Category: Hosted and Cloud Services

Work From Home Policy Benefits and Considerations

working from home

In the past several months, work from home (WFH) policies have become increasingly popular. The spread of COVID-19 has resulted in a temporary and sometimes permanent WFH environment for many companies throughout the country. 

Working from home can be beneficial and many employers and workers are happily embracing the trend. Plus, with remote access solutions, it’s easier for businesses to safely operate from anywhere with a secure, remote connection. Here are some benefits companies see after making a WFH shift:

Improved Employee Satisfaction

Many employees appreciate the option to work from home at least part of the time. The flexibility to choose when to go into an office provides peace of mind to employees who might have to commute far in bad weather or need to deal with an unexpected illness. Most workers prefer organizations that allow a greater balance between life and work.

Increased Productivity

Increase worker productivity is a major potential benefit for a work from home policy adoption. Studies have shown that in many cases productivity improves when employees work from home.

It may seem that a house has many distractions, but the office may have more. Colleagues visiting, a loud office space, and impromptu meetings can steal away a lot of time. From home, some employees have the opportunity to focus on a task with fewer interruptions.

Less Time Spent Commuting

Anyone who sits in traffic or takes public transportation daily understands the merit of a shortened commute. It’s also greener: cutting down on daily commutes may have a net positive effect on energy savings. At the very least, employees will see a decline in transportation costs and time spent traveling to work.

Recruitment and Retention Improvements

Recruiting top employees remains a serious challenge, but limiting the candidate pool to a local area may mean a company is missing out on potential applicants. Studies by major consulting and recruitment firms are determining that the opportunity to WFH can be a key factor when applying for new jobs. Companies may also lose some of their own workers – the lack of work from home opportunities has been listed as a reason for seeking alternative employment.

Decreased Real Estate Costs

For companies and organizations who believe WFH will be their long-term model, this can mean eliminating office space, cutting considerable fixed-costs out of the bottom line equation.

There are many great benefits of working from home, however, relaxed data security and blurred office hours can become an opportunity for cyber threats. If you’re considering adopting a work from home policy, here are some factors that should be carefully considered:

Equipment and Maintenance 

It should be outlined what equipment and utilities employers and employees are responsible for providing and maintaining. Will bandwidth be a reimbursable expense? Will laptops, phones, etc. be provided by the business or will this be a BYOD project?

If technology is provided by the employer, determine the employee’s responsibility to keep it maintained and install upgrades. If you have a BYOD policy, decide if employees required to bring their devices in for upgrades and security checks. Click here to learn more about adopting a BYOD policy.

Fair Labor Standards Act 

When employees work from home, overtime laws are still applicable. The Fair Labor Standards Act (FLSA) created a framework for paying wages above the law’s definition of a 40-hour workweek that includes overtime pay for work performed beyond that threshold. Under FLSA, two basic classes of workers are defined: those employees who must be paid overtime when working in excess of forty hours (non-exempt employees), and those who are not required to be compensated for work done beyond the 40-hour limit (exempt employees).

The problem FLSA presents is that non-exempt employees must be paid for all work, including any work activity outside regular working hours. An example of the liability that is created for an employer are employees who respond to texts and emails from home outside “office hours.” This is compensable work and needs to be counted under the 40-hour threshold. Policies that protect you from any violation of FLSA should be articulated clearly in writing.

Be Aware of Organizational Silos

When developing a WFH policy, the above issue of FLSA points out that effective WFH  planning and implementation requires collaboration, and not just between individual managers and employees. IT involvement may be necessary – determine who is supporting off-site technology and maintaining data security. It is a human resource issue-will performance measurements need to be tweaked? It may be a legal issue – certain types of data is governed by federal and state laws such as HIPAA and FERPA.

It is extremely important that companies take into consideration the data protection and legal implications before opting for a work from home setup. WFH policies can prove beneficial to both the employer and the employee if planned well and implemented properly.

No matter if you’re in the office or at home, networks need to be secure and maintained. MSPs like Wahaya can help ease the telecommuting transition with remote access solutions and business data continuity plans. Contact us to start setting up your business to operate from any time, anywhere!

Managing Cybersecurity with a Top-Down Approach

Employees are often the target of cyberattacks that can compromise private company data. New employees in particular can be the most susceptible to common attacks such as social engineering and phishing. To stay ahead of cybercriminals, organizations should educate and train all employees through a top-down IT security approach.

A top-down IT security approach begins with the IT department and management communicating the importance of cybersecurity and creating guidelines for reporting suspicious activity. IT Departments are not the only ones targeted by cybercrimes, leaving the potential for any employee to become a security liability. A top-down approach shifts the sole responsibility away from a single department.

A combination of general security training and instructions to recognize and report breaches are essential for keeping company data safe. Wahaya IT Consulting works with organizations to create a custom IT Policy handbook to distribute to every employee. Click here to see more of our recommended cybersecurity training best practices.

Focus on the first steps you need to take as an organization to better prepare your employees to identify and mitigate cyber threats. For example, employee training is just one part of Wahaya’s layered approach to IT security. Minimizing the of a cyberattack can help to avoid the following repercussions: 

  • Negative affect on brand image: Business disruption due to downtime or having your business data (including customer and vendor details) stolen reflects poorly on your brand.
  • Loss of customers: Customers may take their business elsewhere if they don’t feel safe sharing their information with you.
  • Financial loss: Data breaches make you liable to follow certain disclosure requirements mandated by the law. These may require you to make announcements to the media, which can become expensive. You may also have to hire a PR team to address communications during this time. 
  • Potential of lawsuits: A company could be sued by customers whose Personally Identifiable Information (PII) has been compromised or stolen. Depending on the industry, there may also be steep fines for noncompliance. 

Your company’s organizational structure should acknowledge the fact that IT security is not only your IT department, CTO, or Managed Service Provider’s (MSP) responsibility. IT Security is dependent on every part of the business. Starting from the top and encompassing every employee within the organization approach will lead to success in keeping customer and business information safe and secure.

Cover your vulnerabilities with a cybersecurity prevention plan. Contact us to learn more about our cybersecurity solutions.

Cloud Security 101: Benefits and How to Protect Your Organization

Cloud security
Cloud security

Cloud security is defined as the protection of data stored online via cloud computing platforms. Reviewing the benefits and risks associated with cloud security can help organizations find the right cloud security approach to match their needs.

The Benefits of Cloud Services

Many small businesses, consumer industries, and health care environments have switched to cloud technology to store their data. The Cloud offers numerous benefits over the traditional, physical on-site server. It is a great choice, especially for SMBs who don’t want to be burdened with higher in-house IT costs. Click here to learn more about Wahaya’s managed cloud services.

Reasons for switching to the cloud include: 

  • Anytime, anywhere access to your data: Information in the Cloud can be accessed from anywhere using an internet connection, unlike in the case of traditional servers, where a physical connection to the servers is needed. 
  • Significant cost savings: Reduce hardware costs, because you do not need to invest in physical hardware.  
  • Shared storage leads to cost savings: The Cloud lets you share space with others while maintaining a secure environment in general. It follows a ‘pay-as-you-use’ approach to data storage allowing you to enjoy cost savings based on your data storage needs. Traditional options require you to pay for and purchase a whole new server if your data storage needs exceed the existing capacity.  
  • SaaS compatibility and support: Since software can be hosted in the Cloud, it allows the use of Software-as-a-Service.
  • Scalability: The Cloud lets you scale up and down as your business needs change.
  • 24/7 monitoring, support, and greater access reliability: When your data is in the Cloud, the Cloud service provider is responsible for keeping it safe and ensuring it is securely accessible at all times. They monitor the cloud’s performance and in the event of any performance issues, they provide immediate tech support to resolve the problem.

Organizations must not only protect consumer information to satisfy customers, but many must follow regulations for storing sensitive data. Common personal data stored that is protected by regulations are credit card and healthcare information. In particular, healthcare providers must implement a cloud solution that is HIPAA compliant. Different environments will face unique privacy and security concerns. 

Threats to Cloud Security

Putting your data in the Cloud is not completely risk-free. Just as storing data on physical servers has its security threats, the Cloud presents certain security concerns as well.

To protect your network, Wahaya offers managed a layered approach to security. Cloud backups, continuous employee training, filtering, and AI-based malware learning all work as different layers to our security approach. Our various levels of defense minimize the possibility of cyber threats slipping through. 

Major threats to cloud security include:

  • Data breach: A data breach is when your data is accessed by someone who is not authorized to do so. 
  • Data loss: A data loss is a situation where your data in the Cloud is destroyed due to certain circumstances such as technological failure or neglect during any stage of data processing or storage.  
  • Account hijacking: Like traditional servers, data in the Cloud could be stolen through account hijacking as well. In fact, Cloud account hijacking is predominantly deployed in cybercrimes that require identity thefts and wrongful impersonation  
  • Service traffic hijacking: In a service traffic hijacking, your attacker first gains access to your credentials, uses it to understand the online activities that happen in your domain, and then uses the information to mislead your users or domain visitors to malicious sites.  
  • Insecure application program interfaces (APIs): Sometimes, Cloud APIs, when opened up to third parties, can be a huge security threat. If the API keys are not properly secured, it can serve as an entry point for cybercriminals and malicious elements.  
  • Poor choice of Cloud storage providers: A security lapse from the Cloud storage provider’s end is a huge security concern for businesses. It is very important to choose a trusted and experienced Cloud service provider who knows what they are doing.

Cloud Security Mechanisms

As part of a layered approach to cloud security, there are several mechanisms that can be implemented to counter potential threats. These include:

  • Cloud firewalls: Much like the firewalls you deploy for your local IT network, Cloud firewalls work to prevent unauthorized Cloud network access.  
  • Penetration testing: Penetration testing is a sort of a Cloud security check where IT experts try hacking into the Cloud network to figure out if there are any security lapses or vulnerabilities that could serve cybercriminals.  
  • Obfuscation: In obfuscation, the data or program code is obscured on purpose such that the system delivers unclear code to anyone other than the original programmer, thus mitigating any malicious activity.  
  • Tokenization: Tokenization is the process of replacing sensitive data with unique identification symbols that retain all the essential information about the data without compromising its security. 
  • Virtual Private Networks (VPN): Another, more commonly used mechanism is the VPN. VPN creates a safe passage for data over the Cloud through end-to-end encryption methodology. 

Investing in a good cloud security system is a must, especially when it comes to protecting private consumer data. Complete cloud security is a blend of all these multiple digital security layers plus internal policies, best practices, and regulations related to IT security.

Ready to implement the right cloud security solution for your organization with Wahaya IT Consulting? Click here to contact us!

BYOD can have some downsides

Employers know that employees prefer BYOD policies and that they can increase productivity. However, BYOD can have some downsides. Probably the most prominent concern among those who have to address the BYOD issue is the increased risk to data security. Obviously, the more devices you have with the ability to connect to your data, the more opportunities you create for a breach. Simply put, a house with 20 doors and 50 windows with multiple lock styles is a bit more vulnerable than a house with one door and one window.

BYOD increases risk to the organization. Data breaches bring a few layers of concern. First, the loss of proprietary data can affect your competitive status in the market. However, the real high-visibility concern is the theft of your customer’s personal data. Theft of personal data brings three serious consequences.

First, data breach laws require informing all victims of the data breach and in some cases, the media must also be informed. This public visibility can have long-lasting implications for brand value.

Second, you face a short- and long-term revenue hit. Customers angry and frustrated, as well as others who learn about the breach through social media, word-of-mouth, and traditional media sources, may move their business to the competition.

Third, data breaches can bring civil penalties. In the case of the General Data Protection Regulation (GDPR) in the European Union, these penalties can be extremely severe. ( And keep in mind, the GDPR doesn’t just apply to entities physical operating within the EU. It applies to the data of any user who is a citizen of the EU.)

In summary, given the severity of the consequences and the increased vulnerability created by BYOD, it is important to create a BYOD policy with strict parameters. It cannot be a “wild west” of anything goes.

Click here to learn more about our IT solutions.

3 Things to consider before you sign-up with a cloud services provider

More and more SMBs are migrating to the cloud and that is not a surprise considering the numerous benefits the cloud can offer them. For a SMB, the cloud is a cost efficient and secure answer to their growing data needs and IT security requirements. The cloud grows with them and lets them scale their business without worrying about a corresponding rise in IT costs. Plus, with the cloud, the important aspects of security and backups are mostly taken care of by the cloud service provider. And then, there’s the convenience of any-time-anywhere data access. With all these benefits that the cloud brings, what’s there to think about before signing up with a cloud service provider? While are a lot of benefits of storing your data on the cloud, but your data is still yours, so there are a few things you need to know and be comfortable with before you jump onto the cloud.

 

Data storage location

Ask your cloud services provider where, (as in the location of the data center) your data will be stored. Ask them if they have multiple data centers and if yes, then, will they be backing up your data and storing them at different places. It is great if your cloud services provider does that, since that ensures higher safety of your data.

How secure will your data be?

Yes. When you hire a cloud services provider, a major chunk of your data’s security responsibility is passed onto them. You don’t have to really worry about your data security, but, you still need to know how they plan to keep your data safe. Ask your cloud services provider for details regarding their data security procedure. Have them share all policies, SOPs and data security frameworks that they claim to have in place.

Past performance/data loss history

Everyone talks about their best projects in a sales meeting. What you really need to know are the worst ones. Ask your cloud services provider to share with you their data loss/downtime trends for the past one year. Observe the trend. How often does their system give way and how long does it last? This is important for you to understand, because this metric translates into loss of business for you.

Finally, don’t forget to ask for a client list. Like we said before, everyone highlights the good things about themselves in a sales meeting. If you really want to know how good your cloud service provider is, ask them for a client list–both current and past. Check how many of them are from your industry vertical. Try reaching out to those who are willing to talk. Find out what they like the most about your cloud service provider and what aspects they find negative. Find out why their former customers left them. Usually customers are pretty good indicators of the quality of service a business provides. Hope these tips help you finding a cloud service provider who fits in well with your needs.

Click here to learn more about our managed cloud solutions.

Windows 7 End of Life: How does it impact you

Microsoft has officially announced the “End of Life” date for Windows 7. It will come January 14, 2020. Windows 7 was introduced in 2009 and is one of the most popular versions of Windows. It is estimated that around 40% of Windows OS is 7. So, if you are one of the Windows 7 users, read this blog to understand how this end of life announcement impacts you and what you should be doing.

End of life means, beyond January 2020, users of Windows 7 will not get any updates, security patches, or any kind of support from Microsoft. Does this mean you need to scrap all your devices that run on the Windows 7 OS? Technically, the answer is no. You can still continue to use your existing computer with Windows 7 OS, but it won’t get the free security patches and updates. This makes your computer and possibly your whole IT network vulnerable to malware and other IT security threats. Plus, as a business, running Windows 7 OS without the security patches and updates is not really an option as it creates liabilities in the event of data theft. Also, you may be inadvertently violating regulations by using an OS that’s officially declared vulnerable to security threats. In short, running Windows 7 without the support is not really an option for businesses.

So, what should you be doing? First off, make sure you download Microsoft’s most recent Windows 7 update, because if you don’t run the most recent update, you will lose Microsoft support 6 months earlier–in July 2019. You can download the update here.

Apart from this, you can buy extended support for Windows 7 from Microsoft. The extended support will be available until 2023. An MSP who is an authorized Microsoft reseller or partner will be able to tell you more about this option and the pricing, in particular.

In the long run, however, you will have to migrate to a newer, supported version of Windows. 

Clik here to learn more about our Microsoft Office 365 solutions.

Be Proactive: How to Avoid Potential Network Failures

 


For small- to medium-sized businesses (SMBs), an IT network failure can be devastating because they don’t have the resources of large corporations to bounce back from such disasters. Preparation against such devastation may be the only course for them to avoid failure and survive with the least damage if failure occurs. SMBs must be proactive in recognizing the eventuality of a cyberattack or human error that can cause data loss and disrupt business continuity. This is what needs to be done to help prevent a potential failure.

Be prepared: Being proactive is an essential step for preparation against a disaster. There are two ways to determine how to best prepare to prevent potential failure of your infrastructure. First, you need to identify the weaknesses throughout your systems, and second, determine how you are going to eliminate those weaknesses and protect your network.

Identify the weaknesses: Determine how and why your system could fail. Examine all aspects of your hardware and software. Assess all the internal and external factors that could contribute to failure of your networks. Here are some questions you need to know the answers to.

  • Does customer access and/or employee productivity often stall because of downed systems? In these situations, how quickly is your IT support able to minimize the damage?
  • Can you say with certainty that your business will be back online and be able to access lost data with minimal disruption in case of failure?
  • Your critical data should be backed up frequently. The data on personal laptops, iPads and other mobile devices should also be backed up. Are all these steps being taken, and how often?
  • Are all backups stored in a location off-site and are they quickly accessible in the event of corruption, fire or flood?
  • Are you using any custom-made software? Can it be reinstalled and updated when needed?
  • Are your systems truly protected from hackers and viruses? Do you change passwords when employees leave the company?
  • How often do you test your backup processes?

The answers to all these questions should give you a clear picture of your network’s ability to survive in case of a catastrophe.

Here are five steps that you can take to protect your networks

  1. Backup files every day: There are a large number of businesses that never backup data. Only 23% of SMBs are backing up their data daily, and only 50% are doing it weekly. A number of issues can result in loss of data. You should backup data every day.
  2. Check backup procedures regularly: Don’t find out accidentally that your backup system is not working properly. By then it could be too late. It may seem like your data is being backed up normally, but check frequently if it is backing up the way it should be. In this age of BYOD make sure all employees are also following procedures to backup data on their laptops, iPads, etc.
  3. Make sure virus protection and firewalls are always enabled: Many companies either don’t have virus protection installed or it is disabled. That renders their networks vulnerable to virus attacks from emails, spam and data downloads. Corrupted files will not only bring your systems down, but they can spread to your customers and email contacts. That will spell disaster for your reputation. Hackers are always looking for unprotected and open ports online that they can attack with malicious code or files. That can cause permanent data loss.
  4. Monitor server drives: Dangerously full server drives can cause many problems, ranging from program crashes to sluggish email delivery. Servers should be monitored and maintained regularly to avoid these problems.
  5. Check built-in logs: Frequent reviews of built-in logs can reveal small issues. You will have a chance to prevent them from becoming bigger, harder-to- manage problems that can bring your systems down.

Summary: We now know IT system failures have very serious consequences for SMBs. We also know that they can avoid such failures by being proactive. Many SMBs are now turning to cloud-based services and virtualized backup solutions to mitigate downtimes and network failures. Virtualization and cloud computing have enabled cost-efficient business continuity by allowing entire servers to be grouped into one software bundle or virtual server – this includes all data, operating systems, applications, and patches. This simplifies the backup process and allows for quick data restoration when needed.

Looking to protect your network in case of an IT failure? Click here to contact us.

Baton Rouge Network Support

Baton Rouge Network Support

Wahaya IT offers exceptional network support and services to Baton Rouge businesses. From servers to POS systems to desktop computers, we cover it all. With top notch technicians and a great team to support your company, you’ll find our service plans and offerings very affordable. We enjoy helping companies of any size with their computing and networking needs. Need special Office 365 help? We can help you create a game plan that stays in your budget and gives you the best configuration and most important, security features.

Backed by technology experts, we help organizations gain the full benefits of existing systems, make strategic investments in implementing replacement solutions and maintain infrastructure that is secure, dynamic, and reliable. We offer a full range of solutions including a full managed services, mobile computing, Virtual CIO, IT strategy, virtualization, cloud computingbusiness continuity, network security and IP telephony.

Contact us today for a no cost consult and see how we can become the most important part of your team, the team that keeps things running!

What are SIP Trunks?

As a business owner, you are constantly looking for ways to cut costs and re-prioritize your spending. With all the services you are tasked with managing (merchant services, shipping services, payroll services, etc.) it’s understandable you haven’t mastered the knowledge of each industry. Maybe you’ve heard of SIP trunking, and maybe a friend of yours saves money by using it with his business, but you’d like to know more about how it works before you contact providers.

Conventional analog phone lines have dominated business communication for a century. Long distance and international calls can cost a fortune. The fact that a traditional copper-based phone line can only handle one call at a time means you’re constantly investing in a new “trunk”, every time you need to add call capacity.

By allowing you to make calls over the Internet, VoIP can reduce costs of long distance calls while making it far easier to scale up the number of calls you need to make at once.

A SIP trunk is the virtual version of an analog phone line. Using SIP trunks, a SIP provider can connect one, two, or twenty channels to your PBX, allowing you to make local, long distance, and international calls over the Internet. If you have an on-premises PBX in your office, a SIP trunk provider can connect to you and allow you to make outbound calls on your existing system, without restrictions on the number of concurrent calls.

Metered SIP trunking is delivered and charged on usage, so each minute will incur a charge. Metered trunking is very flexible in that there are no limitations to the number of concurrent calls, as you are just charged for each minute of each call. Metered services allows businesses the flexibility to dynamically add calls and just pay for the additional usage.

Channelized SIP trunking is a prepaid option that provides unlimited inbound and outbound local and long distance calls on per channel/call basis. Each Channel provides the ability to make or receive a single call. Once you have filled all of your channels you will be unable to make or receive additional calls. Channels can always be added for more capacity by contacting your provider. This type of SIP trunking service allows businesses a way to easily budget their telecom spending and is similar in capacity handling to copper phone lines.

Click here to learn more about our VoIP and Unified Communications services.

Device configurations need to be backed up as well

Device configurations need to be backed up often to maintain a repository of backups ready to be restored in case of emergencies. In large enterprises with more number of devices, this task of getting the device configuration backup up becomes a huge mundane task taking up most of the time of an admin. Being able to automate configuration backups will free up a network admin’s time to do productivity enhancing tasks.

Any change made to the device configuration in a network carries the possibility of an error. An erroneous configuration change can cause network issues ranging from performance degradation to network outage. This is particularly true for those network devices that are crucial for the infrastructure. Any change in such devices should be detected and the configuration file of the device must be backed up.

Unauthorized configuration changes often wreak havoc to the business continuity and hence detecting changes is a crucial task. Detection should be real-time to have effective control. Network Configuration Manager offers real-time configuration change detection.

All of these are reasons why you should have an automated software solution to backup and monitor your network infrastructure.

Click here to learn more about our managed service provider solutions.