Award-Winning Dallas-Fort Worth IT Services.

Questions? Call (817) 595-0111

You are here: Learning Center / Blog / Recent blog posts

VersaTrust Blog

VersaTrust has been serving the Texas area since 1997 , providing IT Support such as technical helpdesk support, computer support and consulting to small and medium-sized businesses.

What To Do When Your Outsourced IT Provider Isn’t Pulling Their Weight

Businesses rely heavily on outsourced IT. A lack of responsive and reliable IT support can bring operations to a halt, cause significant and costly downtime, cost an organization its customers, and a whole host of additional disastrous consequences. You owe it to your business, and to its bottom line, to ensure you have the best IT support partner in place.

Should someone else manage your tech?

10 Benefits of Outsourced IT Services

What Are Some Indicators That Your Outsourced IT Support Is Not Performing?

If you’re reading this, chances are you probably know there is trouble in paradise between you and your IT provider. As frustrating as it may be, you’ve likely already come to the conclusion that moving from constant troubleshooting with your IT company to finding a new one is the way to go for your organization. If you are still on the fence, however, here are some clear indicators that it is time for your organization to move on and find a better outsourced IT provider.

It takes them too long to respond

When technology goes down, minutes matter. Is your IT company adhering to the turnaround times as outlined in your service level agreement? When there is a major issue, how quickly does your outsourced IT provider respond?

And how about the day-to-day inquiries – what is the average response time on those less urgent, but still important, requests? Is it routinely taking more than one day to get a response? If so, this is a red flag.

Your IT provider should be quick to acknowledge all requests, take the opportunity to seek further clarification where needed, and advise on anticipated time until a resolution will be reached.

Your cybersecurity is bare bones

Cybersecurity is not an afterthought; it is absolutely critical to protecting your organization, its people, and its customers. Questions to consider when determining whether the cybersecurity support being provided by your outsourced IT provider is up to par include:

  • Are they using basic anti-virus solutions or multilayered solutions?
  • What firewall protection measures do they have in place?
  • How are they able to detect unusual activity?
  • What is the escalation process in the event of such activity?
  • Have they recommended multifactor authentication?
  • What security are they using for their own company?
  • What kind of employee training are they recommending?

They are not keeping pace with your business growth

This is not an uncommon problem. Sometimes a growing enterprise has a supplier that, while they may have been a great fit at an earlier stage, just isn’t equipped to deal with heightened growth-driven requirements.

Business growth will be stymied if you don’t have the right suppliers with the right expertise and bandwidth to deliver at your current level. Not to mention, they should be equipped to give proper strategic business recommendations that align with this growth.

Their support is reactive, not proactive

Technology, when used right, can streamline, facilitate heightened collaboration, increase profitability through automation and provide rich data-driven insights.

Your IT company should be proactively looking for tech solutions to your business problems. If they are simply troubleshooting problems, they’re doing your organization a disservice.

A reputable provider of managed IT in Fort Worth will take the time to truly understand your business, then explain why they recommend different IT services and give you a range of options without pressure or manipulation. For your organization to truly realize the high-impact value of an MSP, they need to be more than just a repair service.

This is what proactive managed IT looks like.

The Solution to Subpar Outsourced IT Support

It is a bit of a process to switch outsourced IT support providers, but it is well worth the effort. There is the existing contractual obligation to address. There is also the matter of selecting a new outsourced IT support provider – one that will not bring the same deficiencies to the table.

We provide better outsourced IT to Fort Worth

Look for a company that is passionate about technology and their customers

You deserve best-in-class support services from a company that specializes in cybersecurity. A company that has been the leading IT outsourced provider in Fort Worth for 25 years. Contact us today to get started.

Questions To Consider When Selecting an Outsourced IT Partner

Outsourced IT, also known as managed IT services, has become the go-to business practice for a number of businesses of all shapes and sizes. And with good reason. Working with a managed IT services firm has several compelling benefits:

  • Over half of businesses use a third-party support team
  • Of these, almost 80% feel positive about their third-party partners
  • The leading reason (for 70% of survey respondents) for outsourced IT is cost savings
  • Almost one quarter of small businesses outsource to increase efficiency in their business
  • IT outsourcing spending is expected to exceed $1.3 trillion by the end of next year

While the business case for working with an outsourced IT partner is airtight, not all outsourced IT partners are created equal, and it can be challenging to know if your organization is partnering with the right one. Here we share 5 questions to keep top of mind as you embark on your outsourced IT journey.

What is outsourced IT?

IT outsourcing is the practice of outsourcing some or all of your business technology to an external third-party expert, commonly referred to as a managed services provider (MSP), IT service provider, or IT consultant. Companies use IT outsourcing to reduce labor and business costs, fill service gaps, improve operational efficiencies, and to allow them to focus on the core aspects of their company. When used correctly, outsourcing is an effective cost-cutting strategy and can even give a company a competitive advantage.

5 Questions you should ask an outsourced IT provider

1. Can you choose what is included in your managed IT services agreement?

A: It depends on the provider. The standard managed services package should include things like help desk, basic maintenance, system updates, 24/7 monitoring, and remote IT support, but a wide range of additional services can be added as needed.

2. What additional support services should we outsource to an IT partner?

A: One of the primary reasons why companies move to an outsourced managed IT model is the need for more technical and cybersecurity expertise. With more need for cloud-based services and business communications systems like voice over IP (VoIP), it’s important to consider a company that has expertise in these areas as well.

3. What are some of the cybersecurity educational credentials that an MSP should have in order to ensure they are best qualified and up to speed?

A: Vulnerabilities and cyberthreats evolve quickly. It’s critical to have an IT provider with staff that has the right credentials. The Certified Information Systems Security Professional (CISSP) designation is widely considered as the gold standard of designations in the cybersecurity world. Other leading credentials include the Certified Information Security Manager (CISM) designation, Certified Information Systems Auditor (CISA), and CompTIA Security +. If your provider claims to provide cybersecurity services, you should expect they have employees with these credentials on staff.

4. What are some of the cloud solution factors to consider when working with an outsourced IT company?

A: There is no one-size-fits-all cloud solution. IT providers who make the assertion that there is likely do not have the cloud expertise to provide adequate service. Instead, an IT provider with cloud expertise will ask you about:

· Applications you use

· Bandwidth requirements

· Accessibility and security

· Business continuity and disaster recovery needs

5. What if my organization is unhappy with their current outsourced IT provider?

A: This happens. Sometimes there is a misalignment in expectations or the customer service level isn’t on par with what you need. Or perhaps you simply feel they don’t understand your business and are not the right MSP to support your longer-term organizational growth plans. If it’s time for a new outsourced IT provider, book a no-obligation review of your business systems.

Above all, your IT company should be a business partner in helping your organization achieve its goals. VersaTrust has been serving Texas-based businesses for over 25 years as a true IT partner. Contact us to learn more about the true value that the right outsourced IT partner can bring to your organization.

4 Types of Businesses that Outsourced IT is NOT Right For
Once your business earns annual revenue of $250,000, your data starts growing at a rate that might surprise you – and because of that growth, you may want to consider outsourced IT. According to a recent study from Devolutions, 52% of SMBs experienced a cyberattack in the past year, and many businesses were attacked more than once.

You can try to protect your company from cyberattacks on your own – or you can work with experts who have highly specialized knowledge of how to build the best cyber defense. Outsourced IT can help protect your business from cyberattacks, but it can also do much more.

What is Outsourced IT?

In 2019, the global market for outsourced IT services reached $85.6 billion. Many companies are choosing to outsource their IT – but what exactly does that mean?

Just like outsourced accounting, outsourced IT is the use of professional external providers to supply key services. Infrastructure, daily operations and security are covered under the umbrella of outsourced IT.

Infrastructure involves IT planning, design and procurement. Support services include behind-the-scenes work such as storage, back-up, data recovery, data security and network monitoring. Your internal team and your outsourced IT team will work together to develop a plan for the expected infrastructure lifespan. They’ll also design a plan for the replacement needs of all technology on the network over a period of time.

Managed IT services is another way to describe outsourced IT. At VersaTrust, we provide managed IT services that are proactive in their focus. Managed IT service providers supply a team of certified IT experts who ensure the performance of all your technology.

Enjoy Stress-Free Productivity with Outsourced IT from VersaTrust

Who is Outsourced IT Not Right For?

Some business leaders hesitate to outsource their IT – but not many. Take a look at who outsourced IT isn’t right for.

1. Businesses that want to invest time, money, and personnel into building an internal IT team.

Ninety-four percent of senior managers in technology said that finding skilled technology professionals is challenging. But if you have plenty of time, and your business has the budget to invest in hiring qualified IT professionals and retaining them, then you may not want to invest in outsourced IT.

The reality is, few businesses are in this position. In 2022, hiring managers are facing a shortage of talented professionals – so, even if you wanted to build your own IT team, you may not be able to.

An IT professional that an SMB hires may not be as experienced, competent or efficient as a current employee of an IT company. IT companies dedicate their resources to attracting and hiring the best talent.

When you outsource your IT to a managed IT services provider, you’ll have access to multiple IT professionals. Your projects and your problems will be handled more efficiently and with less disruption when you enlist the support of IT professionals with a wide range of expertise.

2. Businesses that want to invest in equipment/hardware/software

Sixty-four percent of SMB leaders surveyed by CompTIA said that technology (including both hardware and software) is a key factor in reaching their business goals. Making the right decisions about what equipment and what cloud services to invest in is just the beginning. Setting up and monitoring these systems takes time and expertise.

Business leaders who want to get their hands dirty in the nitty-gritty of technology, and who enjoy the process of researching cloud options, software, and setting up new machines, probably don’t want to outsource their IT.

But if you’re interested in spending your time and energy in other areas where your talents lie, then outsourcing your IT is the better option. Managed IT service providers give recommendations based on your specific business needs. You don’t have to spend your time or money doing it yourself – your managed IT services team will do It for you.

VersaTrust will help you achieve YOUR goals!

Contact us today for a free, no-obligation review of your business systems

3. Businesses that are always up to date with the latest cybersecurity threats

A University of Maryland study found that there is one hack attempt every 39 seconds on average, resulting in a total of 2,244 attacks a day. Can your SMB defend against this high rate of attack?

Constantly monitoring your network to ensure that your data is safe is one key best practice to prevent a successful cyberattack, whether it’s phishing, malware or ransomware. If you have the time to stay on top of the latest threats – and then to adjust your infrastructure to respond to them – then you may not want to outsource your IT.

On the other hand, an outsourced IT team can stay current on the latest tactics used by hackers while monitoring your network. You won’t need to wonder if your business is secured against threats, or if one of your IT systems will go down all of a sudden because of hackers. A managed service provider will bring peace of mind by taking these worries off your plate.

Most MSPs will work to make sure your business is secure, and an expert MSP will take a proactive approach to resolve any potential security issues before they affect your business.

4. Businesses that view IT as just an expense that needs to be cut

Some business leaders think of IT as just another expense – and one they want to cut down as much as possible. Leaders who do not value IT as a pathway to growth will not benefit from outsourced IT services.

Three key advantages of outsourcing IT are the proactive planning, hands-on support and prowess of the expert IT team. Business leaders who don’t see how IT can help them grow long-term won’t benefit from a relationship with a managed IT services provider. However, many business leaders see how tech tools can help their business adapt and grow in new ways, focusing on the long-term.

Defend Your Business Against the Cyberthreats of 2022 with the Help of the Experts at VersaTrust

Outsourced IT can help your business by providing highly skilled talent, the right hardware and software, expert cybersecurity and long-term strategies to leverage IT for your growth. When you partner with the experts to manage your IT, you’ll gain peace of mind knowing that you have everything covered. It’s almost impossible to do everything on your own. Outsourced IT can help.

Time for a New IT Company? Get help now

4 Signs It’s Time to Break up With Your Fort Worth IT Services

Fort Worth IT services provider should make sure your business is prepared for the challenges of today. The polar vortex storm that hit Texas in mid-February 2021, knocked out power to 10 million people and caused $24 billion worth of damages. Natural disasters are happening more frequently, and their impact on business operations is expensive. Consider these statistics:

  • Texas residents experienced the coldest air mass in the state since 1989, and temperatures were some 40 degrees lower than normal. Dallas dipped to -2. The polar vortex cost businesses downtime and repair expenses.
  • As a group, the Western fires in 2021 caused $10.6 billion in damages, which was the 3rd most expensive disaster of 2021.

Preparing for natural disasters is one of the key areas where your current IT provider should be strategizing for business. If they’re not, that’s a hint that they aren’t taking your business seriously. Take a look at these signs that it’s time to break up with your current Fort Worth IT services provider.

# 1 You Don’t Have an IT Response Plans for Natural Disasters

On April 27, 2021, hailstorms hit suburbs of Fort Worth, San Antonio, and Oklahoma City, causing major damage to homes and commercial properties. But hailstorms weren’t the only issue. In fact, the Red Cross responded to 1,800 disasters in the North Texas region in 2021.

Natural disasters are becoming more and more frequent, and you need to be confident that your organization has a plan for when the power goes out and work still needs to be done. Any natural disaster can cause system-wide outages which are, at the very least, both costly and stress-inducing.

According to FEMA, about 25% of businesses never reopen after disasters. Staying financially solvent while not operating the business due to IT downtime is impossible for some SMBs. That’s why a disaster recovery plan is so crucial.

Is your current IT services provider supplying you with a complete natural disaster preparedness plan? VersaTrust can help you keep your data safe and make sure you’re getting everything your business needs.

Get a Free IT Security Audit

# 2 Your Security Feels Lacking

A recent study from Devolutions found that 52% of SMBs experienced a cyberattack in the last year, and 10% of those have experienced more than 10 cyberattacks. Now more than ever, cybersecurity is critically important to your business.

A multilayered cyberdefense involves more than just the right antivirus, antispam, and firewalls. Your systems should be continually monitored for signs of trouble and should remain updated and upgraded at all times to remove backdoors.

VersaTrust is ruthless when it comes to your security. We will target your business like a hacker to discover the gaps in your security and help you find aging technologies, missed steps, and overlooked vulnerabilities. Learn more about our managed IT services and strategic technology services.

# 3 You’re Behind the Curve When It Comes to the Cloud

One Microsoft survey found that 20% of SMBs that transitioned to the cloud had a lower IT spend within 3 years. On the other hand, only 4% of companies that didn’t transition to the cloud could say that their IT budget decreased during the same period.

While the biggest benefit of the cloud is the potential for cost savings, that’s not the only reason to transition to the cloud. It also empowers your employees to work remotely and can provide higher levels of security.

You probably already use some cloud tools on a daily basis, but are you fully leveraging the cloud to your advantage? VersaTrust can help you take advantage of cloud services and cloud technologies that will give your business cost savings, greater security, and flexibility.

# 4 You’re Missing Out on DoD Contracts

If your business currently is or is interested in becoming a contractor or supplier for the Department of Defense, your cybersecurity needs to meet a set of requirements. When businesses don’t meet these requirements, the DoD can both terminate the contract and seek damages for breach of contract, as well as false claims.

You can try to meet the compliance requirements on your own. To do this, you must submit an attestation stating that you are complying with the Defense Federal Acquisition Regulation Supplement (DFARS) and that you have implemented the National Institute of Standards and Technology (NIST) security controls.

Certain contractors have the option of achieving compliance through a federal team inspection. However, many contractors choose to have their cybersecurity audited by a 3rd-party organization. VersaTrust can help you meet – and go beyond – compliance regulations.

Work With a Fort Worth IT Services Provider That Covers It All

VersaTrust is a Certified Information Systems Security Professional, which requires at least 5 years of verified experience working in information security; endorsement from another CISSP in good standing; passing a 3-hour, 150-quesiton adaptive test; and completing 120 hours of continuing education every 3 years.

We take your cybersecurity and IT services seriously. VersaTrust will make sure you’re in compliance, prepared for natural disasters, leveraging the cloud, and up to the latest cybersecurity standards. Is your current IT provider taking these 4 areas seriously?

Don’t settle for less. VersaTrust has the services you need to succeed in 2022 and beyond.

Let’s Talk About Your IT

5 Cyber Trends an Outsourced IT Support Services Firm Says You Can’t Ignore

Tech companies experienced a 2,300% increase in cyberattacks in 2021, according to Deepen Desai, CISO and vice president of security research and operations at Zscaler. But tech isn’t the only industry that’s been hit, and the attackers aren’t likely to go away any time soon.

As hackers develop more sophisticated methods of attack, it’s important to be aware of the security concerns that may affect your company. Watch out for these 5 cybersecurity trends in 2022 and learn how you can protect your business.

#1 Remote Work Vulnerabilities

Devices that belong to the Internet of Things experience an average of 5,2000 attacks per month, according to Symantec. Those devices are often hooked up to home networks – networks that remote employees use to access work files.

When all employees worked on-site, the area that bad actors could attempt to exploit and attack was tiny compared to the decentralized remote work environments of today. For many companies, a return to a fully on-site staff in the short term is unlikely.

While home office kits, faster broadband, and more devices have made remote work more agile, they have also increased security threats. Home networks are rarely as secure as on-site cyber defenses, and there are also more unsecured devices connected to the home network, creating even more vulnerabilities.

Sometimes, employees who are working from home may fall into a comfortable routine and adopt a more lax approach to how they use their devices and the software that they download. Tech used without either the permission or the knowledge of the IT department can create vulnerabilities since they haven’t necessarily been vetted by your IT team to ensure that they are secure and will keep you safe.

The solution? Set up the controls you need while also empowering your employees to work securely while they’re remote. Be confident that your team has the right software, hardware, and equipment to keep your data secure. Talk to an expert at VersaTrust about the security of your remote team to keep them and your company data safe.

Learn about how advanced security systems can keep you protected and running in the new year

#2 More Attacks in the Cloud

Gartner forecasts that Software as a Service (SaaS) revenue will grow to $151.1 billion in 2022, which makes these applications an attractive target to hackers looking for a major payout.

SaaS tools have solved many problems, but they come with their own set of issues. Did you know that poor management, or a lack of management, can lead to SaaS data leaks?  It’s not just the user’s responsibility to keep their account protected; management plays an important role. These solutions need to be properly updated and monitored to remain cyber secure.

SaaS solutions are vulnerable to attacks like any other business. Recently, the HR management platform Kronos was attacked by a ransomware group. Kronos retained data about their clients that the ransomware attackers were able to access. This breach caused scheduling, timesheet, and payroll problems for businesses that use Kronos.

Kronos isn’t the only third-party service that ransomware groups have successfully targeted. In fact, hackers go after SaaS providers and third-party services because they can breach more companies in one attack. In 2022, remember that SaaS solutions are also vulnerable to attack, and they can turn into serious cybersecurity problems.

What’s your solution? Before purchasing or downloading any new SaaS tools, make sure they are secure. Our team at VersaTrust can point out possible vulnerabilities and explain what needs to happen before you adopt a new SaaS tool to close those security gaps. Take a look at how we keep you secure.

#3 Attacks with a Human Element

Eighty-five percent of data breaches involve what Gartner calls “a human element” – aka people inadvertently clicking on links or wiring money to criminals. Hackers succeed because they know how to exploit the blind trust most people put in communications that look like they come from the boss or a business partner. It’s called social engineering. Here’s how it works:

A hacker creates an email address with a similar name to the CEO and asks employees to send them money. Or they send a link in an email that looks harmless, but actually contains a virus. Either way, the trusting employee falls for the scam and suddenly you’re dealing with a data breach.

These attacks are only going to increase. According to Troy Gill, senior manager of threat intelligence with Zix | App River, email will be increasingly targeted in 2022.

Everyone is responsible for cybersecurity, but many people are unaware of just how much one mistake can cost in terms of lost data and ransoms. To solve this problem, everyone on your team needs to be educated about and aware of potential threats. Empower your staff to be more secure through training that’s easy to understand and relatable. Start by sharing this article about phishing with your team to help them identify what they should be looking out for in emails before they click.

Contact us and let’s start working on your cybersecurity strategy for 2022

#4 Ransomware Hasn’t Gone Away

According to the National Security Institute, the average requested ransom fee increased from $5,000 in 2018 to $200,000 in 2020. When those attacks succeed, the costs are astronomical. The average total cost to an organization of recovering from a ransomware attack was $1.85 million in 2021.

Ransomware attackers have changed their strategies. Instead of using large-scale, generic, and automated attacks, hackers are using more advanced methods. Specifically, they’re attempting more hands-on keyboard hacking that’s more targeted while focusing intently on fewer organizations.

The ransom fee isn’t the only cost involved, however. Recovering from a successful ransomware attack takes time, impacts customers, and even requires rebuilding systems. According to Sophos, these costs, on average, come out to 10 times more than the ransom paid. Many companies that are victims also never get their data back.

In 2022, stay focused on preventing ransomware attacks. Don’t just detect and respond. Focus on predicting and anticipating risks. An expert at VersaTrust can show you how our fortified IT and security can keep your business’s data safe.

#5 Fight Back with a Multi-Layered Cyber Defense from an Outsourced IT Support Services Firm

Of the 32% of organizations that chose to pay a ransom during a 12-month period, 29% got half or less than half their data back, and only 8% managed to retrieve all their compromised data, according to a report from Sophos. Paying an attacker doesn’t mean you’ll get your data back, so do everything you can to prevent an attack in the first place.

Businesses are fighting back against remote work vulnerabilities, attacks in the cloud, social engineering scams, and ransomware attacks. It’s impossible to ignore what’s happened in the cybersecurity realm in the past few years. Because of the serious and expensive consequences of these attacks, there’s more awareness of and funding for cybersecurity solutions.

A strong cyber defense strategy uses a multi-layered approach that not only responds to attacks but also proactively defends against them. For many companies, it’s a matter of if not when an attack will happen. Partnering with security professionals like VersaTrust can help you prepare and respond.

Outsourced IT support services firms provide the expertise you need to navigate these current cyber trends. In 2022, prioritize budgeting for security and investing in a strong cyber strategy that aims to prevent attacks and mitigate risk. VersaTrust’s multi-layered approach uses proven technologies to provide detection protection. Learn more about how we can help your business here.

Outsourced IT support services like VersaTrust can help you plan how to respond to the most recent cyber trends 

Cybersecurity Tips on Working from Ho-Ho-Home This Holiday Season

The remote work or work-from-home business model is here to stay. Just consider these statistics:

  • Companies that embrace remote work have 25% less turnover than those that don’t;
  • In the past decade remote working has increased by 115%;
  • 86% of employees feel that remote working reduces stress;
  • People who work remotely half of the time save 11 days’ worth of commuting time every year; and
  • Telecommuting reduces greenhouse gas emissions by an amount equivalent to 600,000 vehicles.

These are some pretty compelling reasons to embrace remote working. While working from home is convenient and has many benefits, it also exposes individuals and businesses to a number of cybersecurity risks. Whether employees are connecting to networks from the office, from home, or from their local coffee shop, businesses need to plan for the risks of cyberattacks (such as data loss and leakage) and work to mitigate them. Networks with a centrally managed corporate network and remote workers present unique security challenges.

With the holiday season right around the corner, there are heightened cyber risks that come along with the season. Between the increased online shopping and potential travel plans, cybercriminals see the holiday season as a major prospective payday. Here we review some general strategies for addressing holiday cybersecurity this season.

Remote Work Cybersecurity Strategies

To keep information safe, business owners need to educate their employees on how to manage network security, work securely, and prevent the migration of home vulnerabilities to the office. It is also important that employees and employers receive a basic level of cybersecurity training so that they understand the implications of their actions. Cybersecurity executives and professionals aren’t the only ones who need to know how to deal with cyber attacks.

This new way of working expands the potential of cybersecurity threats with new vulnerabilities surrounding every employee whether working from home or at a local coffee shop. Here are five strategies to mitigate any security risks associated with remote working vulnerabilities:

  • Experts recommend that telecommuters use a secure VPN to provide end-to-end encryption. For organizations that allow access to email and cloud services from an employee’s personal device, it is recommended to apply the same endpoint security rules for antivirus software and custom firewalls as for employer-managed devices.
  • Empower employees to address the security of their home networks. Personal computers are an easy way for attackers to gain access to networks. Ensure employees have passwords to home routers and the proper firewalls in place to decrease the chances of an attack.
  • Implement policies that require employees to change their various device and application passwords frequently, ideally at least every three months. Passwords should be complex with specific character requirements, and not of the ‘123456’ variety.
  • Be selective about what software and applications are allowable, and ensure that employees know not to install unapproved applications.
  • In the event that a cyberattack does happen on a staff members’ home system, ensure that employees know to report it immediately 

E-Commerce Cybersecurity Strategies

Online shopping and the holidays go hand in hand. Heck, there is even a day specifically for e-commerce transactions (Cyber Monday, which falls on the Monday following Thanksgiving). It is safe for organizations to assume that their employees will be indulging in some online shopping during the holiday season, and they should plan accordingly by instructing their staff to ensure that all internet-connected devices ‒ including PCs, smartphones, and tablets ‒ are free from malware and infections by running only the most current versions of software, web browsers, and other apps. Employees should be mindful of the e-commerce sites they are visiting by shopping only on sites that use SSL protection. The easiest way to tell whether a site uses SSL protection is to check the browser’s address bar for HTTPS in the URL. Sites without the ‘s’ in HTTP are not safe to submit payment information or other personal details and should be avoided at all costs.

Employees should also be encouraged to regularly monitor their accounts, check their online financial accounts regularly for suspicious spending, and to take advantage of text and email alerting services that many banks and credit card companies now offer.

Identity Theft Cybersecurity Strategies

Identity theft, also known as identity fraud, is a crime in which an attacker obtains key personally identifiable information, such as social security numbers or driver’s license, in order to impersonate another person. Identity theft has taken on a new lease of life in the digital age, and our data has become a valuable asset that can be monetized and used to engage in fraudulent activities.

The best way for employees to protect themselves from identity theft is to be diligent about not sharing personal information and shredding sensitive documentation as needed. Creating, and regularly updating, long and unique passwords for all accounts and using multi-factor authentication wherever possible are also strong tactics for mitigating the risk of identity theft. 

Phishing Cybersecurity Strategies

With the expansion of telecommuting, vulnerabilities have increased as more devices are being introduced into corporate data ecosystems and new phishing schemes have been introduced. The FBI reports that phishing was the most common type of cybercrime in 2020 with the number of incidents reported doubling between 2019 and 2020. ‘Think before you click’ is a mantra that should be adopted and regularly repeated by all organizations.

Cybercriminals have really stepped up their phishing game in recent years. The FBI recently shared this list of the top ten most common phishing email subject lines from last year:

  1. IT: Annual Asset Inventory
  2. Changes to your health benefits
  3. Twitter: Security alert: new or unusual Twitter login
  4. Amazon: Action Required | Your Amazon Prime Membership has been declined
  5. Zoom: Scheduled Meeting Error
  6. Google Pay: Payment sent
  7. Stimulus Cancellation Request Approved
  8. Microsoft 365: Action needed: update the address for your Xbox Game Pass for Console subscription
  9. RingCentral is coming!
  10. Workday: Reminder: Important Security Upgrade Required

It’s easy to see how employees could be taken in, which is why it is critical to provide regular security training for your employees so that they understand and be able to spot phishing scams, malware, and social engineering threats. In addition to conducting phishing awareness courses, organizations can conduct mock phishing drills to keep employees alert and only click on links they trust. Ensuring your employees are educated in the ways to identify phishing attempts will go far towards keeping your networks and data safe and secure.

Ensure Your Stress-Free Holiday Season

While it is a magical time of year, the holiday season can also come along with it’s share of stresses. Between the jam-packed social calendar, family commitments, working hard to pick out the perfect gifts, and the general busyness of the season, there are plenty of things to add stress without piling on cybersecurity-induced stress.

Wondering if your company is safe and primed to survive the holiday season cyber safe? Versa Trust has been serving Texas businesses for over 25 years and can give your organization the peace of mind it so richly deserves this holiday season. Their suite of security services will protect your data, save you money, and keep your organization cyber safe. Connect with them today for a no-obligation risk assessment.

Tightening Security with Microsoft Azure

Combatting Cybercrime with Multi-Factor Authentication in Microsoft Azure

Originally Published December 2017

Back in 2020, working from home emerged as a necessity in response to a pandemic. Now, businesses have realized the convenience and appeal it offers, and an increasing number of companies have incorporated remote or hybrid work into their overall business strategies.

In addition to the rise in remote work, we have also seen a number of high-profile business breaches over the past year that have highlighted the importance of cybersecurity. The SolarWinds breach and the Colonial Pipeline attack both clearly demonstrate that businesses of all sizes can be hit by these criminals, and everyone needs to be ready. Businesses have begun to realize that criminals care less about the size of your organization or your industry. They only care about whether or not they see you as a likely target.

With employees working from their own offices and breaches disrupting businesses of all sizes, cybersecurity has to take center stage in a new way. Keeping your network safe, while also ensuring your employees have access, requires a careful balance. Multifactor authentication can provide you with an excellent tool to get started. Let’s explore the value that this single authentication strategy can offer.

Breaking Down the Basics: What Is Two-Step Verification?

Two-step verification serves as a critical second layer of security that demands an additional method of authentication to allow user sign-ins and transactions. It works by requiring two forms of account authentication to prevent unauthorized access or account hacks.

Two-factor authentication involves any two or more of the following verification methods:

  • Something a user creates and knows (typically a password)
  • Something only the user has possession of (a trusted device that is not easily duplicated, like a smartphone or tablet)
  • Something entirely unique to the user’s actual being (biometrics like fingerprint logins)

As people work from home and engage with their organizations remotely, they access company networks across a variety of platforms and devices. Between smartphones, tablets, laptops, and PCs, business users have multiple ways to access accounts and applications from anywhere. Two-step verification allows business users to implement an extra layer of protection in this growing digital atmosphere. Furthermore, as leaders in business technology optimization, Microsoft has wasted no time in implementing their own two-factor authentication method for Azure.

Secure Azure: Benefits of Multifactor Authentication in Microsoft Azure

Azure multifactor authentication (MFA) is an easy-to-use, scalable, and reliable two-factor authentication solution that provides increased protection of user accounts. Azure MFA helps professionals control and protect access to data and applications, without creating a ridiculously complicated and irritating sign-in process for users. Azure MFA allows users to implement a reliable authentication system, through a variety of mediums.

Let’s break down the key benefits of implementing Azure MFA:

Easy To Use

First and foremost, Azure MFA is incredibly simple to implement and even easier to use. The extra protection that comes with Azure MFA allows users to manage their own devices, from anywhere, which alleviates the security burden for management and IT admin staff.

Scalable

Azure MFA harnesses the power of the cloud and integrates seamlessly with on-premise applications. This means Azure’s authentication feature can handle high-volume, mission-critical situations and is equipped to support business growth.

Consistent Protection

Azure MFA is designed specifically to ensure consistent and user-friendly authentication processes for business users. Azure MFA provides this consistent protection by deploying the highest industry standards and best practices.

Reliable

Because business never sleeps, Microsoft guarantees 99.9% availability of Azure MFA. The service is only unavailable when it is unable to receive or process verification requests for authentication.

How It Works: Functionality Considerations for Azure Multifactor Authentication

Azure MFA is so secure, thanks to its layered approach to protection. Hackers looking to gain unauthorized access to an account will have a much harder time compromising multiple checkpoints, as opposed to basic, password-only options. By implementing Azure MFA, even if a cybercriminal were to crack a user’s password, the information would be useless without possessing a trusted device or completing the next authentication step.

This means that, even if an employee’s home internet is breached or if your assistant forgets their laptop in their hotel room, you have an additional level of security protecting your information.

Azure multifactor authentication helps lock down access to data and applications, while meeting user demand for a simple sign-in process. It provides additional security by requiring a second form of authentication via a wide range of easy and customizable verification options.

The following is a list of methods that can be used for second-step verification:

Phone call

Here, a call is automatically placed to a user’s registered phone. To authenticate access, users enter a PIN, if necessary, followed by the # key.

Text message

If preferred, users can receive a text message on their mobile phones. The message will provide a six-digit code, and users then enter this code on the sign-in page to authenticate.

Mobile app notification

Users can also set up verification through the Azure mobile app. A verification request will be forwarded to a user’s smartphone, and the user is then able to enter a PIN, if necessary, followed by selecting Verify on the mobile app to authenticate.

Mobile app verification code

Similar to the previous option, the Azure mobile app also has a verification code feature that users can take advantage of. The app, running on user smartphones, has a tool that generates verification codes that change every 30 seconds. Users select the most recent code and enter it on the sign-in page to authenticate.

Third-party OATH tokens

Finally, if – for whatever reason – the above options aren’t preferred, the Azure multifactor authentication server can be configured to accept third-party verification strategies as well.

IMPORTANT NOTE: Azure multifactor authentication provides varying verification methods for both the cloud and server platforms. Business owners can choose which methods are available for users. For full details, check out info on selectable verification methods.

Strategies for Implementation: Getting Started With Azure Multifactor Authentication

Now that we have the lay of the land, let’s take a look at the steps necessary for implementing Azure MFA for business users. Implementing the solution isn’t difficult at all and, if business owners follow this step-by-step guide, they’ll have a second layer of security deployed in no time.

PREREQUISITE

Before anything else, businesses must be signed up for an Azure subscription.

In order to take advantage of Azure MFA, businesses that do not already have an Azure subscription will need to sign up for one. If you are just starting out and want to take a test drive, there is a trial subscription option.

Enable Azure Multifactor Authentication

This part is generally easy and automatic. As long as business users have licenses that include Azure MFA, there’s nothing that you need to do to manually activate the feature. You can start requiring two-step verification on an individual user basis under the following Azure licenses:

However, if you don’t have one of these 3 licenses, or you don’t have enough licenses to cover all business users, you’re not out of luck. You’ll just have to complete an extra step and create an MFA provider in your Azure directory. For full instructions, check out this guide.

Turn on two-step verification for users

Next, business owners need to turn on the two-step verification feature so that it’s required of all users. You have the option to enforce two-step verification for all sign-ins or create conditional access policies to require two-step verification only in certain situations. This can be valuable for businesses that want to add an extra layer of security for people working from home offices or other remote locations. You can require additional authentication steps for those accessing data outside of your office network. There are a variety of ways to set up your preferred method – you can find a collection of step-by-step procedures here.

Configuration

Finally, once Azure MFA is set up, business owners can configure and optimize deployment. The configuration allows for a variety of customizing strategies, like fraud alerts, bypass permissions, trusted device logs, and more. For full details on strategies for configuration, check out this how-to configuration guide.

The business environment continues to change at a rapid pace, particularly with the widespread adoption of hybrid and fully remote work options. As businesses look to combine the convenience of allowing employees to work remotely with the necessary security, they need strategies that will protect their data and information. This means it’s now more important than ever for business owners to get strategic with IT security.

Azure’s MFA two-factor verification solution offers business owners an easy way to combat cybercrime, empower users and protect company data. Employees have an extra level of protection on their devices and for their different platforms, whether they log in from an office building or from a location a thousand miles away. Azure MFA operates as an additional line of defense for business users, making it harder than ever for cybercriminals to hack into password-protected accounts.

Is your company making use of Azure MFA or another solution for two-step verification? If not, what are you waiting for? Whether or not you have implemented remote work options, cybercriminals have made it clear that they continue to look for new ways to breach business networks. Implementing two-factor authentication is one of the easiest ways to up your cybersecurity game. If you have questions about implementation, reach out to a local IT firm for professional consultation. You have nothing to lose and everything to gain.

Improve Your Cybersecurity Year-Round

This week is the final week of Cybersecurity Awareness Month, but that doesn’t mean that you or your organization should be relaxing your efforts to be more cybersecure. In fact, every aspect of our connectivity, from our devices to the cloud, can affect the future of our personal, consumer, and business cybersecurity.

This week is the final week of Cybersecurity Awareness Month, but that doesn’t mean that you or your organization should be relaxing your efforts to be more cybersecure. In fact, every aspect of our connectivity, from our devices to the cloud, can affect the future of our personal, consumer, and business cybersecurity.

Cybersecurity is increasingly becoming more of a consideration in how we work, learn, and play. It is rapidly expanding beyond the realm of just cellphones and computers and will soon encompass network-connected IoT devices, like smart thermostats, driverless trucks, and even children’s toys. The IoT market is set to reach a value of more than $1 trillion in the next few years, expanding both our connections and capabilities, as well as the potential for new and ongoing breaches in cybersecurity.

Cybersecurity can be overwhelming, especially when you’re dealing with a crisis, like a breach or a hack in your workplace. However, when we treat cybersecurity as a year-round effort, it becomes much easier to manage.

Today, we’ll guide you through some of our most useful and actionable tips to help keep cybersecurity a priority throughout your company, reducing your risk of being targeted by cybercriminals.

Actionable tips for year-round cybersecurity

Being cybersecure doesn’t just begin and end with your IT department. As a business owner and company leader, you have a responsibility to do your part and incorporate greater awareness of cybersecurity into every decision you make.

Making these changes doesn’t have to be an expensive proposition, although many companies are making sizeable investments in this area this year. Annual global cybersecurity spend is growing at a rate of 12–15%, with more than $1 trillion expected to be spent between 2020 and 2025 alone. Making risk-reducing changes can be as simple as limiting file access since, currently, reports show that two-thirds of companies offer all employees access to at least 1,000 sensitive files. This can be remedied quickly and will immediately reduce your risk and limit damages in the event of a breach.

Here are a few more of our most useful tips to help you be more cyber aware.

Remember smart devices connected to the cloud need smart security

Making investments in IoT and smart devices can make our workplace smarter, offering actionable insights that we can use to help increase productivity. However, the use of these devices should not be undertaken lightly.

Instead of unthinkingly letting these devices access your network, take the opportunity to work with your IT department to create new security policies that govern your company’s use of these objects.

Ensuring that these devices are configured correctly will help ensure better security, but that’s just the beginning. Regularly updating devices with the latest patches and network settings will help ensure they remain protected from hackers, who can use them as the first point of contact to access sensitive files and data.

Put cybersecurity first in every decision

As a leader, there’s very little that goes on within your business that you aren’t involved in. Even if it isn’t your forte, you still need to be an advocate for cybersecurity and ensure that it’s considered a critical part of every decision.

Whether you’re leading the development of better cybersecurity policies or simply creating relationships with reliable agencies and partners to ensure you always receive timely access to cyberthreat information, you have enormous power to implement positive change. Make sure that you’re using it to put cybersecurity first in every aspect of your job.

Advocate for strong passwords and passphrases

If companies do not develop strong and resilient password policies, employees will be left to determine the best practices of password creation on their own. Instead of prioritizing company security, most employees will simply do what’s easiest for them, leaving company data and systems vulnerable.

Strong password policies can empower your employees, making it easier for them to get involved in the cybersecurity of your organization. Training them on password best practices and providing them tools like an electronic password manager are great first steps.

Never use public computers to log into your accounts

When you’re trying to stay on top of company business, it’s tempting to bypass security in favor of getting work done. This drive has led many business leaders to use public computers to log into their secure work accounts. These public devices are not safe for secure company work, even if it’s something as simple as checking your email.

Always err on the side of caution and avoid using these public machines. If you have used a public computer to conduct work business in the past, change the passwords on those accounts now.

Turn off Wi-Fi and Bluetooth when idle

When your Wi-Fi and Bluetooth connectivity is engaged, your location is being tracked. To help limit your exposure, especially when you’re in the workplace, you should always disconnect your Wi-Fi and Bluetooth capabilities when they are not in use.

More resources:

Looking for more resources on how to help your company be more cyber aware? Check out this list of resources from the Cybersecurity & Infrastructure Security Agency (CISA), the organizers of Cybersecurity Awareness Month.

How cloud computing can improve your organizational cybersecurity

If your sensitive data and applications are all hosted on a local server, this can be a huge potential risk for your cybersecurity. Making a move to the cloud can help offer better protection for these assets, while also simplifying the process of regular backups and disaster recovery efforts. Many organizations have used the upheaval of the last year to implement new cloud architecture, with forecasts projecting a global spend of almost $75 billion in 2021 alone.

Have you considered implementing more cloud computing to help with your organization’s cybersecurity? What’s holding you back?

This is a complex, yet necessary, process that can help lower your company’s risk for a breach. If you aren’t sure how to proceed, a trusted cloud expert can help you determine the best way forward.

Enlist a Dallas-Fort Worth cloud services expert for continued cybersecurity support

VersaTrust has been working with businesses in the Dallas-Fort Worth area for over 25 years. In that time, we’ve been trusted to implement quality IT solutions for small- and medium-sized businesses, to help improve their ROI and ensure their ongoing cybersecurity.

Want to start a conversation about improving your organization’s cybersecurity through a move to the cloud? Reach out to VersaTrust to start the conversation today.

Cybersecurity Professionals Are Difficult To Find – Consider Outsourcing

With the labor market increasingly taxed by the Great Resignation, Outsourced IT services are increasingly in demand. Add in this decade’s rapid spike in cybersecurity woes, and it becomes an even more desperate picture. Hardest hit are small businesses whose profit margins are under pressure from inflation and that are struggling to hire and retain talent.

According to the 2020 Cybersecurity Workforce report, the IT industry is currently in need of 3 million qualified cybersecurity workers. 64% of the cybersecurity professionals surveyed say their organization is impacted by this cybersecurity skills shortage.

Until recently, most businesses have been able to skate by on bare-bones cybersecurity. Relying on a single software solution or firewall to keep them safe. Cybersecurity can no longer be an afterthought – even for micro-enterprises. If you deal with information, you’re dealing in gold – and it is absolutely critical to safeguard your organization, workforce and clients.

Consider what security measures you have in place, and then consider how rapidly an issue would be remediated by your team. If you don’t have a cybersecurity expert on staff, or haven’t consulted with one, chances are there are big gaps in your security. Outsourcing IT for cybersecurity doesn’t mean you have to replace your current IT staff. On the contrary: a provider can support and augment your team, so you have the best of both worlds.

Outsourcing allows small and large businesses to leverage economies of scale for their IT needs. A recent study from Computer Economics found that security was the fastest growing IT role being outsourced. It’s little surprise, as more companies recognize they can’t insource the right skills to address these varied and complex threats and keep their companies safe. That makes security a priority for outsourcing.

By choosing to leverage external resources, these companies can refocus on their core competencies and offload the external pressures created by an ever-changing IT threat landscape, increasing complexities presented by technology and the scarcity of IT employees who can navigate these challenges at a fair price.

There are several benefits to outsourcing IT, especially when it comes to improving your security.

Here are our top 5:

Expert Cybersecurity, Affordable IT Services

Outsourced IT security management calls for expertise in diverse skill areas, typically requiring multiple specialists. At the same time, there is a market-wide shortage of these skills. Hiring and retaining workers with the requisite skills to protect your company is expensive and uncertain. In contrast, you can access a team of such experts by outsourcing and pay flat fees with relative certainty that your IT team is going to be there, protecting you around the clock.

Focus on your core business

Outsourcing your IT even partially can free up critical resources to focus on the core of your business. Your existing IT team can manage infrastructure and all those “keeping the lights on” tasks or turn their attention to strategic initiatives to make your business more effective and competitive. For example, outsourcing your IT security allows your staff technicians to focus on high-impact projects that lead to the success and growth of your business.

Informed policy guidance

The IT threat landscape is always changing, and companies that don’t have a full, expert grasp of the extent of these security risks can’t adequately address them. Creating effective security policies takes in-depth experience that most IT generalists don’t possess. For instance, the IT staff in your company may not be able to accurately assess the effectiveness of your existing security policies or how well your company is keeping up with compliance requirements you’re required to follow.

Unbiased checks and balances

Your IT security is best outsourced, because it ensures some necessary degrees of separation between your company and your security checks and balances. Processes like security assessments and recommendations can become sensitive territory when managed internally. Outsourcing puts it in the hands of neutral parties who are fully vested in protecting your organization and can offer verification of that protection.

Comprehensive security coverage

Most companies focus on infrastructure security measures, like firewalls, anti-virus and spam filtering, but fail to address internal threats or physical security risks, like inappropriate data access or removal and employee security lapses. These actually represent a large risk to organizations. Employees removing confidential information on a USB key or a busy manager clicking on a phishing link can have catastrophic results. The nuances of these internal threats rely on trained security professionals. It’s not something you can have a regular IT person scout for with enough success to detect all the vulnerabilities.

With an outsourced IT provider, you can address security from all angles, covering your bases and providing safeguards and protections your internal IT staff often don’t have the experience, training and skills to implement and oversee. Given that 60% of small businesses suffering a serious cybersecurity incident go out of business within 6 months, outsourcing your IT security could be one of the most important decisions you make as a business owner.

The Outsourced IT Provider Fort Worth Trusts for Cybersecurity

We’ve provided outsourced IT services for companies throughout Fort Worth to improve their cybersecurity, get compliant with regulatory mandates and weather the storms of the 2020s. By partnering with VersaTrust, you get the benefits of a fully compliant IT and security team at the fraction of the cost of having an in-house IT team. At VersaTrust, we work with you to continually improve your IT and cybersecurity as your business grows.

Contact us today to find out how we can help your business grow!

Cybersecurity Awareness Month: Phight the Phish

October is Cybersecurity Awareness Month. Now, in its 18th year, Cybersecurity Awareness Month exists to help Americans develop an appreciation and awareness of the importance of cybersecurity. One of the focus areas of this year’s campaign is phishing. And with good reason. Consider the following statistics:

October is Cybersecurity Awareness Month. Now, in its 18th year, Cybersecurity Awareness Month exists to help Americans develop an appreciation and awareness of the importance of cybersecurity. One of the focus areas of this year’s campaign is phishing. And with good reason. Consider the following statistics:

  • The Federal Bureau of Investigation (FBI) reported over 240,000 instances of phishing in 2020 – a 110% increase from 2019
  • There were 11 times as many phishing complaints in 2020 as compared with 2016
  • Globally, 75% of organizations experienced a phishing attack last year
  • 96% of phishing attacks were perpetrated via email

While cybercrime has been rising steadily for years, COVID-19 provided a host of opportunities for cybercriminals who were quick to exploit the global pandemic for their nefarious means, most notably through COVID-related fraud around the Coronavirus Aid, Relief, and Economic Security (CARES) Act.

What is phishing?

Computerworld describes the origins of phishing as follows:

“The word phishing was coined in 1996 by hackers stealing America Online accounts and passwords. By analogy with the sport of angling, these internet scammers were using email lures, setting out hooks to ‘fish’ for passwords and financial data from the ‘sea’ of internet users. They knew that, although most users wouldn’t take the bait, a few likely would.”

With a phishing attack, the perpetrator sends unlawful emails, asking for personal information or credentials (perhaps a pin number). Oftentimes, these emails are disguised and appear to be sent from a company or service that the recipient uses and may redirect the individual to a phony website in the hope that users will bite and provide the information they ask for, such as credit card numbers, account numbers, passwords, usernames, and other valuable information. This information can be used to access important accounts, resulting in identity theft and financial loss.

Phishing is a form of social engineering, which is the art of manipulating people in order to gain access to buildings, systems, or data through the cloud. While email is the most common medium for phishing attacks, text messages, direct messaging, social media, and video games are also used in order to get people to respond with their personal information. Phishing attacks have one characteristic in common: They are designed to trigger emotions such as curiosity, compassion, fear, and greed.

How can you spot a phishing attack?

Phishing emails are one of the most common online threats, and it is important to know the telltale signs and know what to do if you see them. Here are a few rules of thumb in helping to identify phishing attacks:

  • A legit organization will never send you an email asking for passwords, credit card information, credit numbers, or tax numbers, and also will not send the link you need to log in – if the company you are dealing with needs information about your account, the email should refer to you by name and instruct you to contact them by phone
  • Check email addresses carefully – cybercriminals often use an email address that resembles one of a reputable company, but has been modified to omit a few characters
  • A general greeting such as “Dear Customer” or “Sir” and missing contact information or a signature block are strong indicators of a phishing email
  • Be alert when you receive a suspicious, urgent, or threatening email from a company

The Cybersecurity & Infrastructure Security Agency (CISA) has provided a number of resources in support of Cybersecurity Awareness month, and has also shared these general cybersecurity tips:

  • Use multifactor authentication on all accounts and devices
  • Be password-savvy, get creative and avoid using use the same password for multiple accounts
  • Protect all devices with anti-virus software
  • Limit the information you post on social media
  • Before connecting to public wireless hotspots, confirm with staff that the network is legitimate

Examples of phishing attacks

While there are some definite telltale signs of phishing attacks, as identified above, they can also be incredibly well done. Cybercriminals have come a long way from the Nigerian prince days of yore. And since seeing is believing, we have included a few examples below.

This email, purporting to be from Netflix, is one that has been making the rounds. Recipients are encouraged to update their account by providing their credit card information.

The Internal Revenue Service (IRS) will never send an email asking for your banking information, like in this fraudulent email example.

Even Chick-fil-A isn’t safe from cybercriminals.

Keeping yourself and your organization cybersafe

The theme for Cybersecurity Awareness Month is Do Your Part. #BeCybersmart. Sound advice. And one of the best ways to be cybersmart is by working with the right managed services provider (MSP) partner, one that is up to speed on the latest and greatest in the constantly evolving field of cybersecurity and cloud computing, and one that is committed to keeping you and your organization secure. VersaTrust is that right MSP partner. By taking the time to get to know your business and your organizational requirements, VersaTrust is able to customize IT solutions that are in line with your strategic goals and constraints, and all within your budget. Reach out today and #BeCybersmart.