Our Most Popular Managed Services

If you need help deciding what services are best for your business let us know.

VT Logo header logo wrap shape

VT Logo header logo wrap shape

Award-Winning Dallas-Fort Worth IT Services.

Questions? Call (817) 595-0111

inner banner overlay

VersaTrust Blog

VersaTrust has been serving the Texas area since 1997 , providing IT Support such as technical helpdesk support, computer support and consulting to small and medium-sized businesses.

How to Achieve Texas-Sized Growth with Network Security

Man crossing problem out seeing opportunity to grow business with network securityIf you’re building a home, you lay the electrical wiring before installing and painting the drywall. Going in reverse order is illogical and would create unnecessary complications. Similarly, when growing your business, you want to have processes in place that prevent extra work and mitigate risk, especially when it comes to IT.

With a blueprint it’s much clearer what you need to do first. As your business grows, you need a plan that lays out the foundations of your growth and addresses new requirements, risks, challenges and opportunities. Without network security and IT built in, your growth fizzles out like a dust devil.

I offer up two client cases as examples. Each illustrates the challenges and opportunities they faced with growth and underscores why using the 3 pillars of security early in their plans was key to their success.

Improved Security Empowered a Defense Contractor to Seek Bigger Contracts

We started working with a defense contractor in 2014, ensuring the company was compliant with the government’s rigorous data security requirements. As a direct result of our work together, the company had the confidence to bid on and win big contracts that were once out of their league, fueling their growth. In the past year, the contractor has grown from 35 to 50 employees, is opening a second location and further growth is projected.

Failure to meet ever-evolving regulatory requirements would quickly result in a suspension of their Authorization to Operate (ATO), which means forfeiting their existing contracts and exclusion from bidding on future ones.

To ensure the contractor maintains compliance, we:
  1. Conducted a point-by-point evaluation of the government’s data security requirements
  2. Met with our client to explain the implications, costs and risks
  3. Developed appropriate solutions while our client remained focused on fulfilling the contract and growing the organization
Our strategic role as their managed security provider has empowered the company to bid on ambitious contracts without worrying about how they will scale up their IT and network security.

Doubling in Size Increased this Insurance Company’s Exposure Risk

Since 2006 we have supported the continual growth of a home insurer. In 2016 they reached a milestone of 50 employees, and since then they have doubled in size.

Due to the rapid growth, they quickly realized their success required them to re-evaluate their network security and they worked with VersaTrust to do it. Specific concerns included:
  1. Greater exposure to cyberattacks as a result of increased size and visibility
  2. More scrutiny from the Texas Department of Insurance, provoked by their larger portfolio
  3. IT disruption posing increased threats to their brand and reputation
Likewise, as they surveyed the regulatory landscape, they recognized that government guidelines would evolve into compliance requirements over the next 24 months.

We recommended managed security services. This helped them quickly double down on their risks with the confidence that, not only did they have tighter security, but they had access to ongoing strategic advice based entirely on our objective evaluation of their costs, risks and benefits. That’s why, when we determined that the on-premises location of their servers was their highest risk factor, the conversation was immediately a trust-based discussion about budgeting, timelines and logistics to move them to a more secure solution.

An Easy Way to Include Security in Your Growth? An Assessment

Remember, it’s ideal to wire a home before you install the drywall. Your home needs electricity, and if it doesn’t have wiring, the sooner you address it, the better. The same goes with whatever network security needs you have for your growth. Sooner is better than later; later is better than never.

Understanding how your network security and IT can impact your company’s growth starts with a comprehensive assessment from a trusted IT partner – one who brings knowledge of the advantages you can gain through IT security and how to leverage those as part of your growth strategy.

VersaTrust has the expertise of an on-staff Certified Information Systems Security Professional  (CISSP) and the depth and experience to identify your vulnerabilities and devise cost-effective solutions to secure your company’s future and growth.

How is your IT security going to foster or hinder your growth? Find out with an assessment from the experts. Contact us at (817) 595-0111 or online today to get started on your security assessment.
Continue reading

Buckle Up: How to Securely Drive Business Growth

Buckle up your business for network securityNetwork security is a lot like airbags and seat belts. They used to be optional but nowadays you probably wouldn’t drive a car without them. So, if a seat belt is an essential everyday safety measure, what about when you’re in a hurry and distracted?

The same is true of network security and your business. It’s important for doing business as usual but it’s vital when you’re growing and expanding. That’s because growth creates the kind of disruptions that are like a flashing neon sign to opportunistic hackers.

The Risks Grow as Your Business Grows

As you grow your sales, increase production and deliver more services, you need more employees and technology to enable the expansion. This means more computers, tablets and smartphones; new user accounts; faster servers; larger data storage and maybe even additional office locations or remote work opportunities.

Unfortunately, each additional device, application and user – each new node in your network – increases your vulnerability to viruses, ransomware and phishing attacks. But it’s your people who are actually your greatest security vulnerability.
Even if you can afford all the top-shelf security solutions, not incorporating security into your business plan will leave you incredibly vulnerable to the preventable threats most likely to get you:
  • An employee who clicks an insecure email link
  • A vendor who was gets hacked and infects your system
  • A consultant who logs in without encryption or has unneeded administrative permissions
These are common situations and can easily result in an IT disruption such as network downtime or the theft and ransom of your valuable, confidential data. In both cases, the cost to your business includes lost sales and revenue, major delays, IT expenses and lasting damage to your reputation.

How to Plan for Growth and Security

As a business owner, you try to plan for changes in market conditions, the actions of your competitors and other possible factors that might impact your growth plans. Often, those “possible factors” don’t include security threats. If they do, most businesses only insert a budget line and some generic text about the threats.

Incorporating security throughout your business and growth plans is the key to avoiding these nightmare scenarios. One practical, specific way to incorporate security is to address the 3 tenets of network security – confidentiality, integrity and availability.

For example, your sales team certainly needs read & write access to your Customer Relationship Management (CRM) platform but maybe your marketing vendor can do with read only access.

Or, shifting responsibilities among team members may require revising user authorizations so each individual has the appropriate level of access. Likewise, whenever individuals leave your employment, access to company accounts and shared digital spaces like Google Hangouts, OneDrive and Slack must be frozen immediately.

These are just a few of the many daily changes that increase risk and create new vulnerabilities for a business experiencing growth. Each must be continually monitored to vet for risks and take the appropriate security measures.

Use a Risk Assessment to Create a Security Plan

You can’t buckle your seat belt or install an airbag after you have a crash, and you can’t secure your network after an attack. Instead, the best and only practice you should follow is to incorporate security in your business plan and then budget accordingly.

Start with a security assessment. It’s a critical first step that identifies your needs and vulnerabilities and ensures a secure operating environment. Security is vital for your business, and the assessment should be conducted by a qualified, experienced expert.

Don’t Trust Just Any IT Provider With Your Network Security

Look for Certified Information Systems Security Professional (CISSP). VersaTrust has a CISSP on staff, who went through extensive training and testing to prove an in-depth understanding of cybersecurity strategy and an ability to design and implement solutions that improve the security posture of an organization.

Reach out to us with a call (817) 595-0111 or email to get started with your assessment today.
Continue reading

Build Your Business Plan on These 3 Pillars of Network Security

triangle showing 3 pillars of network securityIn the early days of information technology, network security was a fancy way of saying that you had installed antivirus software on your PC. Today the threats are more sophisticated, encompassing ransomware, identity theft and phishing attacks. Your network security must evolve in scope and sophistication just to continue doing business as usual.

There’s a lot that goes into developing robust, multilayered security to safeguard your data and IT infrastructure, but it can be broken down into 3 principal pillars: Confidentiality, Integrity and Availability, otherwise known as the CIA triad.

3 Pillars of Network Security

A security solution that covers the 3 pillars ensures your business is protected against an attack and will be resilient in responding to and recovering from one.

1.      Confidentiality

A security solution that provides confidentiality ensures that access to data can be enabled or restricted for specific users based on their need to know.

For a medical practice this is a well-known HIPAA requirement. Staff who don’t need access to a patient’s files shouldn’t have it.

2.      Integrity

Data integrity refers to security controls that ensure data or system configurations are not modified in an unauthorized way.

For example, an account spreadsheet must be protected from unauthorized changes to ensure you can rely on the accuracy of the data.

3.      Availability

Availability describes how data and applications remain accessible to users and processes through secure, authorized devices during production hours.

How to ensure data availability:
  • Establish security controls for systems to protect against malicious attacks that affect uptime
  • Build redundancy into server and network configurations
  • Implement robust disaster recovery and business continuity planning
Knowing these 3 pillars is key. All 3 components must be considered alongside all the other elements in your business plan.

Tying Security Into Your Business Plan

Any technology or process put into place as a result of the business plan has to be measured against whether or not those components are secure. That’s why it’s more difficult to tack on security after the fact than it is to integrate it into your business planning process.

Let’s say, for example, your business plan calls for outsourcing payroll functions to a third party. Your plan should address essential security issues like:
  • Which data and files should the vendor be allowed to access? (Confidentiality)
  • What information are they permitted to alter? (Integrity)
  • How and from where will they access your system and payroll information? (Availability)
Or, if your business is expanding and you need to add new servers, they will need to be regularly updated and properly configured. This ensures any security flaws are patched and that all workers – office or remote – can access the information they need to do their job.

Without a plan that addresses availability you run the risk of not knowing how long your systems will be down when IT disruptions occur.

When an IT Disruption Occurs

We have all experienced the helplessness of being unable to access email, the customer relationship management (CRM) database files on the server and other essential business apps.

Preventive measures are essential, but you also need to be prepared for the possibility that something – a phishing email, a tornado, a hail storm, a neighbor setting the sprinkler system off – could leave you without access to your systems. To prepare for this reality, consider these two important factors:

Maximum Tolerable Downtime (MTD)

MTD defines how long your business can remain shut down – without access to email, databases and essential apps – before it causes irreparable or unacceptable losses. This can be determined by thinking about disruption to sales and/or damage to your reputation or any other factors that might be impacted by downtime, like an employee revolt.

Your MTD might be a few hours or a few days. It will determine the level of investment and preparation you need to avoid downtime and recover from an IT disruption.

Recovery Time Objective (RTO)

RTO is your target time for restoring access to your data and apps. It is always going to be less than your MTD – your cliff’s edge. Your RTO should be realistic for the level of investment, preparation and testing built into your business plan. A security-focused managed services provider like VersaTrust can help you determine this.

Start Your Business Planning with a Security Assessment

Network security is intertwined with every aspect of your business, and there are many factors you need to consider as you evaluate your business plan. A security assessment helps organize the process and provides actionable insights that safeguard your business.

When we conduct security assessments, our in-house Certified Information Systems security professionals identify vulnerabilities and design customized solutions. After the initial evaluation we help you to:
  • Incorporate the 3 pillars, MTD, RTO and proper budgeting in your business plan
  • Implement and configure your applications for usability and security
  • Monitor your network and perform routine upgrades
  • Recover your network quickly in case of a disruption
Not all managed IT providers have the expertise to provide a thorough security assessment and align it to your business goals. We do. Contact us at (817) 595-0111 or email us to schedule an assessment.
Continue reading

Predicting cyber-threats in 2017

As 2017 rolls in, the threat of more formidable cyber attacks looms large. Hackers and the cyber police will spend a lot of time outsmarting each other, while consumers of technology, individuals and businesses alike, anticipate the best security plan that can guarantee they sleep soundly at night. When it comes to defending against cyber-attacks, forewarned is forearmed. Here are some of the threats we predict in the coming year.

Increased threats on cloud technology

Cloud service has numerous benefits to businesses. They make data storage, collaboration, and processing more efficient; they enable employees to work faster; and they help operations flow smoother. Cloud technology’s popularity is expected to rise well into the next few years, but as demand increases, so does the dangers presented by cyber attackers.

Ransomware will be more complex

Ransomware incapacitates computer systems by locking down files and preventing access for ransom. In its 2016 Threat Predictions report, security software company McAfee predicts a peak in ransomware attacks next year. Although they also predict it to recede by mid-year, damages to vulnerable cloud-dependent infrastructures can be great and costly. Most alarming in the prediction, however, is that in the coming year ransomware attacks will be more complex due to new elements.

Ransomworms, which use advanced victimization techniques to mine further data within an already compromised network, are expected to put an even crueler spin to an already formidable malware. Doxing, on the other hand, affects avenues such as social media and any place where sensitive, easily identifiable information can be extracted to serve the ultimate purpose of extorting money. Yet another wicked ransomware to watch out for is Backup Deletion, which destroys the very mechanism that can otherwise help you recover from a compromised system or files: your backup data.

More threats to IoT (Internet of Things)-enabled devices

It is also predicted that 2017 will see attacks made on IoT-powered devices, which will make life harder for those who depend on technology that makes life easier. It targets medical devices and Electronic Medical Records, “connected cars”, basic domestic tools, and tech-driven wearables, such as smartwatches and fitness trackers. The danger posed by this intrusion is fully capable of corrupting information stored in your devices.

Advanced cyber espionage

Cyber espionage is by no means a novelty. In 2017, it’s expected to hold sway in cyber-threat prevention measures as it becomes even more complex. It encompasses all sectors of society, including individuals, private organizations, government institutions, and entire countries. Perpetrators will have the means to bypass networks by attacking firewalls and wreak havoc in their victims’ network. Fret not, for there will be measures in place to detect this threat also in the coming year.

Hackers are one of the most cunning criminals to have ever existed. While the cyber-police and the defenses they put up are no slouches, threats to security systems can still make technology-dependent individuals and businesses quiver. Although damaged networks can be repaired, compromised privacy restored, and stolen data returned, the amount of damage that hackers can cause might be irreparable and/or result in a significant dent in your IT infrastructure and budget. The value of a network security system makes itself known when you least expect it, which is why security should be a top priority.

Are your systems protected from these predicted remarkable feats of hacking? Call us if you want to discuss security services that are best for you.

Published with permission from TechAdvisory.org. Source.

Continue reading