials can keep up to date with trends in the industry and be well-informed on which solution can apply to their agency.

The Compulink Team will be at GovTech as an Exhibitor! Come visit us!

We interviewed Roy McLean, who has been with Cisco Systems for 19 years.  Roy is currently a Senior Manager of Global Distribution Sales with Cisco.  Below are questions about Cisco’s direction that Roy answered.

What was the culture like in Cisco after the Cisco Live 2019 event?  Any shift in momentum?

CiscoLive! Always generates excitement and energy across Cisco and our partner and eco-system community.   Hearing about the latest innovations, seeing how our customers used the technology to drive success is a huge boost.   Already Cisco was buzzing with excitement around DEVNET, and CiscoLive! turned that up to 11 with new programs and certifications.

How do you feel Cisco’s product arsenal has kept up to speed with the fast-growing cloud market?

Cisco’s product set has never been stronger, or more aligned with the cloud market.  Our cloud based offers like DNA Spaces or Intersight are just the icing on an already cloud rich portfolio.  We can’t forget great offers like Webex, which continues to blow away the competition with its strong feature set and constantly expanding feature set.  If you didn’t see the new Webex experience, you’ll be blown away how business insights can now be part of the pre-meeting, delivered from the cloud.

With an abundance of cloud products in the market, how does Cisco Systems remain distinct when it comes to cloud solutions?

It’s true there are many many cloud products out in the market today.  Our customers have told us loud and clear that having to manage services from multiple suppliers is a big drain productivity and expense.  Ciscos highly integrated portfolio allows customers to design, deploy and realize business outcomes is unmatched. 

Evolving technology means an evolving understanding of client needs.  How does the Cisco team adjust its product development to evolving client demands?

A big part of what Cisco and partners like Compulink do is listening.  Our partners work with customers to help them reach their business goals first.  Over the last few years we’ve been helping partners develop the skills to identify end user expectations around business outcomes.  Our CX strategy is designed to do just that, provide a clear structure to help Compulink win deals, and just as importantly, continue to work with the end customer to adopt the features that drive outcomes and renewals.  Staying close to the customer expectations, delivering value at every step of the sale and ultimately helping our end users reach their goals is what CX is all about.

Based on our experience as a partner, Cisco products are popular among the government.  Many government agencies are currently using Cisco products until the end of life before they refresh their IT Hardware.  What advice do you have for end-users on maximizing their use of these products?

We’re very proud of the high quality world class products we produce, for decades we’re been recognized as one of the best manufacturers in the IT industry.   While our products do seem to last forever, we know that customer requirements, security concerns and the opportunity to innovate will ultimately drive customers to refresh.   At the same time, our R&D teams continue to develop new technologies like our advanced ASICs. These programmable custom designed processors allow Cisco to innovate HW via software. Our latest launches of the Catalyst 9000 Series product are a great example of a programmable device is truly an innovation platform.  Programmability ensures we’ll be able to squeeze every last cycle out of our gear, for years to come.  

Are there new products coming out soon that you are excited about?  What are some of the strengths of these products?

At Cisco we’re always cooking up new products and solutions.  Our culture of innovation and no technology religion allows our development teams to think outside the box and come up with industry changing technologies.   While I can’t tell you about the next big product announcements in advance of their release, I can say for sure that there will be more development around software and cloud, more innovation with ASICs and programmability.  Things are already heating up with WIFI-6 and 5G making things possible that was science fiction just a few years ago.  Security is equally exciting with DUO coming to the Cisco price list this year.

October is National Cybersecurity Awareness Month (NCSAM). This is a collaborative effort between government and industry to raise awareness on the importance of cybersecurity and the growing concerns of security threats to both private and public organizations.

In honor of NCSAM, here are some concerning data of cybersecurity:

• By 2021, cybercriminals are projected to cost the global economy more than $6 trillion annually, up from $3 trillion in 2015. This trend is more prevalent in the business sector. (Fox Business)
• 20% of IT security leaders said their organizations got hit six or more times annually, and 80% stated they had experienced at least one cybersecurity incident over the past 12 months so severe that it required a board-level meeting. (Source: IronNet)
• Nearly two-thirds of security professionals in a separate survey believe that their organization will have to respond to at least one major cybersecurity breach over the next 12 months. (Black Hat USA)
• 77% of IT Security leaders anticipate a major breach involving a critical infrastructure organization in the near future. Only 21% of the study participants believe the government is prepared to respond to such a breach. (Black Hat USA)

These are alarming facts regarding attitudes from IT Security leaders. A breach in cybersecurity can have a wide-range of effects to organizations from minor setback to debilitating costly effects that can cause layoffs. Either way, it is crucial to adopt not only a cybersecurity solution, but enforce best practice as well within your organization.

On Thursday September 5th, all public schools in Flagstaff Unified School District (Arizona) were closed due to a cybersecurity issue.  The School District’s Facebook post stated: “Due to a cyber-security issue that has impacted the ability of FUSD schools to operate normally, there will be no school on Thursday, September 5^th.  FACTS, Childcare centers, and FUSD preschools have also been canceled.”

In some of the comments in response to this post, parents are expressing concerns that their children’s data may have been breached due to this incident.

The Implications

While schools having sudden closings can seem like good news for the children, there are broader costs to be considered.  For example, the Flagstaff Unified School District has a total of 15 schools, each with their distinct population of students.  There are costs involved in sudden off-days, for example: the interruption in the learning curriculum, affecting the broader educational schedule. 

Additionally, a cybersecurity breach in school can have implications on the personal data of students and faculty, as mentioned before.  Depending on the children’s circumstances, many of their parents are working and therefore rely on the daycare and school facilities to occupy their children’s time.  So a sudden closing would require parents to quickly find immediate childcare options.

The Takeaway

No matter the size of a company or organization, no entity is safe from cybersecurity issues.  It has become common for organizations to have their data within their network (or the cloud).  While we have grown comfortable digitizing our data, it is crucial to consider cybersecurity options.  From the individual using their laptop for personal use to the large enterprise, digitization of data has its vulnerabilities to security breaches.

In the context of an educational institution like the Flagstaff Unified School District, there are solutions and preventive measures that can be taken.  For example, a school district has multiple locations, similar to businesses having multiple branches.  This would mean that centralizing the network into one secure solution would both reduce costs and add the convenience of managing the network.  In the Case Study: Reading School District case study of Make-A-Wish Foundation, the organization had multiple locations with their own distinct network and later consolidated their network into one solution: Cisco Meraki.

In a centralized cloud-based IT management solution like Cisco Meraki, IT professionals can monitor all the switches, routers, and end-user devices.  The solution is scalable so new locations can easily be onboarded while existing locations are future-proofed.  The Meraki MX Security Appliance would provide advanced threat protection, and prevent anything malicious from entering the network with the breadth of Cisco’s Security teams.  Additionally, Meraki has a dashboard that would inform the IT professional about the network, from bandwidth usage to problematic practices (risky downloads on a device etc.).

To conclude, it is crucial, even for school districts, to incorporate cybersecurity solutions into their budgetary planning/decisions. To learn more about Cisco Meraki and cyber-security best practices to protect your organization, click on the image below.  (Free Access Point Available!) (Also applicable to Higher education institutions!)

Different organizations and companies have different types of missions and goals.  In this particular case study, we are going to focus on Make-A-Wish Foundation.  Make-A-Wish Foundation is a nonprofit with a powerful mission to grant the wish of every child diagnosed with a life-threatening medical condition.  So with such a notable mission, having a stable, reliable IT network is crucial for this organization.

Jeff Pick, the Director of Technology for Make-A-Wish America, works at the National Office in Phoenix to support 62 local Make-A-Wish chapters around the country.  When he first started working at Make-A-Wish, each chapter had its own distinct networking gear, causing network management to be scattered.  In addition to this wide-spanning decentralized network, the organization was calling for an increase in cybersecurity.

Make-A-Wish Foundation chose to go with a Meraki setup at every location.  They initially did a trial and found it easy to configure.  At every Make-A-Wish Chapter, a Meraki MX Security Appliance, MS Switch and a number of MR Access Points can be found.  Each individual MX securely connects to other branch MXs in the Make-A-Wish network, and then back to a central MX400 at headquarters via Meraki Auto VPN.  Meraki’s site-to-site VPN connects chapters securely and automatically without manual configuration.  Because of this upgrade in network solutions, Make-A-Wish is able to securely share internal resources within the organization.

The Benefits Summarized

The initial issue was that each different Make-A-Wish location had its own distinct networking gear. It was difficult for the IT team of the Make-A-Wish Foundation to manage the network effectively.  After switching the entire network to Meraki, Make-A-Wish Foundation had a network topology that was centrally managed.  Jeff Pick and his IT team were able to view a detailed network map at any time.  Meraki Access Points have fixed 99% of the wireless errors they were having before.

Cisco Meraki is convenient cloud-based IT Management Solution.  In the case of businesses, it enables IT Managers to monitor their network from any location and scale their network.  Meraki is not only a networking solution, but it also comes with cybersecurity features as well.  Through Cisco Meraki, organizations like Make-A-Wish and other organizations can centralize cybersecurity, network management, while maintaining a lean IT staff.