Cybersecurity as a Matter of National Security

READ TIME: 4 MIN

October 13, 2021

Cybersecurity as a Matter of National Security

Business security, energy security, food security…national security. All one in the same.

While Iowa grain co-op, New Cooperative, may seem far removed from the capital of the U.S. government, a ransomware attack threatened food security of people in the Midwest. The event is not just a concern for local residents; the cyberattack, and its implications, are a concern for everyone across the nation.

A few months before the $5.9 million attack on New Cooperative, the world’s largest meatpacker based in Brazil, JBS, experienced a ransomware attack that disrupted meat production in North America and Australia during the height of grilling season. Prices of U.S. beef shipped to wholesale buyers increased more than 1%, according to USDA.

And it’s not just the agricultural sector that cybercriminals can target to cripple U.S. national security. In May, another ransomware attack hobbled Colonial Pipeline, interrupting fuel service for six days to large sections of the east coast. The oil pipeline finally paid $4.4 million for the decryption key.

Furthermore, certain industries are more heavily targeted for their widespread effects on broader swaths of the U.S. population. Markets with essential services face more threats and harbor greater responsibility in shoring up vulnerabilities.

Here are the top 10 most targeted industries and their most common form of cyberattack in 2020, according to 2021 X-Force Threat Intelligence Index.

Top 10 Industries Targeted in 2020*	Most Common Attack Per Industry in 2020*
1. Finance	Server access attacks
2. Manufacturing	Business Email Compromise
3. Energy	Data theft and leaks
4. Retail	Credential theft
5. Professional Services	Ransomware
6. Government	Ransomware
7. Healthcare	Ransomware
8. Media	Malicious domain name system (DNS) squatting
9. Transportation	Malicious insider or misconfiguration
10. Education	Spam or adware

*According to findings in 2021 X-Force Threat Intelligence Index

The ever-increasing onslaught and sophistication of cyberattacks is not just a concern for businesses. They pose an imminent threat to the security of the U.S. and the privacy, health, and financial well-being of its residents. The significance of cybercrime cannot be ignored and is on the minds of the nation’s top government officials. Earlier this year, President Biden released Executive Order 14208, addressing the modernization of the nation’s cybersecurity. Here are a few takeaways from Biden’s “Improving the Nation’s Cybersecurity”:

IT service providers must inform the government of cybersecurity breaches that could impact U.S. networks.
A standardized playbook outlines a predetermined set of federal responses to cyber incidents.
The Federal Government must modernize its cybersecurity infrastructure through cloud services and zero-trust architecture, mandated multifactor authentication and encryption, robust endpoint detection and response, and consistent event logging practices.
Software developers must share certain security data publicly and must meet baseline security standards before the software can be sold to the government.
A Cybersecurity Safety Review Board, comprising government and private sector officials, may convene after a cyberattack to analyze the event, its causes, and impacts, and make recommendations to further improve the nation’s cybersecurity.

Cybersecurity is so important that the President of the United States is making sweeping Executive Orders to improve it.

If the United States has a multilayered approach to protecting the nation’s cybersecurity and cyber resilience, shouldn’t your business have a plan?

Here’s a list of effective tactics to build your business’ multilayered cybersecurity:

Endpoint Detection and Response
Windows Patching and Third-Party patching
Cloud Email Security per User
Cybersecurity Health Check and Review
Security Awareness Training
DNS Security
Incident Response and Remediation
Vulnerability Scans of Network Edge
Security Information and Event Management (SIEM)
Event Log Correlation and Aggregation
24/7/365 Monitoring

If your company only has some or even none of the abovementioned cybersecurity measures in your IT repertoire, NexusTek has developed three customizable, managed cybersecurity plans—Essential, Standard, and Advanced—comprising user-focused strategies and carefully selected solutions to protect, detect, and respond to cyber risks and threats that target your business. As an SSAE-18 SOC II certified company and award-winning managed service provider, NexusTek has the expertise to build and improve your cybersecurity. We protect your company and customers so you can help protect your country.

Share On Social

4 Ways To Future-Proof Your AEC Business

READ TIME: 4 MIN

October 6, 2021

4 Ways To Future-Proof Your AEC Business

Industry 4.0 is revolutionizing every market. According to Statista, global spending on digital transformation technologies and services increased 10.4% in 2020 to $1.3 trillion. A 2021 Board of Directors survey revealed that 86% agree rapid digital transformation is a key priority, and 69% accelerated digital business initiatives in response to COVID-19.

The Architecture, Engineering & Construction industry is no exception: 98% of AEC businesses agree that digital solutions are critical to the future viability of their companies. Small- and medium-sized businesses comprise 90% of the construction market, and without the deep pockets of an enterprise-sized organization, the construction industry is one of the least digitized industries. The lack of digitization has contributed to the AEC sector’s decreasing productivity, costing the industry an annual estimate of $1.6 trillion.

To move forward into the Fourth Industrial Revolution, architects, engineering firms, and construction companies must embrace digital business operations. Here’s four ways AEC businesses can jumpstart their digital transformation journeys.

Technology

The Internet of Things (IoT), Digital Twins, and Building Information Modeling (BIM) are a few of the advanced technologies revolutionizing the AEC industry, improving timelines, collaboration, and productivity. The total number of IoT connections will reach 83 billion by 2024, and sensors will reach $27 billion by 2022. Utilizing data from IoT devices, digital twins can improve productivity 50-60%. Additionally, 49% of builders use BIM, and 82% of users report positive ROI. The other 51% of builders will likely invest in BIM soon as the market is projected to reach $13.2 billion by the end of 2024. Working to keep up with such advanced technologies, networks are more vulnerable to crashes, resulting in data loss and delayed project timelines. In fact, system downtime costs $5,600 per minute on average, reports Gartner, and an hour can amount to $140,000 to $540,000 depending on the organization. The high-performance computational power of the CPUs, GPUs, and SSD drives demands a healthy IT network. An AEC business needs a strong IT infrastructure with frequent monitoring and proactive maintenance to support such (necessary) advanced technologies, secure their connectivity, and excel against competitors.

Remote Workforce

In 2020, approximately 75% of civil and commercial contractors restructured work procedures to accommodate social distancing, and in effect, accelerated digital transformation. Anywhere operations not only are the standard expectations of present-day job seekers, but also the keys to increasing project speed and reducing costs. Now architects, engineers, and construction contractors can work on projects in different time zones, collecting information from the field and making decisions in real time while saving the time and cost of travel. One Texas concrete company implemented a real-time digital time tracking solution with GPS and face recognition and ultimately saved $72,900 in the first 12 months. In the next three years, the AEC industry should expect to see 33% of contractors using wearable technology, increasing communication and streamlining operations.

Remote workforces are the way of the future. AEC businesses must stay on top of asset tracking, software licensing, and hardware warranties to ensure their mobile workforces never miss a beat. And a 24/7 IT help desk wouldn’t hurt either.

Data

Construction data is quite possibly the most valuable asset for an architecture business, engineering firm, or construction company. Since 52% of all rework is caused by poor data and miscommunication, 71% of owners believe capturing more data during design and construction will reduce lifecycle operations costs. IoT, augmented reality, and BIM technologies generate big data that is essential to improving production and decreasing costs. With 70% of manufacturers also transmitting personal information to and from these connected devices, this data is also sensitive to both the business and its clients, and therefore, must be protected. Unfortunately, 23% of data breaches in the industrial sector are caused by system glitches, resulting in data loss, exposure of personal information, and non-compliance fines.

A healthy IT infrastructure supports workstations, runs sophisticated CAD/CAM software tools, and prevents data loss from system failures. Network infrastructure must be proactively monitored and maintained, decreasing the loss of valuable, sensitive information and increasing business continuity and brand reputation.

Production

The benefits of advanced technology, a mobile workforce, and big data culminate into the most valuable advantage of all: increased and improved overall production. IoT in the construction market is expected to grow at a rate of CAGR of 14% until 2027, totaling $19 billion and increasing efficiency all the while. Online collaboration tools and digital workspaces that bring together remote partners strengthen workplace productivity 20-30%, and connected teams experience a 21% increase in profitability. Big data increases the likelihood of a business making better strategic decisions by 69%; and companies that use big data analytics report an 8% increase in revenue. To capitalize on the benefits of digital transformation, AEC businesses need sturdy IT environments that do not falter under high computational power or vast amounts of data, as well as a 24/7 help desk that supports their remote workforces wherever they may be. That’s where a managed service provider like NexusTek comes in.

As an award-winning managed service provider for architects, engineering firms, and construction companies across the country, NexusTek offers multiple managed IT plans with various options of support and guidance so that you can find the plan that best fits your AEC business needs and goals. Our 24/7/365 proactive system monitoring, alerting, and maintenance keeps your IT infrastructure running smoothly to increase uptime and maintain project timelines. Our unlimited help desk supports your remote employees in case of IT challenges, and our inventory and configuration management ensures your assets, hardware, and software remain online and optimized. Proceed confidently on your digital transformation journey with managed IT from NexusTek.

Share On Social

Videotelephony: The Future of Remote Meetings

READ TIME: 4 MIN

September 22, 2021

Videotelephony: The Future of Remote Meetings

Video conferencing experienced a 535% increase in daily traffic in 2020. 76% of remote employees utilize video to overcome the isolation of social distancing. In fact, 87% feel more connected to each other when using video. The higher morale and effectiveness of video conferencing improves productivity by 50% and enriches communication, with 90% finding it easier to get their ideas across while using video. With the shift towards hybrid work schedules or permanent work from home situations, videotelephony, or the exchange of audiovisual communication between users in real-time, will own a lasting space in professional (and personal) settings. The question is not “When will the need for videotelephony cease?” but rather “How will it evolve?” Thus far in 2021 alone, three major players have launched three major videotelephony developments, ranging the gamut from virtual reality to holograms to augmented and mixed reality. Let’s explore these new realities.

Microsoft Mesh

Tech Type:

Mixed Reality (Virtual Reality, Augmented Reality, & Holograms)

Equipment Needed:

A fully immersive head-mounted display (HMDs) like Microsoft HoloLens, HP Reverb G2, or Oculus Quest 2 for a 3D experience
A PC, Mac, or an Android or Apple smartphone for a 2D experience

Availability:

Currently available for free, limited preview on HoloLens 2

“Feel presence” is one of the main promises Microsoft makes in its mixed reality platform, Mesh, introduced this past March. As a cross platform SDK built on Microsoft’s cloud computing platform Azure, Mesh can be optimized for whatever technologies users enable to connect, whether those are AR, VR, PC, Mac, or a smartphone that is using any Mesh-enabled app. Depth and dimension bring remote users into the same space where they can use AI-powered tools to manipulate spatial maps, designs, and 2D and 3D content in realtime. Users can choose to appear as either a 3D avatar or enable the photorealistic holoportation, both of which multiuser sync keeps updated within 100 milliseconds of latency. Are you ready to connect from anywhere with Mesh?

Google - Project Starline

Tech Type:

Mixed Reality (Virtual and Augmented Reality)

Equipment Needed:

Mix of cameras, depth sensors, and specialized hardware and software

Availability:

Currently available in select Google offices

Google’s hyper-realistic 3D video chat booth, Project Starline, creates the sensation that you’re sitting across from whoever you’re conferencing, whether they’re a few cities away or a few countries away. Computer vision, machine learning, spatial audio, and realtime compression play major roles in Starline. Using specialized cameras and depth sensors, Starline captures a person’s likeness from multiple perspectives to show their photorealistic, three-dimensional image on a 65” custom-developed light field display, or a “magic pane of glass,” as Steve Seitz, Director Engineering, Google, describes. To send such big data over existing networks, Google also developed compression and streaming algorithms to reduce the size of the data. The video booth is currently only available in select Google offices, so freshen up that resume if you want to experience Project Starline sooner rather than later.

Facebook – Horizon Workrooms

Tech Type:

Virtual Reality

Equipment Needed:

Oculus Quest 2 VR headset

Availability:

Currently available for free in beta form for anyone with an Oculus Quest 2

Horizon Workrooms is Facebook’s first step into CEO Mark Zuckerberg’s intended “metaverse,” or a place where the physical and digital realms collide in collaboration and communication. Using Oculus Quest 2 VR headsets, sixteen people can appear in full VR in a Workroom at the same time, and an additional 34 users can call in without headsets for a more traditional video conference. Horizon Workrooms creates a 3D virtual office environment with highly detailed avatars that execute lifelike movements courtesy of some nifty hand-tracking software from the Oculus headset. Hand-tracking also proves useful for writing on the virtual whiteboard or note-taking on your keyboard, which can be brought into the VR space where it is animated with 1:1 positional tracking for speed and accuracy. If Horizon Workrooms is just the beginning of the Facebook metaverse, what’s next?

Three new technologies, three new, mind-blowing ways of connecting on a truer, more natural level with colleagues miles away. As exciting as these developments are, they won’t be standard business tools for a few more years. In the meantime, businesses of all sizes must ensure that their remote and hybrid workforces have the proper tools and applications to improve communication and increase productivity.

Microsoft has the videotelephony and IT solutions to support and propel your remote workforce, from the video conferencing capabilities of Teams to remote collaboration tools like SharePoint and OneDrive. As a Microsoft Gold Partner ranking in the top 1% of all Microsoft partners nationally, NexusTek offers expert implementation of Microsoft Business Products to help businesses leverage the best resources in the market.

Connect your workforce. Connect with NexusTek.

Share On Social

4 Reasons Why Agriculture Businesses Need Managed IT

READ TIME: 4 MIN

September 8, 2021

4 Reasons Why Agriculture Businesses Need Managed IT

Farming is no longer the cultivation of crops with simple tools: It is the adaptation and progression of plant and animal life via advanced technology. The Fourth Industrial Revolution, or Industry 4.0, is sweeping through the world of agriculture and produce, boosting efficiency, production, and quality through the Internet of Things (IoT). In fact, the total number of IoT connections will reach 83 billion by 2024, reports Juniper Research, and the industrial sector, which includes agriculture, will account for more than 70% of its 130% growth. Here are four reasons why agribusinesses need managed IT to handle this digital transformation.

Technology

Advanced connectivity infrastructure is expected to cover 80% of the world’s rural areas by 2030, according to McKinsey & Company. Precision farming, smart farming, and digital farming all demand a solid internal infrastructure. IoT devices, including smart sensors, robotics and drones, positioning and location tracking, cloud computing, AI analytics, and cellular communication systems, generate big data, which can overwhelm aging IT systems. Consequently, agribusinesses need to routinely assess their IT infrastructures to ensure they are optimized for the advanced technologies of precision agriculture.

Production

With industry-wide connectivity from IoT devices, the agri-food sector could increase $500 billion in additional value by 2030, according to McKinsey & Company. However, the increased production and quality of agricultural goods can be devastated by a downed server or expired software license. Downtime costs $5,600 per minute on average, reports Gartner, and an hour can amount to $140,000 to $540,000 depending on the organization. Save time and money through regular, proactive systems monitoring to maintain the health of your business’ IT infrastructure and guarantee system uptime and business continuity.

Workforce

Dispersed across acres of fields, checking different crops and monitoring different IoT devices, agricultural employees cannot walk across the office and knock on the door of the IT department. Often widespread and remote, these workers need immediate access to big data and sensitive information in order to manage produce, which is directly impacted by weather and natural elements that wait for no human or lagging network connections. Agricultural employees require around-the-clock help desk and IT support so they can get the job done no matter the hour, no matter the IT request.

Customer Experience

All three of the prior reasons—technology, production, and workforce—impact the health and food security of people across the world. Their efficiency, output, and success—or lack thereof—trickle down into overall customer success. The world’s population is set to reach 9.7 billion by 2050, and thus, global agricultural production needs to rise 69% between 2010 and 2050, according to the United Nations. The boost in production from Industry 4.0 is the key to this goal. Precision agriculture can reduce operations costs by 15% and increase crop yield by 13%, according to the American Farm Bureau. Agribusinesses should invest in managed IT services from a qualified managed service provider to ensure optimal network performance and a healthy IT infrastructure that supports the advanced technologies necessary to boosting production and putting more food on more tables.

What NexusTek Can Do For Your Agribusiness

As an award-winning managed service provider, NexusTek delivers experienced IT consulting and IT services for agribusinesses across the U.S. We offer multiple fixed-fee Managed IT plans so that you can select the service that best meets the needs of your business. Here are the ways in which our dedicated IT supports your business:

Our initial onboarding assessment of your IT infrastructure evaluates the efficiency of your current systems and identifies areas for improvement to better support advanced IoT devices.
Our quarterly business reviews continue to update you throughout the year on the optimal technology solutions that answer your business needs and goals throughout your journey to digital transformation.
Our 24/7/365 proactive monitoring continually surveys your IT systems to ensure the health of your IT infrastructure, decreasing downtime and increasing productivity.
Our unlimited live help desks support your remote workforce wherever they may be, whenever they may need assistance.
Our IT inventory management and tracking services confirm your software licenses and hardware warranties are up to date so that your smart farm never falters.

The Fourth Industrial Revolution is changing the way we produce food.
Change with it, with NexusTek’s managed IT services.

Share On Social

Ransomware + Cryptocurrency = Costly for Your Business

READ TIME: 5 MIN

August 18, 2021

Ransomware + Cryptocurrency = Costly for Your Business

Bitcoin. Ethereum. Dogecoin. You’ve probably heard of at least one of these cryptocurrencies that are now all the rage.

The cryptocurrency craze has grown in the past few years, with prices jumping in 2017 and simply skyrocketing in 2020. Simultaneously, ransomware attacks increased: The number of cases reported to the FBI increased 66% last year.

These are not unrelated trends.

The Connection Between Cryptocurrency and Ransomware

Cryptocurrency has enabled cybercriminals to anonymously extort businesses through ransomware. In fact, Bitcoin represents 98% of ransomware payments.

Here’s why.

Criminals need not worry about transporting large amounts of stolen money or converting the cash into more easily transferable goods when cryptocurrency is to be had. Now, they can hack a company’s IT system (usually by tricking an unaware and unassuming employee), encrypt the data, and demand huge sums of “virtual” money in exchange for access to their stolen data.

Disguised with a random account number, the cybercriminals remain anonymous during the transaction, and then move it from one anonymous account to another so it is impossible to trace—at least until recently. After the DarkSide’s ransomware attack on the Colonial Pipeline in the U.S., the FBI traced its way through account after account, eventually recovering more than half of the $4.4 million paid ransom.

While this recovery is hopeful, companies must not rely on the expectation their ransom will be returned: The Colonial Pipeline attack was a high-profile event, which demanded extensive resources to recover only part of the ransom; this treatment may not be provided for every business. Besides, the identification and prosecution of cybercriminals is another thing entirely.

Cryptocurrency and ransomware attacks have been steadily rising in recent years, but with more users online more often on more devices due to remote work and education in 2020, the two flourished and the effects were devastating.

The Impacts of a Ransomware Attack

The average ransomware payment increased by 60% in the first half of 2020. In less than two years, the average ransomware payment went from $12,000 in Q4 2019 to $54,000 in Q1 2021. Before 2020, there was no ransom above $6 million, but every quarter since Q1 2020 has had at least one. In 2019, a total of $92 million in cryptocurrency was sent to ransomware attackers; in 2020, that total rose to $406 million.

It is not just financial damages that your business could face because of a ransomware attack.

A study showed that 65% of those hit with a ransomware attack suffered revenue loss, and 26% closed their businesses for a period of time. 53% had their brand and reputation damaged. 32% lost C-level executives, and 29% laid off employees.

And of course, the loss of or delayed access to critical data is costly, but is it worth paying the ransom?

To Pay or Not To Pay

As of October 2020, the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) announced it is now illegal to pay ransoms to cybercriminals, and yet, some entities still pay. 15% of ransomware payments (equating to about $50 million in cryptocurrency) were subject to sanctions liability.

A 2020 survey reported that 68% of U.S. companies had paid the ransom demanded in their ransomware attack, and 10% did not pay. 22% were not infected.

Top reason for not paying the ransom? 42% said paying does not necessarily guarantee a decryption key. In fact, another study showed that only 8% got all their data back and 29% got no more than half their data.

Meanwhile, those that did pay the ransom seemingly marked themselves as pliable victims. 80% of businesses that paid were hit with a second ransomware attack; 46% believed it came from the same cybercriminals responsible for the first attack.

Whether a company decides to pay or not to pay the ransom, their most important decision will be how they prepare for and prevent ransomware attacks.

Ways to Protect Your Business from a Ransomware Attack

In one survey, businesses listed cybersecurity defenses and disaster recovery solutions that are critical against ransomware attacks: 24% said data backup, 18% advised employee security awareness training, and 15% recommended endpoint security for devices.

Here are a few ways to protect your business against ransomware threat actors:

Enable a multilayered cybersecurity plan.
Be sure to include managed email security, DNS security, patching, and endpoint security in your strategy. Monitor your IT systems 24/7 and detect threats with Security Information and Event Management (SIEM) and log monitoring. Don’t forget the employee security awareness training!
Establish a business continuity plan.
Safeguard your company in the event of a crisis with a set of policies, procedures, and automated processes to guarantee business operations will continue without downtime.
Backup data and develop a disaster recovery plan.
Preserve your data with consistent backups and a disaster recovery service to quickly restore data in the event it is lost or encrypted so no cybercriminal can hold it ransom against your business.
Create and test an incident response plan.
Develop procedures for the possible occurrence of all cyberattacks, including ransomware. The response and remediation processes should be specially written for how to isolate the threat, contain the damage, and eradicate the breach.

Ransomware preparedness is complex, and 54% of businesses state that cyberattacks are too advanced for their IT team to handle without external assistance.

Jumpstart Your Cybersecurity and Cyber Resiliency

Take your cybersecurity and cyber resiliency seriously with NexusTek. As an SSAE 18 SOC II certified company, NexusTek protects, detects, and responds to cyber threats. NexusTek’s managed cybersecurity plans—Essential, Standard, and Advanced—safeguard your business’ highest risk asset: your employees and their data. Plans are customizable based on need and existing IT environment. Our disaster recovery services ensure your business is not beholden to ransomware attackers, and our business continuity planning guarantees your company never misses a beat.

Take your security seriously with NexusTek.

Share On Social

The Cloud: You’re Using It Wrong

READ TIME: 4 MIN

August 4, 2021

The Cloud: You’re Using It Wrong

“The Cloud” has been all the rage since former Google CEO Eric Schmidt discussed the concept at an industry conference in 2006. Cloud computing helps individuals, companies, and government services safely store the ever-increasing amounts of data that are output every second. As a result, the Cloud is everywhere, and the cloud computing market will reach $287.03 billion by 2025.

If your business recently migrated to a public, private, or multi-cloud environment (or even a few years ago), are you sure you’re making the most of its many benefits?

We’ve highlighted just a few of the everyday uses and critical advantages of cloud computing. If you’re not already utilizing them, then you’re using the Cloud wrong.

Telecommunications

You may not realize it, but the Cloud plays a major role in your daily communications. Emails, messaging applications, and video conference calls utilize cloud computing. The data from these services are stored on your cloud environment, rather than your device, freeing space on your device and eliminating risks if the device is lost or stolen. Additionally, telecommunications can improve productivity and employee morale. Nearly 9 in 10 employees say video conferencing reduces the time it takes to complete tasks or projects; makes it easier to get their point across; and helps them feel more connected. Since video conferencing performs 30% better than audio-only setups, we recommend always taking advantage of that face-to-face telecommunication. And for the cherry on top, cloud-based unified communications can save up to $400 an hour in IT costs!

File Hosting Services

One of the beautiful benefits of the Cloud is the security and shareability of its file hosting services. Documents update in real-time so that all invited members can view changes immediately, increasing communication and productivity. By 2025, there will be an estimated 200 zettabytes of global data—half of which will be stored in the Cloud. However, not everyone is onboard with file sharing, and subsequently, there are consequences. 92% of collaborating professionals risk losing files from the use of email. The productivity losses of such an occurrence are three-fold: the person who prepared the document loses 50% of their time; 83% of employees have recreated documents that were missing from the company network; and overall staff productivity loss due to document issues culminates at 21%. So, if you have not adopted this life hack yet, please start now: Stop attaching documents to emails, upload to the Cloud, and save us all some much-needed extra time.

Software-as-a-Service

Software-as-a-Service, or SaaS, allows users to access cloud-based data and software from any device with an internet connection. That’s right…from anywhere on any device. Enabled by SaaS, remote work allows employees to save time and money by working from home or even satisfying their wanderlust in Italy while working via the worldwide web. However, fewer than 6% of Americans worked remotely in 2019. The pandemic changed that. Remote work peaked in April 2020 when 70% of workers were off-site either fully or part-time. Even as social distancing lessens and offices reopen, over 50% of employees still work remotely. Some people do not want to pre-COVID-19 working conditions. 34% of employees prefer working in the cloud and will look for a new job if required to return to the office. If your business has not yet invested in SaaS, it would offer your employees a boost of flexibility and morale.

Chatbots

Chatbots utilize the computing capabilities of the Cloud to create conversational customer experience via audio or text through digital platforms. In fact, IBM reports that chatbots can answer 80% of standard questions. Adding a chatbot to your customer service phone line or your website can provide 24-hour availability and support, improving customer satisfaction and increasing sales. On average, chatbots increase sales 67%, claim business leaders, and 57% say chatbots deliver a large return on investment. Businesses that utilize chatbots provide 64% of their agents more time to solve more complex problems. Plus, chatbots can cut operational costs by 30%! Get the bot. You won’t regret it.

Backup

Instead of repetitive, manual backup processes, cloud backup automatically copies and stores data regularly and securely. Backup to the Cloud is a safer, more reliable method that saves time and increases productivity. Only 41% of professionals back up their data on a daily basis. Accidental deletion, hardware or software failure, or an out-of-date backup cause data loss for 68% of professionals. Additionally, businesses that utilize cloud experience a 15% faster time to market. Instead of setting calendar reminders to manually backup your data, allow the automatic cloud backups to save you precious time.

Disaster Recovery-as-a-Service

Disaster Recovery-as-a-Service, or DRaaS, utilizes cloud computing to backup and restore data and IT infrastructure in a timely manner after a disaster to maintain business continuity. Disasters can be natural, such as a flood or hurricane, or technical, such as a power outage or cyberattack. A day or two of system downtime may not seem like much out of the 261 working days a year. However, 40% of small businesses never reopen after a disaster, and of the ones that do reopen, 25% fail within a year. Downtime is not an “if” but “when.” 42% of organizations experienced data loss resulting in downtime this year, and 41% lost productivity or money due to data inaccessibility. The impacts of no disaster recovery plan are, simply, catastrophic. Be sure to be part of the 16.7% growth rate of the DRaaS market forecast through 2024.

The Cloud, as mysterious as its name may sound, offers some straightforward features that positively impact daily productivity, business security, and employee motivation. Cloud-based messaging, file hosting and sharing, SaaS, chatbots, backup, and DRaaS are simple but effective ways to improve the health and longevity of your business operations and employee morale. We highly recommend your company makes use of all six of these benefits within your cloud environment. If your organization has not yet hopped aboard the Cloud, NexusTek’s cloud engineer experts would be happy to discuss public, private, or multi-cloud environments that best enable and enhance your business.

Share On Social

7 Reasons Why Cybersecurity Fails

READ TIME: 5 MIN

July 28, 2021

7 Reasons Why Cybersecurity Fails

Too often cybersecurity is viewed as an IT cost rather than a business requirement. But the problem with that is: Cybersecurity, and the impacts of a lackluster implementation, is everyone’s problem. The consequences of a successful cyberattack can include:

An expensive data breach

The average cost was $3.86 million in 2020.

Exposure of employee and customer information

36 billion records were exposed from data breaches in the first half of 2020.

Hijacking of important business data

The average ransomware payment rose 33% in 2020 to over $100,000.

Halting of daily operations for days on end

40% of small businesses experienced eight or more hours of downtime due to a cyber breach.

Like we said, cybersecurity is everyone’s problem, and yet, it still fails. Data breaches happen, ransoms are demanded, and systems corrupted. Here are seven reasons why your business’ cybersecurity is not up to snuff.

1. You assume your business is too small to be a target.

54% of small businesses believe they’re too small for a cyberattack, and subsequently, don’t have a plan in place for reacting to cyber threats. Only 22% of small businesses encrypt their databases, and less than 15% rate their ability to mitigate cyber risks and threats as highly effective. This lack of—or even nonexistence of—cybersecurity could be fatal for a business. 43% of cyberattacks explicitly target small businesses, and 60% of them go out of business within six months of a successful security breach. 47% of small businesses do not know how to protect their organization from cyberattacks, and 75% do not have IT security personnel to handle cybersecurity measures and procedures.

2. You have an incomplete inventory of assets and endpoints.

67% of IT professionals believe the use of bring-your-own devices during the remote work of the pandemic has decreased their organization’s security health; a claim which a Ponemon Institute survey supports: 68% of businesses experienced one or more successful endpoint attacks in the past 12 months. 61% of remote employees used personal devices as their primary method to access company networks. Without an accurate inventory of assets, patches and updates go unmonitored, increasing the vulnerabilities of such endpoints. Over the past year, the cost of an endpoint attack has risen from $7.1 million to $8.94 million.

3. You set it, and then you forget it.

Firewalls, antivirus software, email security solutions, and endpoint security solutions are essential, but they’re not enough. Businesses must fortify themselves via a multi-layered approach, and yet, 52% of enterprises are not practicing mature cybersecurity. Instead of just installing software and calling it a day, companies must conduct proactive preventative measures, including frequent infrastructure penetration tests and vulnerability scans. In one survey, one in five businesses reported no security testing within the past six months, and 20% only conduct a security review when they feel the need. Additionally, only 5% of companies perform frequent vulnerability assessments. Perhaps that’s why 66% of small businesses are extremely concerned about cybersecurity risks.

4. You neglect completing patches and upgrades in a timely manner.

When a company discovers a security flaw, it develops a patch, which the end user must install. However, it averages 97 days to apply, test, and deploy a patch, creating months of vulnerability. That’s why it is so critical that businesses and end users install the upgrade as soon as it is released, but that’s not the case. 40% of businesses wait to test and roll out patches in order to avoid bugs. Additionally, the challenges of updating systems from remote locations mean updates go unmanaged for 48.5% of managed enterprise Android devices. Consequently, 40% of Android devices utilize an OS version older than v9.

5. You’re not actively monitoring your IT infrastructure for threats.

Incentivized and well-funded, cybercriminals utilize rapidly changing, sophisticated tactics to dismantle security systems. A layer of protection from software and spam filters is no longer enough. A strong cybersecurity practice includes proactive monitoring, preferably with 24/7 log management for threat detection. Last year, the average time to identify a breach was 207 days, according to IBM, and the average lifecycle from identification to containment was 280 days. Companies can lose $5.8 million a year from failures in log management, and another $1.6 million each for failing to detect abnormal login behavior and failing to deploy the log analytic tool.

6. You don’t realize your greatest liability is your own employees.

In Verizon Business 2021 Data Breach Investigations Report, 85% of breaches involved a human element, and 80% were discovered by external parties. Fallible creatures, humans are susceptible to social engineering attacks that manipulate people into revealing sensitive information. In 2020, phishing attacks rose 11%. The cost of a social engineering attack averages $130,000 in stolen money or lost data. The Aberdeen Group found that security awareness training can reduce the risk of social engineering threats by 70%. However, only 3 in 10 employees on average receive cybersecurity training.

7. You don’t have an incident response plan.

Incident response preparedness can save up to $2 million on data breaches, according to IBM, and yet 39% of small and medium-sized businesses do not have an incident response plan. An incident response plan comprises procedures to verify a breach, alert business leaders and customers, and isolate and eliminate the threat. On average, incident response testing can save over $295,000 on the cost of a breach, while business continuity can reduce the cost by $278,000. Simply forming a qualified incident response team has cost savings upwards of $272,000!

Preventing Cybersecurity Failure

There you have it: seven reasons why your cybersecurity may fail with the next ransomware attack. A mature cybersecurity practice demands protection, detection, and responsiveness. If you’re one of the 52% of enterprises not practicing mature cybersecurity, we recommend immediate resolution with one of NexusTek’s Cybersecurity Solutions packages. Our three plans of various levels of security fit any business’ needs, and each plan has the option to add further features for an even more diligent, multi-layered cybersecurity plan.

Essential Plan:

This managed protection plan offers 24/7/365 monitoring and alerts with managed cybersecurity and an annual security health review for a crucial foundation of defense.

Standard Plan:

Building on the protective base of Essential Solutions, this managed protection and response plan adds proactive steps to fortify your business, including security awareness training, managed DNS security, vulnerability scanning, and incident response.

Advanced Plan:

For robust cybersecurity, this managed detection and response plan enhances a business’ security effectiveness with managed SIEM to detect malware, log correlation and aggregation to analyze malicious logins, and incident response to eliminate threats. A security health review is conducted each quarter to stay on top of vulnerabilities and their solutions.

Whatever your business security needs, NexusTek has the expertise to bring your cybersecurity up to snuff.

Share On Social

Cyber Security: 8 Steps to Cyber Resilience

READ TIME: 4 MIN

July 7, 2021

Cyber Security: 8 Steps to Cyber Resilience

You’ve heard of cyber security, but have you heard of cyber resiliency? Let’s start with definitions:

Cybersecurity includes the technologies and measures utilized to thwart cyber threats.

Cyber resilience is the ability to maintain business operations despite a cyber attack or breach.

No cybersecurity solution is infallible. Cyber resilience involves the understanding that a security threat will eventually penetrate network systems and a robust business will have proactively prepared processes and methods to minimize damage and ensure business continuity. Both cyber security and cyber resilience are essential to protecting the bottom line, productivity, and brand reputation of a business. With a 69% increase in internet crime in 2020 and a 40-60% chance that a small business will never reopen after data loss, both cyber security and cyber resilience are critical to a company’s endgame. Let’s breakdown 8 steps businesses must take to optimize cyber security and cyber resilience strategies.

Cybersecurity

Vulnerability Assessment
Perform a comprehensive analysis of business assets to identify gaps or weaknesses that cyber criminals can exploit. Use tools and techniques, including infrastructure penetration testing, to scan for vulnerabilities and assess their potential impact. The findings and their necessary mitigations will guide the rest of your security and resiliency journey.

Defensive Barriers
Shore up weaknesses with the first line of defense, including antivirus protection and firewalls; remember to keep software updated and deploy regular patches. Spam filters decrease the social engineering attacks upon fallible employees. Multi-Factor Authentication (MFA) adds an extra layer of identification to stop cyber threats from slipping through unsecured devices.

Security Awareness Training
Despite cyber defenses, phishing attempts will still slide into inboxes. In a 2020 survey, 89% of Americans thought they were good at cybersecurity but only 10% received an ‘A’ grade. With 23% of data breaches caused by human error, companies must invest in training to help employees identify common social engineering tactics and how to report them.

Proactive monitoring
Cybersecurity demands vigilance. A business must continuously maintain infrastructure and eliminate vulnerabilities with frequent updates. IT teams must proactively monitor network systems and alerts for potential cyber threats. If a security threat breaches the cybersecurity defenses, then hopefully the business has prepared adequate cyber resilience.

Cyber Resilience

Risk Assessment
An enterprise risk management framework assesses potential risks or scenarios that can negatively impact a project or business. The three-step process of risk identification, analysis, and evaluation provides a foundation for the development of business continuity and disaster recovery plans to maintain operations during an internal or even external crisis.

Incident Response Plan
In the event of a cyber breach, a previously tested incident response plan can save up to $2 million, according to IBM. The plan outlines what to do during a system failure or breach; who is responsible for such duties; how to inform team members and customers; and how to assess the effect of any defensive and responsive measures to improve them against future attacks. A well-tested incident response plan can reduce the time needed to identify and contain a data breach by 74 days.

Business Continuity Plan
Another essential proactive plan is the BCP, a set of processes and policies for various circumstances to ensure an organization remains functional despite a crisis. 90% of companies that are unable to recover business operations within five days of a disaster fail within a year, and yet only 49% of companies have a business continuity plan. From automating processes to data restore, a BCP can make all the difference.

Disaster Recovery Plan
A subset of the BCP, the disaster recovery plan focuses on minimizing damage and restoring the data and information systems of a business. Data should be frequently backed up and preferably stored at an offsite location so that it can be restored promptly in the event of a disaster and prevent data loss. A robust BC/DR plan promotes a swift rebound and improves business uptime, no matter the crisis.

While essential to protect your business, cybersecurity is not enough on its own to guarantee your organization doesn’t sink in the storm or its aftermath. Building cyber resilience ensures your business rolls with the waves. Your IT department may have super cyber defense measures but an outdated or even nonexistent business continuity plan, or vice versa. Checking off all 8 cybersecurity and cyber resilience steps from the to do list takes a full-fledged team with bandwidth for proactive maintenance, monitoring, and testing.

Many companies, particularly small and medium-sized businesses, do not have the personnel headcount, expertise, or time to fulfill all 8 steps. NexusTek’s certified engineers can augment your IT team and provide some or all of the criteria for healthy cybersecurity and cyber resilience. As an award-winning managed service provider, NexusTek helps businesses across the U.S stay vigilant and improve resilience.

Stay secure and resilient with NexusTek

Share On Social

Don’t Fear the Great Resignation. Here’s Why.

READ TIME: 4 MIN

June 30, 2021

Don’t Fear the Great Resignation. Here’s Why.

Last year revolutionized workforce standards. By April 2020, 70% of workers were off-site either fully or part-time. A year later, COVID-19 vaccinations are sparking conversations around a return to the office environment. But many people refuse to sacrifice the flexibility of their remote work lifestyle. A record 4 million people quit their jobs this April, according to the U.S. Labor Department. Likewise, a record 9.3 million jobs opened in April. While the Great Resignation may be a liberating movement for individual workers seeking more compatible accommodations, business leaders might start biting their nails in panic. We’re here to tell you that companies need not fear the change but embrace it. Let’s review the insights and trending needs of remote workforces, and then we’ll discuss a technology solution to keep your employees motivated and secure with the work lifestyle they’ve grown to love.

Insights from Remote Workforce Research

Work from home is no longer just an added perk, but a standard expectation of employees and new hires.

A Harvard Business School survey revealed that 81% of respondents would prefer to work from home permanently or have a hybrid schedule. And it is not just employees who enjoy the flexibility. Another survey found that 80% of executives intend to offer a hybrid workweek after the pandemic, which is a good thing because 1 in 3 people would look for a new job if they were required to be back in the office full-time.

Remote work capability not only improves employee loyalty but also morale and motivation.

Consulting firm Gallup discovered that employees who spend the majority—but not all—of their time working remotely have the highest level of engagement and satisfaction. Popular reasons people prefer remote work include: 91% better work-life balance, 79% increased productivity and focus, 78% less stress, and 78% avoiding a commute. Gallup recommends a 60/40 hybrid schedule with 3-4 days at home during a 5-day work week.

Working from home saves both companies and employees time and money.

From decreased real estate costs to increased productivity, certain companies can save an average of $11,000 per year for every employee who works remotely part-time, according to a survey by Global Workplace Analytics. Additionally, some employees can save up to $3,000 and gain 14 days a year in money and time they would have devoted to their daily commute.

Trending Needs of Remote Workforces

The results are in: Working from home—at least part-time—is here to stay, which means companies will need to invest in supporting technologies. Let’s discuss the business needs of your remote workforce.

Anywhere operations—crucial for remote employees—goes beyond working from home.

Gartner identified anywhere operations as one of the top strategic technology trends for 2021. The research and advisory company predicts that by the end of 2023, 40% of organizations will have implemented anywhere operations, whose remote access will support employees and enhance the customer experience while managing business services across infrastructures.

Employees must be able to remotely and securely access data and applications from any device.

The rapid shift to a remote workforce has caused the demise of the legacy VPN, which cannot handle the massive volume and must be replaced with a more secure method for employees to access critical company information. The transition also highlighted how many employees cannot bring their desktops and monitors home, and consequently, 56% of remote workers are using their personal computers. If a device fails, they summon another personal device, such as a tablet or phone, to perform their work while they wait for a replacement to arrive on their doorstep. Remote technologies must account for such fluidity between devices, supporting and securing all endpoints for uninterrupted productivity.

Remote employees may have unsecured networks, increasing the chances of cyberattack.

85% of Cisco survey respondents believe cybersecurity is more important now than before the pandemic. In an IDG survey, 33% of firms plan to spend more time on security management activities this year. Businesses must utilize technology solutions that shore up vulnerabilities of remote workers and stop security threats from exposing the sensitive information of both employees and customers.

Technology Solution for Your Remote Workforce

What technology solution answers the remote access, device supportability, and security needs of employees working from home? Virtual Desktop Infrastructure, or VDI.

Cloud-based VDI is a Desktop as a Service (DaaS) solution that allows users to access a virtual desktop from any device and any location. The virtual desktop is in turn hosted on the company’s central cloud infrastructure, which offers several benefits to employees working from home:

Remote Access

Employees can access critical information from anywhere at any time.
IT departments can troubleshoot remotely, reducing time, costs, and health and safety concerns.
After connecting to the virtual desktop, the applications will run off the virtual server’s bandwidth, not a user’s potentially unreliable home network.

Device Supportability

Any device can be used to access the virtual desktop, supporting on-the-go workers.
Companies can cut hardware costs via Bring-Your-Own-Device (BYOD) policies or supplying simple thin clients.
Failed or damaged devices can be replaced instantly, ensuring business continuity.

Security

The cloud-based service is built with security and compliance in mind, and extra security steps such as single sign-on (SSO) and data encryption can also be implemented.
Security updates can be rolled out to all virtual desktops simultaneously, saving time and eliminating risk of a delayed or incomplete update.
No data is saved on a device, but rather in the cloud, so no security breaches will come of a lost or stolen device.

VDI effectively supports the needs of a remote workforce, increasing security as well as productivity. The cloud-based solution also improves budgeting through hardware savings and a reduction in IT hours. VDI is so competitive that its market is set to grow to $30 billion by 2026.

Optimize technology solutions for your remote workforce before the Great Resignation sweeps through your staff. NexusTek’s cloud engineers are at the ready to assess your business needs and recommend the best cloud solution optimized for your organization. As an SSAE 18 SOC II certified company, NexusTek partners with high-security Tier 4 and Tier 5 data centers to safely store your data and sensitive information. As an award-winning managed service provider, NexusTek supports thousands of businesses across the U.S. You could be next.

Enhance and secure your remote workforce with VDI.

Share On Social

3 Ways Energy & Utility Companies Can Increase IT Security Now

3 Ways Energy and Utility Companies Can Increase IT Security Now

READ TIME: 4 MIN

June 9, 2021

3 Ways Energy & Utility Companies Can Increase IT Security Now

You’ve seen the panic in the news; you’ve experienced the fuel shortages at the gas station; you’ve lit your darkened home with flashlights and candles when the power fails…sometimes for days. The health and security of your energy company’s IT systems and network infrastructure do not just impact your bottom line, but the lives of millions—or billions—of people.

After the recent ransomware attack against the largest U.S. fuel pipeline—now considered the biggest known cyberattack on U.S. energy infrastructure—President Biden issued an executive order to improve the nation’s cybersecurity. Oil & gas companies, utilities, and alternative energy producers and suppliers must take their IT seriously as a matter of national security.

Here are ways businesses in the energy sector can improve their IT for healthier, more secure IT infrastructure.

1. Increase uptime to increase security

The energy sector’s infrastructure is aging. Outdated or overworked equipment are more likely to fail more often, leading to egregious system downtime. The 56% of utility respondents in a Siemens and Ponemon Institute survey had at least one system shutdown or operational data loss per year. For a resource that people and businesses utilize daily, even one system shutdown is too many. According to McKinsey & Company, hardware and software failures account for 45% and 39%, respectively, of widespread, unplanned downtime incidents in the energy industry. As utilities expand power grids and oil & gas companies lay more pipelines, the need for reliable technology intensifies, not only for operational efficiency but security. In IBM’s 2020 study of the energy market, system glitches caused 23% of data breaches. The U.S. energy sector will spend $14 billion a year through 2023 to modernize and build a smarter infrastructure. Improving power production and delivery reliability—and decreasing system downtime—drives 44% of power companies to digital transformation, ultimately leading to more robust security from cyberattacks.

Learn more about our customizable managed IT plans.

2. Increase monitoring to increase security

Utilities cannot rely on infrastructure integrity alone. Consistent monitoring and proactive maintenance are required to ensure the health and security of IT systems. In 2020, malicious attacks caused 55% of data breaches in the energy sector, reports IBM, and human error caused 22%. With a 13% increase in security breaches last year over 2019, utilities and oil & gas companies need to be on the defense more than ever. Unfortunately, only 55% of utilities respondents in Utility Dive’s 2020 survey are using systematic and prompt patching for existing systems. This statistic is concerning and could indicate a lack of automation for managing large quantities of assets. Maintaining top network performance in an energy business is critical to prevent security breaches, outages, and the continual availability of heat, electricity, and fuel to protect people’s lives and livelihoods.

3. Increase cost savings to increase security

According to the Department of Energy, power outages cost the U.S. $150 billion annually. Not only that, but one hour of downtime costs electric utilities $300,000. The average power outage in the U.S. lasts 5.8 hours. Multiply that by the cost of one hour and it totals $1.7 million in downtime costs. Utilities and oil & gas companies can modernize their infrastructure to decrease unplanned downtime. In doing so, digitization can also reduce operating expenses by up to 25% and a 20-40% increase in safety, reliability, customer satisfaction, and regulatory compliance. Digitized utilities cut maintenance costs by $50 million in 18 months, according to McKinsey & Company. And don’t forget that modernization and proactive maintenance decrease data breaches, which on average cost an energy business $6.39 million. Plus, any cost savings can be put back into your business to further improve infrastructure and security, keeping pace with compliance standards and presidential executive orders. Utilities and oil & gas companies are growing so quickly that they must outsource their operations. It is likely an energy business does not have the time or skills to also handle modernization and maintenance of IT systems and hiring enough experts can be costly. Outsourcing IT to a managed service provider (MSP), who has the resources and expertise to manage and maintain an energy company’s IT systems for a predictable monthly fee, is an effective strategy. Here are a few ways managed IT can benefit the energy sector:

Fulfill all IT needs or augment an existing IT department to quickly complete tickets and projects, preventing IT burnout.
Deliver routine and proactive monitoring of networks and devices to eliminate IT malfunctions, reduce system downtime, and decrease data breaches.
Provide 24/7/365 IT help desk support.
Offer data backup and recovery in the event of a security breach.
Advise on strategic IT planning and budget with a virtual CIO (vCIO).
Switch your energy business’ IT budget from a CAPEX model to OPEX with a fixed fee.

Everything managed IT does circles back to the security and integrity of your IT systems, protecting your business, your customers, and your country.

At NexusTek, we take the health of your energy company’s infrastructure seriously. As an award-winning MSP with hundreds of IT consultants and best-in-class technology partners, NexusTek has the expertise and resources to ensure utilities and oil & gas companies maintain optimal technology performance. Our multiple network operations centers (NOCs) monitor and maintain your IT systems, installing the latest software updates and patches and offering 24/7/365 IT support for a fixed monthly fee. Our managed IT, cybersecurity, and IT consulting packages can be tailored to fit the needs of your energy company so that your experience is truly “electrifying”, all for a fixed monthly fee. The bad puns come free.