Synapse Blog
- 5 min read
- 5 min read
A Smarter Approach to Mobile Device Management
More people today use personal mobile devices like smartphones and tablets for business purposes. Such devices, coupled with greater Wi-Fi accessibility and cloud services, have empowered us with the ability to access data and do business from practically anywhere at anytime.
Needless to say, many small-to-medium sized business owners have embraced the BYOD (Bring-Your-Own-Device) revolution. The benefits are obvious; increased employee productivity, enhanced services to customers/clients, and better overall customer and employee satisfaction.
But what about the potential consequences associated with this mobility revolution? Are small business owners doing enough preemptive planning to address potential risks that could arise with the use of BYOD devices?
Mobile Device Management – Questions Every SMB Should Ask
First, it is important that small business owners honestly assess whether their systems, networks, data, and overall infrastructure are ready for the use of an array of mobile devices.
Once it is firmly established that both internal IT and components in the cloud are prepared for BYOD, solutions should then be put into practice that are concurrent with terms of use policies or any guidelines pertaining to remote/telecommute workers or the sharing of sensitive data. The following questions should be answered.
- What particular devices or applications are permissible for work use? Assuming security requirements are in place, not every device or application will meet those.
- Will anyone in the company be tasked with the daily management of BYOB strategies? What should BYOD policies cover and what kind of management solutions will be needed? Would a BYOD management tool that collects device information, deploys and monitors usage, and offers insight into compliance be helpful?
- Which costs will be the responsibility of the employee? This pertains to any fees associated with usage – from network plans, to the device itself, to software, accessories and maintenance costs.
- What data will be accessible? Will data encryption be necessary for certain information traveling through the personal devices of employees? Which employees will have read, write, update/delete privileges?
- What is the process when handling sensitive data stored on lost or stolen devices, or the personal devices of ex-employees? Does the company or organization have the right to wipe out the entire device or just corporate data and apps?
BYOD is here to stay as it affords smaller-sized companies the mobility of a corporate giant without a huge investment. But when it comes to ensuring that devices, applications and networks are safe from the variety of threats linked to greater mobility, small business owners may find it necessary to enlist the help of a managed service provider to adequately take on mobile management challenges and provide ongoing consultation.
Contact us at Synapse IT Consultants Pty Ltd
- 5 min read
4 Essential Pieces of Any Small Business BYOD Strategy
Believe it or not, once upon a time, kids at the bus stop didn’t have cell phones and the mobile device strategy of many businesses was typically “you’ll take what you’re given, refrain from using it for any personal use, and the data may be scrubbed clean whenever we please.”
We’ve come a long way. Today, businesses really have no choice but to let employees use personal devices for work purposes. Blurred lines now make it difficult to differentiate between what is professional and what is personal. A company or organization may partially pay for an employee’s tablet computer or smartphone, but that same device is used to upload photos to Facebook or download torrents of this season of Game of Thrones.
Naturally, security and privacy issues are a concern since these devices sync to the company network. Larger corporations may be able to hire IT support or produce sophisticated BYOD guidelines for employees to adhere to, but smaller businesses have limited resources.
In fact, recent surveys suggest that the small business sector is doing very little to preemptively prepare for potential network security risks that could arise with the use of BYOD devices. This could prove to be disastrous.
The practical reality is that employees are going to use their mobile devices for personal use. However, too many firms have overlooked what this means for their data security.
Implementing a comprehensive BYOD policy right now, rather than when it’s too late, is important. We’ve compiled a list of four items that any business currently building a BYOD strategy must consider.
- It must clearly be outlined what specific devices are permitted for work use.
- The company/organization must have the ability to remotely delete company-sensitive data from mobile devices without the device owner’s permission. Remote deletion capabilities are much more refined these days; simplifying the removal of enterprise-related data from devices, while leaving other content like personal photos, contacts, apps and music downloads intact.
- Written policies should be put into effect that correspond with terms of use policies and any guidelines pertaining to remote/telecommuting workers or the sharing of sensitive data. There should be clearly defined consequences for violating any or all policies.
- Employee privacy should be discussed within the BYOD policy since employees often use these devices to check personal email, browse or post to Facebook and Twitter feeds, instant message, and store personal documents, photos, music and movie downloads. Employees must understand that employers still have access to the content stored on these devices. Location tracking, which gives employers the ability to locate employees, is also something to discuss since many people don’t necessarily welcome that kind of surveillance.
It is understandable that BYOD and more mobile employees have some small business owners feeling anxious and nervous. But mobile management tools, periodic conversation, security checks, and research will do wonders when it comes to keeping small businesses safe.
Contact us at Synapse IT Consultants Pty Ltd
- 5 min read
Keep Your IT Guy and Outsource IT Services, Too
Everyone in the office loves Eric. Sporting a different ironic t-shirt everyday, Eric is the one we call when technology spits in our face. Whether it’s a slow system, a bug that needs to be squashed, a website issue, or a crash that results in unexpected downtime and data loss, Eric is right there. Not only does he get to the bottom of any issue but he also rights the ship like he’s some sort of miracle-working captain who just happens to have a pretty wickedly funny Peter Griffinfrom Family Guy impersonation.
But business is growing and Eric is overworked. Eric has certain skills that you’d love to use to develop innovative applications and revenue-generating projects– but he’s too busy running around fixing things that break. Or he’s performing the most mundane and routine tasks day-in-and-day-out just to keep things secure and running smoothly.
You get a sense that Eric’s overburdened and he’s saddled with too many responsibilities. His demeanor has changed from pleasant to moody. He’s listening to angrier metal and punk music and you’re noticing cracks in his work. You fear Eric is being pulled in too many directions and the reliability of your server, network, and applications, as well as the integrity of your data, are all at risk.
Someone who has watched a bit too much of Donald Trump on The Apprentice might think Eric should be fired. We’re not going to fire Eric. But we’re also not going to hire a full-time salaried Robin to his Batman or Cheech to his Chong. We’re going to help Eric by exploiting IT automation and managed services to handle many of the monotonous tasks making Eric hate his job right now.
Let’s help Eric…..
- Focus Primarily on Cost-Cutting and Revenue Increasing Projects: First things first, Eric has to realize that he can’t do everything himself. Where are his skills best used? Whether it’s processes that help drive down costs or ones with the potential to raise revenue, evaluate the projects in the queue and rank them by what impacts the bottom line the most.
- Take to the Cloud: Some IT people fear the cloud spells the end to their job security. Meanwhile, the cloud can actually help them take on a more prominent contributing role in the company’s success.
The cloud should be seen as another tool that further eliminates the mundane yet necessary daily drudgery from their workday. Those who work WITH the cloud will find that they have more available time to take on more meaningful cost cutting or revenue generating projects. - Use a Managed Service Provider: Using outsourced managed services not only alleviates much of Eric’s pressure and stress, but also boosts productivity and gives the company a much improved ROI (Return-on-Investment) on their technology investment.
While technology has gotten easier for the end user, it has become more complex on the backend with the advent of virtualization, cloud computing, and advanced infrastructure.
Using an MSP gives Eric access to a trusted advisor, a 24/7 help desk, remote monitoring and management tools, mobile device management tools, and much better disaster recovery and business continuity solutions. All without the overhead that comes with hiring more help for Eric. MSPs offer a consistency to not just your end-user but also your main IT guy who will certainly appreciate the help.
Contact us at Synapse IT Consultants Pty Ltd
- 5 min read
Click, Click, BOOM – You’re in Business But Is Your Technology Ready?
It’s a fast business world. Brilliant business ideas can be conjured up at some hipster-filled vegan coffeehouse, a website is thrown together, and poof… in no time at all there is a living, breathing, small business venture accessible from anywhere in the world.
But as your head hits the pillow at night, with visions of becoming the next Mark Zuckerberg dancing in your head, understand that many obstacles will greet you on your road to entrepreneurial success. A fresh innovative idea is merely a start. For every successful startup like Groupon, there are even more that have faltered. Some great, even revolutionary, business concepts that just faded into obscurity; leaving behind nothing but tales of what could’ve been and insurmountable debt.
Failed business technology is often a big reason for this. Many startups think big but tend to operate small-minded to keep overhead and costs down. They then find themselves completely unprepared to meet the demands of growth, particularly when it comes to their IT infrastructure. There is no one-size fit all approach to how to manage technology for optimal efficiency, uptime, and profitability. Especially given the challenges of limited budgets and the need to keep overhead down.
So exactly how do SMBs make sound decisions regarding their technology infrastructure? Choices that are cost-effective enough to get their business off the ground and running without screwing them over once it truly takes off?
Combine On-Site and Off-Site Support for the Best of Both Worlds
Over 45% of SMBs have no dedicated in-house IT staff and no contracted IT consultant regularly monitoring and managing their technology. Roughly only 7 percent of SMBs have a full-time onsite IT technician on payroll. The rest rely on third-party on-call IT companies who appear only when technology goes haywire and disrupts business. These on-call companies can sometimes take a day or two to even show up, which means issues aren’t resolved in a timely and efficient manner. And did we mention they’re expensive?
Most SMBs say they simply can’t afford full-time in-house support. Even those who do budget for it face overwhelming challenges. They often experience a revolving door of on-site help who leave for a larger company and better salary once they’ve beefed up their resume. And those hires that do remain loyal often feel as if they have no reliable help and become overworked and frazzled as the business and their responsibilities grow. Discontent may even set in if wages aren’t raised proportionately to the added responsibilities, or if they grow bored of doing the same mundane repetitive work everyday.
But today’s SMB has access to technology that won’t drain resources. In particular, the evolution of cloud computing and managed services can either automate or re-assign a lot of the day-to-day caretaking of technology to remote employees, leaving onsite support available for more meaningful and potentially profitable projects.
Better yet, it saves money on equipment costs.
Whenever possible, a mix of on-premise and off-premise IT support is the best way to make your technology scalable and prepared for growth.
Contact us at Synapse IT Consultants Pty Ltd
- 5 min read
Many small businesses still do not understand, or pay attention to, the Notifiable Data Breach scheme introduced by the government in 2018. This is a summary of the scheme and why it matters to you.
Firstly, what is a “data breach”?
A data breach is when data, or information, could have been accessed by someone that is not supposed to have access. Some examples of data breaches are:
- You accidentally email a file to the wrong person
- Your laptop or mobile phone gets stolen
- You leave your computer on and logged in while you wander off to do something else
- You store files in a cloud based storage system that is not properly secured
- A hacker breaks into your company’s server over the internet and downloads your files
Clearly breaches can be accidental, malicious, or anything in between but they do happen all the time.
Why did the government decide to change the legislation?
We are in the information age. People you deal with are actively collecting and storing information about you. Big companies like Facebook and Google collect information, and even retail stores ask you to share information in return for joining their loyalty program. Every business has data about customers, partners, suppliers and employees.
Hacking and stealing this data is big business, to the extent that cyber crime is now the largest form of organised crime in the world.
Prior to the introduction of the NDB scheme, in many cases if an organisation that held your information had a data breach they did not need to tell anyone about it. Your information could be being used against you, for identity theft for example, and you would not know. With no accountability, the holder of the data does not have much incentive to improve their systems.
What is the NDB Scheme?
The NDB Scheme is legislation that is part of the Privacy Act. It makes organisations more accountable for the data they hold. Organisations are required to take steps to protect data and are also required to notify the government and other impacted parties if they have an notifiable data breach. The NDB Scheme also provides penalties for non compliance.
Which organisations are covered by the NDB Scheme?
Broadly, any organisation turning over more than $3 million must comply. There are also some sectors such as health services or credit providers that must comply.
How would I know if I have been breached?
If you have any reason to suspect a breach you must perform a “reasonable and expeditious” assessment to confirm or discount the breach, and identify what information has been breached. There is an expectation that organisations will have reasonable practices, procedures and systems in place to protect data and allow for prompt assessment of any suspect activity.
Do I need to report every breach?
Organisations only need to report “notifiable” data breaches. Typically these are serious breaches that may cause harm to the people whose data has been breached. If confidential information, or personally identifiable information such as names, addresses, credit card info, tax file numbers, financial details, etc, are leaked this could be considered a notifiable breach.
Other less serious breaches do not need to be notified.
Who decides what breaches are notifiable?
Ultimately the responsibility to decide whether a “reasonable person” would think that a breach would result in serious harm lies with the breached business, however the OAIC has some guidelines.
We suggest that at a minimum, you need to have a few things in place to be able to make this determination. You need to:
- Have systems in place to detect a breach and identify what data was accessed.
- Know what data you have, where it is, and how sensitive it is.
- Have an incident response plan prepared in advance so you know what to do in the event of a breach.
- Have a legal advisor who can provide formal advice about your obligations.
What happens if I don’t report a breach?
The penalties for not complying with the NDB are specified in the Privacy Act. Currently, the act allows for monetary penalties of up to $1.8 million for organisations and $360,000 for individuals. In addition to penalties, the Commissioner may investigate non compliance and require the organisation to pay compensation to affected parties.
If organisations do not have appropriate systems and procedures protections in place, this may be viewed as a breach of the directors’ duty of care and therefore company directors may also personally face penalties.
Who can assist with this?
The Office of the Australian Information Commissioner publishes significant amounts of information on these topics at https://oaic.gov.au.
Ultimately, we suggest discussing this with an appropriate legal advisor to ensure you are aware of your obligations. We can, of course, assist with helping you to define and improve your cyber security posture.
In Summary
Businesses are now more accountable for protecting data that they store. At a minimum, you should be aware of how your business is protecting it’s data, how you would detect a breach when one occurs, how you would determine the extent of the breach, and what steps you would take to mitigate and notify as required.
- 5 min read
Inquiring SMBs Want to Know… What’s the Difference Between a Help Desk and NOC?
It’s no secret that any growing small-to-medium sized business must monitor and manage its business technology in the most cost-efficient way. The tricky part is figuring out how to do this without sacrificing the overall experience of the end-user. End-users can be clients and customers or employees. Both rely on the efficiency of a firm’s network, servers, and applications, and the availability of the company’s data center.
Thanks to the evolution of managed services, it’s actually possible these days to reduce costs, which strengthens IT support and infrastructure. It’s just a matter optimally integrating all available resources.
It’s a Staffing Conundrum for Most SMBs
Most SMBs tend to be short staffed. This isn’t just another reference to the many SMBs with little to no onsite tech support. While that’s true, and problematic, it’s actually all operations that tend to be short staffed.
Small yet growing companies and organizations aren’t just short on tech support; it seems like even their administrative assistant needs an assistant to keep up. Customer support and sales teams are also overworked, and often hindered by having to understand and troubleshoot tech problems when they have no tech expertise whatsoever.
There is no, “Hold for a moment, Sir. I’m about to transfer you to our tech support team.” There is no tech support team.
This is where managed service providers (MSPs) step in to save the day. MSPs help SMBs better manage their technology to achieve greater ROI (Return-on-Investment). One way they do this is by augmenting a SMBs existing on-site staff with the remote support of a 24/7 Network Operations Center (NOC) and Help Desk.
What’s the Difference Between a NOC and Help Desk?
This question is asked a lot because it’s really not uncommon to see both referenced interchangeably, which leaves many to assume they are one in the same. They are not. Here is the easiest way to distinguish between the two.
NOC: Most of the work performed by a NOC focuses on the network and systems. The NOC can almost be viewed as a mission control center. They monitor and manage an IT network. A 24/7 NOC typically monitors the network and system security, performance, and backup processes.
Help Desk: The Help Desk is more customer-oriented. The Help Desk has interaction with the end-user, or someone representing the end-user, to directly respond and resolve technical problems as they arise. Customers or employees can typically reach the Help Desk by clicking a support icon, emailing them, or dialing a toll-free number.
Do the Help Desk and the NOC Interact?
Although the NOC and Help Desk are different, they do work together, along with any in-house tech support, to provide cohesive tech solutions to end-users. The Help Desk typically has three tiers of support and may sometimes have to escalate tickets to the NOC for resolution.
This open communication, and ease of escalation, improves the end-user experience and serves as a proactive cost-efficient approach to managing SMB technology.
Contact us at Synapse IT Consultants Pty Ltd
Contact Us Today
Reach new heights in your industry through beginning the transition to managed IT solutions.