March 2, 2021

How Construction Companies Can Implement a Cybersecurity Strategy

It’s no secret that data breaches are on the rise, regardless of industry or company size. Protecting your business and employees from cybersecurity attacks is a growing concern, especially for small construction companies and contractors. Most construction companies store sensitive project information, including bids, designs and material pricing, on top of their own financial data and employee information, banking records and other confidential information. With all of this information at risk, it’s shocking that on average, 68% of construction companies spend only 1% or less of annual sales on their IT budget, according to JBKnowledge.

Ensuring your company’s data is protected is a daunting task, and requires time, money and resources to stay up on the latest cybersecurity practices. Whether you’re just getting started in the security process, or ready to ramp up your existing strategy, below we cover the necessary pieces to keep your company secure.

Start with the Basics

Starting with the cyber perimeter of your network is a great place to begin the process of securing your company. A few simple steps can make a big difference. Consider implementing:

A Firewall

A properly configured firewall will take you from being an easy target to having a well-protected attack surface. A firewall should be installed by a certified network engineer. You will also want ongoing technical support and an advanced security subscription to keep your firewall up to date against developing threats.

One feature that is specifically beneficial for the real estate and construction industries is the ability to block by country. Consider blocking the countries that you do not do business with and have no reason to allow them to communicate with your organization. For instance, if you are a construction contractor only working on projects in North America why allow any country outside of the United States, Mexico, or Canada to communicate with your network? Blocking this access helps put up an appropriate barrier against cyberattacks in other countries. If you look at where cybersecurity scams and breaches are generated from, the same list of countries show up over and over. Are you blocking those countries or are you allowing them to knock on your virtual door?

A Spam Filter

Over half of all emails sent globally are spam. A spam filter can help protect against phishing emails and malicious links with strategies to take your password and other sensitive information.

There are many reputable spam filters, but not all are created equal. Some require appropriate configuration to make sure the overwhelming majority of malicious emails are blocked. If a spam filter is not configured adequately, malicious emails will make it to inboxes and increase the probability of one being clicked on by an employee and jeopardizing the entire organization. If you have not already, consider adjusting your spam filter to reduce the number of emails making it through.

Reputable Anti-virus

Viruses are getting increasingly more aggressive., but there are anti-virus tools used to fight malicious software including artificial intelligence, automatic updates, self-cleaning mechanisms and real-time scanning. A reputable anti-virus is the most basic protection of all. Please check with your technology provider when assessing whether your current anti-virus strategy is adequate. Anti-virus and anti-malware help protect computers and servers but should be supplemented with other tactics to provide a holistic cybersecurity approach.

Cybersecurity Awareness Training

On average, four out of every 100 employees will click on a malicious link presented to them. A cybersecurity training program can shrink that number and provide best practices on how to recognize threats and what not to click on. Cybersecurity awareness training provides excellent reporting on which employees or groups of employees are causing your organization the most risk. You can evaluate if their cybersecurity awareness improves over time by continued campaigns aimed at changing any bad habits. 

Ramp up Your Security

When you have the basics covered, it’s time to look at more advanced practices to help protect your company’s sensitive data. Consider implementing:

Annual Vulnerability Assessment

This assessment provides critical information about possible vulnerabilities. A simple vulnerability test can identify any areas to improve before implementing a penetration test.

Annual Penetration Test

A third-party organization will attempt to find methods for entering your network and finding valuable data. Annual penetration tests can identify weaknesses to improve upon.

System Information and Event Manager

This service will filter through logs and find particular events for review and potential remediation, such as failed login attempts and malware activity.

Cybersecurity Insurance

Be prepared for an incident with cybersecurity insurance. The cost of a production down situation or breach can be staggering for a business, and cybersecurity insurance can help your business recover from data loss if a breach occurs.

Backup and Disaster Recovery

Backup and disaster recovery can save you from losing valuable data in the event ransomware encrypts your data or if data is destroyed. If you have an incident that encrypts your data or deletes your data, you may be relying on a solid backup platform to get things back online. A disaster recovery plan can shrink the impact caused by a ransomware or data deletion event

Management/CIO Services

With all of the moving parts above, it will require management and coordination. This coordination is not always possible by in-house IT for many reasons. Sometimes providers who run multiple businesses, or even businesses within your peer group may have very valuable strategies to use.

Implementing a cybersecurity strategy takes a significant amount of resources to implement and continuously evaluate the effectiveness as new threats arise. Even a dedicated in-house IT employee will most likely need assistance with such a large specialized task. Anders Technology offers the tools, training and managed IT services necessary to keep your company protected, now and in the future. Contact an Anders advisor below to discuss your specific needs.

All Insights

February 19, 2021

5 Cybersecurity Lessons Businesses Should Learn from the Oldsmar, Florida Water Supply Hack

Disaster almost struck on Friday, February 5, when an unidentified outsider attempted to drastically increase the sodium hydroxide levels in the water supply of the city of Oldsmar, Florida. The impact could have been tragic as they attempted to raise the setting from 100 parts per million to 11,100 parts per million. Normally sodium hydroxide is harmless when used to regulate PH levels in drinking water, but at that high of a level it could have caused severe damage to anyone who consumed it. While this doesn’t sound like a typical data breach that could have been prevented with cybersecurity best practices, there are definitely cyber controls that could have helped avoid the attempt. Below we dig into the cybersecurity vulnerabilities we identified from the situation and our mitigation recommendations your business can learn from.

How could this have happened?

This is an active investigation that’s being analyzed to figure out what happened and identify the outsider. Reports following the incident indicate a significant number of basic cyber mistakes were made that left the city’s water supply vulnerable to anyone with an internet connection. Cyber risk can be substantially reduced by implementing basic technology controls and following good cyber hygiene. However, many businesses struggle to stay on top of cybersecurity, often because of a lack of manpower, lack of funding, or a lack of knowledge and expertise.

Let’s look at five cybersecurity vulnerabilities the water utility had that could possibly made the attempt possible. Applying these lessons to your business will increase your protection from cyber criminals.

Vulnerability #1: Sensitive SCADA equipment was exposed directly to the internet.

Initial reports indicate the outsiders utilized a common remote access software tool named TeamViewer to access the supervisory control and data acquisition (SCADA) control system. TeamViewer enables a user to remotely view a desktop’s screen and control the mouse to move and click. The use of tools like TeamViewer has substantial benefits, such as giving personnel the ability to perform system status checks remotely and responding to alarms or alerts. However, the risk of using remote access tools like TeamViewer can be massive.

Recommended Mitigation

Industrial Control Systems (ICS) and SCADA equipment should be kept isolated and ‘air gapped’ from the rest of the computer network. If ICS or SCADA systems are going to be exposed to the internet, additional controls must be implemented to mitigate the risk. If remote access software is going to be utilized, it must leverage a one-way unidirectional approach, meaning the user is limited to view only and cannot click or take action on the remote device.

Vulnerability #2: A firewall was not in place to protect sensitive SCADA equipment.

Connecting any technology to the internet without a firewall is a recipe for disaster. Publicly accessible tools and websites like Shodan are constantly searching and probing for unprotected systems connected to the internet. Once hackers identify an unprotected computer, they then begin probing with known vulnerabilities to take control of the device and wreak havoc.

Recommended Mitigation

Implement a firewall to protect all internet-connected devices and keep the firewall updated and current. Logging should be enabled on the firewall to watch for intrusion attempts.

Vulnerability #3: A single common password was shared by all computers for remote access, and no additional authentication was required.

The reuse of passwords is a major issue in cybersecurity. It is common for passwords to be compromised in a data breach, and then that user ID and password combination is shared by hackers on the dark web. Hackers will then use these compromised credentials for ‘credential stuffing’ attacks, where hackers use scripts to try these credentials on thousands of web sites – banking, shopping, etc. The use of unique passwords mitigates these risks but unfortunately many users will use the same password on multiple sites. In this case, a single password was the only thing required to access TeamViewer and control the water supply equipment.

Recommended Mitigation

Create unique passwords and utilize a password manager to help track your passwords. For sensitive access, like SCADA equipment or TeamViewer, utilize multi-factor authentication (MFA) to require additional levels of authentication beyond just a password.

Vulnerability #4: All computers used by water plant personnel were connected to each other, including the SCADA system.

If all computers are connected to the same network, and any node on that network is compromised, then the entire network is compromised. Specific attention should be paid to dividing the network into separate secure segments, thus providing an additional level of protection if one computer is attacked.

Recommended Mitigation

Sensitive pieces of technology, like SCADA and ICS, should be walled off from the remainder of the network and isolated.

Vulnerability #5: The technology was running on an outdated 32-bit version of the Windows 7 operating system.

Windows 7 is an end of life operating system that is vulnerable to attack (unless the customer purchases an Extended Security Update (ESU) plan. Microsoft ended support for Windows 7 in January 2020. Accordingly, Microsoft is no longer producing security updates for Windows 7 while it contains many well-known vulnerabilities that hackers are able to exploit. 

Recommended Mitigation

Use up-to-date versions of operating systems, such as Windows 10, and keep them current by applying the last updates. If a system cannot be updated to a modern operating system, it must be isolated from the internet and the rest of the network.

Understanding Your Cyber Risk

Businesses must ensure that appropriate cyber controls have been implemented through their enterprises, including both IT and operations technology (OT), like ICS and SCADA systems. If this water district had performed a basic cybersecurity audit or cyber risk assessment, the five vulnerabilities we’ve highlighted in this blog post would have been flagged. Then a remediation plan should have been created to implement these basic cyber controls over a period of time. Lack of awareness of cyber risks and controls is no longer acceptable in today’s world. The significance of the risk should link directly to the investment made to mitigate the risk.

Once cyber controls are implemented and operating effectively, then it is a good idea to perform quarterly vulnerability scans to identify potential weaknesses and out of date software. Periodic penetration tests, where a skilled white hat hacker attempts to infiltrate your systems, is a great idea to test your defenses.

Whether you’re looking for supplemental cybersecurity expertise to add to your team, or technology advisors to take care of it all for you, Anders Technology can help you implement cybersecurity best practices to protect you and your organization from evolving threats. Contact an Anders advisor below to see how we can help you mitigate security risk and defend against a costly cyberattack.

All Insights

Event Date: February 18, 2021

Microsoft Teams Customer Immersion Workshop for Associations

Did you know that Not-For-Profit organizations are eligible for a free Microsoft Office 365 license? Additionally, as a result of the newest CARES Act funding and Paycheck Protection Program (PPP), associations are eligible to use up to 40% of funding on cloud technology or cloud services. 

Join us on February 18 from 11am-1pm for our Microsoft Teams Customer Immersion Experience (CIE) where we will walk you through a day in the life of using Microsoft Teams effectively in your organization and with your membership. This experience will answer your questions about the platform and focus on:

  • Features to keep you connected with your association group – Email, Calendars, Chat, File Sharing, and More 
  • Creating Team Channels and send notification to your association members 
  • How to conduct Calls and Meetings within your organization – Video Conferencing and Calendar 
  • Tips and Tricks to create a smooth Microsoft Teams experience while working remotely 

You will also get to experience how to make or receive calls using Microsoft Teams Calling. A trained facilitator who will help you discover the right solutions that will work for your environment, and show how these technologies will be able to help you embrace productivity with your team and your membership.

Register for the Microsoft Teams CIE below:

All Insights

January 26, 2021

5 Ways to Kickstart Your Cybersecurity Efforts

Keeping your company protected from cyberthreats is important, but it’s hard to know where to get started. A personalized, comprehensive cybersecurity plan is recommended to stay ahead of cyberthreats, but there are several tactics and baby steps businesses can take to start building a defense. Below we dive into five low-cost and easy ways to improve your cybersecurity posture that can help you get started and prepare you for developing a robust cybersecurity strategy.

1. Implement Cisco OpenDNS Resolver

Avoid exposing your network to harmful sites and phishing strategies by implementing Cisco OpenDNS resolver. Organizations can use Cisco’s platform to prevent employees from accessing known malicious websites, block phishing sites and prevent virus and malware infections by using Cisco OpenDNS for DNS resolution.

2. Require Multi-Factor Authentication (MFA)

MFA is a method for authentication that requires the user to provide two or more verification factors to gain access to a resource such as an application, online account or a VPN. MFA asks users to provide a password and another verification method, such as on a smart phone or using facial recognition. Office 365 users can easily implement this type of authentication for an added layer of security. Organizations should implement MFA to reduce the probability of an unauthorized login by 99%.

3. Complete a Dark Web Scan for Employees’ Authentication Information

The dark web is the hidden portion of internet sites only accessible by a specialized web browser. The dark web is used for keeping internet activity anonymous and private, which can aid in both legal and illegal applications. Ask your technology service provider for a dark web scan to see if any personal or business information is present on the dark web. Organizations would benefit from this report by learning how many network accounts are present on the dark web because those accounts could be used to provide a hacker a very quick and easy method to login to a network. Don’t have this service with your technology provider? Contact Anders Technology for a free dark web san.

4. Install an Antivirus

Free antivirus software is easy to find, but not comprehensive or secure enough for business use. Very popular free antivirus vendors have admitted to providing harvested user data to third parties. It’s always a better choice to implement a reputable, robust antivirus software that can more adequately perform security operations like anti-phishing, firewall, tune-up, VPN and web protection. The small fee you’ll pay is a valuable investment in your cybersecurity protection.

5. Complete Software Updates Regularly

Regularly updating your software and patches protects against vulnerabilities and exposed data. Make sure you’re performing consistent updates on Windows, Adobe and all other platforms used. If a vulnerability is made public in a major platform that has been eliminated with a patch, regular updates will ensure this patch is deployed and your data is safe.

These tactics are great ways to get started securing your network, but will only protect against the tip of the iceberg of cybersecurity attacks. Whether you’re looking for supplemental cybersecurity expertise to add to your team, or technology advisors to take care of it all for you, Anders Technology can help you implement cybersecurity best practices to protect you and your organization from evolving threats. Contact an Anders advisor to see how we can help you mitigate security risk and defend against a costly cyberattack.

All Insights

January 19, 2021

Creative Technology Uses for PPP2 Funding – Cloud Computing Services

Now is a perfect time to review your technology plan and assess how cloud technology can help your business in 2021. One of the new benefits to the Paycheck Protection Program Second Draw (PPP2) program approved in December 2020 is it now includes additional ways to spend your funds and still achieve 100% forgiveness. 

Under the new guidance issued for the PPP2, you can spend up to 40% of your PPP2 funds on technology which qualifies as “cloud computing services” for your business. Technology expenses were not included in the first round of funding, so this category is new. To jumpstart your thinking, we have deciphered a few ways you can utilize the PPP2 funds towards leveraging technology to modernize your business. 

Here are three ideas we think business owners and leaders can leverage technology to better their business using PPP2 funds while still obtaining 100% forgiveness: 

1. Data Analytics

Modern businesses are recognizing the power of data to win in today’s competitive marketplace. Microsoft’s PowerBI tool is a cloud computing service that has emerged as a leader in helping companies embrace analytics across the organization through its ease of use and simple interface. PowerBI can help you get the insights you need to make confident decisions and drive efficiencies in your business. Specifically, PPP funds could be used to pay for PowerBI subscriptions and implementation services such as creating initial PowerBI reports, setting up a data management program, or training your employees via a ‘Dashboard in a Day’ training session.

2. Cloud Readiness Assessment

PPP2 funds could be used to perform the initial readiness assessment to develop a Cloud Roadmap for migrating files, applications, or servers to Microsoft 365 or Azure. Migrations to a public cloud, such as Microsoft, can help improve your business operations and result in up to 30-40% total cost of ownership (TCO) savings, creating an ongoing competitive advantage for your business.

3. Process Automation via Microsoft Power Automate

New low-code/no-code solutions available now help businesses automate manual processes specific to them. These solutions, powered by the Microsoft Power Platform, enable businesses to automate their processes faster and reduce the cost of doing business. Microsoft’s secure Power Platform empowers business users, not developers.

Technology can be used to speed up adoption of newer technology, automate manual processes, or to help employees work from anywhere. If you have been looking for the right opportunity for your business to fully embrace cloud computing services, PPP2 funds could make this the right time.  

Next Steps

Anders Technology has the training, experience, and expertise to help your business understand the options under the new PPP2 guidelines and how you can prioritize your 2021 goals and budget to utilize your spending to fit your needs. Contact an Anders advisor below to discuss your situation and recovery options. Visit our COVID-19 Resource Center for more resources as it relates to the recovery of your business.

All Insights

January 19, 2021

Using PPP2 Funds for Technology Modernization via the Cloud

Round two of the Paycheck Protection Program (PPP) is upon us and Anders has been closely analyzing the contents to help companies identify strategies for maximizing the impact of their PPP funds.

While the majority of your PPP funds still need to be spent on payroll (60%), one of the biggest changes in the new round of PPP is the ability to spend up to 40% of funds on other types of pandemic related expenses. Specifically, the “covered operations expenditures” category allows PPP funds to be used to pay for cloud services that run your business.

Investing in Technology

Many businesses struggled to embrace the sudden shift to remote work caused by the pandemic in Spring 2020. In many cases these companies were constrained by their historical lack of investment in technology. Suddenly companies who were still using dated, on-premise technology were at a significant disadvantage compared to their cloud-enabled competitors.

PPP2 creates an interesting opportunity for small to midsize companies to modernize their operations via the use of cloud technology. The government is encouraging companies to invest in cloud solutions to improve business continuity and become more efficient.

What’s Covered?

The PPP defines “covered operations expenditures” as follows:

payment for any business software or cloud computing service that facilitates business operations, product or service delivery, the processing, payment, or tracking of payroll expenses, human resources, sales and billing functions, or accounting or tracking of supplies, inventory, records and expenses;”

If we want to exercise this ‘cloud’ flexibility in the PPP loan, how do we interpret what qualifies as an expenditure?  The vast majority of cloud-based technology should qualify under the “cloud computing service that facilitates business operations” definition. Of course, be sure to discuss this with your PPP lender to confirm.

Many core ERP or CRM applications are cloud-based now and would qualify under the definition. Here are a few common solutions for small to midsize businesses that would almost certainly qualify:

  • Quickbooks Online or similar
  • ADP or similar
  • Bill.com or similar
  • Salesforce or similar
  • Netsuite or similar

The term “cloud” is imprecise and covers a lot of ground, which should create flexibility in how businesses are able to use their PPP funds. There are plenty of services, especially in the Microsoft family of services, to consider. Many common business solutions would also qualify as a ‘cloud computing service’, such as:

  • Email delivered via Microsoft 365,
  • Data Analytics powered by Microsoft PowerBI to provide insights into your business and start the automation journey for your small business,
  • Microsoft Azure for running server workloads outside the walls of your organization,
  • Microsoft Teams for calling, file collaboration and communications, and
  • Windows Virtual Desktops to power your Windows desktops from the cloud.

If any of these items have been on your radar to implement, now is the time to start planning because the timer starts for expenditures on the day you receive your PPP funds and you only have at most a 24 week window to spend the funds and achieve full loan forgiveness.

Understand Your Options

If your business has 500 or fewer employees and saw your gross revenues decrease by at least 25% in any quarter of 2020, then you should take a close look at the full requirements for both PPP2 and the Employee Retention Tax Credit (ERTC) to determine your eligibility.

Be careful with the expenditures you are looking to qualify to ensure you are following the ‘cloud computing service’ definition. For example, new laptops are likely not covered under the definition. Although laptops are valuable for accessing cloud-based applications, it is clear the intent is for business software and cloud functions.

PPP2 can be a lifeline for businesses hit hard by the pandemic. While the PPP2 rules are complex, the program can provide a significant opportunity to modernize your business to compete in the coming years.  Our advisors are closely following COVID-19 relief efforts and will continue to publish more insights to keep you informed. Visit our COVID-19 Resource Center or contact an advisor today to discuss your situation and recovery options.

All Insights

January 12, 2021

Is it Time to Transition from a Traditional Phone System to a Remote Phone System?

In today’s business environment, remote work has become the new normal. In 2020, we’ve seen staggering remote work statistics. According to Gartner, 88% of organizations worldwide either mandated or encouraged work from home during the pandemic. A CoSo Cloud survey reports that 77% of employees say they’re more productive at home. Global Workplace Analytics reports that businesses could save an average of $11,000 annually per half-time telecommuter. Remote work has proven its value to organizations that can harness it and make it work for them using the right tools and technology.

Answering the Tough Questions About Working Remotely

Microsoft Teams has been invaluable for many companies during the pandemic. It allows people and teams to continue working together as if they’re still in the office. Teams offers incredible value for any organization that needs internal collaboration. However, one of the biggest pain points in telework environments is their connection to the outside world. Business leaders are asking and being asked important questions, including:

  • How will my corporate phones work when my employees are at home?
  • What about when employees are at a job site?
  • What about my call queues and auto attendants?
  • Should I call my employees’ home, desk or mobile numbers?
  • How can I ensure that all employees are reachable by phone, wherever they are? 

A Microsoft Teams Calling Plan is the solution to all of these questions and pain points. We’ve touched on the flexibility of Microsoft Teams Calling Plans, but how do you know if it’s right for your needs?

Making the Switch

As a Microsoft Gold Partner, Anders Technology offers assessments to help businesses understand the full capabilities of Teams Calling and experience the vision of how it can meet their specific needs. By assessing your environment and business needs we build a custom plan for transitioning from a traditional telephony system to a flexible remote phone system.

Identifying Phone System Needs

Identifying phone needs at different levels of your organization is a critical first step. Anders Technology engineers will identify and interview your key stakeholders and gather information about your environment. We research potential pitfalls in your environment and may identify small groups of pilot users and enable services for them. If necessary, we visit your locations and perform network assessments to determine areas that may need to be addressed. During this step, we investigate and understand your current calling environment, including call queue and auto attendant needs, and begin to envision how it could look in Teams.

Exploring Features

How can your stakeholders know where Teams Calling can help them if they don’t understand the product’s capabilities? Anders Technology advisors meet with your stakeholders and decision makers in a candid discussion of features and possibilities. In these sessions, we discuss your workflows, calling trees and devices. We learn about different types of departments, their calling groups and their different phone needs.  In these sessions, we work side-by-side with you to understand how we can make Teams fit into your company, rather than trying to force your company to fit into Teams. Along the way, we’re continually refining our original assessments.

Building a Plan

The final step is where it all comes together into three parts. First, we build out recommendations for change management, answering questions such as: how can we ensure adoption of the product? What’s the best way to communicate the changes? What’s the plan for training employees?

Next, we map out specific scenarios and features within your business. We finalize recommendations on different user types, accounting for which types of users get which features and devices and analyze steps for transitioning your environment from telephony to Teams. We determine which phone numbers may need to be ported and from which providers while mapping your existing features into comparable Teams features.

Finally, we analyze the workload and licensing. Which licenses need to be purchased, and at what cost? Which user groups get which licensing? What are the steps to proceed with the project, and what are our time estimates? We deliver a detailed project plan for moving forward with a Teams Calling migration.

Learn More About Microsoft Teams Calling

Our Anders Technology advisors know that it can be scary moving from your old phone system to something new. Through an in-depth assessment, Anders can provide a way forward into the flexibility and value offered by Teams Calling without sacrificing the stability that you need. As a Microsoft Gold Partner, Anders Technology has the tools, training and expertise to design a solution that will work for your business. Contact an Anders advisor below to discuss your situation.

All Insights

December 15, 2020

5 Ways Azure Active Directory Can Integrate and Improve How Employees Work

Enabling employees to work from anywhere while keeping company data secure is a growing need for businesses. To accomplish this, Microsoft’s Azure Active Directory (Azure AD) should be a tool in your company’s IT arsenal. Azure AD is Microsoft’s next-generation, fully cloud-based identity and access management solution. It allows organizations of all sizes to manage accounts and data access. In many cases, Azure AD does not require any on-premises servers, allowing companies to actually decommission aging Domain Controllers. Imagine never buying another Domain Controller! Azure AD can do that for your company, while also helping your employees work more efficiently, effectively and securely.

How has Azure Active Directory evolved with company needs?

Twenty years ago, Microsoft released the first version of Active Directory. It was revolutionary at the time, allowing businesses to centrally secure and manage their information within their datacenters. Back then, most employees worked in the office. Smartphones would not exist for another seven years, tablets for another ten. Most of us didn’t even have high speed internet at home. Companies focused on building and securing their own datacenters, making them inaccessible outside of their own buildings. Active Directory was fantastic in 2000, before we had the expectation to have all corporate data securely accessible anywhere, from any device.

Now in 2020, the world has changed. Modern workers need data quickly. Modern customers demand security. New hires entering the workforce have never worked any other way. The incoming generation of workers are digital natives who expect the ability to be productive from anywhere. Companies are rethinking their datacenter infrastructures, wanting to become faster, less expensive, and more flexible. IT Managers want to spend less time and money on hardware, and more on delivering the outcomes their users’ demand. With all of this in mind, below we talk about five ways Azure Active Directory can help accomplish these needs and wants.

1. Seamlessly Connect to All of Your Business Applications

Azure AD Single Sign-On (SSO) provides easy access to internal and external resources for permitted users. This means that anyone in your organization can have secure access to on-premise resources and thousands of cloud SaaS applications from anywhere. SSO increases productivity by giving users access to company applications by signing in once to one convenient portal. Users use one password to get into all of their applications while being completely secure.

2. Enhance Security with Multi-Factor Authentication

Multi-Factor Authentication (MFA) significantly increases the security of logins by enforcing a two-step verification process and is a must in today’s cybersecurity climate. According to Microsoft’s Group Program Manager Alex Weinert “your account is more than 99.9% less likely to be compromised if you use MFA.” Azure AD offers a built-in, comprehensive MFA security solution with easy implementation. Combine MFA with conditional access, and you can create policies that control how, where and who can access your company’s data.

3. Protect Against Costly Data Breaches

Anders Technology specializes in implementing Azure AD policies and procedures that reduce IT security risks. With the use of risky user and sign-in reports, we can identify and stop account compromises before harmful behavior arises. Automated responses to unusual user behavior or sign-in attempts instill confidence in organizations knowing their applications and company data remain safe.  

4. Synchronize with Existing Windows Server Active Directory

If your organization already has an on-premises Windows Server Active Directory, users and groups can be synchronized to Azure AD using a tool such as Azure Active Directory Connect (AAD Connect). Implementing Azure Active Directory Connect enables users to authenticate to Windows Server Active Directory when accessing cloud and on-premises applications or resources.

Many businesses rely on existing Active Directory structures to enforce Group Policies within their network. Using Azure Active Directory in conjunction with Microsoft InTune, Group Policies can now be enforced on any of your resources, anywhere in the world. And all of this can be achieved using the same set of credentials for a single user identity!

5. Azure AD Is a Cost-Effective Solution to Windows Server Active Directory

Many startups and small businesses do not have an on-premise Windows Server Active Directory. With Azure AD, they may never need to buy one. These organizations can leverage Microsoft‘s cost effective cloud-based Azure AD services to manage their user’s identity and access to SaaS applications, all while taking advantage of all the other great features mentioned above.

How to Get Started with Azure AD

With over 28 data centers around the world and Microsoft handling the availability and services, Azure AD is accessible from wherever you are. While there are no costs for using Azure AD, several paid Azure Premium subscriptions can be added to best fit your business needs. The subscriptions provide value-added features, including:

  • Comprehensive security alerting and reporting
  • Group and user-based application access
  • Custom company branding
  • Self-service user management capabilities

Azure AD helps businesses streamline productivity by providing an easy means for managing company resources and applications, making them securely accessible to all of your users, no matter where they are or what devices they use. You wouldn’t expect your year-2000 mobile phone to work for you today. Why expect that from your access management solution?

As a Microsoft Gold Partner, Anders Technology has both the expertise and the experience to guide you to a solution that’s tailored to your company’s unique and specific needs. Contact an Anders advisor to discuss your situation.

All Insights

November 24, 2020

Is Your Password Policy Strong Enough to Outsmart Cybercriminals?

Implementing a password policy in your company is an easy first step in protecting against costly cyberattacks. Modern hackers are using advanced password software that can use a variety of methods to gain your login information. To combat these hackers and protect your data, strong password guidelines is key.  Below are password policy best practices you can easily implement across your organization to act as the first line of defense against a data breach.

Password Policy Best Practices

Having strict password standards in your company lowers the chances that hackers will be able to get access to your network. Implementing a strong password policy and revisiting it regularly will make sure you are staying on top of the latest hacking strategies. An effective password policy will include guidelines around:

Password Lockout

Lockout rules will cause an account to be inaccessible due to too many failed login attempts, usually after a period before the account will self-reenable. Setting the password lockout to three or four attempts will slow the process of a password being guessed and potentially flag an account as being under attack.

Password Age

Creating guidelines around password age will require a periodic password change for all users. We recommend changing passwords every 60 days. Keeping a password for a long period of time allows a hacker to have a prolonged amount of time for identifying a password. Additionally, there is a higher probability that the password will be reused or identified on the dark web.

Restrictions of Reusing Passwords

Reusing the same account password that was used previously on an organizational account is an extension of the password age parameter above, the longer a password is in use, the more time a hacker has to crack the password.  We recommend your system remembering the last 24 passwords so an account is not able to reuse.

Password Complexity Requirements

Password complexity slows the process of a password being identified. Complexity requirements should include using uppercase letters, lowercase letters, numbers and symbols for every password created.

Password Length Requirements

Password length also slows the process and lessens the odds that a password would be guessed. We recommend using passwords of 14 characters or more.

Many of these policies are all within the same place on your network server. If your environment is large enough that it has centralized management, such as a domain controller, you can enforce the settings among your group all at once. If a domain controller is not present, applicable settings will have to be applied individually.

Anders Technology can help you develop a strong password policy and implement cybersecurity best practices to protect you and your organization. Contact an Anders advisor to see how we can help you mitigate security risk and defend against a costly cyberattack.

All Insights

November 10, 2020

Flexible, Secure and Cost-Effective Strategies to Build into Your IT Budget

Budgeting looks a lot different this year in the midst of a global pandemic. Business objectives have undoubtedly changed over the past year and innovation is more important than ever to address these changes and recover from the effects of COVID-19. Making the case for flexible, secure and cost-effective technology platforms will be vital going into the next quarter and beyond.

Flexibility

Remote work was forced upon many companies this year, and if virtual work options were not already part of the company’s technology strategy, it caused a lot of time, money and frustration to implement quickly. Being flexible became the name of the game, and the need to be agile is here to stay. In the coming year, businesses will want to build their technology strategy with a focus on flexibility, so as business goals or environmental factors evolve, they can easily adjust using technology. Going forward, three flexible strategies to consider are:

Along with having a flexible IT strategy, keeping it secure should also be top-of-mind.

Security

Continuing to maintain and build a robust cybersecurity strategy is another vital focus moving forward. Cybercriminals are getting more and more sophisticated, and breaches are getting larger and more costly. Now is the time to review your cybersecurity architecture and develop a road map going into the new year that includes:

  • Governance, Risk and Compliance Measures
  • Vulnerability Management
  • Information Protection and Privacy
  • Cybersecurity Training and Testing

Even with the best cybersecurity safeguards in place including backups, firewalls and software patches, it takes one click by an unknowing employee to cost your business a lot of time, money and important data. Employee cybersecurity training can equip everyone in the company with the tools and knowledge needed to do their part in avoiding a data breach.

Flexibility and security are important pieces of every technology strategy for 2021 but coming out of a pandemic, companies also need to be mindful of budgets.

Cost-Effectiveness

With cost-cutting being a reality amidst a global pandemic, business owners and CIOs need to decide which parts of their IT strategy need to be done in-house, and where they can find cost efficiencies by outsourcing.

Anders Technology specializes in bridging the gap in technology needs, from co-managing alongside internal IT staff to supplement expertise, to being the entire IT team, we can step in as much or as little as needed. Below is an example of ways we partner with our clients.

Bridging the Gap in Your Technology Needs | Anders Technology

Anders Technology can help be flexible by taking on more when needed and pivoting the strategy with supplemental resources. With a team of advisors with in-depth knowledge in several areas, we can help you develop a technology strategy that helps you meet business goals while staying secure and cost-conscious. Learn more about Anders Technology or contact an Anders advisor below to get started.

All Insights

Keep up with Anders

Want to keep up with all the latest insights from Anders? Subscribe and receive the information that matters to you.

  • This field is for validation purposes and should be left unchanged.