Mannassi IT Solutions

Blog

What's happening.

Thought Your Mac Was Malware Safe? Think Again!

One of the most often applauded perks of Macs is their invulnerability to viruses. Well, the bubble of virus-free Apple products has officially burst.

A recent outbreak of the highly invasive malware “fruitfly” has been wreaking havoc on Mac users for the past six months. The sneaky virus went undetected for years, and allows the controller of take complete control of your Mac—from files to your keyboard, from your webcam to your mouse.

Apple did recently release security patches to fight the “fruitfly” but new variants have emerged. Since Mac malware is so rare, it’s been particularly difficult to corral.

A report on CBS news follows some of the techies working to combat this “fruitfly” but it seems reigning it in is proving to be difficult, especially since no one knows exactly what the malware does or why it would be implemented.

So what can you do to protect yourself? Here’s three tips:

1. Make sure all your software is up to date. Security patches can only help you if they’re updated regularly and your system matches their requirements.

2. Always back up your computer regularly. Don’t get caught without your important documents in the event you’re infected.

3. Take security precautions seriously: have a strong password (your cat’s name is not usually a safe bet), don’t click links within emails, minimize your downloading activity, and use a pop-up blocker.

With a little due diligence you can do a lot to prevent a malware attack from crippling your tech. Don’t wait until it’s too late!

Follow us on Twitter @MannassiIT or like us on Facebook for more security in the news.

What you’ve heard about Macs is true, but you might not know everything.

Yes, it's true! Macs don’t have as many problems as PCs, and yes it's true! That they are less susceptible to viruses. But the Macs’ many wonders don’t mean they are problem free, and the cost of Apple equipment can put them out of reach for some small businesses. Here are three strengths and common issues with the long-lauded Mac:

1: Macs have nuances and nuisances all their own. They are sometimes finicky when it comes to binding to domains, shared drives, and especially with managed security software.

2: Macs come with built in encryption software that enhances security and they integrate well with iCloud and iPhone apps but network integration can sometimes be a challenge if the system hasn't been prepped properly.

3: When the Mac has issues, solutions come fast. Imaging on Macs can be a major problem. However, with the proliferation of MDM software, it is quickly becoming less of a challenge.

Are you a Mac loving business? Did you know Mannassi IT Solutions is also a Mac expert? Macs require less service but when they do, finding the right technician can make all the difference. Let us help you with all your Mac needs!

Follow us on twitter: @MannassiIT or like us on Facebook to see what’s new from us, and for daily tech news updates.

Getting Started with SD-WAN

SD-WAN is the talk of the tech industry at the moment. Many companies have a multi office locations and linking them together or to a data center has always been expensive with legacy WAN technologies such as T-1 or MPLS. Not so with software defined wide area networking (SD-WAN).  In some cases, SD-Wan can use less expensive broadband connections to replace more costly solutions, giving businesses the connection they need at the price that makes them happy.  There are different flavors of SD-WAN; some accelerate the connection to SaaS such as Safesforce or Office 365. Others focus on failover for connectivity via multiple internet connections. Still other companies have built a global network using SD-WAN to WAN known as Network as a Service (NaaS).

So how do you know which option is right for you? Talk to your trusted tech team to discuss solutions that will fit your company size and budget. Don’t have someone on staff to talk you through the finer points? Call us! We love to talk solutions.

Follow us on twitter @MannassiIT or like us on facebook for more tech trends.

Cyber Security – A Self Inflicted Pain

The recent news of another pandemic ransomware cyber-attack and all the businesses and individuals affected, brings into sharp focus how sometimes doing the bare minimum is the same as doing nothing at all. People can take their technology for granted, assuming they are safe because they thought their operating system has been updated, without ever checking to make sure this is the case. The same goes for antivirus, how many people take the time to check to see if their anti-virus/anti-malware is current? When was the last time you double checked yours?  Most people’s answer will be “I don’t know”.  Relatively simple steps can save a lot of headache down the line, and save you from long downtimes when you can’t access your systems.

We have found that many companies run their IT security and data protection based on the “fingers crossed” concept.  They skimp on the expense of putting in proper firewalls and instead go for the cheapest option on the shelf. Then they end up wondering why their company is paralyzed by ransomware! Network security should be multi-layered, with protection for inbound email, URL filtering to stop users going to malicious web sites, business class firewalls with intrusion prevention software, end point protection for all workstations and mobile devices and most importantly a proactive approach to monitoring all of these technologies. And finally, even with all this protection, there is always a chance something will get through, so having comprehensive data protection in the form of backups that are separate from the core network, and thus out of the reach of ransomware encryption. And yes, backups need to be checked regularly, including doing test restores.

So, come on people! Stop procrastinating and going for the cheap and basic options. You need to own your cyber security and make it a way of life.

If you don’t know where to start or need help, call us! We’re happy to talk security any day.

Want more cybersecurity straight from the headlines? Follow us on twitter: @MannassiIT

Keeping Your Tech Flexible: the Benefits of IT Consultancy

In this day & age of ever changing technology, the ability of your in-house IT department to keep up is getting more & more difficult. Businesses are always wanting their IT department to do more with less, while the tech team is stretched thin as it is!

One way to achieve the “more for less” goal is to work with an IT consultant. A consultant can come in to address specific projects, or the can help pick up the overflow during peak periods of activity. Projects can be delivered at a fixed price, with a defined scope of work so that there are no surprises, & the biggest advantage is that you get your project completed on time & on budget, keeping your executives happy.

In 2013, Forbes commissioned a report on the results & pay structure of outside consultants. Some interesting findings; including that 60% of respondents said that an outcome based results model with fixed fee pricing is more effective for their businesses. You can read the complete report online.

Another way to look at using IT consultants: why pay a fulltime network tech what could be $80k to $100k a year plus benefits to be busy only part of the time? You can have a tech on demand with an IT consultant, & save big while still meeting all your tech needs.

Mannassi IT Solutions offers IT consultancy for projects large & small. Contact us to learn more, or follow us on twitter, @MannassiIT, or Facebook for regular updates.

Not All Clouds Have A Silver Lining

Currently, there is a big push for businesses to move some or all of the their IT infrastructure to the cloud.  However, there is one thing that tends to get overlooked in the planning; that is the connection between the corporate office and the cloud servers.  Regardless of whether you have gone to public cloud with AWS, a hybrid, or a private cloud, that internet connection is now the keystone to your productivity. 

Here are four things to consider when planning your switch to the cloud:

  1. Can the internet current internet connection have sufficient bandwidth to support this extra traffic, over and above regular internet browsing? You may also want to implement a policy to prevent Internet slow down, such as restricting March Madness streaming on ESPN.
  2. Does you ISP provide a service level agreement so that in the event of an outage the repair work is started immediately and guarantees a return to service? Most cable, FiOS, & DSL connections (like Spectrum, Cox, Frontier, U-verse, & the like), make only a best effort and give you no bill credit for extended down time.
  3. Do you have a secondary/redundant internet connection from a different ISP? This will provide a failover option in the event that the primary ISP goes down.  Depending on the firewall you have, you may be able to load balance traffic over both connections, giving you better performance.
  4. Speaking of firewalls, this too is a single point of failure, a second firewall is key to redundancy.  Automatic failover is a common option on most business and enterprise class firewalls.

It may seem like, on the surface, having to pay for two internet connections is an unnecessary expense, but remember the last time your own internet went down & how frustrated you were. Now multiply that frustration by a factor of 1000 for you & your staff as you are unable to get any work done because your cloud servers are unavailable! Make sure your backup plans have backups so you’ll be prepared for any emergency.

Check out our facebook page or follow us on twitter @MannassiIT for daily updates.

When the Going Gets Tough the Tough Go Virtual!

For the past several weeks we here at Mannassi IT Solutions have been working from a virtual office as we searched for an ideal new office space. The transition out of our physical space (and shortly our transition back into a new office) was made much easier by our virtual workstations. It was no problem for staff to set up their home offices in a matter of minutes!

As the President and owner of a small business, I am always looking to squeeze every dollar out of our IT investments.  Nothing seems to hurt more than hearing that workstations need to be upgraded because they do not have the CPU, RAM or storage to run the latest and greatest app.

So, rather than going out and buying a bunch on new systems that you hope will last 3 to 5 years, look at an alternative by going to virtual workstations.  Just like cloud servers, desktops can be hosted in the cloud as virtual systems, with the user in the office or remote accessing the virtual desktop with a small app that takes almost no resources, such as Window Remote Desktop Connection or VMware Horizon.

For all money-conscious CFO’s and small business owners out there, the benefits of a virtual office keep on giving, because virtual desktops can be spun up as demand rises, or if a user needs more memory to run an app then it can be added in minutes, rather than wasting hours, or days having to go out and acquire memory to be put into a physical computer. You can also utilize “Desktop as a Service” for virtual desktop infrastructure, which boasts a pay as you go model, so you’re only charged for what you use.

A recent Gallup study revealed that workers who spend at least some of the work hours remotely show higher productivity and satisfaction than those who only work from an office. If you want to drive up employee engagement, improve productivity, and attract the best new talent, all while saving on overhead costs consider a combination remote/on site schedule. Even if you opt to stay in-office only, virtual workstations can save you big on money and hassle.

Best,
Beverley Mannassi, President

As always, follow us on twitter @MannassiIT or on Facebook for regular updates.

Stranded at Sea!

Of course, we all know that technology always works perfectly and never has any problems! Not! As much as we wish that was true we know it’s not the case, and therefore being able to get help to resolve an issue quickly and efficiently is critical to being successful and keeping downtime to a minimum.  British Airways recently found this out the hard way, discovering that the cost for outsourcing their IT Support was much higher than they expected.

I’m sure you’ve heard of the recent disaster shutdown of B.A. as a result of a systems crash. What kept them down for so long? Inefficient and inaccessible support. They saved money upfront by relocating tech support jobs from the U.K. to India, but it cost them dearly in the end.

When you sign up for IT services and products, always do due diligence to find out where the support is based and if there is a service level agreement regarding response time and resolution.  For another example, take a look at Microsoft Office 365. If you purchase your 365 license direct from Microsoft on their website with your credit card, your support will come from their India based call center. There is, outrageously, no guarantee of response time or resolution. You might wonder what you’re actually paying for! However, if you purchase 365 from a Certified Service Partner (CSP) like Mannassi IT Solutions, you are more likely to get US based support with an SLA.

Ask yourself, is the extra dollar a month worth getting quality support with an SLA? Do you really want to roll the dice, and gamble with your company’s reputation by running the risk of an extended outage? British Airways did just that and ended up cold.

As always, follow us on twitter, @MannassiIT, for daily updates.

 

What's your plan?

Business interruptions can come in many different shapes & sizes! Recently in the news, the tenants of Real Office Space in Santa Monica got a surprise when they came in to find that their wi-fi and janitorial services had been shut down, and they were being asked to vacate the premises ASAP due to a lease dispute between ROC and the property owners that could not be resolved. The net effect for all these organizations is that they’re having to relocate quickly while still trying to do business.  Moving IT systems is a challenge even in the best-case scenario of a planned move, but an unexpected event means that the business impact could be dire. Situations like these are why having a complete and up to date disaster recovery and business continuity plan is essential.  This time the disaster is an eviction, next time it could be a fire, a flood, or an earthquake. 

So, what do you need to consider for your own disaster recovery plan? Here’s our three tips for a top shape disaster plan.

The three essential elements to consider for any disaster recovery plan:

Business Continuity: How will you keep business functioning? Will phone lines still ring, will employees be able to check their business emails? Sounds basic, but these stepping stones can make a huge difference to keeping your business on track.

Backup, backup, backup: You’ll be between a rock & a hard place if you must rebuild all your data from scratch after a disaster. Having an offsite or cloud based backup is vital to keeping recovery times short. Of course, backups only work if they are regularly updated. Make sure your important information is constantly backed up so when disaster strikes you don’t have to start from zero.

What comes next: Benjamin Franklin was right when he said “by failing to plan you are planning to fail”. Lay out steps to follow to get from disaster day one to services recovered. Knowing what you need to do, & letting staff know what they can expect makes everything go more smoothly, getting you back up & running without destroying your years of hard work.

Mannassi IT Solutions can help you get started on an effective DR & CR plan. We can give you the map to a quick recovery!

Follow us on twitter @MannassiIT for more updates.

Plugging potential leaks before they spring!

Many companies automatically setup a new employee’s personal smartphone with corporate email, but when the person leaves it seems that there is frequently not as much due diligence to make sure that any corporate email or data is wiped from the device. The same goes for file share and sync programs such as DropBox; confidential data can easily ‘leak’ from a company if procedures are not put in place early to make sure all corporate data is wiped from personal systems immediately upon an employee leaving the company. 

Technology such as Mobile Device Management software can bring you that level of control: it not only remotely wipes data, but is an essential tool for tracking and managing company issued mobile and portable systems.  But this software only works if you remember to use it! This is why there should be clearly documented standard operating procedures for all exiting employees.  A company like Mannassi IT Solutions can work with your HR department to design and implement onboarding and offboarding procedures for staff, making it easier for you to keep track of who has the keys to what!

Don’t get held for ransom!

The news is currently saturated with talk of the WannaCry/WannaCrypt ransomware virus that infected systems across the globe.  So, what is ransomware?

Ransomware is a type of malicious software that blocks access to the data on your computer until a fee is paid to the attacker (hence the “ransom”). The most advanced versions of the software can lock up your entire computer until a bitcoin ransom is paid. With little warning, and almost no way around the attack, victims sometimes pay large sums of money to regain access to their data.

For healthcare and associated organizations, it is especially dangerous because a successful ransomware infection of a system that has access to, or stores electronic protected health information (ePHI) is also a major breach of HIPAA compliance.  The following excerpt from the Health and Human Services website (emphasis mine) can shed some light:

Q: Is it a HIPAA breach if ransomware infects a covered entity’s or business associate’s computer system?
A: Whether or not the presence of ransomware would be a breach under the HIPAA Rules is a fact-specific determination.  A breach under the HIPAA Rules is defined as, “…the acquisition, access, use, or disclosure of PHI in a manner not permitted under the [HIPAA Privacy Rule] which compromises the security or privacy of the PHI.”  See 45 C.F.R. 164.402.6
When electronic protected health information (ePHI) is encrypted as the result of a ransomware attack, a breach has occurred because the ePHI encrypted by the ransomware was acquired (i.e., unauthorized individuals have taken possession or control of the information), and thus is a “disclosure” not permitted under the HIPAA Privacy Rule.
Unless the covered entity or business associate can demonstrate that there is a “…low probability that the PHI has been compromised,” based on the factors set forth in the Breach Notification Rule, a breach of PHI is presumed to have occurred.  The entity must then comply with the applicable breach notification provisions, including notification to affected individuals without unreasonable delay, to the Secretary of HHS, and to the media (for breaches affecting over 500 individuals) in accordance with HIPAA breach notification requirements. See 45 C.F.R. 164.400-414.

After a 22-year-old wunderkind managed to thwart last week’s global attack by registering an embedded domain, he warned that the software only needed to be modified before it would be ready to be relaunched. Ransomware attacks are likely only going to increase, therefore proactive steps to protect your network are essential. Make sure you know what security your IT system requires to keep you from being held hostage! We can assess your network and strengthen its defenses against these types of attacks. Even if you escaped unscathed this time, don’t risk getting caught up in the next ransom!

Your Office is Where You Make it.
One of our offices is serving as a temporary moving ground zero.

One of our offices is serving as a temporary moving ground zero.

This week Mannassi IT Solutions is moving out of our location in Woodland Hills, CA.  Normally when a small company like us moves the challenge is making sure that staff can still work and the business can continue to operate smoothly. A key component to this is being able to easily access the company systems and data.  In our case the move will be seamless; our central file store is constantly replicated to a secondary location and staff can connect to it via VPN, our telephone system is in the cloud, and thus staff will all be able to work from home and still be able to get to data and receive and make calls as if they were sitting at their desks in the office. With very little brouhahawe now have a virtual office!  For us, this technology was primarily put in place to address any potential disasters and provide business continuity, but while moving is not exactly a disaster it is never an entirely pleasant process, and we’re glad to take some of the stress out of moving by being able to operate normally.

Mannassi IT Solutions has designed and built many solutions to provide companies with Disaster Recovery & Business Continuity, or to just help them move a little easier. Let us help you make your next move a breeze!

Follow us on twitter @MannassiIT for more moving updates!

You can run but you can't hide!

Microsoft is getting serious about licensing.

A few years ago Microsoft discontinued the sale of Microsoft Office as a ‘boxed product’. That means there are no more jewel cases with that yellow product key inside. We all remember having a stack of those cases on the shelf, trying our best to track which license was installed on which system (and usually failing). This normally meant you would be out of license compliance for the licenses you owned and installed.  I’m sure we all remember the days of passing around those jewel cases to get the most “bang” for our buck by installing Office on multiple computers. But along came open licensing, and life got easier. There were now just one set of media and one activation key, but still the same problem of license tracking.

Now Microsoft has moved to subscription based licensing, and the ability to manage has become infinitely easier because the cloud manages the number of installs you are allowed. However, there are still many other Microsoft operating systems and applications that are not cloud managed, and business are out in the wild using software they have not paid for. Microsoft is seeking to snuff out this unauthorized use and is on a mission to catch these companies.

To that end, Microsoft is now engaging in random licensing audits. Just like the IRS, Microsoft randomly requests information regarding the licensing of your software. In the past few months many of our clients and other business we know have been hit with these audits from Microsoft, a failure to report and comply can mean legal action, and for blatant abuses criminal proceedings with very large fines and possible jail time for executives!

If you have been hit with a Microsoft audit and don’t know how to handle it, give us a call. We can be a tech liaison between you and Microsoft, smoothing out the bumps and making sure you have all the licenses you need to keep you complaint and out of the courthouse!

Follow us on twitter @MannassiIT for more updates about tech compliance.

The Wild West of HIPAA!
LAAHU's annual conference was western themed this year, hence our wild west attire!

LAAHU's annual conference was western themed this year, hence our wild west attire!

This past week Mannassi IT Solutions was an exhibitor at the annual conference for the Los Angeles Association for Health Underwriters (link).  We were showcasing our new HIPAA risk analysis services.  Many of the brokers we spoke to were very surprised to hear about the ramifications of not having their network meet HIPAA compliance standards, as required by the Office of Civil Rights (OCR).

What we discovered was that there is very little education about HIPAA outside of major hospitals about compliance standards for what the OCR calls “Business Associates”, people or businesses that interact with information protected under HIPAA but who are not doctors or nurses. The risks business associates run but not keeping their tech HIPAA compliant is huge. A single data breach can cost millions of dollars in fines, not to mention the client trust lost. Many people also don’t realize that the OCR can audit you at any time, even if you’ve never had a data breach.

The bigger picture is that HIPAA compliance is not a “one and done” process.  The dynamic and ever-changing nature of information technology means that not having an ongoing plan to monitor your network is, as the National Law Review called it in an article last week, “a plan to fail”.  Once you’ve got your systems up to HIPAA standards you need to keep a constant eye on the network, and monitor alerts for when it falls out of compliance. From a two-person office to a major hospital, keeping tabs on your security systems is a very real need.

We’ve been working on expanding our offerings, and now provide a solution called HIPAA as a Service.

With this service, you’ll have the peace of mind that you’re under 24/7 lock and key without having to man the battlements yourself. Plus, you’re provided with everything you need to prove your compliance should the OCR decide to audit you. It really does take the headache out of HIPAA compliance!

Visit our HIPAA page to learn more about how we can help you, or drop us a line at info@mannassi.com. We have limited time offers for getting started with HIPAA as a service right away.

Follow us on twitter @MannassiIT for daily updates about tech, healthcare, & everything in between!

Greatest Hits from Channel Partners Expo 2017: What We Learned

This past week we attended Channel Partner’s 2017 Conference at the Mandalay Bay Conference center in Las Vegas. This is the second year we have attended the show and we always get some great insights. This year it was apparent that the cloud telecom economy is booming, based on the increased attendance and exhibitors.

The conference and expo covers telecommunication and cloud technology, with this year’s focus being on Software Defined Wide Area Networks (SD-WAN). This tech is set to be the new way to connect multiple office locations and organizations to their cloud infrastructure. Many of the vendors at the show are currently focusing on creating relationships with managed service providers, like Mannassi IT Solutions, to promote and sell their products to consumers. Having a managed service provider streamlines your technology needs, giving you a complete IT department at a lower cost than hiring someone in-house. It’s like having an IT guy on call just when you need them!

Other topics that came up included moving some or all a company’s IT infrastructure over to the Cloud. Cloud adoption has been in the news recently, with companies large and small making the switch to save space, money, and effort. Imagine being able to house everything you need without taking up any space!

Chat with us about the cloud on twitter, @MannassitIT.

What's my Password Again?

We’ve all been there, ready to login and get to work on a server only to realize you don’t know the password. The only reset relief is in the brain of your IT guy, who just happened to pick this moment to go on a Bora Bora vacation. You’re stuck.

Documentation of a network is critical to business operations and disaster recovery. I’m sure you can imagine the headache and cost of having to rebuild all or some of your network after a major outage without comprehensive documentation. It’s true what they say, you can’t go home again and you’ll never be able to rebuild a network exactly the way it was before.

A centralized network documentation system is a live-saver. You have all the information you need in one place, easy for you to access without having to call every member of your IT department. A centralized system also makes things easier when you need to branch out and have IT consultants perform work for you; they can see all the moving parts understand your system’s unique architecture so they won’t step on any land mines while working. Be the master of your own IT domain!

So, where do you start with a centralized documentation system? Coming soon in 2017 from Mannassi IT Solutions is Documentation as a Service. Providing you with a secure, encrypted, cloud based repository for all your documentation, passwords, and diagrams. Never get locked out again!

Follow us on twitter, @mannassiIT for the latest news and updates, including when DaaS is launched!

3 Tips to Make Sure Your Security is Up to Snuff.

Cybersecurity is all over the news at the moment: every day there seems to be a new security breach or ransomware attack. So how can you make sure you’re protected from the bad guys? Here are three tips to keeping your security strong.

It’s a marathon, not a sprint. Security is an ongoing process. You need constant monitoring and adjustments just to stay ahead of the game. Hackers are constantly changing their methods to match updates in technology and you’ve got to be ready to adapt ahead of the curve and make sure your security steps stay current.

It’s like an onion, layered. There’s no “one size fits all” approach. Start with a business or enterprise class firewall with intrusion prevention enabled and build from there to anti-virus and anti-malware endpoint protection software.

Watch for the enemy within. A lot of security breaches come from the inside, so no firewall or anti-virus software is going to protect you. Manage your passwords effectively with company-wide best practices for complexity, length, and duration. Don’t forget to cancel access for employees who have left your company! Former staff with unfettered access is one of the most common security gaps.

Your security mantra should be making security a way of life, not just a footnote. Staying on top of your security needs can save you a big headache in the long-term. Security as a service is a great option for the not-so-security-savvy among us. Letting a pro take the wheel can save you time, money, and let you get back to business.

Drop us a line to hear more about our security as a service options. And make sure to follow us on twitter @MannassiIT for updates on the world of cybersecurity.  

What is U.C.a.a.S. & How Can it Help You?

In the world of business the telephone system has always been the one element that just has to work. That digital PBX box on the wall in a closet humming away doing its thing day in and day out is no longer up to snuff. Savvy business owners need more than just a device that an answer and make calls. They also need something that streamlines their communications and resists failure.

This is where a cloud hosted telephone system (AKA Unified Communications as a Service or UCaaS) comes in. UCaaS first rose to prominence in 2014 on the coattails of the Cloud Computing movement. Providers were able to deliver a solution that was affordable, easy to setup, and came with many more features than the traditional PBX setup. Most importantly, UCaaS reduces businesses exposure to outages by having no single point of failure.

Instead of paying a per minute fee, UCaaS saves money by charging only a monthly user fee of around $20-$30 after the initial startup cost of an IP phone. With very little hassle small and mid-sized businesses can have a phone system that rivals the big guys, and enterprise businesses can have a communication solution with a lower total cost of ownership and easier scalability.

Are you following us on twitter? Stay tuned here and at @MannassiIT for more info about implementing UCaaS with Mannassi IT Solutions.