logo

Award-Winning Dallas-Fort Worth IT Services.

Questions? Call (817) 859-7140

You are here: Learning Center / Blog / News and Tips

VersaTrust Blog

VersaTrust has been serving the Texas area since 1997 , providing IT Support such as technical helpdesk support, computer support and consulting to small and medium-sized businesses.

What To Do When Your Outsourced IT Provider Isn’t Pulling Their Weight

Businesses rely heavily on outsourced IT. A lack of responsive and reliable IT support can bring operations to a halt, cause significant and costly downtime, cost an organization its customers, and a whole host of additional disastrous consequences. You owe it to your business, and to its bottom line, to ensure you have the best IT support partner in place.

Should someone else manage your tech?

10 Benefits of Outsourced IT Services

What Are Some Indicators That Your Outsourced IT Support Is Not Performing?

If you’re reading this, chances are you probably know there is trouble in paradise between you and your IT provider. As frustrating as it may be, you’ve likely already come to the conclusion that moving from constant troubleshooting with your IT company to finding a new one is the way to go for your organization. If you are still on the fence, however, here are some clear indicators that it is time for your organization to move on and find a better outsourced IT provider.

It takes them too long to respond

When technology goes down, minutes matter. Is your IT company adhering to the turnaround times as outlined in your service level agreement? When there is a major issue, how quickly does your outsourced IT provider respond?

And how about the day-to-day inquiries – what is the average response time on those less urgent, but still important, requests? Is it routinely taking more than one day to get a response? If so, this is a red flag.

Your IT provider should be quick to acknowledge all requests, take the opportunity to seek further clarification where needed, and advise on anticipated time until a resolution will be reached.

Your cybersecurity is bare bones

Cybersecurity is not an afterthought; it is absolutely critical to protecting your organization, its people, and its customers. Questions to consider when determining whether the cybersecurity support being provided by your outsourced IT provider is up to par include:

  • Are they using basic anti-virus solutions or multilayered solutions?
  • What firewall protection measures do they have in place?
  • How are they able to detect unusual activity?
  • What is the escalation process in the event of such activity?
  • Have they recommended multifactor authentication?
  • What security are they using for their own company?
  • What kind of employee training are they recommending?

They are not keeping pace with your business growth

This is not an uncommon problem. Sometimes a growing enterprise has a supplier that, while they may have been a great fit at an earlier stage, just isn’t equipped to deal with heightened growth-driven requirements.

Business growth will be stymied if you don’t have the right suppliers with the right expertise and bandwidth to deliver at your current level. Not to mention, they should be equipped to give proper strategic business recommendations that align with this growth.

Their support is reactive, not proactive

Technology, when used right, can streamline, facilitate heightened collaboration, increase profitability through automation and provide rich data-driven insights.

Your IT company should be proactively looking for tech solutions to your business problems. If they are simply troubleshooting problems, they’re doing your organization a disservice.

A reputable provider of managed IT in Fort Worth will take the time to truly understand your business, then explain why they recommend different IT services and give you a range of options without pressure or manipulation. For your organization to truly realize the high-impact value of an MSP, they need to be more than just a repair service.

This is what proactive managed IT looks like.

The Solution to Subpar Outsourced IT Support

It is a bit of a process to switch outsourced IT support providers, but it is well worth the effort. There is the existing contractual obligation to address. There is also the matter of selecting a new outsourced IT support provider – one that will not bring the same deficiencies to the table.

We provide better outsourced IT to Fort Worth

Look for a company that is passionate about technology and their customers

You deserve best-in-class support services from a company that specializes in cybersecurity. A company that has been the leading IT outsourced provider in Fort Worth for 25 years. Contact us today to get started.

Questions To Consider When Selecting an Outsourced IT Partner

Outsourced IT, also known as managed IT services, has become the go-to business practice for a number of businesses of all shapes and sizes. And with good reason. Working with a managed IT services firm has several compelling benefits:

  • Over half of businesses use a third-party support team
  • Of these, almost 80% feel positive about their third-party partners
  • The leading reason (for 70% of survey respondents) for outsourced IT is cost savings
  • Almost one quarter of small businesses outsource to increase efficiency in their business
  • IT outsourcing spending is expected to exceed $1.3 trillion by the end of next year

While the business case for working with an outsourced IT partner is airtight, not all outsourced IT partners are created equal, and it can be challenging to know if your organization is partnering with the right one. Here we share 5 questions to keep top of mind as you embark on your outsourced IT journey.

What is outsourced IT?

IT outsourcing is the practice of outsourcing some or all of your business technology to an external third-party expert, commonly referred to as a managed services provider (MSP), IT service provider, or IT consultant. Companies use IT outsourcing to reduce labor and business costs, fill service gaps, improve operational efficiencies, and to allow them to focus on the core aspects of their company. When used correctly, outsourcing is an effective cost-cutting strategy and can even give a company a competitive advantage.

5 Questions you should ask an outsourced IT provider

1. Can you choose what is included in your managed IT services agreement?

A: It depends on the provider. The standard managed services package should include things like help desk, basic maintenance, system updates, 24/7 monitoring, and remote IT support, but a wide range of additional services can be added as needed.

2. What additional support services should we outsource to an IT partner?

A: One of the primary reasons why companies move to an outsourced managed IT model is the need for more technical and cybersecurity expertise. With more need for cloud-based services and business communications systems like voice over IP (VoIP), it’s important to consider a company that has expertise in these areas as well.

3. What are some of the cybersecurity educational credentials that an MSP should have in order to ensure they are best qualified and up to speed?

A: Vulnerabilities and cyberthreats evolve quickly. It’s critical to have an IT provider with staff that has the right credentials. The Certified Information Systems Security Professional (CISSP) designation is widely considered as the gold standard of designations in the cybersecurity world. Other leading credentials include the Certified Information Security Manager (CISM) designation, Certified Information Systems Auditor (CISA), and CompTIA Security +. If your provider claims to provide cybersecurity services, you should expect they have employees with these credentials on staff.

4. What are some of the cloud solution factors to consider when working with an outsourced IT company?

A: There is no one-size-fits-all cloud solution. IT providers who make the assertion that there is likely do not have the cloud expertise to provide adequate service. Instead, an IT provider with cloud expertise will ask you about:

· Applications you use

· Bandwidth requirements

· Accessibility and security

· Business continuity and disaster recovery needs

5. What if my organization is unhappy with their current outsourced IT provider?

A: This happens. Sometimes there is a misalignment in expectations or the customer service level isn’t on par with what you need. Or perhaps you simply feel they don’t understand your business and are not the right MSP to support your longer-term organizational growth plans. If it’s time for a new outsourced IT provider, book a no-obligation review of your business systems.

Above all, your IT company should be a business partner in helping your organization achieve its goals. VersaTrust has been serving Texas-based businesses for over 25 years as a true IT partner. Contact us to learn more about the true value that the right outsourced IT partner can bring to your organization.

Tightening Security with Microsoft Azure

Combatting Cybercrime with Multi-Factor Authentication in Microsoft Azure

Originally Published December 2017

Back in 2020, working from home emerged as a necessity in response to a pandemic. Now, businesses have realized the convenience and appeal it offers, and an increasing number of companies have incorporated remote or hybrid work into their overall business strategies.

In addition to the rise in remote work, we have also seen a number of high-profile business breaches over the past year that have highlighted the importance of cybersecurity. The SolarWinds breach and the Colonial Pipeline attack both clearly demonstrate that businesses of all sizes can be hit by these criminals, and everyone needs to be ready. Businesses have begun to realize that criminals care less about the size of your organization or your industry. They only care about whether or not they see you as a likely target.

With employees working from their own offices and breaches disrupting businesses of all sizes, cybersecurity has to take center stage in a new way. Keeping your network safe, while also ensuring your employees have access, requires a careful balance. Multifactor authentication can provide you with an excellent tool to get started. Let’s explore the value that this single authentication strategy can offer.

Breaking Down the Basics: What Is Two-Step Verification?

Two-step verification serves as a critical second layer of security that demands an additional method of authentication to allow user sign-ins and transactions. It works by requiring two forms of account authentication to prevent unauthorized access or account hacks.

Two-factor authentication involves any two or more of the following verification methods:

  • Something a user creates and knows (typically a password)
  • Something only the user has possession of (a trusted device that is not easily duplicated, like a smartphone or tablet)
  • Something entirely unique to the user’s actual being (biometrics like fingerprint logins)

As people work from home and engage with their organizations remotely, they access company networks across a variety of platforms and devices. Between smartphones, tablets, laptops, and PCs, business users have multiple ways to access accounts and applications from anywhere. Two-step verification allows business users to implement an extra layer of protection in this growing digital atmosphere. Furthermore, as leaders in business technology optimization, Microsoft has wasted no time in implementing their own two-factor authentication method for Azure.

Secure Azure: Benefits of Multifactor Authentication in Microsoft Azure

Azure multifactor authentication (MFA) is an easy-to-use, scalable, and reliable two-factor authentication solution that provides increased protection of user accounts. Azure MFA helps professionals control and protect access to data and applications, without creating a ridiculously complicated and irritating sign-in process for users. Azure MFA allows users to implement a reliable authentication system, through a variety of mediums.

Let’s break down the key benefits of implementing Azure MFA:

Easy To Use

First and foremost, Azure MFA is incredibly simple to implement and even easier to use. The extra protection that comes with Azure MFA allows users to manage their own devices, from anywhere, which alleviates the security burden for management and IT admin staff.

Scalable

Azure MFA harnesses the power of the cloud and integrates seamlessly with on-premise applications. This means Azure’s authentication feature can handle high-volume, mission-critical situations and is equipped to support business growth.

Consistent Protection

Azure MFA is designed specifically to ensure consistent and user-friendly authentication processes for business users. Azure MFA provides this consistent protection by deploying the highest industry standards and best practices.

Reliable

Because business never sleeps, Microsoft guarantees 99.9% availability of Azure MFA. The service is only unavailable when it is unable to receive or process verification requests for authentication.

How It Works: Functionality Considerations for Azure Multifactor Authentication

Azure MFA is so secure, thanks to its layered approach to protection. Hackers looking to gain unauthorized access to an account will have a much harder time compromising multiple checkpoints, as opposed to basic, password-only options. By implementing Azure MFA, even if a cybercriminal were to crack a user’s password, the information would be useless without possessing a trusted device or completing the next authentication step.

This means that, even if an employee’s home internet is breached or if your assistant forgets their laptop in their hotel room, you have an additional level of security protecting your information.

Azure multifactor authentication helps lock down access to data and applications, while meeting user demand for a simple sign-in process. It provides additional security by requiring a second form of authentication via a wide range of easy and customizable verification options.

The following is a list of methods that can be used for second-step verification:

Phone call

Here, a call is automatically placed to a user’s registered phone. To authenticate access, users enter a PIN, if necessary, followed by the # key.

Text message

If preferred, users can receive a text message on their mobile phones. The message will provide a six-digit code, and users then enter this code on the sign-in page to authenticate.

Mobile app notification

Users can also set up verification through the Azure mobile app. A verification request will be forwarded to a user’s smartphone, and the user is then able to enter a PIN, if necessary, followed by selecting Verify on the mobile app to authenticate.

Mobile app verification code

Similar to the previous option, the Azure mobile app also has a verification code feature that users can take advantage of. The app, running on user smartphones, has a tool that generates verification codes that change every 30 seconds. Users select the most recent code and enter it on the sign-in page to authenticate.

Third-party OATH tokens

Finally, if – for whatever reason – the above options aren’t preferred, the Azure multifactor authentication server can be configured to accept third-party verification strategies as well.

IMPORTANT NOTE: Azure multifactor authentication provides varying verification methods for both the cloud and server platforms. Business owners can choose which methods are available for users. For full details, check out info on selectable verification methods.

Strategies for Implementation: Getting Started With Azure Multifactor Authentication

Now that we have the lay of the land, let’s take a look at the steps necessary for implementing Azure MFA for business users. Implementing the solution isn’t difficult at all and, if business owners follow this step-by-step guide, they’ll have a second layer of security deployed in no time.

PREREQUISITE

Before anything else, businesses must be signed up for an Azure subscription.

In order to take advantage of Azure MFA, businesses that do not already have an Azure subscription will need to sign up for one. If you are just starting out and want to take a test drive, there is a trial subscription option.

Enable Azure Multifactor Authentication

This part is generally easy and automatic. As long as business users have licenses that include Azure MFA, there’s nothing that you need to do to manually activate the feature. You can start requiring two-step verification on an individual user basis under the following Azure licenses:

However, if you don’t have one of these 3 licenses, or you don’t have enough licenses to cover all business users, you’re not out of luck. You’ll just have to complete an extra step and create an MFA provider in your Azure directory. For full instructions, check out this guide.

Turn on two-step verification for users

Next, business owners need to turn on the two-step verification feature so that it’s required of all users. You have the option to enforce two-step verification for all sign-ins or create conditional access policies to require two-step verification only in certain situations. This can be valuable for businesses that want to add an extra layer of security for people working from home offices or other remote locations. You can require additional authentication steps for those accessing data outside of your office network. There are a variety of ways to set up your preferred method – you can find a collection of step-by-step procedures here.

Configuration

Finally, once Azure MFA is set up, business owners can configure and optimize deployment. The configuration allows for a variety of customizing strategies, like fraud alerts, bypass permissions, trusted device logs, and more. For full details on strategies for configuration, check out this how-to configuration guide.

The business environment continues to change at a rapid pace, particularly with the widespread adoption of hybrid and fully remote work options. As businesses look to combine the convenience of allowing employees to work remotely with the necessary security, they need strategies that will protect their data and information. This means it’s now more important than ever for business owners to get strategic with IT security.

Azure’s MFA two-factor verification solution offers business owners an easy way to combat cybercrime, empower users and protect company data. Employees have an extra level of protection on their devices and for their different platforms, whether they log in from an office building or from a location a thousand miles away. Azure MFA operates as an additional line of defense for business users, making it harder than ever for cybercriminals to hack into password-protected accounts.

Is your company making use of Azure MFA or another solution for two-step verification? If not, what are you waiting for? Whether or not you have implemented remote work options, cybercriminals have made it clear that they continue to look for new ways to breach business networks. Implementing two-factor authentication is one of the easiest ways to up your cybersecurity game. If you have questions about implementation, reach out to a local IT firm for professional consultation. You have nothing to lose and everything to gain.

Watch Out! Windows 7 Loses Support in January

If you use Windows 7, you need to be aware that Microsoft will end support for your operating system in January 2020. Now is the time to upgrade to Windows 10.

Windows 7 is an operating system that still has plenty of serious fans – in fact, it was only earlier last year that the market share for Windows 10 moved past Windows 7. Considering that Windows 10 was released in 2015, that is saying something. All good things must come to an end, though, and Windows 7 is no exception. Microsoft is ending support for Windows 7 in January of 2020, which means that it will become much more difficult to keep the OS up and running moving forward. And a recent announcement from Microsoft has let Windows 7 users know that they are going to be seeing bigger, full-screen pop-ups to warn them of the upcoming end of life of the operating system.

Microsoft is Magnifying it’s Warnings about End of Windows 7 Support

All through 2019, Microsoft has been telling Windows 7 users that the support for their operating system was going to end in 2020. Of course, if you are using Windows 7, you may have missed the warnings or just decided to think about them later – after all, a year is a long time. But the end is really around the corner now.

The official end of support for Windows 7 is January 14, 2020. The day after, on the 15th, you will no longer be able to get support from Microsoft if something goes wrong with your operating system. That is why the prompts telling you that Windows 7 support is going to end are getting a lot bigger and more obnoxious. Microsoft is going to push full-screen pop-ups telling you that “your Windows 7 PC is out of support”.

You don’t have to keep looking at the notifications if you don’t want to. You can ask Windows to remind you later or to never remind you again. You can also choose to ‘learn more’, which will take you to an information page about what loss of support means and give you the option to upgrade to Windows 10.

What Does “Loss of Support” Mean?

There are several things that will happen when support ends for your Windows 7 operating system, including:

  • Loss of tech support. Right now, if something goes wrong with your Windows 7, you can contact Microsoft and get somebody to help you with the problem. They can run you through troubleshooting steps and try to get things going again. But when support ends, you won’t have the option of contacting Microsoft about it. They will tell you that they no longer support your operating system.
  • No more software updates. Microsoft is always working to improve their operating systems – at least the ones they currently support. But once they stop support, they stop putting resources into improving an OS. That means there will be no more updates to make Windows 7 secure and stable.
  • Loss of security. There are always people out there looking to compromise Windows operating systems, even ones as old as Windows 7. When you lose support for your OS, it means that Microsoft will no longer be trying to identify threats and upgrade your OS to defend against those threats.
  • Loss of compatibility. This is the biggest problem for most people with unsupported operating systems. You may be ok with being less secure and not getting the latest and greatest improvements, but you are unlikely to be happy when your favorite software stops working with your version of Windows. Over time, the thing you can use your computer for will become fewer and fewer as software moves beyond your OS.

Fortunately, getting support for your OS is easy enough – you just have to upgrade to Windows 10.

3 Tips Will Help Save Your Computer from Ransomware

Quick Tips to Save Your Computer from Ransomware.

Are you struggling to remove vicious ransomware from your computer? These quick tips will help you (safely!) access information on your computer and get back online in no time.  

You’ve heard about ransomware attacks, but never thought it could happen to you. That’s the beginning of the story that IT professionals around the world are hearing from users — business users, individuals, schools — there are no “safe spaces” when it comes to the ability of cybercriminals to wreak havoc on your technology. There’s always the option of paying the ransom, but this path is fraught with dangers. If the attacker doesn’t issue you the unlock code for your files, there’s no Better Business Bureau to report them, you lose the money you paid and will still need to work with professionals for ransomware removal. Understanding the three key variants of ransomware is the first step to potentially rescue your computer.

Three Main Variants of Ransomware

Ransomware is often classified into three main types:

  • Scareware, when a bogus antivirus screen pops up on your computer, letting you know that there are “many issues” and demanding money to remove the detrimental files. This is the easiest variant to resolve.
  • Lock-screen viruses are a more advanced attack and can be quite frightening. With this type of ransomware, you might be presented with an official-looking screen that you cannot navigate away from with details on sending money securely to remove the lock.
  • Advanced ransomware physically encrypts your files as well as locking access to them. It can be significantly more challenging to remove this type of ransomware without paying the fine. One example is Ryuk, where data recovery by professionals has only been successful approximately 3% of the time.

PC Rescue and Recovery Tips

While the other sure path to success is to work with a local technical professional to get everything up and running securely, you may be able to run through these tips and release your PC from the hostage situation.

  1. Enter Windows’ Safe Mode and utilize on-demand anti-malware scanning software such as Malwarebytes.
  2. If your anti-malware software isn’t successful, your next option is to attempt to restore to a point in time when your computer was safe and free from infection. You can complete this task by shutting down your PC completely. For Windows 7: Restart your computer, pressing the F8 key repeatedly and then selecting “Repair Your Computer”, log on and select System Restore. For Windows 8, 8.1 or 10: Hold down the Shift key, select Restart which will reboot your computer to the recovery screen. From there, you will select “Troubleshoot” “Advanced Options” “System Restore”.
  3. If your system restore attempt is unsuccessful, your next option is to attempt running anti-malware software from a USB drive or bootable disk. The following trusted vendors have solutions available: BitdefenderAvastKaspersky, Norton and Sophos.

The final step in the recovery process often involves finding your lost files and attempting to restore any additional systems settings that were lost during the process.

Ransomware recovery is a pain at best and very expensive at worst. A strong defense is your best option and installing a strong anti-malware and antivirus software package will help repel the vast majority of attacks before they can take hold. However, the only sure-fire method of ensuring you don’t lose anything in a ransomware attack is to create full and complete external backups. With ransomware attacks surging 77% in 2019, there’s always the possibility that you will never retrieve your priceless memories and private files without a solid backup plan in place.

How VersaTrust Partners with Cities to Prevent Cyberattacks

Across the country more than 140 municipalities, police departments and hospitals have fallen victim to ransomware attacks so far this year. Texas, where 22 public institutions have been infected by malware and held hostage, has been far from immune.

In this case study review, we share how the Defense in Depth network security solution we installed helped the City of Richland Hills avoid two potentially debilitating cyberattacks.

Background

The City of Richland Hills is a municipality of 8,000 residents located in Tarrant County, Texas. The city employs 110 full- and part-time employees. The Richland Hills Police Department is required to comply with stringent information technology regulations from the Criminal Justice Information Systems (CJIS), the Texas Department of Public Safety and the FBI.

VersaTrust’s relationship with Richland Hills began in 2014 when we entered an open bidding process to provide managed IT services. Since then, we’ve managed their IT infrastructure and helped them maintain CJIS compliance.

Issue

Several years into our relationship with Richland Hills, the city manager decided to take a proactive, preventative approach to IT security. He asked VersaTrust to participate in another competitive bidding process — to provide security services.

While the competition offered one-size-fits-all packages, no matter the cost point, VersaTrust designed a package that provides layered security to the city’s network and fits their budget. The city approved our solution and we became their managed security service provider.

Solution

The security solution we designed for Richland Hills is a Defense in Depth approach that borrows from advanced Department of Defense (DoD) methodology and tactics. In Defense in Depth, we create an infrastructure that deploys multiple barriers, rather than a single perimeter, to prevent, detect, quarantine and eliminate cyberthreats.

Defense in Depth

Traditional antivirus programs and firewalls are insufficient on their own to protect against modern, dynamic hacking tactics. Most hacks originate through some form of phishing attack in which an employee opens the door to an attacker by clicking a link or opening an attachment.

While there’s no substitute for employee training on cybersecurity best practices, Defense in Depth involves monitoring the network and individual workstations to detect the kind of abnormal behavior that signals a breach.

The City of Richland Hills suffered two breaches – each the result of employees falling victim to phishing attacks. In both cases, Defense in Depth performed optimally and prevented catastrophe.

Breach #1: Ransomware introduced through a link

Issue: Richland Hills’s first hack occurred when an employee clicked an email link from an unknown sender. The link downloaded ransomware, infected the workstation and attempted to spread across the network.

Response: The hack bypassed the robust antivirus tools and firewalls that we installed because the employee actively, if accidentally, introduced the infections. Our Defense in Depth response took over.

Our Security Operations Center (SOC), which monitors our clients’ systems 24×7, detected unusual activity on the network within moments. In real time we identified the ransomware’s origin and shut down the culprit system.

Breach #2: Password stealer infection from a fake PDF

Issue: The second breach took the form of an Emotet, a password stealer that jumps from one workstation to another. It was packaged and disguised as a fake invoice attached as a PDF to an email. The city official opened the attachment, even though he did not recognize the sender, and the Emotet began deciphering passwords.

Response: Once again, our SOC detected unusual activity before Richland Hills employees felt the symptoms of the attack. We quarantined the password stealer and froze the compromised accounts. Meanwhile, the city’s other employees continued working unaffected while we repaired the damage.

Results

The Richland Hills city manager appreciates our Defense in Depth solution first and foremost because it keeps their computers free of adware and malware, which improves performance and lengthens the intervals between hardware upgrades and new computer purchases.

Having suffered two of the most common breaches that can hamstring an organization, Richland Hills has first-hand experience to prove that Defense in Depth identifies and immediately responds to a hack before negative consequences are felt. Moreover, in the aftermath of these breaches, Richland Hills engaged VersaTrust to provide employee training across the city’s workforce, which has now become mandatory for municipalities in Texas.

Whatever your industry and unique set of circumstances, a multilayered approach is essential to securing your business in today’s complex cyberthreat environment. Reach out to us (817-595-0111 or email) for more information today.