Category: Firewall

BYOD can have some downsides

Employers know that employees prefer BYOD policies and that they can increase productivity. However, BYOD can have some downsides. Probably the most prominent concern among those who have to address the BYOD issue is the increased risk to data security. Obviously, the more devices you have with the ability to connect to your data, the more opportunities you create for a breach. Simply put, a house with 20 doors and 50 windows with multiple lock styles is a bit more vulnerable than a house with one door and one window.

BYOD increases risk to the organization. Data breaches bring a few layers of concern. First, the loss of proprietary data can affect your competitive status in the market. However, the real high-visibility concern is the theft of your customer’s personal data. Theft of personal data brings three serious consequences.

First, data breach laws require informing all victims of the data breach and in some cases, the media must also be informed. This public visibility can have long-lasting implications for brand value.

Second, you face a short- and long-term revenue hit. Customers angry and frustrated, as well as others who learn about the breach through social media, word-of-mouth, and traditional media sources, may move their business to the competition.

Third, data breaches can bring civil penalties. In the case of the General Data Protection Regulation (GDPR) in the European Union, these penalties can be extremely severe. ( And keep in mind, the GDPR doesn’t just apply to entities physical operating within the EU. It applies to the data of any user who is a citizen of the EU.)

In summary, given the severity of the consequences and the increased vulnerability created by BYOD, it is important to create a BYOD policy with strict parameters. It cannot be a “wild west” of anything goes.

Click here to learn more about our IT solutions.

Adopting a BYOD policy

Employee convenience is touted as one of the primary drivers for adopting a BYOD policy. However, just because it can make life easier doesn’t mean employees don’t have serious concerns about the implementation of BYOD in the workplace. From the employee perspective, there are downsides.

One particular issue that arises with BYOD are employee’s concerns about the privacy of personal data and applications. Because these are their own devices, they have an enormous amount of personal data, including health information, photos, texts, emails and other information stored on the device. Also, apps they may have installed could potentially reveal information about their religion, politics, sexual orientation or other characteristics that they may consider private and off-limits. Concern that their employer could see their personal data is a legitimate worry; there are Human Resource implications here. Knowledge of certain data about an employee could make an employer vulnerable to discrimination laws. What about GPS tracking? Can the employer track employee whereabouts? The employer has a compelling interest to track the device in case it is lost or stolen, but the employee has similar competing concerns about privacy.

There are no absolutely correct answers here, but a perception of overstepped boundaries could lead to an atmosphere of distrust that can be counter-productive. It is also important that these decisions be made with knowledge of all applicable local, state and federal regulations. In short, just be aware BYOD is a complex matter that can’t be handled within the silo of IT.

Click here to learn more about our cybersecurity and compliance solutions.

The reality of cybercrime requires permanent organizational change

Because cybercrime isn’t going anywhere soon, every business needs to consider changes within its organization to institutionalize its emphasis on data security. This is not a problem that can be handled within a few particular operational or administrative silos.

Here are just a few things to consider:

  1. BYOD policies: A Bring-Your-Own-Device policy, which refers to allowing employees to use their own laptops, tablets and other mobile devices instead of company-issued ones, has become common practice in many organizations. However, permitting BYOD opens up new security issues because your IT department has potentially less control over how company data is accessed. With BYOD, many additional doors are being used to access corporate databases, etc., so it can be harder to keep your data secure. Because of the ubiquity of cybercrime, IT departments need to approach BYOD with a heightened awareness of new security vulnerabilities.
  2. Employee Training – Generally a topic for Human Resources, IT needs to now be involved in designing ongoing employee training to teach employees how to be vigilant about data security, password hygiene, and similar topics. Employee errors, such as opening phishing emails, are one of the largest causes of data breach events in the business world.
  3. Operations and IoT technology – Another area where there should be a re-focusing of attention involves the Internet of Things (IoT). The IoT has, at least in part, been introduced operationally, with Line of Business managers (LOB) discovering new specific applications for IoT devices, adopting them, and then being responsible for their maintenance and security. Such devices are introduced as-needed to address discrete needs throughout the organization. As a result, IoT devices have tended to function in operational silos. The unintended consequence is that the IT department, traditionally responsible for security issues, is left out of the loop. This means that data security is un-coordinated across all of the IT facets of the organization and security vulnerabilities are being overlooked. C-level tech leaders need to recognize this and adapt accordingly.
  4. The corporate mission – In order to give appropriate recognition to the threat that cybercrime represents to the health of a business, companies should consider including security as a core part of their mission. Both B2B and B2C customers take security very seriously, so companies should realize their mission is not to “provide X product or service,” but “securely provide X product or service.” To paraphrase a car maker’s phrase from many years ago. “Security is Job One.”

Click here to learn more about our cybersecurity solutions.

What are SIP Trunks?

As a business owner, you are constantly looking for ways to cut costs and re-prioritize your spending. With all the services you are tasked with managing (merchant services, shipping services, payroll services, etc.) it’s understandable you haven’t mastered the knowledge of each industry. Maybe you’ve heard of SIP trunking, and maybe a friend of yours saves money by using it with his business, but you’d like to know more about how it works before you contact providers.

Conventional analog phone lines have dominated business communication for a century. Long distance and international calls can cost a fortune. The fact that a traditional copper-based phone line can only handle one call at a time means you’re constantly investing in a new “trunk”, every time you need to add call capacity.

By allowing you to make calls over the Internet, VoIP can reduce costs of long distance calls while making it far easier to scale up the number of calls you need to make at once.

A SIP trunk is the virtual version of an analog phone line. Using SIP trunks, a SIP provider can connect one, two, or twenty channels to your PBX, allowing you to make local, long distance, and international calls over the Internet. If you have an on-premises PBX in your office, a SIP trunk provider can connect to you and allow you to make outbound calls on your existing system, without restrictions on the number of concurrent calls.

Metered SIP trunking is delivered and charged on usage, so each minute will incur a charge. Metered trunking is very flexible in that there are no limitations to the number of concurrent calls, as you are just charged for each minute of each call. Metered services allows businesses the flexibility to dynamically add calls and just pay for the additional usage.

Channelized SIP trunking is a prepaid option that provides unlimited inbound and outbound local and long distance calls on per channel/call basis. Each Channel provides the ability to make or receive a single call. Once you have filled all of your channels you will be unable to make or receive additional calls. Channels can always be added for more capacity by contacting your provider. This type of SIP trunking service allows businesses a way to easily budget their telecom spending and is similar in capacity handling to copper phone lines.

Click here to learn more about our VoIP and Unified Communications services.

Device configurations need to be backed up as well

Device configurations need to be backed up often to maintain a repository of backups ready to be restored in case of emergencies. In large enterprises with more number of devices, this task of getting the device configuration backup up becomes a huge mundane task taking up most of the time of an admin. Being able to automate configuration backups will free up a network admin’s time to do productivity enhancing tasks.

Any change made to the device configuration in a network carries the possibility of an error. An erroneous configuration change can cause network issues ranging from performance degradation to network outage. This is particularly true for those network devices that are crucial for the infrastructure. Any change in such devices should be detected and the configuration file of the device must be backed up.

Unauthorized configuration changes often wreak havoc to the business continuity and hence detecting changes is a crucial task. Detection should be real-time to have effective control. Network Configuration Manager offers real-time configuration change detection.

All of these are reasons why you should have an automated software solution to backup and monitor your network infrastructure.

Click here to learn more about our managed service provider solutions.